[PATCH 1 of 6] httpconnection: pass serverhostname to sslutil.wrapsocket()
Gregory Szorc
gregory.szorc at gmail.com
Sun May 15 17:02:35 EDT 2016
> On May 15, 2016, at 11:57, Gregory Szorc <gregory.szorc at gmail.com> wrote:
>
> # HG changeset patch
> # User Gregory Szorc <gregory.szorc at gmail.com>
> # Date 1462500564 25200
> # Thu May 05 19:09:24 2016 -0700
> # Node ID 076cdbe3bfbc412aece1e5adef2cc45456b3bf9b
> # Parent e521cb13d3545735cf78e7e002bda4c2f4314124
> httpconnection: pass serverhostname to sslutil.wrapsocket()
This one can probably be dropped because the upstream changes just pushed make it unnecessary. I'll investigate when I'm in front of my computer.
>
> This is the last consumer of sslutil.wrapsocket() not passing
> the serverhostname argument. Passing this argument allows SNI
> to be used (if available). It will also allow us to further refactor
> some code in sslutil.
>
> diff --git a/mercurial/httpconnection.py b/mercurial/httpconnection.py
> --- a/mercurial/httpconnection.py
> +++ b/mercurial/httpconnection.py
> @@ -274,16 +274,17 @@ class http2handler(urlreq.httphandler, u
> if ':' in host and '[' not in host or ']:' in host:
> host, port = host.rsplit(':', 1)
> port = int(port)
> if '[' in host:
> host = host[1:-1]
>
> kwargs['keyfile'] = keyfile
> kwargs['certfile'] = certfile
> + kwargs['serverhostname'] = host
>
> kwargs.update(sslutil.sslkwargs(self.ui, host))
>
> con = HTTPConnection(host, port, use_ssl=True,
> ssl_wrap_socket=sslutil.wrapsocket,
> ssl_validator=sslutil.validator(self.ui, host),
> **kwargs)
> return con
More information about the Mercurial-devel
mailing list