[PATCH STABLE] commands: print security protocol support in debuginstall
Yuya Nishihara
yuya at tcha.org
Thu Oct 20 11:49:19 EDT 2016
On Thu, 20 Oct 2016 10:26:20 -0400, Augie Fackler wrote:
> On Wed, Oct 19, 2016 at 03:16:15PM -0700, Gregory Szorc wrote:
> > # HG changeset patch
> > # User Gregory Szorc <gregory.szorc at gmail.com>
> > # Date 1476914831 25200
> > # Wed Oct 19 15:07:11 2016 -0700
> > # Branch stable
> > # Node ID 37eaf6c2b4ac3c1015965676db89e435a79b45ee
> > # Parent e478f11e418288b8308457303d3ddf6a23f874f8
> > commands: print security protocol support in debuginstall
>
> I'm going to give this an enthusiastic +1. It's probably a little
> sketchy to take it during the freeze, but I agree we should just do
> it. If I don't hear objections before the end of my workday on Friday,
> I'll take this.
+1
A few nits from a templater expert. ;-)
> > + security = set(sslutil.supportedprotocols)
> > + if sslutil.hassni:
> > + security.add('sni')
> > +
> > + fm.write('pythonsecurity', _("checking Python security support (%s)\n"),
> > + ', '.join(sorted(security)))
Please use fm.formatlist().
> > + # These are warnings, not errors. So don't increment problem count. This
> > + # may change in the future.
> > + fm.condwrite('tls1.2' not in security, 'tlswarning', ' %s\n',
> > + _('TLS 1.2 not supported by Python install; '
> > + 'network connections lack modern security'))
> > + fm.condwrite('sni' not in security, 'sniwarning', ' %s\n',
> > + _('SNI not supported by Python install; may have '
> > + 'connectivity issues with some servers'))
Maybe they should use fm.plain() because they seem a kind of explanation
about 'pythonsecurity'. Otherwise, "hg debuginstall -Tjson" would print
these even if tls1.2 and sni are supported.
More information about the Mercurial-devel
mailing list