[Bug 5547] New: Issue connecting to HTTPS over TLS1.0

mercurial-bugs at mercurial-scm.org mercurial-bugs at mercurial-scm.org
Wed Apr 26 06:39:14 EDT 2017


            Bug ID: 5547
           Summary: Issue connecting to HTTPS over TLS1.0
           Product: Mercurial
           Version: 4.1
          Hardware: PC
                OS: Windows
            Status: UNCONFIRMED
          Severity: feature
          Priority: wish
         Component: Mercurial
          Assignee: bugzilla at mercurial-scm.org
          Reporter: pziemniak at gmail.com
                CC: mercurial-devel at mercurial-scm.org

Versions above 3.8.4 do no longer support TLS 1.0 by default. There is a new
option hostsecurity:minimumprotocol  to enable it, but is probably not working
with versions above 3.9.1. 

We are connecting to repository on HTTPS server on Win2003 which only supports
TLS 1.0. Versions up to 3.8.4 work fine, versions up to 3.9.1 require enabling
tls1.0 for the server. However, versions above 3.9.1 throw exceptions like:
abort: error: EOF occurred in violation of protocol (_ssl.c:661)

Tested with TortoiseHG in Windows and with CLI on cygwin

The full traceback is:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 205, in
    return _dispatch(req)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 901, in
    cmdpats, cmdoptions)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 650, in
    ret = _runcommand(ui, options, cmd, d)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 909, in
    return cmdfunc()
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 898, in
    d = lambda: util.checksignature(func)(ui, *args, **cmdoptions)
  File "/usr/lib/python2.7/site-packages/mercurial/util.py", line 1037, in
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/mercurial/commands.py", line 5151, in
    return hg.incoming(ui, repo, source, opts)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 837, in
    return _incoming(display, subreporecurse, ui, repo, source, opts)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 793, in
    other = peer(repo, opts, source)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 175, in peer
    return _peerorrepo(rui, path, create).peer()
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 152, in
    obj = _peerlookup(path).instance(ui, path, create)
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 298, in
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 78, in
    self.caps = set(self._call('capabilities').split())
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 207, in
    fp = self._callstream(cmd, **args)
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 154, in
    resp = self.urlopener.open(req)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/site-packages/mercurial/url.py", line 342, in
    return self.do_open(self._makeconnection, req)
  File "/usr/lib/python2.7/site-packages/mercurial/keepalive.py", line 264, in
    raise urlerr.urlerror(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:661)>
abort: error: EOF occurred in violation of protocol (_ssl.c:661)

You are receiving this mail because:
You are on the CC list for the bug.

More information about the Mercurial-devel mailing list