[Bug 5547] New: Issue connecting to HTTPS over TLS1.0

mercurial-bugs at mercurial-scm.org mercurial-bugs at mercurial-scm.org
Wed Apr 26 06:39:14 EDT 2017


https://bz.mercurial-scm.org/show_bug.cgi?id=5547

            Bug ID: 5547
           Summary: Issue connecting to HTTPS over TLS1.0
           Product: Mercurial
           Version: 4.1
          Hardware: PC
                OS: Windows
            Status: UNCONFIRMED
          Severity: feature
          Priority: wish
         Component: Mercurial
          Assignee: bugzilla at mercurial-scm.org
          Reporter: pziemniak at gmail.com
                CC: mercurial-devel at mercurial-scm.org

Versions above 3.8.4 do no longer support TLS 1.0 by default. There is a new
option hostsecurity:minimumprotocol  to enable it, but is probably not working
with versions above 3.9.1. 

We are connecting to repository on HTTPS server on Win2003 which only supports
TLS 1.0. Versions up to 3.8.4 work fine, versions up to 3.9.1 require enabling
tls1.0 for the server. However, versions above 3.9.1 throw exceptions like:
abort: error: EOF occurred in violation of protocol (_ssl.c:661)


Tested with TortoiseHG in Windows and with CLI on cygwin

The full traceback is:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 205, in
_runcatchfunc
    return _dispatch(req)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 901, in
_dispatch
    cmdpats, cmdoptions)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 650, in
runcommand
    ret = _runcommand(ui, options, cmd, d)
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 909, in
_runcommand
    return cmdfunc()
  File "/usr/lib/python2.7/site-packages/mercurial/dispatch.py", line 898, in
<lambda>
    d = lambda: util.checksignature(func)(ui, *args, **cmdoptions)
  File "/usr/lib/python2.7/site-packages/mercurial/util.py", line 1037, in
check
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/mercurial/commands.py", line 5151, in
incoming
    return hg.incoming(ui, repo, source, opts)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 837, in
incoming
    return _incoming(display, subreporecurse, ui, repo, source, opts)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 793, in
_incoming
    other = peer(repo, opts, source)
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 175, in peer
    return _peerorrepo(rui, path, create).peer()
  File "/usr/lib/python2.7/site-packages/mercurial/hg.py", line 152, in
_peerorrepo
    obj = _peerlookup(path).instance(ui, path, create)
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 298, in
instance
    inst._fetchcaps()
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 78, in
_fetchcaps
    self.caps = set(self._call('capabilities').split())
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 207, in
_call
    fp = self._callstream(cmd, **args)
  File "/usr/lib/python2.7/site-packages/mercurial/httppeer.py", line 154, in
_callstream
    resp = self.urlopener.open(req)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/site-packages/mercurial/url.py", line 342, in
https_open
    return self.do_open(self._makeconnection, req)
  File "/usr/lib/python2.7/site-packages/mercurial/keepalive.py", line 264, in
do_open
    raise urlerr.urlerror(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:661)>
abort: error: EOF occurred in violation of protocol (_ssl.c:661)

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the Mercurial-devel mailing list