[PATCH V2] sslutil - add tls 1.3 support - done during IETF101 Hackathon
Codarren Velvindron
codarren at hackers.mu
Thu Mar 29 11:51:20 EDT 2018
Hello Yuya,
As usual, thank you for your review.
Could you elaborate on below statement please?
"Can you narrow the scope of '#if tls1.3'? It requires very recent versions
of Python."
Best Regards,
Codarren
On Mon, Mar 26, 2018 at 5:18 PM, Yuya Nishihara <yuya at tcha.org> wrote:
> On Mon, 26 Mar 2018 13:43:59 +0400, Codarren Velvindron wrote:
> > # HG changeset patch
> > # User Codarren Velvindron <codarren at hackers.mu>
> > # Date 1522053522 -14400
> > # Mon Mar 26 12:38:42 2018 +0400
> > # Node ID e11770b0adde6283965cafff1d6214a048417bfe
> > # Parent 6715e8035b4ff9379a80f5413a4e9148114ab256
> > sslutil: add tls 1.3 support
>
> [...]
>
> > -#if sslcontext tls1.2
> > +#if sslcontext tls1.3
> > Start servers running supported TLS versions
> >
> > $ cd test
> > @@ -456,6 +457,9 @@
> > $ hg serve -p $HGPORT2 -d --pid-file=../hg2.pid --certificate=$PRIV \
> > > --config devel.serverexactprotocol=tls1.2
> > $ cat ../hg2.pid >> $DAEMON_PIDS
> > + $ hg serve -p $HGPORT3 -d --pid-file=../hg3.pid --certificate=$PRIV \
> > + > --config devel.serverexactprotocol=tls1.3
> > + $ cat ../hg3.pid >> $DAEMON_PIDS
> > $ cd ..
> >
> > Clients talking same TLS versions work
> > @@ -466,6 +470,8 @@
> > 5fed3813f7f5
> > $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id
> https://localhost:$HGPORT2/
> > 5fed3813f7f5
> > + $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.3 id
> https://localhost:$HGPORT3/
> > + 5fed3813f7f5
>
> Can you narrow the scope of '#if tls1.3'? It requires very recent versions
> of Python.
>
> Other than that, the patch looks good to me. Thanks.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mercurial-scm.org/pipermail/mercurial-devel/attachments/20180329/e5b3bbe4/attachment.html>
More information about the Mercurial-devel
mailing list