Mercurial Mercurial > mercurial / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 29290 01248c37a68e
parent 29289 3536673a25ae
child 29291 15e533b7909c
equal deleted inserted replaced
29289:3536673a25ae 29290:01248c37a68e 
   371     peerfingerprints = {
 
   371     peerfingerprints = {
 
   372         'sha1': util.sha1(peercert).hexdigest(),
 
   372         'sha1': util.sha1(peercert).hexdigest(),
 
   373         'sha256': util.sha256(peercert).hexdigest(),
 
   373         'sha256': util.sha256(peercert).hexdigest(),
 
   374         'sha512': util.sha512(peercert).hexdigest(),
 
   374         'sha512': util.sha512(peercert).hexdigest(),
 
   375     }
 
   375     }
 
   376     nicefingerprint = ':'.join([peerfingerprints['sha1'][x:x + 2]
 
   376 
   377         for x in range(0, len(peerfingerprints['sha1']), 2)])
 
   377     def fmtfingerprint(s):
 
       
   378         return ':'.join([s[x:x + 2] for x in range(0, len(s), 2)])
 
       
   379 
       
   380     legacyfingerprint = fmtfingerprint(peerfingerprints['sha1'])
 
       
   381     nicefingerprint = 'sha256:%s' % fmtfingerprint(peerfingerprints['sha256'])
 
   378 
   382 
   379     if settings['legacyfingerprint']:
 
   383     if settings['legacyfingerprint']:
 
   380         section = 'hostfingerprint'
 
   384         section = 'hostfingerprint'
 
   381     else:
 
   385     else:
 
   382         section = 'hostsecurity'
 
   386         section = 'hostsecurity'
 
   387             if peerfingerprints[hash].lower() == fingerprint:
 
   391             if peerfingerprints[hash].lower() == fingerprint:
 
   388                 fingerprintmatch = True
 
   392                 fingerprintmatch = True
 
   389                 break
 
   393                 break
 
   390         if not fingerprintmatch:
 
   394         if not fingerprintmatch:
 
   391             raise error.Abort(_('certificate for %s has unexpected '
 
   395             raise error.Abort(_('certificate for %s has unexpected '
 
   392                                'fingerprint %s') % (host, nicefingerprint),
 
   396                                'fingerprint %s') % (host, legacyfingerprint),
 
   393                              hint=_('check %s configuration') % section)
 
   397                               hint=_('check %s configuration') % section)
 
   394         ui.debug('%s certificate matched fingerprint %s\n' %
 
   398         ui.debug('%s certificate matched fingerprint %s\n' %
 
   395                  (host, nicefingerprint))
 
   399                  (host, legacyfingerprint))
 
   396         return
 
   400         return
 
   397 
   401 
   398     if not sock._hgstate['caloaded']:
 
   402     if not sock._hgstate['caloaded']:
 
   399         ui.warn(_('warning: %s certificate with fingerprint %s '
 
   403         ui.warn(_('warning: %s certificate with fingerprint %s '
 
   400                   'not verified (check %s or web.cacerts config '
 
   404                   'not verified (check %s or web.cacerts config '
mercurial