Mercurial Mercurial > mercurial / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: document the Apple OpenSSL cert trick
authorGregory Szorc <gregory.szorc@gmail.com>
Mon, 04 Jul 2016 10:00:56 -0700
changeset 29487 cdcb5747dc88
parent 29486 a62c00f6dd04
child 29488 1c26b9ce66f8
sslutil: document the Apple OpenSSL cert trick This is sort of documented in _plainapplypython()'s docstring. But it helps to be explicit in security code.
mercurial/sslutil.py file | annotate | diff | comparison | revisions 
--- a/mercurial/sslutil.py	Mon Jul 04 09:58:45 2016 -0700
+++ b/mercurial/sslutil.py	Mon Jul 04 10:00:56 2016 -0700
@@ -442,6 +442,9 @@
     except ImportError:
         pass
 
+    # Apple's OpenSSL has patches that allow a specially constructed certificate
+    # to load the system CA store. If we're running on Apple Python, use this
+    # trick.
     if _plainapplepython():
         dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
         if os.path.exists(dummycert):
mercurial