[PATCH 1 of 5 V3] tests: use sslutil.wrapserversocket()

Gregory Szorc gregory.szorc at gmail.com
Thu Jul 14 04:50:12 UTC 2016


# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1468467667 25200
#      Wed Jul 13 20:41:07 2016 -0700
# Node ID 944f37469b94ea956566a037f9b7ae136a99b119
# Parent  52433f89f816e21ca992ac8c4a41cba0345f1b73
tests: use sslutil.wrapserversocket()

Like the built-in HTTPS server, this code was using the ssl module
directly and only using TLS 1.0. Like the built-in HTTPS server,
we switch it to use sslutil.wrapserversocket() so it can follow better
practices.

diff --git a/tests/dummysmtpd.py b/tests/dummysmtpd.py
--- a/tests/dummysmtpd.py
+++ b/tests/dummysmtpd.py
@@ -7,16 +7,18 @@ from __future__ import absolute_import
 import asyncore
 import optparse
 import smtpd
 import ssl
 import sys
 
 from mercurial import (
     cmdutil,
+    sslutil,
+    ui as uimod,
 )
 
 def log(msg):
     sys.stdout.write(msg)
     sys.stdout.flush()
 
 class dummysmtpserver(smtpd.SMTPServer):
     def __init__(self, localaddr):
@@ -30,21 +32,20 @@ class dummysmtpsecureserver(dummysmtpser
         dummysmtpserver.__init__(self, localaddr)
         self._certfile = certfile
 
     def handle_accept(self):
         pair = self.accept()
         if not pair:
             return
         conn, addr = pair
+        ui = uimod.ui()
         try:
             # wrap_socket() would block, but we don't care
-            conn = ssl.wrap_socket(conn, server_side=True,
-                                   certfile=self._certfile,
-                                   ssl_version=ssl.PROTOCOL_TLSv1)
+            conn = sslutil.wrapserversocket(conn, ui, certfile=self._certfile)
         except ssl.SSLError:
             log('%s ssl error\n' % addr[0])
             conn.close()
             return
         smtpd.SMTPChannel(self, conn, addr)
 
 def run():
     try:


More information about the Mercurial-devel mailing list