[PATCH 3 of 8] sslutil: pass ui to _defaultcacerts

Gregory Szorc gregory.szorc at gmail.com
Sat Jul 2 02:57:39 UTC 2016 

# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1467425079 25200
#      Fri Jul 01 19:04:39 2016 -0700
# Node ID dc05122ccfcf77c65984f3196089f86472a6dd17
# Parent  9b25d8e1497ab9da8f056c0370168c4f91abdfd9
sslutil: pass ui to _defaultcacerts

We'll use this shortly.

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -192,17 +192,17 @@ def _hostsettings(ui, hostname):
 
             if cafile:
                 cafile = util.expandpath(cafile)
                 if not os.path.exists(cafile):
                     raise error.Abort(_('could not find web.cacerts: %s') %
                                       cafile)
             else:
                 # CAs not defined in config. Try to find system bundles.
-                cafile = _defaultcacerts()
+                cafile = _defaultcacerts(ui)
                 if cafile:
                     ui.debug('using %s for CA file\n' % cafile)
 
             s['cafile'] = cafile
 
         # Require certificate validation if CA certs are being loaded and
         # verification hasn't been disabled above.
         if cafile or (_canloaddefaultcerts and s['allowloaddefaultcerts']):
@@ -425,17 +425,17 @@ def _plainapplepython():
       cacerts file
     """
     if sys.platform != 'darwin' or util.mainfrozen() or not sys.executable:
         return False
     exe = os.path.realpath(sys.executable).lower()
     return (exe.startswith('/usr/bin/python') or
             exe.startswith('/system/library/frameworks/python.framework/'))
 
-def _defaultcacerts():
+def _defaultcacerts(ui):
     """return path to default CA certificates or None."""
     if _plainapplepython():
         dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
         if os.path.exists(dummycert):
             return dummycert
 
     return None
 
diff --git a/tests/hghave.py b/tests/hghave.py
--- a/tests/hghave.py
+++ b/tests/hghave.py
@@ -410,30 +410,32 @@ def has_sslcontext():
         import ssl
         ssl.SSLContext
         return True
     except (ImportError, AttributeError):
         return False
 
 @check("defaultcacerts", "can verify SSL certs by system's CA certs store")
 def has_defaultcacerts():
-    from mercurial import sslutil
-    return sslutil._defaultcacerts() or sslutil._canloaddefaultcerts
+    from mercurial import sslutil, ui as uimod
+    ui = uimod.ui()
+    return sslutil._defaultcacerts(ui) or sslutil._canloaddefaultcerts
 
 @check("defaultcacertsloaded", "detected presence of loaded system CA certs")
 def has_defaultcacertsloaded():
     import ssl
-    from mercurial import sslutil
+    from mercurial import sslutil, ui as uimod
 
     if not has_defaultcacerts():
         return False
     if not has_sslcontext():
         return False
 
-    cafile = sslutil._defaultcacerts()
+    ui = uimod.ui()
+    cafile = sslutil._defaultcacerts(ui)
     ctx = ssl.create_default_context()
     if cafile:
         ctx.load_verify_locations(cafile=cafile)
     else:
         ctx.load_default_certs()
 
     return len(ctx.get_ca_certs()) > 0

More information about the Mercurial-devel mailing list