[PATCH 02 of 11 V4] sslutil: add assertion to prevent accidental CA usage on Windows
Gregory Szorc
gregory.szorc at gmail.com
Fri Jul 15 04:09:03 UTC 2016
# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1468463632 25200
# Wed Jul 13 19:33:52 2016 -0700
# Node ID 0f573e972f02063bf12aa0a72d11903760860111
# Parent 9e91be071422676679cdef44e74f4ea34dd81be1
sslutil: add assertion to prevent accidental CA usage on Windows
Yuya suggested we add this check to ensure we don't accidentally try
to load user-writable paths on Windows if we change the control
flow of this function later.
diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -494,16 +494,21 @@ def _defaultcacerts(ui):
# files. Also consider exporting the keychain certs to a file during
# Mercurial install.
if not _canloaddefaultcerts:
ui.warn(_('(unable to load CA certificates; see '
'https://mercurial-scm.org/wiki/SecureConnections for '
'how to configure Mercurial to avoid this message)\n'))
return None
+ # / is writable on Windows. Out of an abundance of caution make sure
+ # we're not on Windows because paths from _systemcacerts could be installed
+ # by non-admin users.
+ assert os.name != 'nt'
+
# Try to find CA certificates in well-known locations. We print a warning
# when using a found file because we don't want too much silent magic
# for security settings. The expectation is that proper Mercurial
# installs will have the CA certs path defined at install time and the
# installer/packager will make an appropriate decision on the user's
# behalf. We only get here and perform this setting as a feature of
# last resort.
if not _canloaddefaultcerts:
More information about the Mercurial-devel
mailing list