Patchwork [STABLE] sslutil: fix reversed logic (issue5034)

login
register
mail settings
Submitter Gábor Stefanik
Date Jan. 8, 2016, 3:30 p.m.
Message ID <1022a013889a1e794c36.1452267053@waste.org>
Download mbox | patch
Permalink /patch/12600/
State Accepted
Headers show

Comments

Gábor Stefanik - Jan. 8, 2016, 3:30 p.m.
# HG changeset patch
# User Gábor Stefanik <gabor.stefanik@nng.com>
# Date 1452266845 -3600
#      Fri Jan 08 16:27:25 2016 +0100
# Branch stable
# Node ID 1022a013889a1e794c360558c0067628d5b23d71
# Parent  1292700d31b520a0af73cd5515b6d10a3f7af7cd
sslutil: fix reversed logic (issue5034)
Martin von Zweigbergk - Jan. 9, 2016, 6:27 a.m.
On Fri, Jan 8, 2016 at 7:31 AM Gábor Stefanik <gabor.stefanik@nng.com>
wrote:

> # HG changeset patch
> # User Gábor Stefanik <gabor.stefanik@nng.com>
> # Date 1452266845 -3600
> #      Fri Jan 08 16:27:25 2016 +0100
> # Branch stable
> # Node ID 1022a013889a1e794c360558c0067628d5b23d71
> # Parent  1292700d31b520a0af73cd5515b6d10a3f7af7cd
> sslutil: fix reversed logic (issue5034)
>
> diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
> --- a/mercurial/sslutil.py
> +++ b/mercurial/sslutil.py
> @@ -35,7 +35,7 @@
>          # maintainers for us, but that breaks too many things to
>          # do it in a hurry.
>          sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
> -        sslcontext.options &= ssl.OP_NO_SSLv2 & ssl.OP_NO_SSLv3
> +        sslcontext.options |= ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
>          if certfile is not None:
>              def password():
>                  f = keyfile or certfile
>

I think this is Augie's area, but this looks simple enough for me. Pushed
to the clowncopter, thanks!

Patch

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -35,7 +35,7 @@ 
         # maintainers for us, but that breaks too many things to
         # do it in a hurry.
         sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
-        sslcontext.options &= ssl.OP_NO_SSLv2 & ssl.OP_NO_SSLv3
+        sslcontext.options |= ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
         if certfile is not None:
             def password():
                 f = keyfile or certfile