Patchwork [1,of,6] httpconnection: pass serverhostname to sslutil.wrapsocket()

login
register
mail settings
Submitter Gregory Szorc
Date May 15, 2016, 6:57 p.m.
Message ID <076cdbe3bfbc412aece1.1463338638@ubuntu-vm-main>
Download mbox | patch
Permalink /patch/15118/
State Superseded
Headers show

Comments

Gregory Szorc - May 15, 2016, 6:57 p.m.
# HG changeset patch
# User Gregory Szorc <gregory.szorc@gmail.com>
# Date 1462500564 25200
#      Thu May 05 19:09:24 2016 -0700
# Node ID 076cdbe3bfbc412aece1e5adef2cc45456b3bf9b
# Parent  e521cb13d3545735cf78e7e002bda4c2f4314124
httpconnection: pass serverhostname to sslutil.wrapsocket()

This is the last consumer of sslutil.wrapsocket() not passing
the serverhostname argument. Passing this argument allows SNI
to be used (if available). It will also allow us to further refactor
some code in sslutil.
Gregory Szorc - May 15, 2016, 9:02 p.m.
> On May 15, 2016, at 11:57, Gregory Szorc <gregory.szorc@gmail.com> wrote:
> 
> # HG changeset patch
> # User Gregory Szorc <gregory.szorc@gmail.com>
> # Date 1462500564 25200
> #      Thu May 05 19:09:24 2016 -0700
> # Node ID 076cdbe3bfbc412aece1e5adef2cc45456b3bf9b
> # Parent  e521cb13d3545735cf78e7e002bda4c2f4314124
> httpconnection: pass serverhostname to sslutil.wrapsocket()

This one can probably be dropped because the upstream changes just pushed make it unnecessary. I'll investigate when I'm in front of my computer.

> 
> This is the last consumer of sslutil.wrapsocket() not passing
> the serverhostname argument. Passing this argument allows SNI
> to be used (if available). It will also allow us to further refactor
> some code in sslutil.
> 
> diff --git a/mercurial/httpconnection.py b/mercurial/httpconnection.py
> --- a/mercurial/httpconnection.py
> +++ b/mercurial/httpconnection.py
> @@ -274,16 +274,17 @@ class http2handler(urlreq.httphandler, u
>         if ':' in host and '[' not in host or ']:' in host:
>             host, port = host.rsplit(':', 1)
>             port = int(port)
>             if '[' in host:
>                 host = host[1:-1]
> 
>         kwargs['keyfile'] = keyfile
>         kwargs['certfile'] = certfile
> +        kwargs['serverhostname'] = host
> 
>         kwargs.update(sslutil.sslkwargs(self.ui, host))
> 
>         con = HTTPConnection(host, port, use_ssl=True,
>                              ssl_wrap_socket=sslutil.wrapsocket,
>                              ssl_validator=sslutil.validator(self.ui, host),
>                              **kwargs)
>         return con

Patch

diff --git a/mercurial/httpconnection.py b/mercurial/httpconnection.py
--- a/mercurial/httpconnection.py
+++ b/mercurial/httpconnection.py
@@ -274,16 +274,17 @@  class http2handler(urlreq.httphandler, u
         if ':' in host and '[' not in host or ']:' in host:
             host, port = host.rsplit(':', 1)
             port = int(port)
             if '[' in host:
                 host = host[1:-1]
 
         kwargs['keyfile'] = keyfile
         kwargs['certfile'] = certfile
+        kwargs['serverhostname'] = host
 
         kwargs.update(sslutil.sslkwargs(self.ui, host))
 
         con = HTTPConnection(host, port, use_ssl=True,
                              ssl_wrap_socket=sslutil.wrapsocket,
                              ssl_validator=sslutil.validator(self.ui, host),
                              **kwargs)
         return con