Patchwork [02,of,11,V4] sslutil: add assertion to prevent accidental CA usage on Windows

mail settings
Submitter Gregory Szorc
Date July 15, 2016, 4:09 a.m.
Message ID <0f573e972f02063bf12a.1468555743@ubuntu-vm-main>
Download mbox | patch
Permalink /patch/15866/
State Superseded
Headers show


Gregory Szorc - July 15, 2016, 4:09 a.m.
# HG changeset patch
# User Gregory Szorc <>
# Date 1468463632 25200
#      Wed Jul 13 19:33:52 2016 -0700
# Node ID 0f573e972f02063bf12aa0a72d11903760860111
# Parent  9e91be071422676679cdef44e74f4ea34dd81be1
sslutil: add assertion to prevent accidental CA usage on Windows

Yuya suggested we add this check to ensure we don't accidentally try
to load user-writable paths on Windows if we change the control
flow of this function later.


diff --git a/mercurial/ b/mercurial/
--- a/mercurial/
+++ b/mercurial/
@@ -494,16 +494,21 @@  def _defaultcacerts(ui):
         # files. Also consider exporting the keychain certs to a file during
         # Mercurial install.
         if not _canloaddefaultcerts:
             ui.warn(_('(unable to load CA certificates; see '
                       ' for '
                       'how to configure Mercurial to avoid this message)\n'))
         return None
+    # / is writable on Windows. Out of an abundance of caution make sure
+    # we're not on Windows because paths from _systemcacerts could be installed
+    # by non-admin users.
+    assert != 'nt'
     # Try to find CA certificates in well-known locations. We print a warning
     # when using a found file because we don't want too much silent magic
     # for security settings. The expectation is that proper Mercurial
     # installs will have the CA certs path defined at install time and the
     # installer/packager will make an appropriate decision on the user's
     # behalf. We only get here and perform this setting as a feature of
     # last resort.
     if not _canloaddefaultcerts: