Patchwork [2,of,3,stable] httpclient: update to revision 9517a2b56fe9 of httpplus (issue3905)

login
register
mail settings
Submitter Augie Fackler
Date July 24, 2013, 9:07 p.m.
Message ID <5ce42b0831fd08e1d2a5.1374700048@augie-macbookair>
Download mbox | patch
Permalink /patch/1951/
State Accepted
Commit 42fcb2f7787db7bb007f2e26ea804d35411b7c55
Headers show

Comments

Augie Fackler - July 24, 2013, 9:07 p.m.
# HG changeset patch
# User Augie Fackler <raf@durin42.com>
# Date 1374691529 14400
#      Wed Jul 24 14:45:29 2013 -0400
# Branch stable
# Node ID 5ce42b0831fd08e1d2a5508b29b6d35fb3aa4526
# Parent  54ff8d5ce7107ac20c38cd85527968e2f540806e
httpclient: update to revision 9517a2b56fe9 of httpplus (issue3905)

Includes upstream change "socketutil: force SSLv3 by default, as it is
safer" which should fix issue 3905.

Patch

diff --git a/mercurial/httpclient/__init__.py b/mercurial/httpclient/__init__.py
--- a/mercurial/httpclient/__init__.py
+++ b/mercurial/httpclient/__init__.py
@@ -622,6 +622,8 @@ 
                         # TODO: find a way to block on ssl flushing its buffer
                         # similar to selecting on a raw socket.
                         continue
+                    if e[0] == errno.EWOULDBLOCK or e[0] == errno.EAGAIN:
+                        continue
                     elif (e[0] not in (errno.ECONNRESET, errno.EPIPE)
                           and not first):
                         raise
diff --git a/mercurial/httpclient/socketutil.py b/mercurial/httpclient/socketutil.py
--- a/mercurial/httpclient/socketutil.py
+++ b/mercurial/httpclient/socketutil.py
@@ -106,7 +106,7 @@ 
                     else:
                         raise x
 
-    _PROTOCOL_SSLv23 = 2
+    _PROTOCOL_SSLv3 = 1
 
     CERT_NONE = 0
     CERT_OPTIONAL = 1
@@ -118,7 +118,7 @@ 
     # pylint: disable=W0613,R0913
     def wrap_socket(sock, keyfile=None, certfile=None,
                 server_side=False, cert_reqs=CERT_NONE,
-                ssl_version=_PROTOCOL_SSLv23, ca_certs=None,
+                ssl_version=_PROTOCOL_SSLv3, ca_certs=None,
                 do_handshake_on_connect=True,
                 suppress_ragged_eofs=True):
         """Backport of ssl.wrap_socket from Python 2.6."""