← Back to branch summary

~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/transport/http/_urllib2_wrappers.py

  • Committer: Jelmer Vernooij
  • Date: 2012-04-02 01:44:26 UTC
  • mfrom: (6518 +trunk)
  • mto: This revision was merged to the branch mainline in revision 6519.
  • Revision ID: jelmer@samba.org-20120402014426-0o5qtysohyl006b2
merge bzr.dev.

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/transport/http/_urllib2_wrappers.py
88
88
    ]
89
89
def default_ca_certs():
90
90
    if sys.platform == 'win32':
91
 
        return os.path.join(os.path.dirname(sys.executable), u"ca_bundle.crt")
 
91
        return os.path.join(os.path.dirname(sys.executable), u"cacert.pem")
92
92
    elif sys.platform == 'darwin':
93
93
        # FIXME: Needs some default value for osx, waiting for osx installers
94
94
        # guys feedback -- vila 2012-01-25
476
476
        # FIXME JRV 2011-12-18: Use location config here?
477
477
        config_stack = config.GlobalStack()
478
478
        cert_reqs = config_stack.get('ssl.cert_reqs')
 
479
        if self.proxied_host is not None:
 
480
            host = self.proxied_host.split(":", 1)[0]
 
481
        else:
 
482
            host = self.host
479
483
        if cert_reqs == ssl.CERT_NONE:
480
 
            trace.warning("Not checking SSL certificate for %s: %d",
481
 
                self.host, self.port)
 
484
            trace.warning("Not checking SSL certificate for %s", host)
482
485
            ca_certs = None
483
486
        else:
484
487
            if self.ca_certs is None:
503
506
            raise
504
507
        if cert_reqs == ssl.CERT_REQUIRED:
505
508
            peer_cert = ssl_sock.getpeercert()
506
 
            match_hostname(peer_cert, self.host)
 
509
            match_hostname(peer_cert, host)
507
510
 
508
511
        # Wrap the ssl socket before anybody use it
509
512
        self._wrap_socket_for_reporting(ssl_sock)