diff options
| -rw-r--r-- | devel/mercurial/Makefile | 1 | ||||
| -rw-r--r-- | devel/mercurial/files/patch-mercurial_sslutil.py | 18 |
2 files changed, 19 insertions, 0 deletions
diff --git a/devel/mercurial/Makefile b/devel/mercurial/Makefile index 4fbf0f2104b2..cb4d59818ffb 100644 --- a/devel/mercurial/Makefile +++ b/devel/mercurial/Makefile @@ -3,6 +3,7 @@ PORTNAME= mercurial PORTVERSION= 3.3 +PORTREVISION= 1 CATEGORIES= devel python MASTER_SITES= http://mercurial.selenic.com/release/ diff --git a/devel/mercurial/files/patch-mercurial_sslutil.py b/devel/mercurial/files/patch-mercurial_sslutil.py new file mode 100644 index 000000000000..81926b1b20e7 --- /dev/null +++ b/devel/mercurial/files/patch-mercurial_sslutil.py @@ -0,0 +1,18 @@ +Change condition in order to prevent SSLv2 and SSLv3 protocols. +Taken from ${PYTHON_LIBDIR}/ssl.py file (found in 'create_default_context' +function). + +--- mercurial/sslutil.py.orig 2015-02-02 02:20:50 UTC ++++ mercurial/sslutil.py +@@ -29,7 +29,10 @@ try: + # maintainers for us, but that breaks too many things to + # do it in a hurry. + sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23) +- sslcontext.options &= ssl.OP_NO_SSLv2 & ssl.OP_NO_SSLv3 ++ # SSLv2 is considered harmful ++ sslcontext.options |= ssl.OP_NO_SSLv2 ++ # SSLv3 has problematic security issue ++ sslcontext.options |= ssl.OP_NO_SSLv3 + if certfile is not None: + sslcontext.load_cert_chain(certfile, keyfile) + sslcontext.verify_mode = cert_reqs |