Merge lp:~vila/bzr/920455-ssl-defaults into lp:bzr/2.5
Status: | Superseded |
---|---|
Proposed branch: | lp:~vila/bzr/920455-ssl-defaults |
Merge into: | lp:bzr/2.5 |
Diff against target: |
173 lines (+49/-36) (has conflicts) 3 files modified
bzrlib/tests/test_https_urllib.py (+4/-20) bzrlib/transport/http/_urllib2_wrappers.py (+38/-16) doc/en/release-notes/bzr-2.5.txt (+7/-0) Text conflict in doc/en/release-notes/bzr-2.5.txt |
To merge this branch: | bzr merge lp:~vila/bzr/920455-ssl-defaults |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Jelmer Vernooij (community) | Approve | ||
Gordon Tyler | Pending | ||
Martin Packman | Pending | ||
Review via email: mp+90123@code.launchpad.net |
This proposal has been superseded by a proposal from 2012-01-30.
Commit message
Provide platform specific default values for ssl.ca_certs
Description of the change
This add default values for the ssl.ca_certs config option pointing to the
most probable place where the certificates are place for supported
platforms.
Feedback needed from windows and osx packagers unless we rely on them to fix
it when building 2.5.0...
I've changed the tests so at least test_default_exists
bzrlib/
I've also change the option to fail if a non-existing path is used and
changed the code to check the config option only if ssl.cert_reqs is not none.
With these changes, either:
- the certificates are there and they will be checked by default
- they are not but ssl.cert_reqs is none, no need to bother the user
especially since that is the obvious workaround for now if something goes
wrong with the verification,
- an error is raised if the user ask for verification but we can't find the
CAs.
@gz, Gordon: Feedback on where you expect to install the bundled ca certs expected ;)