FYI -- this may explain some issues last week.

---------- Forwarded message ---------- From: Mads Kiilerich mads@kiilerich.com Date: Mon, Oct 20, 2014 at 2:22 PM Subject: Mercurial & SSL & POODLE, Mercurial 2.7 and 2.7.1 and SSL error: sslv3 alert handshake failure To: "mercurial@selenic.com" mercurial@selenic.com

The recent POODLE story has raised the awareness of the problems with old SSL versions. It might make sense to take the opportunity to disable SSLv3 on web servers hosting Mercurial repositories.

Note however that there was a client side bug in Mercurial 2.7 and 2.7.1 that made it use SSLv3 without considering more recent versions. Trying to connect to servers without SSLv3 with these Mercurial versions will fail with something like: abort: error: _ssl.c:507: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure or if using TortoiseHg: SSL error: sslv3 alert handshake failure

The solution is to upgrade Mercurial (or TortoiseHg) to a more recent version.

See also http://blogs.atlassian.com/2014/10/ssl-poodle/ .

/Mads

_______________________________________________ Mercurial mailing list Mercurial@selenic.com http://selenic.com/mailman/listinfo/mercurial _______________________________________________ yt-dev mailing list yt-dev@lists.spacepope.org http://lists.spacepope.org/listinfo.cgi/yt-dev-spacepope.org