Fix how OpenSSL context is created to make it possible to push over https again.

Submitted by:	maintainer
Approved by:	maintainer
Sponsored by:	Absolight

devel/mercurial/Makefile

@@ -3,6 +3,7 @@
 
 PORTNAME=	mercurial
 PORTVERSION=	3.3
+PORTREVISION=	1
 CATEGORIES=	devel python
 MASTER_SITES=	http://mercurial.selenic.com/release/
 

devel/mercurial/files/patch-mercurial_sslutil.py

@@ -0,0 +1,18 @@
+Change condition in order to prevent SSLv2 and SSLv3 protocols.
+Taken from ${PYTHON_LIBDIR}/ssl.py file (found in 'create_default_context'
+function).
+
+--- mercurial/sslutil.py.orig	2015-02-02 02:20:50 UTC
++++ mercurial/sslutil.py
+@@ -29,7 +29,10 @@ try:
+             # maintainers for us, but that breaks too many things to
+             # do it in a hurry.
+             sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+-            sslcontext.options &= ssl.OP_NO_SSLv2 & ssl.OP_NO_SSLv3
++            # SSLv2 is considered harmful
++            sslcontext.options |= ssl.OP_NO_SSLv2
++            # SSLv3 has problematic security issue
++            sslcontext.options |= ssl.OP_NO_SSLv3
+             if certfile is not None:
+                 sslcontext.load_cert_chain(certfile, keyfile)
+             sslcontext.verify_mode = cert_reqs