Following the error I just got: pulling from https://svn.macports.org/repository/macports (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error) abort: error: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:590) Adding `--config hostsecurity.svn.macports.org:minimumprotocol=tls1.0` temporarily allows a pull but adding: [hostsecurity] svn.macports.org:minimumprotocol=tls1.0 to .hg/hgrc does not work.
I also got the same error while running hg out. comparing with https://selenic.com/hg (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error) abort: error: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:590)
selenic.com isn't supporting TLS 1.1 or 1.2, hence why you get the "unsupported protocol" error. See bug 5303 for tweaking the error output. The current situation is not exactly helpful.
I was able to reproduce. Setting the option in ~/.hgrc works. However, setting in .hg/hgrc does not. I reckon the ui instance we're using didn't come from the repo :/
(In reply to Gregory Szorc from comment #3) Yeah adding [hostsecurity] selenic.com:minimumprotocol=tls1.0 to .hgrc works for me.
By .hgrc I mean ~/.hgrc
Fixed by https://selenic.com/repo/hg/rev/3fde328d0913 Gregory Szorc <gregory.szorc@gmail.com> hg: copy [hostsecurity] options to remote ui instances (issue5305) TIL that ui instances for remote/peer repos don't automagically inherit config options from .hg/hgrc files. This patch makes remote ui instances inherit options from the [hostsecurity] section. We were already inheriting options from [hostfingerprints] and [auth]. So adding [hostsecurity] to the list seems appropriate. (please test the fix)
Verified that this changeset fixes it!