[Python-checkins] cpython (2.7): Issue #27114: Fix SSLContext._load_windows_store_certs fails with
steve.dower
python-checkins at python.org
Thu May 26 15:20:14 EDT 2016
https://hg.python.org/cpython/rev/40f3f2b27112
changeset: 101509:40f3f2b27112
branch: 2.7
parent: 101502:1e80e53ce20d
user: Steve Dower <steve.dower at microsoft.com>
date: Thu May 26 12:17:21 2016 -0700
summary:
Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError
files:
Lib/ssl.py | 14 +++++++++-----
Misc/NEWS | 3 +++
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/Lib/ssl.py b/Lib/ssl.py
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -141,6 +141,7 @@
from socket import SOL_SOCKET, SO_TYPE
import base64 # for DER-to-PEM translation
import errno
+import warnings
if _ssl.HAS_TLS_UNIQUE:
CHANNEL_BINDING_TYPES = ['tls-unique']
@@ -375,11 +376,14 @@
def _load_windows_store_certs(self, storename, purpose):
certs = bytearray()
- for cert, encoding, trust in enum_certificates(storename):
- # CA certs are never PKCS#7 encoded
- if encoding == "x509_asn":
- if trust is True or purpose.oid in trust:
- certs.extend(cert)
+ try:
+ for cert, encoding, trust in enum_certificates(storename):
+ # CA certs are never PKCS#7 encoded
+ if encoding == "x509_asn":
+ if trust is True or purpose.oid in trust:
+ certs.extend(cert)
+ except OSError:
+ warnings.warn("unable to enumerate Windows certificate store")
if certs:
self.load_verify_locations(cadata=certs)
return certs
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -83,6 +83,9 @@
Library
-------
+- Issue #27114: Fix SSLContext._load_windows_store_certs fails with
+ PermissionError
+
- Issue #14132: Fix urllib.request redirect handling when the target only has
a query string. Fix by Ján Janech.
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list