From: Steve Dower Date: Thu, 26 May 2016 19:17:21 +0000 (-0700) Subject: Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError X-Git-Tag: v2.7.12rc1~51 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90c9b40c71c26c9b821a61c43f6c1122198b888e;p=thirdparty%2FPython%2Fcpython.git Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError --- diff --git a/Lib/ssl.py b/Lib/ssl.py index d77863843adc..607038087933 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -141,6 +141,7 @@ from socket import socket, AF_INET, SOCK_STREAM, create_connection from socket import SOL_SOCKET, SO_TYPE import base64 # for DER-to-PEM translation import errno +import warnings if _ssl.HAS_TLS_UNIQUE: CHANNEL_BINDING_TYPES = ['tls-unique'] @@ -375,11 +376,14 @@ class SSLContext(_SSLContext): def _load_windows_store_certs(self, storename, purpose): certs = bytearray() - for cert, encoding, trust in enum_certificates(storename): - # CA certs are never PKCS#7 encoded - if encoding == "x509_asn": - if trust is True or purpose.oid in trust: - certs.extend(cert) + try: + for cert, encoding, trust in enum_certificates(storename): + # CA certs are never PKCS#7 encoded + if encoding == "x509_asn": + if trust is True or purpose.oid in trust: + certs.extend(cert) + except OSError: + warnings.warn("unable to enumerate Windows certificate store") if certs: self.load_verify_locations(cadata=certs) return certs diff --git a/Misc/NEWS b/Misc/NEWS index cae9ff2b464c..4d35268516b2 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -83,6 +83,9 @@ Core and Builtins Library ------- +- Issue #27114: Fix SSLContext._load_windows_store_certs fails with + PermissionError + - Issue #14132: Fix urllib.request redirect handling when the target only has a query string. Fix by Ján Janech.