From 90c9b40c71c26c9b821a61c43f6c1122198b888e Mon Sep 17 00:00:00 2001 From: Steve Dower Date: Thu, 26 May 2016 12:17:21 -0700 Subject: [PATCH] Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError --- Lib/ssl.py | 14 +++++++++----- Misc/NEWS | 3 +++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/Lib/ssl.py b/Lib/ssl.py index d77863843a..6070380879 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -141,6 +141,7 @@ from socket import socket, AF_INET, SOCK_STREAM, create_connection from socket import SOL_SOCKET, SO_TYPE import base64 # for DER-to-PEM translation import errno +import warnings if _ssl.HAS_TLS_UNIQUE: CHANNEL_BINDING_TYPES = ['tls-unique'] @@ -375,11 +376,14 @@ class SSLContext(_SSLContext): def _load_windows_store_certs(self, storename, purpose): certs = bytearray() - for cert, encoding, trust in enum_certificates(storename): - # CA certs are never PKCS#7 encoded - if encoding == "x509_asn": - if trust is True or purpose.oid in trust: - certs.extend(cert) + try: + for cert, encoding, trust in enum_certificates(storename): + # CA certs are never PKCS#7 encoded + if encoding == "x509_asn": + if trust is True or purpose.oid in trust: + certs.extend(cert) + except OSError: + warnings.warn("unable to enumerate Windows certificate store") if certs: self.load_verify_locations(cadata=certs) return certs diff --git a/Misc/NEWS b/Misc/NEWS index cae9ff2b46..4d35268516 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -83,6 +83,9 @@ Core and Builtins Library ------- +- Issue #27114: Fix SSLContext._load_windows_store_certs fails with + PermissionError + - Issue #14132: Fix urllib.request redirect handling when the target only has a query string. Fix by Ján Janech. -- 2.50.1