diff options
| author | Steve Dower <steve.dower@microsoft.com> | 2016-05-26 12:18:12 -0700 | 
|---|---|---|
| committer | Steve Dower <steve.dower@microsoft.com> | 2016-05-26 12:18:12 -0700 | 
| commit | 33bc4a29832ba2c709847ffe8fb0c7a482733f0c (patch) | |
| tree | 554e43bb47022aee246f70e4135a96aa6b6b350d /Lib/ssl.py | |
| parent | b22c708989f8a8e155939b8938b67d3f6afafb45 (diff) | |
| download | cpython-git-33bc4a29832ba2c709847ffe8fb0c7a482733f0c.tar.gz | |
Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError
Diffstat (limited to 'Lib/ssl.py')
| -rw-r--r-- | Lib/ssl.py | 14 | 
1 files changed, 9 insertions, 5 deletions
| diff --git a/Lib/ssl.py b/Lib/ssl.py index 65ad38f899..3f5c3c4d07 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -145,6 +145,7 @@ from socket import socket, AF_INET, SOCK_STREAM, create_connection  from socket import SOL_SOCKET, SO_TYPE  import base64        # for DER-to-PEM translation  import errno +import warnings  socket_error = OSError  # keep that public name in module namespace @@ -405,11 +406,14 @@ class SSLContext(_SSLContext):      def _load_windows_store_certs(self, storename, purpose):          certs = bytearray() -        for cert, encoding, trust in enum_certificates(storename): -            # CA certs are never PKCS#7 encoded -            if encoding == "x509_asn": -                if trust is True or purpose.oid in trust: -                    certs.extend(cert) +        try: +            for cert, encoding, trust in enum_certificates(storename): +                # CA certs are never PKCS#7 encoded +                if encoding == "x509_asn": +                    if trust is True or purpose.oid in trust: +                        certs.extend(cert) +        except PermissionError: +            warnings.warn("unable to enumerate Windows certificate store")          if certs:              self.load_verify_locations(cadata=certs)          return certs | 
