summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Misc/NEWS2
-rw-r--r--Modules/_ssl.c8
2 files changed, 8 insertions, 2 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 5f1929d0b1..f9ccc0458a 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,8 @@ Core and Builtins
Library
-------
+- Issue #25939: On Windows open the cert store readonly in ssl.enum_certificates.
+
- Issue #22570: Add 'path' attribute to pathlib.Path objects,
returning the same as str(), to make it more similar to DirEntry.
Library code can now write getattr(p, 'path', p) to get the path as
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index d918671fc8..02971a7515 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -3597,7 +3597,9 @@ PySSL_enum_certificates(PyObject *self, PyObject *args, PyObject *kwds)
if (result == NULL) {
return NULL;
}
- hStore = CertOpenSystemStore((HCRYPTPROV)NULL, store_name);
+ hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
+ CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
+ store_name);
if (hStore == NULL) {
Py_DECREF(result);
return PyErr_SetFromWindowsErr(GetLastError());
@@ -3685,7 +3687,9 @@ PySSL_enum_crls(PyObject *self, PyObject *args, PyObject *kwds)
if (result == NULL) {
return NULL;
}
- hStore = CertOpenSystemStore((HCRYPTPROV)NULL, store_name);
+ hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
+ CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
+ store_name);
if (hStore == NULL) {
Py_DECREF(result);
return PyErr_SetFromWindowsErr(GetLastError());
View Lorry Controller Status