[Python-checkins] cpython (3.4): open the cert store readonly
benjamin.peterson
python-checkins at python.org
Thu Feb 18 01:18:47 EST 2016
https://hg.python.org/cpython/rev/9f29cf9ad17f
changeset: 100251:9f29cf9ad17f
branch: 3.4
parent: 100035:8b58c9328f5c
user: Benjamin Peterson <benjamin at python.org>
date: Wed Feb 17 22:13:19 2016 -0800
summary:
open the cert store readonly
Patch from Chi Hsuan Yen.
files:
Misc/NEWS | 2 ++
Modules/_ssl.c | 8 ++++++--
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,8 @@
Library
-------
+- Issue #25939: On Windows open the cert store readonly in ssl.enum_certificates.
+
- Issue #22570: Add 'path' attribute to pathlib.Path objects,
returning the same as str(), to make it more similar to DirEntry.
Library code can now write getattr(p, 'path', p) to get the path as
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -3597,7 +3597,9 @@
if (result == NULL) {
return NULL;
}
- hStore = CertOpenSystemStore((HCRYPTPROV)NULL, store_name);
+ hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
+ CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
+ store_name);
if (hStore == NULL) {
Py_DECREF(result);
return PyErr_SetFromWindowsErr(GetLastError());
@@ -3685,7 +3687,9 @@
if (result == NULL) {
return NULL;
}
- hStore = CertOpenSystemStore((HCRYPTPROV)NULL, store_name);
+ hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
+ CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_LOCAL_MACHINE,
+ store_name);
if (hStore == NULL) {
Py_DECREF(result);
return PyErr_SetFromWindowsErr(GetLastError());
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list