merge 3.4 (#22449)

author: Benjamin Peterson <benjamin@python.org> 2014-10-03 21:33:45 (GMT)
committer: Benjamin Peterson <benjamin@python.org> 2014-10-03 21:33:45 (GMT)
commit: 8b9cfa10662c7712f7685f4bc376ab65c119589b (patch)
tree: e6e9fe1135a593580ad080c50b23ab8327e56fe7
parent: df75fee9a35c2ac33e94744216e0a49e8aa0bae4 (diff)
parent: 5915b0f924152b4801c1fe49aff348fd1981cc05 (diff)
download: cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.zip
cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.tar.gz
cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.tar.bz2
3 files changed, 12 insertions, 2 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index f0ecbc7..0e9dbe0 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -379,8 +379,7 @@ class SSLContext(_SSLContext):
         if sys.platform == "win32":
             for storename in self._windows_cert_stores:
                 self._load_windows_store_certs(storename, purpose)
-        else:
-            self.set_default_verify_paths()
+        self.set_default_verify_paths()
 
 
 def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index f216bd2..076e1a9 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1095,6 +1095,14 @@ class ContextTests(unittest.TestCase):
         self.assertRaises(TypeError, ctx.load_default_certs, None)
         self.assertRaises(TypeError, ctx.load_default_certs, 'SERVER_AUTH')
 
+    def test_load_default_certs_env(self):
+        ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+        with support.EnvironmentVarGuard() as env:
+            env["SSL_CERT_DIR"] = CAPATH
+            env["SSL_CERT_FILE"] = CERTFILE
+            ctx.load_default_certs()
+            self.assertEqual(ctx.cert_store_stats(), {"crl": 0, "x509": 1, "x509_ca": 0})
+
     def test_create_default_context(self):
         ctx = ssl.create_default_context()
         self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)
diff --git a/Misc/NEWS b/Misc/NEWS
index f66a51e..65d6b21 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -159,6 +159,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #22449: In the ssl.SSLContext.load_default_certs, consult the
+  enviromental variables SSL_CERT_DIR and SSL_CERT_FILE on Windows.
+
 - Issue #22508: The email.__version__ variable has been removed; the email
   code is no longer shipped separately from the stdlib, and __version__
   hasn't been updated in several releases.
author	Benjamin Peterson <benjamin@python.org>	2014-10-03 21:33:45 (GMT)
committer	Benjamin Peterson <benjamin@python.org>	2014-10-03 21:33:45 (GMT)
commit	8b9cfa10662c7712f7685f4bc376ab65c119589b (patch)
tree	e6e9fe1135a593580ad080c50b23ab8327e56fe7
parent	df75fee9a35c2ac33e94744216e0a49e8aa0bae4 (diff)
parent	5915b0f924152b4801c1fe49aff348fd1981cc05 (diff)
download	cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.zip cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.tar.gz cpython-8b9cfa10662c7712f7685f4bc376ab65c119589b.tar.bz2