diff options
author | Steve Dower <steve.dower@microsoft.com> | 2016-05-26 19:19:42 (GMT) |
---|---|---|
committer | Steve Dower <steve.dower@microsoft.com> | 2016-05-26 19:19:42 (GMT) |
commit | 48df37dbb812ac46afe635ca11f6a627b089b768 (patch) | |
tree | fd95dbbb66abc92babe8341f4cca665ff2427e5b /Lib/ssl.py | |
parent | e67c92ea70edc05a48c16a502312109586718302 (diff) | |
parent | 33bc4a29832ba2c709847ffe8fb0c7a482733f0c (diff) | |
download | cpython-48df37dbb812ac46afe635ca11f6a627b089b768.zip cpython-48df37dbb812ac46afe635ca11f6a627b089b768.tar.gz cpython-48df37dbb812ac46afe635ca11f6a627b089b768.tar.bz2 |
Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError
Diffstat (limited to 'Lib/ssl.py')
-rw-r--r-- | Lib/ssl.py | 14 |
1 files changed, 9 insertions, 5 deletions
@@ -145,6 +145,7 @@ from socket import socket, AF_INET, SOCK_STREAM, create_connection from socket import SOL_SOCKET, SO_TYPE import base64 # for DER-to-PEM translation import errno +import warnings socket_error = OSError # keep that public name in module namespace @@ -405,11 +406,14 @@ class SSLContext(_SSLContext): def _load_windows_store_certs(self, storename, purpose): certs = bytearray() - for cert, encoding, trust in enum_certificates(storename): - # CA certs are never PKCS#7 encoded - if encoding == "x509_asn": - if trust is True or purpose.oid in trust: - certs.extend(cert) + try: + for cert, encoding, trust in enum_certificates(storename): + # CA certs are never PKCS#7 encoded + if encoding == "x509_asn": + if trust is True or purpose.oid in trust: + certs.extend(cert) + except PermissionError: + warnings.warn("unable to enumerate Windows certificate store") if certs: self.load_verify_locations(cadata=certs) return certs |