cpython.git - https://github.com/python/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2024-02-20 16:35:27 (GMT)
committer	GitHub <noreply@github.com>	2024-02-20 16:35:27 (GMT)
commit	37324b421b72b7bc9934e27aba85d48d4773002e (patch)
tree	bd84f002d2c8131f07bca53a687a2deb907c58c0 /Python/pythonrun.c
parent	d0524caed0f3b77f271640460d0dff1a4c784087 (diff)
download	cpython-37324b421b72b7bc9934e27aba85d48d4773002e.zip cpython-37324b421b72b7bc9934e27aba85d48d4773002e.tar.gz cpython-37324b421b72b7bc9934e27aba85d48d4773002e.tar.bz2

[3.10] gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) (#115548)

gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) * gh-114572: Fix locking in cert_store_stats and get_ca_certs cert_store_stats and get_ca_certs query the SSLContext's X509_STORE with X509_STORE_get0_objects, but reading the result requires a lock. See https://github.com/openssl/openssl/pull/23224 for details. Instead, use X509_STORE_get1_objects, newly added in that PR. X509_STORE_get1_objects does not exist in current OpenSSLs, but we can polyfill it with X509_STORE_lock and X509_STORE_unlock. * Work around const-correctness problem * Add missing X509_STORE_get1_objects failure check * Add blurb (cherry picked from commit bce693111bff906ccf9281c22371331aaff766ab) Co-authored-by: David Benjamin <davidben@google.com>

Diffstat (limited to 'Python/pythonrun.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: