diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index a5785d0..72a65b7 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -850,11 +850,14 @@ class ContextTests(unittest.TestCase): ctx.load_verify_locations(cafile=CERTFILE, capath=None) ctx.load_verify_locations(BYTES_CERTFILE) ctx.load_verify_locations(cafile=BYTES_CERTFILE, capath=None) + ctx.load_verify_locations(cafile=BYTES_CERTFILE.decode('utf-8')) self.assertRaises(TypeError, ctx.load_verify_locations) self.assertRaises(TypeError, ctx.load_verify_locations, None, None, None) with self.assertRaises(IOError) as cm: ctx.load_verify_locations(WRONGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) + with self.assertRaises(IOError): + ctx.load_verify_locations(u'') with self.assertRaisesRegexp(ssl.SSLError, "PEM lib"): ctx.load_verify_locations(BADCERT) ctx.load_verify_locations(CERTFILE, CAPATH) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 5518032..11d34d6 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2628,15 +2628,23 @@ load_verify_locations(PySSLContext *self, PyObject *args, PyObject *kwds) } if (cafile) { - cafile_bytes = PyString_AsEncodedObject( - cafile, Py_FileSystemDefaultEncoding, "strict"); + PyObject *u = PyUnicode_FromObject(cafile); + if (!u) + goto error; + cafile_bytes = PyUnicode_AsEncodedString( + u, Py_FileSystemDefaultEncoding, NULL); + Py_DECREF(u); if (!cafile_bytes) { goto error; } } if (capath) { - capath_bytes = PyString_AsEncodedObject( - capath, Py_FileSystemDefaultEncoding, "strict"); + PyObject *u = PyUnicode_FromObject(capath); + if (!u) + goto error; + capath_bytes = PyUnicode_AsEncodedString( + u, Py_FileSystemDefaultEncoding, NULL); + Py_DECREF(u); if (!capath_bytes) { goto error; }