Message 266285 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	steve.dower
Recipients	paul.moore, steve.dower, tim.golden, zach.ware
Date	2016-05-24.22:24:35
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1464128675.76.0.296997884833.issue27114@psf.upfronthosting.co.za>
In-reply-to

Content
In some restricted server scenarios, it is not possible to enumerate the Windows machine certificate store. A PermissionError is raised and the operation aborted. Instead, we should simply return no certificates from _load_windows_store_certs. This will most likely cause the SSL request to fail (as the certificate cannot be verified), but it allows the use of SSL_CERT_FILE to use certificates from a local file. Without handling the PermissionError, it doesn't matter whether the environment variable is set or not - we simply fail every time.

In some restricted server scenarios, it is not possible to enumerate the Windows machine certificate store. A PermissionError is raised and the operation aborted.

Instead, we should simply return no certificates from _load_windows_store_certs. This will most likely cause the SSL request to fail (as the certificate cannot be verified), but it allows the use of SSL_CERT_FILE to use certificates from a local file. Without handling the PermissionError, it doesn't matter whether the environment variable is set or not - we simply fail every time.

History
Date	User	Action	Args
2016-05-24 22:24:35	steve.dower	set	recipients: + steve.dower, paul.moore, tim.golden, zach.ware
2016-05-24 22:24:35	steve.dower	set	messageid: <1464128675.76.0.296997884833.issue27114@psf.upfronthosting.co.za>
2016-05-24 22:24:35	steve.dower	link	issue27114 messages
2016-05-24 22:24:35	steve.dower	create