[Python-checkins] cpython (3.4): also use openssl envvars to find certs on windows (closes #22449)

benjamin.peterson python-checkins at python.org
Fri Oct 3 23:34:19 CEST 2014

• Previous message: [Python-checkins] cpython (2.7): also use openssl envvars to find certs on windows (closes #22449)
• Next message: [Python-checkins] cpython (merge 3.4 -> default): merge 3.4 (#22449)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

https://hg.python.org/cpython/rev/e1f453e13f8d
changeset: 92777:e1f453e13f8d
branch: 3.4
parent: 92772:300bdaaf302e
user: Benjamin Peterson <benjamin at python.org>
date: Fri Oct 03 17:27:05 2014 -0400
summary:
 also use openssl envvars to find certs on windows (closes #22449)
Patch by Christian Heimes and Alex Gaynor.
files:
 Lib/ssl.py | 3 +--
 Lib/test/test_ssl.py | 8 ++++++++
 Misc/NEWS | 3 +++
 3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/Lib/ssl.py b/Lib/ssl.py
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -390,8 +390,7 @@
 if sys.platform == "win32":
 for storename in self._windows_cert_stores:
 self._load_windows_store_certs(storename, purpose)
- else:
- self.set_default_verify_paths()
+ self.set_default_verify_paths()
 
 
 def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1016,6 +1016,14 @@
 self.assertRaises(TypeError, ctx.load_default_certs, None)
 self.assertRaises(TypeError, ctx.load_default_certs, 'SERVER_AUTH')
 
+ def test_load_default_certs_env(self):
+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+ with support.EnvironmentVarGuard() as env:
+ env["SSL_CERT_DIR"] = CAPATH
+ env["SSL_CERT_FILE"] = CERTFILE
+ ctx.load_default_certs()
+ self.assertEqual(ctx.cert_store_stats(), {"crl": 0, "x509": 1, "x509_ca": 0})
+
 def test_create_default_context(self):
 ctx = ssl.create_default_context()
 self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -19,6 +19,9 @@
 Library
 -------
 
+- Issue #22449: In the ssl.SSLContext.load_default_certs, consult the
+ enviromental variables SSL_CERT_DIR and SSL_CERT_FILE on Windows.
+
 - Issue #20076: Added non derived UTF-8 aliases to locale aliases table.
 
 - Issue #20079: Added locales supported in glibc 2.18 to locale alias table.
-- 
Repository URL: https://hg.python.org/cpython

---

• Previous message: [Python-checkins] cpython (2.7): also use openssl envvars to find certs on windows (closes #22449)
• Next message: [Python-checkins] cpython (merge 3.4 -> default): merge 3.4 (#22449)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list