changeset:   101509:40f3f2b27112
branch:      2.7
parent:      101502:1e80e53ce20d
user:        Steve Dower <steve.dower@microsoft.com>
date:        Thu May 26 12:17:21 2016 -0700
files:       Lib/ssl.py Misc/NEWS
description:
Issue #27114: Fix SSLContext._load_windows_store_certs fails with PermissionError


diff -r 1e80e53ce20d -r 40f3f2b27112 Lib/ssl.py
--- a/Lib/ssl.py	Thu May 26 05:28:50 2016 +0000
+++ b/Lib/ssl.py	Thu May 26 12:17:21 2016 -0700
@@ -141,6 +141,7 @@
 from socket import SOL_SOCKET, SO_TYPE
 import base64        # for DER-to-PEM translation
 import errno
+import warnings
 
 if _ssl.HAS_TLS_UNIQUE:
     CHANNEL_BINDING_TYPES = ['tls-unique']
@@ -375,11 +376,14 @@
 
     def _load_windows_store_certs(self, storename, purpose):
         certs = bytearray()
-        for cert, encoding, trust in enum_certificates(storename):
-            # CA certs are never PKCS#7 encoded
-            if encoding == "x509_asn":
-                if trust is True or purpose.oid in trust:
-                    certs.extend(cert)
+        try:
+            for cert, encoding, trust in enum_certificates(storename):
+                # CA certs are never PKCS#7 encoded
+                if encoding == "x509_asn":
+                    if trust is True or purpose.oid in trust:
+                        certs.extend(cert)
+        except OSError:
+            warnings.warn("unable to enumerate Windows certificate store")
         if certs:
             self.load_verify_locations(cadata=certs)
         return certs
diff -r 1e80e53ce20d -r 40f3f2b27112 Misc/NEWS
--- a/Misc/NEWS	Thu May 26 05:28:50 2016 +0000
+++ b/Misc/NEWS	Thu May 26 12:17:21 2016 -0700
@@ -83,6 +83,9 @@
 Library
 -------
 
+- Issue #27114: Fix SSLContext._load_windows_store_certs fails with
+  PermissionError
+
 - Issue #14132: Fix urllib.request redirect handling when the target only has
   a query string.  Fix by Ján Janech.