Commit 0b30a2bd authored by Benjamin Peterson's avatar Benjamin Peterson

also use openssl envvars to find certs on windows (closes #22449)

Patch by Christian Heimes and Alex Gaynor.
parent a2e2b587
...@@ -376,8 +376,7 @@ class SSLContext(_SSLContext): ...@@ -376,8 +376,7 @@ class SSLContext(_SSLContext):
if sys.platform == "win32": if sys.platform == "win32":
for storename in self._windows_cert_stores: for storename in self._windows_cert_stores:
self._load_windows_store_certs(storename, purpose) self._load_windows_store_certs(storename, purpose)
else: self.set_default_verify_paths()
self.set_default_verify_paths()
def create_default_context(purpose=Purpose.SERVER_AUTH, cafile=None, def create_default_context(purpose=Purpose.SERVER_AUTH, cafile=None,
......
...@@ -1058,6 +1058,14 @@ class ContextTests(unittest.TestCase): ...@@ -1058,6 +1058,14 @@ class ContextTests(unittest.TestCase):
self.assertRaises(TypeError, ctx.load_default_certs, None) self.assertRaises(TypeError, ctx.load_default_certs, None)
self.assertRaises(TypeError, ctx.load_default_certs, 'SERVER_AUTH') self.assertRaises(TypeError, ctx.load_default_certs, 'SERVER_AUTH')
def test_load_default_certs_env(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
with support.EnvironmentVarGuard() as env:
env["SSL_CERT_DIR"] = CAPATH
env["SSL_CERT_FILE"] = CERTFILE
ctx.load_default_certs()
self.assertEqual(ctx.cert_store_stats(), {"crl": 0, "x509": 1, "x509_ca": 0})
def test_create_default_context(self): def test_create_default_context(self):
ctx = ssl.create_default_context() ctx = ssl.create_default_context()
self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)
......
...@@ -31,6 +31,9 @@ Core and Builtins ...@@ -31,6 +31,9 @@ Core and Builtins
Library Library
------- -------
- Issue #22449: In the ssl.SSLContext.load_default_certs, consult the
enviromental variables SSL_CERT_DIR and SSL_CERT_FILE on Windows.
- Issue #8473: doctest.testfile now uses universal newline mode to read - Issue #8473: doctest.testfile now uses universal newline mode to read
the test file. the test file.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment