Michael Schlenker added the comment:
It probably is even worse.
The flag seems to specifiy the physical locations, and just using
CERT_SYSTEM_STORE_LOCAL_SYSTEM probably misses the certificates distributed by
Group Policy or AD too, in addition to the stores for the current user.
See
New submission from Michael Schlenker :
The introduction of the ReadOnly flag in the ssl.enum_certificates() function
implementation has introduced a regression.
The old version returned certificates for both the current user and the local
system, the new function only enumerates system wide
Michael Schlenker added the comment:
Yes, the workaround works.
Would be nice if this could be fixed in a 2.7.11...
--
___
Python tracker
<http://bugs.python.org/issue25
New submission from Michael Schlenker:
The load_dh_params() method of SSLContext does not properly handle unicode
filenames on Windows (like load_verify_location() does).
It should convert any passed unicode path to the filesystem encoding.
This is already fixed in the 3.x head revision, by
Michael Schlenker added the comment:
yes, priority is probably low.
Just stumbled over it when building against openssl 1.0.1L and trying to regen
the datafile automatically in a build script.
--
versions: +Python 2.7
___
Python tracker
<h
New submission from Michael Schlenker:
The make_ssl_data.py script in Tools/ssl/ needs a python3 to run due to the
usage of open(..., encoding='latin1').
This makes usage on a host without python3 installed more complex than needed.
It should use io.open(...) to run on both p
