[3.10] gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) (#115548) - fork/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2024-02-20 17:35:27 +0100
committer	Michał Górny <mgorny@gentoo.org>	2024-04-10 10:52:30 +0200
commit	a6a90cac7e1af91b032dcf0df13437857bc6c112 (patch)
tree	aff8515f8dafd087fbfdac443594a79c1c6a11f4 /PC
parent	[3.11] gh-115243: Fix crash in deque.index() when the deque is concurrently m... (diff)
download	cpython-gentoo-3.9.19_p2.tar.gz cpython-gentoo-3.9.19_p2.tar.bz2 cpython-gentoo-3.9.19_p2.zip

[3.10] gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) (#115548)gentoo-3.9.19_p2

gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) * gh-114572: Fix locking in cert_store_stats and get_ca_certs cert_store_stats and get_ca_certs query the SSLContext's X509_STORE with X509_STORE_get0_objects, but reading the result requires a lock. See https://github.com/openssl/openssl/pull/23224 for details. Instead, use X509_STORE_get1_objects, newly added in that PR. X509_STORE_get1_objects does not exist in current OpenSSLs, but we can polyfill it with X509_STORE_lock and X509_STORE_unlock. * Work around const-correctness problem * Add missing X509_STORE_get1_objects failure check * Add blurb (cherry picked from commit bce693111bff906ccf9281c22371331aaff766ab) Co-authored-by: David Benjamin <davidben@google.com>

Diffstat (limited to 'PC')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: