58c938cba7
- Update to version 2.7.5: + Issue #15535: Fixed regression in the pickling of named tuples by removing the __dict__ property introduced in 2.7.4. + Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3, such as was shipped with Centos 5 and Mac OS X 10.4. + Issue #17703: Fix a regression where an illegal use of Py_DECREF() after interpreter finalization can cause a crash. + Issue #16447: Fixed potential segmentation fault when setting __name__ on a class. + Issue #17610: Don't rely on non-standard behavior of the C qsort() function. 12 See http://hg.python.org/cpython/file/ab05e7dd2788/Misc/NEWS for more - Drop upstreamed patches: + python-2.7rc2-configure.patch + python-2.7.3-multiprocessing-join.patch + ctypes-libffi-aarch64.patch + python-2.7.3-fix-dbm-64bit-bigendian.patch + python-test_structmembers.patch - Rebased other patches - Update to version 2.7.5: + Issue #15535: Fixed regression in the pickling of named tuples by removing the __dict__ property introduced in 2.7.4. + Issue #17857: Prevent build failures with pre-3.5.0 versions of sqlite3, such as was shipped with Centos 5 and Mac OS X 10.4. + Issue #17703: Fix a regression where an illegal use of Py_DECREF() after interpreter finalization can cause a crash. + Issue #16447: Fixed potential segmentation fault when setting __name__ on a class. + Issue #17610: Don't rely on non-standard behavior of the C qsort() function. 12 See http://hg.python.org/cpython/file/ab05e7dd2788/Misc/NEWS for more OBS-URL: https://build.opensuse.org/request/show/176926 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=141
40 lines
1.5 KiB
Diff
40 lines
1.5 KiB
Diff
--- a/Modules/_ssl.c
|
|
+++ b/Modules/_ssl.c
|
|
@@ -271,6 +271,7 @@
|
|
char *errstr = NULL;
|
|
int ret;
|
|
int verification_mode;
|
|
+ struct stat stat_buf;
|
|
|
|
self = PyObject_New(PySSLObject, &PySSL_Type); /* Create new object */
|
|
if (self == NULL)
|
|
@@ -331,11 +332,23 @@
|
|
"verification of other-side certificates.");
|
|
goto fail;
|
|
} else {
|
|
- PySSL_BEGIN_ALLOW_THREADS
|
|
- ret = SSL_CTX_load_verify_locations(self->ctx,
|
|
- cacerts_file,
|
|
- NULL);
|
|
- PySSL_END_ALLOW_THREADS
|
|
+ /* If cacerts_file is a directory-based cert store, pass it as the
|
|
+ third parameter, CApath, instead
|
|
+ */
|
|
+ if (stat(cacerts_file, &stat_buf) == 0 && S_ISDIR(stat_buf.st_mode)) {
|
|
+ PySSL_BEGIN_ALLOW_THREADS
|
|
+ ret = SSL_CTX_load_verify_locations(self->ctx,
|
|
+ NULL,
|
|
+ cacerts_file);
|
|
+ PySSL_END_ALLOW_THREADS
|
|
+ } else {
|
|
+ PySSL_BEGIN_ALLOW_THREADS
|
|
+ ret = SSL_CTX_load_verify_locations(self->ctx,
|
|
+ cacerts_file,
|
|
+ NULL);
|
|
+ PySSL_END_ALLOW_THREADS
|
|
+ }
|
|
+
|
|
if (ret != 1) {
|
|
_setSSLError(NULL, 0, __FILE__, __LINE__);
|
|
goto fail;
|