[3.10] gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) (#115548) - fork/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2024-02-20 17:35:27 +0100
committer	Michał Górny <mgorny@gentoo.org>	2024-04-10 10:44:17 +0200
commit	afe52697e1e1bc178538b19f7483b89665dd46ee (patch)
tree	b1dea5251c9bc15022d622f2ae8e7953760c544e /PCbuild
parent	[3.11] gh-115243: Fix crash in deque.index() when the deque is concurrently m... (diff)
download	cpython-gentoo-3.9.19_p1.tar.gz cpython-gentoo-3.9.19_p1.tar.bz2 cpython-gentoo-3.9.19_p1.zip

[3.10] gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) (#115548)gentoo-3.9.19_p1

gh-114572: Fix locking in cert_store_stats and get_ca_certs (GH-114573) * gh-114572: Fix locking in cert_store_stats and get_ca_certs cert_store_stats and get_ca_certs query the SSLContext's X509_STORE with X509_STORE_get0_objects, but reading the result requires a lock. See https://github.com/openssl/openssl/pull/23224 for details. Instead, use X509_STORE_get1_objects, newly added in that PR. X509_STORE_get1_objects does not exist in current OpenSSLs, but we can polyfill it with X509_STORE_lock and X509_STORE_unlock. * Work around const-correctness problem * Add missing X509_STORE_get1_objects failure check * Add blurb (cherry picked from commit bce693111bff906ccf9281c22371331aaff766ab) Co-authored-by: David Benjamin <davidben@google.com>

Diffstat (limited to 'PCbuild')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: