Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

X509Store.add_cert no longer raises an error on duplicate cert #787

Merged
merged 2 commits into from Aug 23, 2018

Conversation

@reaperhulk
Copy link
Member

@reaperhulk reaperhulk commented Aug 23, 2018

OpenSSL 1.1.0i changed X509_STORE_add_cert such that it no longer raises an error if a duplicate cert is added. This patch makes it so we behave consistently (and do not error) on all versions.

code = _lib.ERR_get_error()
err_reason = _lib.ERR_GET_REASON(code)
_openssl_assert(
err_reason == _lib.X509_R_CERT_ALREADY_IN_HASH_TABLE

This comment has been minimized.

@alex

alex Aug 23, 2018
Member

Are there any other errors that can happen?

@reaperhulk reaperhulk force-pushed the reaperhulk:fix-110i branch from b4180ee to c048600 Aug 23, 2018
@@ -23,7 +23,8 @@ Deprecations:
Changes:
^^^^^^^^

*none*
- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.

This comment has been minimized.

@alex

alex Aug 23, 2018
Member

This should be in the backwards incompat section

@alex
alex approved these changes Aug 23, 2018
@alex alex merged commit 0e6c553 into pyca:master Aug 23, 2018
3 checks passed
3 checks passed
@codecov
codecov/patch 100% of diff hit (target 97.07%)
Details
@codecov
codecov/project 97.07% (+<.01%) compared to 178d04d
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@reaperhulk reaperhulk deleted the reaperhulk:fix-110i branch Aug 23, 2018
peterbe added a commit to peterbe/django-peterbecom that referenced this pull request Jan 22, 2019
This PR updates [pyOpenSSL](https://pypi.org/project/pyOpenSSL) from **18.0.0** to **19.0.0**.



<details>
  <summary>Changelog</summary>
  
  
   ### 19.0.0
   ```
   -------------------


Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.
  `787 &lt;https://github.com/pyca/pyopenssl/pull/787&gt;`_


Deprecations:
^^^^^^^^^^^^^

*none*


Changes:
^^^^^^^^

- pyOpenSSL now works with OpenSSL 1.1.1.
  `805 &lt;https://github.com/pyca/pyopenssl/pull/805&gt;`_
- pyOpenSSL now handles NUL bytes in ``X509Name.get_components()``
  `804 &lt;https://github.com/pyca/pyopenssl/pull/804&gt;`_



----
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pyopenssl
  - Changelog: https://pyup.io/changelogs/pyopenssl/
  - Homepage: https://pyopenssl.org/
  - Docs: https://pythonhosted.org/pyOpenSSL/
</details>
peterbe added a commit to mozilla-services/tecken that referenced this pull request Jan 22, 2019
This PR updates [pyOpenSSL](https://pypi.org/project/pyOpenSSL) from **18.0.0** to **19.0.0**.



<details>
  <summary>Changelog</summary>
  
  
   ### 19.0.0
   ```
   -------------------


Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.
  `787 &lt;https://github.com/pyca/pyopenssl/pull/787&gt;`_


Deprecations:
^^^^^^^^^^^^^

*none*


Changes:
^^^^^^^^

- pyOpenSSL now works with OpenSSL 1.1.1.
  `805 &lt;https://github.com/pyca/pyopenssl/pull/805&gt;`_
- pyOpenSSL now handles NUL bytes in ``X509Name.get_components()``
  `804 &lt;https://github.com/pyca/pyopenssl/pull/804&gt;`_



----
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pyopenssl
  - Changelog: https://pyup.io/changelogs/pyopenssl/
  - Homepage: https://pyopenssl.org/
  - Docs: https://pythonhosted.org/pyOpenSSL/
</details>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants