New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

X509Store.add_cert no longer raises an error on duplicate cert #787

Merged
merged 2 commits into from Aug 23, 2018

Conversation

Projects
None yet
2 participants
@reaperhulk
Copy link
Member

reaperhulk commented Aug 23, 2018

OpenSSL 1.1.0i changed X509_STORE_add_cert such that it no longer raises an error if a duplicate cert is added. This patch makes it so we behave consistently (and do not error) on all versions.

code = _lib.ERR_get_error()
err_reason = _lib.ERR_GET_REASON(code)
_openssl_assert(
err_reason == _lib.X509_R_CERT_ALREADY_IN_HASH_TABLE

This comment has been minimized.

@alex

alex Aug 23, 2018

Member

Are there any other errors that can happen?

@reaperhulk reaperhulk force-pushed the reaperhulk:fix-110i branch from b4180ee to c048600 Aug 23, 2018

@@ -23,7 +23,8 @@ Deprecations:
Changes:
^^^^^^^^

*none*
- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.

This comment has been minimized.

@alex

alex Aug 23, 2018

Member

This should be in the backwards incompat section

@alex

alex approved these changes Aug 23, 2018

@alex alex merged commit 0e6c553 into pyca:master Aug 23, 2018

3 checks passed

codecov/patch 100% of diff hit (target 97.07%)
Details
codecov/project 97.07% (+<.01%) compared to 178d04d
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@reaperhulk reaperhulk deleted the reaperhulk:fix-110i branch Aug 23, 2018

peterbe added a commit to peterbe/django-peterbecom that referenced this pull request Jan 22, 2019

Update pyopenssl to 19.0.0 (#517)
This PR updates [pyOpenSSL](https://pypi.org/project/pyOpenSSL) from **18.0.0** to **19.0.0**.



<details>
  <summary>Changelog</summary>
  
  
   ### 19.0.0
   ```
   -------------------


Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.
  `787 &lt;https://github.com/pyca/pyopenssl/pull/787&gt;`_


Deprecations:
^^^^^^^^^^^^^

*none*


Changes:
^^^^^^^^

- pyOpenSSL now works with OpenSSL 1.1.1.
  `805 &lt;https://github.com/pyca/pyopenssl/pull/805&gt;`_
- pyOpenSSL now handles NUL bytes in ``X509Name.get_components()``
  `804 &lt;https://github.com/pyca/pyopenssl/pull/804&gt;`_



----
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pyopenssl
  - Changelog: https://pyup.io/changelogs/pyopenssl/
  - Homepage: https://pyopenssl.org/
  - Docs: https://pythonhosted.org/pyOpenSSL/
</details>

peterbe added a commit to mozilla-services/tecken that referenced this pull request Jan 22, 2019

Update pyopenssl to 19.0.0 (#1502)
This PR updates [pyOpenSSL](https://pypi.org/project/pyOpenSSL) from **18.0.0** to **19.0.0**.



<details>
  <summary>Changelog</summary>
  
  
   ### 19.0.0
   ```
   -------------------


Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.
  `787 &lt;https://github.com/pyca/pyopenssl/pull/787&gt;`_


Deprecations:
^^^^^^^^^^^^^

*none*


Changes:
^^^^^^^^

- pyOpenSSL now works with OpenSSL 1.1.1.
  `805 &lt;https://github.com/pyca/pyopenssl/pull/805&gt;`_
- pyOpenSSL now handles NUL bytes in ``X509Name.get_components()``
  `804 &lt;https://github.com/pyca/pyopenssl/pull/804&gt;`_



----
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pyopenssl
  - Changelog: https://pyup.io/changelogs/pyopenssl/
  - Homepage: https://pyopenssl.org/
  - Docs: https://pythonhosted.org/pyOpenSSL/
</details>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment