From ea577ba09a59fa8a2f35a06383c7c0b2ac5d2c33 Mon Sep 17 00:00:00 2001 From: Tom White Date: Mon, 11 Oct 2021 14:24:57 +0100 Subject: [PATCH] Windows build failing with SSL error #733 --- conftest.py | 2 +- sgkit/__init__.py | 2 ++ sgkit/_windows_ssl_fix.py | 22 ++++++++++++++++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 sgkit/_windows_ssl_fix.py diff --git a/conftest.py b/conftest.py index a66061e87..89034558a 100644 --- a/conftest.py +++ b/conftest.py @@ -1,5 +1,5 @@ # Ignore VCF files during pytest collection, so it doesn't fail if cyvcf2 isn't installed. -collect_ignore_glob = ["sgkit/io/vcf/*.py", ".github/scripts/*.py"] +collect_ignore_glob = ["benchmarks/*.py", "sgkit/io/vcf/*.py", ".github/scripts/*.py"] def pytest_configure(config) -> None: # type: ignore diff --git a/sgkit/__init__.py b/sgkit/__init__.py index 6d19d9ccb..76269bd69 100644 --- a/sgkit/__init__.py +++ b/sgkit/__init__.py @@ -1,3 +1,5 @@ +import sgkit._windows_ssl_fix # noqa: F401 isort:skip # must be imported first to apply fix + from pkg_resources import DistributionNotFound, get_distribution from .display import display_genotypes diff --git a/sgkit/_windows_ssl_fix.py b/sgkit/_windows_ssl_fix.py new file mode 100644 index 000000000..331fc462e --- /dev/null +++ b/sgkit/_windows_ssl_fix.py @@ -0,0 +1,22 @@ +# Monkey patch https://github.com/pystatgen/sgkit/issues/733 +import ssl + + +def _ssl_load_windows_store_certs(self, storename, purpose): # type: ignore[no-untyped-def] # pragma: no cover + # Code adapted from _load_windows_store_certs in https://github.com/python/cpython/blob/main/Lib/ssl.py + try: + certs = [ + cert + for cert, encoding, trust in ssl.enum_certificates(storename) # type: ignore + if encoding == "x509_asn" and (trust is True or purpose.oid in trust) + ] + except PermissionError: + return + for cert in certs: + try: + self.load_verify_locations(cadata=cert) + except ssl.SSLError: + pass + + +ssl.SSLContext._load_windows_store_certs = _ssl_load_windows_store_certs # type: ignore