- Load directory-based cert store in openSUSE >= 12.2

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-requests?expand=0&rev=18
2012-05-20 17:46:42 +00:00 · 2012-05-20 17:46:42 +00:00 · 83bc7fa8f8
commit 83bc7fa8f8
parent a21d8565dd
3 changed files with 58 additions and 1 deletions
--- a/python-requests.changes
+++ b/python-requests.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Sun May 20 17:44:57 UTC 2012 - jfunk@funktronics.ca
+
+- Load directory-based cert store in openSUSE >= 12.2
+
 -------------------------------------------------------------------
 Fri May 18 00:41:52 UTC 2012 - jfunk@funktronics.ca

--- a/python-requests.spec
+++ b/python-requests.spec
@ -25,6 +25,8 @@ Summary:        Awesome Python HTTP Library That's Actually Usable
 License:        ISC
 Group:          Development/Languages/Python
 Source:         http://pypi.python.org/packages/source/r/requests/requests-%{version}.tar.gz
+# PATCH-FIX-OPENSUSE requests-use_directory_cert_store.patch [bnc#761501] -- Load directory-based cert store in /etc/ssl/certs. Depends on Python patched to allow it
+Patch0:         requests-use_directory_cert_store.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  python
 BuildRequires:  python-devel
@ -32,9 +34,12 @@ BuildRequires:  python-distribute
 BuildRequires:  python-chardet
 BuildRequires:  python-oauthlib
 Requires:       python
-Requires:       python-certifi
 Requires:       python-chardet
 Requires:       python-oauthlib
+%if 0%{?suse_version} && 0%{?suse_version} < 1220
+BuildRequires:  python-certifi
+Requires:       python-certifi
+%endif
 %if 0%{?suse_version} && 0%{?suse_version} <= 1110
 %{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
 %else
@ -67,6 +72,9 @@ Features:

 %prep
 %setup -q -n requests-%{version}
+%if 0%{?suse_version} && 0%{?suse_version} < 1220
+%patch0 -p1
+%endif

 %build
 python setup.py build
--- a/requests-use_directory_cert_store.patch
+++ b/requests-use_directory_cert_store.patch
@ -0,0 +1,44 @@
+Index: requests-0.12.1/requests/utils.py
+===================================================================
+--- requests-0.12.1.orig/requests/utils.py
+++ requests-0.12.1/requests/utils.py
+@@ -14,6 +14,9 @@ import codecs
+ import os
+ import random
+ import re
+import socket
+import ssl
+import _ssl
+ import zlib
+ from netrc import netrc, NetrcParseError
+ 
+@@ -51,9 +54,13 @@ def get_os_ca_bundle_path():
+             return path
+     return None
+ 
+-# if certifi is installed, use its CA bundle;
+-# otherwise, try and use the OS bundle
+-DEFAULT_CA_BUNDLE_PATH = CERTIFI_BUNDLE_PATH or get_os_ca_bundle_path()
+# If SSL module can load a directory-based store, use that
+try:
+    _ssl.sslwrap(socket.socket()._sock, False, None, None, ssl.CERT_REQUIRED, ssl.PROTOCOL_SSLv23, "/etc/ssl/certs", None)
+except ssl.SSLError:
+    # if certifi is installed, use its CA bundle;
+    # otherwise, try and use the OS bundle
+    DEFAULT_CA_BUNDLE_PATH = CERTIFI_BUNDLE_PATH or get_os_ca_bundle_path()
+ 
+ def dict_to_sequence(d):
+     """Returns an internal sequence dictionary update."""
+Index: requests-0.12.1/setup.py
+===================================================================
+--- requests-0.12.1.orig/setup.py
+++ requests-0.12.1/setup.py
+@@ -34,7 +34,7 @@ packages = [
+ # On certain supported platforms (e.g., Red Hat / Debian / FreeBSD), Requests can
+ # use the system CA bundle instead; see `requests.utils` for details.
+ # If your platform is supported, set `requires` to [] instead:
+-requires = ['certifi>=0.0.7']
+requires = []
+ 
+ # chardet is used to optimally guess the encodings of pages that don't declare one.
+ # At this time, chardet is not a required dependency. However, it's sufficiently