From 890709e6d236c402658140100c8b948806c3889ad3c3a689815a0b70e49c879e Mon Sep 17 00:00:00 2001 From: Alberto Planas Dominguez Date: Fri, 10 Jul 2015 12:18:52 +0000 Subject: [PATCH] Accepting request 315237 from home:lnussel:branches:devel:languages:python - update no-default-cacert.patch to not hardcode a ca cert location OBS-URL: https://build.opensuse.org/request/show/315237 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-requests?expand=0&rev=57 --- no-default-cacert.patch | 44 ++++++++++++++++++++++++++++++----------- python-requests.changes | 5 +++++ 2 files changed, 38 insertions(+), 11 deletions(-) diff --git a/no-default-cacert.patch b/no-default-cacert.patch index 9a1ce6f..7651e91 100644 --- a/no-default-cacert.patch +++ b/no-default-cacert.patch @@ -1,6 +1,8 @@ ---- a/requests/adapters.py -+++ b/requests/adapters.py -@@ -132,9 +132,6 @@ +Index: requests-2.6.0/requests/adapters.py +=================================================================== +--- requests-2.6.0.orig/requests/adapters.py ++++ requests-2.6.0/requests/adapters.py +@@ -177,9 +177,6 @@ class HTTPAdapter(BaseAdapter): if not cert_loc: cert_loc = DEFAULT_CA_BUNDLE_PATH @@ -10,20 +12,40 @@ conn.cert_reqs = 'CERT_REQUIRED' conn.ca_certs = cert_loc else: ---- a/requests/certs.py -+++ b/requests/certs.py -@@ -19,7 +19,7 @@ +Index: requests-2.6.0/requests/certs.py +=================================================================== +--- requests-2.6.0.orig/requests/certs.py ++++ requests-2.6.0/requests/certs.py +@@ -18,8 +18,9 @@ try: + except ImportError: def where(): """Return the preferred certificate bundle.""" - # vendored bundle inside Requests +- # vendored bundle inside Requests - return os.path.join(os.path.dirname(__file__), 'cacert.pem') -+ return '/etc/ssl/certs/' ++ # in openSUSE we rely on openssl's default instead of ++ # hardcoding stuff elsewhere ++ return None if __name__ == '__main__': print(where()) ---- a/MANIFEST.in -+++ b/MANIFEST.in +Index: requests-2.6.0/MANIFEST.in +=================================================================== +--- requests-2.6.0.orig/MANIFEST.in ++++ requests-2.6.0/MANIFEST.in @@ -1 +1 @@ -include README.rst LICENSE NOTICE HISTORY.rst test_requests.py requirements.txt requests/cacert.pem +include README.rst LICENSE NOTICE HISTORY.rst test_requests.py requirements.txt - +Index: requests-2.6.0/requests/packages/urllib3/util/ssl_.py +=================================================================== +--- requests-2.6.0.orig/requests/packages/urllib3/util/ssl_.py ++++ requests-2.6.0/requests/packages/urllib3/util/ssl_.py +@@ -259,6 +259,9 @@ def ssl_wrap_socket(sock, keyfile=None, + if e.errno == errno.ENOENT: + raise SSLError(e) + raise ++ elif cert_reqs != CERT_NONE: ++ context.set_default_verify_paths() ++ + if certfile: + context.load_cert_chain(certfile, keyfile) + if HAS_SNI: # Platform-specific: OpenSSL with enabled SNI diff --git a/python-requests.changes b/python-requests.changes index e3ff38c..b44ff80 100644 --- a/python-requests.changes +++ b/python-requests.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Jun 30 08:39:24 UTC 2015 - lnussel@suse.de + +- update no-default-cacert.patch to not hardcode a ca cert location + ------------------------------------------------------------------- Mon Apr 20 12:25:21 UTC 2015 - mcihar@suse.cz