diff --git a/python-2.7.9-sles-disable-verification-by-default.patch b/python-2.7.9-sles-disable-verification-by-default.patch new file mode 100644 index 0000000..9e58d33 --- /dev/null +++ b/python-2.7.9-sles-disable-verification-by-default.patch @@ -0,0 +1,14 @@ +Index: Python-2.7.9/Lib/ssl.py +=================================================================== +--- Python-2.7.9.orig/Lib/ssl.py 2015-05-14 15:02:05.872792333 +0200 ++++ Python-2.7.9/Lib/ssl.py 2015-05-14 15:23:27.874013424 +0200 +@@ -469,7 +469,8 @@ + return context + + # Used by http.client if no context is explicitly passed. +-_create_default_https_context = create_default_context ++# PATCH-SLE: still use unverified context. see PEP476 ++_create_default_https_context = _create_unverified_context + + + # Backwards compatibility alias, even though it's not a public name. diff --git a/python-base.spec b/python-base.spec index 9c82331..cc3290e 100644 --- a/python-base.spec +++ b/python-base.spec @@ -54,6 +54,8 @@ Patch31: python-2.7.7-mhlib-linkcount.patch Patch32: python-2.7-urllib2-localnet-ssl.patch # PATCH-FIX-UPSTREAM accept directory-based CA paths as well Patch33: python-2.7.9-ssl_ca_path.patch +# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients +Patch34: python-2.7.9-sles-disable-verification-by-default.patch # COMMON-PATCH-END %define python_version %(echo %{tarversion} | head -c 3) BuildRequires: automake @@ -144,6 +146,9 @@ other applications. %patch31 -p1 %patch32 -p1 %patch33 -p1 +%if %{suse_version} == 1315 +%patch34 -p1 +%endif # drop Autoconf version requirement sed -i 's/^version_required/dnl version_required/' configure.ac diff --git a/python-doc.spec b/python-doc.spec index b306f8a..e962be2 100644 --- a/python-doc.spec +++ b/python-doc.spec @@ -55,6 +55,8 @@ Patch31: python-2.7.7-mhlib-linkcount.patch Patch32: python-2.7-urllib2-localnet-ssl.patch # PATCH-FIX-UPSTREAM accept directory-based CA paths as well Patch33: python-2.7.9-ssl_ca_path.patch +# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients +Patch34: python-2.7.9-sles-disable-verification-by-default.patch # COMMON-PATCH-END Provides: pyth_doc Provides: pyth_ps @@ -99,6 +101,9 @@ Python, and Macintosh Module Reference in PDF format. %patch31 -p1 %patch32 -p1 %patch33 -p1 +%if %{suse_version} == 1315 +%patch34 -p1 +%endif # drop Autoconf version requirement sed -i 's/^version_required/dnl version_required/' configure.ac diff --git a/python.changes b/python.changes index 8619fd5..6d1b3b0 100644 --- a/python.changes +++ b/python.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu May 14 13:27:09 UTC 2015 - jmatejek@suse.com + +- for SLE 12 SP1, disable SSL verification-by-default for backwards + compatibility (python-2.7.9-sles-disable-verification-by-default.patch) + ------------------------------------------------------------------- Wed Feb 25 16:31:37 UTC 2015 - jmatejek@suse.com diff --git a/python.spec b/python.spec index f5e5efe..071757f 100644 --- a/python.spec +++ b/python.spec @@ -59,6 +59,8 @@ Patch31: python-2.7.7-mhlib-linkcount.patch Patch32: python-2.7-urllib2-localnet-ssl.patch # PATCH-FIX-UPSTREAM accept directory-based CA paths as well Patch33: python-2.7.9-ssl_ca_path.patch +# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients +Patch34: python-2.7.9-sles-disable-verification-by-default.patch # COMMON-PATCH-END BuildRequires: automake BuildRequires: db-devel @@ -179,6 +181,9 @@ implementation of the standard Unix DBM databases. %patch31 -p1 %patch32 -p1 %patch33 -p1 +%if %{suse_version} == 1315 +%patch34 -p1 +%endif # drop Autoconf version requirement sed -i 's/^version_required/dnl version_required/' configure.ac