python/python-2.7.9-sles-disable-verification-by-default.patch

Index: Python-2.7.9/Lib/ssl.py
===================================================================
--- Python-2.7.9.orig/Lib/ssl.py	2015-08-12 15:53:27.419729448 +0200
+++ Python-2.7.9/Lib/ssl.py	2015-08-12 15:58:10.668465183 +0200
@@ -469,7 +469,18 @@
     return context
 
 # Used by http.client if no context is explicitly passed.
-_create_default_https_context = create_default_context
+try:
+    # load the TLS checks policy from separate package
+    import sle_tls_checks_policy as policy
+    if policy.get_policy:
+        _create_default_https_context = policy.get_policy()
+    else:
+        # empty policy file means simply enable strict verification
+        _create_default_https_context = create_default_context
+
+except ImportError:
+    # policy not present, disable verification for backwards compatibility
+    _create_default_https_context = _create_unverified_context
 
 
 # Backwards compatibility alias, even though it's not a public name.