diff --git a/python-requests.changes b/python-requests.changes index 2fa3b55..e42c6f7 100644 --- a/python-requests.changes +++ b/python-requests.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Sun May 20 17:44:57 UTC 2012 - jfunk@funktronics.ca + +- Load directory-based cert store in openSUSE >= 12.2 + ------------------------------------------------------------------- Fri May 18 00:41:52 UTC 2012 - jfunk@funktronics.ca diff --git a/python-requests.spec b/python-requests.spec index 9ec3b5f..3636843 100644 --- a/python-requests.spec +++ b/python-requests.spec @@ -25,6 +25,8 @@ Summary: Awesome Python HTTP Library That's Actually Usable License: ISC Group: Development/Languages/Python Source: http://pypi.python.org/packages/source/r/requests/requests-%{version}.tar.gz +# PATCH-FIX-OPENSUSE requests-use_directory_cert_store.patch [bnc#761501] -- Load directory-based cert store in /etc/ssl/certs. Depends on Python patched to allow it +Patch0: requests-use_directory_cert_store.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: python BuildRequires: python-devel @@ -32,9 +34,12 @@ BuildRequires: python-distribute BuildRequires: python-chardet BuildRequires: python-oauthlib Requires: python -Requires: python-certifi Requires: python-chardet Requires: python-oauthlib +%if 0%{?suse_version} && 0%{?suse_version} < 1220 +BuildRequires: python-certifi +Requires: python-certifi +%endif %if 0%{?suse_version} && 0%{?suse_version} <= 1110 %{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} %else @@ -67,6 +72,9 @@ Features: %prep %setup -q -n requests-%{version} +%if 0%{?suse_version} && 0%{?suse_version} < 1220 +%patch0 -p1 +%endif %build python setup.py build diff --git a/requests-use_directory_cert_store.patch b/requests-use_directory_cert_store.patch new file mode 100644 index 0000000..3dcf2d9 --- /dev/null +++ b/requests-use_directory_cert_store.patch @@ -0,0 +1,44 @@ +Index: requests-0.12.1/requests/utils.py +=================================================================== +--- requests-0.12.1.orig/requests/utils.py ++++ requests-0.12.1/requests/utils.py +@@ -14,6 +14,9 @@ import codecs + import os + import random + import re ++import socket ++import ssl ++import _ssl + import zlib + from netrc import netrc, NetrcParseError + +@@ -51,9 +54,13 @@ def get_os_ca_bundle_path(): + return path + return None + +-# if certifi is installed, use its CA bundle; +-# otherwise, try and use the OS bundle +-DEFAULT_CA_BUNDLE_PATH = CERTIFI_BUNDLE_PATH or get_os_ca_bundle_path() ++# If SSL module can load a directory-based store, use that ++try: ++ _ssl.sslwrap(socket.socket()._sock, False, None, None, ssl.CERT_REQUIRED, ssl.PROTOCOL_SSLv23, "/etc/ssl/certs", None) ++except ssl.SSLError: ++ # if certifi is installed, use its CA bundle; ++ # otherwise, try and use the OS bundle ++ DEFAULT_CA_BUNDLE_PATH = CERTIFI_BUNDLE_PATH or get_os_ca_bundle_path() + + def dict_to_sequence(d): + """Returns an internal sequence dictionary update.""" +Index: requests-0.12.1/setup.py +=================================================================== +--- requests-0.12.1.orig/setup.py ++++ requests-0.12.1/setup.py +@@ -34,7 +34,7 @@ packages = [ + # On certain supported platforms (e.g., Red Hat / Debian / FreeBSD), Requests can + # use the system CA bundle instead; see `requests.utils` for details. + # If your platform is supported, set `requires` to [] instead: +-requires = ['certifi>=0.0.7'] ++requires = [] + + # chardet is used to optimally guess the encodings of pages that don't declare one. + # At this time, chardet is not a required dependency. However, it's sufficiently