129 строки
4.9 KiB
Diff
129 строки
4.9 KiB
Diff
From c8704810b3e82a7d38bc0de7dd007b8755b83e39 Mon Sep 17 00:00:00 2001
|
|
From: Karolina Surma <ksurma@redhat.com>
|
|
Date: Mon, 14 Nov 2022 13:30:48 +0100
|
|
Subject: [PATCH] certifi-2022.9.24-use-system-cert
|
|
|
|
---
|
|
certifi/core.py | 105 +++---------------------------------------------
|
|
1 file changed, 6 insertions(+), 99 deletions(-)
|
|
|
|
diff --git a/certifi/core.py b/certifi/core.py
|
|
index de02898..207116f 100644
|
|
--- a/certifi/core.py
|
|
+++ b/certifi/core.py
|
|
@@ -4,105 +4,12 @@ certifi.py
|
|
|
|
This module returns the installation location of cacert.pem or its contents.
|
|
"""
|
|
-import sys
|
|
|
|
+# The RPM-packaged certifi always uses the system certificates
|
|
+def where() -> str:
|
|
+ return '/etc/pki/tls/certs/ca-bundle.crt'
|
|
|
|
-if sys.version_info >= (3, 11):
|
|
+def contents() -> str:
|
|
+ with open(where(), encoding='utf=8') as data:
|
|
+ return data.read()
|
|
|
|
- from importlib.resources import as_file, files
|
|
-
|
|
- _CACERT_CTX = None
|
|
- _CACERT_PATH = None
|
|
-
|
|
- def where() -> str:
|
|
- # This is slightly terrible, but we want to delay extracting the file
|
|
- # in cases where we're inside of a zipimport situation until someone
|
|
- # actually calls where(), but we don't want to re-extract the file
|
|
- # on every call of where(), so we'll do it once then store it in a
|
|
- # global variable.
|
|
- global _CACERT_CTX
|
|
- global _CACERT_PATH
|
|
- if _CACERT_PATH is None:
|
|
- # This is slightly janky, the importlib.resources API wants you to
|
|
- # manage the cleanup of this file, so it doesn't actually return a
|
|
- # path, it returns a context manager that will give you the path
|
|
- # when you enter it and will do any cleanup when you leave it. In
|
|
- # the common case of not needing a temporary file, it will just
|
|
- # return the file system location and the __exit__() is a no-op.
|
|
- #
|
|
- # We also have to hold onto the actual context manager, because
|
|
- # it will do the cleanup whenever it gets garbage collected, so
|
|
- # we will also store that at the global level as well.
|
|
- _CACERT_CTX = as_file(files("certifi").joinpath("cacert.pem"))
|
|
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
|
|
-
|
|
- return _CACERT_PATH
|
|
-
|
|
- def contents() -> str:
|
|
- return files("certifi").joinpath("cacert.pem").read_text(encoding="ascii")
|
|
-
|
|
-elif sys.version_info >= (3, 7):
|
|
-
|
|
- from importlib.resources import path as get_path, read_text
|
|
-
|
|
- _CACERT_CTX = None
|
|
- _CACERT_PATH = None
|
|
-
|
|
- def where() -> str:
|
|
- # This is slightly terrible, but we want to delay extracting the
|
|
- # file in cases where we're inside of a zipimport situation until
|
|
- # someone actually calls where(), but we don't want to re-extract
|
|
- # the file on every call of where(), so we'll do it once then store
|
|
- # it in a global variable.
|
|
- global _CACERT_CTX
|
|
- global _CACERT_PATH
|
|
- if _CACERT_PATH is None:
|
|
- # This is slightly janky, the importlib.resources API wants you
|
|
- # to manage the cleanup of this file, so it doesn't actually
|
|
- # return a path, it returns a context manager that will give
|
|
- # you the path when you enter it and will do any cleanup when
|
|
- # you leave it. In the common case of not needing a temporary
|
|
- # file, it will just return the file system location and the
|
|
- # __exit__() is a no-op.
|
|
- #
|
|
- # We also have to hold onto the actual context manager, because
|
|
- # it will do the cleanup whenever it gets garbage collected, so
|
|
- # we will also store that at the global level as well.
|
|
- _CACERT_CTX = get_path("certifi", "cacert.pem")
|
|
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
|
|
-
|
|
- return _CACERT_PATH
|
|
-
|
|
- def contents() -> str:
|
|
- return read_text("certifi", "cacert.pem", encoding="ascii")
|
|
-
|
|
-else:
|
|
- import os
|
|
- import types
|
|
- from typing import Union
|
|
-
|
|
- Package = Union[types.ModuleType, str]
|
|
- Resource = Union[str, "os.PathLike"]
|
|
-
|
|
- # This fallback will work for Python versions prior to 3.7 that lack the
|
|
- # importlib.resources module but relies on the existing `where` function
|
|
- # so won't address issues with environments like PyOxidizer that don't set
|
|
- # __file__ on modules.
|
|
- def read_text(
|
|
- package: Package,
|
|
- resource: Resource,
|
|
- encoding: str = 'utf-8',
|
|
- errors: str = 'strict'
|
|
- ) -> str:
|
|
- with open(where(), encoding=encoding) as data:
|
|
- return data.read()
|
|
-
|
|
- # If we don't have importlib.resources, then we will just do the old logic
|
|
- # of assuming we're on the filesystem and munge the path directly.
|
|
- def where() -> str:
|
|
- f = os.path.dirname(__file__)
|
|
-
|
|
- return os.path.join(f, "cacert.pem")
|
|
-
|
|
- def contents() -> str:
|
|
- return read_text("certifi", "cacert.pem", encoding="ascii")
|
|
--
|
|
2.37.3
|
|
|