Bug 1437593 - Vendor certifi 2018.1.18; r=ted

MozReview-Commit-ID: 6cx9clQiBa2

--HG--
extra : rebase_source : 2e0db7f745ca529ddf8ce8a3331d8dff2249f18a

third_party/python/certifi/LICENSE

@@ -0,0 +1,21 @@
+This packge contains a modified version of ca-bundle.crt:
+
+ca-bundle.crt -- Bundle of CA Root Certificates
+
+Certificate data from Mozilla as of: Thu Nov  3 19:04:19 2011#
+This is a bundle of X.509 certificates of public Certificate Authorities
+(CA). These were automatically extracted from Mozilla's root certificates
+file (certdata.txt).  This file can be found in the mozilla source tree:
+http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1#
+It contains the certificates in PEM format and therefore
+can be directly used with curl / libcurl / php_curl, or with
+an Apache+mod_ssl webserver for SSL client authentication.
+Just configure this file as the SSLCACertificateFile.#
+
+***** BEGIN LICENSE BLOCK *****
+This Source Code Form is subject to the terms of the Mozilla Public License,
+v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain
+one at http://mozilla.org/MPL/2.0/.
+
+***** END LICENSE BLOCK *****
+@(#) $RCSfile: certdata.txt,v $ $Revision: 1.80 $ $Date: 2011/11/03 15:11:58 $

third_party/python/certifi/MANIFEST.in

@@ -0,0 +1 @@
+include MANIFEST.in README.rst LICENSE certifi/cacert.pem

third_party/python/certifi/PKG-INFO

@@ -0,0 +1,69 @@
+Metadata-Version: 1.1
+Name: certifi
+Version: 2018.1.18
+Summary: Python package for providing Mozilla's CA Bundle.
+Home-page: http://certifi.io/
+Author: Kenneth Reitz
+Author-email: me@kennethreitz.com
+License: MPL-2.0
+Description: Certifi: Python SSL Certificates
+        ================================
+        
+        `Certifi`_ is a carefully curated collection of Root Certificates for
+        validating the trustworthiness of SSL certificates while verifying the identity
+        of TLS hosts. It has been extracted from the `Requests`_ project.
+        
+        Installation
+        ------------
+        
+        ``certifi`` is available on PyPI. Simply install it with ``pip``::
+        
+            $ pip install certifi
+        
+        Usage
+        -----
+        
+        To reference the installed certificate authority (CA) bundle, you can use the
+        built-in function::
+        
+            >>> import certifi
+        
+            >>> certifi.where()
+            '/usr/local/lib/python2.7/site-packages/certifi/cacert.pem'
+        
+        Enjoy!
+        
+        1024-bit Root Certificates
+        ~~~~~~~~~~~~~~~~~~~~~~~~~~
+        
+        Browsers and certificate authorities have concluded that 1024-bit keys are
+        unacceptably weak for certificates, particularly root certificates. For this
+        reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its
+        bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key)
+        certificate from the same CA. Because Mozilla removed these certificates from
+        its bundle, ``certifi`` removed them as well.
+        
+        In previous versions, ``certifi`` provided the ``certifi.old_where()`` function
+        to intentionally re-add the 1024-bit roots back into your bundle. This was not
+        recommended in production and therefore was removed. To assist in migrating old
+        code, the function ``certifi.old_where()`` continues to exist as an alias of
+        ``certifi.where()``. Please update your code to use ``certifi.where()``
+        instead. ``certifi.old_where()`` will be removed in 2018.
+        
+        .. _`Certifi`: http://certifi.io/en/latest/
+        .. _`Requests`: http://docs.python-requests.org/en/latest/
+        
+Platform: UNKNOWN
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)
+Classifier: Natural Language :: English
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 2
+Classifier: Programming Language :: Python :: 2.6
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.3
+Classifier: Programming Language :: Python :: 3.4
+Classifier: Programming Language :: Python :: 3.5
+Classifier: Programming Language :: Python :: 3.6

third_party/python/certifi/README.rst

@@ -0,0 +1,46 @@
+Certifi: Python SSL Certificates
+================================
+
+`Certifi`_ is a carefully curated collection of Root Certificates for
+validating the trustworthiness of SSL certificates while verifying the identity
+of TLS hosts. It has been extracted from the `Requests`_ project.
+
+Installation
+------------
+
+``certifi`` is available on PyPI. Simply install it with ``pip``::
+
+    $ pip install certifi
+
+Usage
+-----
+
+To reference the installed certificate authority (CA) bundle, you can use the
+built-in function::
+
+    >>> import certifi
+
+    >>> certifi.where()
+    '/usr/local/lib/python2.7/site-packages/certifi/cacert.pem'
+
+Enjoy!
+
+1024-bit Root Certificates
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Browsers and certificate authorities have concluded that 1024-bit keys are
+unacceptably weak for certificates, particularly root certificates. For this
+reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its
+bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key)
+certificate from the same CA. Because Mozilla removed these certificates from
+its bundle, ``certifi`` removed them as well.
+
+In previous versions, ``certifi`` provided the ``certifi.old_where()`` function
+to intentionally re-add the 1024-bit roots back into your bundle. This was not
+recommended in production and therefore was removed. To assist in migrating old
+code, the function ``certifi.old_where()`` continues to exist as an alias of
+``certifi.where()``. Please update your code to use ``certifi.where()``
+instead. ``certifi.old_where()`` will be removed in 2018.
+
+.. _`Certifi`: http://certifi.io/en/latest/
+.. _`Requests`: http://docs.python-requests.org/en/latest/

third_party/python/certifi/certifi/__init__.py

@@ -0,0 +1,3 @@
+from .core import where, old_where
+
+__version__ = "2018.01.18"

third_party/python/certifi/certifi/__main__.py

@@ -0,0 +1,2 @@
+from certifi import where
+print(where())

third_party/python/certifi/certifi/core.py

@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+certifi.py
+~~~~~~~~~~
+
+This module returns the installation location of cacert.pem.
+"""
+import os
+import warnings
+
+
+class DeprecatedBundleWarning(DeprecationWarning):
+    """
+    The weak security bundle is being deprecated. Please bother your service
+    provider to get them to stop using cross-signed roots.
+    """
+
+
+def where():
+    f = os.path.dirname(__file__)
+
+    return os.path.join(f, 'cacert.pem')
+
+
+def old_where():
+    warnings.warn(
+        "The weak security bundle has been removed. certifi.old_where() is now an alias "
+        "of certifi.where(). Please update your code to use certifi.where() instead. "
+        "certifi.old_where() will be removed in 2018.",
+        DeprecatedBundleWarning
+    )
+    return where()
+
+if __name__ == '__main__':
+    print(where())

third_party/python/certifi/setup.cfg

@@ -0,0 +1,11 @@
+[bdist_wheel]
+universal = 1
+
+[metadata]
+license_file = LICENSE
+
+[egg_info]
+tag_build = 
+tag_date = 0
+tag_svn_revision = 0
+

third_party/python/certifi/setup.py

@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+from __future__ import with_statement
+import re
+import os
+import sys
+
+# While I generally consider it an antipattern to try and support both
+# setuptools and distutils with a single setup.py, in this specific instance
+# where certifi is a dependency of setuptools, it can create a circular
+# dependency when projects attempt to unbundle stuff from setuptools and pip.
+# Though we don't really support that, it makes things easier if we do this and
+# should hopefully cause less issues for end users.
+try:
+    from setuptools import setup
+except ImportError:
+    from distutils.core import setup
+
+
+version_regex = r'__version__ = ["\']([^"\']*)["\']'
+with open('certifi/__init__.py', 'r') as f:
+    text = f.read()
+    match = re.search(version_regex, text)
+
+    if match:
+        VERSION = match.group(1)
+    else:
+        raise RuntimeError("No version number found!")
+
+if sys.argv[-1] == 'publish':
+    os.system('python setup.py sdist bdist_wheel upload')
+    sys.exit()
+
+required = []
+setup(
+    name='certifi',
+    version=VERSION,
+    description='Python package for providing Mozilla\'s CA Bundle.',
+    long_description=open('README.rst').read(),
+    author='Kenneth Reitz',
+    author_email='me@kennethreitz.com',
+    url='http://certifi.io/',
+    packages=[
+        'certifi',
+    ],
+    package_dir={'certifi': 'certifi'},
+    package_data={'certifi': ['*.pem']},
+    # data_files=[('certifi', ['certifi/cacert.pem'])],
+    include_package_data=True,
+    zip_safe=False,
+    license='MPL-2.0',
+    classifiers=(
+        'Development Status :: 5 - Production/Stable',
+        'Intended Audience :: Developers',
+        'License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)',
+        'Natural Language :: English',
+        'Programming Language :: Python',
+        'Programming Language :: Python :: 2',
+        'Programming Language :: Python :: 2.6',
+        'Programming Language :: Python :: 2.7',
+        'Programming Language :: Python :: 3',
+        'Programming Language :: Python :: 3.3',
+        'Programming Language :: Python :: 3.4',
+        'Programming Language :: Python :: 3.5',
+        'Programming Language :: Python :: 3.6',
+    ),
+)