LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File python-2.7.13-sles-disable-verification-by-default.patch of Package python (Project home:jayvdb:python27-sle)

--- a/Lib/ssl.py	2017-09-01 23:14:38.000000000 +0700
+++ b/Lib/ssl.py	2017-10-09 18:25:01.016244307 +0700
@@ -509,7 +509,18 @@
             return _create_unverified_context
     return create_default_context
 
-_create_default_https_context = _get_https_context_factory()
+try:
+    # load the TLS checks policy from separate package
+    import sle_tls_checks_policy as policy
+    if policy.get_policy:
+        _create_default_https_context = policy.get_policy()
+    else:
+        # empty policy file means simply enable strict verification
+        _create_default_https_context = _get_https_context_factory()
+
+except ImportError:
+    # policy not present, disable verification for backwards compatibility
+    _create_default_https_context = _get_https_context_factory()
 
 # PEP 493: "private" API to configure HTTPS defaults without monkeypatching
 def _https_verify_certificates(enable=True):