File no-default-cacert.patch of Package python-requests
Index: requests-2.6.0/requests/adapters.py
===================================================================
--- requests-2.6.0.orig/requests/adapters.py
+++ requests-2.6.0/requests/adapters.py
@@ -177,9 +177,6 @@ class HTTPAdapter(BaseAdapter):
if not cert_loc:
cert_loc = DEFAULT_CA_BUNDLE_PATH
- if not cert_loc:
- raise Exception("Could not find a suitable SSL CA certificate bundle.")
-
conn.cert_reqs = 'CERT_REQUIRED'
conn.ca_certs = cert_loc
else:
Index: requests-2.6.0/requests/certs.py
===================================================================
--- requests-2.6.0.orig/requests/certs.py
+++ requests-2.6.0/requests/certs.py
@@ -18,8 +18,9 @@ try:
except ImportError:
def where():
"""Return the preferred certificate bundle."""
- # vendored bundle inside Requests
- return os.path.join(os.path.dirname(__file__), 'cacert.pem')
+ # in openSUSE we rely on openssl's default instead of
+ # hardcoding stuff elsewhere
+ return None
if __name__ == '__main__':
print(where())
Index: requests-2.6.0/MANIFEST.in
===================================================================
--- requests-2.6.0.orig/MANIFEST.in
+++ requests-2.6.0/MANIFEST.in
@@ -1 +1 @@
-include README.rst LICENSE NOTICE HISTORY.rst test_requests.py requirements.txt requests/cacert.pem
+include README.rst LICENSE NOTICE HISTORY.rst test_requests.py requirements.txt
Index: requests-2.6.0/requests/packages/urllib3/util/ssl_.py
===================================================================
--- requests-2.6.0.orig/requests/packages/urllib3/util/ssl_.py
+++ requests-2.6.0/requests/packages/urllib3/util/ssl_.py
@@ -259,6 +259,9 @@ def ssl_wrap_socket(sock, keyfile=None,
if e.errno == errno.ENOENT:
raise SSLError(e)
raise
+ elif cert_reqs != CERT_NONE:
+ context.set_default_verify_paths()
+
if certfile:
context.load_cert_chain(certfile, keyfile)
if HAS_SNI: # Platform-specific: OpenSSL with enabled SNI
