File httplib2-use-system-certs.patch of Package python-httplib2.12232
diff --git a/python2/httplib2/__init__.py b/python2/httplib2/__init__.py
index 32ec959..cf7f2f9 100644
--- a/python2/httplib2/__init__.py
+++ b/python2/httplib2/__init__.py
@@ -83,11 +83,20 @@ def _ssl_wrap_socket(sock, key_file, cert_file, disable_validation,
cert_reqs = ssl.CERT_NONE
else:
cert_reqs = ssl.CERT_REQUIRED
- if ssl_version is None:
- ssl_version = ssl.PROTOCOL_SSLv23
-
if hasattr(ssl, 'SSLContext'): # Python 2.7.9
- context = ssl.SSLContext(ssl_version)
+ cafile = ca_certs
+ capath = None
+ if cafile is not None and os.path.isdir(cafile):
+ cafile = None
+ capath = ca_certs
+
+ if ssl_version is None:
+ context = ssl.create_default_context(cafile=cafile, capath=capath)
+ if disable_validation:
+ context.check_hostname = False
+ else:
+ context = ssl.SSLContext(ssl_version)
+
context.verify_mode = cert_reqs
context.check_hostname = (cert_reqs != ssl.CERT_NONE)
if cert_file:
@@ -96,6 +105,9 @@ def _ssl_wrap_socket(sock, key_file, cert_file, disable_validation,
context.load_verify_locations(ca_certs)
return context.wrap_socket(sock, server_hostname=hostname)
else:
+ if ssl_version is None:
+ ssl_version = ssl.PROTOCOL_SSLv23
+
return ssl.wrap_socket(sock, keyfile=key_file, certfile=cert_file,
cert_reqs=cert_reqs, ca_certs=ca_certs,
ssl_version=ssl_version)
@@ -210,15 +222,8 @@ class NotRunningAppEngineEnvironment(HttpLib2Error): pass
# requesting that URI again.
DEFAULT_MAX_REDIRECTS = 5
-try:
- # Users can optionally provide a module that tells us where the CA_CERTS
- # are located.
- import ca_certs_locater
- CA_CERTS = ca_certs_locater.get()
-except ImportError:
- # Default CA certificates file bundled with httplib2.
- CA_CERTS = os.path.join(
- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt")
+# Default CA certificates file bundled with httplib2.
+CA_CERTS = None
# Which headers are hop-by-hop headers by default
HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
@@ -975,8 +980,6 @@ class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
cert_file=cert_file, strict=strict)
self.timeout = timeout
self.proxy_info = proxy_info
- if ca_certs is None:
- ca_certs = CA_CERTS
self.ca_certs = ca_certs
self.disable_ssl_certificate_validation = \
disable_ssl_certificate_validation
diff --git a/python3/httplib2/__init__.py b/python3/httplib2/__init__.py
index 0000ed9..40f4556 100644
--- a/python3/httplib2/__init__.py
+++ b/python3/httplib2/__init__.py
@@ -124,8 +124,7 @@ DEFAULT_MAX_REDIRECTS = 5
HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
# Default CA certificates file bundled with httplib2.
-CA_CERTS = os.path.join(
- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt")
+CA_CERTS = None
def _get_end2end_headers(response):
hopbyhop = list(HOP_BY_HOP)
@@ -838,16 +837,17 @@ class HTTPSConnectionWithTimeout(http.client.HTTPSConnection):
# TODO: implement proxy_info
self.proxy_info = proxy_info
context = None
- if ca_certs is None:
- ca_certs = CA_CERTS
- if (cert_file or ca_certs):
+ if True:
if not hasattr(ssl, 'SSLContext'):
raise CertificateValidationUnsupportedInPython31()
- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
- if disable_ssl_certificate_validation:
- context.verify_mode = ssl.CERT_NONE
- else:
- context.verify_mode = ssl.CERT_REQUIRED
+
+ cafile = ca_certs
+ capath = None
+ if cafile is not None and os.path.isdir(cafile):
+ cafile = None
+ capath = ca_certs
+
+ context = ssl.create_default_context(cafile=cafile, capath=capath)
if cert_file:
context.load_cert_chain(cert_file, key_file)
if ca_certs:
diff --git a/setup.py b/setup.py
index 9c8c86c..34ea20a 100755
--- a/setup.py
+++ b/setup.py
@@ -61,7 +61,6 @@ A comprehensive HTTP client library, ``httplib2`` supports many features left ou
""",
package_dir=pkgdir,
packages=['httplib2'],
- package_data={'httplib2': ['*.txt']},
classifiers=[
'Development Status :: 4 - Beta',
'Environment :: Web Environment',
