From: Efraim Flashner <efraim@flashner.co.il>
To: 70179@debbugs.gnu.org
Cc: Efraim Flashner <efraim@flashner.co.il>
Subject: [bug#70179] [PATCH v2 1/3] gnu: python-certifi: Use system SSL certificates.
Date: Thu, 4 Apr 2024 08:56:44 +0300 [thread overview]
Message-ID: <aaf898f5494ec9206216be228b84712e459f074f.1712210069.git.efraim@flashner.co.il> (raw)
In-Reply-To: <cover.1712210069.git.efraim@flashner.co.il>
* gnu/packages/python-crypto.scm (python-certifi)[replacement]: New
field.
(python-certifi/fixed): Provide a python-certifi which only offers to
use the system's SSL certificates.
Change-Id: Ie1871be42988dff3cccfe24bca626149fee0f371
---
gnu/packages/python-crypto.scm | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index 3e1472a6c9..05b6c82fd9 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -469,6 +469,7 @@ (define-public python-certifi
(package
(name "python-certifi")
(version "2022.6.15")
+ (replacement python-certifi/fixed)
(source (origin
(method url-fetch)
(uri (pypi-uri "certifi" version))
@@ -484,6 +485,39 @@ (define-public python-certifi
is used by the Requests library to verify HTTPS requests.")
(license license:asl2.0)))
+(define python-certifi/fixed
+ (package
+ (inherit python-certifi)
+ (source (origin
+ (inherit (package-source python-certifi))
+ (snippet
+ #~(begin
+ (delete-file "certifi/cacert.pem")
+ (delete-file "certifi/core.py")
+ (with-output-to-file "certifi/core.py"
+ (lambda _
+ (display "\"\"\"
+certifi.py
+~~~~~~~~~~
+This module returns the installation location of SSL_CERT_FILE or
+/etc/ssl/certs/ca-certificates.crt, or its contents.
+\"\"\"
+import os
+
+_CA_CERTS = None
+
+try:
+ _CA_CERTS = os.environ [\"SSL_CERT_FILE\"]
+except:
+ _CA_CERTS = os.path.join(\"/etc\", \"ssl\", \"certs\", \"ca-certificates.crt\")
+
+def where() -> str:
+ return _CA_CERTS
+
+def contents() -> str:
+ with open(where(), \"r\", encoding=\"ascii\") as data:
+ return data.read()")))))))))
+
(define-public python-cryptography-vectors
(package
(name "python-cryptography-vectors")
--
Efraim Flashner <efraim@flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
next prev parent reply other threads:[~2024-04-04 5:58 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-04 5:55 [bug#70179] [PATCH 0/3] Use system nss-certs in Python Efraim Flashner
2024-04-04 5:56 ` Efraim Flashner [this message]
2024-04-04 5:56 ` [bug#70179] [PATCH v2 2/3] gnu: python-pip: Use system SSL certificates Efraim Flashner
2024-04-04 5:56 ` [bug#70179] [PATCH v2 3/3] gnu: python: " Efraim Flashner
2024-04-05 1:27 ` [bug#70179] [PATCH 0/3] Use system nss-certs in Python Lars-Dominik Braun
2024-04-07 12:06 ` bug#70179: " Efraim Flashner
2024-04-07 20:41 ` [bug#70179] " Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aaf898f5494ec9206216be228b84712e459f074f.1712210069.git.efraim@flashner.co.il \
--to=efraim@flashner.co.il \
--cc=70179@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).