[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/

Sun, 05 Apr 2020 15:01:25 -0700 

commit:     7416f248eda0fcb889d78ab014391b6b1038547e
Author:     Sebastian Pipping <sping <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  5 21:58:24 2020 +0000
Commit:     Sebastian Pipping <sping <AT> gentoo <DOT> org>
CommitDate: Sun Apr  5 21:59:49 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7416f248

dev-python/certifi: 2020.4.5.1

Signed-off-by: Sebastian Pipping <sping <AT> gentoo.org>
Package-Manager: Portage-2.3.92, Repoman-2.3.20

 dev-python/certifi/Manifest                        |  1 +
 dev-python/certifi/certifi-2020.4.5.1.ebuild       | 43 ++++++++++++++++++++++
 .../certifi-2020.4.5.1-use-system-cacerts.patch    | 30 +++++++++++++++
 3 files changed, 74 insertions(+)

diff --git a/dev-python/certifi/Manifest b/dev-python/certifi/Manifest
index 05ee35f9d62..a94c533cbe9 100644
--- a/dev-python/certifi/Manifest
+++ b/dev-python/certifi/Manifest
@@ -1 +1,2 @@
 DIST certifi-2019.11.28.tar.gz 156407 BLAKE2B 
61fdee083aa1f5467bb4a6a65c9cdff2eb9e88261b4702f9d03b53abebb9f9815499a0cbcb53e983e81d5c54ed40e2ff7b351c19c90b2340373414e7e8afaea6
 SHA512 
6821444f02db0d9d03ab1891731178af1d7858df3c729f079147a9c588cf97a456e050da3421a0d2a3559145610826669034a8d46cd50b7c76e90249db1b09ad
+DIST certifi-2020.4.5.1.tar.gz 158038 BLAKE2B 
988b29097b869b43095363b6ca344e3ce6c895f699b9d8b2576cb7108c5e12ea8a485c5f1dbc3d304d4243bdb09bce231fae15eb6abe47eee30afc1dc4ab4075
 SHA512 
8b0312aba427c29f6ebaf8140493f9673043e3f76f9bb1002a8fbc7a943303effad15173805e276147548d0978630655763b9ea60410135ba08f413fa77a5738

diff --git a/dev-python/certifi/certifi-2020.4.5.1.ebuild 
b/dev-python/certifi/certifi-2020.4.5.1.ebuild
new file mode 100644
index 00000000000..7014988654a
--- /dev/null
+++ b/dev-python/certifi/certifi-2020.4.5.1.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python2_7 python3_{6,7,8} pypy3 )
+
+inherit distutils-r1 prefix readme.gentoo-r1
+
+DESCRIPTION="Python package for providing Mozilla's CA Bundle"
+HOMEPAGE="http://certifi.io/ https://pypi.org/project/certifi";
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="MPL-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv 
~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos 
~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris 
~x86-solaris"
+IUSE=""
+
+RDEPEND="app-misc/ca-certificates"
+DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
+
+# Do not drop this patch -- this will affect system's security
+PATCHES=( "${FILESDIR}"/${PN}-2020.4.5.1-use-system-cacerts.patch )
+
+python_prepare_all() {
+       distutils-r1_python_prepare_all
+
+       # Precaution -- nothing should use bundled CA certificates
+       rm certifi/cacert.pem || die "Failed to delete bundled CA certificates"
+
+       eprefixify certifi/core.py
+}
+
+python_install_all() {
+       distutils-r1_python_install_all
+
+       local DOC_CONTENTS="
+               In Gentoo, we don't use certifi's bundled CA certificates.
+               Instead we remove bundled cacert.pem and patch certifi
+               to return system's CA certificates.
+       "
+       readme.gentoo_create_doc
+}

diff --git 
a/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch 
b/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch
new file mode 100644
index 00000000000..692439a10ea
--- /dev/null
+++ b/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch
@@ -0,0 +1,30 @@
+From f07497e36ccc883626ae5cdfa7f81fcb3fc0d549 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebast...@pipping.org>
+Date: Sun, 5 Apr 2020 23:43:30 +0200
+Subject: [PATCH] Use system's CA certificate store
+
+---
+ certifi/core.py | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/certifi/core.py b/certifi/core.py
+index 56b52a3..467880f 100644
+--- a/certifi/core.py
++++ b/certifi/core.py
+@@ -21,10 +21,9 @@ except ImportError:
+ 
+ 
+ def where():
+-    f = os.path.dirname(__file__)
+-
+-    return os.path.join(f, "cacert.pem")
++    return "@GENTOO_PORTAGE_EPREFIX@/etc/ssl/certs/ca-certificates.crt"
+ 
+ 
+ def contents():
+-    return read_text("certifi", "cacert.pem", encoding="ascii")
++    with open(where(), "r", encoding="ascii") as f:
++        return f.read()
+-- 
+2.24.1
+

Reply via email to