[bug#70179] [PATCH v2 1/3] gnu: python-certifi: Use system SSL certifica

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#70179] [PATCH v2 1/3] gnu: python-certifi: Use system SSL certifica

From:	Efraim Flashner
Subject:	[bug#70179] [PATCH v2 1/3] gnu: python-certifi: Use system SSL certificates.
Date:	Thu, 4 Apr 2024 08:56:44 +0300

* gnu/packages/python-crypto.scm (python-certifi)[replacement]: New
field.
(python-certifi/fixed): Provide a python-certifi which only offers to
use the system's SSL certificates.

Change-Id: Ie1871be42988dff3cccfe24bca626149fee0f371
---
 gnu/packages/python-crypto.scm | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index 3e1472a6c9..05b6c82fd9 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -469,6 +469,7 @@ (define-public python-certifi
   (package
     (name "python-certifi")
     (version "2022.6.15")
+    (replacement python-certifi/fixed)
     (source (origin
               (method url-fetch)
               (uri (pypi-uri "certifi" version))
@@ -484,6 +485,39 @@ (define-public python-certifi
 is used by the Requests library to verify HTTPS requests.")
     (license license:asl2.0)))
 
+(define python-certifi/fixed
+  (package
+    (inherit python-certifi)
+    (source (origin
+              (inherit (package-source python-certifi))
+              (snippet
+               #~(begin
+                   (delete-file "certifi/cacert.pem")
+                   (delete-file "certifi/core.py")
+                   (with-output-to-file "certifi/core.py"
+                     (lambda _
+                       (display "\"\"\"
+certifi.py
+~~~~~~~~~~
+This module returns the installation location of SSL_CERT_FILE or
+/etc/ssl/certs/ca-certificates.crt, or its contents.
+\"\"\"
+import os
+
+_CA_CERTS = None
+
+try:
+    _CA_CERTS = os.environ [\"SSL_CERT_FILE\"]
+except:
+    _CA_CERTS = os.path.join(\"/etc\", \"ssl\", \"certs\", 
\"ca-certificates.crt\")
+
+def where() -> str:
+    return _CA_CERTS
+
+def contents() -> str:
+    with open(where(), \"r\", encoding=\"ascii\") as data:
+        return data.read()")))))))))
+
 (define-public python-cryptography-vectors
   (package
     (name "python-cryptography-vectors")
-- 
Efraim Flashner   <efraim@flashner.co.il>   רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#70179] [PATCH 0/3] Use system nss-certs in Python., Efraim Flashner, 2024/04/04
- [bug#70179] [PATCH v2 1/3] gnu: python-certifi: Use system SSL certificates., Efraim Flashner <=
- [bug#70179] [PATCH v2 3/3] gnu: python: Use system SSL certificates., Efraim Flashner, 2024/04/04
- [bug#70179] [PATCH v2 2/3] gnu: python-pip: Use system SSL certificates., Efraim Flashner, 2024/04/04
- [bug#70179] [PATCH 0/3] Use system nss-certs in Python., Lars-Dominik Braun, 2024/04/04
  - bug#70179: [PATCH 0/3] Use system nss-certs in Python., Efraim Flashner, 2024/04/07
    - [bug#70179] [PATCH 0/3] Use system nss-certs in Python., Leo Famulari, 2024/04/07

Prev by Date: [bug#70179] [PATCH 0/3] Use system nss-certs in Python.
Next by Date: [bug#70179] [PATCH v2 3/3] gnu: python: Use system SSL certificates.
Previous by thread: [bug#70179] [PATCH 0/3] Use system nss-certs in Python.
Next by thread: [bug#70179] [PATCH v2 3/3] gnu: python: Use system SSL certificates.
Index(es):
- Date
- Thread