From 768c970c8d339f76947976c31ad2c8723247a8f3 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Thu, 9 Feb 2017 15:11:34 +0100 Subject: [PATCH] python-requests2: use system-wide CA bundle rather than our own This allows the library to interact gracefully with additional certificates users might have configured in /etc/ssl/certs/ca-certificates.crt via NixOS. --- ...y-use-system-wide-cert-bundle-from-N.patch | 43 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 4 +- 2 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch diff --git a/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch b/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch new file mode 100644 index 000000000000..e27a77839552 --- /dev/null +++ b/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch @@ -0,0 +1,43 @@ +From f04105df552309880ede3176c48930762843ea8d Mon Sep 17 00:00:00 2001 +From: Peter Simons +Date: Thu, 9 Feb 2017 15:06:36 +0100 +Subject: [PATCH] requests/certs.py: use system-wide cert bundle from NixOS + rather than our own + +--- + requests/certs.py | 17 ++++------------- + 1 file changed, 4 insertions(+), 13 deletions(-) + +diff --git a/requests/certs.py b/requests/certs.py +index f922b99d..0209ecc2 100644 +--- a/requests/certs.py ++++ b/requests/certs.py +@@ -5,21 +5,12 @@ + requests.certs + ~~~~~~~~~~~~~~ + +-This module returns the preferred default CA certificate bundle. +- +-If you are packaging Requests, e.g., for a Linux distribution or a managed +-environment, you can change the definition of where() to return a separately +-packaged CA bundle. ++This module returns the preferred default CA certificate bundle (for NixOS). + """ +-import os.path + +-try: +- from certifi import where +-except ImportError: +- def where(): +- """Return the preferred certificate bundle.""" +- # vendored bundle inside Requests +- return os.path.join(os.path.dirname(__file__), 'cacert.pem') ++def where(): ++ """Return the preferred certificate bundle.""" ++ return "/etc/ssl/certs/ca-certificates.crt" + + if __name__ == '__main__': + print(where()) +-- +2.11.1 + diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index bafbb2441afa..f0093ea3cd99 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -22082,7 +22082,6 @@ in { }; }; - requests = buildPythonPackage rec { name = "requests-1.2.3"; disabled = !pythonOlder "3.4"; @@ -22098,7 +22097,6 @@ in { }; }; - requests2 = buildPythonPackage rec { name = "requests-${version}"; version = "2.13.0"; @@ -22108,6 +22106,8 @@ in { sha256 = "5722cd09762faa01276230270ff16af7acf7c5c45d623868d9ba116f15791ce8"; }; + patches = [../development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch]; + nativeBuildInputs = [ self.pytest ]; # sadly, tests require networking doCheck = false;