From 379c608ca8747713fbc50205e254662d3f39517e Mon Sep 17 00:00:00 2001 From: Thomas Deutschmann Date: Sun, 22 Apr 2018 22:47:03 +0200 Subject: dev-python/certifi: Bump to v2018.04.16 Ebuild changes: =============== - We no longer install bundled cacert.pem. Instead we refer to system's CA store. Closes: https://github.com/gentoo/gentoo/pull/8109 Closes: https://bugs.gentoo.org/627558 Package-Manager: Portage-2.3.31, Repoman-2.3.9 --- dev-python/certifi/Manifest | 1 + dev-python/certifi/certifi-2018.4.16.ebuild | 43 ++++++++++++++++++++++ .../certifi-2018.4.16-use-system-cacerts.patch | 15 ++++++++ 3 files changed, 59 insertions(+) create mode 100644 dev-python/certifi/certifi-2018.4.16.ebuild create mode 100644 dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch diff --git a/dev-python/certifi/Manifest b/dev-python/certifi/Manifest index a5b98f8228b1..45257b772d31 100644 --- a/dev-python/certifi/Manifest +++ b/dev-python/certifi/Manifest @@ -4,3 +4,4 @@ DIST certifi-2017.11.5.tar.gz 329246 BLAKE2B 9edb7053cff4bf689d18cc0c11f867cc320 DIST certifi-2017.4.17.tar.gz 373512 BLAKE2B 52c65b06183cf0b96551d9a600b452bbe7832d43935557b0f328b38f22266d35d6368ddc60fd8d88fa7a3350cedbcd5c4f1a95b431033282c978df61a054ed8f SHA512 0bd054bb2eaa8c196a94a0b7865d2488aea1fcb5e66ddc8c776c68cfa518a198a8c67bed5b485bf55db3f55d26c0ab2b4fc07839bb9175a50cb525e25d3869a5 DIST certifi-2017.7.27.1.tar.gz 348217 BLAKE2B 5c3531b0537df743010c5969c88fc40ebc3dce1e287527626f34cb5f59749d4818cfc807e90817ff20bcb005f5c80df30ff3fd770fe320fc6675f90f1e343237 SHA512 2873c17144e09ba506c62743efa4fda05350d48fcb19a1b8eb895829df2fa276eed86b31c9f7f18636f62ea5acb4bc6b9dee8b69ed8e0ccd1286ebfaa27d02a1 DIST certifi-2018.1.18.tar.gz 151258 BLAKE2B f3d324d728dbfa46b9473340c894faae381ad8f8d1ab17cf021b9b00bb893fc44c6ccd8fa69bd4d9bb7580cf3bb16c6d9c1c31e727290bc065cf0934e7d30122 SHA512 5a419fcd6ad2dc095e126bcff40127b4549cc0556e19157b142c6f27b284448eb3124fb92a72b147d6734d9f3ff212212dcbf364e127c2691ab94a9736cee032 +DIST certifi-2018.4.16.tar.gz 149967 BLAKE2B 4a69ec495266d54032dfabc9c17d0b1e78ad1467214f9f981feb4fae279c1f4b5f0bc3f7a643c2229b17d19e32c1ea894dc16d73b036a0b32f17faa9ac55615c SHA512 96369b318df9592ed4ff48d79ae695f89d27d85e8f5de72548fccb19ac15b83a33fb8bc096a3092d7a7f5b201af08805576888418c7927cf48b892df56464682 diff --git a/dev-python/certifi/certifi-2018.4.16.ebuild b/dev-python/certifi/certifi-2018.4.16.ebuild new file mode 100644 index 000000000000..bc9a884dd33c --- /dev/null +++ b/dev-python/certifi/certifi-2018.4.16.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 ) + +inherit distutils-r1 prefix readme.gentoo-r1 versionator + +DESCRIPTION="Python package for providing Mozilla's CA Bundle" +HOMEPAGE="http://certifi.io/ https://pypi.org/project/certifi" +SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" + +LICENSE="MPL-2.0" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="" + +RDEPEND="app-misc/ca-certificates" +DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" + +# Do not drop this patch -- this will affect system's security +PATCHES=( "${FILESDIR}"/certifi-2018.4.16-use-system-cacerts.patch ) + +python_prepare_all() { + distutils-r1_python_prepare_all + + eprefixify certifi/core.py +} + +python_install_all() { + distutils-r1_python_install_all + + local DOC_CONTENTS=" + In Gentoo, we don't use certifi's bundled CA certificates. + Instead we remove bundled cacert.pem and patch certifi + to return system's CA certificates. + " + readme.gentoo_create_doc + + # Precaution -- nothing should use bundled CA certificates + find "${D}" -name 'cacert.pem' -delete || die "Failed to delete bundled CA certificates" +} diff --git a/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch new file mode 100644 index 000000000000..009f21168c1e --- /dev/null +++ b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch @@ -0,0 +1,15 @@ +Use system's CA certificate store + +--- a/certifi/core.py ++++ b/certifi/core.py +@@ -19,9 +19,7 @@ class DeprecatedBundleWarning(DeprecationWarning): + + + def where(): +- f = os.path.dirname(__file__) +- +- return os.path.join(f, 'cacert.pem') ++ return "@GENTOO_PORTAGE_EPREFIX@/etc/ssl/certs/ca-certificates.crt" + + + def old_where(): -- cgit v1.2.3-65-gdbad