diff options
| author | Peter Simons <simons@cryp.to> | 2017-02-09 15:11:34 +0100 |
|---|---|---|
| committer | Peter Simons <simons@cryp.to> | 2017-02-09 15:19:36 +0100 |
| commit | 768c970c8d339f76947976c31ad2c8723247a8f3 (patch) | |
| tree | 3f7caccef8f513b186d8d0120f0613dc4fdbfd25 | |
| parent | f800a4b1976e90f41e67eb3e7a89c25890ea7b11 (diff) | |
| download | nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar.gz nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar.bz2 nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar.lz nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar.xz nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.tar.zst nixpkgs-768c970c8d339f76947976c31ad2c8723247a8f3.zip | |
python-requests2: use system-wide CA bundle rather than our own
This allows the library to interact gracefully with additional certificates users might have configured in /etc/ssl/certs/ca-certificates.crt via NixOS.
| -rw-r--r-- | pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch | 43 | ||||
| -rw-r--r-- | pkgs/top-level/python-packages.nix | 4 |
2 files changed, 45 insertions, 2 deletions
diff --git a/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch b/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch new file mode 100644 index 00000000000..e27a7783955 --- /dev/null +++ b/pkgs/development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch @@ -0,0 +1,43 @@ +From f04105df552309880ede3176c48930762843ea8d Mon Sep 17 00:00:00 2001 +From: Peter Simons <simons@cryp.to> +Date: Thu, 9 Feb 2017 15:06:36 +0100 +Subject: [PATCH] requests/certs.py: use system-wide cert bundle from NixOS + rather than our own + +--- + requests/certs.py | 17 ++++------------- + 1 file changed, 4 insertions(+), 13 deletions(-) + +diff --git a/requests/certs.py b/requests/certs.py +index f922b99d..0209ecc2 100644 +--- a/requests/certs.py ++++ b/requests/certs.py +@@ -5,21 +5,12 @@ + requests.certs + ~~~~~~~~~~~~~~ + +-This module returns the preferred default CA certificate bundle. +- +-If you are packaging Requests, e.g., for a Linux distribution or a managed +-environment, you can change the definition of where() to return a separately +-packaged CA bundle. ++This module returns the preferred default CA certificate bundle (for NixOS). + """ +-import os.path + +-try: +- from certifi import where +-except ImportError: +- def where(): +- """Return the preferred certificate bundle.""" +- # vendored bundle inside Requests +- return os.path.join(os.path.dirname(__file__), 'cacert.pem') ++def where(): ++ """Return the preferred certificate bundle.""" ++ return "/etc/ssl/certs/ca-certificates.crt" + + if __name__ == '__main__': + print(where()) +-- +2.11.1 + diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index bafbb2441af..f0093ea3cd9 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -22082,7 +22082,6 @@ in { }; }; - requests = buildPythonPackage rec { name = "requests-1.2.3"; disabled = !pythonOlder "3.4"; @@ -22098,7 +22097,6 @@ in { }; }; - requests2 = buildPythonPackage rec { name = "requests-${version}"; version = "2.13.0"; @@ -22108,6 +22106,8 @@ in { sha256 = "5722cd09762faa01276230270ff16af7acf7c5c45d623868d9ba116f15791ce8"; }; + patches = [../development/python-modules/requests/0001-requests-certs.py-use-system-wide-cert-bundle-from-N.patch]; + nativeBuildInputs = [ self.pytest ]; # sadly, tests require networking doCheck = false; |