From 89e6f2c4c43bb932c44fcd97fd7db45b1dce13fc Mon Sep 17 00:00:00 2001 From: Larry Hajali Date: Mon, 10 Feb 2014 16:17:10 +0100 Subject: python/httplib2: Added patches for ssl. Signed-off-by: Matteo Bernardini --- python/httplib2/README | 5 ++++ python/httplib2/httplib2.SlackBuild | 14 +++++++-- python/httplib2/ssl_hostname.diff | 21 ++++++++++++++ python/httplib2/use_system_cacerts.patch | 49 ++++++++++++++++++++++++++++++++ 4 files changed, 86 insertions(+), 3 deletions(-) create mode 100644 python/httplib2/ssl_hostname.diff create mode 100644 python/httplib2/use_system_cacerts.patch diff --git a/python/httplib2/README b/python/httplib2/README index ea01386167..dfd8ae4c85 100644 --- a/python/httplib2/README +++ b/python/httplib2/README @@ -2,3 +2,8 @@ httplib2 (python http library) A comprehensive HTTP client library that supports many features left out of other HTTP libraries. + +If you want to build this for use with Python 3.x (needs the optional +dependency python3) pass the script PYTHON3=yes, like + + PYTHON3=yes ./httplib2.SlackBuild diff --git a/python/httplib2/httplib2.SlackBuild b/python/httplib2/httplib2.SlackBuild index c4fc145f20..d9e910a83c 100644 --- a/python/httplib2/httplib2.SlackBuild +++ b/python/httplib2/httplib2.SlackBuild @@ -23,7 +23,7 @@ PRGNAM=httplib2 VERSION=${VERSION:-0.8} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -53,9 +53,12 @@ else LIBDIRSUFFIX="" fi +PYTHON=python +[ "${PYTHON3:-no}" = "yes" ] && PYTHON=python3 + DOCS="CHANGELOG README" -set -e +set -e rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT @@ -70,7 +73,12 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; -python setup.py install --root=$PKG +# Fix ssl hostname mismatch. +patch -p1 < $CWD/ssl_hostname.diff +# Use system ca-certificates.crt. +patch -p1 < $CWD/use_system_cacerts.patch + +$PYTHON setup.py install --root=$PKG find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true diff --git a/python/httplib2/ssl_hostname.diff b/python/httplib2/ssl_hostname.diff new file mode 100644 index 0000000000..964a1ec774 --- /dev/null +++ b/python/httplib2/ssl_hostname.diff @@ -0,0 +1,21 @@ +diff -r 93291649202b python2/httplib2/__init__.py +--- a/python2/httplib2/__init__.py Tue Mar 26 14:17:48 2013 -0400 ++++ b/python2/httplib2/__init__.py Tue Apr 23 10:32:15 2013 +0300 +@@ -1030,7 +1030,7 @@ + raise CertificateHostnameMismatch( + 'Server presented certificate that does not match ' + 'host %s: %s' % (hostname, cert), hostname, cert) +- except ssl_SSLError, e: ++ except (ssl_SSLError, CertificateHostnameMismatch), e: + if sock: + sock.close() + if self.sock: +@@ -1040,7 +1040,7 @@ + # to get at more detailed error information, in particular + # whether the error is due to certificate validation or + # something else (such as SSL protocol mismatch). +- if e.errno == ssl.SSL_ERROR_SSL: ++ if hasattr(e, 'errno') and e.errno == ssl.SSL_ERROR_SSL: + raise SSLHandshakeError(e) + else: + raise diff --git a/python/httplib2/use_system_cacerts.patch b/python/httplib2/use_system_cacerts.patch new file mode 100644 index 0000000000..d2def9dad8 --- /dev/null +++ b/python/httplib2/use_system_cacerts.patch @@ -0,0 +1,49 @@ +Description: Use system ca certificates, not the bundled ones +Author: Marc Deslauriers +Forwarded: not-needed +Bug-Ubuntu: https://launchpad.net/bugs/882027 + +Index: b/python2/httplib2/__init__.py +=================================================================== +--- a/python2/httplib2/__init__.py 2013-03-18 22:37:43.423868573 +0100 ++++ b/python2/httplib2/__init__.py 2013-03-18 22:37:43.419868572 +0100 +@@ -190,9 +190,8 @@ + import ca_certs_locater + CA_CERTS = ca_certs_locater.get() + except ImportError: +- # Default CA certificates file bundled with httplib2. +- CA_CERTS = os.path.join( +- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") ++ # Use system CA certificates ++ CA_CERTS = "/etc/ssl/certs/ca-certificates.crt" + + # Which headers are hop-by-hop headers by default + HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade'] +Index: b/python3/httplib2/__init__.py +=================================================================== +--- a/python3/httplib2/__init__.py 2013-03-18 22:37:43.423868573 +0100 ++++ b/python3/httplib2/__init__.py 2013-03-18 22:37:43.419868572 +0100 +@@ -123,9 +123,8 @@ + # Which headers are hop-by-hop headers by default + HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade'] + +-# Default CA certificates file bundled with httplib2. +-CA_CERTS = os.path.join( +- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") ++# Use system CA certificates ++CA_CERTS = "/etc/ssl/certs/ca-certificates.crt" + + def _get_end2end_headers(response): + hopbyhop = list(HOP_BY_HOP) +Index: b/setup.py +=================================================================== +--- a/setup.py 2013-03-18 22:37:43.423868573 +0100 ++++ b/setup.py 2013-03-18 22:37:43.419868572 +0100 +@@ -62,7 +62,6 @@ + """, + package_dir=pkgdir, + packages=['httplib2'], +- package_data={'httplib2': ['*.txt']}, + classifiers=[ + 'Development Status :: 4 - Beta', + 'Environment :: Web Environment', -- cgit v1.2.3