From d020191ed985aabd3d3d4b11fa925877226ed789 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Tue, 28 Nov 2023 12:34:18 +0200 Subject: gnu: python-certifi: Use system SSL certificates. * gnu/packages/python-crypto.scm (python-certifi)[replacement]: New field. (python-certifi/fixed): Provide a python-certifi which only offers to use the system's SSL certificates. Change-Id: Ie1871be42988dff3cccfe24bca626149fee0f371 --- gnu/packages/python-crypto.scm | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'gnu') diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm index 3e1472a6c9..d25059c86b 100644 --- a/gnu/packages/python-crypto.scm +++ b/gnu/packages/python-crypto.scm @@ -469,6 +469,7 @@ for example, for recording or replaying web content.") (package (name "python-certifi") (version "2022.6.15") + (replacement python-certifi/fixed) (source (origin (method url-fetch) (uri (pypi-uri "certifi" version)) @@ -484,6 +485,41 @@ for example, for recording or replaying web content.") is used by the Requests library to verify HTTPS requests.") (license license:asl2.0))) +(define python-certifi/fixed + (package + (inherit python-certifi) + (source (origin + (inherit (package-source python-certifi)) + (snippet + #~(begin + (delete-file "certifi/cacert.pem") + (delete-file "certifi/core.py") + (with-output-to-file "certifi/core.py" + (lambda _ + (display "\"\"\" +certifi.py +~~~~~~~~~~ +This file is a Guix-specific version of core.py. + +This module returns the installation location of SSL_CERT_FILE or +/etc/ssl/certs/ca-certificates.crt, or its contents. +\"\"\" +import os + +_CA_CERTS = None + +try: + _CA_CERTS = os.environ [\"SSL_CERT_FILE\"] +except: + _CA_CERTS = os.path.join(\"/etc\", \"ssl\", \"certs\", \"ca-certificates.crt\") + +def where() -> str: + return _CA_CERTS + +def contents() -> str: + with open(where(), \"r\", encoding=\"ascii\") as data: + return data.read()"))))))))) + (define-public python-cryptography-vectors (package (name "python-cryptography-vectors") -- cgit v1.2.3