Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: 94b1c249a1
Branches Tags
ydb
/
contrib
/
tools
/
python3
/
patches
/
embed-builtin-cadata.patch

embed-builtin-cadata.patch 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. commit f973b22a716935e4ceb507dd6738236570cd2b98
    2. 

  2. merge: d4c608daaa9086189bbbb3214113edddc2082069 02c93d0cdd494ecb2b95524fd0619931975fb0cb
    3. 

  3. author: orivej
    4. 

  4. date: 2019-07-03T18:34:12+03:00
    5. 

  5. revision: 5208986
    6. 

  6. 

  7.     Embed builtin_cadata() into ssl module. CONTRIB-1287
    8. 

  8.     
    9. 

  9.     Fixes using ssl from python started with Y_PYTHON_ENTRY_POINT=:main.
    10. 

  10.     
    11. 

  11.     REVIEW: 865741
    12. 

  12.     Note: mandatory check (NEED_CHECK) was skipped
    13. 

  13. 

  14. commit 4a060eba5386ec1fc4b7f2d0cafffff8832cae5f
    15. 

  15. merge: dc1ec05cf5f3db39c49ec0d03a06e14e330637f5 8277f2d7d63229e5c85ef55ba84285dd59576365
    16. 

  16. author: orivej
    17. 

  17. date: 2019-07-01T16:12:03+03:00
    18. 

  18. revision: 5191643
    19. 

  19. 

  20.     Load certs/cacert.pem into the default Python SSL context. CONTRIB-1287
    21. 

  21.     
    22. 

  22.     This allows to enable SSL verification in Python 2 by default.
    23. 

  23.     
    24. 

  24.     REVIEW: 861704
    25. 

  25.     Note: mandatory check (NEED_CHECK) was skipped
    26. 

  26. 

  27. --- contrib/tools/python3/Lib/ssl.py	(index)
    28. 

  28. +++ contrib/tools/python3/Lib/ssl.py	(working tree)
    29. 

  29. @@ -481,6 +481,20 @@ class Purpose(_ASN1Object, _Enum):
    30. 

  30.      CLIENT_AUTH = '1.3.6.1.5.5.7.3.2'
    31. 

  31.  
    32. 

  32.  
    33. 

  33. +_builtin_cadata = None
    34. 

  34. +
    35. 

  35. +
    36. 

  36. +def builtin_cadata():
    37. 

  37. +    global _builtin_cadata
    38. 

  38. +    if _builtin_cadata is None:
    39. 

  39. +        import __res
    40. 

  40. +        data = __res.find(b'/builtin/cacert')
    41. 

  41. +        # load_verify_locations expects PEM cadata to be an ASCII-only unicode
    42. 

  42. +        # object, so we discard unicode in comments.
    43. 

  43. +        _builtin_cadata = data.decode('ASCII', errors='ignore')
    44. 

  44. +    return _builtin_cadata
    45. 

  45. +
    46. 

  46. +
    47. 

  47.  class SSLContext(_SSLContext):
    48. 

  48.      """An SSLContext holds various SSL-related configuration options and
    49. 

  49.      data, such as certificates and possibly a private key."""
    50. 

  50. @@ -591,6 +605,9 @@ class SSLContext(_SSLContext):
    51. 

  51.      def load_default_certs(self, purpose=Purpose.SERVER_AUTH):
    52. 

  52.          if not isinstance(purpose, _ASN1Object):
    53. 

  53.              raise TypeError(purpose)
    54. 

  54. +
    55. 

  55. +        self.load_verify_locations(cadata=builtin_cadata())
    56. 

  56. +
    57. 

  57.          if sys.platform == "win32":
    58. 

  58.              for storename in self._windows_cert_stores:
    59. 

  59.                  self._load_windows_store_certs(storename, purpose)
    60.