2022-12-17 10:02:37 +00:00
|
|
|
diff --git a/certifi/core.py b/certifi/core.py
|
2024-04-21 15:54:59 +00:00
|
|
|
index 91f538b..1110ce0 100644
|
2022-12-17 10:02:37 +00:00
|
|
|
--- a/certifi/core.py
|
|
|
|
+++ b/certifi/core.py
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -4,6 +4,7 @@ certifi.py
|
2022-12-17 10:02:37 +00:00
|
|
|
|
|
|
|
This module returns the installation location of cacert.pem or its contents.
|
|
|
|
"""
|
|
|
|
+import os
|
|
|
|
import sys
|
2024-04-21 15:54:59 +00:00
|
|
|
import atexit
|
|
|
|
|
|
|
|
@@ -11,12 +12,21 @@ def exit_cacert_ctx() -> None:
|
|
|
|
_CACERT_CTX.__exit__(None, None, None) # type: ignore[union-attr]
|
2022-12-17 10:02:37 +00:00
|
|
|
|
|
|
|
|
|
|
|
+def get_cacert_path_from_environ():
|
|
|
|
+ path = os.environ.get("NIX_SSL_CERT_FILE", None)
|
|
|
|
+
|
|
|
|
+ if path == "/no-cert-file.crt":
|
|
|
|
+ return None
|
|
|
|
+
|
|
|
|
+ return path
|
|
|
|
+
|
|
|
|
+
|
|
|
|
if sys.version_info >= (3, 11):
|
|
|
|
|
|
|
|
from importlib.resources import as_file, files
|
|
|
|
|
|
|
|
_CACERT_CTX = None
|
|
|
|
- _CACERT_PATH = None
|
|
|
|
+ _CACERT_PATH = get_cacert_path_from_environ()
|
|
|
|
|
|
|
|
def where() -> str:
|
|
|
|
# This is slightly terrible, but we want to delay extracting the file
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -44,6 +54,8 @@ if sys.version_info >= (3, 11):
|
2022-12-17 10:02:37 +00:00
|
|
|
return _CACERT_PATH
|
|
|
|
|
|
|
|
def contents() -> str:
|
|
|
|
+ if _CACERT_PATH is not None:
|
|
|
|
+ return open(_CACERT_PATH, encoding="utf-8").read()
|
2024-04-21 15:54:59 +00:00
|
|
|
return files("certifi").joinpath("cacert.pem").read_text(encoding="ascii")
|
2022-12-17 10:02:37 +00:00
|
|
|
|
|
|
|
elif sys.version_info >= (3, 7):
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -51,7 +63,7 @@ elif sys.version_info >= (3, 7):
|
2022-12-17 10:02:37 +00:00
|
|
|
from importlib.resources import path as get_path, read_text
|
|
|
|
|
|
|
|
_CACERT_CTX = None
|
|
|
|
- _CACERT_PATH = None
|
|
|
|
+ _CACERT_PATH = get_cacert_path_from_environ()
|
|
|
|
|
|
|
|
def where() -> str:
|
|
|
|
# This is slightly terrible, but we want to delay extracting the
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -80,7 +92,9 @@ elif sys.version_info >= (3, 7):
|
2022-12-17 10:02:37 +00:00
|
|
|
return _CACERT_PATH
|
|
|
|
|
|
|
|
def contents() -> str:
|
|
|
|
- return read_text("certifi", "cacert.pem", encoding="ascii")
|
|
|
|
+ if _CACERT_PATH is not None:
|
|
|
|
+ return open(_CACERT_PATH, encoding="utf-8").read()
|
|
|
|
+ return read_text("certifi", "cacert.pem", encoding="utf-8")
|
|
|
|
|
|
|
|
else:
|
|
|
|
import os
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -90,6 +104,8 @@ else:
|
2022-12-17 10:02:37 +00:00
|
|
|
Package = Union[types.ModuleType, str]
|
|
|
|
Resource = Union[str, "os.PathLike"]
|
|
|
|
|
|
|
|
+ _CACERT_PATH = get_cacert_path_from_environ()
|
|
|
|
+
|
|
|
|
# This fallback will work for Python versions prior to 3.7 that lack the
|
|
|
|
# importlib.resources module but relies on the existing `where` function
|
|
|
|
# so won't address issues with environments like PyOxidizer that don't set
|
2024-04-21 15:54:59 +00:00
|
|
|
@@ -108,7 +124,13 @@ else:
|
2022-12-17 10:02:37 +00:00
|
|
|
def where() -> str:
|
|
|
|
f = os.path.dirname(__file__)
|
|
|
|
|
|
|
|
+ if _CACERT_PATH is not None:
|
|
|
|
+ return _CACERT_PATH
|
|
|
|
+
|
|
|
|
return os.path.join(f, "cacert.pem")
|
|
|
|
|
|
|
|
def contents() -> str:
|
|
|
|
+ if _CACERT_PATH is not None:
|
|
|
|
+ with open(_CACERT_PATH, encoding="utf-8") as data:
|
|
|
|
+ return data.read()
|
2024-04-21 15:54:59 +00:00
|
|
|
return read_text("certifi", "cacert.pem", encoding="ascii")
|