From 6e28397b91d9a84ccc36f8fdb3499f747d50e3d9 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Sat, 26 Sep 2015 12:23:38 -0400 Subject: [PATCH] app-misc/ca-certificates: add python 3 support #548374 Patch taken from Debian bug report. --- .../ca-certificates-20150426.3.20.ebuild | 5 +- ...icates-20150426-nss-certdata2pem-py3.patch | 82 +++++++++++++++++++ 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 app-misc/ca-certificates/files/ca-certificates-20150426-nss-certdata2pem-py3.patch diff --git a/app-misc/ca-certificates/ca-certificates-20150426.3.20.ebuild b/app-misc/ca-certificates/ca-certificates-20150426.3.20.ebuild index 243150477ab9..c37ecde622b3 100644 --- a/app-misc/ca-certificates/ca-certificates-20150426.3.20.ebuild +++ b/app-misc/ca-certificates/ca-certificates-20150426.3.20.ebuild @@ -26,7 +26,7 @@ # https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=CA%20Certificates&version=trunk EAPI="4" -PYTHON_COMPAT=( python2_7 ) +PYTHON_COMPAT=( python{2_7,3_3,3_4} ) inherit eutils python-any-r1 @@ -123,6 +123,9 @@ src_prepare() { -e '/="$ROOT/s:ROOT/:ROOT'"${EPREFIX}"'/:' \ -e '/RELPATH="\.\./s:"$:'"${relp}"'":' \ usr/sbin/update-ca-certificates || die + + cd "${S}" + epatch "${FILESDIR}"/${PN}-20150426-nss-certdata2pem-py3.patch #548374 } src_compile() { diff --git a/app-misc/ca-certificates/files/ca-certificates-20150426-nss-certdata2pem-py3.patch b/app-misc/ca-certificates/files/ca-certificates-20150426-nss-certdata2pem-py3.patch new file mode 100644 index 000000000000..300ce479b227 --- /dev/null +++ b/app-misc/ca-certificates/files/ca-certificates-20150426-nss-certdata2pem-py3.patch @@ -0,0 +1,82 @@ +https://bugs.debian.org/789753 +https://bugs.gentoo.org/548374 + +--- a/ca-certificates/mozilla/certdata2pem.py ++++ b/ca-certificates/mozilla/certdata2pem.py +@@ -53,7 +53,7 @@ for line in open('certdata.txt', 'r'): + if type == 'MULTILINE_OCTAL': + line = line.strip() + for i in re.finditer(r'\\([0-3][0-7][0-7])', line): +- value += chr(int(i.group(1), 8)) ++ value.append(int(i.group(1), 8)) + else: + value += line + continue +@@ -70,13 +70,13 @@ for line in open('certdata.txt', 'r'): + field, type = line_parts + value = None + else: +- raise NotImplementedError, 'line_parts < 2 not supported.' ++ raise NotImplementedError('line_parts < 2 not supported.') + if type == 'MULTILINE_OCTAL': + in_multiline = True +- value = "" ++ value = bytearray() + continue + obj[field] = value +-if len(obj.items()) > 0: ++if len(obj) > 0: + objects.append(obj) + + # Read blacklist. +@@ -95,7 +95,7 @@ for obj in objects: + if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'): + continue + if obj['CKA_LABEL'] in blacklist: +- print "Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'] ++ print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL']) + elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR', + 'CKT_NSS_TRUSTED_DELEGATOR'): + trust[obj['CKA_LABEL']] = True +@@ -104,13 +104,13 @@ for obj in objects: + trust[obj['CKA_LABEL']] = True + elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED', + 'CKT_NSS_NOT_TRUSTED'): +- print '!'*74 +- print "UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'] +- print '!'*74 ++ print('!'*74) ++ print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL']) ++ print('!'*74) + else: +- print "Ignoring certificate %s. SAUTH=%s, EPROT=%s" % \ ++ print("Ignoring certificate %s. SAUTH=%s, EPROT=%s" % \ + (obj['CKA_LABEL'], obj['CKA_TRUST_SERVER_AUTH'], +- obj['CKA_TRUST_EMAIL_PROTECTION']) ++ obj['CKA_TRUST_EMAIL_PROTECTION'])) + + for obj in objects: + if obj['CKA_CLASS'] == 'CKO_CERTIFICATE': +@@ -121,13 +121,19 @@ for obj in objects: + .replace('(', '=')\ + .replace(')', '=')\ + .replace(',', '_') +- bname = bname.decode('string_escape') ++ ++ # this is the only way to decode the way NSS stores multi-byte UTF-8 ++ if bytes != str: ++ bname = bname.encode('utf-8') ++ bname = bname.decode('unicode_escape').encode('latin-1').decode('utf-8') + fname = bname + '.crt' ++ + if os.path.exists(fname): +- print "Found duplicate certificate name %s, renaming." % bname ++ print("Found duplicate certificate name %s, renaming." % bname) + fname = bname + '_2.crt' + f = open(fname, 'w') + f.write("-----BEGIN CERTIFICATE-----\n") +- f.write("\n".join(textwrap.wrap(base64.b64encode(obj['CKA_VALUE']), 64))) ++ encoded = base64.b64encode(obj['CKA_VALUE']).decode('utf-8') ++ f.write("\n".join(textwrap.wrap(encoded, 64))) + f.write("\n-----END CERTIFICATE-----\n") + -- 2.26.2