From 4b55d710df35711746b755e43743c97679cec7a5 Mon Sep 17 00:00:00 2001 From: Sviatoslav Sydorenko Date: Tue, 5 Mar 2019 13:49:02 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=A8=20Wire=20up=20TLS=20cert=20option?= =?UTF-8?q?=20interfaces=20in=20settings?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Usage:: import pygit2 pygit2.settings.ssl_cert_file = '/path/to/file' pygit2.settings.ssl_cert_dir = '/path/to/folder' del pygit2.settings.ssl_cert_file pygit2.settings.set_ssl_cert_locations( '/path/to/new/file', '/path/to/new/folder', ) Co-authored-by: Sriram Raghu Closes #876 Superseeds and closes #879 --- pygit2/settings.py | 48 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/pygit2/settings.py b/pygit2/settings.py index 5bbe74189..5513ad90b 100644 --- a/pygit2/settings.py +++ b/pygit2/settings.py @@ -26,6 +26,8 @@ # Boston, MA 02110-1301, USA. """Settings mapping.""" +from ssl import get_default_verify_paths + from _pygit2 import option from _pygit2 import GIT_OPT_GET_SEARCH_PATH, GIT_OPT_SET_SEARCH_PATH from _pygit2 import GIT_OPT_GET_MWINDOW_SIZE, GIT_OPT_SET_MWINDOW_SIZE @@ -34,7 +36,7 @@ from _pygit2 import GIT_OPT_GET_CACHED_MEMORY from _pygit2 import GIT_OPT_ENABLE_CACHING from _pygit2 import GIT_OPT_SET_CACHE_MAX_SIZE - +from _pygit2 import GIT_OPT_SET_SSL_CERT_LOCATIONS __metaclass__ = type # make all classes new-style by default @@ -52,10 +54,17 @@ def __setitem__(self, key, value): class Settings: """Library-wide settings interface.""" - __slots__ = [] + __slots__ = 'default_tls_verify_paths', _search_path = SearchPathList() + def __init__(self): + self._default_tls_verify_paths = get_default_verify_paths() + self.set_ssl_cert_locations( + self._default_tls_verify_paths.cafile, + self._default_tls_verify_paths.capath, + ) + @property def search_path(self): """Configuration file search path. @@ -106,4 +115,39 @@ def cache_object_limit(self, object_type, value): """ return option(GIT_OPT_SET_CACHE_OBJECT_LIMIT, object_type, value) + @property + def ssl_cert_file(self): + """TLS certificate file path.""" + return self._ssl_cert_file + + @ssl_cert_file.setter + def ssl_cert_file(self, value): + """Set the TLS cert file path.""" + self.set_ssl_cert_locations(value, self._ssl_cert_dir) + + @ssl_cert_file.deleter + def ssl_cert_file(self): + """Reset the TLS cert file path.""" + self.ssl_cert_file = self._default_tls_verify_paths.cafile + @property + def ssl_cert_dir(self): + """TLS certificates lookup directory path.""" + return self._ssl_cert_dir + + @ssl_cert_dir.setter + def ssl_cert_dir(self, value): + """Set the TLS certificate lookup folder.""" + self.set_ssl_cert_locations(self._ssl_cert_file, value) + + @ssl_cert_dir.deleter + def ssl_cert_dir(self): + """Reset the TLS certificate lookup folder.""" + self.ssl_cert_dir = self._default_tls_verify_paths.capath + + def set_ssl_cert_locations(self, ssl_cert_file, ssl_cert_dir): + """Set both file path and lookup dir for TLS certs in libgit2. + """ + option(GIT_OPT_SET_SSL_CERT_LOCATIONS, ssl_cert_file, ssl_cert_dir) + self._ssl_cert_file = ssl_cert_file + self._ssl_cert_dir = ssl_cert_dir