Imported Upstream version 0.11.2

1 files changed, 53 insertions, 20 deletions

diff --git a/requests/utils.py b/requests/utils.py
index b722d99..925547a 100644
--- a/requests/utils.py
+++ b/requests/utils.py
@@ -21,9 +21,36 @@ from .compat import parse_http_list as _parse_list_header
 from .compat import quote, cookielib, SimpleCookie, is_py2, urlparse
 from .compat import basestring, bytes, str
 
+CERTIFI_BUNDLE_PATH = None
+try:
+    # see if requests's own CA certificate bundle is installed
+    import certifi
+    CERTIFI_BUNDLE_PATH = certifi.where()
+except ImportError:
+    pass
 
 NETRC_FILES = ('.netrc', '_netrc')
 
+# common paths for the OS's CA certificate bundle
+POSSIBLE_CA_BUNDLE_PATHS = [
+        # Red Hat, CentOS, Fedora and friends (provided by the ca-certificates package):
+        '/etc/pki/tls/certs/ca-bundle.crt',
+        # Ubuntu, Debian, and friends (provided by the ca-certificates package):
+        '/etc/ssl/certs/ca-certificates.crt',
+        # FreeBSD (provided by the ca_root_nss package):
+        '/usr/local/share/certs/ca-root-nss.crt',
+]
+
+def get_os_ca_bundle_path():
+    """Try to pick an available CA certificate bundle provided by the OS."""
+    for path in POSSIBLE_CA_BUNDLE_PATHS:
+        if os.path.exists(path):
+            return path
+    return None
+
+# if certifi is installed, use its CA bundle;
+# otherwise, try and use the OS bundle
+DEFAULT_CA_BUNDLE_PATH = CERTIFI_BUNDLE_PATH or get_os_ca_bundle_path()
 
 def dict_to_sequence(d):
     """Returns an internal sequence dictionary update."""
@@ -37,34 +64,40 @@ def dict_to_sequence(d):
 def get_netrc_auth(url):
     """Returns the Requests tuple auth for a given url from netrc."""
 
-    locations = (os.path.expanduser('~/{0}'.format(f)) for f in NETRC_FILES)
-    netrc_path = None
+    try:
+        locations = (os.path.expanduser('~/{0}'.format(f)) for f in NETRC_FILES)
+        netrc_path = None
 
-    for loc in locations:
-        if os.path.exists(loc) and not netrc_path:
-            netrc_path = loc
+        for loc in locations:
+            if os.path.exists(loc) and not netrc_path:
+                netrc_path = loc
 
-    # Abort early if there isn't one.
-    if netrc_path is None:
-        return netrc_path
+        # Abort early if there isn't one.
+        if netrc_path is None:
+            return netrc_path
 
-    ri = urlparse(url)
+        ri = urlparse(url)
 
-    # Strip port numbers from netloc
-    host = ri.netloc.split(':')[0]
+        # Strip port numbers from netloc
+        host = ri.netloc.split(':')[0]
 
-    try:
-        _netrc = netrc(netrc_path).authenticators(host)
-        if _netrc:
-            # Return with login / password
-            login_i = (0 if _netrc[0] else 1)
-            return (_netrc[login_i], _netrc[2])
-    except (NetrcParseError, IOError, AttributeError):
-        # If there was a parsing error or a permissions issue reading the file,
-        # we'll just skip netrc auth
+        try:
+            _netrc = netrc(netrc_path).authenticators(host)
+            if _netrc:
+                # Return with login / password
+                login_i = (0 if _netrc[0] else 1)
+                return (_netrc[login_i], _netrc[2])
+        except (NetrcParseError, IOError):
+            # If there was a parsing error or a permissions issue reading the file,
+            # we'll just skip netrc auth
+            pass
+
+    # AppEngine hackiness.
+    except AttributeError:
         pass
 
 
+
 def dict_from_string(s):
     """Returns a MultiDict with Cookies."""