From 215f6e844805af939bb7803614965acb33025af9 Mon Sep 17 00:00:00 2001
From: Petteri Muilu <pmuilu@xena.(none)>
Date: Tue, 19 Jun 2012 15:56:41 +0300
Subject: [PATCH 1/2] always use DigiCert CA, never search and use system/curl
 certs.

---
 github2/request.py | 26 +++++---------------------
 1 file changed, 5 insertions(+), 21 deletions(-)

diff --git a/github2/request.py b/github2/request.py
index 1314c77..86d9658 100644
--- a/github2/request.py
+++ b/github2/request.py
@@ -64,27 +64,12 @@
 _HTTPLIB2_BUNDLE = path.realpath(path.dirname(httplib2.CA_CERTS))
 #: Whether github2 is using the system's certificates for SSL connections
 SYSTEM_CERTS = not _HTTPLIB2_BUNDLE.startswith(path.dirname(httplib2.__file__))
-CA_CERTS = None
 #: Whether github2 is using the cert's from the file given in $CURL_CA_BUNDLE
 CURL_CERTS = False
-if not SYSTEM_CERTS and sys.platform.startswith('linux'):
-    for cert_file in ['/etc/ssl/certs/ca-certificates.crt',
-                      '/etc/pki/tls/certs/ca-bundle.crt']:
-        if path.exists(cert_file):
-            CA_CERTS = cert_file
-            SYSTEM_CERTS = True
-            break
-elif not SYSTEM_CERTS and sys.platform.startswith('freebsd'):
-    if path.exists('/usr/local/share/certs/ca-root-nss.crt'):
-        CA_CERTS = '/usr/local/share/certs/ca-root-nss.crt'
-        SYSTEM_CERTS = True
-elif path.exists(getenv('CURL_CA_BUNDLE', '')):
-    CA_CERTS = getenv('CURL_CA_BUNDLE')
-    CURL_CERTS = True
-if not SYSTEM_CERTS and not CURL_CERTS:
-    CA_CERTS = path.join(path.dirname(path.abspath(__file__)),
-                         "DigiCert_High_Assurance_EV_Root_CA.crt")
+CA_CERTS = path.join(path.dirname(path.abspath(__file__)),
+			"DigiCert_High_Assurance_EV_Root_CA.crt")
 
+print CA_CERTS
 
 # Common missing entries from the HTTP status code dict, basically anything
 # GitHub reports that isn't basic HTTP/1.1.
@@ -172,12 +157,11 @@ def __init__(self, username=None, api_token=None, url_prefix=None,
                 "api_format": self.api_format,
             }
         if proxy_host is None:
-            self._http = httplib2.Http(cache=cache)
+            self._http = httplib2.Http(cache=cache, ca_certs=CA_CERTS)
         else:
             proxy_info = httplib2.ProxyInfo(httplib2.socks.PROXY_TYPE_HTTP,
                                             proxy_host, proxy_port)
-            self._http = httplib2.Http(proxy_info=proxy_info, cache=cache)
-        self._http.ca_certs = CA_CERTS
+            self._http = httplib2.Http(proxy_info=proxy_info, cache=cache, ca_certs=CA_CERTS)
         if SYSTEM_CERTS:
             LOGGER.info('Using system certificates in %r', CA_CERTS)
         elif CURL_CERTS:

From e79093619ff251b1b05b7aa932d941a20f8b181a Mon Sep 17 00:00:00 2001
From: Petteri Muilu <petteri@synble.com>
Date: Tue, 19 Jun 2012 16:06:44 +0300
Subject: [PATCH 2/2] removed print

---
 github2/request.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/github2/request.py b/github2/request.py
index 86d9658..ba1f289 100644
--- a/github2/request.py
+++ b/github2/request.py
@@ -69,8 +69,6 @@
 CA_CERTS = path.join(path.dirname(path.abspath(__file__)),
 			"DigiCert_High_Assurance_EV_Root_CA.crt")
 
-print CA_CERTS
-
 # Common missing entries from the HTTP status code dict, basically anything
 # GitHub reports that isn't basic HTTP/1.1.
 responses[422] = 'Unprocessable Entity'