Revert "Add Python 3 support to ca-certificates."

This reverts commit a2fa9a13815894500e1e2d9ca3d52bfdd4f75b5a. Conflicts: debian/changelog
author: Michael Shuler <michael@pbandjelly.org> 2015-10-22 17:06:09 -0500
committer: Michael Shuler <michael@pbandjelly.org> 2015-10-22 17:06:09 -0500
commit: 9ec192590b11474ae96f9fedadbe585a5805adc3 (patch)
tree: 90f9d75f780f57d8dbbcac185ad6b739dea17e77
parent: b44346ada88584012929fb08e8d1222cc6a101c7 (diff)
download: ca-certificates-9ec192590b11474ae96f9fedadbe585a5805adc3.tar.gz
2 files changed, 17 insertions, 24 deletions
diff --git a/debian/changelog b/debian/changelog
index 6954898..a885578 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,13 +1,12 @@
-ca-certificates (20151022) UNRELEASED; urgency=medium
+ca-certificates (20150709) UNRELEASED; urgency=medium
 
   * debian/{compat,control}:
     Updated d/compat to version 9 and updated Build-Depends.
   * debian/postinst:
     Handle /usr/local/share/ca-certificates permissions and ownership on
     upgrade.  Closes: #611501
-  * mozilla/certdata2pem.py:
-    Add Python 3 support to ca-certificates.
-    Thanks to Andrew Wilcox for the patch!  Closes: #789753
+  * mozilla/{certdata.txt,nssckbi.h}:
+    Update Mozilla certificate authority bundle to version 2.5.
   * mozilla/{certdata.txt,nssckbi.h}:
     Update Mozilla certificate authority bundle to version 2.5.
     The following certificate authorities were added (+):
@@ -21,7 +20,7 @@ ca-certificates (20151022) UNRELEASED; urgency=medium
     - "TC TrustCenter Universal CA I"
     - "TURKTRUST Certificate Services Provider Root 1"
 
- -- Michael Shuler <michael@pbandjelly.org>  Thu, 22 Oct 2015 15:32:23 -0500
+ -- Michael Shuler <michael@pbandjelly.org>  Thu, 09 Jul 2015 16:02:11 -0500
 
 ca-certificates (20150426) unstable; urgency=medium
 
diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py
index ec48ab6..0482894 100644
--- a/mozilla/certdata2pem.py
+++ b/mozilla/certdata2pem.py
@@ -53,7 +53,7 @@ for line in open('certdata.txt', 'r'):
             if type == 'MULTILINE_OCTAL':
                 line = line.strip()
                 for i in re.finditer(r'\\([0-3][0-7][0-7])', line):
-                    value.append(int(i.group(1), 8))
+                    value += chr(int(i.group(1), 8))
             else:
                 value += line
             continue
@@ -70,13 +70,13 @@ for line in open('certdata.txt', 'r'):
         field, type = line_parts
         value = None
     else:
-        raise NotImplementedError('line_parts < 2 not supported.')
+        raise NotImplementedError, 'line_parts < 2 not supported.'
     if type == 'MULTILINE_OCTAL':
         in_multiline = True
-        value = bytearray()
+        value = ""
         continue
     obj[field] = value
-if len(obj) > 0:
+if len(obj.items()) > 0:
     objects.append(obj)
 
 # Read blacklist.
@@ -95,7 +95,7 @@ for obj in objects:
     if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'):
         continue
     if obj['CKA_LABEL'] in blacklist:
-        print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'])
+        print "Certificate %s blacklisted, ignoring." % obj['CKA_LABEL']
     elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR',
                                           'CKT_NSS_TRUSTED_DELEGATOR'):
         trust[obj['CKA_LABEL']] = True
@@ -104,13 +104,13 @@ for obj in objects:
         trust[obj['CKA_LABEL']] = True
     elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED',
                                           'CKT_NSS_NOT_TRUSTED'):
-        print('!'*74)
-        print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'])
-        print('!'*74)
+        print '!'*74
+        print "UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL']
+        print '!'*74
     else:
-        print("Ignoring certificate %s.  SAUTH=%s, EPROT=%s" % \
+        print "Ignoring certificate %s.  SAUTH=%s, EPROT=%s" % \
               (obj['CKA_LABEL'], obj['CKA_TRUST_SERVER_AUTH'],
-               obj['CKA_TRUST_EMAIL_PROTECTION']))
+               obj['CKA_TRUST_EMAIL_PROTECTION'])
 
 for obj in objects:
     if obj['CKA_CLASS'] == 'CKO_CERTIFICATE':
@@ -121,19 +121,13 @@ for obj in objects:
                                       .replace('(', '=')\
                                       .replace(')', '=')\
                                       .replace(',', '_')
-
-        # this is the only way to decode the way NSS stores multi-byte UTF-8
-        if bytes != str:
-            bname = bname.encode('utf-8')
-        bname = bname.decode('unicode_escape').encode('latin-1').decode('utf-8')
+        bname = bname.decode('string_escape')
         fname = bname + '.crt'
-
         if os.path.exists(fname):
-            print("Found duplicate certificate name %s, renaming." % bname)
+            print "Found duplicate certificate name %s, renaming." % bname
             fname = bname + '_2.crt'
         f = open(fname, 'w')
         f.write("-----BEGIN CERTIFICATE-----\n")
-        encoded = base64.b64encode(obj['CKA_VALUE']).decode('utf-8')
-        f.write("\n".join(textwrap.wrap(encoded, 64)))
+        f.write("\n".join(textwrap.wrap(base64.b64encode(obj['CKA_VALUE']), 64)))
         f.write("\n-----END CERTIFICATE-----\n")
author	Michael Shuler <michael@pbandjelly.org>	2015-10-22 17:06:09 -0500
committer	Michael Shuler <michael@pbandjelly.org>	2015-10-22 17:06:09 -0500
commit	9ec192590b11474ae96f9fedadbe585a5805adc3 (patch)
tree	90f9d75f780f57d8dbbcac185ad6b739dea17e77
parent	b44346ada88584012929fb08e8d1222cc6a101c7 (diff)
download	ca-certificates-9ec192590b11474ae96f9fedadbe585a5805adc3.tar.gz