Replaced boto certificate

Removed check on certificate SHA1 in gsutil BUG=348233 Review URL: https://codereview.chromium.org/212553007 git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@260297 0039d316-1c4b-4281-b951-d872f2087c98

Replaced boto certificate
Removed check on certificate SHA1 in gsutil BUG=348233 Review URL: https://codereview.chromium.org/212553007 git-svn-id: svn://svn.chromium.org/chrome/trunk/tools/depot_tools@260297 0039d316-1c4b-4281-b951-d872f2087c98
0752f9bf · pgervais@chromium.org · 38a0f57c · 0752f9bf · 0752f9bf · 0752f9bf
Commit 0752f9bf authored Mar 28, 2014 by pgervais@chromium.org
4 changed files
--- a/third_party/boto/README.chromium
+++ b/third_party/boto/README.chromium
@@ -36,6 +36,8 @@ Modifications:
 * Removed boto/.travis.yml
 * Removed boto/Changelog.rst
 * Removed boto/MANIFEST.in
+* Replaced boto/cacerts/cacerts.txt by file from
+   https://pki.google.com/roots.pem
 * Moved boto down to be a first level directory
 Full license is in the LICENSE file.
--- a/third_party/boto/cacerts/cacerts.txt
+++ b/third_party/boto/cacerts/cacerts.txt
--- a/third_party/gsutil/README.chromium
+++ b/third_party/gsutil/README.chromium
@@ -14,7 +14,7 @@ Modifications:
 * Moved gsutil/boto as a depot_tools third_party lib
 * Moved gsutil/third_party into our own third_party directory
 * Append sys.path in gsutil/gsutil to find the moved third_party modules
-* Updated checksum ce71ac982f1148315e7fa65cff2f83e8 -> c9cffb512f467c0aa54880788b9ee6ca
+* Removed oauth2_client certificate SHA1 check
 * Removed code to remove http_proxy before boto.config invocation.
 * Added and imports gsutil/plugins/sso_auth.py to support prodaccess
  based authentication.

--- a/third_party/gsutil/oauth2_plugin/oauth2_client.py
+++ b/third_party/gsutil/oauth2_plugin/oauth2_client.py
@@ -65,9 +65,6 @@ LOG = logging.getLogger('oauth2_client')
 # operation doesn't attempt concurrent refreshes.
 token_exchange_lock = threading.Lock()
-# SHA1 sum of the CA certificates file imported from boto.
-CACERTS_FILE_SHA1SUM = 'ed024a78d9327f8669b3b117d9eac9e3c9460e9b'
 class Error(Exception):
  """Base exception for the OAuth2 module."""
  pass
@@ -298,15 +295,6 @@ class OAuth2Client(object):
        os.path.dirname(os.path.abspath(cacerts.__file__)), 'cacerts.txt')
    if url_opener is None:
-      # Check that the cert file distributed with boto has not been tampered
-      # with.
-      h = sha1()
-      h.update(file(self.ca_certs_file).read())
-      actual_sha1 = h.hexdigest()
-      if actual_sha1 != CACERTS_FILE_SHA1SUM:
-        raise Error(
-            'CA certificates file does not have expected SHA1 sum; '
-            'expected: %s, actual: %s' % (CACERTS_FILE_SHA1SUM, actual_sha1))
      # TODO(Google): set user agent?
      url_opener = urllib2.build_opener(
          fancy_urllib.FancyProxyHandler(),