kopia lustrzana https://github.com/espressif/esp-idf
Merge branch 'fix/idf_tools_certificate_v5.1' into 'release/v5.1'
Tools: Update the certificate of idf_tools.py (v5.1) See merge request espressif/esp-idf!23928pull/12369/head
Roland Dobai
commit
d4652daec6
|
|
@ -199,8 +199,8 @@ CURRENT_PLATFORM = Platforms.get(PYTHON_PLATFORM)
|
|||
EXPORT_SHELL = 'shell'
|
||||
EXPORT_KEY_VALUE = 'key-value'
|
||||
|
||||
# "DigiCert Global Root CA"
|
||||
DIGICERT_ROOT_CERT = u"""
|
||||
# the older "DigiCert Global Root CA" certificate used with github.com
|
||||
DIGICERT_ROOT_CA_CERT = """
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
|
||||
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
|
||||
|
|
@ -225,6 +225,35 @@ CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
|
|||
-----END CERTIFICATE-----
|
||||
"""
|
||||
|
||||
# the newer "DigiCert Global Root G2" certificate used with dl.espressif.com
|
||||
DIGICERT_ROOT_G2_CERT = """
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
|
||||
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
|
||||
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
|
||||
MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
|
||||
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
|
||||
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
|
||||
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
|
||||
2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
|
||||
1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
|
||||
q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
|
||||
tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
|
||||
vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
|
||||
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
|
||||
5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
|
||||
1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
|
||||
NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
|
||||
Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
|
||||
8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
|
||||
pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
|
||||
MrY=
|
||||
-----END CERTIFICATE-----
|
||||
"""
|
||||
|
||||
DL_CERT_DICT = {'dl.espressif.com': DIGICERT_ROOT_G2_CERT,
|
||||
'github.com': DIGICERT_ROOT_CA_CERT}
|
||||
|
||||
|
||||
global_quiet = False
|
||||
global_non_interactive = False
|
||||
|
|
@ -429,17 +458,15 @@ def download(url, destination): # type: (str, str) -> Optional[Exception]
|
|||
info(f'Downloading {url}')
|
||||
info(f'Destination: {destination}')
|
||||
try:
|
||||
ctx = None
|
||||
# For dl.espressif.com and github.com, add the DigiCert root certificate.
|
||||
# This works around the issue with outdated certificate stores in some installations.
|
||||
if 'dl.espressif.com' in url or 'github.com' in url:
|
||||
try:
|
||||
for site, cert in DL_CERT_DICT.items():
|
||||
# For dl.espressif.com and github.com, add the DigiCert root certificate.
|
||||
# This works around the issue with outdated certificate stores in some installations.
|
||||
if site in url:
|
||||
ctx = ssl.create_default_context()
|
||||
ctx.load_verify_locations(cadata=DIGICERT_ROOT_CERT)
|
||||
except AttributeError:
|
||||
# no ssl.create_default_context or load_verify_locations cadata argument
|
||||
# in Python <=2.7.8
|
||||
pass
|
||||
ctx.load_verify_locations(cadata=cert)
|
||||
break
|
||||
else:
|
||||
ctx = None
|
||||
|
||||
urlretrieve_ctx(url, destination, report_progress if not global_non_interactive else None, context=ctx)
|
||||
sys.stdout.write('\rDone\n')
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue