security/py-truststore: Add py-truststore 0.7.0
Truststore is a library which exposes native system certificate stores (ie "trust stores") through an ssl.SSLContext-like API. This means that Python applications no longer need to rely on certifi as a root certificate store. Native system certificate stores have many helpful features compared to a static certificate bundle like certifi: - Automatically update certificates as new CAs are created and removed - Fetch missing intermediate certificates - Check certificates against certificate revocation lists (CRLs) to avoid monster-in-the-middle (MITM) attacks - Managed per-system rather than per-application by a operations/IT team - PyPI is no longer a CA distribution channel Right now truststore is a stand-alone library that can be installed globally in your application to immediately take advantage of the benefits in Python 3.10+. Truststore has also been integrated into pip as an opt-in method for verifying HTTPS certificates with truststore instead of certifi. Long-term the hope is to make truststore the default way to verify HTTPS certificates in pip and to add this functionality into Python itself. Wish us luck!
This commit is contained in:
parent
96195f8763
commit
a5abdadcbd
4 changed files with 46 additions and 0 deletions
|
@ -1037,6 +1037,7 @@
|
||||||
SUBDIR += py-tlslite-ng
|
SUBDIR += py-tlslite-ng
|
||||||
SUBDIR += py-trezor
|
SUBDIR += py-trezor
|
||||||
SUBDIR += py-trustme
|
SUBDIR += py-trustme
|
||||||
|
SUBDIR += py-truststore
|
||||||
SUBDIR += py-tuf
|
SUBDIR += py-tuf
|
||||||
SUBDIR += py-txtorcon
|
SUBDIR += py-txtorcon
|
||||||
SUBDIR += py-uhashring
|
SUBDIR += py-uhashring
|
||||||
|
|
22
security/py-truststore/Makefile
Normal file
22
security/py-truststore/Makefile
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
PORTNAME= truststore
|
||||||
|
PORTVERSION= 0.7.0
|
||||||
|
CATEGORIES= security python
|
||||||
|
MASTER_SITES= PYPI
|
||||||
|
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
|
||||||
|
|
||||||
|
MAINTAINER= sunpoet@FreeBSD.org
|
||||||
|
COMMENT= Verify certificates using native system trust stores
|
||||||
|
WWW= https://truststore.readthedocs.io/en/latest/ \
|
||||||
|
https://github.com/sethmlarson/truststore
|
||||||
|
|
||||||
|
LICENSE= MIT
|
||||||
|
LICENSE_FILE= ${WRKSRC}/LICENSE
|
||||||
|
|
||||||
|
BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}flit-core>=3.2<4:devel/py-flit-core@${PY_FLAVOR}
|
||||||
|
|
||||||
|
USES= python:3.10+ ssl
|
||||||
|
USE_PYTHON= autoplist concurrent pep517
|
||||||
|
|
||||||
|
NO_ARCH= yes
|
||||||
|
|
||||||
|
.include <bsd.port.mk>
|
3
security/py-truststore/distinfo
Normal file
3
security/py-truststore/distinfo
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
TIMESTAMP = 1691069906
|
||||||
|
SHA256 (truststore-0.7.0.tar.gz) = 72e784507a624375434381e4bad3eff8614bc8c845a7f5ae16a25a2624d0683f
|
||||||
|
SIZE (truststore-0.7.0.tar.gz) = 14983
|
20
security/py-truststore/pkg-descr
Normal file
20
security/py-truststore/pkg-descr
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
Truststore is a library which exposes native system certificate stores (ie
|
||||||
|
"trust stores") through an ssl.SSLContext-like API. This means that Python
|
||||||
|
applications no longer need to rely on certifi as a root certificate store.
|
||||||
|
Native system certificate stores have many helpful features compared to a static
|
||||||
|
certificate bundle like certifi:
|
||||||
|
- Automatically update certificates as new CAs are created and removed
|
||||||
|
- Fetch missing intermediate certificates
|
||||||
|
- Check certificates against certificate revocation lists (CRLs) to avoid
|
||||||
|
monster-in-the-middle (MITM) attacks
|
||||||
|
- Managed per-system rather than per-application by a operations/IT team
|
||||||
|
- PyPI is no longer a CA distribution channel
|
||||||
|
|
||||||
|
Right now truststore is a stand-alone library that can be installed globally in
|
||||||
|
your application to immediately take advantage of the benefits in Python 3.10+.
|
||||||
|
Truststore has also been integrated into pip as an opt-in method for verifying
|
||||||
|
HTTPS certificates with truststore instead of certifi.
|
||||||
|
|
||||||
|
Long-term the hope is to make truststore the default way to verify HTTPS
|
||||||
|
certificates in pip and to add this functionality into Python itself. Wish us
|
||||||
|
luck!
|
Loading…
Reference in a new issue