From 9132a9ae56dfc61e2c26461c26d56cb93bfc24e4 Mon Sep 17 00:00:00 2001
From: Alberto Sottile <alby128@gmail.com>
Date: Fri, 15 Feb 2019 23:26:59 +0100
Subject: [PATCH] startTLS: find certifi.where() if embedded in a zip file

---
 syncplay/client.py | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/syncplay/client.py b/syncplay/client.py
index 33a1d90..f107a06 100755
--- a/syncplay/client.py
+++ b/syncplay/client.py
@@ -20,7 +20,18 @@ from twisted.application.internet import ClientService
 try:
     import certifi
     from twisted.internet.ssl import Certificate, optionsForClientTLS
-    os.environ['SSL_CERT_FILE'] = certifi.where()
+    certPath = certifi.where()
+    if os.path.exists(certPath):
+        os.environ['SSL_CERT_FILE'] = certPath
+    elif 'zip' in certPath:
+        import tempfile
+        import zipfile
+        zipPath, memberPath = certPath.split('.zip/')
+        zipPath += '.zip'
+        archive = zipfile.ZipFile(zipPath, 'r')
+        tmpDir = tempfile.gettempdir()
+        extractedPath = archive.extract(memberPath, tmpDir)
+        os.environ['SSL_CERT_FILE'] = extractedPath
 except:
     pass
 
@@ -716,7 +727,7 @@ class SyncplayClient(object):
         port = int(port)
         self._endpoint = HostnameEndpoint(reactor, host, port)
         try:
-            caCertFP = open(certifi.where())
+            caCertFP = open(os.environ['SSL_CERT_FILE'])
             caCertTwisted = Certificate.loadPEM(caCertFP.read())
             caCertFP.close()
             self.protocolFactory.options = optionsForClientTLS(hostname=host)