Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL issue with aiohttp.request #206

Closed
AlgoTrader opened this issue Dec 25, 2014 · 12 comments
Closed

SSL issue with aiohttp.request #206

AlgoTrader opened this issue Dec 25, 2014 · 12 comments
Labels

Comments

@AlgoTrader
Copy link

I need to pass the client request my own SSLContext. Unfortunately, the case is really tough, as req.ssl is set to True/False with self.ssl = scheme == 'https'

That's cause problems. I have to subclass TCPConnector to overwrite sslcontext with proper context.

The problem is req.ssl can be True/False or SSLContext, but there is absolutly no easy way to pass SSLContext without replacing it with True/False. verify_ssl generates new SSLContext but not what I need.

Any ideas? If it helps, I need something like this:

resp = requests.post('https://xxxx/api/certlogin', data=payload, cert=('client-2048.crt', 'client-2048.key'), headers=headers)
@AlgoTrader AlgoTrader changed the title SSL issue with aio.request SSL issue with aiohttp.request Dec 25, 2014
@fafhrd91
Copy link
Member

i see two options here:

  • you can override TCPConnector._create_connection() method, with that method you can have full control on how asyncio creates new tcp connection.
  • you can use aiohttp.request('post', '...', request_class=CustomRequestClass)

we may allow to pass sslcontext as ctor parameter to TCPConnector, but this requires some discussion.
@asvetlov

@asvetlov
Copy link
Member

I like sslcontext idea, with the only restriction: sslcontext and verify_ssl cannot be used together.

I'll make a PR.

@AlgoTrader
Copy link
Author

I like the idea adding sslcontext to TCPConnector.

@AlgoTrader
Copy link
Author

Thanks, please boost 0.12.1 when possible

@asvetlov
Copy link
Member

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader [email protected]
wrote:

Thanks, please boost 0.12.1 when possible


Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

@fafhrd91
Copy link
Member

-1 for 0.13, this change doesn't break api and it is actually very small.

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

Thanks, please boost 0.12.1 when possible


Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov


Reply to this email directly or view it on GitHub
#206 (comment).

@asvetlov
Copy link
Member

Ok. I'll release 0.12.1 in couple hours then.

On Mon, Dec 29, 2014 at 6:24 PM, Nikolay Kim [email protected]
wrote:

-1 for 0.13, this change doesn't break api and it is actually very small.

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

Thanks, please boost 0.12.1 when possible


Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov


Reply to this email directly or view it on GitHub
#206 (comment).


Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

@fafhrd91
Copy link
Member

Maybe we should wait for websockets?

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

Ok. I'll release 0.12.1 in couple hours then.

On Mon, Dec 29, 2014 at 6:24 PM, Nikolay Kim <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

-1 for 0.13, this change doesn't break api and it is actually very
small.

On Monday, December 29, 2014, Andrew Svetlov <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');
<javascript:_e(%7B%7D,'cvml','[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');');>>
wrote:

Thanks, please boost 0.12.1 when possible


Reply to this email directly or view it on GitHub
<
https://github.com/KeepSafe/aiohttp/issues/206#issuecomment-68252942>.

Thanks,
Andrew Svetlov


Reply to this email directly or view it on GitHub
#206 (comment).


Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov


Reply to this email directly or view it on GitHub
#206 (comment).

@asvetlov
Copy link
Member

@fafhrd91 Sorry, I don't understand you clean.
I may publish just PR #211 in 0.12.1 without any other changes (middlewares, exception fixes etc).
Or we can wait for websockets and publish 0.13.0 with all new features.

What do you propose?

@fafhrd91
Copy link
Member

I just do not want to release too much versions. Also I don't think
websockets worse 0.13 release

Ok, let's release all changes we have now

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

@fafhrd91 https://github.com/fafhrd91 Sorry, I don't understand you
clean.
I may publish just PR #211 #211
in 0.12.1 without any other changes (middlewares, exception fixes etc).
Or we can wait for websockets and publish 0.13.0.

What do you propose?


Reply to this email directly or view it on GitHub
#206 (comment).

@asvetlov
Copy link
Member

0.13.0 released

@lock
Copy link

lock bot commented Oct 29, 2019

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a new issue for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that new issue.

@lock lock bot added the outdated label Oct 29, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Oct 29, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

3 participants