SSL issue with aiohttp.request

[AlgoTrader]

I need to pass the client request my own SSLContext. Unfortunately, the case is really tough, as req.ssl is set to True/False with self.ssl = scheme == 'https'

That's cause problems. I have to subclass TCPConnector to overwrite sslcontext with proper context.

The problem is req.ssl can be True/False or SSLContext, but there is absolutly no easy way to pass SSLContext without replacing it with True/False. verify_ssl generates new SSLContext but not what I need.

Any ideas? If it helps, I need something like this:

resp = requests.post('https://xxxx/api/certlogin', data=payload, cert=('client-2048.crt', 'client-2048.key'), headers=headers)

[fafhrd91]

i see two options here:

• you can override TCPConnector._create_connection() method, with that method you can have full control on how asyncio creates new tcp connection.
• you can use aiohttp.request('post', '...', request_class=CustomRequestClass)

we may allow to pass sslcontext as ctor parameter to TCPConnector, but this requires some discussion.
@asvetlov

[asvetlov]

I like sslcontext idea, with the only restriction: sslcontext and verify_ssl cannot be used together.

I'll make a PR.

[AlgoTrader]

I like the idea adding sslcontext to TCPConnector.

[AlgoTrader]

Thanks, please boost 0.12.1 when possible

[asvetlov]

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader [email protected]
wrote:

Thanks, please boost 0.12.1 when possible

—
Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

[fafhrd91]

-1 for 0.13, this change doesn't break api and it is actually very small.

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

Thanks, please boost 0.12.1 when possible

—
Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

—
Reply to this email directly or view it on GitHub
#206 (comment).

[asvetlov]

Ok. I'll release 0.12.1 in couple hours then.

On Mon, Dec 29, 2014 at 6:24 PM, Nikolay Kim [email protected]
wrote:

-1 for 0.13, this change doesn't break api and it is actually very small.

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

Thanks, please boost 0.12.1 when possible

—
Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

—
Reply to this email directly or view it on GitHub
#206 (comment).

—
Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

[fafhrd91]

Maybe we should wait for websockets?

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

Ok. I'll release 0.12.1 in couple hours then.

On Mon, Dec 29, 2014 at 6:24 PM, Nikolay Kim <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

-1 for 0.13, this change doesn't break api and it is actually very
small.

On Monday, December 29, 2014, Andrew Svetlov <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');>
wrote:

It should be 0.13.0, not 0.12.1
You are requested for new feature, btw.

On Mon, Dec 29, 2014 at 2:18 PM, AlgoTrader <[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');
<javascript:_e(%7B%7D,'cvml','[email protected]
javascript:_e(%7B%7D,'cvml','[email protected]');');>>
wrote:

Thanks, please boost 0.12.1 when possible

—
Reply to this email directly or view it on GitHub
<
https://github.com/KeepSafe/aiohttp/issues/206#issuecomment-68252942>.

Thanks,
Andrew Svetlov

—
Reply to this email directly or view it on GitHub
#206 (comment).

—
Reply to this email directly or view it on GitHub
#206 (comment).

Thanks,
Andrew Svetlov

—
Reply to this email directly or view it on GitHub
#206 (comment).

[asvetlov]

@fafhrd91 Sorry, I don't understand you clean.
I may publish just PR #211 in 0.12.1 without any other changes (middlewares, exception fixes etc).
Or we can wait for websockets and publish 0.13.0 with all new features.

What do you propose?

[fafhrd91]

I just do not want to release too much versions. Also I don't think
websockets worse 0.13 release

Ok, let's release all changes we have now

On Monday, December 29, 2014, Andrew Svetlov [email protected]
wrote:

@fafhrd91 https://github.com/fafhrd91 Sorry, I don't understand you
clean.
I may publish just PR #211 #211
in 0.12.1 without any other changes (middlewares, exception fixes etc).
Or we can wait for websockets and publish 0.13.0.

What do you propose?

—
Reply to this email directly or view it on GitHub
#206 (comment).

[asvetlov]

0.13.0 released

[lock]

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a new issue for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that new issue.