Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start using SSLContext.minimum|maximum_version when available #2220

Merged
merged 3 commits into from Aug 17, 2021
Merged

Start using SSLContext.minimum|maximum_version when available #2220

merged 3 commits into from Aug 17, 2021

Conversation

sethmlarson
Copy link
Member

@sethmlarson sethmlarson commented May 15, 2021
edited

Closes #2110
Closes #2373

  • Adding minimum_version and maximum_version converters to the PyOpenSSL and SecureTransport SSLContext implementations
  • Fixing the test suite for the new deprecation message
  • Adding documentation about ssl_minimum_version and ssl_maximum_version, removing documentation about ssl_version.
  • Creating an issue about deprecating ssl_version once Python 3.6 support is dropped. Right now we're in a soft deprecation as if we were emitting deprecation warnings now it'd make life hard for any library supporting Python 3.6+ and using the option.

@codecov
Copy link

codecov bot commented May 15, 2021
edited

Codecov Report

Merging #2220 (f2f3c3e) into main (c674f48) will decrease coverage by 0.72%.
The diff coverage is 97.14%.

❗ Current head f2f3c3e differs from pull request most recent head 9845c2e. Consider uploading reports for the commit 9845c2e to get more accurate results
Impacted file tree graph

@@             Coverage Diff             @@
##              main    #2220      +/-   ##
===========================================
- Coverage   100.00%   99.27%   -0.73%     
===========================================
  Files           25       25              
  Lines         2466     2484      +18     
===========================================
  Hits          2466     2466              
- Misses           0       18      +18
Impacted Files Coverage Δ
src/urllib3/exceptions.py 100.00% <ø> (ø)
src/urllib3/util/timeout.py 100.00% <ø> (ø)
src/urllib3/response.py 99.26% <83.33%> (-0.74%) ⬇️
src/urllib3/connection.py 100.00% <100.00%> (ø)
src/urllib3/connectionpool.py 100.00% <100.00%> (ø)
src/urllib3/contrib/socks.py 81.08% <100.00%> (-18.92%) ⬇️
src/urllib3/poolmanager.py 100.00% <100.00%> (ø)
src/urllib3/util/request.py 100.00% <100.00%> (ø)
src/urllib3/util/retry.py 100.00% <100.00%> (ø)
src/urllib3/util/ssl_.py 96.39% <100.00%> (-3.61%) ⬇️
... and 4 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c674f48...9845c2e. Read the comment docs.

@sethmlarson sethmlarson force-pushed the ssl-minimum-version branch 3 times, most recently from 42531ef to 8189636 Compare June 21, 2021 02:47
@sethmlarson sethmlarson mentioned this pull request Jul 20, 2021
Closed
@pquentin
Copy link
Member

You can now remove the Python 3.6 specific code! This will make this easier

@sethmlarson
Copy link
Member Author

Definitely! I have some local changes that rebased this on main without the Python 3.6 fallbacks but still have tests to work though.

@sethmlarson sethmlarson force-pushed the ssl-minimum-version branch 4 times, most recently from fa03286 to 7907e2b Compare August 15, 2021 04:38
@sethmlarson
Copy link
Member Author

I think this is ready for review functionality-wise! For future reviewers please rebase merge this PR as it contains multiple features.

@sethmlarson
Copy link
Member Author

And now the feature is documented too, ready for a full review.

pquentin
pquentin requested changes Aug 15, 2021
View reviewed changes
Copy link
Member

@pquentin pquentin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! This is great. I've only looked at the code (not the tests or docs) on my phone, hopefully this initial review is still useful.

There are two legitimate coverage issues, can you please take a look?

changelog/2110.feature.rst Outdated Show resolved Hide resolved
src/urllib3/util/ssl_.py Outdated Show resolved Hide resolved
src/urllib3/connection.py Show resolved Hide resolved
@sethmlarson sethmlarson reopened this Aug 15, 2021
@sethmlarson sethmlarson force-pushed the ssl-minimum-version branch 3 times, most recently from 4824360 to 316f735 Compare August 15, 2021 18:01
@pquentin pquentin closed this Aug 17, 2021
@pquentin pquentin reopened this Aug 17, 2021
pquentin
pquentin previously approved these changes Aug 17, 2021
View reviewed changes
Copy link
Member

@pquentin pquentin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Feel free to merge after looking at my only comment.

src/urllib3/contrib/securetransport.py Outdated Show resolved Hide resolved
@sethmlarson sethmlarson merged commit 0a4839a into urllib3:main Aug 17, 2021
@sethmlarson sethmlarson deleted the ssl-minimum-version branch August 17, 2021 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pquentin pquentin pquentin left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Set SSLContext.minimum_version to TLSv1.2 by default Switch to setting SSLContext.minimum_version
2 participants
@sethmlarson @pquentin