gh-94172: Remove keyfile, certfile and check_hostname parameters#94173
gh-94172: Remove keyfile, certfile and check_hostname parameters#94173vstinner merged 2 commits into
Conversation
Sorry, something went wrong.
Sorry, something went wrong.
|
Oh, HTTPSConnection of urllib.request has context and check_hostname parameters, and context can be None. http.client code to create the default context is non trivial, I don't want to copy it in urllib/request.py. Maybe http.client check_hostname parameter should be kept. What do you think @serhiy-storchaka? |
Sorry, something went wrong.
|
Right now, 4 tests are failing because of the urllib issue: |
Sorry, something went wrong.
Specifying check_hostname for |
Sorry, something went wrong.
|
URLopener of urllib.request has key_file and cert_file parameters which are passed to http.client.HTTPSConnection. These parameters are not directly deprecated, but the whole URLopener class is deprecated since Python 3.3! |
Sorry, something went wrong.
I created PR #94232 to fix this issue. |
Sorry, something went wrong.
Merged. I rebased this PR on top of it. Currently, the PR still removes |
Sorry, something went wrong.
I suggest to remove it. In a future OpenSSL version it won't be able to change the TLS version. Even now it cannot be used to switch to TLS 1.3-only. |
Sorry, something went wrong.
|
Changes: |
Sorry, something went wrong.
|
About removing |
Sorry, something went wrong.
|
I tried to run a code search with: Problem: these parameter names are common and they are many usages which remain perfectly fine and supported, like (example from Python ssl module documentation): The code search finds around 1976 lines in 188 projects. |
Sorry, something went wrong.
|
@tiran @serhiy-storchaka: Would you mind to review the updated PR? |
Sorry, something went wrong.
serhiy-storchaka
left a comment
serhiy-storchaka
left a comment
There was a problem hiding this comment.
You missed updating the documentation.
Please add also new tests in place of the deleted tests.
Sorry, something went wrong.
Remove the keyfile, certfile and check_hostname parameters, deprecated since Python 3.6, in modules: ftplib, http.client, imaplib, poplib and smtplib. Use the context parameter (ssl_context in imaplib) instead. Parameters following the removed parameters become keyword-only parameters. ftplib: Remove the FTP_TLS.ssl_version class attribute: use the context parameter instead.
* poplib: stls() context parameter can be positional again * Keep test_ftplib tests but replace ValueError with TypeError * Reformat test_httplib * Keep but update test_tls13_pha() test
|
I rebased my PR and addressed @serhiy-storchaka's review. @serhiy-storchaka: Would you mind to review my updated PR? |
Sorry, something went wrong.
|
I merged my PR which was open for 6 months. I prefer to merge it as soon as possible at the beginning of the Python 3.12 development cycle, to get feedback as soon as possible. If someone sees rooms for enhance, I suggest to open a separated PR ;-) |
Sorry, something went wrong.
|
Thanks a lot @tiran and @serhiy-storchaka for the many reviews! |
Sorry, something went wrong.
Reviewers
5 participants
Remove the keyfile, certfile and check_hostname parameters,
deprecated since Python 3.6, in modules: ftplib, http.client,
imaplib, poplib and smtplib. Use the context parameter (ssl_context
in imaplib) instead.
ftplib: Remove the FTP_TLS.ssl_version class attribute: use the
context parameter instead.