Add `httpx.SSLContext` configuration. by karpetrosyan · Pull Request #3022 · encode/httpx

karpetrosyan · 2023-12-25T13:18:31Z

Discussed in #3007

TODO:

Add changelog
Add more migration examples

Migration examples

Enabling and disabling verification

import httpx

# instead of 
httpx.Client(verify=False)

# do
context = httpx.SSLContext(verify=False)
httpx.Client(ssl_context=context)

Use a different set of certificates

import httpx

# instead of
httpx.Client(verify="path/to/certs.pem")

# do
context = httpx.SSLContext(verify="path/to/certs.pem")
httpx.Client(ssl_context=context)

Client side certificates

import httpx

# instead of
httpx.Client(cert="path/to/client.pem")

# do
context = httpx.SSLContext(cert="path/to/client.pem")
httpx.Client(ssl_context=context)

Using alternate SSL contexts

import ssl
import httpx

context = ssl.create_default_context()

# instead of
client = httpx.Client(verify=context)

# do
client = httpx.Client(ssl_context=context)

karpetrosyan · 2023-12-26T11:35:07Z

Yes, I agree that removing them completely is not what the user expects.
However, I believe migration is simple enough to skip that stage in order to avoid making that part of the code overly complicated.

Or should we deprecate them anyway? Not obvious to me.

httpx/_config.py

httpx/_client.py

lovelydinosaur · 2023-12-28T14:02:00Z

Looking good.

Update documentation

I'd suggest you don't spin time on that until we've had a clear discussion around the "API finessing" and "Documentation refresh" areas mentioned in #947 (comment). I like this change, but we'll want to make it as part of a coherent & consistent 1.0 refresh.

httpx/_config.py

lovelydinosaur · 2024-01-15T10:15:26Z

Okay, shall we take the docs from this comment... #3007 (comment) and include them in the PR?

karpetrosyan · 2024-01-15T10:19:04Z

Okay, shall we take the docs from this comment... #3007 (comment) and include them in the PR?

I like it

karpetrosyan · 2024-01-16T14:42:31Z

Have we decided to remove or deprecate the old arguments?

httpx/_api.py

httpx/_client.py

tests/test_config.py

Co-authored-by: T-256 <132141463+T-256@users.noreply.github.com>

httpx/_config.py

tests/test_config.py

Dropping `trust_env` from `httpx.SSLContext()` API.

tests/test_config.py

lovelydinosaur · 2024-10-08T09:59:57Z

Thanks so much @karpetrosyan - going to merge this into "version-1.0" now, and then apply remaining changes incrementally. Fantastic work!! 😎

karpetrosyan · 2024-10-08T10:28:04Z

Sorry, I couldn't find time to finish all the tidy-ups.
Thank you for the help! 🙏 @T-256 @tomchristie

lovelydinosaur · 2024-10-10T21:52:03Z

Thank you so much for your time & dedication @karpetrosyan. 🙌

Add ssl_context argument

88f2ab7

karpetrosyan added the api change PRs that contain breaking public API changes label Dec 25, 2023

karpetrosyan force-pushed the add-ssl-context-argument branch from 897a5de to 88f2ab7 Compare December 25, 2023 13:28

Use default ciphers and set minimum tls version to 1.2

58e9fdc

This comment was marked as resolved.

Sign in to view

lovelydinosaur reviewed Dec 28, 2023

View reviewed changes

httpx/_config.py Outdated Show resolved Hide resolved

lovelydinosaur reviewed Dec 28, 2023

View reviewed changes

httpx/_config.py Outdated Show resolved Hide resolved

karpetrosyan and others added 2 commits December 28, 2023 16:53

Merge branch 'master' into add-ssl-context-argument

1afe2c9

Fix init_proxy_transport arguments

6be802e

lovelydinosaur reviewed Dec 28, 2023

View reviewed changes

httpx/_client.py Outdated Show resolved Hide resolved

Merge branch 'master' into add-ssl-context-argument

d124d8f

Use __init__ instead of __new__ in SSLContext

6f1162b

karpetrosyan commented Dec 29, 2023

View reviewed changes

httpx/_config.py Show resolved Hide resolved

Merge branch 'master' into add-ssl-context-argument

f613dee

lovelydinosaur mentioned this pull request Jan 8, 2024

Version 1.0 #947

Open

lovelydinosaur added the 1.0 proposal Pull requests proposing 1.0 API changes label Jan 11, 2024

lovelydinosaur changed the title ~~Replace the verify and cert arguments with ssl_context.~~ Add httpx.SSLContext configuration. Jan 12, 2024

T-256 mentioned this pull request Jan 14, 2024

fix(ssl): add lru_cache for create_ssl_context #3053

Closed

3 tasks

Merge branch 'master' into add-ssl-context-argument

55ec002

karpetrosyan and others added 4 commits January 16, 2024 09:28

Merge branch 'master' into add-ssl-context-argument

7346bc2

Docs

7f35134

Fix SSLContext repr

8d5983a

Merge branch 'master' into add-ssl-context-argument

f759dec

lovelydinosaur mentioned this pull request Jan 22, 2024

Draft 1.0 release notes #3069

Closed