-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PR #5992/c29e5fb5 backport][3.8] Add secure proxy support in the client #6049
[PR #5992/c29e5fb5 backport][3.8] Add secure proxy support in the client #6049
Conversation
fe151e4
to
d3f881a
Compare
@asvetlov when do you think we would be able to drop support for Python 3.6? Can we drop it in aiohttp v3.8 or do you want to wait? This backport breaks one code path under Python 3.6 which is not a problem for |
Given the large number of bug fixes in the 3.8 release, I'd vote for trying to push a release that still supports Python 3.6 before we drop it. |
I hear you. It's just that I need this backport in and supporting 3.6 means more work for me :) I've already convinced the project needing this not to use Python 3.6 FWIW. |
d3f881a
to
991c35e
Compare
991c35e
to
f91ca06
Compare
900cfa2
to
ff0fedc
Compare
This patch opens up the code path and adds the implementation that allows end-users to start sending HTTPS requests through HTTPS proxies. The support for TLS-in-TLS (needed for this to work) in the stdlib is kinda available since Python 3.7 but is disabled for `asyncio` with an attribute/flag/toggle. When the upstream CPython enables it finally, aiohttp v3.8+ will be able to work with it out of the box. Currently the tests monkey-patch `asyncio` in order to verify that this works. The users who are willing to do the same, will be able to take advantage of it right now. Eventually (hopefully starting Python 3.11), the need for monkey-patching should be eliminated. Refs: * https://bugs.python.org/issue37179 * python/cpython#28073 * https://docs.aiohttp.org/en/stable/client_advanced.html#proxy-support * aio-libs#6044 PR aio-libs#5992 Resolves aio-libs#3816 Resolves aio-libs#4268 Co-authored-by: Brian Bouterse <bmbouter@gmail.com> Co-authored-by: Jordan Borean <jborean93@gmail.com> Co-authored-by: Sviatoslav Sydorenko <webknjaz@redhat.com> (cherry picked from commit c29e5fb)
Apparently, if an exception gets raised before the warning gets a chance to be emitted, it doesn't emit an assertion error. Pytest bug?
817ab73
to
320f545
Compare
320f545
to
2715040
Compare
This is a backport of PR #5992 as merged into master (c29e5fb). It also includes #6072.
Note:
--threadless
inproxy.py
is disabled under Windows and macOS because of abhinavsingh/proxy.py#492.What do these changes do?
This patch opens up the code path and adds the implementation that allows end-users to start sending HTTPS requests through HTTPS proxies.
The support for TLS-in-TLS (needed for this to work) in the stdlib is kinda available since Python 3.7 but is disabled for
asyncio
with an attribute/flag/toggle. When the upstream CPython enables it finally, aiohttp v3.8+ will be able to work with it out of the box.Currently the tests monkey-patch
asyncio
in order to verify that this works. The users who are willing to do the same, will be able to take advantage of it right now. Eventually (hopefully starting Python 3.11), the need for monkey-patching should be eliminated.Refs:
Original details
I test with this script:
And I get
The squid proxy does show
1631129861.057 45 ::1 TCP_TUNNEL/200 39 CONNECT example.com:443 - HIER_DIRECT/93.184.216.34 -
and I can see the 200 OK from the direct connection.What fails is when taking the TCP socket from the direct connection and TLS wrapping it I get a
ConnectionResetError
.Are there changes in behavior for the user?
They get the ability to send out HTTPS queries through HTTPS proxies if they monkey-patch the stdlib
asyncio
.Related issue number
Resolves #3816
Resolves #4268
Checklist
CONTRIBUTORS.txt
CHANGES
folder<issue_id>.<type>
for example (588.bugfix)issue_id
change it to the pr id after creating the pr.feature
: Signifying a new feature..bugfix
: Signifying a bug fix..doc
: Signifying a documentation improvement..removal
: Signifying a deprecation or removal of public API..misc
: A ticket has been closed, but it is not of interest to users.