Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix TCPConnector doing blocking I/O in the event loop to create the SSLContext #8672

Merged
merged 29 commits into from
Aug 10, 2024

Conversation

bdraco
Copy link
Member

@bdraco bdraco commented Aug 9, 2024

What do these changes do?

Create the SSLContext in the executor since it does blocking I/O to read the certificates from disk.

related issue #3080

Are there changes in behavior for the user?

no

Is it a substantial burden for the maintainers to support this?

no

@bdraco bdraco added backport-3.10 backport-3.11 Trigger automatic backporting to the 3.11 release branch by Patchback robot labels Aug 9, 2024
@bdraco bdraco added this to the 3.10.3 milestone Aug 9, 2024
aiohttp/connector.py Outdated Show resolved Hide resolved
Copy link

codecov bot commented Aug 9, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.98%. Comparing base (be23d16) to head (bf7f7e2).
Report is 822 commits behind head on master.

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #8672   +/-   ##
=======================================
  Coverage   97.97%   97.98%           
=======================================
  Files         107      107           
  Lines       33794    33825   +31     
  Branches     3969     3969           
=======================================
+ Hits        33110    33143   +33     
+ Misses        507      505    -2     
  Partials      177      177           
Flag Coverage Δ
CI-GHA 97.88% <100.00%> (+<0.01%) ⬆️
OS-Linux 97.54% <100.00%> (+<0.01%) ⬆️
OS-Windows 95.92% <100.00%> (+0.01%) ⬆️
OS-macOS 97.12% <100.00%> (-0.08%) ⬇️
Py-3.10.11 97.35% <100.00%> (+<0.01%) ⬆️
Py-3.10.14 97.28% <100.00%> (+<0.01%) ⬆️
Py-3.11.9 97.51% <100.00%> (+<0.01%) ⬆️
Py-3.12.4 97.63% <100.00%> (+<0.01%) ⬆️
Py-3.8.10 95.56% <100.00%> (+0.01%) ⬆️
Py-3.8.18 97.07% <100.00%> (+<0.01%) ⬆️
Py-3.9.13 95.61% <100.00%> (-1.60%) ⬇️
Py-3.9.19 97.16% <100.00%> (+<0.01%) ⬆️
Py-pypy7.3.16 96.75% <100.00%> (+<0.01%) ⬆️
VM-macos 97.12% <100.00%> (-0.08%) ⬇️
VM-ubuntu 97.54% <100.00%> (+<0.01%) ⬆️
VM-windows 95.92% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

aiohttp/connector.py Outdated Show resolved Hide resolved
aiohttp/connector.py Outdated Show resolved Hide resolved
@psf-chronographer psf-chronographer bot added the bot:chronographer:provided There is a change note present in this PR label Aug 9, 2024
CHANGES/8672.bugfix.rst Outdated Show resolved Hide resolved
@bdraco bdraco marked this pull request as ready for review August 10, 2024 00:51
aiohttp/connector.py Outdated Show resolved Hide resolved
@bdraco
Copy link
Member Author

bdraco commented Aug 10, 2024

Needs tests for

  • _make_ssl_context raises due to OSError or similar
  • _make_or_get_ssl_context handles cancellation

aiohttp/connector.py Outdated Show resolved Hide resolved
aiohttp/connector.py Outdated Show resolved Hide resolved
aiohttp/connector.py Outdated Show resolved Hide resolved
@bdraco bdraco merged commit c3219bf into master Aug 10, 2024
37 of 38 checks passed
@bdraco bdraco deleted the fix_ssl_context_blocking_io branch August 10, 2024 14:44
Copy link
Contributor

patchback bot commented Aug 10, 2024

Backport to 3.10: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply c3219bf on top of patchback/backports/3.10/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672

Backporting merged PR #8672 into master

  1. Ensure you have a local repo clone of your fork. Unless you cloned it
    from the upstream, this would be your origin remote.
  2. Make sure you have an upstream repo added as a remote too. In these
    instructions you'll refer to it by the name upstream. If you don't
    have it, here's how you can add it:
    $ git remote add upstream https://github.com/aio-libs/aiohttp.git
  3. Ensure you have the latest copy of upstream and prepare a branch
    that will hold the backported code:
    $ git fetch upstream
    $ git checkout -b patchback/backports/3.10/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672 upstream/3.10
  4. Now, cherry-pick PR Fix TCPConnector doing blocking I/O in the event loop to create the SSLContext #8672 contents into that branch:
    $ git cherry-pick -x c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a
    If it'll yell at you with something like fatal: Commit c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a is a merge but no -m option was given., add -m 1 as follows instead:
    $ git cherry-pick -m1 -x c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a
  5. At this point, you'll probably encounter some merge conflicts. You must
    resolve them in to preserve the patch from PR Fix TCPConnector doing blocking I/O in the event loop to create the SSLContext #8672 as close to the
    original as possible.
  6. Push this branch to your fork on GitHub:
    $ git push origin patchback/backports/3.10/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672
  7. Create a PR, ensure that the CI is green. If it's not — update it so that
    the tests and any other checks pass. This is it!
    Now relax and wait for the maintainers to process your pull request
    when they have some cycles to do reviews. Don't worry — they'll tell you if
    any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

Copy link
Contributor

patchback bot commented Aug 10, 2024

Backport to 3.11: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply c3219bf on top of patchback/backports/3.11/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672

Backporting merged PR #8672 into master

  1. Ensure you have a local repo clone of your fork. Unless you cloned it
    from the upstream, this would be your origin remote.
  2. Make sure you have an upstream repo added as a remote too. In these
    instructions you'll refer to it by the name upstream. If you don't
    have it, here's how you can add it:
    $ git remote add upstream https://github.com/aio-libs/aiohttp.git
  3. Ensure you have the latest copy of upstream and prepare a branch
    that will hold the backported code:
    $ git fetch upstream
    $ git checkout -b patchback/backports/3.11/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672 upstream/3.11
  4. Now, cherry-pick PR Fix TCPConnector doing blocking I/O in the event loop to create the SSLContext #8672 contents into that branch:
    $ git cherry-pick -x c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a
    If it'll yell at you with something like fatal: Commit c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a is a merge but no -m option was given., add -m 1 as follows instead:
    $ git cherry-pick -m1 -x c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a
  5. At this point, you'll probably encounter some merge conflicts. You must
    resolve them in to preserve the patch from PR Fix TCPConnector doing blocking I/O in the event loop to create the SSLContext #8672 as close to the
    original as possible.
  6. Push this branch to your fork on GitHub:
    $ git push origin patchback/backports/3.11/c3219bf88c2a9381c50cd18a0fc1ad701e39bb9a/pr-8672
  7. Create a PR, ensure that the CI is green. If it's not — update it so that
    the tests and any other checks pass. This is it!
    Now relax and wait for the maintainers to process your pull request
    when they have some cycles to do reviews. Don't worry — they'll tell you if
    any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

bdraco added a commit that referenced this pull request Aug 10, 2024
…SLContext (#8672)

Co-authored-by: Sam Bull <git@sambull.org>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
(cherry picked from commit c3219bf)
bdraco added a commit that referenced this pull request Aug 10, 2024
…SLContext (#8672)

Co-authored-by: Sam Bull <git@sambull.org>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
(cherry picked from commit c3219bf)
bdraco added a commit that referenced this pull request Aug 10, 2024
… in the event loop to create the SSLContext (#8673)

Co-authored-by: Sam Bull <git@sambull.org>
Co-authored-by: pre-commit-ci[bot]
bdraco added a commit that referenced this pull request Aug 10, 2024
… in the event loop to create the SSLContext (#8674)

Co-authored-by: Sam Bull <git@sambull.org>
Co-authored-by: pre-commit-ci[bot]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport-3.11 Trigger automatic backporting to the 3.11 release branch by Patchback robot bot:chronographer:provided There is a change note present in this PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants