Add SSL related params to ClientSession.request

[cecton]

What do these changes do?

...

Are there changes in behavior for the user?

...

Related issue number

#1128

Checklist

• I think the code is well written
• Unit tests for the changes exist
• Documentation reflects the changes
• If you provide code modification, please add yourself to CONTRIBUTORS.txt
  • The format is <Name> <Surname>.
  • Please keep alphabetical order, the file is sorted by names.
• Add a new news fragment into the changes folder
  • name it <issue_id>.<type> for example (588.bug)
  • if you don't have an issue_id change it to the pr id after creating the pr
  • ensure type is one of the following:
    • .feature: Signifying a new feature.
    • .bugfix: Signifying a bug fix.
    • .doc: Signifying a documentation improvement.
    • .removal: Signifying a deprecation or removal of public API.
    • .misc: A ticket has been closed, but it is not of interest to users.
  • Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."

[cecton]

Having issues with too much mocking.... if someone has any advice?

[asvetlov]

I suggest the following:

1. Make a self signed certificate and push it into tests (or just reuse tests/sample.crt if it's good for you).
2. Write functional tests using real app started with self signed certs.

Feel free to ask if my recommendation is not clean.

P.S.
Very thank you for picking up the issue and working on implementation.

[asvetlov]

P.P.S.
Side note: as committer you are free to drop github template for new issues and PRs.
These templates are created for helping newbies to file PR properly.
You know our rules already and might use free form for issue/PR description.
For example PR checklist could be skipped if you are keeping the list in your memory.
The only requirement: if PR is related to existing issue please mention it in description text -- it simplifies navigation between issue and PR.

[asvetlov]

Obviously it's up to you: use free form or file all template fields if template is more comfortable to you.
Personally I prefer free form for both.

[asvetlov]

Regarding to proxy tests: take a look on tests/proxy_functional.py design.

[cecton]

@asvetlov PR template is very fine for me :) it helped me a lot to not forget anything (documentation and change logs especially) but thx

I will have to change a few (all?) tests that mock the entire ClientRequest class. This thing is settings properties in the ClientRequest that I don't want.

[asvetlov]

Are you talking about proxy tests which should be affected by the PR, not fingerprint related tests, right?

In this case please don't hesitate to update all mocks if method signatures changed. I see no way to do it better.

[cecton]

Yes at this point the code I did should have kept the original behavior intact and the tests should pass unchanged. But 3 of the 4 failures are due to the fact that the mocking is actually giving a fingerprint to the ClientRequest objects.

[asvetlov]

Please update failed mocks, it's totally correct.

[asvetlov]

@cecton would you continue work on the PR?
I have a feeling that we need a new aiohttp release, will dedicate a full time week to lift up pending issues.

[cecton]

@asvetlov it shouldn't have take that much time but I got stuck with the mocking thing and then I had a lot of changes recently (change of project basically).

I was going to ask for help with the tests actually.

[codecov-io]

Codecov Report

Merging #2184 into master will increase coverage by 0.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #2184      +/-   ##
==========================================
+ Coverage   97.31%   97.33%   +0.01%     
==========================================
  Files          39       39              
  Lines        7945     7993      +48     
  Branches     1378     1387       +9     
==========================================
+ Hits         7732     7780      +48     
  Misses         90       90              
  Partials      123      123

Impacted Files	Coverage Δ
aiohttp/client_reqrep.py	97.35% <100%> (+0.14%)	⬆️
aiohttp/connector.py	97.76% <100%> (+0.1%)	⬆️
tests/autobahn/client.py	96.85% <0%> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a5ee9f2...fb470f6. Read the comment docs.

[cecton]

@asvetlov okay ready for review

[asvetlov]

Looks good. Feel free to merge, while I very appreciate full test coverage.

[cecton]

@asvetlov Thanks I will improve that! I thought I had all the cases but I hadn't check the diff on codecov.

[asvetlov]

Just a hint: install codecov browser extension: https://docs.codecov.io/v4.3.6/docs/browser-extension
It allows to see coverage just in github 'Files Changes' tab.
If you'll update contributors instruction to mention the plugin -- it would be awesome!

[jettify]

that is nice trick!

[kxepal]

Wouldn't this cause suddenly global side effect?

[cecton]

I have no idea. I copy-pasted that from there a610cf1

[cecton]

I think you're right. After this the "warning filter specifications" is altered. https://docs.python.org/3.5/library/warnings.html#warnings.simplefilter @asvetlov can you confirm you want to keep this behavior?

[asvetlov]

No.
@kxepal good catch.
Please don't alter warnings filter but duplicate the message to aiohttp.log.client_logger.
From my experience people are much more sensible to log messages than deprecation warnings.
Log level should be `warning' sure.

[cecton]

I suppose I change the one in connector too? ^_^

[asvetlov]

@jettify

that is nice trick!

What are you talking about?

[asvetlov]

No.
@kxepal good catch.
Please don't alter warnings filter but duplicate the message to aiohttp.log.client_logger.
From my experience people are much more sensible to log messages than deprecation warnings.
Log level should be `warning' sure.

[jettify]

@asvetlov codecov browser extension, very usefull

[asvetlov]

@jettify thanks

[cecton]

@asvetlov I just saw that the original ticket mention a "move" of those parameters. She I implement a deprecation for the using the parameter in the connector?

[asvetlov]

I not sure.
Obviously there is a need for per-request ssl configuration but I don't know is deprecation makes sense.
Maybe yes.
Guys what do you think?

[cecton]

@asvetlov the fingerprint is something you will get per server basis so per request makes sense. On the other hand the connector has the argument fingerprint like it would connect always to the same server. To me it doesn't make any sense. Unless maybe for a UNIX socket?

verify_ssl and ssl_context could make sense because you may want to disable the entire SSL checking for a complete ClientSession.

[asvetlov]

Make sense

[asvetlov]

Thank you!

[lock]

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a new issue for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that new issue.