ValueError: verify_ssl, ssl_context, fingerprint and ssl parameters are mutually exclusive #8097
Closed
Description
Describe the bug
This change #8043 is listed in the changelog under "features" https://docs.aiohttp.org/en/stable/changes.html#features, but I think it is a breaking change.
For example, aiobotocore creates a TCPConnector and passes both verify_ssl and ssl, and after upgrading to aiohttp 3.9.2 started to fail with a ValueError because the verify_ssl and ssl parameters are mutually exclusive.
Regardless, aiobotocore needs to stop using the deprecated verify_ssl argument (aio-libs/aiobotocore#882), but in the meantime I doubt you intended 3.9.2 to contain a breaking change in this way.
To Reproduce
from aiobotocore.session import get_session
session = get_session()
async with session.create_client("s3", verify=False):
passExpected behavior
don't raise a ValueError
Logs/tracebacks
venv/lib/python3.8/site-packages/aiobotocore/session.py:24: in __aenter__
return await self._client.__aenter__()
venv/lib/python3.8/site-packages/aiobotocore/client.py:627: in __aenter__
await self._endpoint.http_session.__aenter__()
venv/lib/python3.8/site-packages/aiobotocore/httpsession.py:122: in __aenter__
self._connector = self._create_connector()
venv/lib/python3.8/site-packages/aiobotocore/httpsession.py:111: in <lambda>
self._create_connector = lambda: aiohttp.TCPConnector(
venv/lib/python3.8/site-packages/aiohttp/connector.py:786: in __init__
self._ssl = _merge_ssl_params(ssl, verify_ssl, ssl_context, fingerprint)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
ssl = None, verify_ssl = False, ssl_context = None, fingerprint = None
def _merge_ssl_params(
ssl: Union["SSLContext", bool, Fingerprint],
verify_ssl: Optional[bool],
ssl_context: Optional["SSLContext"],
fingerprint: Optional[bytes],
) -> Union["SSLContext", bool, Fingerprint]:
if verify_ssl is not None and not verify_ssl:
warnings.warn(
"verify_ssl is deprecated, use ssl=False instead",
DeprecationWarning,
stacklevel=3,
)
if ssl is not True:
> raise ValueError(
"verify_ssl, ssl_context, fingerprint and ssl "
"parameters are mutually exclusive"
)
E ValueError: verify_ssl, ssl_context, fingerprint and ssl parameters are mutually exclusivePython Version
$ python --version
Python 3.8.18aiohttp Version
$ python -m pip show aiohttp
Name: aiohttp
Version: 3.9.2
Summary: Async http client/server framework (asyncio)
Home-page: https://github.com/aio-libs/aiohttp
Author:
Author-email:
License: Apache 2
Location: /home/brianm/repos/medigator/venv/lib/python3.8/site-packages
Requires: aiosignal, async-timeout, attrs, frozenlist, multidict, yarl
Required-by: aiobotocore, aiohttp-basicauth, aiohttp-jinja2, aiomonitormultidict Version
$ python -m pip show multidict
Name: multidict
Version: 6.0.2
Summary: multidict implementation
Home-page: https://github.com/aio-libs/multidict
Author: Andrew Svetlov
Author-email: andrew.svetlov@gmail.com
License: Apache 2
Location: /home/brianm/repos/medigator/venv/lib/python3.8/site-packages
Requires:
Required-by: aiohttp, async-asgi-testclient, yarlyarl Version
$ python -m pip show yarl
Name: yarl
Version: 1.7.2
Summary: Yet another URL library
Home-page: https://github.com/aio-libs/yarl/
Author: Andrew Svetlov
Author-email: andrew.svetlov@gmail.com
License: Apache 2
Location: /home/brianm/repos/medigator/venv/lib/python3.8/site-packages
Requires: idna, multidict
Required-by: aio-pika, aiohttp, aiormqOS
Ubuntu 22.04.3
Related component
Client
Additional context
No response
Code of Conduct
- I agree to follow the aio-libs Code of Conduct