Add thread-safety clarifications to the SSLContext documentation #118596
Assignees
Labels
docs
Documentation in the Doc dir
Comments
|
In 3 days, ask someone to review your pull request here: https://discuss.python.org/c/core-dev/23 |
gpshead
pushed a commit
that referenced
this issue
Jun 16, 2024
…tation (#118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program.
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jun 16, 2024
…ocumentation (pythonGH-118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program. (cherry picked from commit 4f59f86) Co-authored-by: mm-matthias <43849132+mm-matthias@users.noreply.github.com>
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Jun 16, 2024
…ocumentation (pythonGH-118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program. (cherry picked from commit 4f59f86) Co-authored-by: mm-matthias <43849132+mm-matthias@users.noreply.github.com>
|
thanks! |
gpshead
pushed a commit
that referenced
this issue
Jun 16, 2024
…documentation (GH-118597) (#120596) gh-118596: Add thread-safety clarifications to the SSLContext documentation (GH-118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program. (cherry picked from commit 4f59f86) Co-authored-by: mm-matthias <43849132+mm-matthias@users.noreply.github.com>
gpshead
pushed a commit
that referenced
this issue
Jun 16, 2024
…documentation (GH-118597) (#120595) gh-118596: Add thread-safety clarifications to the SSLContext documentation (GH-118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program. (cherry picked from commit 4f59f86) Co-authored-by: mm-matthias <43849132+mm-matthias@users.noreply.github.com>
mrahtz
pushed a commit
to mrahtz/cpython
that referenced
this issue
Jun 30, 2024
…ocumentation (python#118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program.
noahbkim
pushed a commit
to hudson-trading/cpython
that referenced
this issue
Jul 11, 2024
…ocumentation (python#118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program.
estyxx
pushed a commit
to estyxx/cpython
that referenced
this issue
Jul 17, 2024
…ocumentation (python#118597) Add thread-safety clarifications to the SSLContext documentation. Per the issue: This issue has also come up [here](psf/requests#6667) where the matter was clarified by @tiran in [this comment](psf/requests#6667): > `SSLContext` is designed to be shared and used for multiple connections. It is thread safe as long as you don't reconfigure it once it is used by a connection. Adding new certs to the internal trust store is fine, but changing ciphers, verification settings, or mTLS certs can lead to surprising behavior. The problem is unrelated to threads and can even occur in a single-threaded program.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Documentation
Currently there is no documentation that tells anything about whether
SSLContextis thread-safe or not and how it can be shared between different connections. Knowing how to share theSSLContextbetween different threads and connections is important for example to solve problems like this.This issue has also come up here where the matter was clarified by @tiran in this comment:
I have reworked this statement into a PR so that it's generally available for future reference.
Linked PRs
The text was updated successfully, but these errors were encountered: