Skip to content

Commit

Permalink
fix: Patch preloaded SSL context for requests library
Browse files Browse the repository at this point in the history
requests 2.32.0 introduced a preloaded SSL context, which needs to be patched manually unfortunately
  • Loading branch information
timo-reymann committed Dec 2, 2024
1 parent 5ae2476 commit 4c6f13b
Showing 1 changed file with 18 additions and 0 deletions.
18 changes: 18 additions & 0 deletions src/truststore/_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ def inject_into_ssl() -> None:
module by replacing :class:`ssl.SSLContext`.
"""
setattr(ssl, "SSLContext", SSLContext)

# urllib3 holds on to its own reference of ssl.SSLContext
# so we need to replace that reference too.
try:
Expand All @@ -43,6 +44,23 @@ def inject_into_ssl() -> None:
except ImportError:
pass

# requests starting with 3.23.0 added a preloaded SSL context to improve concurrent performance;
# this unfortunately leads to a RecursionError, which can be avoided by patching the preloaded SSL context with
# the truststore patched instance
# also see https://github.com/psf/requests/pull/6667
try:
import requests.adapters

preloaded_context = getattr(requests.adapters, "_preloaded_ssl_context", None)
if preloaded_context is not None:
setattr(
requests.adapters,
"_preloaded_ssl_context",
SSLContext(ssl.PROTOCOL_TLS_CLIENT),
)
except ImportError:
pass


def extract_from_ssl() -> None:
"""Restores the :class:`ssl.SSLContext` class to its original state"""
Expand Down

0 comments on commit 4c6f13b

Please sign in to comment.