Open blueyed opened 5 years ago
The doc for TCPConnector still mentions verify_ssl: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L688-L695
verify_ssl
The internal documentation for _get_ssl_context still refers to the removed verify_ssl: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L871-L884
_get_ssl_context
(it is also used in one example still)
However, the main issue is that I've expected ssl=True to check certificates, but it handles it as "not verified or fingerprinted" then: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L897-L899
ssl=True
It might be that the intention here is to use fingerprinting only, but it certainly confused me, and should maybe throw an error when using ssl=True with fingerprint=None then?
fingerprint=None
Definitely, I need to check this. Sorry, I'm pretty busy now
The doc for TCPConnector still mentions
verify_ssl
: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L688-L695The internal documentation for
_get_ssl_context
still refers to the removedverify_ssl
: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L871-L884(it is also used in one example still)
However, the main issue is that I've expected
ssl=True
to check certificates, but it handles it as "not verified or fingerprinted" then: https://github.com/aio-libs/aiohttp/blob/9504fe2affaaff673fa4f3754c1c44221f8ba47d/aiohttp/connector.py#L897-L899It might be that the intention here is to use fingerprinting only, but it certainly confused me, and should maybe throw an error when using
ssl=True
withfingerprint=None
then?