[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

As has been said, allowing arbitrary attribute assignments is standard Python. But given the security implications, it does make sense to have more validation in this case. If backward incompatibility is not an option how about raising a Warning? -CHB On Fri, Jun 25, 2021 at 6:30 PM Oscar

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Sat, 26 Jun 2021 at 01:23, Eric V. Smith wrote: > > On 6/25/2021 8:09 PM, Steven D'Aprano wrote: > > Hi Thomas, > > > > On Fri, Jun 25, 2021 at 09:06:58AM -, Thomas Grainger wrote: > > > >> I'd like invalid attribute assignment to be prevented at runtime > > Are you making a specific

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Fri, Jun 25, 2021 at 12:48:51PM -0700, Guido van Rossum wrote: > > I agree, it is a backwards incompatible change. Also __slots__ won't > > work. The class has class attributes that can be modified in instances. > > > > Oh, I see. There are two class attributes, sslsocket_class and >

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Fri, Jun 25, 2021 at 11:17:09AM -0700, Guido van Rossum wrote: > On Fri, Jun 25, 2021 at 8:22 AM Bluenix wrote: > > > I am not fully aware of how ssl.SSLContext is used, but adding __slots__ > > would prevent this. You would see an error similar to: AttributeError: > > 'MyClass' object has no

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On 6/25/2021 8:09 PM, Steven D'Aprano wrote: Hi Thomas, On Fri, Jun 25, 2021 at 09:06:58AM -, Thomas Grainger wrote: I'd like invalid attribute assignment to be prevented at runtime Are you making a specific request for ssl context objects, or a general language-wide request that applies

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

Hi Thomas, On Fri, Jun 25, 2021 at 09:06:58AM -, Thomas Grainger wrote: > I'd like invalid attribute assignment to be prevented at runtime Are you making a specific request for ssl context objects, or a general language-wide request that applies to all objects? -- Steve

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

It may help to think separately about existing code using ssl, and about new code. However, I'm not a user of ssl, so please doubt my opinions below. EXISTING CODE Those maintaining existing code might welcome an easy way of checking that the code doesn't have a misleading assignment. They might

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

How about an alternative frozen dataclass with a explicit replace, configure and create methods? @dataclasses.dataclass(frozen=True) class SSLContextFactory: minimum_version: TLSVersion = TLSVersion.TLSv1_2 options: ... replace = dataclasses.replace def configure(self, ctx:

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Fri, Jun 25, 2021 at 12:17 PM Christian Heimes wrote: > On 25/06/2021 20.17, Guido van Rossum wrote: > > On Fri, Jun 25, 2021 at 8:22 AM Bluenix > > wrote: > > > > I am not fully aware of how ssl.SSLContext is used, but adding > > __slots__ would prevent

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On 25/06/2021 20.17, Guido van Rossum wrote: > On Fri, Jun 25, 2021 at 8:22 AM Bluenix > wrote: > > I am not fully aware of how ssl.SSLContext is used, but adding > __slots__ would prevent this. You would see an error similar to: > AttributeError:

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Sat, Jun 26, 2021 at 5:09 AM Guido van Rossum wrote: > > On Fri, Jun 25, 2021 at 11:42 AM Chris Angelico wrote: >> >> On Sat, Jun 26, 2021 at 4:20 AM Guido van Rossum wrote: >> > >> > On Fri, Jun 25, 2021 at 8:22 AM Bluenix wrote: >> >> >> >> I am not fully aware of how ssl.SSLContext is

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Fri, Jun 25, 2021 at 11:42 AM Chris Angelico wrote: > On Sat, Jun 26, 2021 at 4:20 AM Guido van Rossum wrote: > > > > On Fri, Jun 25, 2021 at 8:22 AM Bluenix wrote: > >> > >> I am not fully aware of how ssl.SSLContext is used, but adding > __slots__ would prevent this. You would see an

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Sat, Jun 26, 2021 at 4:20 AM Guido van Rossum wrote: > > On Fri, Jun 25, 2021 at 8:22 AM Bluenix wrote: >> >> I am not fully aware of how ssl.SSLContext is used, but adding __slots__ >> would prevent this. You would see an error similar to: AttributeError: >> 'MyClass' object has no

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

On Fri, Jun 25, 2021 at 8:22 AM Bluenix wrote: > I am not fully aware of how ssl.SSLContext is used, but adding __slots__ > would prevent this. You would see an error similar to: AttributeError: > 'MyClass' object has no attribute 'my_attribute' > That's a reasonable solution, except that it's

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

I am not fully aware of how ssl.SSLContext is used, but adding __slots__ would prevent this. You would see an error similar to: AttributeError: 'MyClass' object has no attribute 'my_attribute' ___ Python-ideas mailing list -- python-ideas@python.org To

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

Would a static type checker have found this? On Fri, Jun 25, 2021 at 02:07 Thomas Grainger wrote: > I was debugging some code that was using TLSv1.2 when I expected it to > only support TLSv1.3, I tracked it down to a call to: > > context.miunimum_version = ssl.TLSVersion.TLSv1_3 > > it should

[Python-ideas] Re: Extension methods in Python

On Fri, Jun 25, 2021 at 7:43 PM Stephen J. Turnbull wrote: > > Chris Angelico writes: > > > if it's a fallback after default behaviour fails (like __getattr__) > > [...] it's likely to impact performance a lot less. > > I guess the effect on performance is that it takes one more check to > get

[Python-ideas] Re: Extension methods in Python

David Mertz writes: > That said, one crucial difference is once an extension method is > "used" we are stuck with it for the entire module. While you get it for all objects of type(foo) in the whole module, presumably whatever syntax you used to "use" it, you can use to get rid of it, or at

[Python-ideas] Re: Extension methods in Python

Chris Angelico writes: > if it's a fallback after default behaviour fails (like __getattr__) > [...] it's likely to impact performance a lot less. I guess the effect on performance is that it takes one more check to get to AttributeError? ___

[Python-ideas] Re: disallow assignment to unknown ssl.SSLContext attributes

Thank you Thomas for concisely and fairly reporting your experience, and based on that suggesting a way to improve Python. Thank you for taking the time to do this. Here's a typo that caused a bug (which inconvenienced the original poster): context.miunimum_version = ssl.TLSVersion.TLSv1_3 >

[Python-ideas] disallow assignment to unknown ssl.SSLContext attributes

I was debugging some code that was using TLSv1.2 when I expected it to only support TLSv1.3, I tracked it down to a call to: context.miunimum_version = ssl.TLSVersion.TLSv1_3 it should have been: context.minimum_version = ssl.TLSVersion.TLSv1_3 I'd like invalid attribute assignment to be

[Python-ideas] Re: Extension methods in Python

On Thu, Jun 24, 2021 at 11:53:55PM -0400, Ricky Teachey wrote: > Would this feature allow me to declare str objects as not iterable in some > contexts? > > If so, +1. While I'm glad to see some more positivity in this thread, alas, no, extension methods are not a mechanism for making strings