On Fri, Jun 25, 2021 at 11:42 AM Chris Angelico <rosuav@gmail.com> wrote:
On Sat, Jun 26, 2021 at 4:20 AM Guido van Rossum <guido@python.org> wrote:
>
> On Fri, Jun 25, 2021 at 8:22 AM Bluenix <bluenixdev@gmail.com> wrote:
>>
>> I am not fully aware of how ssl.SSLContext is used, but adding __slots__ would prevent this. You would see an error similar to: AttributeError: 'MyClass' object has no attribute 'my_attribute'
>
>
> That's a reasonable solution, except that it's not backwards compatible. It's possible that there is code out there that for some reason adds private attributes to an SSLContext instance, and using __slots__ would break such usage. (They could perhaps fix their code by using a dummy subclass, but that could well become a non-trivial change to their code, depending on where they get their SSLContext instances.)
>
> So unless there's evidence that nobody does that, we're stuck with the status quo. I'm adding Christian Heimes to the thread in case he has a hunch either way.
>

Another possible solution - although I'm not sure how practical this
would be - would be to have __init__ accept only specific keyword
arguments. You could do something like:

ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT,
minimum_version=ssl.PROTOCOL_TLSv1_1)

and it would work, but if you misspell "minimum_version", it would
error out. That's actually what I expected it to do, based on the
signature; but it doesn't, it simply ignores the argument. Not
actually sure what it does with kwargs.

But that's not what the OP wrote -- his code used an attribute assignment. It looks like SSLContext just throws the *args and **kwds away. You *must* set the attribute. I don't know why it has *args and **kwds at all -- maybe so that you can subclass it and define an __init__ that takes those?

It all seems a mystery to me. I've never used this directly -- I've always just used urllib's default for https URLs.

--
--Guido van Rossum (python.org/~guido)