Allow setting git opt set sll cert locations option in libgit2

[imbuedhope]

Closes #876

Adds support for the following

import pygit2
pygit2.settings.ssl_cert_file = '/path/to/file'
pygit2.settings.ssl_cert_dir = '/path/to/folder'

Which is the equivalent of the following in C

git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, '/path/to/file', NULL);
git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, NULL, '/path/to/folder');

Also adds support for directly loading the settings from the ssl module like follows

import pygit2
import ssl
pygit2.settings._ssl_cert_locations = ssl.get_default_verify_paths()

All the new properties that were added to pygit2.settings.Settings are write only, since it is write only in libgit2.

In addition, pygit2 also attempts sets _ssl_cert_locations based on the ssl module on import. This probably won't work on Windows until the wheels are changed to support this in the libgit2 being shipped with it.

[webknjaz]

Oh, I missed this PR...

P.S. s/sll/ssl/ in title

[webknjaz]

I've pointed out a few anti-pythonic approaches which should be fixed: pygit2 is a Python wrapper and as such, it shouldn't 100% repeat C-library principles on the high level.

[webknjaz]

Please don't rename this callable. It's an action, not a constant. So I must start with a verb. get. Renaming it to constant/var-style is harmful and misleading for readability.

Suggested change

	from ssl import get_default_verify_paths as default_ssl_verify_paths
	from ssl import get_default_verify_paths

[webknjaz]

You shouldn't catch all exceptions. Silencing everything makes any related bugs nearly impossible to locate and is harmful therefore. It's important to always fail fast and loudly.
ssl.get_default_verify_paths() shouldn't raise any exceptions anyway.

Suggested change

except:

[webknjaz]

It is an ancient way of creating properties. Always use it as a decorator instead.

[webknjaz]

Also, we should have a getter for this.

[imbuedhope]

There is no get support for the ssl cert paths in libgit2. It makes sense to have it added to libgit2 first.

You can not use property as decorator if you don't have a setter since the first param in the __init__ for property is fget.

[webknjaz]

But you can track it on the Python side because it's needed to properly set the other value.

[webknjaz]

you can still use a decorator:

@property
def attr(self):
    """A proper docstring."""
    raise AttributeError

@attr.setter
def attr(self, value):
    # set val

[webknjaz]

cc #879 (comment)

So here's why we need to track the values we set earlier. Semantically, these setters are assigned with the values for what their names mean.
End-users of the library are Pythonistas who always expect the assignment behavior of the attribute to change exactly the thing its name refers to.
So resetting another setting would be misleading and is a side-effect.
That's why we need to track values which we set earlier for one connected setting to use them when setting the other.
Of course, it's not necessary to expose them for reading right now. But it's a least we can do to preserve consistent UX when setting one of TSL cert location sub-options.
As for setting both sub-options, it should be an explicit method because semantically setting a tuple to attribute to side-effect two values is weird.

[imbuedhope]

Digging around, it looks like ultimately libgit2 makes a call to SSL_CTX_load_verify_locations when built with Openssl and the man page for it seems to describe the following behavior.

When looking up CA certificates, the OpenSSL library will first search the certificates in CAfile, then those in CApath.

[webknjaz]

Nice, that's what I thought...

[webknjaz]

Setters don't return values.

[webknjaz]

When setting one value we shouldn't reset another. If a user wants to do this they can update it to None explicitly.

[webknjaz]

Suggested change

	def __set_ssl_cert_file(self, value):
	@property
	def ssl_cert_file(self):
	return self._ssl_cert_file
	@ssl_cert_file.setter
	def ssl_cert_file(self, value):
	"""Set the ssl cert file."""
	option(GIT_OPT_SET_SSL_CERT_LOCATIONS, value, self.ssl_cert_dir)
	self._ssl_cert_file = value

[webknjaz]

This one must be a method. Using property here is odd.

[imbuedhope]

I went with properties because all other supported settings are implemented as property. It does not make sense to break consistency.

[webknjaz]

As I wrote earlier, we should go for Pythonic principles. And if they are not respected in some places it doesn't mean that you should follow the lead. When you write in C you don't follow Assembly code-style just because it's an underlying somewhere, do you?

[jdavid]

I'll look at the issues this week-end.
But generally speaking, from PEP-8 itself:
Consistency with this style guide is important. Consistency within a project is more important.

Though we don't have a project style guide. Well, will check this week-end.

[jdavid]

The whole paragraph:
A style guide is about consistency. Consistency with this style guide is important. Consistency within a project is more important. Consistency within one module or function is the most important.

[jdavid]

By the way, thank you both for the awesome work you're doing!

[webknjaz]

This rule doesn't apply here. Since all other attributes correspond to one value. With two values it doesn't make sense. Setting two values by assigning a tuple to an attribute is ridiculous in Python.

And also when writing Python it doesn't have to look like another language https://www.youtube.com/watch?v=wf-BqAjZb8M. It's fine in the low-level wrapper but not in a public interface.

[webknjaz]

And I wasn't referring to just PEP8. It's quite a common sense/knowledge. PEP8 is a code style guide but I'm talking about more generic approaches which are probably not formalized explicitly but every Pythonista knows that when they see code looking like Java in .py file something isn't quite right.

[webknjaz]

I think this belongs at Settings.__init__(). It is a good practice to have a ready-to-use object after the initializer run.
Extra initializers are popular in C++, not Python. This semantics is untypical for Pythonic projects.

[webknjaz]

I still think that setting one value shouldn't reset another one.

[jdavid]

Finally looked at the api. I would replace both setters by a single method:

set_ssl_cert_locations(...)

[webknjaz]

I'd keep properties for individual suboptions. They are native to Python and is what a typical Pythonista would expect. It better communicates the intent as in "make this setting use that value".

[jdavid]

I'd rather not have 2 ways to do the same thing. It's good for the users to have 1 way, so they don't have to stop thinking which one they should use, and code looks the same whoever writes it.

It's also good for the developers/maintainers not to increase the burden: our limited resources are the main constraint. Aiming for feature completeness, api consistency, and quality documentation is already ambitious. So I'd keep it simple and stick to the 1 way principle (even if the API feels a bit low level, it's not awkward either).

The settings.py file is a good example of the inconsistency we have. It already mixes properties and methods. And a couple of methods even lack the verb at the beginning. caching and cache_max_size should be setters, and cache_object_limit should be renamed to set_cache_object_limit

Then the settings.py file would be all getter/setters except for the 2 not straightforward cases where we would have methods. The advantages: consistency, simplicity, 1 way.

[webknjaz]

Yes, there should be one way of doing things. Except for the cases where that way cannot be used. So are you okay with property-based getters/setters then?

[jdavid]

Could you summarize the API you propose for ssl cert locations?

[webknjaz]

I'll send it as a PR on top of this branch

[webknjaz]

Side note: after looking at Settings class I think that this use-case might be a good fit for using attrs library. But it's a topic for a separate discussion.

[webknjaz]

@jdavid #884

[rcoup]

Example if you're using certifi:

import certifi
import pygit2
pygit2.settings.ssl_cert_file = certifi.where()