gh-94637: Release GIL in SSLContext.set_default_verify_paths (GH-94658)

author Christian Heimes <christian@python.org>

Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)

committer GitHub <noreply@github.com>

Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)
author Christian Heimes <christian@python.org>
Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)
committer GitHub <noreply@github.com>
Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)
diff --git a/Misc/NEWS.d/next/Library/2022-07-07-15-46-55.gh-issue-94637.IYEiUM.rst b/Misc/NEWS.d/next/Library/2022-07-07-15-46-55.gh-issue-94637.IYEiUM.rst

new file mode 100644 (file)

index 0000000..20cbbcd
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2022-07-07-15-46-55.gh-issue-94637.IYEiUM.rst
@@ -0,0 +1,3 @@
+:meth:`SSLContext.set_default_verify_paths` now releases the GIL around
+``SSL_CTX_set_default_verify_paths`` call. The function call performs I/O
+and CPU intensive work.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c

index 8ff15d18fb637ec864a69c81deb3e29da7a2e595..78c02c1cd82fb532eead181603c878a005e3e7c9 100644 (file)
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -4302,7 +4302,11 @@ static PyObject *
  _ssl__SSLContext_set_default_verify_paths_impl(PySSLContext *self)
  /*[clinic end generated code: output=0bee74e6e09deaaa input=35f3408021463d74]*/
  {
-    if (!SSL_CTX_set_default_verify_paths(self->ctx)) {
+    int rc;
+    Py_BEGIN_ALLOW_THREADS
+    rc = SSL_CTX_set_default_verify_paths(self->ctx);
+    Py_END_ALLOW_THREADS
+    if (!rc) {
          _setSSLError(get_state_ctx(self), NULL, 0, __FILE__, __LINE__);
          return NULL;
      }
author	Christian Heimes <christian@python.org>
	Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)
committer	GitHub <noreply@github.com>
	Sat, 9 Jul 2022 16:11:15 +0000 (18:11 +0200)
Misc/NEWS.d/next/Library/2022-07-07-15-46-55.gh-issue-94637.IYEiUM.rst	[new file with mode: 0644]	patch \| blob
Modules/_ssl.c		patch \| blob \| blame \| history