Netrc file is accessed inside exception handler, trigger exception again #7237
Labels
Comments
|
Apologies for not having a simple reproduction. I will try to create one. |
|
The start of the traceback is from |
|
If I add this line to my python code, I do not encounter the bug. This is because the left side of the os.environ["NETRC"] = 'workaround_for_aiohttp_bug'As a user, this is a viable workaround if you encounter this issue. |
|
Sounds reasonable, if you have the time to create a test in a PR (and ideally a fix), that'd be great. In the test, you can probably just monkeypatch the |
|
We ran into the same problem today. I might look into providing a PR as it should be a fairly trivial fix. Though, I'm not quite sure if something nicer than nesting try/catch blocks can be done there. 🤔 |
jgosmann
added a commit
to jgosmann/aiohttp
that referenced
this issue
Jul 18, 2023
If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None.
5 tasks
Dreamsorcerer
pushed a commit
that referenced
this issue
Jul 18, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue #7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes #7237
jgosmann
added a commit
to jgosmann/aiohttp
that referenced
this issue
Jul 20, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue aio-libs#7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes aio-libs#7237 (cherry picked from commit 0d2e43b) # Conflicts: # aiohttp/helpers.py
5 tasks
jgosmann
added a commit
to jgosmann/aiohttp
that referenced
this issue
Jul 20, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue aio-libs#7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes aio-libs#7237 (cherry picked from commit 0d2e43b) # Conflicts: # CONTRIBUTORS.txt # aiohttp/helpers.py # tests/test_helpers.py
5 tasks
jgosmann
added a commit
to jgosmann/aiohttp
that referenced
this issue
Jul 20, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue aio-libs#7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes aio-libs#7237 (cherry picked from commit 0d2e43b) # Conflicts: # CONTRIBUTORS.txt # aiohttp/helpers.py # tests/test_helpers.py
Dreamsorcerer
pushed a commit
that referenced
this issue
Jul 22, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue #7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes #7237 Backport of #7378 (cherry picked from commit 0d2e43b) ## Checklist - [x] I think the code is well written - [x] Unit tests for the changes exist - [x] Documentation reflects the changes - [x] If you provide code modification, please add yourself to `CONTRIBUTORS.txt` * The format is <Name> <Surname>. * Please keep alphabetical order, the file is sorted by names. - [x] Add a new news fragment into the `CHANGES` folder * name it `<issue_id>.<type>` for example (588.bugfix) * if you don't have an `issue_id` change it to the pr id after creating the pr * ensure type is one of the following: * `.feature`: Signifying a new feature. * `.bugfix`: Signifying a bug fix. * `.doc`: Signifying a documentation improvement. * `.removal`: Signifying a deprecation or removal of public API. * `.misc`: A ticket has been closed, but it is not of interest to users. * Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."
Dreamsorcerer
pushed a commit
that referenced
this issue
Jul 22, 2023
## What do these changes do? If no NETRC environment variable is provided and the .netrc path cannot be accessed due to missing permission, a PermissionError was raised instead of returning None. See issue #7237. This PR fixes the issue. If the changes look good, I can also prepare backports. ## Are there changes in behavior for the user? If the .netrc cannot be accessed due to a permission problem (and the `NETRC` environment variable is unset), no `PermissionError` will be raised. Instead it will be silently ignored. ## Related issue number Fixes #7237 Backport of #7378 (cherry picked from commit 0d2e43b) ## Checklist - [x] I think the code is well written - [x] Unit tests for the changes exist - [x] Documentation reflects the changes - [x] If you provide code modification, please add yourself to `CONTRIBUTORS.txt` * The format is <Name> <Surname>. * Please keep alphabetical order, the file is sorted by names. - [x] Add a new news fragment into the `CHANGES` folder * name it `<issue_id>.<type>` for example (588.bugfix) * if you don't have an `issue_id` change it to the pr id after creating the pr * ensure type is one of the following: * `.feature`: Signifying a new feature. * `.bugfix`: Signifying a bug fix. * `.doc`: Signifying a documentation improvement. * `.removal`: Signifying a deprecation or removal of public API. * `.misc`: A ticket has been closed, but it is not of interest to users. * Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."
|
Thanks for fixing @jgosmann 🥇 |
renovate bot
added a commit
to allenporter/pyrainbird
that referenced
this issue
Oct 9, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [aiohttp](https://togithub.com/aio-libs/aiohttp) | `==3.8.5` -> `==3.8.6` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>aio-libs/aiohttp (aiohttp)</summary> ### [`v3.8.6`](https://togithub.com/aio-libs/aiohttp/blob/HEAD/CHANGES.rst#386-2023-10-07) [Compare Source](https://togithub.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6) \================== ## Security bugfixes - Upgraded the vendored copy of llhttp\_ to v9.1.3 -- by :user:`Dreamsorcerer` Thanks to :user:`kenballus` for reporting this, see GHSA-pjjw-qhg8-p2p9. .. \_llhttp: https://llhttp.org `#​7647 <https://github.com/aio-libs/aiohttp/issues/7647>`\_ - Updated Python parser to comply with RFCs 9110/9112 -- by :user:`Dreamorcerer` Thanks to :user:`kenballus` for reporting this, see GHSA-gfw2-4jvh-wgfg. `#​7663 <https://github.com/aio-libs/aiohttp/issues/7663>`\_ ## Deprecation - Added `fallback_charset_resolver` parameter in `ClientSession` to allow a user-supplied character set detection function. Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use `fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection>`\_. `#​7561 <https://github.com/aio-libs/aiohttp/issues/7561>`\_ ## Features - Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:`Dreamsorcerer` `#​7490 <https://github.com/aio-libs/aiohttp/issues/7490>`\_ ## Bugfixes - Fixed `PermissionError` when `.netrc` is unreadable due to permissions. `#​7237 <https://github.com/aio-libs/aiohttp/issues/7237>`\_ - Fixed output of parsing errors pointing to a `\n`. -- by :user:`Dreamsorcerer` `#​7468 <https://github.com/aio-libs/aiohttp/issues/7468>`\_ - Fixed `GunicornWebWorker` max_requests_jitter not working. `#​7518 <https://github.com/aio-libs/aiohttp/issues/7518>`\_ - Fixed sorting in `filter_cookies` to use cookie with longest path. -- by :user:`marq24`. `#​7577 <https://github.com/aio-libs/aiohttp/issues/7577>`\_ - Fixed display of `BadStatusLine` messages from llhttp\_. -- by :user:`Dreamsorcerer` `#​7651 <https://github.com/aio-libs/aiohttp/issues/7651>`\_ *** </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/allenporter/pyrainbird). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjMiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Sometimes, the
.netrcfile is unreadable due to permissions. This is handled in this code:aiohttp/aiohttp/helpers.py
Line 226 in 6da0469
However, inside the exception handler, this
ifstatement accesses metadata about the path. I assume (but have not yet checked) thatnetrc_path.is_file()lists metadata of the contents of.netrc's parent directory. This triggers an unchecked exception which, in turn, is not handled by other packages which I'm using.git blamesays the surrounding code is from 5 years ago. I take it this is an edge case, not a new or common issue.My proposed solution is to warn, but not raise exceptions, if this occurs. This seems to be in spirit with the rest of the code, when the
.netrcfile is missing.To Reproduce
I will try to improve on the details here. Preliminary notes:
Expected behavior
I expect
aiohttpto warn, but not fail, when.netrcis present. I had no ideaaiohttprequires a readable.netrcfile and the cloud environment I'm working in does not have one.Logs/tracebacks
Python Version
aiohttp Version
multidict Version
yarl Version
OS
I don't quite know, as I am using a hosted cloud environment. Looks Ubuntu linux based:
Related component
Client
Additional context
Databricks on MS Azure, inside a notebook, using the
adlfsmodule to access files in Azure Blob Storage.Code of Conduct
The text was updated successfully, but these errors were encountered: