With the deprecation of ssl.wrap_socket, carrying TLS arguments makes little sense and is inappropriately limiting.
Provide an alternative to the ssl* parameters (excluding sslmode) with a single secure parameter. Where secure will provide the entire functionality required by python.socket.SocketFactory.secure. Users will pass the wrap_socket method of the SSLContext they (already) configured as the secure keyword.
Possible separate patch: make this usable with postgresql.open indicators, by adding a security dictionary to postgresql.sys where applications may configure the set of secure functions used. postgresql.open("pq://user@host/database?[security]=tls-context-name")?
With the deprecation of
ssl.wrap_socket, carrying TLS arguments makes little sense and is inappropriately limiting.Provide an alternative to the
ssl*parameters (excludingsslmode) with a singlesecureparameter. Wheresecurewill provide the entire functionality required bypython.socket.SocketFactory.secure. Users will pass thewrap_socketmethod of the SSLContext they (already) configured as thesecurekeyword.Possible separate patch: make this usable with
postgresql.openindicators, by adding asecuritydictionary topostgresql.syswhere applications may configure the set ofsecurefunctions used.postgresql.open("pq://user@host/database?[security]=tls-context-name")?