Implement AsyncOpenSearch() parameter ssl_assert_hostname

CHANGELOG.md

@@ -4,7 +4,8 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 ## [Unreleased]
 ### Added
 - Added `AsyncSearch#collapse` ([827](https://github.com/opensearch-project/opensearch-py/pull/827))
-- Support `pool_maxsize` in `AsyncOpenSearch` ([845](https://github.com/opensearch-project/opensearch-py/pull/845))
+- Added `pool_maxsize` to `AsyncOpenSearch` ([845](https://github.com/opensearch-project/opensearch-py/pull/845))
+- Added `ssl_assert_hostname` to `AsyncOpenSearch` ([843](https://github.com/opensearch-project/opensearch-py/pull/843))
 ### Changed
 ### Deprecated
 ### Removed

docs/source/api-ref/clients/opensearch_client.md

@@ -3,3 +3,7 @@
 ```{eval-rst}
 .. autoclass:: opensearchpy.OpenSearch
 ```
+
+```{eval-rst}
+.. autoclass:: opensearchpy.AsyncOpenSearch
+```

docs/source/api-ref/connection.md

@@ -1,4 +1,4 @@
-# connection 
+# Connection Types 
 
 ```{eval-rst}
 .. autoclass:: opensearchpy.Connection
@@ -12,6 +12,10 @@
 .. autoclass:: opensearchpy.Urllib3HttpConnection
 ```
 
+```{eval-rst}
+.. autoclass:: opensearchpy.AIOHttpConnection
+```
+
 ```{eval-rst}
 .. autoclass:: opensearchpy.connections
 ```

opensearchpy/_async/client/__init__.py

@@ -109,7 +109,7 @@ class AsyncOpenSearch(Client):
         ])
 
     If using SSL, there are several parameters that control how we deal with
-    certificates (see :class:`~opensearchpy.Urllib3HttpConnection` for
+    certificates (see :class:`~opensearchpy.AIOHttpConnection` for
     detailed description of the options)::
 
         client = OpenSearch(
@@ -123,7 +123,7 @@ class AsyncOpenSearch(Client):
         )
 
     If using SSL, but don't verify the certs, a warning message is showed
-    optionally (see :class:`~opensearchpy.Urllib3HttpConnection` for
+    optionally (see :class:`~opensearchpy.AIOHttpConnection` for
     detailed description of the options)::
 
         client = OpenSearch(
@@ -132,12 +132,14 @@ class AsyncOpenSearch(Client):
             use_ssl=True,
             # no verify SSL certificates
             verify_certs=False,
+            # don't verify the hostname in the certificate
+            ssl_assert_hostname=False,
             # don't show warnings about ssl certs verification
             ssl_show_warn=False
         )
 
     SSL client authentication is supported
-    (see :class:`~opensearchpy.Urllib3HttpConnection` for
+    (see :class:`~opensearchpy.AIOHttpConnection` for
     detailed description of the options)::
 
         client = OpenSearch(

opensearchpy/_async/http_aiohttp.py

@@ -85,6 +85,7 @@ def __init__(
         client_cert: Any = None,
         client_key: Any = None,
         ssl_version: Any = None,
+        ssl_assert_hostname: bool = True,
         ssl_assert_fingerprint: Any = None,
         maxsize: Optional[int] = 10,
         headers: Any = None,
@@ -178,7 +179,7 @@ def __init__(
 
             if verify_certs:
                 ssl_context.verify_mode = ssl.CERT_REQUIRED
-                ssl_context.check_hostname = True
+                ssl_context.check_hostname = ssl_assert_hostname
             else:
                 ssl_context.check_hostname = False
                 ssl_context.verify_mode = ssl.CERT_NONE

test_opensearchpy/test_async/test_connection.py

@@ -97,6 +97,17 @@ async def test_ssl_context(self) -> None:
         assert con.use_ssl
         assert con.session.connector._ssl == context
 
+    async def test_ssl_assert_hostname(self) -> None:
+        con = AIOHttpConnection(use_ssl=True, ssl_assert_hostname=True)
+        await con._create_aiohttp_session()
+        assert con.use_ssl
+        assert con.session.connector._ssl.check_hostname is True
+
+        con = AIOHttpConnection(use_ssl=True, ssl_assert_hostname=False)
+        await con._create_aiohttp_session()
+        assert con.use_ssl
+        assert con.session.connector._ssl.check_hostname is False
+
     async def test_opaque_id(self) -> None:
         con = AIOHttpConnection(opaque_id="app-1")
         assert con.headers["x-opaque-id"] == "app-1"