[Python-checkins] bpo-34001: Fix test_ssl with LibreSSL (GH-13783)
T. Wouters
webhook-mailer at python.org
Wed Sep 11 13:24:51 EDT 2019
https://github.com/python/cpython/commit/c9bc49c5f6e26a7c958307c2ac338951a7534d9a
commit: c9bc49c5f6e26a7c958307c2ac338951a7534d9a
branch: master
author: Christian Heimes <christian at python.org>
committer: T. Wouters <thomas at python.org>
date: 2019-09-11T10:24:47-07:00
summary:
bpo-34001: Fix test_ssl with LibreSSL (GH-13783)
files:
A Misc/NEWS.d/next/Tests/2019-06-03-20-47-10.bpo-34001.KvYx9z.rst
M Lib/test/test_ssl.py
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index b71928368b04..54e271627638 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1109,6 +1109,7 @@ def test_hostname_checks_common_name(self):
@unittest.skipUnless(hasattr(ssl.SSLContext, 'minimum_version'),
"required OpenSSL 1.1.0g")
+ @unittest.skipIf(IS_LIBRESSL, "see bpo-34001")
def test_min_max_version(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
# OpenSSL default is MINIMUM_SUPPORTED, however some vendors like
@@ -3731,8 +3732,8 @@ def test_min_max_version(self):
self.assertEqual(s.version(), 'TLSv1.1')
# client 1.0, server 1.2 (mismatch)
- server_context.minimum_version = ssl.TLSVersion.TLSv1_2
server_context.maximum_version = ssl.TLSVersion.TLSv1_2
+ server_context.minimum_version = ssl.TLSVersion.TLSv1_2
client_context.maximum_version = ssl.TLSVersion.TLSv1
client_context.maximum_version = ssl.TLSVersion.TLSv1
with ThreadedEchoServer(context=server_context) as server:
diff --git a/Misc/NEWS.d/next/Tests/2019-06-03-20-47-10.bpo-34001.KvYx9z.rst b/Misc/NEWS.d/next/Tests/2019-06-03-20-47-10.bpo-34001.KvYx9z.rst
new file mode 100644
index 000000000000..35c65a8fbf0f
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2019-06-03-20-47-10.bpo-34001.KvYx9z.rst
@@ -0,0 +1,2 @@
+Make test_ssl pass with LibreSSL. LibreSSL handles minimum and maximum TLS
+version differently than OpenSSL.
More information about the Python-checkins
mailing list