Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-04-24 12:50:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

bpo-35045: Accept TLSv1 default in min max test (GH-11510)

Browse source 
Make ssl tests less strict and also accept TLSv1 as system default. The
changes unbreaks test_min_max_version on Fedora 29.

Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 34de2d312b)

Co-authored-by: Christian Heimes <christian@python.org>
This commit is contained in:
Miss Islington (bot) 2019-01-18 07:29:08 -08:00 committed by GitHub
parent c2647f2e45
commit 6ca7183b35
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Lib/test/test_ssl.py
View file

@ -1108,8 +1108,11 @@ def test_hostname_checks_common_name(self):
"required OpenSSL 1.1.0g")
def test_min_max_version(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
self.assertEqual(
ctx.minimum_version, ssl.TLSVersion.MINIMUM_SUPPORTED
# OpenSSL default is MINIMUM_SUPPORTED, however some vendors like
# Fedora override the setting to TLS 1.0.
self.assertIn(
ctx.minimum_version,
{ssl.TLSVersion.MINIMUM_SUPPORTED, ssl.TLSVersion.TLSv1}
)
self.assertEqual(
ctx.maximum_version, ssl.TLSVersion.MAXIMUM_SUPPORTED

2
Misc/NEWS.d/next/Tests/2019-01-10-18-35-42.bpo-35045.qdd6d9.rst Normal file
View file

@ -0,0 +1,2 @@
Make ssl tests less strict and also accept TLSv1 as system default. The
changes unbreaks test_min_max_version on Fedora 29.