[issue46632] test_ssl: 2 tests fail on cstratak-CentOS9-fips-x86_64

Fri Feb 4 04:54:45 EST 2022

New submission from STINNER Victor <vstinner at python.org>:

test_load_verify_cadata() and test_connect_cadata() of test_ssl fail on cstratak-CentOS9-fips-x86_64 (with OpenSSL FIPS mode enabled):
https://buildbot.python.org/all/#builders/828/builds/63

test.pythoninfo:

fips.linux_crypto_fips_enabled: 1
fips.openssl_fips_mode: 1
ssl.OPENSSL_VERSION: OpenSSL 3.0.1 14 Dec 2021
ssl.OPENSSL_VERSION_INFO: (3, 0, 0, 1, 0)

Logs:

======================================================================
ERROR: test_load_verify_cadata (test.test_ssl.ContextTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/buildbot/buildarea/3.x.cstratak-CentOS9-fips-x86_64.no-builtin-hashes-except-blake2/build/Lib/test/test_ssl.py", line 1494, in test_load_verify_cadata
    ctx.load_verify_locations(cadata=cacert_der)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ssl.SSLError: [EVP] unsupported (_ssl.c:3998)

======================================================================
ERROR: test_connect_cadata (test.test_ssl.SimpleBackgroundTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/buildbot/buildarea/3.x.cstratak-CentOS9-fips-x86_64.no-builtin-hashes-except-blake2/build/Lib/test/test_ssl.py", line 2138, in test_connect_cadata
    ctx.load_verify_locations(cadata=der)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ssl.SSLError: [EVP] unsupported (_ssl.c:3998)

Stdout:
 server:  new connection from ('127.0.0.1', 49102)
 server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256)

----------
assignee: christian.heimes
components: SSL, Tests
messages: 412497
nosy: christian.heimes, vstinner
priority: normal
severity: normal
status: open
title: test_ssl: 2 tests fail on cstratak-CentOS9-fips-x86_64
versions: Python 3.11

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue46632>
_______________________________________