[issue35352] test_asyncio fails on RHEL8
Charalampos Stratakis
report at bugs.python.org
Fri Nov 30 09:28:46 EST 2018
Charalampos Stratakis <cstratak at redhat.com> added the comment:
It seems I can reproduce it on Fedora as well by setting stronger crypto defaults through 'update-crypto-policies --set FUTURE'.
Repo located here: https://gitlab.com/redhat-crypto/fedora-crypto-policies/tree/master
The changes are many, but if I compare with RHEL8, the minimal changes that could affect it are:
-# DH params size: >= 1023
+# DH params size: >= 2048
-# TLS protocols: TLS >= 1.0
+# TLS protocols: TLS >= 1.2, DTLS >= 1.2
- at protocol_list = ('TLS1.3', 'TLS1.2', 'TLS1.1', 'TLS1.0', 'DTLS1.2', 'DTLS1.0');
+ at protocol_list = ('TLS1.3', 'TLS1.2', 'DTLS1.2');
- $min_tls_version = 'TLS1.0';
- min_dtls_version = 'DTLS1.0';
+ $min_tls_version = 'TLS1.2';
+ $min_dtls_version = 'DTLS1.2';
# Parameter sizes
- $min_dh_size = 1023;
+ $min_dh_size = 2048;
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue35352>
_______________________________________
More information about the Python-bugs-list
mailing list