[Python-checkins] gh-95280: Fix test_get_ciphers on systems without RSA key exchange (GH-95282) (GH-95323)
ambv
webhook-mailer at python.org
Fri Jul 29 11:20:16 EDT 2022
https://github.com/python/cpython/commit/03dc951316e9d9461475b06ff20016d6855ff85d
commit: 03dc951316e9d9461475b06ff20016d6855ff85d
branch: 3.9
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: ambv <lukasz at langa.pl>
date: 2022-07-29T17:20:06+02:00
summary:
gh-95280: Fix test_get_ciphers on systems without RSA key exchange (GH-95282) (GH-95323)
(cherry picked from commit 565403038b75eb64ea483b2757ba30769246d853)
Co-authored-by: Christian Heimes <christian at python.org>
files:
A Misc/NEWS.d/next/Tests/2022-07-26-15-22-19.gh-issue-95280.h8HvbP.rst
M Lib/test/test_ssl.py
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 1f8c30c51aa87..6faa2ee0bbe6b 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1169,8 +1169,20 @@ def test_get_ciphers(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ctx.set_ciphers('AESGCM')
names = set(d['name'] for d in ctx.get_ciphers())
- self.assertIn('AES256-GCM-SHA384', names)
- self.assertIn('AES128-GCM-SHA256', names)
+ expected = {
+ 'AES128-GCM-SHA256',
+ 'ECDHE-ECDSA-AES128-GCM-SHA256',
+ 'ECDHE-RSA-AES128-GCM-SHA256',
+ 'DHE-RSA-AES128-GCM-SHA256',
+ 'AES256-GCM-SHA384',
+ 'ECDHE-ECDSA-AES256-GCM-SHA384',
+ 'ECDHE-RSA-AES256-GCM-SHA384',
+ 'DHE-RSA-AES256-GCM-SHA384',
+ }
+ intersection = names.intersection(expected)
+ self.assertGreaterEqual(
+ len(intersection), 2, f"\ngot: {sorted(names)}\nexpected: {sorted(expected)}"
+ )
def test_options(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
diff --git a/Misc/NEWS.d/next/Tests/2022-07-26-15-22-19.gh-issue-95280.h8HvbP.rst b/Misc/NEWS.d/next/Tests/2022-07-26-15-22-19.gh-issue-95280.h8HvbP.rst
new file mode 100644
index 0000000000000..523d9d5f2f8bf
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2022-07-26-15-22-19.gh-issue-95280.h8HvbP.rst
@@ -0,0 +1,2 @@
+Fix problem with ``test_ssl`` ``test_get_ciphers`` on systems that require
+perfect forward secrecy (PFS) ciphers.
More information about the Python-checkins
mailing list