[Python-checkins] [3.9] gh-94208: Add even more TLS version/protocol checks for FreeBSD (#98037)
ambv
webhook-mailer at python.org
Fri Oct 7 14:49:33 EDT 2022
https://github.com/python/cpython/commit/da1fe3873a592eebe6f0d961b2e3b36d29b4838e
commit: da1fe3873a592eebe6f0d961b2e3b36d29b4838e
branch: 3.9
author: Łukasz Langa <lukasz at langa.pl>
committer: ambv <lukasz at langa.pl>
date: 2022-10-07T11:49:28-07:00
summary:
[3.9] gh-94208: Add even more TLS version/protocol checks for FreeBSD (#98037)
Otherwise, buildbot builds would fail since there's no TLS 1.0/1.1 support.
files:
M .gitignore
M Lib/test/test_ssl.py
diff --git a/.gitignore b/.gitignore
index 1ba44ec5d635..8d9717dd8210 100644
--- a/.gitignore
+++ b/.gitignore
@@ -140,5 +140,7 @@ Tools/ssl/win32
# Artifacts generated by 3.11 lying around when switching branches:
/_bootstrap_python
/Programs/_freeze_module
+/Modules/Setup.bootstrap
+/Modules/Setup.stdlib
/Python/deepfreeze/
/Python/frozen_modules/
\ No newline at end of file
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 6faa2ee0bbe6..e270f44cf3fb 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1141,8 +1141,10 @@ def test_constructor(self):
def test_protocol(self):
for proto in PROTOCOLS:
- ctx = ssl.SSLContext(proto)
- self.assertEqual(ctx.protocol, proto)
+ if has_tls_protocol(proto):
+ with warnings_helper.check_warnings():
+ ctx = ssl.SSLContext(proto)
+ self.assertEqual(ctx.protocol, proto)
def test_ciphers(self):
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
@@ -1524,7 +1526,10 @@ def test_load_dh_params(self):
def test_session_stats(self):
for proto in PROTOCOLS:
- ctx = ssl.SSLContext(proto)
+ if not has_tls_protocol(proto):
+ continue
+ with warnings_helper.check_warnings():
+ ctx = ssl.SSLContext(proto)
self.assertEqual(ctx.session_stats(), {
'number': 0,
'connect': 0,
@@ -1715,13 +1720,14 @@ def test__create_stdlib_context(self):
self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
self._assert_context_options(ctx)
- ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
- cert_reqs=ssl.CERT_REQUIRED,
- check_hostname=True)
- self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
- self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
- self.assertTrue(ctx.check_hostname)
- self._assert_context_options(ctx)
+ with warnings_helper.check_warnings():
+ ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
+ cert_reqs=ssl.CERT_REQUIRED,
+ check_hostname=True)
+ self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
+ self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
+ self.assertTrue(ctx.check_hostname)
+ self._assert_context_options(ctx)
ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH)
self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLS)
More information about the Python-checkins
mailing list