An interpreted, interactive, object-oriented programming language
CentOS Sources
2017-08-01 71084d584ff953f5463757ec6536406320560b4d
commit | author | age
854cc6 1 From a1d7acf899fccd0eda10e011e2d11d1d81c2d9e6 Mon Sep 17 00:00:00 2001
CS 2 From: Robert Kuska <rkuska@redhat.com>
3 Date: Wed, 9 Mar 2016 20:16:17 +0100
4 Subject: [PATCH] Expect a failure when trying to connect with SSLv2 client to
5  SSLv23 server. Default value of options in tests enchanced to reflect SSLv2
6  being disabled
7
8 ---
9  Lib/test/test_ssl.py | 4 ++--
10  1 file changed, 2 insertions(+), 2 deletions(-)
11
12 diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
13 index 11122db..b2ba186 100644
14 --- a/Lib/test/test_ssl.py
15 +++ b/Lib/test/test_ssl.py
16 @@ -691,7 +691,7 @@ class ContextTests(unittest.TestCase):
17      @skip_if_broken_ubuntu_ssl
18      def test_options(self):
19          ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
20 -        self.assertEqual(ssl.OP_ALL, ctx.options)
21 +        self.assertEqual(ssl.OP_ALL | ssl.OP_NO_SSLv2, ctx.options)
22          ctx.options |= ssl.OP_NO_SSLv2
23          self.assertEqual(ssl.OP_ALL | ssl.OP_NO_SSLv2,
24                           ctx.options)
25 @@ -2152,17 +2152,17 @@ else:
26              try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True)
27              try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
28              try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
29 -            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
30 +            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
31              try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
32              try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
33              # SSLv23 client with specific SSL options
34              if no_sslv2_implies_sslv3_hello():
35                  # No SSLv2 => client will use an SSLv3 hello on recent OpenSSLs
36                  try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
37                                     client_options=ssl.OP_NO_SSLv2)
38 -            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True,
39 +            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
40                                 client_options=ssl.OP_NO_SSLv3)
41 -            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True,
42 +            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
43                                 client_options=ssl.OP_NO_TLSv1)
44  
45          @skip_if_broken_ubuntu_ssl
46 -- 
47 2.5.0
48