rpms / python

Clone
Source Code
GIT

Blame SOURCES/00229-Expect-a-failure-when-trying-to-connect-with-SSLv2-c.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c7-sig-altarch-armhfp
  1.   925e6bd14c0f90e86ee8a85976e1ebdacb7c5371
  2.   SOURCES
  3.   00229-Expect-a-failure-when-trying-to-connect-with-SSLv2-c.patch
Blob History Raw
925e6b 
From a1d7acf899fccd0eda10e011e2d11d1d81c2d9e6 Mon Sep 17 00:00:00 2001
925e6b 
From: Robert Kuska <rkuska@redhat.com>
925e6b 
Date: Wed, 9 Mar 2016 20:16:17 +0100
925e6b 
Subject: [PATCH] Expect a failure when trying to connect with SSLv2 client to
925e6b 
 SSLv23 server. Default value of options in tests enchanced to reflect SSLv2
925e6b 
 being disabled
925e6b
925e6b 
---
925e6b 
 Lib/test/test_ssl.py | 4 ++--
925e6b 
 1 file changed, 2 insertions(+), 2 deletions(-)
925e6b
925e6b 
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
925e6b 
index 11122db..b2ba186 100644
925e6b 
--- a/Lib/test/test_ssl.py
925e6b 
+++ b/Lib/test/test_ssl.py
925e6b 
@@ -691,7 +691,7 @@ class ContextTests(unittest.TestCase):
925e6b 
     @skip_if_broken_ubuntu_ssl
925e6b 
     def test_options(self):
925e6b 
         ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
925e6b 
-        self.assertEqual(ssl.OP_ALL, ctx.options)
925e6b 
+        self.assertEqual(ssl.OP_ALL | ssl.OP_NO_SSLv2, ctx.options)
925e6b 
         ctx.options |= ssl.OP_NO_SSLv2
925e6b 
         self.assertEqual(ssl.OP_ALL | ssl.OP_NO_SSLv2,
925e6b 
                          ctx.options)
925e6b 
@@ -2152,17 +2152,17 @@ else:
925e6b 
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True)
925e6b 
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
925e6b 
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
925e6b 
-            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
925e6b 
+            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
925e6b 
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
925e6b 
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
925e6b 
             # SSLv23 client with specific SSL options
925e6b 
             if no_sslv2_implies_sslv3_hello():
925e6b 
                 # No SSLv2 => client will use an SSLv3 hello on recent OpenSSLs
925e6b 
                 try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
925e6b 
                                    client_options=ssl.OP_NO_SSLv2)
925e6b 
-            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True,
925e6b 
+            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
925e6b 
                                client_options=ssl.OP_NO_SSLv3)
925e6b 
-            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True,
925e6b 
+            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False,
925e6b 
                                client_options=ssl.OP_NO_TLSv1)
925e6b
925e6b 
         @skip_if_broken_ubuntu_ssl
925e6b 
--
925e6b 
2.5.0
925e6b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation