Overview

File bpo-36576-skip_tests_for_OpenSSL-111.patch of Package python.13174

From 6f582ba86532d842f4b9fe55427488d2ac9dd229 Mon Sep 17 00:00:00 2001
From: Victor Stinner <vstinner@redhat.com>
Date: Fri, 5 Apr 2019 10:23:04 +0200
Subject: [PATCH] bpo-36576: Skip test_ssl and test_asyncio tests failing with
 OpenSSL 1.1.1

Some test_ssl and test_asyncio are written for OpenSSL 1.0 and TLS
1.0, but fail with OpenSSL 1.1.1 and TLS 1.3.

Fixing these needs require to backport new ssl flags like
ssl.OP_NO_TLSv1_3 or ssl.OP_NO_COMPRESSION which cannot be done in a
minor 3.5.x release. Moreover, it is not really worth it: the code
works fine, issues are in the tests.
---
 Lib/test/test_asyncio/test_events.py                       | 7 +++++++
 Lib/test/test_ssl.py                                       | 5 +++++
 .../next/Tests/2019-04-05-10-34-29.bpo-36576.7Cp2kK.rst    | 1 +
 3 files changed, 13 insertions(+)
 create mode 100644 Misc/NEWS.d/next/Tests/2019-04-05-10-34-29.bpo-36576.7Cp2kK.rst

--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -28,6 +28,7 @@ PROTOCOLS = sorted(ssl._PROTOCOL_NAMES)
 HOST = support.HOST
 IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL')
 IS_OPENSSL_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0)
+IS_OPENSSL_1_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1)
 
 
 def data_file(*name):
@@ -786,6 +787,7 @@ class ContextTests(unittest.TestCase):
             ctx.set_ciphers("^$:,;?*'dorothyx")
 
     @skip_if_broken_ubuntu_ssl
+    @unittest.skipIf(IS_OPENSSL_1_1_1, "bpo-36576: fail on OpenSSL 1.1.1")
     def test_options(self):
         ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
         # OP_ALL | OP_NO_SSLv2 | OP_NO_SSLv3 is the default value
@@ -2835,6 +2837,7 @@ else:
                 self.assertIs(s.version(), None)
 
         @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL")
+        @unittest.skipIf(IS_OPENSSL_1_1_1, "bpo-36576: fail on OpenSSL 1.1.1")
         def test_default_ecdh_curve(self):
             # Issue #21015: elliptic curve-based Diffie Hellman key exchange
             # should be enabled by default on SSL contexts.
@@ -2964,6 +2967,7 @@ else:
             self.assertIs(stats['client_alpn_protocol'], None)
 
         @unittest.skipUnless(ssl.HAS_ALPN, "ALPN support needed for this test")
+        @unittest.skipIf(IS_OPENSSL_1_1_1, "bpo-36576: fail on OpenSSL 1.1.1")
         def test_alpn_protocols(self):
             server_protocols = ['foo', 'bar', 'milkshake']
             protocol_tests = [
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2019-04-05-10-34-29.bpo-36576.7Cp2kK.rst
@@ -0,0 +1 @@
+Skip test_ssl and test_asyncio tests failing with OpenSSL 1.1.1.
openSUSE Build Service is sponsored by
Places