File openSSL_111d.patch of Package python-pyOpenSSL.12809
--- a/tests/test_crypto.py
+++ b/tests/test_crypto.py
@@ -573,7 +573,7 @@ def x509_data():
"""
# Basic setup stuff to generate a certificate
pkey = PKey()
- pkey.generate_key(TYPE_RSA, 384)
+ pkey.generate_key(TYPE_RSA, 2048)
req = X509Req()
req.set_pubkey(pkey)
# Authority good you have.
@@ -3168,7 +3168,8 @@ class TestCRL(object):
text.index(b'Serial Number: 03AB')
text.index(b'Superseded')
text.index(
- b'Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'
+ # b'Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'
+ b'Testing Root CA'
)
def test_export_der(self):
@@ -3189,7 +3190,8 @@ class TestCRL(object):
text.index(b'Serial Number: 03AB')
text.index(b'Superseded')
text.index(
- b'Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'
+ # b'Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'
+ b'Testing Root CA'
)
# Flaky because we compare the output of running commands which sometimes
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -2489,7 +2489,8 @@ class TestConnection(object):
"""
key = load_privatekey(FILETYPE_PEM, server_key_pem)
cert = load_certificate(FILETYPE_PEM, server_cert_pem)
- ctx = Context(SSLv23_METHOD)
+ # This doesn't make sense for TLSv1.3, so we don't do it.
+ ctx = Context(TLSv1_2_METHOD)
ctx.use_privatekey(key)
ctx.use_certificate(cert)
ctx.set_session_id("unity-test")
@@ -3145,6 +3146,8 @@ class TestConnectionRenegotiate(object):
connection = Connection(Context(TLSv1_METHOD), None)
assert connection.total_renegotiations() == 0
+ @pytest.mark.skipif(OPENSSL_VERSION_NUMBER > 0x10101000,
+ reason="renegotiation is removed from TLS1.3")
def test_renegotiate(self):
"""
Go through a complete renegotiation cycle.
