diff options
Diffstat (limited to 'meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch')
-rw-r--r-- | meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch b/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch new file mode 100644 index 0000000000..39e1bcfc86 --- /dev/null +++ b/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch @@ -0,0 +1,34 @@ +From 946a7969345c6697697effd226ec396d3fea05b7 Mon Sep 17 00:00:00 2001 +From: Dimitri John Ledkov <xnox@ubuntu.com> +Date: Fri, 28 Sep 2018 17:30:19 +0100 +Subject: [PATCH 4/4] bpo-34836: fix test_default_ecdh_curve, needs no tlsv1.3. + +Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> + +https://bugs.python.org/issue34836 + +Patch taken from Ubuntu. +Upstream-Status: Submitted [https://github.com/python/cpython/pull/9626] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index efc906a5ba..4a3286cd5f 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -2836,6 +2836,9 @@ else: + # should be enabled by default on SSL contexts. + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + context.load_cert_chain(CERTFILE) ++ # TLSv1.3 defaults to PFS key agreement and no longer has KEA in ++ # cipher name. ++ context.options |= ssl.OP_NO_TLSv1_3 + # Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled + # explicitly using the 'ECCdraft' cipher alias. Otherwise, + # our default cipher list should prefer ECDH-based ciphers +-- +2.17.1 + |