blob: 39e1bcfc86227ac6a757a783a1bf69331bcba2ce (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 946a7969345c6697697effd226ec396d3fea05b7 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Fri, 28 Sep 2018 17:30:19 +0100
Subject: [PATCH 4/4] bpo-34836: fix test_default_ecdh_curve, needs no tlsv1.3.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
https://bugs.python.org/issue34836
Patch taken from Ubuntu.
Upstream-Status: Submitted [https://github.com/python/cpython/pull/9626]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
Lib/test/test_ssl.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index efc906a5ba..4a3286cd5f 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -2836,6 +2836,9 @@ else:
# should be enabled by default on SSL contexts.
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.load_cert_chain(CERTFILE)
+ # TLSv1.3 defaults to PFS key agreement and no longer has KEA in
+ # cipher name.
+ context.options |= ssl.OP_NO_TLSv1_3
# Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled
# explicitly using the 'ECCdraft' cipher alias. Otherwise,
# our default cipher list should prefer ECDH-based ciphers
--
2.17.1
|
