diff options
| author | Antoine Pitrou <solipsis@pitrou.net> | 2014-04-16 16:34:01 (GMT) |
|---|---|---|
| committer | Antoine Pitrou <solipsis@pitrou.net> | 2014-04-16 16:34:01 (GMT) |
| commit | 0fba0c3ebfc8f5feed517783231bdff1e4a3e1a7 (patch) | |
| tree | 6211db370411b288c7d75457f38e915504a0d1a7 | |
| parent | f5a429295d855267c33c5ef110fbf05ee7a3013e (diff) | |
| parent | c04306166711bd0a12a4cf3f1b8c68fd0fb7e959 (diff) | |
| download | cpython-0fba0c3ebfc8f5feed517783231bdff1e4a3e1a7.zip cpython-0fba0c3ebfc8f5feed517783231bdff1e4a3e1a7.tar.gz cpython-0fba0c3ebfc8f5feed517783231bdff1e4a3e1a7.tar.bz2 | |
Try to fix buildbot failures on old OpenSSLs (< 1.0.0) - followup to issue #21015
| -rw-r--r-- | Lib/test/test_ssl.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 331d6ba..2b3de1f 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -2593,7 +2593,12 @@ else: # should be enabled by default on SSL contexts. context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) context.load_cert_chain(CERTFILE) - context.set_ciphers("ECDH") + # Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled + # explicitly using the 'ECCdraft' cipher alias. Otherwise, + # our default cipher list should prefer ECDH-based ciphers + # automatically. + if ssl.OPENSSL_VERSION_INFO < (1, 0, 0): + context.set_ciphers("ECCdraft:ECDH") with ThreadedEchoServer(context=context) as server: with context.wrap_socket(socket.socket()) as s: s.connect((HOST, server.port)) |