diff options
| author | matthewhughes934 <34972397+matthewhughes934@users.noreply.github.com> | 2020-07-17 08:59:15 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-17 08:59:15 (GMT) |
| commit | 8e836bb21ce73f0794fd769db5883c29680dfe47 (patch) | |
| tree | b19c7a0296b157bb6654f175ff608b61521a4910 /Lib | |
| parent | 38d3864efe914fda64553e2ec75c9ec15574483f (diff) | |
| download | cpython-8e836bb21ce73f0794fd769db5883c29680dfe47.zip cpython-8e836bb21ce73f0794fd769db5883c29680dfe47.tar.gz cpython-8e836bb21ce73f0794fd769db5883c29680dfe47.tar.bz2 | |
bpo-41195: Add getter for Openssl security level (GH-21282)
Add an accessor under SSLContext.security_level as a wrapper around
SSL_CTX_get_security_level, see:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_get_security_level.html
------
This is my first time contributing, so please pull me up on all the things I missed or did incorrectly.
Automerge-Triggered-By: @tiran
Diffstat (limited to 'Lib')
| -rw-r--r-- | Lib/test/test_ssl.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index ecb6049..de778d3 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -1270,6 +1270,25 @@ class ContextTests(unittest.TestCase): ctx.maximum_version = ssl.TLSVersion.TLSv1 + @unittest.skipUnless( + hasattr(ssl.SSLContext, 'security_level'), + "requires OpenSSL >= 1.1.0" + ) + def test_security_level(self): + ctx = ssl.SSLContext() + # The default security callback allows for levels between 0-5 + # with OpenSSL defaulting to 1, however some vendors override the + # default value (e.g. Debian defaults to 2) + security_level_range = { + 0, + 1, # OpenSSL default + 2, # Debian + 3, + 4, + 5, + } + self.assertIn(ctx.security_level, security_level_range) + @unittest.skipUnless(have_verify_flags(), "verify_flags need OpenSSL > 0.9.8") def test_verify_flags(self): |