bpo-34271: Fix compatibility with 1.0.2 (GH-13728)

Fix various compatibility issues with LibreSSL and OpenSSL 1.0.2 introduced by bpo-34271. Signed-off-by: Christian Heimes <christian@python.org>
author: Christian Heimes <christian@python.org> 2019-06-03 18:40:15 (GMT)
committer: GitHub <noreply@github.com> 2019-06-03 18:40:15 (GMT)
commit: e35d1ba9eab07a59b98b700c5e18ceb13b2561a6 (patch)
tree: 0da0371df248afc4d45c4976c6213f44e000eda5 /Lib
parent: 06651ee418b5e4e013195d6b702763a1220706a7 (diff)
download: cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.zip
cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.tar.gz
cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.tar.bz2
2 files changed, 10 insertions, 44 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 4afa46e..61bd775 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -658,12 +658,12 @@ class SSLContext(_SSLContext):
         def inner(conn, direction, version, content_type, msg_type, data):
             try:
                 version = TLSVersion(version)
-            except TypeError:
+            except ValueError:
                 pass
 
             try:
                 content_type = _TLSContentType(content_type)
-            except TypeError:
+            except ValueError:
                 pass
 
             if content_type == _TLSContentType.HEADER:
@@ -674,7 +674,7 @@ class SSLContext(_SSLContext):
                 msg_enum = _TLSMessageType
             try:
                 msg_type = msg_enum(msg_type)
-            except TypeError:
+            except ValueError:
                 pass
 
             return callback(conn, direction, version,
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index a72d791..455a12e 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -3703,7 +3703,7 @@ class ThreadedTests(unittest.TestCase):
         # client 1.0, server 1.2 (mismatch)
         server_context.minimum_version = ssl.TLSVersion.TLSv1_2
         server_context.maximum_version = ssl.TLSVersion.TLSv1_2
-        client_context.minimum_version = ssl.TLSVersion.TLSv1
+        client_context.maximum_version = ssl.TLSVersion.TLSv1
         client_context.maximum_version = ssl.TLSVersion.TLSv1
         with ThreadedEchoServer(context=server_context) as server:
             with client_context.wrap_socket(socket.socket(),
@@ -4529,50 +4529,16 @@ class TestSSLDebug(unittest.TestCase):
                                             server_hostname=hostname) as s:
                 s.connect((HOST, server.port))
 
-        self.assertEqual(msg, [
-            ("write", TLSVersion.TLSv1, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CLIENT_HELLO),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.SERVER_HELLO),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CERTIFICATE),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
+        self.assertIn(
             ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
              _TLSMessageType.SERVER_KEY_EXCHANGE),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.SERVER_DONE),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CLIENT_KEY_EXCHANGE),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.FINISHED),
+            msg
+        )
+        self.assertIn(
             ("write", TLSVersion.TLSv1_2, _TLSContentType.CHANGE_CIPHER_SPEC,
              _TLSMessageType.CHANGE_CIPHER_SPEC),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.FINISHED),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.NEWSESSION_TICKET),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.FINISHED),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.FINISHED),
-        ])
+            msg
+        )
 
 
 def test_main(verbose=False):
author	Christian Heimes <christian@python.org>	2019-06-03 18:40:15 (GMT)
committer	GitHub <noreply@github.com>	2019-06-03 18:40:15 (GMT)
commit	e35d1ba9eab07a59b98b700c5e18ceb13b2561a6 (patch)
tree	0da0371df248afc4d45c4976c6213f44e000eda5 /Lib
parent	06651ee418b5e4e013195d6b702763a1220706a7 (diff)
download	cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.zip cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.tar.gz cpython-e35d1ba9eab07a59b98b700c5e18ceb13b2561a6.tar.bz2