diff options
| author | Gregory P. Smith <greg@krypto.org> | 2024-12-29 06:32:32 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-12-29 06:32:32 (GMT) |
| commit | ffece5590e95e89d3b5b6847e3beb443ff65c3db (patch) | |
| tree | 85f113abce783268211a8ae9c6abc7b90e962f17 /Lib | |
| parent | c9159b7436363f0cfbddc3deae1bcf925b5c2d4b (diff) | |
| download | cpython-ffece5590e95e89d3b5b6847e3beb443ff65c3db.zip cpython-ffece5590e95e89d3b5b6847e3beb443ff65c3db.tar.gz cpython-ffece5590e95e89d3b5b6847e3beb443ff65c3db.tar.bz2 | |
gh-128192: mark new tests with skips based on hashlib algorithm availability (gh-128324)
Puts the _hashlib get_fips_mode logic check into test.support rather than spreading it out among other tests.
Diffstat (limited to 'Lib')
| -rw-r--r-- | Lib/test/support/__init__.py | 8 | ||||
| -rw-r--r-- | Lib/test/test_urllib2.py | 12 |
2 files changed, 19 insertions, 1 deletions
diff --git a/Lib/test/support/__init__.py b/Lib/test/support/__init__.py index cf3077f..42e7b87 100644 --- a/Lib/test/support/__init__.py +++ b/Lib/test/support/__init__.py @@ -2969,3 +2969,11 @@ def run_yielding_async_fn(async_fn, /, *args, **kwargs): return e.value finally: coro.close() + + +def is_libssl_fips_mode(): + try: + from _hashlib import get_fips_mode # ask _hashopenssl.c + except ImportError: + return False # more of a maybe, unless we add this to the _ssl module. + return get_fips_mode() != 0 diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py index 96d91c1..085b24c 100644 --- a/Lib/test/test_urllib2.py +++ b/Lib/test/test_urllib2.py @@ -27,6 +27,7 @@ from urllib.parse import urlsplit import urllib.error import http.client + support.requires_working_socket(module=True) # XXX @@ -1963,20 +1964,29 @@ class MiscTests(unittest.TestCase): self.assertRaises(ValueError, _parse_proxy, 'file:/ftp.example.com'), -class TestDigestAlgorithms(unittest.TestCase): +skip_libssl_fips_mode = unittest.skipIf( + support.is_libssl_fips_mode(), + "conservative skip due to OpenSSL FIPS mode possible algorithm nerfing", +) + + +class TestDigestAuthAlgorithms(unittest.TestCase): def setUp(self): self.handler = AbstractDigestAuthHandler() + @skip_libssl_fips_mode def test_md5_algorithm(self): H, KD = self.handler.get_algorithm_impls('MD5') self.assertEqual(H("foo"), "acbd18db4cc2f85cedef654fccc4a4d8") self.assertEqual(KD("foo", "bar"), "4e99e8c12de7e01535248d2bac85e732") + @skip_libssl_fips_mode def test_sha_algorithm(self): H, KD = self.handler.get_algorithm_impls('SHA') self.assertEqual(H("foo"), "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33") self.assertEqual(KD("foo", "bar"), "54dcbe67d21d5eb39493d46d89ae1f412d3bd6de") + @skip_libssl_fips_mode def test_sha256_algorithm(self): H, KD = self.handler.get_algorithm_impls('SHA-256') self.assertEqual(H("foo"), "2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae") |