summaryrefslogtreecommitdiffstats
path: root/Tools/ssl
diff options
context:
space:
mode:
authorChristian Heimes <christian@python.org>2018-02-27 07:55:39 (GMT)
committerGitHub <noreply@github.com>2018-02-27 07:55:39 (GMT)
commit05d9fe32a1245b9a798e49e0c1eb91f110935b69 (patch)
tree91689b53a92b61a2a2d7441a5d51c118cf140538 /Tools/ssl
parent2fa6b9eae07e2385e2acbf2e40093a21fb3a10c4 (diff)
downloadcpython-05d9fe32a1245b9a798e49e0c1eb91f110935b69.zip
cpython-05d9fe32a1245b9a798e49e0c1eb91f110935b69.tar.gz
cpython-05d9fe32a1245b9a798e49e0c1eb91f110935b69.tar.bz2
bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes (#5663)
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by default. Some test cases only apply to TLS 1.2. Other tests currently fail because the threaded or async test servers stop after failure. I'm going to address these issues when OpenSSL 1.1.1 reaches beta. OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS 1.3. The feature is enabled by default for maximum compatibility with broken middle boxes. Users should be able to disable the hack and CPython's test suite needs it to verify default options. Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Tools/ssl')
-rwxr-xr-xTools/ssl/multissltests.py14
1 files changed, 5 insertions, 9 deletions
diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py
index 75874cf..70913c7 100755
--- a/Tools/ssl/multissltests.py
+++ b/Tools/ssl/multissltests.py
@@ -41,24 +41,20 @@ import tarfile
log = logging.getLogger("multissl")
OPENSSL_OLD_VERSIONS = [
- # "0.9.8zh",
- # "1.0.1u",
+ "1.0.2",
]
OPENSSL_RECENT_VERSIONS = [
- "1.0.2",
- "1.0.2m",
- "1.1.0g",
+ "1.0.2n",
+ "1.1.0g",
+ "1.1.1-pre1",
]
LIBRESSL_OLD_VERSIONS = [
- # "2.3.10",
- # "2.4.5",
]
LIBRESSL_RECENT_VERSIONS = [
- "2.5.3",
- "2.5.5",
+ # "2.6.5",
]
# store files in ../multissl