diff options
author | Christian Heimes <christian@python.org> | 2018-05-23 20:24:45 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-23 20:24:45 (GMT) |
commit | 529525fb5a8fd9b96ab4021311a598c77588b918 (patch) | |
tree | eeac65af9dbfed139cb87c514523b653dd6b4f73 /Tools/ssl | |
parent | 28b9178023a445b1da2694774c265cd4b7a244ec (diff) | |
download | cpython-529525fb5a8fd9b96ab4021311a598c77588b918.zip cpython-529525fb5a8fd9b96ab4021311a598c77588b918.tar.gz cpython-529525fb5a8fd9b96ab4021311a598c77588b918.tar.bz2 |
bpo-33618: Enable TLS 1.3 in tests (GH-7079)
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.
To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.
Signed-off-by: Christian Heimes <christian@python.org>
Diffstat (limited to 'Tools/ssl')
-rwxr-xr-x | Tools/ssl/multissltests.py | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py index bbc5c66..c4ebe31 100755 --- a/Tools/ssl/multissltests.py +++ b/Tools/ssl/multissltests.py @@ -47,7 +47,7 @@ OPENSSL_OLD_VERSIONS = [ OPENSSL_RECENT_VERSIONS = [ "1.0.2o", "1.1.0h", - "1.1.1-pre6", + # "1.1.1-pre7", ] LIBRESSL_OLD_VERSIONS = [ @@ -73,7 +73,7 @@ parser = argparse.ArgumentParser( parser.add_argument( '--debug', action='store_true', - help="Enable debug mode", + help="Enable debug logging", ) parser.add_argument( '--disable-ancient', @@ -130,6 +130,18 @@ parser.add_argument( default='', help="Override the automatic system type detection." ) +parser.add_argument( + '--force', + action='store_true', + dest='force', + help="Force build and installation." +) +parser.add_argument( + '--keep-sources', + action='store_true', + dest='keep_sources', + help="Keep original sources for debugging." +) class AbstractBuilder(object): @@ -260,26 +272,31 @@ class AbstractBuilder(object): """Now build openssl""" log.info("Running build in {}".format(self.build_dir)) cwd = self.build_dir - cmd = ["./config", "shared", "--prefix={}".format(self.install_dir)] - env = None + cmd = [ + "./config", + "shared", "--debug", + "--prefix={}".format(self.install_dir) + ] + env = os.environ.copy() + # set rpath + env["LD_RUN_PATH"] = self.lib_dir if self.system: - env = os.environ.copy() env['SYSTEM'] = self.system self._subprocess_call(cmd, cwd=cwd, env=env) # Old OpenSSL versions do not support parallel builds. self._subprocess_call(["make", "-j1"], cwd=cwd, env=env) - def _make_install(self, remove=True): + def _make_install(self): self._subprocess_call( ["make", "-j1", self.install_target], cwd=self.build_dir ) - if remove: + if not self.args.keep_sources: shutil.rmtree(self.build_dir) def install(self): log.info(self.openssl_cli) - if not self.has_openssl: + if not self.has_openssl or self.args.force: if not self.has_src: self._download_src() else: |