From 65ec8ae47fa4bb0a3c2ef815ca1b03f3519398bc Mon Sep 17 00:00:00 2001 From: Antoine Pitrou Date: Sun, 16 May 2010 19:56:32 +0000 Subject: Fix (hopefully) the remaining test_ssl buildbot failures --- Lib/test/test_ssl.py | 4 ++-- Modules/_ssl.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 6cd3a5e..36ed3aa 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -142,7 +142,7 @@ class BasicSocketTests(unittest.TestCase): # Error checking can happen at instantiation or when connecting with self.assertRaisesRegexp(ssl.SSLError, "No cipher can be selected"): s = ssl.wrap_socket(socket.socket(socket.AF_INET), - cert_reqs=ssl.CERT_NONE, ciphers="^$:,;?*'dorothyx") + cert_reqs=ssl.CERT_NONE, ciphers="xyzzy") s.connect(remote) @support.cpython_only @@ -186,7 +186,7 @@ class ContextTests(unittest.TestCase): ctx.set_ciphers("ALL") ctx.set_ciphers("DEFAULT") with self.assertRaisesRegexp(ssl.SSLError, "No cipher can be selected"): - ctx.set_ciphers("^$:,;?*'dorothyx") + ctx.set_ciphers("xyzzy") def test_verify(self): ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 96d79b3..39fec7b 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1462,6 +1462,10 @@ set_ciphers(PySSLContext *self, PyObject *args) return NULL; ret = SSL_CTX_set_cipher_list(self->ctx, cipherlist); if (ret == 0) { + /* Clearing the error queue is necessary on some OpenSSL versions, + otherwise the error will be reported again when another SSL call + is done. */ + ERR_clear_error(); PyErr_SetString(PySSLErrorObject, "No cipher can be selected."); return NULL; -- cgit v0.12