[3.9] gh-94208: Add even more TLS version/protocol checks for FreeBSD (#98037)

author Łukasz Langa <lukasz@langa.pl>

Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)

committer GitHub <noreply@github.com>

Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)
author Łukasz Langa <lukasz@langa.pl>
Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)
committer GitHub <noreply@github.com>
Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)
diff --git a/.gitignore b/.gitignore

index 1ba44ec5d635b80994bfccb44563b727d53c260c..8d9717dd82101c5784ec5347c61e467eae04276a 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -140,5 +140,7 @@ Tools/ssl/win32
  # Artifacts generated by 3.11 lying around when switching branches:
  /_bootstrap_python
  /Programs/_freeze_module
+/Modules/Setup.bootstrap
+/Modules/Setup.stdlib
  /Python/deepfreeze/
  /Python/frozen_modules/ 
 \ No newline at end of file
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py

index 6faa2ee0bbe6b5054ccf6754d3ff40ee2e422f30..e270f44cf3fba7a85aeb57963215856a63a0f610 100644 (file)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1141,8 +1141,10 @@ class ContextTests(unittest.TestCase):
  
      def test_protocol(self):
          for proto in PROTOCOLS:
-            ctx = ssl.SSLContext(proto)
-            self.assertEqual(ctx.protocol, proto)
+            if has_tls_protocol(proto):
+                with warnings_helper.check_warnings():
+                    ctx = ssl.SSLContext(proto)
+                self.assertEqual(ctx.protocol, proto)
  
      def test_ciphers(self):
          ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
@@ -1524,7 +1526,10 @@ class ContextTests(unittest.TestCase):
  
      def test_session_stats(self):
          for proto in PROTOCOLS:
-            ctx = ssl.SSLContext(proto)
+            if not has_tls_protocol(proto):
+                continue
+            with warnings_helper.check_warnings():
+                ctx = ssl.SSLContext(proto)
              self.assertEqual(ctx.session_stats(), {
                  'number': 0,
                  'connect': 0,
@@ -1715,13 +1720,14 @@ class ContextTests(unittest.TestCase):
              self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
              self._assert_context_options(ctx)
  
-        ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
-                                         cert_reqs=ssl.CERT_REQUIRED,
-                                         check_hostname=True)
-        self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
-        self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
-        self.assertTrue(ctx.check_hostname)
-        self._assert_context_options(ctx)
+            with warnings_helper.check_warnings():
+                ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
+                                                cert_reqs=ssl.CERT_REQUIRED,
+                                                check_hostname=True)
+            self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
+            self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
+            self.assertTrue(ctx.check_hostname)
+            self._assert_context_options(ctx)
  
          ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH)
          self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLS)
author	Łukasz Langa <lukasz@langa.pl>
	Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)
committer	GitHub <noreply@github.com>
	Fri, 7 Oct 2022 18:49:28 +0000 (11:49 -0700)
.gitignore		patch \| blob \| blame \| history
Lib/test/test_ssl.py		patch \| blob \| blame \| history