gh-128192: mark new tests with skips based on hashlib algorithm availability (gh...

author Gregory P. Smith <greg@krypto.org>

Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)

committer GitHub <noreply@github.com>

Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)
author Gregory P. Smith <greg@krypto.org>
Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)
committer GitHub <noreply@github.com>
Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)
diff --git a/Lib/test/support/__init__.py b/Lib/test/support/__init__.py

index cf3077f2a4a4092d0f0e40311da5c373559e9975..42e7b876594fa70d23d8ef2138f5881252a8ccfb 100644 (file)
--- a/Lib/test/support/__init__.py
+++ b/Lib/test/support/__init__.py
@@ -2969,3 +2969,11 @@ def run_yielding_async_fn(async_fn, /, *args, **kwargs):
                  return e.value
      finally:
          coro.close()
+
+
+def is_libssl_fips_mode():
+    try:
+        from _hashlib import get_fips_mode  # ask _hashopenssl.c
+    except ImportError:
+        return False  # more of a maybe, unless we add this to the _ssl module.
+    return get_fips_mode() != 0
diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py

index 96d91c1f1c2f8a0007a4976c1891ab4cc46606ce..085b24c25b2daaded2e1669543dfdf80e9282570 100644 (file)
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -27,6 +27,7 @@ from urllib.parse import urlsplit
  import urllib.error
  import http.client
  
+
  support.requires_working_socket(module=True)
  
  # XXX
@@ -1963,20 +1964,29 @@ class MiscTests(unittest.TestCase):
          self.assertRaises(ValueError, _parse_proxy, 'file:/ftp.example.com'),
  
  
-class TestDigestAlgorithms(unittest.TestCase):
+skip_libssl_fips_mode = unittest.skipIf(
+    support.is_libssl_fips_mode(),
+    "conservative skip due to OpenSSL FIPS mode possible algorithm nerfing",
+)
+
+
+class TestDigestAuthAlgorithms(unittest.TestCase):
      def setUp(self):
          self.handler = AbstractDigestAuthHandler()
  
+    @skip_libssl_fips_mode
      def test_md5_algorithm(self):
          H, KD = self.handler.get_algorithm_impls('MD5')
          self.assertEqual(H("foo"), "acbd18db4cc2f85cedef654fccc4a4d8")
          self.assertEqual(KD("foo", "bar"), "4e99e8c12de7e01535248d2bac85e732")
  
+    @skip_libssl_fips_mode
      def test_sha_algorithm(self):
          H, KD = self.handler.get_algorithm_impls('SHA')
          self.assertEqual(H("foo"), "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33")
          self.assertEqual(KD("foo", "bar"), "54dcbe67d21d5eb39493d46d89ae1f412d3bd6de")
  
+    @skip_libssl_fips_mode
      def test_sha256_algorithm(self):
          H, KD = self.handler.get_algorithm_impls('SHA-256')
          self.assertEqual(H("foo"), "2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae")
author	Gregory P. Smith <greg@krypto.org>
	Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)
committer	GitHub <noreply@github.com>
	Sun, 29 Dec 2024 06:32:32 +0000 (22:32 -0800)
Lib/test/support/__init__.py		patch \| blob \| blame \| history
Lib/test/test_urllib2.py		patch \| blob \| blame \| history