From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Date: Tue, 1 Apr 2025 08:22:28 +0000 (+0200)
Subject: [3.13] gh-131736: only apply `security_level` workaround in `test_ssl` for security... 
X-Git-Tag: v3.13.3~51
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=05e7fa2c2f74c82fd93ab40fc3abf2be4584c97b;p=thirdparty%2FPython%2Fcpython.git

[3.13] gh-131736: only apply `security_level` workaround in `test_ssl` for security levels greater than 1 (GH-131739) (#131967)

gh-131736: only apply `security_level` workaround in `test_ssl` for security levels greater than 1 (GH-131739)
(cherry picked from commit 3b3720f1a26ab34377542b48eb6a6565f78ff892)

Co-authored-by: Will Childs-Klein <willck93@gmail.com>
---

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 4d7f5cc95c4c..dfd5d2a0b2c7 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -183,7 +183,8 @@ if is_ubuntu():
         for ctx in ctxs:
             if (
                 hasattr(ctx, "minimum_version") and
-                ctx.minimum_version <= ssl.TLSVersion.TLSv1_1
+                ctx.minimum_version <= ssl.TLSVersion.TLSv1_1 and
+                ctx.security_level > 1
             ):
                 ctx.set_ciphers("@SECLEVEL=1:ALL")
 else: