From: Antoine Pitrou <solipsis@pitrou.net>
Date: Thu, 9 Jan 2014 20:30:17 +0000 (+0100)
Subject: Try to fix test_ssl failures on some buildbots
X-Git-Tag: v3.4.0b3~196
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ba44860c118f375c81db1f82ac4714992a37a22e;p=thirdparty%2FPython%2Fcpython.git

Try to fix test_ssl failures on some buildbots
---

ba44860c118f375c81db1f82ac4714992a37a22e
diff --cc Lib/test/test_ssl.py
index 34e86767562f,9fc6027afb44..0dc04c08eaef
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@@ -1859,18 -1440,15 +1859,18 @@@ else
                                ssl.get_protocol_name(server_protocol),
                                certtype))
          client_context = ssl.SSLContext(client_protocol)
-         client_context.options = ssl.OP_ALL | client_options
+         client_context.options |= client_options
          server_context = ssl.SSLContext(server_protocol)
-         server_context.options = ssl.OP_ALL | server_options
+         server_context.options |= server_options
 +
 +        # NOTE: we must enable "ALL" ciphers on the client, otherwise an
 +        # SSLv23 client will send an SSLv3 hello (rather than SSLv2)
 +        # starting from OpenSSL 1.0.0 (see issue #8322).
 +        if client_context.protocol == ssl.PROTOCOL_SSLv23:
 +            client_context.set_ciphers("ALL")
 +
          for ctx in (client_context, server_context):
              ctx.verify_mode = certsreqs
 -            # NOTE: we must enable "ALL" ciphers, otherwise an SSLv23 client
 -            # will send an SSLv3 hello (rather than SSLv2) starting from
 -            # OpenSSL 1.0.0 (see issue #8322).
 -            ctx.set_ciphers("ALL")
              ctx.load_cert_chain(CERTFILE)
              ctx.load_verify_locations(CERTFILE)
          try: