Try to fix buildbot failures on old OpenSSLs (< 1.0.0) - followup to issue #21015

2025-08-04 00:48:58 +00:00 · 2014-04-16 18:33:39 +02:00 · 2014-04-16 18:33:39 +02:00 · c043061667
commit c043061667
parent 7f84d1eb63
1 changed files with 6 additions and 1 deletions
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -2593,7 +2593,12 @@ else:
            # should be enabled by default on SSL contexts.
            context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
            context.load_cert_chain(CERTFILE)
-            context.set_ciphers("ECDH")
+            # Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled
+            # explicitly using the 'ECCdraft' cipher alias.  Otherwise,
+            # our default cipher list should prefer ECDH-based ciphers
+            # automatically.
+            if ssl.OPENSSL_VERSION_INFO < (1, 0, 0):
+                context.set_ciphers("ECCdraft:ECDH")
            with ThreadedEchoServer(context=context) as server:
                with context.wrap_socket(socket.socket()) as s:
                    s.connect((HOST, server.port))