[3.9] gh-94208: Add even more TLS version/protocol checks for FreeBSD (#98037)

Otherwise, buildbot builds would fail since there's no TLS 1.0/1.1 support.
2025-07-07 19:35:27 +00:00 · 2022-10-07 11:49:28 -07:00 · 2022-10-07 11:49:28 -07:00 · da1fe3873a
commit da1fe3873a
parent 77796d058e
2 changed files with 18 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -140,5 +140,7 @@ Tools/ssl/win32
 # Artifacts generated by 3.11 lying around when switching branches:
 /_bootstrap_python
 /Programs/_freeze_module
+/Modules/Setup.bootstrap
+/Modules/Setup.stdlib
 /Python/deepfreeze/
 /Python/frozen_modules/ 
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -1141,8 +1141,10 @@ class ContextTests(unittest.TestCase):

    def test_protocol(self):
        for proto in PROTOCOLS:
-            ctx = ssl.SSLContext(proto)
-            self.assertEqual(ctx.protocol, proto)
+            if has_tls_protocol(proto):
+                with warnings_helper.check_warnings():
+                    ctx = ssl.SSLContext(proto)
+                self.assertEqual(ctx.protocol, proto)

    def test_ciphers(self):
        ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
@ -1524,7 +1526,10 @@ class ContextTests(unittest.TestCase):

    def test_session_stats(self):
        for proto in PROTOCOLS:
-            ctx = ssl.SSLContext(proto)
+            if not has_tls_protocol(proto):
+                continue
+            with warnings_helper.check_warnings():
+                ctx = ssl.SSLContext(proto)
            self.assertEqual(ctx.session_stats(), {
                'number': 0,
                'connect': 0,
@ -1715,13 +1720,14 @@ class ContextTests(unittest.TestCase):
            self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
            self._assert_context_options(ctx)

-        ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
-                                         cert_reqs=ssl.CERT_REQUIRED,
-                                         check_hostname=True)
-        self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
-        self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
-        self.assertTrue(ctx.check_hostname)
-        self._assert_context_options(ctx)
+            with warnings_helper.check_warnings():
+                ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1,
+                                                cert_reqs=ssl.CERT_REQUIRED,
+                                                check_hostname=True)
+            self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
+            self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
+            self.assertTrue(ctx.check_hostname)
+            self._assert_context_options(ctx)

        ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH)
        self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLS)