bpo-34271: Fix compatibility with 1.0.2 (GH-13728)

Fix various compatibility issues with LibreSSL and OpenSSL 1.0.2 introduced by bpo-34271. Signed-off-by: Christian Heimes <christian@python.org>
2025-08-31 05:58:33 +00:00 · 2019-06-03 20:40:15 +02:00 · 2019-06-03 20:40:15 +02:00 · e35d1ba9ea
commit e35d1ba9ea
parent 06651ee418
4 changed files with 22 additions and 46 deletions
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -3703,7 +3703,7 @@ class ThreadedTests(unittest.TestCase):
        # client 1.0, server 1.2 (mismatch)
        server_context.minimum_version = ssl.TLSVersion.TLSv1_2
        server_context.maximum_version = ssl.TLSVersion.TLSv1_2
-        client_context.minimum_version = ssl.TLSVersion.TLSv1
+        client_context.maximum_version = ssl.TLSVersion.TLSv1
        client_context.maximum_version = ssl.TLSVersion.TLSv1
        with ThreadedEchoServer(context=server_context) as server:
            with client_context.wrap_socket(socket.socket(),
@ -4529,50 +4529,16 @@ class TestSSLDebug(unittest.TestCase):
                                            server_hostname=hostname) as s:
                s.connect((HOST, server.port))

-        self.assertEqual(msg, [
-            ("write", TLSVersion.TLSv1, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CLIENT_HELLO),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.SERVER_HELLO),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CERTIFICATE),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
+        self.assertIn(
            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
             _TLSMessageType.SERVER_KEY_EXCHANGE),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.SERVER_DONE),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.CLIENT_KEY_EXCHANGE),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.FINISHED),
+            msg
+        )
+        self.assertIn(
            ("write", TLSVersion.TLSv1_2, _TLSContentType.CHANGE_CIPHER_SPEC,
             _TLSMessageType.CHANGE_CIPHER_SPEC),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("write", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.FINISHED),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.NEWSESSION_TICKET),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.FINISHED),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HEADER,
-             _TLSMessageType.CERTIFICATE_STATUS),
-            ("read", TLSVersion.TLSv1_2, _TLSContentType.HANDSHAKE,
-             _TLSMessageType.FINISHED),
-        ])
+            msg
+        )


 def test_main(verbose=False):