mirror of
https://git.yoctoproject.org/poky
synced 2026-02-26 03:19:41 +01:00
2b4dce4925
Backport two and pick some other in-review patches from Ubuntu to fix ssl test failures because of OpenSSL 1.1.x changes. Fixes [YOCTO #12788] (From OE-Core rev: 4f4bbb936231dd30c3745ef573993f1062937ffd) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
35 lines
1.2 KiB
Diff
35 lines
1.2 KiB
Diff
From 946a7969345c6697697effd226ec396d3fea05b7 Mon Sep 17 00:00:00 2001
|
|
From: Dimitri John Ledkov <xnox@ubuntu.com>
|
|
Date: Fri, 28 Sep 2018 17:30:19 +0100
|
|
Subject: [PATCH 4/4] bpo-34836: fix test_default_ecdh_curve, needs no tlsv1.3.
|
|
|
|
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
|
|
|
|
https://bugs.python.org/issue34836
|
|
|
|
Patch taken from Ubuntu.
|
|
Upstream-Status: Submitted [https://github.com/python/cpython/pull/9626]
|
|
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
---
|
|
Lib/test/test_ssl.py | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
|
|
index efc906a5ba..4a3286cd5f 100644
|
|
--- a/Lib/test/test_ssl.py
|
|
+++ b/Lib/test/test_ssl.py
|
|
@@ -2836,6 +2836,9 @@ else:
|
|
# should be enabled by default on SSL contexts.
|
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
|
context.load_cert_chain(CERTFILE)
|
|
+ # TLSv1.3 defaults to PFS key agreement and no longer has KEA in
|
|
+ # cipher name.
|
|
+ context.options |= ssl.OP_NO_TLSv1_3
|
|
# Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled
|
|
# explicitly using the 'ECCdraft' cipher alias. Otherwise,
|
|
# our default cipher list should prefer ECDH-based ciphers
|
|
--
|
|
2.17.1
|
|
|