➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2018-09-13 23:11 by benjamin.peterson, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Messages (3) | |||
|---|---|---|---|
| msg325304 - (view) | Author: Benjamin Peterson (benjamin.peterson) *  |
Date: 2018-09-13 23:11 | |
I modified multissltests.py to enable-ssl2:
--- a/Tools/ssl/multissltests.py
+++ b/Tools/ssl/multissltests.py
@@ -275,7 +275,8 @@ class AbstractBuilder(object):
cmd = [
"./config",
"shared", "--debug",
- "--prefix={}".format(self.install_dir)
+ "--prefix={}".format(self.install_dir),
+ "enable-ssl2",
]
env = os.environ.copy()
This results in some test_ssl failures, which all seem to have the same root cause:
$ Tools/ssl/multissltests.py --openssl 1.0.2o
....
======================================================================
ERROR: test_constructor (test.test_ssl.ContextTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 965, in test_constructor
ssl.SSLContext(protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol (test.test_ssl.ContextTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 973, in test_protocol
ctx = ssl.SSLContext(proto)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_session_stats (test.test_ssl.ContextTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 1320, in test_session_stats
ctx = ssl.SSLContext(proto)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_echo (test.test_ssl.ThreadedTests) (protocol='PROTOCOL_SSLv2')
Basic test of an SSL client connecting to a server
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2569, in test_echo
context = ssl.SSLContext(protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol_sslv2 (test.test_ssl.ThreadedTests)
Connecting to an SSLv2 server with various client options
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2960, in test_protocol_sslv2
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True)
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2521, in try_protocol_combo
client_context = ssl.SSLContext(client_protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol_sslv3 (test.test_ssl.ThreadedTests)
Connecting to an SSLv3 server with various client options
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 3026, in test_protocol_sslv3
try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False)
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2521, in try_protocol_combo
client_context = ssl.SSLContext(client_protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol_tlsv1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1 server with various client options
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 3043, in test_protocol_tlsv1
try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False)
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2521, in try_protocol_combo
client_context = ssl.SSLContext(client_protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.1 server with various client options.
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 3058, in test_protocol_tlsv1_1
try_protocol_combo(ssl.PROTOCOL_TLSv1_1, ssl.PROTOCOL_SSLv2, False)
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2521, in try_protocol_combo
client_context = ssl.SSLContext(client_protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
======================================================================
ERROR: test_protocol_tlsv1_2 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.2 server with various client options.
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 3079, in test_protocol_tlsv1_2
try_protocol_combo(ssl.PROTOCOL_TLSv1_2, ssl.PROTOCOL_SSLv2, False)
File "/home/benjamin/dev/python/cpython/Lib/test/test_ssl.py", line 2521, in try_protocol_combo
client_context = ssl.SSLContext(client_protocol)
File "/home/benjamin/dev/python/cpython/Lib/ssl.py", line 388, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: [SSL: NO_CIPHER_MATCH] no cipher match (_ssl.c:3008)
----------------------------------------------------------------------
|
|||
| msg325311 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2018-09-14 00:00 | |
Benjamin and I discussed the issue face to face. Rather than fixing the tests, I'm going to remove support and tests for SSL 2.0. |
|||
| msg391308 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-04-17 19:31 | |
We are no longer testing with any OpenSSL version that has SSL 2.0 enabled or even available. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:05 | admin | set | github: 78850 |
| 2021-04-17 19:31:08 | christian.heimes | set | status: open -> closed resolution: out of date messages: + msg391308 stage: resolved |
| 2018-09-14 00:00:55 | christian.heimes | set | messages: + msg325311 |
| 2018-09-13 23:11:27 | benjamin.peterson | create | |