Skip to content

[3.12] gh-116333: Relax error string text expectations in SSL-related tests (GH-116334) #117136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 21, 2024
Merged

[3.12] gh-116333: Relax error string text expectations in SSL-related tests (GH-116334) #117136

merged 1 commit into from
Mar 21, 2024

Conversation

miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Mar 21, 2024
edited by bedevere-app bot
Loading

  • Relax error string text expectations in SSL-related tests

As suggested here, this change relaxes the OpenSSL error string
text expectations in a number of tests. This was specifically done in
support of more easily building CPython AWS-LC, but because AWS-LC
is a fork of BoringSSL, it should increase compatibility with that
library as well.

In addition to the error string relaxations, we also add some guards
around the tls-unique channel binding being used with TLSv1.3, as that
feature (described in RFC 6929) is not defined for TLSv1.3.

Co-authored-by: Will Childs-Klein [email protected]

@WillChilds-Klein @miss-islington
pythongh-116333: Relax error string text expectations in SSL-related …
87a9db6 
…tests (pythonGH-116334)

* Relax error string text expectations in SSL-related tests

As suggested [here][1], this change relaxes the OpenSSL error string
text expectations in a number of tests. This was specifically done in
support of more easily building CPython [AWS-LC][2], but because AWS-LC
is a fork of [BoringSSL][3], it should increase compatibility with that
library as well.

In addition to the error string relaxations, we also add some guards
around the `tls-unique` channel binding being used with TLSv1.3, as that
feature (described in [RFC 6929][4]) is [not defined][5] for TLSv1.3.

[1]: https://discuss.python.org/t/support-building-ssl-and-hashlib-modules-against-aws-lc/44505/4
[2]: https://github.com/aws/aws-lc
[3]: https://github.com/google/boringssl
[4]: https://datatracker.ietf.org/doc/html/rfc5929GH-section-3
[5]: https://datatracker.ietf.org/doc/html/rfc8446GH-appendix-C.5
(cherry picked from commit c85d841)

Co-authored-by: Will Childs-Klein <[email protected]>
This was referenced Mar 21, 2024
Merged
Closed
@bedevere-app bedevere-app bot added the tests Tests in the Lib/test dir label Mar 21, 2024
@gpshead gpshead enabled auto-merge (squash) March 21, 2024 20:29
@gpshead gpshead merged commit 05c5bec into python:3.12 Mar 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpshead gpshead gpshead approved these changes

@1st1 1st1 Awaiting requested review from 1st1 1st1 is a code owner

@asvetlov asvetlov Awaiting requested review from asvetlov asvetlov is a code owner

@gvanrossum gvanrossum Awaiting requested review from gvanrossum gvanrossum is a code owner

@kumaraditya303 kumaraditya303 Awaiting requested review from kumaraditya303 kumaraditya303 is a code owner

@willingc willingc Awaiting requested review from willingc willingc is a code owner

Assignees
No one assigned
Labels
tests Tests in the Lib/test dir
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@miss-islington @gpshead @WillChilds-Klein