Skip to content

Commit 03dc951

Browse files
gh-95280: Fix test_get_ciphers on systems without RSA key exchange (GH-95282) (GH-95323)
(cherry picked from commit 5654030) Co-authored-by: Christian Heimes <[email protected]>
1 parent 7b87765 commit 03dc951

File tree

2 files changed

+16
-2
lines changed

2 files changed

+16
-2
lines changed

Lib/test/test_ssl.py

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1169,8 +1169,20 @@ def test_get_ciphers(self):
11691169
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
11701170
ctx.set_ciphers('AESGCM')
11711171
names = set(d['name'] for d in ctx.get_ciphers())
1172-
self.assertIn('AES256-GCM-SHA384', names)
1173-
self.assertIn('AES128-GCM-SHA256', names)
1172+
expected = {
1173+
'AES128-GCM-SHA256',
1174+
'ECDHE-ECDSA-AES128-GCM-SHA256',
1175+
'ECDHE-RSA-AES128-GCM-SHA256',
1176+
'DHE-RSA-AES128-GCM-SHA256',
1177+
'AES256-GCM-SHA384',
1178+
'ECDHE-ECDSA-AES256-GCM-SHA384',
1179+
'ECDHE-RSA-AES256-GCM-SHA384',
1180+
'DHE-RSA-AES256-GCM-SHA384',
1181+
}
1182+
intersection = names.intersection(expected)
1183+
self.assertGreaterEqual(
1184+
len(intersection), 2, f"\ngot: {sorted(names)}\nexpected: {sorted(expected)}"
1185+
)
11741186

11751187
def test_options(self):
11761188
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
Fix problem with ``test_ssl`` ``test_get_ciphers`` on systems that require
2+
perfect forward secrecy (PFS) ciphers.

0 commit comments

Comments
 (0)