➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2021-04-26 12:53 by pablogsal, last changed 2022-04-11 14:59 by admin.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 25850 | merged | christian.heimes, 2021-05-03 13:13 | |
| Messages (6) | |||
|---|---|---|---|
| msg391914 - (view) | Author: Pablo Galindo Salgado (pablogsal) *  |
Date: 2021-04-26 12:53 | |
Check out this build: https://github.com/python/cpython/pull/25584/checks?check_run_id=2437718845 Here, test_ssl fails in the macos CI target: 1 test failed: test_ssl 20 tests skipped: test_devpoll test_epoll test_gdb test_idle test_ioctl test_msilib test_multiprocessing_fork test_ossaudiodev test_spwd test_startfile test_tcl test_tix test_tk test_ttk_guionly test_ttk_textonly test_turtle test_winconsoleio test_winreg test_winsound test_zipfile64 0:18:53 load avg: 3.12 0:18:53 load avg: 3.12 Re-running failed tests in verbose mode 0:18:53 load avg: 3.12 Re-running test_ssl in verbose mode test_ssl: testing with 'OpenSSL 1.1.1k 25 Mar 2021' (1, 1, 1, 11, 15) under Mac ('10.15.7', ('', '', ''), 'x86_64') HAS_SNI = True OP_ALL = 0x80000054 OP_NO_TLSv1_1 = 0x10000000 test__create_stdlib_context (test.test_ssl.ContextTests) ... ok test_cert_store_stats (test.test_ssl.ContextTests) ... ok test_check_hostname (test.test_ssl.ContextTests) ... ok test_ciphers (test.test_ssl.ContextTests) ... ok test_constructor (test.test_ssl.ContextTests) ... ok test_context_client_server (test.test_ssl.ContextTests) ... ok test_context_custom_class (test.test_ssl.ContextTests) ... ok test_create_default_context (test.test_ssl.ContextTests) ... ok test_get_ca_certs (test.test_ssl.ContextTests) ... ok test_get_ciphers (test.test_ssl.ContextTests) ... ok test_hostname_checks_common_name (test.test_ssl.ContextTests) ... ok test_load_cert_chain (test.test_ssl.ContextTests) ... ok test_load_default_certs (test.test_ssl.ContextTests) ... ok test_load_default_certs_env (test.test_ssl.ContextTests) ... ok test_load_default_certs_env_windows (test.test_ssl.ContextTests) ... skipped 'Windows specific' test_load_dh_params (test.test_ssl.ContextTests) ... ok test_load_verify_cadata (test.test_ssl.ContextTests) ... ok test_load_verify_locations (test.test_ssl.ContextTests) ... ok test_min_max_version (test.test_ssl.ContextTests) ... ok test_num_tickest (test.test_ssl.ContextTests) ... ok test_options (test.test_ssl.ContextTests) ... ok test_python_ciphers (test.test_ssl.ContextTests) ... ok test_security_level (test.test_ssl.ContextTests) ... ok test_session_stats (test.test_ssl.ContextTests) ... ok test_set_default_verify_paths (test.test_ssl.ContextTests) ... ok test_set_ecdh_curve (test.test_ssl.ContextTests) ... ok test_sni_callback (test.test_ssl.ContextTests) ... ok test_sni_callback_refcycle (test.test_ssl.ContextTests) ... ok test_verify_flags (test.test_ssl.ContextTests) ... ok test_verify_mode_protocol (test.test_ssl.ContextTests) ... ok test_DER_to_PEM (test.test_ssl.BasicSocketTests) ... ok test_asn1object (test.test_ssl.BasicSocketTests) ... ok test_cert_time_to_seconds (test.test_ssl.BasicSocketTests) ... ok test_cert_time_to_seconds_locale (test.test_ssl.BasicSocketTests) ... skipped 'locale-specific month name needs to be different from C locale' test_cert_time_to_seconds_timezone (test.test_ssl.BasicSocketTests) ... skipped 'local time needs to be different from UTC' test_connect_ex_error (test.test_ssl.BasicSocketTests) ... ok test_constants (test.test_ssl.BasicSocketTests) ... ok test_dealloc_warn (test.test_ssl.BasicSocketTests) ... ok test_empty_cert (test.test_ssl.BasicSocketTests) Wrapping with an empty cert file ... ok test_enum_certificates (test.test_ssl.BasicSocketTests) ... skipped 'Windows specific' test_enum_crls (test.test_ssl.BasicSocketTests) ... skipped 'Windows specific' test_errors_sslwrap (test.test_ssl.BasicSocketTests) ... ok test_get_default_verify_paths (test.test_ssl.BasicSocketTests) ... ok test_malformed_cert (test.test_ssl.BasicSocketTests) Wrapping with a badly formatted certificate (syntax error) ... ok test_malformed_key (test.test_ssl.BasicSocketTests) Wrapping with a badly formatted key (syntax error) ... ok test_match_hostname (test.test_ssl.BasicSocketTests) ... ok test_openssl_version (test.test_ssl.BasicSocketTests) ... ok test_parse_all_sans (test.test_ssl.BasicSocketTests) ... ok test_parse_cert (test.test_ssl.BasicSocketTests) ... {'OCSP': ('http://ocsp.verisign.com',), 'caIssuers': ('http://SVRIntl-G3-aia.verisign.com/SVRIntlG3.cer',), 'crlDistributionPoints': ('http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl',), 'issuer': ((('countryName', 'US'),), (('organizationName', 'VeriSign, Inc.'),), (('organizationalUnitName', 'VeriSign Trust Network'),), (('organizationalUnitName', 'Terms of use at https://www.verisign.com/rpa (c)10'),), (('commonName', 'VeriSign Class 3 International Server CA - G3'),)), 'notAfter': 'Sep 20 23:59:59 2012 GMT', 'notBefore': 'Sep 21 00:00:00 2011 GMT', 'serialNumber': '2EE6EA7640A075CEE5005F4D7C79549A', 'subject': ((('countryName', 'FI'),), (('stateOrProvinceName', 'Espoo'),), (('localityName', 'Espoo'),), (('organizationName', 'Nokia'),), (('organizationalUnitName', 'BI'),), (('commonName', 'projects.developer.nokia.com'),)), 'subjectAltName': (('DNS', 'projects.developer.nokia.com'), ('DNS', 'projects.forum.nokia.com')), 'version': 3} ok test_parse_cert_CVE_2013_4238 (test.test_ssl.BasicSocketTests) ... {'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Oregon'),), (('localityName', 'Beaverton'),), (('organizationName', 'Python Software Foundation'),), (('organizationalUnitName', 'Python Core Development'),), (('commonName', 'null.python.org\x00example.org'),), (('emailAddress', 'python-dev@python.org'),)), 'notAfter': 'Aug 7 13:12:52 2013 GMT', 'notBefore': 'Aug 7 13:11:52 2013 GMT', 'serialNumber': '00', 'subject': ((('countryName', 'US'),), (('stateOrProvinceName', 'Oregon'),), (('localityName', 'Beaverton'),), (('organizationName', 'Python Software Foundation'),), (('organizationalUnitName', 'Python Core Development'),), (('commonName', 'null.python.org\x00example.org'),), (('emailAddress', 'python-dev@python.org'),)), 'subjectAltName': (('DNS', 'altnull.python.org\x00example.com'), ('email', 'null@python.org\x00user@example.org'), ('URI', 'http://null.python.org\x00http://example.org'), ('IP Address', '192.0.2.1'), ('IP Address', '2001:DB8:0:0:0:0:0:1')), 'version': 3} ok test_parse_cert_CVE_2019_5010 (test.test_ssl.BasicSocketTests) ... {'issuer': ((('countryName', 'UK'),), (('commonName', 'cody-ca'),)), 'notAfter': 'Jun 14 18:00:58 2028 GMT', 'notBefore': 'Jun 18 18:00:58 2018 GMT', 'serialNumber': '02', 'subject': ((('countryName', 'UK'),), (('commonName', 'codenomicon-vm-2.test.lal.cisco.com'),)), 'subjectAltName': (('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),), 'version': 3} ok test_private_init (test.test_ssl.BasicSocketTests) ... ok test_purpose_enum (test.test_ssl.BasicSocketTests) ... ok test_random (test.test_ssl.BasicSocketTests) ... RAND_status is 1 (sufficient randomness) ok test_read_write_zero (test.test_ssl.BasicSocketTests) ... server: new connection from ('127.0.0.1', 52385) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_refcycle (test.test_ssl.BasicSocketTests) ... ok test_server_side (test.test_ssl.BasicSocketTests) ... ok test_str_for_enums (test.test_ssl.BasicSocketTests) ... ok test_timeout (test.test_ssl.BasicSocketTests) ... ok test_tls_unique_channel_binding (test.test_ssl.BasicSocketTests) ... ok test_unknown_channel_binding (test.test_ssl.BasicSocketTests) ... ok test_unsupported_dtls (test.test_ssl.BasicSocketTests) ... ok test_wrapped_unconnected (test.test_ssl.BasicSocketTests) ... ok test_bad_server_hostname (test.test_ssl.SSLErrorTests) ... ok test_lib_reason (test.test_ssl.SSLErrorTests) ... ok test_str (test.test_ssl.SSLErrorTests) ... ok test_subclass (test.test_ssl.SSLErrorTests) ... ok test_buffer_types (test.test_ssl.MemoryBIOTests) ... ok test_eof (test.test_ssl.MemoryBIOTests) ... ok test_error_types (test.test_ssl.MemoryBIOTests) ... ok test_pending (test.test_ssl.MemoryBIOTests) ... ok test_read_write (test.test_ssl.MemoryBIOTests) ... ok test_private_init (test.test_ssl.SSLObjectTests) ... ok test_unwrap (test.test_ssl.SSLObjectTests) ... ok test_bio_handshake (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52391) Needed 2 calls to complete do_handshake(). server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) Needed 3 calls to complete unwrap(). ok test_bio_read_write_data (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52393) Needed 2 calls to complete do_handshake(). Needed 1 calls to complete write(). server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) Needed 4 calls to complete read(). Needed 2 calls to complete unwrap(). ok test_ciphers (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52395) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52396) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_connect (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52398) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52399) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_connect_cadata (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52401) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52402) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_connect_capath (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52404) server: bad connection attempt from ('127.0.0.1', 52404): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() OSError: [Errno 41] Protocol wrong type for socket ERROR test_connect_ex (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52407) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_connect_fail (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52409) server: bad connection attempt from ('127.0.0.1', 52409): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969) ok test_connect_with_context (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52411) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52412) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52413) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_connect_with_context_fail (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52415) server: bad connection attempt from ('127.0.0.1', 52415): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969) ok test_context_setget (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52417) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_get_ca_certs_capath (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52419) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_get_server_certificate (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52422) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52424) Verified certificate for localhost:52420 is -----BEGIN CERTIFICATE----- MIIF8TCCBFmgAwIBAgIJAMstgJlaaVJcMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV BAYTAlhZMSYwJAYDVQQKDB1QeXRob24gU29mdHdhcmUgRm91bmRhdGlvbiBDQTEW MBQGA1UEAwwNb3VyLWNhLXNlcnZlcjAeFw0xODA4MjkxNDIzMTZaFw0zNzEwMjgx NDIzMTZaMF8xCzAJBgNVBAYTAlhZMRcwFQYDVQQHDA5DYXN0bGUgQW50aHJheDEj MCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRpb24xEjAQBgNVBAMMCWxv Y2FsaG9zdDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMW0s615CVCi M3vO2S7HubSGYYqQ/WGHSFsqpNwPzuOQsCoDBlZ6eNkyMJttne8/4A5sIiRggrM9 djtiL4fkzc7aZcgPGgcaMv8Za2gTIM1e+b1QL4xG5I6rYxoscdAbRHHZPFxisxVQ ztv3euk3UsZGsK/WAhJczgS8QmigBHsBp2PSkb+jR+oMB0WMfpBluGfWJmV754Zu Nx92Af8fQXx2fU88ahWIdeJxuxDiQHrTTY9/5pc/hvZAoBt+XI0cQoc8cQ45NesW Mx1z5uopbbh6kSwxkjn2rH2FT/hG+nf+/68TBMvs2buKWm3NmfZy8YJbf0sLSc1g s7OQ7cfzHADvmHq7KR0H5Y7+/YIogr0z9k771A2uZqiR8oNqYKTf1vyGULA0voux Wm93ddNLlafhhaf3YSqKW1Qkmg+julztVN1YKDjNUWfhDxmHg0U2f+pMHyUQyCuw 1NXlzJnvOGgGJQxI7jluajY2ycTtx78lSGWp7m6HQ9PUwgGBNX6gMwIDAQABo4IB wDCCAbwwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUhXUQJdAsgFAkGltXcN61y3GpO3swfQYDVR0jBHYwdIAUs4qgorpx8agkedSk WyU2FR5JyM2hUaRPME0xCzAJBgNVBAYTAlhZMSYwJAYDVQQKDB1QeXRob24gU29m dHdhcmUgRm91bmRhdGlvbiBDQTEWMBQGA1UEAwwNb3VyLWNhLXNlcnZlcoIJAMst gJlaaVJbMIGDBggrBgEFBQcBAQR3MHUwPAYIKwYBBQUHMAKGMGh0dHA6Ly90ZXN0 Y2EucHl0aG9udGVzdC5uZXQvdGVzdGNhL3B5Y2FjZXJ0LmNlcjA1BggrBgEFBQcw AYYpaHR0cDovL3Rlc3RjYS5weXRob250ZXN0Lm5ldC90ZXN0Y2Evb2NzcC8wQwYD VR0fBDwwOjA4oDagNIYyaHR0cDovL3Rlc3RjYS5weXRob250ZXN0Lm5ldC90ZXN0 Y2EvcmV2b2NhdGlvbi5jcmwwDQYJKoZIhvcNAQELBQADggGBAJXzVrvVjHC90d7a Y7Ap19tgJ9ZZ/WEbMMbQXXN9NOFo4yimieZgvYnTDvRyrXJ2+IYh/XU8+G2+nATh ggNpbK7QVbpe8sr1D47W2Y3IVkb0+Kx0Khl7jkdwH/v7vWkCoaVKbiEcBBQVVb+/ JEPIFwO+Pizq28ivHf1S39YVSZ7CRGnv8UVDg7IezxQcEz/+nHHL5xsYVjanr0Tx C6F5REb5Q0Yp2LDKSU1lYNP2jnS8Yp4ejUspmrQN8KJ3WzTkES+nJcXlB3YSrr51 cxXkCn1TOFY/eW1uyu2Aq1btfosc5+PUYjAicOcpsgM8/vo98DbATRGimdMpMSe4 xbgVozxPm3NeK7L7y/11R7gXvSHY5sG5/3OB2CUIbQheHKWDUN5n5trQjlrT8iqx P7iAIQdqcRVtBetRs1mN1BVGfgKoEwEWmb0DzHBxKiMWeK/R1QGdBLRjk5oEOpIu 5n5zk6X+UJu9DupUhm985RR3/sIoWkoO1y2M6e1hKbJT/2wEvA== -----END CERTIFICATE----- server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_get_server_certificate_fail (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52427) [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:969) server: bad connection attempt from ('127.0.0.1', 52427): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969) ok test_get_server_certificate_sni (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52430) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52432) Verified certificate for localhost:52428 is -----BEGIN CERTIFICATE----- MIIF8TCCBFmgAwIBAgIJAMstgJlaaVJcMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV BAYTAlhZMSYwJAYDVQQKDB1QeXRob24gU29mdHdhcmUgRm91bmRhdGlvbiBDQTEW MBQGA1UEAwwNb3VyLWNhLXNlcnZlcjAeFw0xODA4MjkxNDIzMTZaFw0zNzEwMjgx NDIzMTZaMF8xCzAJBgNVBAYTAlhZMRcwFQYDVQQHDA5DYXN0bGUgQW50aHJheDEj MCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRpb24xEjAQBgNVBAMMCWxv Y2FsaG9zdDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMW0s615CVCi M3vO2S7HubSGYYqQ/WGHSFsqpNwPzuOQsCoDBlZ6eNkyMJttne8/4A5sIiRggrM9 djtiL4fkzc7aZcgPGgcaMv8Za2gTIM1e+b1QL4xG5I6rYxoscdAbRHHZPFxisxVQ ztv3euk3UsZGsK/WAhJczgS8QmigBHsBp2PSkb+jR+oMB0WMfpBluGfWJmV754Zu Nx92Af8fQXx2fU88ahWIdeJxuxDiQHrTTY9/5pc/hvZAoBt+XI0cQoc8cQ45NesW Mx1z5uopbbh6kSwxkjn2rH2FT/hG+nf+/68TBMvs2buKWm3NmfZy8YJbf0sLSc1g s7OQ7cfzHADvmHq7KR0H5Y7+/YIogr0z9k771A2uZqiR8oNqYKTf1vyGULA0voux Wm93ddNLlafhhaf3YSqKW1Qkmg+julztVN1YKDjNUWfhDxmHg0U2f+pMHyUQyCuw 1NXlzJnvOGgGJQxI7jluajY2ycTtx78lSGWp7m6HQ9PUwgGBNX6gMwIDAQABo4IB wDCCAbwwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUhXUQJdAsgFAkGltXcN61y3GpO3swfQYDVR0jBHYwdIAUs4qgorpx8agkedSk WyU2FR5JyM2hUaRPME0xCzAJBgNVBAYTAlhZMSYwJAYDVQQKDB1QeXRob24gU29m dHdhcmUgRm91bmRhdGlvbiBDQTEWMBQGA1UEAwwNb3VyLWNhLXNlcnZlcoIJAMst gJlaaVJbMIGDBggrBgEFBQcBAQR3MHUwPAYIKwYBBQUHMAKGMGh0dHA6Ly90ZXN0 Y2EucHl0aG9udGVzdC5uZXQvdGVzdGNhL3B5Y2FjZXJ0LmNlcjA1BggrBgEFBQcw AYYpaHR0cDovL3Rlc3RjYS5weXRob250ZXN0Lm5ldC90ZXN0Y2Evb2NzcC8wQwYD VR0fBDwwOjA4oDagNIYyaHR0cDovL3Rlc3RjYS5weXRob250ZXN0Lm5ldC90ZXN0 Y2EvcmV2b2NhdGlvbi5jcmwwDQYJKoZIhvcNAQELBQADggGBAJXzVrvVjHC90d7a Y7Ap19tgJ9ZZ/WEbMMbQXXN9NOFo4yimieZgvYnTDvRyrXJ2+IYh/XU8+G2+nATh ggNpbK7QVbpe8sr1D47W2Y3IVkb0+Kx0Khl7jkdwH/v7vWkCoaVKbiEcBBQVVb+/ JEPIFwO+Pizq28ivHf1S39YVSZ7CRGnv8UVDg7IezxQcEz/+nHHL5xsYVjanr0Tx C6F5REb5Q0Yp2LDKSU1lYNP2jnS8Yp4ejUspmrQN8KJ3WzTkES+nJcXlB3YSrr51 cxXkCn1TOFY/eW1uyu2Aq1btfosc5+PUYjAicOcpsgM8/vo98DbATRGimdMpMSe4 xbgVozxPm3NeK7L7y/11R7gXvSHY5sG5/3OB2CUIbQheHKWDUN5n5trQjlrT8iqx P7iAIQdqcRVtBetRs1mN1BVGfgKoEwEWmb0DzHBxKiMWeK/R1QGdBLRjk5oEOpIu 5n5zk6X+UJu9DupUhm985RR3/sIoWkoO1y2M6e1hKbJT/2wEvA== -----END CERTIFICATE----- server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_get_server_certificate_timeout (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52435) server: bad connection attempt from ('127.0.0.1', 52435): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:969) ok test_makefile_close (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52437) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_non_blocking_connect_ex (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52439) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_non_blocking_handshake (test.test_ssl.SimpleBackgroundTests) ... server: new connection from ('127.0.0.1', 52441) Needed 2 calls to do_handshake() to establish session. server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_PROTOCOL_TLS (test.test_ssl.ThreadedTests) Connecting to an SSLv23 server with various client options ... PROTOCOL_TLS->PROTOCOL_TLS CERT_NONE PROTOCOL_TLSv1->PROTOCOL_TLS CERT_NONE PROTOCOL_TLS->PROTOCOL_TLS CERT_OPTIONAL PROTOCOL_TLSv1->PROTOCOL_TLS CERT_OPTIONAL PROTOCOL_TLS->PROTOCOL_TLS CERT_REQUIRED PROTOCOL_TLSv1->PROTOCOL_TLS CERT_REQUIRED PROTOCOL_TLS->PROTOCOL_TLS CERT_NONE {PROTOCOL_TLSv1->PROTOCOL_TLS} CERT_NONE ok test_alpn_protocols (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52459) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52461) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52463) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52465) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. ok test_asyncore_server (test.test_ssl.ThreadedTests) Check the example asyncore integration. ... server: new connection from 127.0.0.1:52467 client: sending b'FOO\n'... server: read b'FOO\n' from client client: read b'foo\n' client: closing connection. client: connection closed. cleanup: stopping server. server: read b'over\n' from client cleanup: joining server thread. server: closed connection <ssl.SSLSocket [closed] fd=-1, family=AF_INET, type=SOCK_STREAM, proto=0> server: read b'' from client cleanup: successfully joined. ok test_check_hostname (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52469) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52471) server: bad connection attempt from ('127.0.0.1', 52471): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:969) ok test_check_hostname_idn (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52474) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52476) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52478) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52480) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52482) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52484) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52486) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52488) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52490) server: bad connection attempt from ('127.0.0.1', 52490): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:969) ok test_compression (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52492) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. got compression: None ok test_compression_disabled (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52494) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. ok test_crl_check (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52496) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52498) server: bad connection attempt from ('127.0.0.1', 52498): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969) server: new connection from ('127.0.0.1', 52500) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_default_ecdh_curve (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52502) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) ok test_dh_params (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52504) server: connection cipher is now ('DHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. ok test_do_handshake_enotconn (test.test_ssl.ThreadedTests) ... ok test_dual_rsa_ecc (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52506) server: connection cipher is now ('ECDHE-ECDSA-AES256-GCM-SHA384', 'TLSv1.2', 256) ok test_ecc_cert (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52508) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_ecdh_curve (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52510) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52512) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52514) server: bad connection attempt from ('127.0.0.1', 52514): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: NO_SUITABLE_KEY_SHARE] no suitable key share (_ssl.c:969) ok test_echo (test.test_ssl.ThreadedTests) Basic test of an SSL client connecting to a server ... server: new connection from ('127.0.0.1', 52516) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. server: new connection from ('127.0.0.1', 52518) server: bad connection attempt from ('127.0.0.1', 52518): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL] called a function you should not call (_ssl.c:969) server: new connection from ('127.0.0.1', 52520) server: bad connection attempt from ('127.0.0.1', 52520): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:969) server: new connection from ('127.0.0.1', 52522) server: bad connection attempt from ('127.0.0.1', 52522): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL] called a function you should not call (_ssl.c:969) ok test_getpeercert (test.test_ssl.ThreadedTests) ... {'OCSP': ('http://testca.pythontest.net/testca/ocsp/',), 'caIssuers': ('http://testca.pythontest.net/testca/pycacert.cer',), 'crlDistributionPoints': ('http://testca.pythontest.net/testca/revocation.crl',), 'issuer': ((('countryName', 'XY'),), (('organizationName', 'Python Software Foundation CA'),), (('commonName', 'our-ca-server'),)), 'notAfter': 'Oct 28 14:23:16 2037 GMT', 'notBefore': 'Aug 29 14:23:16 2018 GMT', 'serialNumber': 'CB2D80995A69525C', 'subject': ((('countryName', 'XY'),), (('localityName', 'Castle Anthrax'),), (('organizationName', 'Python Software Foundation'),), (('commonName', 'localhost'),)), 'subjectAltName': (('DNS', 'localhost'),), 'version': 3} Connection cipher is ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256). ok test_getpeercert_enotconn (test.test_ssl.ThreadedTests) ... ok test_handshake_timeout (test.test_ssl.ThreadedTests) ... ok test_hostname_checks_common_name (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52529) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52531) server: bad connection attempt from ('127.0.0.1', 52531): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:969) ok test_min_max_version_mismatch (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52533) server: bad connection attempt from ('127.0.0.1', 52533): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:969) ok test_min_max_version_sslv3 (test.test_ssl.ThreadedTests) ... skipped 'SSLv3 is not available.' test_min_max_version_tlsv1_1 (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52535) server: connection cipher is now ('ECDHE-RSA-AES256-SHA', 'TLSv1.0', 256) ok test_min_max_version_tlsv1_2 (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52537) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) ok test_no_shared_ciphers (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52539) server: bad connection attempt from ('127.0.0.1', 52539): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: NO_SHARED_CIPHER] no shared cipher (_ssl.c:969) ok test_nonblocking_send (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52541) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) Test server failure: Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2491, in run self.write(msg.lower()) File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2410, in write return self.sslconn.write(bytes) File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1148, in write return self._sslobj.write(data) ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:2286) ok test_npn_protocols (test.test_ssl.ThreadedTests) ... ok test_protocol_sslv2 (test.test_ssl.ThreadedTests) Connecting to an SSLv2 server with various client options ... skipped 'SSLv2 is not available.' test_protocol_sslv3 (test.test_ssl.ThreadedTests) Connecting to an SSLv3 server with various client options ... skipped 'SSLv3 is not available.' test_protocol_tlsv1 (test.test_ssl.ThreadedTests) Connecting to a TLSv1 server with various client options ... PROTOCOL_TLSv1->PROTOCOL_TLSv1 CERT_NONE PROTOCOL_TLSv1->PROTOCOL_TLSv1 CERT_OPTIONAL PROTOCOL_TLSv1->PROTOCOL_TLSv1 CERT_REQUIRED {PROTOCOL_TLS->PROTOCOL_TLSv1} CERT_NONE ok test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests) Connecting to a TLSv1.1 server with various client options. ... PROTOCOL_TLSv1_1->PROTOCOL_TLSv1_1 CERT_NONE {PROTOCOL_TLS->PROTOCOL_TLSv1_1} CERT_NONE PROTOCOL_TLSv1_1->PROTOCOL_TLS CERT_NONE {PROTOCOL_TLSv1_2->PROTOCOL_TLSv1_1} CERT_NONE {PROTOCOL_TLSv1_1->PROTOCOL_TLSv1_2} CERT_NONE ok test_protocol_tlsv1_2 (test.test_ssl.ThreadedTests) Connecting to a TLSv1.2 server with various client options. ... PROTOCOL_TLSv1_2->PROTOCOL_TLSv1_2 CERT_NONE {PROTOCOL_TLS->PROTOCOL_TLSv1_2} CERT_NONE PROTOCOL_TLSv1_2->PROTOCOL_TLS CERT_NONE {PROTOCOL_TLSv1->PROTOCOL_TLSv1_2} CERT_NONE {PROTOCOL_TLSv1_2->PROTOCOL_TLSv1} CERT_NONE {PROTOCOL_TLSv1_1->PROTOCOL_TLSv1_2} CERT_NONE {PROTOCOL_TLSv1_2->PROTOCOL_TLSv1_1} CERT_NONE ok test_read_write_after_close_raises_valuerror (test.test_ssl.ThreadedTests) ... ok test_recv_send (test.test_ssl.ThreadedTests) Test recv(), send() and friends. ... server: new connection from ('127.0.0.1', 52577) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_recv_zero (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52580) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_rude_shutdown (test.test_ssl.ThreadedTests) A brutal shutdown of an SSL server should raise an OSError ... ok test_selected_alpn_protocol (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52584) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. ok test_selected_alpn_protocol_if_server_uses_alpn (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52586) client: sending b'FOO\n'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: sending b'FOO\n'... client: read b'foo\n' client: closing connection. ok test_sendfile (test.test_ssl.ThreadedTests) ... ok test_server_accept (test.test_ssl.ThreadedTests) ... ok test_session (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52592) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) server: new connection from ('127.0.0.1', 52594) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) server: new connection from ('127.0.0.1', 52596) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) server: new connection from ('127.0.0.1', 52598) server: connection cipher is now ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256) ok test_session_handling (test.test_ssl.ThreadedTests) ... ok test_shared_ciphers (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52604) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_sni_callback (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52606) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52608) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52610) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_sni_callback_alert (test.test_ssl.ThreadedTests) ... ok test_sni_callback_raising (test.test_ssl.ThreadedTests) ... ok test_sni_callback_wrong_return_type (test.test_ssl.ThreadedTests) ... ok test_socketserver (test.test_ssl.ThreadedTests) Using socketserver to create and manage SSL connections. ... server (('127.0.0.1', 52617):52617 ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256)): [26/Apr/2021 11:43:19] "GET /keycert.pem HTTP/1.1" 200 - client: read 4058 bytes from remote server '<HTTPSServerThread <HTTPSServer 1.0.0.127.in-addr.arpa:52617>>' stopping HTTPS server joining HTTPS thread ok test_ssl_cert_verify_error (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52621) server: bad connection attempt from ('127.0.0.1', 52621): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969) ok test_starttls (test.test_ssl.ThreadedTests) Switching from clear text to encrypted and back again. ... client: sending b'msg 1'... server: new connection from ('127.0.0.1', 52623) server: read b'msg 1' (unencrypted), sending back b'msg 1' (unencrypted)... client: read b'msg 1' from server client: sending b'MSG 2'... server: read b'MSG 2' (unencrypted), sending back b'msg 2' (unencrypted)... client: read b'msg 2' from server client: sending b'STARTTLS'... server: read STARTTLS from client, sending OK... client: read b'ok' from server, starting TLS... client: sending b'MSG 3'... server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: read b'MSG 3' (encrypted), sending back b'msg 3' (encrypted)... client: read b'msg 3' from server client: sending b'msg 4'... server: read b'msg 4' (encrypted), sending back b'msg 4' (encrypted)... client: read b'msg 4' from server client: sending b'ENDTLS'... server: read ENDTLS from client, sending OK... client: read b'ok' from server, ending TLS... client: sending b'msg 5'... server: connection is now unencrypted... server: read b'msg 5' (unencrypted), sending back b'msg 5' (unencrypted)... client: read b'msg 5' from server client: sending b'msg 6'... server: read b'msg 6' (unencrypted), sending back b'msg 6' (unencrypted)... client: read b'msg 6' from server client: closing connection. server: client closed connection ok test_tls1_3 (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52625) server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_tls_unique_channel_binding (test.test_ssl.ThreadedTests) Test tls-unique channel binding. ... server: new connection from ('127.0.0.1', 52627) got channel binding data: b'\xb6\xc4\x94=\xb1\xc0\xe1\x05\xbd\x803\xd1\xec\x14,\x95\x8d\xbe!\xbf\xa6\x93\x06)\xc0(U\r\x8d\xdcA\xe9\xa2\xef\xae*6\xa8\xb5~;\x8f\xd9\xa6\x141x\xa2' server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) server: new connection from ('127.0.0.1', 52628) got another channel binding data: b'N1\xb3OAX\xaa\x05dD/~\x8a\xcbM\xf3\x1b\x1a<\x98:\xb9\x80\xf6b\xe3\x1a\x0e\x9e\xf6\x87\xde\xfc\xfc\xc4\x93t\x90a\xb7\xa6O\xdf\xcc\x10\xdf?y' server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) ok test_version_basic (test.test_ssl.ThreadedTests) Basic tests for SSLSocket.version(). ... ok test_wrong_cert_tls12 (test.test_ssl.ThreadedTests) Connecting when the server rejects the client's certificate ... server: new connection from ('127.0.0.1', 52632) SSLError is SSLError(1, '[SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:969)') server: bad connection attempt from ('127.0.0.1', 52632): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:969) ok test_wrong_cert_tls13 (test.test_ssl.ThreadedTests) ... server: new connection from ('127.0.0.1', 52634) SSLError is SSLError(1, '[SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:2438)') server: bad connection attempt from ('127.0.0.1', 52634): Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2347, in wrap_conn self.sslconn = self.server.context.wrap_socket( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 518, in wrap_socket return self.sslsocket_class._create( File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1070, in _create self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:969) ok test_bpo37428_pha_cert_none (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_no_pha_client (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_no_pha_server (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_not_tls13 (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_optional (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_optional_nocert (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_required (test.test_ssl.TestPostHandshakeAuth) ... ok test_pha_required_nocert (test.test_ssl.TestPostHandshakeAuth) ... server: new connection from ('127.0.0.1', 52650) client cert is None client did not provide a cert server: connection cipher is now ('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256) TLS: (<ssl.SSLSocket fd=7, family=AF_INET, type=SOCK_STREAM, proto=0, laddr=('127.0.0.1', 52649), raddr=('127.0.0.1', 52650)>, 'write', TLSVersion.TLSv1_3, _TLSContentType.ALERT, _TLSAlertType.CERTIFICATE_REQUIRED, b'\x02t') TLS: (<ssl.SSLSocket fd=6, family=AF_INET, type=SOCK_STREAM, proto=0, laddr=('127.0.0.1', 52650), raddr=('127.0.0.1', 52649)>, 'read', TLSVersion.TLSv1_3, _TLSContentType.ALERT, _TLSAlertType.CERTIFICATE_REQUIRED, b'\x02t') Test server failure: Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2427, in run msg = self.read() File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2404, in read return self.sslconn.read() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1131, in read return self._sslobj.read(len) ssl.SSLError: [SSL: PEER_DID_NOT_RETURN_A_CERTIFICATE] peer did not return a certificate (_ssl.c:2438) ok test_pha_setter (test.test_ssl.TestPostHandshakeAuth) ... ok test_keylog_defaults (test.test_ssl.TestSSLDebug) ... ok test_keylog_env (test.test_ssl.TestSSLDebug) ... skipped 'test is not compatible with ignore_environment' test_keylog_filename (test.test_ssl.TestSSLDebug) ... ok test_msg_callback (test.test_ssl.TestSSLDebug) ... ok test_msg_callback_deadlock_bpo43577 (test.test_ssl.TestSSLDebug) ... ok test_msg_callback_tls12 (test.test_ssl.TestSSLDebug) ... ok test_get_server_certificate_ipv6 (test.test_ssl.NetworkedTests) ... skipped "Resource 'ipv6.google.com' is not available" test test_ssl failed test_timeout_connect_ex (test.test_ssl.NetworkedTests) ... ok ====================================================================== ERROR: test_connect_capath (test.test_ssl.SimpleBackgroundTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/Users/runner/work/cpython/cpython/Lib/test/test_ssl.py", line 2045, in test_connect_capath s.connect(self.server_addr) File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1372, in connect self._real_connect(addr, False) File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1363, in _real_connect self.do_handshake() File "/Users/runner/work/cpython/cpython/Lib/ssl.py", line 1339, in do_handshake self._sslobj.do_handshake() ConnectionResetError: [Errno 54] Connection reset by peer ---------------------------------------------------------------------- Ran 164 tests in 29.112s FAILED (errors=1, skipped=10) 1 test failed again: test_ssl |
|||
| msg391923 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-04-26 13:22 | |
I have seen the test fail before. It seems to be flaky on macOS but it fails only very rarely. |
|||
| msg391927 - (view) | Author: Pablo Galindo Salgado (pablogsal) * |
Date: 2021-04-26 13:37 | |
> it fails only very rarely. Unfortunately, in https://github.com/python/cpython/pull/25584 it has failed 3 times in a row. That's why I decided to open the issue. Let me re-run again. |
|||
| msg392805 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-05-03 13:17 | |
I'm still unsure why tests are sometimes failing. Test fail rarely on macOS and Windows. When tests are failing it's usually a bunch of tests that fail with "connection reset by peer". I suspect that the listener backlog and timeout of the server socket is too aggressive. |
|||
| msg392816 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-05-03 15:45 | |
New changeset c715b524210050bdd2a2e233817246d443bbb236 by Christian Heimes in branch 'master': bpo-43943: ssl tests: Increase server socket timeout, backlog, debugging (GH-25850) https://github.com/python/cpython/commit/c715b524210050bdd2a2e233817246d443bbb236 |
|||
| msg392818 - (view) | Author: Christian Heimes (christian.heimes) * |
Date: 2021-05-03 15:47 | |
fingers crossed! |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:44 | admin | set | status: pending -> open github: 88109 |
| 2021-05-03 16:53:23 | christian.heimes | set | status: open -> pending assignee: christian.heimes components: + Tests, SSL, - Installation |
| 2021-05-03 16:52:09 | mohansai | set | nosy:
- ronaldoussoren, ned.deily components: + Installation, - macOS |
| 2021-05-03 16:49:30 | mohansai | set | status: pending -> open nosy: + ronaldoussoren, ned.deily components: + macOS |
| 2021-05-03 15:47:53 | christian.heimes | set | status: open -> pending type: behavior resolution: fixed messages: + msg392818 |
| 2021-05-03 15:45:09 | christian.heimes | set | messages: + msg392816 |
| 2021-05-03 13:17:42 | christian.heimes | set | messages: + msg392805 |
| 2021-05-03 13:13:00 | christian.heimes | set | keywords:
+ patch stage: patch review pull_requests: + pull_request24533 |
| 2021-04-26 13:37:41 | pablogsal | set | messages: + msg391927 |
| 2021-04-26 13:22:22 | christian.heimes | set | messages: + msg391923 |
| 2021-04-26 12:53:27 | pablogsal | create | |