Author ronaldoussoren
Recipients ned.deily, pitrou, ronaldoussoren
Date 2012-08-21.05:32:51
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1345527187.26.0.0888290460435.issue15740@psf.upfronthosting.co.za>
In-reply-to
Content
More interesingly are the download archives for OpenSSL098, which is the openssl version that's used on newer OSX releases. Sadly enough the version used on OSX 10.8 is not present there (that seems to be OpenSSL098-47, the latest download is -35).

Download link: <http://opensource.apple.com/tarballs/OpenSSL098/>

I've downloaded the most recent release from that link and based on a 5 minute glance at the code this does seem to integrate with the system keychain ("src/crypto/x509/x509_vfy_apple.c" in the source tee)

And that code also pointed to a way to disable that functionality, and that resolves the test failure on my machine.

Without workaround:


$ ./python.exe -m test.regrtest  -uall test_ssl
[1/1] test_ssl
test test_ssl failed -- multiple errors occurred; run in verbose mode for details
1 test failed:
    test_ssl


With workaround:

$ env OPENSSL_X509_TEA_DISABLE=1 ./python.exe -m test.regrtest  -uall test_ssl
[1/1] test_ssl
Resource 'ipv6.google.com' is not available
Warning -- asyncore.socket_map was modified by test_ssl
1 test altered the execution environment:
    test_ssl

(And test.regrtest -v also shows that all tests passed)


The attached (crufty) patch sets the environment variable during test_ssl.NetworkedTests and that also avoids the test failure. It might be  useful to add this functionality to the test case (but less crufty, and with a comment that explains why this is done).
History
Date User Action Args
2012-08-21 05:33:07ronaldoussorensetrecipients: + ronaldoussoren, pitrou, ned.deily
2012-08-21 05:33:07ronaldoussorensetmessageid: <1345527187.26.0.0888290460435.issue15740@psf.upfronthosting.co.za>
2012-08-21 05:32:54ronaldoussorenlinkissue15740 messages
2012-08-21 05:32:52ronaldoussorencreate