This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author ned.deily
Recipients Lukasa, alex, benjamin.peterson, bkabrda, christian.heimes, dstufft, giampaolo.rodola, gregory.p.smith, icordasc, janssen, josh.r, lemburg, mnot, ncoghlan, ned.deily, pitrou
Date 2014-07-27.10:22:43
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1406456563.93.0.814382752861.issue21308@psf.upfronthosting.co.za>
In-reply-to
Content
> did you apply the patch from http://bugs.python.org/issue22023 first?

Sorry, missed that.  Let's try again with that applied as well:

OS X 10.9.4 with Xcode 5.1.1 clang and openssl 1.0.1h from MacPorts

- Modules/_ssl.c:2861:52: warning: invalid conversion specifier 'R' (see above)

- test_poplib hangs, requiring ctrl-c interrupt (see above)

- certificate verify failed in test_algorithms of test_ssl

test_ssl: testing with 'OpenSSL 1.0.1h 5 Jun 2014' (1, 0, 1, 8, 15)
          under Mac ('10.9.4', ('', '', ''), 'x86_64')
          HAS_SNI = True
          OP_ALL = 0x800003ff
          OP_NO_TLSv1_1 = 0x10000000
[...]
======================================================================
ERROR: test_algorithms (test.test_ssl.NetworkedTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/py/dev/27/root/uxd_macports/lib/python2.7/test/test_ssl.py", line 1475, in test_algorithms
    s.connect(remote)
  File "/py/dev/27/root/uxd_macports/lib/python2.7/ssl.py", line 810, in connect
    self._real_connect(addr, False)
  File "/py/dev/27/root/uxd_macports/lib/python2.7/ssl.py", line 801, in _real_connect
    self.do_handshake()
  File "/py/dev/27/root/uxd_macports/lib/python2.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)

----------------------------------------------------------------------
Ran 99 tests in 13.035s

FAILED (errors=1, skipped=4)

when built with Apple-supplied openssl 0.9.8y on OS X 10.9.4:

- test_algorithms does not fail:

test_ssl: testing with 'OpenSSL 0.9.8y 5 Feb 2013' (0, 9, 8, 25, 15)
          under Mac ('10.9.4', ('', '', ''), 'x86_64')
          HAS_SNI = True
          OP_ALL = 0x     7ff
[...]
test_algorithms (test.test_ssl.NetworkedTests) ...
Cipher with ('sha256.tbs-internet.com', 443) is ('RC4-SHA', 'TLSv1/SSLv3', 128)
Certificate is:
{'OCSP': (u'http://ocsp.tbs-x509.com',),
 'caIssuers': (u'http://crt.tbs-internet.com/TBSX509CASGC.crt',
               u'http://crt.tbs-x509.com/TBSX509CASGC.crt'),
 'crlDistributionPoints': (u'http://crl.tbs-internet.com/TBSX509CASGC.crl',
                           u'http://crl.tbs-x509.com/TBSX509CASGC.crl'),
[...]

- a non-fatal broken pipe exception is seen

test_nonblocking_send (test.test_ssl.ThreadedTests) ...  server:  new connection from ('127.0.0.1', 50583)
 server: connection cipher is now ('AES256-SHA', 'TLSv1/SSLv3', 256)
 server: selected protocol is now None
Exception in thread Thread-36:
Traceback (most recent call last):
  File "/py/dev/27/root/uxd/lib/python2.7/threading.py", line 810, in __bootstrap_inner
    self.run()
  File "/py/dev/27/root/uxd/lib/python2.7/test/test_ssl.py", line 1636, in run
    self.write(msg.lower())
  File "/py/dev/27/root/uxd/lib/python2.7/test/test_ssl.py", line 1581, in write
    return self.sslconn.write(bytes)
  File "/py/dev/27/root/uxd/lib/python2.7/ssl.py", line 622, in write
    return self._sslobj.write(data)
error: [Errno 32] Broken pipe

ok

on OS X 10.5.8 ppc with Apple-supplied openssl 0.9.7l:

- test_rude_shutdown fails

test_ssl: testing with 'OpenSSL 0.9.7l 28 Sep 2006' (0, 9, 7, 12, 15)
          under Mac ('10.5.8', ('', '', ''), 'PowerPC')
          HAS_SNI = False
          OP_ALL = 0x     7ff
[...]
======================================================================
ERROR: test_rude_shutdown (test.test_ssl.ThreadedTests)
A brutal shutdown of an SSL server should raise an OSError
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Volumes/cache/py/pyb5g4/27/unix/root/lib/python2.7/test/test_ssl.py", line 2139, in test_rude_shutdown
    connector()
  File "/Volumes/cache/py/pyb5g4/27/unix/root/lib/python2.7/test/test_ssl.py", line 2130, in connector
    ssl_sock = ssl.wrap_socket(c)
  File "/Volumes/cache/py/pyb5g4/27/unix/root/lib/python2.7/ssl.py", line 868, in wrap_socket
    ciphers=ciphers)
  File "/Volumes/cache/py/pyb5g4/27/unix/root/lib/python2.7/ssl.py", line 561, in __init__
    self.do_handshake()
  File "/Volumes/cache/py/pyb5g4/27/unix/root/lib/python2.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
error: [Errno 54] Connection reset by peer

----------------------------------------------------------------------
Ran 99 tests in 14.843s

FAILED (errors=1, skipped=21)

- new test/capath directory needs to be added to LIBSUBDIRS in Makefile.pre.in
History
Date User Action Args
2014-07-27 10:22:44ned.deilysetrecipients: + ned.deily, lemburg, gregory.p.smith, ncoghlan, janssen, pitrou, mnot, giampaolo.rodola, christian.heimes, benjamin.peterson, alex, bkabrda, icordasc, dstufft, Lukasa, josh.r
2014-07-27 10:22:43ned.deilysetmessageid: <1406456563.93.0.814382752861.issue21308@psf.upfronthosting.co.za>
2014-07-27 10:22:43ned.deilylinkissue21308 messages
2014-07-27 10:22:43ned.deilycreate