Author vstinner
Recipients christian.heimes, vstinner
Date 2019-10-01.12:55:53
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1569934554.24.0.56143952582.issue38338@roundup.psfhosted.org>
In-reply-to
Content
SSLv23 and TLS v1.0 are disabled by RHEL8 crypto policy.

AMD64 RHEL8 2.7:
https://buildbot.python.org/all/#/builders/245/builds/5

test_protocol_sslv23 (test.test_ssl.ThreadedTests)
Connecting to an SSLv23 server with various client options ... 
 Could not scan /etc/ssl/openssl.cnf for MinProtocol: [Errno 2] No such file or directory: '/etc/ssl/openssl.cnf'

 PROTOCOL_TLS->PROTOCOL_TLS CERT_NONE
 PROTOCOL_TLSv1->PROTOCOL_TLS CERT_NONE
ERROR

======================================================================
ERROR: test_protocol_sslv23 (test.test_ssl.ThreadedTests)
Connecting to an SSLv23 server with various client options
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 189, in f
    return func(*args, **kwargs)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2402, in test_protocol_sslv23
    try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, 'TLSv1')
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2134, in try_protocol_combo
    chatty=False, connectionchatty=False)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2062, in server_params_test
    s.connect((HOST, server.port))
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 864, in connect
    self._real_connect(addr, False)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 855, in _real_connect
    self.do_handshake()
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 828, in do_handshake
    self._sslobj.do_handshake()
SSLError: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:727)

and

test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.1 server with various client options. ... 
 Could not scan /etc/ssl/openssl.cnf for MinProtocol: [Errno 2] No such file or directory: '/etc/ssl/openssl.cnf'

 PROTOCOL_TLSv1_1->PROTOCOL_TLSv1_1 CERT_NONE
 {PROTOCOL_TLS->PROTOCOL_TLSv1_1} CERT_NONE
 PROTOCOL_TLSv1_1->PROTOCOL_TLS CERT_NONE
ERROR

======================================================================
ERROR: test_protocol_tlsv1_1 (test.test_ssl.ThreadedTests)
Connecting to a TLSv1.1 server with various client options.
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 189, in f
    return func(*args, **kwargs)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2477, in test_protocol_tlsv1_1
    try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1_1, 'TLSv1.1')
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2134, in try_protocol_combo
    chatty=False, connectionchatty=False)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/test/test_ssl.py", line 2062, in server_params_test
    s.connect((HOST, server.port))
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 864, in connect
    self._real_connect(addr, False)
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 855, in _real_connect
    self.do_handshake()
  File "/home/buildbot/buildarea/2.7.cstratak-RHEL8-x86_64/build/Lib/ssl.py", line 828, in do_handshake
    self._sslobj.do_handshake()
SSLError: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:727)
History
Date User Action Args
2019-10-01 12:55:54vstinnersetrecipients: + vstinner, christian.heimes
2019-10-01 12:55:54vstinnersetmessageid: <1569934554.24.0.56143952582.issue38338@roundup.psfhosted.org>
2019-10-01 12:55:54vstinnerlinkissue38338 messages
2019-10-01 12:55:53vstinnercreate