Message372755
I'm testing 3.5.10rc1 on a freshly installed Linux (Pop!_OS 20.04), and I'm getting a lot of these test failures:
ssl.SSLError: [SSL: EE_KEY_TOO_SMALL] ee key too small (_ssl.c:2951)
Apparently the 2048 keys used in the tests are considered "too small" with brand-new builds of the SSL library.
Christian: you upgraded the test suite keys to 3072 bits back in 2018 (issue #34542), but didn't backport this as far as 3.5 because it was in security-fixes-only mode. I experimented with taking your patch to 3.6 and applying it to 3.5, but 80% of the patches didn't apply cleanly. Could you either backport this upgrade to 3.5 (I'll happily accept the PR), or advise me on how to otherwise mitigate the problem? I don't really want to turn off all those tests. Thanks! |
|
Date |
User |
Action |
Args |
2020-07-01 14:35:46 | larry | set | recipients:
+ larry, christian.heimes |
2020-07-01 14:35:46 | larry | set | messageid: <1593614146.46.0.384684767233.issue41183@roundup.psfhosted.org> |
2020-07-01 14:35:46 | larry | link | issue41183 messages |
2020-07-01 14:35:45 | larry | create | |
|