This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients christian.heimes, larry
Date 2020-07-02.08:02:25
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1593676945.52.0.550908864502.issue41183@roundup.psfhosted.org>
In-reply-to
Content
test_ssl_36_branch just contains "1 test failed: test_ssl". Could you please attach a verbose run?

The problems are caused by security policy. We had similar issues in Fedora.

    - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
      level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
      below 1.2 and update documentation. Previous default of 1, can be set
      by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
      using ':@SECLEVEL=1' CipherString value in openssl.cfg.

I can fix "SSL: DH_KEY_TOO_SMALL" in another PR. The other issues are harder to fix.
History
Date User Action Args
2020-07-02 08:02:25christian.heimessetrecipients: + christian.heimes, larry
2020-07-02 08:02:25christian.heimessetmessageid: <1593676945.52.0.550908864502.issue41183@roundup.psfhosted.org>
2020-07-02 08:02:25christian.heimeslinkissue41183 messages
2020-07-02 08:02:25christian.heimescreate