Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(205882)

Unified Diff: Lib/test/test_ssl.py

Issue 15740: test_ssl failure when cacert.org CA cert in system keychain on OSX
Patch Set: Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -18,6 +18,24 @@
import platform
import functools
+if sys.platform == 'darwin':
+ # Apple's installation of OpenSSL in /usr/lib is patched to
+ # integrate with Apple's KeyChain. OpenSSL will verify certificates
+ # using the CA roots that are part of the system and user keychains,
+ # unless that code is disabled using an environment variable.
+ #
+ # The environment variable below disables the keychain integration,
+ # and avoids test failures when the CAcert root certificate (the signer
+ # of the certificate for svn.python.org) happens to be in the keychain of
+ # a system where the tests are run.
+ #
+ # Note: this cannot be done in a setUp method for NetworkedTests because
+ # the presence of the environment variable is cached by OpenSSL, and some
+ # other test might trigger the check for the environment variable before
+ # NetworkedTests is run.
+ os.putenv("OPENSSL_X509_TEA_DISABLE", "1")
+
+
ssl = support.import_module("ssl")
PROTOCOLS = [
« no previous file with comments | « no previous file | no next file » | no next file with comments »

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+