Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only do seclevel workaround if seclevel greater than 1 #131736

Closed
WillChilds-Klein opened this issue Mar 25, 2025 · 1 comment
Closed

Only do seclevel workaround if seclevel greater than 1 #131736

WillChilds-Klein opened this issue Mar 25, 2025 · 1 comment
Labels
tests Tests in the Lib/test dir topic-SSL

Comments

@WillChilds-Klein
Copy link
Contributor

WillChilds-Klein commented Mar 25, 2025
edited by bedevere-app bot
Loading

Feature or enhancement

Proposal:

We propose checking libssl's current security level before performing our ubuntu workaround in test_ssl.py, and skipping the workaround if it's unnecessary.

Due to backwards compatibility concerns around parsing short RSA keys, AWS-LC only supports SECLEVEL=0.

Has this already been discussed elsewhere?

I have already discussed this feature proposal on Discourse

Links to previous discussion of this feature:

This issue is very similar to a series of other test modifications discussed in

https://discuss.python.org/t/support-building-ssl-and-hashlib-modules-against-aws-lc/44505/13

Linked PRs
@WillChilds-Klein WillChilds-Klein added the type-feature A feature request or enhancement label Mar 25, 2025
@WillChilds-Klein WillChilds-Klein mentioned this issue Mar 25, 2025
Merged
@ZeroIntensity ZeroIntensity added tests Tests in the Lib/test dir and removed type-feature A feature request or enhancement labels Mar 25, 2025
picnixz pushed a commit that referenced this issue Apr 1, 2025
@WillChilds-Klein
gh-131736: only apply security_level workaround in test_ssl for s…
3b3720f 
…ecurity levels greater than 1 (#131739)
@picnixz picnixz closed this as completed Apr 1, 2025
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Apr 1, 2025
@WillChilds-Klein @miss-islington
pythongh-131736: only apply security_level workaround in test_ssl
d63c5a8 
… for security levels greater than 1 (pythonGH-131739)

(cherry picked from commit 3b3720f)

Co-authored-by: Will Childs-Klein <[email protected]>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Apr 1, 2025
@WillChilds-Klein @miss-islington
pythongh-131736: only apply security_level workaround in test_ssl
11dcdde 
… for security levels greater than 1 (pythonGH-131739)

(cherry picked from commit 3b3720f)

Co-authored-by: Will Childs-Klein <[email protected]>
This was referenced Apr 1, 2025
Merged
Merged
picnixz pushed a commit that referenced this issue Apr 1, 2025
@miss-islington @WillChilds-Klein
[3.12] gh-131736: only apply security_level workaround in `test_ssl…
756676f 
…` for security levels greater than 1 (GH-131739) (#131966)

gh-131736: only apply `security_level` workaround in `test_ssl` for security levels greater than 1 (GH-131739)
(cherry picked from commit 3b3720f)

Co-authored-by: Will Childs-Klein <[email protected]>
picnixz pushed a commit that referenced this issue Apr 1, 2025
@miss-islington @WillChilds-Klein
[3.13] gh-131736: only apply security_level workaround in `test_ssl…
05e7fa2 
…` for security levels greater than 1 (GH-131739) (#131967)

gh-131736: only apply `security_level` workaround in `test_ssl` for security levels greater than 1 (GH-131739)
(cherry picked from commit 3b3720f)

Co-authored-by: Will Childs-Klein <[email protected]>
@picnixz
Copy link
Member

picnixz commented Apr 1, 2025

Thanks for the PR and fix!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tests Tests in the Lib/test dir topic-SSL
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@WillChilds-Klein @picnixz @ZeroIntensity