Closed mgorny closed 1 year ago
It is a known issue, I think it could be resolved by #195
Thanks. It seems to fix these issues for me but I get now:
_____________________________________________________ test_ssl_hostname_validate ______________________________________________________
@pytest.mark.skipif(not MODERN_SSL,
reason="check hostname not supported")
def test_ssl_hostname_validate():
server_socket = TSSLServerSocket(host="localhost", port=12345,
certfile="ssl/server.pem")
# the ssl cert lock hostname to "localhost"
client_socket = TSSLSocket(
host="127.0.0.1", port=12345, socket_timeout=3000,
cafile="ssl/CA.pem", certfile="ssl/client.crt",
keyfile="ssl/client.key")
with pytest.raises((ssl.CertificateError, TTransportException)):
> _test_socket(server_socket, client_socket)
E Failed: DID NOT RAISE (<class 'ssl.SSLCertVerificationError'>, <class 'thriftpy2.transport.base.TTransportException'>)
test_sslsocket.py:74: Failed
I am looking into it.
Skip this test case temporarily because the new cert is signed to 127.0.0.1 now, I checked all test cases and they are all passed right now
When running the test suite (via
tox -e py39
), I get the following failures:Example traceback:
I can reproduce with all versions on Python on my system. This is Gentoo Linux, Python is built against OpenSSL 3.0.7. I suspect it's either due to the newer OpenSSL versions being stricter or system OpenSSL policy forbidding weak keys.