Fix typo in PROTOCOL_TO_TLS_VERSION in test_ssl (GH-95119)
This appears to be a typo. It causes try_protocol_combo to try to turn on SSL 3.0 when testing PROTOCOL_SSLv23 (aka PROTOCOL_TLS), which doesn't make any sense. Fix it to be PROTOCOL_SSLv3. Without this, try_protocol_combo is actually setting context.minimum_version to SSLv3 when called as try_protocol_combo(ssl.PROTOCOL_TLS, ssl.PROTOCOL_TLS, True) One would think this causes a no-ssl3 OpenSSL build to fail, but OpenSSL forgot to make SSL_CTX_set_min_proto_version(SSL3_VERSION) does not notice no-ssl3, so this typo has gone undetected. But we should still fix the typo because, presumably, a future version of OpenSSL will remove SSL 3.0 and do so more thoroughly, at which point this will break.
Loading
Please register or sign in to comment