Fix (hopefully) the remaining test_ssl buildbot failures

65ec8ae4 · Antoine Pitrou · 467f28de · 65ec8ae4 · 65ec8ae4
Commit 65ec8ae4 authored May 16, 2010 by Antoine Pitrou
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

Lib/test/test_ssl.py Lib/test/test_ssl.py +2 -2

Modules/_ssl.c Modules/_ssl.c +4 -0

No files found.
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -142,7 +142,7 @@ class BasicSocketTests(unittest.TestCase):
        # Error checking can happen at instantiation or when connecting
        with self.assertRaisesRegexp(ssl.SSLError, "No cipher can be selected"):
            s = ssl.wrap_socket(socket.socket(socket.AF_INET),
-                                cert_reqs=ssl.CERT_NONE, ciphers="^$:,;?*'dorothyx")
+                                cert_reqs=ssl.CERT_NONE, ciphers="xyzzy")
            s.connect(remote)
    @support.cpython_only
@@ -186,7 +186,7 @@ class ContextTests(unittest.TestCase):
        ctx.set_ciphers("ALL")
        ctx.set_ciphers("DEFAULT")
        with self.assertRaisesRegexp(ssl.SSLError, "No cipher can be selected"):
-            ctx.set_ciphers("^$:,;?*'dorothyx")
+            ctx.set_ciphers("xyzzy")
    def test_verify(self):
        ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)

--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -1462,6 +1462,10 @@ set_ciphers(PySSLContext *self, PyObject *args)
        return NULL;
    ret = SSL_CTX_set_cipher_list(self->ctx, cipherlist);
    if (ret == 0) {
+        /* Clearing the error queue is necessary on some OpenSSL versions,
+           otherwise the error will be reported again when another SSL call
+           is done. */
+        ERR_clear_error();
        PyErr_SetString(PySSLErrorObject,
                        "No cipher can be selected.");
        return NULL;