More for gevent/gevent#546 under CPython.

Tested under Python 2.7.8 and all the test_ssl tests pass, EXCEPT for: -- test_algorithms. That test is disabled in the 2.7.8 sourcecode, so disable it here; -- test_protocol_sslv2, which fails with the same EOF error as described in the last commit for 2.7.9.

More for gevent/gevent#546 under CPython.
Tested under Python 2.7.8 and all the test_ssl tests pass, EXCEPT for: -- test_algorithms. That test is disabled in the 2.7.8 sourcecode, so disable it here; -- test_protocol_sslv2, which fails with the same EOF error as described in the last commit for 2.7.9.
8f2e9b7c · Jason Madden · 00ed793f · 8f2e9b7c
Commit 8f2e9b7c authored Mar 25, 2015 by Jason Madden
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 10 deletions

greentest/2.7/test_ssl.py greentest/2.7/test_ssl.py +8 -10

No files found.
--- a/greentest/2.7/test_ssl.py
+++ b/greentest/2.7/test_ssl.py
@@ -374,21 +374,19 @@ class NetworkedTests(unittest.TestCase):
        # SHA256 was added in OpenSSL 0.9.8
        if ssl.OPENSSL_VERSION_INFO < (0, 9, 8, 0, 15):
            self.skipTest("SHA256 not available on %r" % ssl.OPENSSL_VERSION)
+        if not hasattr(ssl, 'SSLContext') or not getattr(ssl, 'HAS_SNI', True):
+            # The Python 2.7.8 test lib doesn't run this
+            self.skipTest('remote host needs SNI, only available on Python 3.2+')
        # NOTE: https://sha256.tbs-internet.com is another possible test host
        remote = ("sha256.tbs-internet.com", 443)
        sha256_cert = os.path.join(os.path.dirname(__file__), "sha256.pem")

        with test_support.transient_internet("sha256.tbs-internet.com"):
-            if not hasattr(ssl, 'SSLContext') or not getattr(ssl, 'HAS_SNI', True): # <= 2.7.9
-                s = ssl.wrap_socket(socket.socket(socket.AF_INET),
-                                    cert_reqs=ssl.CERT_REQUIRED,
-                                    ca_certs=sha256_cert,)
-            else:
-                ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
-                ctx.verify_mode = ssl.CERT_REQUIRED
-                ctx.load_verify_locations(sha256_cert)
-                s = ctx.wrap_socket(socket.socket(socket.AF_INET),
-                                    server_hostname="sha256.tbs-internet.com")
+            ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+            ctx.verify_mode = ssl.CERT_REQUIRED
+            ctx.load_verify_locations(sha256_cert)
+            s = ctx.wrap_socket(socket.socket(socket.AF_INET),
+                                server_hostname="sha256.tbs-internet.com")
            try:
                s.connect(remote)
                if test_support.verbose: