28cd304e9d
OpenSSL 3.0 FIPS mode is now detected correctly Upstream fixes on top of 36.0.1: - Fix error check from EVP_PKEY_CTX_set_signature_md - Block 3DES in FIPS mode - Disable DSA tests in FIPS mode - Enable SHA1 signatures in test suite - Fix serialization of keyusage ext with no bits Related: rhbz#2060787
25 lines
845 B
Diff
25 lines
845 B
Diff
From 820d9527070ad2c7724dcecf1a35dbac7d68621d Mon Sep 17 00:00:00 2001
|
|
From: Christian Heimes <christian@python.org>
|
|
Date: Tue, 1 Mar 2022 16:22:51 +0100
|
|
Subject: [PATCH 4/5] Disable test_openssl_assert_error_on_stack in FIPS mode
|
|
|
|
---
|
|
tests/hazmat/bindings/test_openssl.py | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
|
|
index 129928ac0..9839aec4d 100644
|
|
--- a/tests/hazmat/bindings/test_openssl.py
|
|
+++ b/tests/hazmat/bindings/test_openssl.py
|
|
@@ -84,6 +84,7 @@ class TestOpenSSL(object):
|
|
with pytest.raises(AttributeError):
|
|
b.lib.TLS_ST_OK
|
|
|
|
+ @pytest.mark.skip_fips(reason="FIPS maps to different error codes")
|
|
def test_openssl_assert_error_on_stack(self):
|
|
b = Binding()
|
|
b.lib.ERR_put_error(
|
|
--
|
|
2.35.1
|
|
|