From 20f0cc082ed66f8db7c50e6b19c3c3ae08f08dd7 Mon Sep 17 00:00:00 2001 From: Debian Python Team Date: Tue, 7 Jun 2022 19:53:46 +0100 Subject: [PATCH] _test__override_default_cipher_selection_when_connecting_to_TLS_1_0_1_1_servers # HG changeset patch # User Julien Cristau # Date 1649507297 -7200 # Sat Apr 09 14:28:17 2022 +0200 # Node ID 41f738aed141d3a29c5ed5d33a9e79cad15b0669 # Parent c871c4fbc94f88e8c78a6bd4ece15d239cbdea10 test: override default cipher selection when connecting to TLS 1.0/1.1 servers The default set of ciphers on python 3.10 is incompatible with old TLS versions. Differential Revision: https://phab.mercurial-scm.org/D12490 Gbp-Pq: Topic py310 Gbp-Pq: Name 5_test__override_default_cipher_selection_when_connecting_to_TLS_1_0_1_1_servers.patch --- tests/test-https.t | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/test-https.t b/tests/test-https.t index 8070f72..9cd28de 100644 --- a/tests/test-https.t +++ b/tests/test-https.t @@ -361,9 +361,9 @@ Start servers running supported TLS versions Clients talking same TLS versions work - $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 id https://localhost:$HGPORT/ + $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT/ 5fed3813f7f5 - $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT1/ + $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT1/ 5fed3813f7f5 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/ 5fed3813f7f5 @@ -405,6 +405,7 @@ Clients requiring newer TLS version than what server supports fail The per-host config option overrides the default $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \ + > --config hostsecurity.ciphers=DEFAULT \ > --config hostsecurity.minimumprotocol=tls1.2 \ > --config hostsecurity.localhost:minimumprotocol=tls1.0 5fed3813f7f5 -- 2.30.2