New submission from Larry Hastings <la...@hastings.org>:
I'm testing 3.5.10rc1 on a freshly installed Linux (Pop!_OS 20.04), and I'm getting a lot of these test failures: ssl.SSLError: [SSL: EE_KEY_TOO_SMALL] ee key too small (_ssl.c:2951) Apparently the 2048 keys used in the tests are considered "too small" with brand-new builds of the SSL library. Christian: you upgraded the test suite keys to 3072 bits back in 2018 (issue #34542), but didn't backport this as far as 3.5 because it was in security-fixes-only mode. I experimented with taking your patch to 3.6 and applying it to 3.5, but 80% of the patches didn't apply cleanly. Could you either backport this upgrade to 3.5 (I'll happily accept the PR), or advise me on how to otherwise mitigate the problem? I don't really want to turn off all those tests. Thanks! ---------- assignee: christian.heimes components: Tests messages: 372755 nosy: christian.heimes, larry priority: high severity: normal stage: needs patch status: open title: Workaround or fix for SSL "EE_KEY_TOO_SMALL" test failures type: crash versions: Python 3.5 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue41183> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
