(self)
| 4380 | sni_name=hostname) |
| 4381 | |
| 4382 | def test_dh_params(self): |
| 4383 | # Check we can get a connection with ephemeral finite-field |
| 4384 | # Diffie-Hellman (if supported). |
| 4385 | client_context, server_context, hostname = testing_context() |
| 4386 | dhe_aliases = {"ADH", "EDH", "DHE"} |
| 4387 | if not (supports_kx_alias(client_context, dhe_aliases) |
| 4388 | and supports_kx_alias(server_context, dhe_aliases)): |
| 4389 | self.skipTest("libssl doesn't support ephemeral DH") |
| 4390 | # test scenario needs TLS <= 1.2 |
| 4391 | client_context.maximum_version = ssl.TLSVersion.TLSv1_2 |
| 4392 | try: |
| 4393 | server_context.load_dh_params(DHFILE) |
| 4394 | except RuntimeError: |
| 4395 | if Py_DEBUG_WIN32: |
| 4396 | self.skipTest("not supported on Win32 debug build") |
| 4397 | raise |
| 4398 | server_context.set_ciphers("kEDH") |
| 4399 | server_context.maximum_version = ssl.TLSVersion.TLSv1_2 |
| 4400 | stats = server_params_test(client_context, server_context, |
| 4401 | chatty=True, connectionchatty=True, |
| 4402 | sni_name=hostname) |
| 4403 | cipher = stats["cipher"][0] |
| 4404 | parts = cipher.split("-") |
| 4405 | if not dhe_aliases.intersection(parts): |
| 4406 | self.fail("Non-DH key exchange: " + cipher[0]) |
| 4407 | |
| 4408 | def test_ecdh_curve(self): |
| 4409 | # server secp384r1, client auto |
nothing calls this directly
no test coverage detected