bpo-38270: Check for hash digest algorithms and avoid MD5#16382
Merged
Conversation
The new test helper requires_hashdigest() marks tests that require a specific hashlib algorithm. If the algorithm is not available or blocked by a security policy, the test case is skipped. Signed-off-by: Christian Heimes <christian@python.org>
test_hmac now uses SHA256 instead of MD5 for default constructor tests. All tests now use requires_hashdigest(), too. Signed-off-by: Christian Heimes <christian@python.org>
Signed-off-by: Christian Heimes <christian@python.org>
Some test cases for imaplib, poplib, smptlib, and urllib2 require MD5 to perform digest auth / CRAM-MD5 auth testing. These tests are now marked as requiring MD5 and skipped when MD5 is not available. Signed-off-by: Christian Heimes <christian@python.org>
vstinner
approved these changes
Sep 25, 2019
vstinner
left a comment
vstinner
left a comment
Member
There was a problem hiding this comment.
LGTM. I just have a minor suggestion on the NEWS entry.
Signed-off-by: Christian Heimes <christian@python.org>
tiran
force-pushed
the
bpo-38270-md5
branch
from
f81708a to
0ad9fe2
Compare
vstinner
approved these changes
Sep 25, 2019
vstinner
left a comment
vstinner
left a comment
Member
There was a problem hiding this comment.
LGTM. The updated NEWS entry is even better ;-)
Contributor
|
Thanks @tiran for the PR 🌮🎉.. I'm working now to backport this PR to: 3.7, 3.8. |
Contributor
|
I'm having trouble backporting to |
Contributor
|
Sorry, @tiran, I could not cleanly backport this to |
Contributor
|
Thanks @tiran for the PR 🌮🎉.. I'm working now to backport this PR to: 3.8. |
Contributor
|
Sorry @tiran, I had trouble checking out the |
Contributor
|
Thanks @tiran for the PR 🌮🎉.. I'm working now to backport this PR to: 3.8. |
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Sep 25, 2019
…6382) Make it easier to run and test Python on systems with restrict crypto policies: * add requires_hashdigest to test.support to check if a hash digest algorithm is available and working * avoid MD5 in test_hmac * replace MD5 with SHA256 in test_tarfile * mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5 https://bugs.python.org/issue38270 (cherry picked from commit c64a1a6) Co-authored-by: Christian Heimes <christian@python.org>
|
GH-16393 is a backport of this pull request to the 3.8 branch. |
miss-islington
added a commit
that referenced
this pull request
Sep 25, 2019
…6382) (GH-16393) Make it easier to run and test Python on systems with restrict crypto policies: * add requires_hashdigest to test.support to check if a hash digest algorithm is available and working * avoid MD5 in test_hmac * replace MD5 with SHA256 in test_tarfile * mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5 https://bugs.python.org/issue38270 (cherry picked from commit c64a1a6) Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue38270 Automerge-Triggered-By: @tiran
stratakis
pushed a commit
to stratakis/cpython
that referenced
this pull request
Dec 2, 2019
…onGH-16382) (pythonGH-16393) Make it easier to run and test Python on systems with restrict crypto policies: * add requires_hashdigest to test.support to check if a hash digest algorithm is available and working * avoid MD5 in test_hmac * replace MD5 with SHA256 in test_tarfile * mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5 https://bugs.python.org/issue38270 (cherry picked from commit c64a1a6) Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue38270 Automerge-Triggered-By: @tiran
jacobneiltaylor
pushed a commit
to jacobneiltaylor/cpython
that referenced
this pull request
Dec 5, 2019
…6382) Make it easier to run and test Python on systems with restrict crypto policies: * add requires_hashdigest to test.support to check if a hash digest algorithm is available and working * avoid MD5 in test_hmac * replace MD5 with SHA256 in test_tarfile * mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5 https://bugs.python.org/issue38270
stratakis
pushed a commit
to stratakis/cpython
that referenced
this pull request
May 5, 2020
…onGH-16382) (pythonGH-16393) Make it easier to run and test Python on systems with restrict crypto policies: * add requires_hashdigest to test.support to check if a hash digest algorithm is available and working * avoid MD5 in test_hmac * replace MD5 with SHA256 in test_tarfile * mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5 https://bugs.python.org/issue38270 (cherry picked from commit c64a1a6) Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue38270 Automerge-Triggered-By: @tiran
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Make it easier to run and test Python on systems with restrict crypto policies:
https://bugs.python.org/issue38270
Automerge-Triggered-By: @tiran
Automerge-Triggered-By: @tiran