1 files changed, 75 insertions, 0 deletions

diff --git a/examples/python2.7/patches/disable-ssl-cert-tests.diff b/examples/python2.7/patches/disable-ssl-cert-tests.diff
new file mode 100644
index 0000000..af3deab
--- /dev/null
+++ b/examples/python2.7/patches/disable-ssl-cert-tests.diff
@@ -0,0 +1,75 @@
+--- a/Lib/test/test_ssl.py
++++ b/Lib/test/test_ssl.py
+@@ -231,59 +231,6 @@
+             finally:
+                 s.close()
+ 
+-            # this should succeed because we specify the root cert
+-            s = ssl.wrap_socket(socket.socket(socket.AF_INET),
+-                                cert_reqs=ssl.CERT_REQUIRED,
+-                                ca_certs=SVN_PYTHON_ORG_ROOT_CERT)
+-            try:
+-                s.connect(("svn.python.org", 443))
+-            finally:
+-                s.close()
+-
+-    def test_connect_ex(self):
+-        # Issue #11326: check connect_ex() implementation
+-        with test_support.transient_internet("svn.python.org"):
+-            s = ssl.wrap_socket(socket.socket(socket.AF_INET),
+-                                cert_reqs=ssl.CERT_REQUIRED,
+-                                ca_certs=SVN_PYTHON_ORG_ROOT_CERT)
+-            try:
+-                self.assertEqual(0, s.connect_ex(("svn.python.org", 443)))
+-                self.assertTrue(s.getpeercert())
+-            finally:
+-                s.close()
+-
+-    def test_non_blocking_connect_ex(self):
+-        # Issue #11326: non-blocking connect_ex() should allow handshake
+-        # to proceed after the socket gets ready.
+-        with test_support.transient_internet("svn.python.org"):
+-            s = ssl.wrap_socket(socket.socket(socket.AF_INET),
+-                                cert_reqs=ssl.CERT_REQUIRED,
+-                                ca_certs=SVN_PYTHON_ORG_ROOT_CERT,
+-                                do_handshake_on_connect=False)
+-            try:
+-                s.setblocking(False)
+-                rc = s.connect_ex(('svn.python.org', 443))
+-                # EWOULDBLOCK under Windows, EINPROGRESS elsewhere
+-                self.assertIn(rc, (0, errno.EINPROGRESS, errno.EWOULDBLOCK))
+-                # Wait for connect to finish
+-                select.select([], [s], [], 5.0)
+-                # Non-blocking handshake
+-                while True:
+-                    try:
+-                        s.do_handshake()
+-                        break
+-                    except ssl.SSLError as err:
+-                        if err.args[0] == ssl.SSL_ERROR_WANT_READ:
+-                            select.select([s], [], [], 5.0)
+-                        elif err.args[0] == ssl.SSL_ERROR_WANT_WRITE:
+-                            select.select([], [s], [], 5.0)
+-                        else:
+-                            raise
+-                # SSL established
+-                self.assertTrue(s.getpeercert())
+-            finally:
+-                s.close()
+-
+     @unittest.skipIf(os.name == "nt", "Can't use a socket as a file under Windows")
+     def test_makefile_close(self):
+         # Issue #5238: creating a file-like object with makefile() shouldn't
+@@ -343,12 +290,6 @@
+             else:
+                 self.fail("Got server certificate %s for svn.python.org!" % pem)
+ 
+-            pem = ssl.get_server_certificate(("svn.python.org", 443), ca_certs=SVN_PYTHON_ORG_ROOT_CERT)
+-            if not pem:
+-                self.fail("No server certificate on svn.python.org:443!")
+-            if test_support.verbose:
+-                sys.stdout.write("\nVerified certificate for svn.python.org:443 is\n%s\n" % pem)
+-
+     def test_algorithms(self):
+         # Issue #8484: all algorithms should be available when verifying a
+         # certificate.