Feature or enhancement
Proposal:
We propose checking libssl's current security level before performing our ubuntu workaround in test_ssl.py, and skipping the workaround if it's unnecessary.
Due to backwards compatibility concerns around parsing short RSA keys, AWS-LC only supports SECLEVEL=0.
Has this already been discussed elsewhere?
I have already discussed this feature proposal on Discourse
Links to previous discussion of this feature:
This issue is very similar to a series of other test modifications discussed in
https://discuss.python.org/t/support-building-ssl-and-hashlib-modules-against-aws-lc/44505/13
Linked PRs
Feature or enhancement
Proposal:
We propose checking libssl's current security level before performing our ubuntu workaround in
test_ssl.py, and skipping the workaround if it's unnecessary.Due to backwards compatibility concerns around parsing short RSA keys, AWS-LC only supports
SECLEVEL=0.Has this already been discussed elsewhere?
I have already discussed this feature proposal on Discourse
Links to previous discussion of this feature:
This issue is very similar to a series of other test modifications discussed in
https://discuss.python.org/t/support-building-ssl-and-hashlib-modules-against-aws-lc/44505/13
Linked PRs
security_levelworkaround intest_sslfor security levels greater than 1 #131739security_levelworkaround intest_sslfor security levels greater than 1 (GH-131739) #131966security_levelworkaround intest_sslfor security levels greater than 1 (GH-131739) #131967