bpo-43921: Fix test_ssl.test_wrong_cert_tls13() on Windows (GH-26502)

vstinner · web-flow · commit ea0210fa8ccc · 2021-06-03T18:04:25.000+02:00
Fix test_ssl.test_wrong_cert_tls13(): use suppress_ragged_eofs=False,
since read() can raise ssl.SSLEOFError on Windows.
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
@@ -3190,7 +3190,8 @@ def test_wrong_cert_tls13(self):
         )
         with server, \
              client_context.wrap_socket(socket.socket(),
-                                        server_hostname=hostname) as s:
+                                        server_hostname=hostname,
+                                        suppress_ragged_eofs=False) as s:
             # TLS 1.3 perform client cert exchange after handshake
             s.connect((HOST, server.port))
             try:
@@ -3207,13 +3208,7 @@ def test_wrong_cert_tls13(self):
                 if support.verbose:
                     sys.stdout.write("\nsocket.error is %r\n" % e)
             else:
-                if sys.platform == "win32":
-                    self.skipTest(
-                        "Ignoring failed test_wrong_cert_tls13 test case. "
-                        "The test is flaky on Windows, see bpo-43921."
-                    )
-                else:
-                    self.fail("Use of invalid cert should have failed!")
+                self.fail("Use of invalid cert should have failed!")
 
     def test_rude_shutdown(self):
         """A brutal shutdown of an SSL server should raise an OSError
@@ -4450,7 +4445,8 @@ def msg_cb(conn, direction, version, content_type, msg_type, data):
         server = ThreadedEchoServer(context=server_context, chatty=True)
         with server:
             with client_context.wrap_socket(socket.socket(),
-                                            server_hostname=hostname) as s:
+                                            server_hostname=hostname,
+                                            suppress_ragged_eofs=False) as s:
                 s.connect((HOST, server.port))
                 s.write(b'PHA')
                 # test sometimes fails with EOF error. Test passes as long as
@@ -4461,17 +4457,13 @@ def msg_cb(conn, direction, version, content_type, msg_type, data):
                 ):
                     # receive CertificateRequest
                     data = s.recv(1024)
-                    if not data:
-                        raise ssl.SSLError(1, "EOF occurred")
                     self.assertEqual(data, b'OK\n')
 
                     # send empty Certificate + Finish
                     s.write(b'HASCERT')
 
                     # receive alert
-                    data = s.recv(1024)
-                    if not data:
-                        raise ssl.SSLError(1, "EOF occurred")
+                    s.recv(1024)
 
     def test_pha_optional(self):
         if support.verbose:
diff --git a/Misc/NEWS.d/next/Tests/2021-06-03-03-29-34.bpo-43921.nwH1FS.rst b/Misc/NEWS.d/next/Tests/2021-06-03-03-29-34.bpo-43921.nwH1FS.rst
@@ -0,0 +1,3 @@
+Fix test_ssl.test_wrong_cert_tls13(): use ``suppress_ragged_eofs=False``,
+since ``read()`` can raise :exc:`ssl.SSLEOFError` on Windows. Patch by
+Victor Stinner.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+Fix test_ssl.test_wrong_cert_tls13(): use ``suppress_ragged_eofs=False``,
	`2`	+since ``read()`` can raise :exc:`ssl.SSLEOFError` on Windows. Patch by
	`3`	`+Victor Stinner.`