New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Python install test fails - OpenSSL - "dh key too small" #69173
Comments
Installing Python 3.4.3 on a new CentOS Linux release 7.1.1503 server. OpenSSL has recently been modified to reject short keys, due to a security vulnerability. See Apparently the "dh512.pem" file in the test suite is now obsolete, because the minimum length dh key is now 768. The question is, does this break anything else? Google for "dh key too small" and various other projects report problems. ====================================================================== Traceback (most recent call last):
File "/home/sitetruth/private/downloads/python/Python-3.4.3/Lib/test/test_ssl. py", line 2728, in test_dh_params
chatty=True, connectionchatty=True)
File "/home/sitetruth/private/downloads/python/Python-3.4.3/Lib/test/test_ssl. py", line 1866, in server_params_test
s.connect((HOST, server.port))
File "/home/sitetruth/private/downloads/python/Python-3.4.3/Lib/ssl.py", line 846, in connect
self._real_connect(addr, False)
File "/home/sitetruth/private/downloads/python/Python-3.4.3/Lib/ssl.py", line 837, in _real_connect
self.do_handshake()
File "/home/sitetruth/private/downloads/python/Python-3.4.3/Lib/ssl.py", line 810, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSL_NEGATIVE_LENGTH] dh key too small (_ssl.c:600) Ran 99 tests in 12.012s FAILED (errors=1, skipped=4) ====================================================================== |
I suspect this is fixed in 3.4.4. The 512-bit file was replaced by a 1024-bit (or 2014-bit if you believe the commit message :) one in bpo-23844, revision 1ad7c0253abe. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: