From d63c5a851a266774d1200ba68db6c28c200f028f Mon Sep 17 00:00:00 2001
From: Will Childs-Klein <willck93@gmail.com>
Date: Tue, 1 Apr 2025 03:58:47 -0400
Subject: [PATCH] gh-131736: only apply `security_level` workaround in
 `test_ssl` for security levels greater than 1 (GH-131739) (cherry picked from
 commit 3b3720f1a26ab34377542b48eb6a6565f78ff892)

Co-authored-by: Will Childs-Klein <willck93@gmail.com>
---
 Lib/test/test_ssl.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 75b7e5ca506aa3..b13e37d0cd18ee 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -173,7 +173,8 @@ def seclevel_workaround(*ctxs):
         for ctx in ctxs:
             if (
                 hasattr(ctx, "minimum_version") and
-                ctx.minimum_version <= ssl.TLSVersion.TLSv1_1
+                ctx.minimum_version <= ssl.TLSVersion.TLSv1_1 and
+                ctx.security_level > 1
             ):
                 ctx.set_ciphers("@SECLEVEL=1:ALL")
 else: