Revert all source changes, keep test changes

WillChilds-Klein · Mar 4, 2024 · 3a04a2e · 3a04a2e
1 parent d6f355e
commit 3a04a2e
Show file tree

Hide file tree

Showing 4 changed files with 2 additions and 37 deletions.
diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
@@ -2066,7 +2066,7 @@ def test_host_port(self):
 
     def test_tls13_pha(self):
         import ssl
-        if not ssl.HAS_TLSv1_3 or "AWS-LC" in ssl.OPENSSL_VERSION:
+        if not ssl.HAS_TLSv1_3:
             self.skipTest('TLS 1.3 support required')
         # just check status of PHA flag
         h = client.HTTPSConnection('localhost', 443)

diff --git a/Lib/test/test_site.py b/Lib/test/test_site.py
@@ -564,7 +564,6 @@ def test_customization_modules_on_startup(self):
     def test_license_exists_at_url(self):
         # This test is a bit fragile since it depends on the format of the
         # string displayed by license in the absence of a LICENSE file.
-        #import ssl
         url = license._Printer__data.split()[1]
         req = urllib.request.Request(url, method='HEAD')
         # Reset global urllib.request._opener

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
@@ -3930,7 +3930,6 @@ def test_no_legacy_server_connect(self):
                                    sni_name=hostname)
 
     @unittest.skipIf(Py_DEBUG_WIN32, "Avoid mixing debug/release CRT on Windows")
-    @unittest.skipIf(Py_OPENSSL_IS_AWSLC, "AWS-LC doesn't support (FF)DHE")
     def test_dh_params(self):
         # Check we can get a connection with ephemeral Diffie-Hellman
         client_context, server_context, hostname = testing_context()
@@ -4392,10 +4391,7 @@ def server_callback(identity):
                 s.connect((HOST, server.port))
 
 
-@unittest.skipUnless(
-    has_tls_version('TLSv1_3') and not Py_OPENSSL_IS_AWSLC,
-    "Test needs TLS 1.3; AWS-LC doesn't support PHA"
-)
+@unittest.skipUnless(has_tls_version('TLSv1_3'), "Test needs TLS 1.3")
 class TestPostHandshakeAuth(unittest.TestCase):
     def test_pha_setter(self):
         protocols = [
@@ -4671,31 +4667,6 @@ def test_internal_chain_server(self):
                 self.assertEqual(res, b'\x02\n')
 
 
-@unittest.skipUnless(Py_OPENSSL_IS_AWSLC, "Only test this against AWS-LC")
-class TestPostHandshakeAuthAwsLc(unittest.TestCase):
-    def test_pha(self):
-        protocols = [
-            ssl.PROTOCOL_TLS_SERVER, ssl.PROTOCOL_TLS_CLIENT
-        ]
-        for protocol in protocols:
-            client_ctx, server_ctx, hostname = testing_context()
-            client_ctx.load_cert_chain(SIGNED_CERTFILE)
-            self.assertEqual(client_ctx.post_handshake_auth, None)
-            with self.assertRaises(AttributeError):
-                client_ctx.post_handshake_auth = True
-            with self.assertRaises(AttributeError):
-                server_ctx.post_handshake_auth = True
-
-            with ThreadedEchoServer(context=server_ctx) as server:
-                with client_ctx.wrap_socket(
-                    socket.socket(),
-                    server_hostname=hostname
-                ) as ssock:
-                    ssock.connect((HOST, server.port))
-                    with self.assertRaises(NotImplementedError):
-                        ssock.verify_client_post_handshake()
-
-
 HAS_KEYLOG = hasattr(ssl.SSLContext, 'keylog_filename')
 requires_keylog = unittest.skipUnless(
     HAS_KEYLOG, 'test requires OpenSSL 1.1.1 with keylog callback')

diff --git a/Modules/_ssl.c b/Modules/_ssl.c
@@ -2069,12 +2069,7 @@ _ssl__SSLSocket_shared_ciphers_impl(PySSLSocket *self)
     len = 0;
     for (i = 0; i < sk_SSL_CIPHER_num(server_ciphers); i++) {
         cipher = sk_SSL_CIPHER_value(server_ciphers, i);
-#if defined(OPENSSL_IS_AWSLC)
-        size_t unused_idx;
-        if (sk_SSL_CIPHER_find(client_ciphers, &unused_idx, cipher) < 0)
-#else
         if (sk_SSL_CIPHER_find(client_ciphers, cipher) < 0)
-#endif
             continue;
 
         PyObject *tup = cipher_to_tuple(cipher);