guix-devel/gnu/packages/patches/python-pyopenssl-skip-network-test.patch

This test tries connecting to an external server which is not supported
in the build environment. See discussion at:

https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00650.html

diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index ee849fd..60048b8 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -1113,33 +1113,6 @@ class TestContext(object):
         reason="set_default_verify_paths appears not to work on Windows.  "
         "See LP#404343 and LP#404344."
     )
-    def test_set_default_verify_paths(self):
-        """
-        `Context.set_default_verify_paths` causes the platform-specific CA
-        certificate locations to be used for verification purposes.
-        """
-        # Testing this requires a server with a certificate signed by one
-        # of the CAs in the platform CA location.  Getting one of those
-        # costs money.  Fortunately (or unfortunately, depending on your
-        # perspective), it's easy to think of a public server on the
-        # internet which has such a certificate.  Connecting to the network
-        # in a unit test is bad, but it's the only way I can think of to
-        # really test this. -exarkun
-
-        # Arg, verisign.com doesn't speak anything newer than TLS 1.0
-        context = Context(SSLv23_METHOD)
-        context.set_default_verify_paths()
-        context.set_verify(
-            VERIFY_PEER,
-            lambda conn, cert, errno, depth, preverify_ok: preverify_ok)
-
-        client = socket()
-        client.connect(("encrypted.google.com", 443))
-        clientSSL = Connection(context, client)
-        clientSSL.set_connect_state()
-        clientSSL.do_handshake()
-        clientSSL.send(b"GET / HTTP/1.0\r\n\r\n")
-        assert clientSSL.recv(1024)
 
     def test_add_extra_chain_cert_invalid_cert(self):
         """