bpo-35045: Accept TLSv1 default in min max test (GH-11510) Make ssl tests less strict and also accept TLSv1 as system default. The changes unbreaks test_min_max_version on Fedora 29. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit 34de2d312b3687994ddbc29adb66e88f672034c7) Co-authored-by: Christian Heimes <christian@python.org>

commit: 6ca7183b3549d3eaa8a0c3b73255eeac24d7974d [log] [tgz]
author: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Fri Jan 18 07:29:08 2019 -0800
committer: GitHub <noreply@github.com> Fri Jan 18 07:29:08 2019 -0800
tree: 2461c2d84136b517dd9a29ad80f15dd9dfdfb016
parent: c2647f2e45d2741fc44fd621966e05d15f2cd26a [diff] [blame]
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index b6794ce..38ecddd 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py

@@ -1108,8 +1108,11 @@
                          "required OpenSSL 1.1.0g")
     def test_min_max_version(self):
         ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
-        self.assertEqual(
-            ctx.minimum_version, ssl.TLSVersion.MINIMUM_SUPPORTED
+        # OpenSSL default is MINIMUM_SUPPORTED, however some vendors like
+        # Fedora override the setting to TLS 1.0.
+        self.assertIn(
+            ctx.minimum_version,
+            {ssl.TLSVersion.MINIMUM_SUPPORTED, ssl.TLSVersion.TLSv1}
         )
         self.assertEqual(
             ctx.maximum_version, ssl.TLSVersion.MAXIMUM_SUPPORTED
commit	6ca7183b3549d3eaa8a0c3b73255eeac24d7974d	[log] [tgz]
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	Fri Jan 18 07:29:08 2019 -0800
committer	GitHub <noreply@github.com>	Fri Jan 18 07:29:08 2019 -0800
tree	2461c2d84136b517dd9a29ad80f15dd9dfdfb016
parent	c2647f2e45d2741fc44fd621966e05d15f2cd26a [diff] [blame]