bpo-38270: Check for hash digest algorithms and avoid MD5 (GH-16382)
Make it easier to run and test Python on systems with restrict crypto policies:
* add requires_hashdigest to test.support to check if a hash digest algorithm is available and working
* avoid MD5 in test_hmac
* replace MD5 with SHA256 in test_tarfile
* mark network tests that require MD5 for MD5-based digest auth or CRAM-MD5
https://bugs.python.org/issue38270
diff --git a/Lib/test/test_imaplib.py b/Lib/test/test_imaplib.py
index 8ab532a..03cffbe 100644
--- a/Lib/test/test_imaplib.py
+++ b/Lib/test/test_imaplib.py
@@ -10,7 +10,8 @@
import socket
from test.support import (reap_threads, verbose, transient_internet,
- run_with_tz, run_with_locale, cpython_only)
+ run_with_tz, run_with_locale, cpython_only,
+ requires_hashdigest)
import unittest
from unittest import mock
from datetime import datetime, timezone, timedelta
@@ -370,6 +371,7 @@
self.assertEqual(code, 'OK')
self.assertEqual(server.response, b'ZmFrZQ==\r\n') # b64 encoded 'fake'
+ @requires_hashdigest('md5')
def test_login_cram_md5_bytes(self):
class AuthHandler(SimpleIMAPHandler):
capabilities = 'LOGINDISABLED AUTH=CRAM-MD5'
@@ -387,6 +389,7 @@
ret, _ = client.login_cram_md5("tim", b"tanstaaftanstaaf")
self.assertEqual(ret, "OK")
+ @requires_hashdigest('md5')
def test_login_cram_md5_plain_text(self):
class AuthHandler(SimpleIMAPHandler):
capabilities = 'LOGINDISABLED AUTH=CRAM-MD5'
@@ -797,6 +800,7 @@
b'ZmFrZQ==\r\n') # b64 encoded 'fake'
@reap_threads
+ @requires_hashdigest('md5')
def test_login_cram_md5(self):
class AuthHandler(SimpleIMAPHandler):