From 41dc136a28c9c66bafd1e5abd94e09fe2db1229f Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Tue, 4 Aug 2020 23:44:18 -0500
Subject: focal time (#929)

* focal time

* larger dh params, assert on something

* urllib3 fix

* actually check an error
---
 .travis.yml        |  6 +++++-
 src/OpenSSL/SSL.py |  3 ++-
 tests/test_ssl.py  | 13 +++++++------
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index eec8a02..d6d566c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
 os: linux
-dist: xenial
+dist: focal
 language: python
 
 cache:
@@ -18,6 +18,8 @@ jobs:
     env: TOXENV=py27
   - python: "2.7"
     env: TOXENV=py27
+    # we should still test against OpenSSL 1.0.2. Xenial gives us that for now.
+    dist: xenial
   - python: "3.5"
     env: TOXENV=py35
   - python: "3.6"
@@ -74,6 +76,8 @@ jobs:
     env: TOXENV=py37-twistedMaster
   - python: "3.5"
     env: TOXENV=py35-urllib3Master
+    # Somehow urllib3 has trouble with newer distributions
+    dist: xenial
 
 
   # Meta
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index d809743..8a54994 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -1080,7 +1080,8 @@ class Context(object):
 
         dh = _lib.PEM_read_bio_DHparams(bio, _ffi.NULL, _ffi.NULL, _ffi.NULL)
         dh = _ffi.gc(dh, _lib.DH_free)
-        _lib.SSL_CTX_set_tmp_dh(self._context, dh)
+        res = _lib.SSL_CTX_set_tmp_dh(self._context, dh)
+        _openssl_assert(res == 1)
 
     def set_tmp_ecdh(self, curve):
         """
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index 8f34a4d..7e28ab7 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -139,13 +139,15 @@ from .test_crypto import (
 )
 
 
-# openssl dhparam 1024 -out dh-1024.pem (note that 1024 is a small number of
-# bits to use)
+# openssl dhparam 2048 -out dh-2048.pem
 dhparam = """\
 -----BEGIN DH PARAMETERS-----
-MIGHAoGBALdUMvn+C9MM+y5BWZs11mSeH6HHoEq0UVbzVq7UojC1hbsZUuGukQ3a
-Qh2/pwqb18BZFykrWB0zv/OkLa0kx4cuUgNrUVq1EFheBiX6YqryJ7t2sO09NQiO
-V7H54LmltOT/hEh6QWsJqb6BQgH65bswvV/XkYGja8/T0GzvbaVzAgEC
+MIIBCAKCAQEA2F5e976d/GjsaCdKv5RMWL/YV7fq1UUWpPAer5fDXflLMVUuYXxE
+3m3ayZob9lbpgEU0jlPAsXHfQPGxpKmvhv+xV26V/DEoukED8JeZUY/z4pigoptl
++8+TYdNNE/rFSZQFXIp+v2D91IEgmHBnZlKFSbKR+p8i0KjExXGjU6ji3S5jkOku
+ogikc7df1Ui0hWNJCmTjExq07aXghk97PsdFSxjdawuG3+vos5bnNoUwPLYlFc/z
+ITYG0KXySiCLi4UDlXTZTz7u/+OYczPEgqa/JPUddbM/kfvaRAnjY38cfQ7qXf8Y
+i5s5yYK7a/0eWxxRr2qraYaUj8RwDpH9CwIBAg==
 -----END DH PARAMETERS-----
 """
 
@@ -1560,7 +1562,6 @@ class TestContext(object):
             dhfile.write(dhparam)
 
         context.load_tmp_dh(dhfilename)
-        # XXX What should I assert here? -exarkun
 
     def test_load_tmp_dh_bytes(self, tmpfile):
         """
-- 
cgit v1.2.1