One test is failing but I cannot see where the import gets overwritten again.

____________________________________________ test_module_metadata_is_fixed_up ____________________________________________

    def test_module_metadata_is_fixed_up():
        import trio
        assert trio.Cancelled.__module__ == "trio"
        assert trio.open_cancel_scope.__module__ == "trio"
>       assert trio.ssl.SSLStream.__module__ == "trio.ssl"
E       AssertionError: assert 'ssl' == 'trio.ssl'
E         - ssl
E         + trio.ssl

trio/tests/test_util.py:73: AssertionError

Any ideas are welcome.

Codecov Report

Merging #752 into master will increase coverage by <.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #752      +/-   ##
==========================================
+ Coverage   99.01%   99.01%   +<.01%     
==========================================
  Files          96       96              
  Lines       11673    11677       +4     
  Branches      832      830       -2     
==========================================
+ Hits        11558    11562       +4     
  Misses         94       94              
  Partials       21       21

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6bc3b0b...774e1e8. Read the comment docs.

It might make sense to merge #756 before this, and then use #756's new tests instead of adding tests here.

This also needs a merge from master to pick up the changes in #756. Plus addressing the other comments above, of course :-)

This also needs a merge from master to pick up the changes in #756. Plus addressing the other comments above, of course :-)

Right, I did this for #753 but totally forgot about this one. I'll also remove the extra imports. Might take a couple of days, I am really busy right now.

No worries 👍

That's strange. I expected the test to fail, as I am only importing the ssl Mac symbols, so the jedi and pylint test for windows and linux should show some missing symbols. I'll checkout this repo on windows and see if it passes locally as well check which symbols are imported.
I also tried to import directly but only a subset of symbols was available on each system which made the tests to fail. Therefore I moved back to the try catch block which seems fine now.
@njsmith Let me know what you think.

I can confirm the tests did not catchOP_NO_RENEGOTIATION of the ssl module missing on windows. I assume this should be another issue, I'll try to get the missing symbols on linux via wsl.

I think that the main thing that determines which symbols appear on a given Python is (a) which version of Python you're using, and (b) which version of OpenSSL this Python was built against. I don't think it varies across platforms, except that if you grab a random Windows build and a random MacOS build then they may well have been built against different versions of OpenSSL.

I think that the main thing that determines which symbols appear on a given Python is (a) which version of Python you're using, and (b) which version of OpenSSL this Python was built against. I don't think it varies across platforms, except that if you grab a random Windows build and a random MacOS build then they may well have been built against different versions of OpenSSL.

Understood, but that does not make it especially easier. Python can not only be build against different versions of OpenSSL it can also be build against other SSL libraries, e.g. LibreSSL.
Building tests for these scenarios will IMHO be not worth the effort.

1. It looks like this PR isn't actually enabling the generic exports test for the trio.ssl module? You need to remove this line from trio/test/test_exports.py:

NAMESPACES.remove("trio.ssl")

2. I see what you mean about the different versions being frustrating... but I'm still wincing a lot at the duplicate lists :-(. As one last try before we give up and maintain two lists of symbols, can we try the following?

# Always available
from ssl import (
     cert_time_to_seconds, CertificateError,
     create_default_context, DER_cert_to_PEM_cert,
     get_default_verify_paths, match_hostname,
     PEM_cert_to_DER_cert, Purpose, SSLEOFError, SSLError, 
     SSLSyscallError, SSLZeroReturnError
) 

# Added in python 3.6
try:
    from ssl import AlertDescription, SSLErrorNumber, SSLSession, VerifyFlags, VerifyMode, Options
except ImportError:
    pass

# Added in python 3.7
try:
    from ssl import SSLCertVerificationError, TLSVersion
except ImportError:
    pass

# Windows-only
try:
    from ssl import enum_certificates, enum_crls
except ImportError:
    pass

(It looks like the constants available depend on openssl version, but these lowercase things are mostly dependent on Python version.)

@njsmith Hi Nathaniel, thanks for the feedback and sorry for the delayed answer. I was really busy over the past days. I'll try to implement what you suggest and notify you once done. Thank you so much for letting me taking part of this awesome project.

??? I thought the second last test failed for pypy but now it is actually telling me that this test succeeded?
Well the difference is just two blocks vs one but the browser behaviour sometimes is really weird.
The split of blocks can easily be fixed by a rollback though. @njsmith Could you take a look?

This is looking good, except for some dead code left behind... let me try deleting that and check if it still works.