Skip to content

Commit

Permalink
test: update test expectations for OpenSSL 1.1.0
Browse files Browse the repository at this point in the history
Some errors in the two versions are different. The test-tls-no-sslv3 one
because OpenSSL 1.1.x finally does version negotiation properly. 1.0.x's
logic was somewhat weird and resulted in very inconsistent errors for
SSLv3 in particular.

Also the function codes are capitalized differently, but function codes
leak implementation details, so don't assert on them to begin with.

PR-URL: #16130
Backport-PR-URL: #18622
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
  • Loading branch information
davidben authored and gibfahn committed Feb 18, 2018
1 parent eb377f3 commit de37b99
Show file tree
Hide file tree
Showing 5 changed files with 13 additions and 5 deletions.
2 changes: 1 addition & 1 deletion test/parallel/test-crypto.js
Original file line number Diff line number Diff line change
Expand Up @@ -257,7 +257,7 @@ assert.throws(function() {
// Throws crypto error, so there is an opensslErrorStack property.
// The openSSL stack should have content.
if ((err instanceof Error) &&
/asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag/.test(err) &&
/asn1 encoding routines:[^:]*:wrong tag/.test(err) &&
err.opensslErrorStack !== undefined &&
Array.isArray(err.opensslErrorStack) &&
err.opensslErrorStack.length > 0) {
Expand Down
4 changes: 3 additions & 1 deletion test/parallel/test-tls-junk-server.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,9 @@ server.listen(0, function() {
req.end();

req.once('error', common.mustCall(function(err) {
assert(/unknown protocol/.test(err.message));
// OpenSSL 1.0.x and 1.1.x use different error messages for junk inputs.
assert(/unknown protocol/.test(err.message) ||
/wrong version number/.test(err.message));
server.close();
}));
});
4 changes: 3 additions & 1 deletion test/parallel/test-tls-no-sslv3.js
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ process.on('exit', function() {
common.printSkipMessage('`openssl s_client -ssl3` not supported.');
} else {
assert.strictEqual(errors.length, 1);
assert(/:wrong version number/.test(errors[0].message));
// OpenSSL 1.0.x and 1.1.x report invalid client versions differently.
assert(/:wrong version number/.test(errors[0].message) ||
/:version too low/.test(errors[0].message));
}
});
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ const server = tls.createServer({})
}).on('tlsClientError', common.mustCall(function(e) {
assert.ok(e instanceof Error,
'Instance of Error should be passed to error handler');
// OpenSSL 1.0.x and 1.1.x use different error codes for junk inputs.
assert.ok(
/SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol/.test(e.message),
/SSL routines:[^:]*:(unknown protocol|wrong version number)/.test(
e.message),
'Expecting SSL unknown protocol');

server.close();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ const server = net.createServer(function(c) {
s.on('error', common.mustCall(function(e) {
assert.ok(e instanceof Error,
'Instance of Error should be passed to error handler');
// OpenSSL 1.0.x and 1.1.x use different error codes for junk inputs.
assert.ok(
/SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol/.test(e.message),
/SSL routines:[^:]*:(unknown protocol|wrong version number)/.test(
e.message),
'Expecting SSL unknown protocol');
}));

Expand Down

0 comments on commit de37b99

Please sign in to comment.