From de37b993e853b1be448f5dacfdde749711bdafd7 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Sun, 17 Sep 2017 18:48:25 -0400 Subject: [PATCH] test: update test expectations for OpenSSL 1.1.0 Some errors in the two versions are different. The test-tls-no-sslv3 one because OpenSSL 1.1.x finally does version negotiation properly. 1.0.x's logic was somewhat weird and resulted in very inconsistent errors for SSLv3 in particular. Also the function codes are capitalized differently, but function codes leak implementation details, so don't assert on them to begin with. PR-URL: https://github.com/nodejs/node/pull/16130 Backport-PR-URL: https://github.com/nodejs/node/pull/18622 Reviewed-By: Ben Noordhuis Reviewed-By: Rod Vagg --- test/parallel/test-crypto.js | 2 +- test/parallel/test-tls-junk-server.js | 4 +++- test/parallel/test-tls-no-sslv3.js | 4 +++- .../test-tls-server-failed-handshake-emits-clienterror.js | 4 +++- test/parallel/test-tls-socket-failed-handshake-emits-error.js | 4 +++- 5 files changed, 13 insertions(+), 5 deletions(-) diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js index 403b4eb84cc6fc..d605d97abd4fee 100644 --- a/test/parallel/test-crypto.js +++ b/test/parallel/test-crypto.js @@ -257,7 +257,7 @@ assert.throws(function() { // Throws crypto error, so there is an opensslErrorStack property. // The openSSL stack should have content. if ((err instanceof Error) && - /asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag/.test(err) && + /asn1 encoding routines:[^:]*:wrong tag/.test(err) && err.opensslErrorStack !== undefined && Array.isArray(err.opensslErrorStack) && err.opensslErrorStack.length > 0) { diff --git a/test/parallel/test-tls-junk-server.js b/test/parallel/test-tls-junk-server.js index 3270dec745c1ba..27c273857b51ff 100644 --- a/test/parallel/test-tls-junk-server.js +++ b/test/parallel/test-tls-junk-server.js @@ -21,7 +21,9 @@ server.listen(0, function() { req.end(); req.once('error', common.mustCall(function(err) { - assert(/unknown protocol/.test(err.message)); + // OpenSSL 1.0.x and 1.1.x use different error messages for junk inputs. + assert(/unknown protocol/.test(err.message) || + /wrong version number/.test(err.message)); server.close(); })); }); diff --git a/test/parallel/test-tls-no-sslv3.js b/test/parallel/test-tls-no-sslv3.js index 9622262f38cbf3..aa37fc2e3b64fa 100644 --- a/test/parallel/test-tls-no-sslv3.js +++ b/test/parallel/test-tls-no-sslv3.js @@ -46,6 +46,8 @@ process.on('exit', function() { common.printSkipMessage('`openssl s_client -ssl3` not supported.'); } else { assert.strictEqual(errors.length, 1); - assert(/:wrong version number/.test(errors[0].message)); + // OpenSSL 1.0.x and 1.1.x report invalid client versions differently. + assert(/:wrong version number/.test(errors[0].message) || + /:version too low/.test(errors[0].message)); } }); diff --git a/test/parallel/test-tls-server-failed-handshake-emits-clienterror.js b/test/parallel/test-tls-server-failed-handshake-emits-clienterror.js index 8efb4ec53866d5..c4351008c147c9 100644 --- a/test/parallel/test-tls-server-failed-handshake-emits-clienterror.js +++ b/test/parallel/test-tls-server-failed-handshake-emits-clienterror.js @@ -20,8 +20,10 @@ const server = tls.createServer({}) }).on('tlsClientError', common.mustCall(function(e) { assert.ok(e instanceof Error, 'Instance of Error should be passed to error handler'); + // OpenSSL 1.0.x and 1.1.x use different error codes for junk inputs. assert.ok( - /SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol/.test(e.message), + /SSL routines:[^:]*:(unknown protocol|wrong version number)/.test( + e.message), 'Expecting SSL unknown protocol'); server.close(); diff --git a/test/parallel/test-tls-socket-failed-handshake-emits-error.js b/test/parallel/test-tls-socket-failed-handshake-emits-error.js index a54b7170f08277..d67a5498d65195 100644 --- a/test/parallel/test-tls-socket-failed-handshake-emits-error.js +++ b/test/parallel/test-tls-socket-failed-handshake-emits-error.js @@ -20,8 +20,10 @@ const server = net.createServer(function(c) { s.on('error', common.mustCall(function(e) { assert.ok(e instanceof Error, 'Instance of Error should be passed to error handler'); + // OpenSSL 1.0.x and 1.1.x use different error codes for junk inputs. assert.ok( - /SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol/.test(e.message), + /SSL routines:[^:]*:(unknown protocol|wrong version number)/.test( + e.message), 'Expecting SSL unknown protocol'); }));