-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: remove s_client from test-tls-ci-reneg-attack #25700
Conversation
0612d49
to
585e158
Compare
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of external (and potentially unpredictable/quirky/buggy) s_client. Refs: nodejs#25676 (comment)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Lite CI (because pummel tests are not run in regular CI): https://ci.nodejs.org/job/node-test-pull-request-lite-pipeline/2397/ node-daily-master custom suite test that runs pummel modified to run against this PR and only run this test (because this is not the only broken pummel test right now): https://ci.nodejs.org/job/node-test-commit-custom-suites/840/ |
const options = { | ||
host: server.address().host, | ||
port: server.address().port, | ||
rejectUnauthorized: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe add a trailing comma?
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of external (and potentially unpredictable/quirky/buggy) s_client. Refs: nodejs#25676 (comment) PR-URL: nodejs#25700 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
Landed in c421619 |
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of external (and potentially unpredictable/quirky/buggy) s_client. Refs: #25676 (comment) PR-URL: #25700 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of external (and potentially unpredictable/quirky/buggy) s_client. Refs: #25676 (comment) PR-URL: #25700 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of
external (and potentially unpredictable/quirky/buggy) s_client.
Refs: #25676 (comment)
This test is currently broken (due to a quirk in a recent s_client update that we haven't worked around yet, see Ref above) and this change fixes it. The test is only run once a day in CI (because it's in pummel) so the breakage went unnoticed when the OpenSSL update landed a few days ago. A subsequent PR could probably move this test out of pummel. It seems like it could reasonably run in sequential or maybe even parallel.
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes