From ec5b27aacd325ee79786eb97ace53d02735fa1eb Mon Sep 17 00:00:00 2001
From: Michael Dawson <midawson@redhat.com>
Date: Thu, 12 Sep 2024 13:44:30 +0000
Subject: [PATCH] test: adjust tls test for OpenSSL32

Refs: https://github.com/nodejs/node/issues/53382

Looks like test is forcing an error through bad data and
the error code we get is different for OpenSSL32. Adjust
test to cope with the variation across versions.

Signed-off-by: Michael Dawson <midawson@redhat.com>
---
 test/parallel/test-tls-alert-handling.js | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/test/parallel/test-tls-alert-handling.js b/test/parallel/test-tls-alert-handling.js
index bd86149bc5ac22..b14438bc92d7e6 100644
--- a/test/parallel/test-tls-alert-handling.js
+++ b/test/parallel/test-tls-alert-handling.js
@@ -31,10 +31,17 @@ const max_iter = 20;
 let iter = 0;
 
 const errorHandler = common.mustCall((err) => {
-  assert.strictEqual(err.code, 'ERR_SSL_WRONG_VERSION_NUMBER');
+  let expectedErrorCode = 'ERR_SSL_WRONG_VERSION_NUMBER';
+  let expectedErrorReason = 'wrong version number';
+  if (common.hasOpenSSL(3, 2)) {
+    expectedErrorCode = 'ERR_SSL_PACKET_LENGTH_TOO_LONG';
+    expectedErrorReason = 'packet length too long';
+  };
+
+  assert.strictEqual(err.code, expectedErrorCode);
   assert.strictEqual(err.library, 'SSL routines');
   if (!common.hasOpenSSL3) assert.strictEqual(err.function, 'ssl3_get_record');
-  assert.strictEqual(err.reason, 'wrong version number');
+  assert.strictEqual(err.reason, expectedErrorReason);
   errorReceived = true;
   if (canCloseServer())
     server.close();
@@ -87,10 +94,16 @@ function sendBADTLSRecord() {
     });
   }));
   client.on('error', common.mustCall((err) => {
-    assert.strictEqual(err.code, 'ERR_SSL_TLSV1_ALERT_PROTOCOL_VERSION');
+    let expectedErrorCode = 'ERR_SSL_TLSV1_ALERT_PROTOCOL_VERSION';
+    let expectedErrorReason = 'tlsv1 alert protocol version';
+    if (common.hasOpenSSL(3, 2)) {
+      expectedErrorCode = 'ERR_SSL_TLSV1_ALERT_RECORD_OVERFLOW';
+      expectedErrorReason = 'tlsv1 alert record overflow';
+    }
+    assert.strictEqual(err.code, expectedErrorCode);
     assert.strictEqual(err.library, 'SSL routines');
     if (!common.hasOpenSSL3)
       assert.strictEqual(err.function, 'ssl3_read_bytes');
-    assert.strictEqual(err.reason, 'tlsv1 alert protocol version');
+    assert.strictEqual(err.reason, expectedErrorReason);
   }));
 }