- Adapt tests for OpenSSL 3.1 [bsc#1209430]
* Add openssl3_1-adapt_tests.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=9
This commit is contained in:
parent
2a38fa7816
commit
92c58cd8c7
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu May 10 13:09:58 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
|
||||||
|
- Adapt tests for OpenSSL 3.1 [bsc#1209430]
|
||||||
|
* Add openssl3_1-adapt_tests.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu May 4 13:26:26 UTC 2023 - Adam Majer <adam.majer@suse.de> - 20.1.0
|
Thu May 4 13:26:26 UTC 2023 - Adam Majer <adam.majer@suse.de> - 20.1.0
|
||||||
|
|
||||||
|
@ -172,6 +172,7 @@ Patch200: versioned.patch
|
|||||||
Patch305: qemu_timeouts_arches.patch
|
Patch305: qemu_timeouts_arches.patch
|
||||||
Patch308: node-gyp-config.patch
|
Patch308: node-gyp-config.patch
|
||||||
Patch309: gcc13.patch
|
Patch309: gcc13.patch
|
||||||
|
Patch310: openssl3_1-adapt_tests.patch
|
||||||
|
|
||||||
BuildRequires: pkg-config
|
BuildRequires: pkg-config
|
||||||
BuildRequires: fdupes
|
BuildRequires: fdupes
|
||||||
@ -704,6 +705,7 @@ popd
|
|||||||
|
|
||||||
%patch305 -p1
|
%patch305 -p1
|
||||||
%patch309 -p1
|
%patch309 -p1
|
||||||
|
%patch310 -p1
|
||||||
|
|
||||||
%if %{node_version_number} == 12
|
%if %{node_version_number} == 12
|
||||||
# minimist security update - patch50
|
# minimist security update - patch50
|
||||||
|
104
openssl3_1-adapt_tests.patch
Normal file
104
openssl3_1-adapt_tests.patch
Normal file
@ -0,0 +1,104 @@
|
|||||||
|
commit 33ee7a0221b1fad07639c3c8948ad322238a52ab
|
||||||
|
Author: Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
Date: Wed May 10 11:07:36 2023 +0200
|
||||||
|
|
||||||
|
test: Adapt tests for OpenSSL 3.1
|
||||||
|
|
||||||
|
diff --git a/test/common/index.js b/test/common/index.js
|
||||||
|
index f3caa9d1d4..a3e317d24b 100644
|
||||||
|
--- a/test/common/index.js
|
||||||
|
+++ b/test/common/index.js
|
||||||
|
@@ -57,7 +57,10 @@ const hasCrypto = Boolean(process.versions.openssl) &&
|
||||||
|
!process.env.NODE_SKIP_CRYPTO;
|
||||||
|
|
||||||
|
const hasOpenSSL3 = hasCrypto &&
|
||||||
|
- require('crypto').constants.OPENSSL_VERSION_NUMBER >= 805306368;
|
||||||
|
+ require('crypto').constants.OPENSSL_VERSION_NUMBER >= 0x30000000;
|
||||||
|
+
|
||||||
|
+const hasOpenSSL31 = hasCrypto &&
|
||||||
|
+ require('crypto').constants.OPENSSL_VERSION_NUMBER >= 0x30100000;
|
||||||
|
|
||||||
|
const hasQuic = hasCrypto && !!process.config.variables.openssl_quic;
|
||||||
|
|
||||||
|
@@ -913,6 +916,7 @@ const common = {
|
||||||
|
hasIntl,
|
||||||
|
hasCrypto,
|
||||||
|
hasOpenSSL3,
|
||||||
|
+ hasOpenSSL31,
|
||||||
|
hasQuic,
|
||||||
|
hasMultiLocalhost,
|
||||||
|
invalidArgTypeHelper,
|
||||||
|
diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js
|
||||||
|
index 20cdb870a0..da56007105 100644
|
||||||
|
--- a/test/parallel/test-https-agent-session-eviction.js
|
||||||
|
+++ b/test/parallel/test-https-agent-session-eviction.js
|
||||||
|
@@ -56,6 +56,7 @@ function faultyServer(port) {
|
||||||
|
function second(server, session) {
|
||||||
|
const req = https.request({
|
||||||
|
port: server.address().port,
|
||||||
|
+ ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
|
||||||
|
rejectUnauthorized: false
|
||||||
|
}, function(res) {
|
||||||
|
res.resume();
|
||||||
|
diff --git a/test/parallel/test-tls-alert.js b/test/parallel/test-tls-alert.js
|
||||||
|
index 31b07104c2..9e92ccca49 100644
|
||||||
|
--- a/test/parallel/test-tls-alert.js
|
||||||
|
+++ b/test/parallel/test-tls-alert.js
|
||||||
|
@@ -41,7 +41,7 @@ const server = tls.Server({
|
||||||
|
key: loadPEM('agent2-key'),
|
||||||
|
cert: loadPEM('agent2-cert')
|
||||||
|
}, null).listen(0, common.mustCall(() => {
|
||||||
|
- const args = ['s_client', '-quiet', '-tls1_1',
|
||||||
|
+ const args = ['s_client', '-quiet', '-tls1_1', '-cipher', (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
|
||||||
|
'-connect', `127.0.0.1:${server.address().port}`];
|
||||||
|
|
||||||
|
execFile(common.opensslCli, args, common.mustCall((err, _, stderr) => {
|
||||||
|
diff --git a/test/parallel/test-tls-getprotocol.js b/test/parallel/test-tls-getprotocol.js
|
||||||
|
index d45287d671..ee33200916 100644
|
||||||
|
--- a/test/parallel/test-tls-getprotocol.js
|
||||||
|
+++ b/test/parallel/test-tls-getprotocol.js
|
||||||
|
@@ -11,8 +11,8 @@ const tls = require('tls');
|
||||||
|
const fixtures = require('../common/fixtures');
|
||||||
|
|
||||||
|
const clientConfigs = [
|
||||||
|
- { secureProtocol: 'TLSv1_method', version: 'TLSv1' },
|
||||||
|
- { secureProtocol: 'TLSv1_1_method', version: 'TLSv1.1' },
|
||||||
|
+ { secureProtocol: 'TLSv1_method', version: 'TLSv1', ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT') },
|
||||||
|
+ { secureProtocol: 'TLSv1_1_method', version: 'TLSv1.1', ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT') },
|
||||||
|
{ secureProtocol: 'TLSv1_2_method', version: 'TLSv1.2' },
|
||||||
|
];
|
||||||
|
|
||||||
|
@@ -30,6 +30,7 @@ const server = tls.createServer(serverConfig, common.mustCall(clientConfigs.leng
|
||||||
|
tls.connect({
|
||||||
|
host: common.localhostIPv4,
|
||||||
|
port: server.address().port,
|
||||||
|
+ ciphers: v.ciphers,
|
||||||
|
rejectUnauthorized: false,
|
||||||
|
secureProtocol: v.secureProtocol
|
||||||
|
}, common.mustCall(function() {
|
||||||
|
diff --git a/test/parallel/test-tls-min-max-version.js b/test/parallel/test-tls-min-max-version.js
|
||||||
|
index 5cea41ca7e..ab351558a4 100644
|
||||||
|
--- a/test/parallel/test-tls-min-max-version.js
|
||||||
|
+++ b/test/parallel/test-tls-min-max-version.js
|
||||||
|
@@ -22,6 +22,9 @@ function test(cmin, cmax, cprot, smin, smax, sprot, proto, cerr, serr) {
|
||||||
|
if (serr !== 'ERR_SSL_UNSUPPORTED_PROTOCOL')
|
||||||
|
ciphers = 'ALL@SECLEVEL=0';
|
||||||
|
}
|
||||||
|
+ if (common.hasOpenSSL31 && cerr === 'ERR_SSL_TLSV1_ALERT_PROTOCOL_VERSION') {
|
||||||
|
+ ciphers = 'DEFAULT@SECLEVEL=0';
|
||||||
|
+ }
|
||||||
|
// Report where test was called from. Strip leading garbage from
|
||||||
|
// at Object.<anonymous> (file:line)
|
||||||
|
// from the stack location, we only want the file:line part.
|
||||||
|
diff --git a/test/parallel/test-tls-session-cache.js b/test/parallel/test-tls-session-cache.js
|
||||||
|
index c4bebff2e3..e4ecb53282 100644
|
||||||
|
--- a/test/parallel/test-tls-session-cache.js
|
||||||
|
+++ b/test/parallel/test-tls-session-cache.js
|
||||||
|
@@ -100,6 +100,7 @@ function doTest(testOptions, callback) {
|
||||||
|
const args = [
|
||||||
|
's_client',
|
||||||
|
'-tls1',
|
||||||
|
+ '-cipher', (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
|
||||||
|
'-connect', `localhost:${this.address().port}`,
|
||||||
|
'-servername', 'ohgod',
|
||||||
|
'-key', fixtures.path('keys/rsa_private.pem'),
|
Loading…
Reference in New Issue
Block a user