- Adapt tests for OpenSSL 3.1 [bsc#1209430]

* Add openssl3_1-adapt_tests.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=9
2023-05-10 11:13:14 +00:00 · 2023-05-10 11:13:14 +00:00 · 92c58cd8c7
commit 92c58cd8c7
parent 2a38fa7816
3 changed files with 112 additions and 0 deletions
--- a/nodejs20.changes
+++ b/nodejs20.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu May 10 13:09:58 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
+
+- Adapt tests for OpenSSL 3.1 [bsc#1209430]
+  * Add openssl3_1-adapt_tests.patch
+
 -------------------------------------------------------------------
 Thu May  4 13:26:26 UTC 2023 - Adam Majer <adam.majer@suse.de> - 20.1.0

--- a/nodejs20.spec
+++ b/nodejs20.spec
@ -172,6 +172,7 @@ Patch200:       versioned.patch
 Patch305:       qemu_timeouts_arches.patch
 Patch308:       node-gyp-config.patch
 Patch309:       gcc13.patch
+Patch310:       openssl3_1-adapt_tests.patch

 BuildRequires:  pkg-config
 BuildRequires:  fdupes
@ -704,6 +705,7 @@ popd

 %patch305 -p1
 %patch309 -p1
+%patch310 -p1

 %if %{node_version_number} == 12
 # minimist security update - patch50
--- a/openssl3_1-adapt_tests.patch
+++ b/openssl3_1-adapt_tests.patch
@ -0,0 +1,104 @@
+commit 33ee7a0221b1fad07639c3c8948ad322238a52ab
+Author: Otto Hollmann <otto.hollmann@suse.com>
+Date:   Wed May 10 11:07:36 2023 +0200
+
+    test: Adapt tests for OpenSSL 3.1
+
+diff --git a/test/common/index.js b/test/common/index.js
+index f3caa9d1d4..a3e317d24b 100644
+--- a/test/common/index.js
+++ b/test/common/index.js
+@@ -57,7 +57,10 @@ const hasCrypto = Boolean(process.versions.openssl) &&
+                   !process.env.NODE_SKIP_CRYPTO;
+ 
+ const hasOpenSSL3 = hasCrypto &&
+-    require('crypto').constants.OPENSSL_VERSION_NUMBER >= 805306368;
+    require('crypto').constants.OPENSSL_VERSION_NUMBER >= 0x30000000;
+
+const hasOpenSSL31 = hasCrypto &&
+    require('crypto').constants.OPENSSL_VERSION_NUMBER >= 0x30100000;
+ 
+ const hasQuic = hasCrypto && !!process.config.variables.openssl_quic;
+ 
+@@ -913,6 +916,7 @@ const common = {
+   hasIntl,
+   hasCrypto,
+   hasOpenSSL3,
+  hasOpenSSL31,
+   hasQuic,
+   hasMultiLocalhost,
+   invalidArgTypeHelper,
+diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js
+index 20cdb870a0..da56007105 100644
+--- a/test/parallel/test-https-agent-session-eviction.js
+++ b/test/parallel/test-https-agent-session-eviction.js
+@@ -56,6 +56,7 @@ function faultyServer(port) {
+ function second(server, session) {
+   const req = https.request({
+     port: server.address().port,
+    ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
+     rejectUnauthorized: false
+   }, function(res) {
+     res.resume();
+diff --git a/test/parallel/test-tls-alert.js b/test/parallel/test-tls-alert.js
+index 31b07104c2..9e92ccca49 100644
+--- a/test/parallel/test-tls-alert.js
+++ b/test/parallel/test-tls-alert.js
+@@ -41,7 +41,7 @@ const server = tls.Server({
+   key: loadPEM('agent2-key'),
+   cert: loadPEM('agent2-cert')
+ }, null).listen(0, common.mustCall(() => {
+-  const args = ['s_client', '-quiet', '-tls1_1',
+  const args = ['s_client', '-quiet', '-tls1_1', '-cipher', (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
+                 '-connect', `127.0.0.1:${server.address().port}`];
+ 
+   execFile(common.opensslCli, args, common.mustCall((err, _, stderr) => {
+diff --git a/test/parallel/test-tls-getprotocol.js b/test/parallel/test-tls-getprotocol.js
+index d45287d671..ee33200916 100644
+--- a/test/parallel/test-tls-getprotocol.js
+++ b/test/parallel/test-tls-getprotocol.js
+@@ -11,8 +11,8 @@ const tls = require('tls');
+ const fixtures = require('../common/fixtures');
+ 
+ const clientConfigs = [
+-  { secureProtocol: 'TLSv1_method', version: 'TLSv1' },
+-  { secureProtocol: 'TLSv1_1_method', version: 'TLSv1.1' },
+  { secureProtocol: 'TLSv1_method', version: 'TLSv1', ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT') },
+  { secureProtocol: 'TLSv1_1_method', version: 'TLSv1.1', ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT') },
+   { secureProtocol: 'TLSv1_2_method', version: 'TLSv1.2' },
+ ];
+ 
+@@ -30,6 +30,7 @@ const server = tls.createServer(serverConfig, common.mustCall(clientConfigs.leng
+     tls.connect({
+       host: common.localhostIPv4,
+       port: server.address().port,
+      ciphers: v.ciphers,
+       rejectUnauthorized: false,
+       secureProtocol: v.secureProtocol
+     }, common.mustCall(function() {
+diff --git a/test/parallel/test-tls-min-max-version.js b/test/parallel/test-tls-min-max-version.js
+index 5cea41ca7e..ab351558a4 100644
+--- a/test/parallel/test-tls-min-max-version.js
+++ b/test/parallel/test-tls-min-max-version.js
+@@ -22,6 +22,9 @@ function test(cmin, cmax, cprot, smin, smax, sprot, proto, cerr, serr) {
+     if (serr !== 'ERR_SSL_UNSUPPORTED_PROTOCOL')
+       ciphers = 'ALL@SECLEVEL=0';
+   }
+  if (common.hasOpenSSL31 && cerr === 'ERR_SSL_TLSV1_ALERT_PROTOCOL_VERSION') {
+    ciphers = 'DEFAULT@SECLEVEL=0';
+  }
+   // Report where test was called from. Strip leading garbage from
+   //     at Object.<anonymous> (file:line)
+   // from the stack location, we only want the file:line part.
+diff --git a/test/parallel/test-tls-session-cache.js b/test/parallel/test-tls-session-cache.js
+index c4bebff2e3..e4ecb53282 100644
+--- a/test/parallel/test-tls-session-cache.js
+++ b/test/parallel/test-tls-session-cache.js
+@@ -100,6 +100,7 @@ function doTest(testOptions, callback) {
+     const args = [
+       's_client',
+       '-tls1',
+      '-cipher', (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'),
+       '-connect', `localhost:${this.address().port}`,
+       '-servername', 'ohgod',
+       '-key', fixtures.path('keys/rsa_private.pem'),