mirrors/nodejs
mirrors/nodejs
0
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 21:19:50 +01:00
Code Issues Releases Activity

test: fix test-tls-junk-closes-server

Browse Source 
Refs: https://github.com/nodejs/node/issues/53382

TLS spec seems to indicate there should should be a response
sent when TLS handshake fails. See
https://datatracker.ietf.org/doc/html/rfc8446#page-85

When compiled with OpenSSL32 we see the
the following response '15 03 03 00 02 02 16' which
decodes as a fatal (0x02) TLS error alert number 22 (0x16).
which corresponds to TLS1_AD_RECORD_OVERFLOW which matches
the error we see if NODE_DEBUG is turned on once you get
through the define aliases.

If there is a response from the server the test used to
hang because the end event will not be emitted until after
the response is consumed. This PR fixes the test so
it consumes the response.

Some earlier OpenSSL versions did not seem to send a response but
the error handling seems to have been re-written/improved
in OpenSSL32.

Signed-off-by: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/55089
Refs: https://github.com/nodejs/node/issues/52482
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Jithil P Ponnan <jithil@outlook.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
Michael Dawson 2024-09-25 17:28:05 -04:00 committed by GitHub
parent 2118e32d9b
commit 0f7bdcc17f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
test/parallel/test-tls-junk-closes-server.js
View File

@ -39,6 +39,22 @@ const server = tls.createServer(options, common.mustNotCall());
server.listen(0, common.mustCall(function() {
const c = net.createConnection(this.address().port);
c.on('data', function() {
// We must consume all data sent by the server. Otherwise the
// end event will not be sent and the test will hang.
// For example, when compiled with OpenSSL32 we see the
// following response '15 03 03 00 02 02 16' which
// decodes as a fatal (0x02) TLS error alert number 22 (0x16),
// which corresponds to TLS1_AD_RECORD_OVERFLOW which matches
// the error we see if NODE_DEBUG is turned on.
// Some earlier OpenSSL versions did not seem to send a response
// but the TLS spec seems to indicate there should be one
// https://datatracker.ietf.org/doc/html/rfc8446#page-85
// and error handling seems to have been re-written/improved
// in OpenSSL32. Consuming the data allows the test to pass
// either way.
});
c.on('connect', common.mustCall(function() {
c.write('blah\nblah\nblah\n');
}));