mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 21:19:50 +01:00
test: fix test test-tls-dhe for OpenSSL32
Refs: https://github.com/nodejs/node/issues/53382 - OpenSSL32 has a minimum dh key size by 2048 by default. - Adjust test to use larger 3072 key instead of 1024 when OpenSSL32 is present. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: https://github.com/nodejs/node/pull/54903 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
parent
45f44badaf
commit
c4f2954703
@ -43,9 +43,12 @@ const dheCipher = 'DHE-RSA-AES128-SHA256';
|
||||
const ecdheCipher = 'ECDHE-RSA-AES128-SHA256';
|
||||
const ciphers = `${dheCipher}:${ecdheCipher}`;
|
||||
|
||||
// Test will emit a warning because the DH parameter size is < 2048 bits
|
||||
common.expectWarning('SecurityWarning',
|
||||
'DH parameter is less than 2048 bits');
|
||||
if (!common.hasOpenSSL(3, 2)) {
|
||||
// Test will emit a warning because the DH parameter size is < 2048 bits
|
||||
// when the test is run on versions lower than OpenSSL32
|
||||
common.expectWarning('SecurityWarning',
|
||||
'DH parameter is less than 2048 bits');
|
||||
}
|
||||
|
||||
function loadDHParam(n) {
|
||||
const keyname = `dh${n}.pem`;
|
||||
@ -104,7 +107,11 @@ function testCustomParam(keylen, expectedCipher) {
|
||||
}, /DH parameter is less than 1024 bits/);
|
||||
|
||||
// Custom DHE parameters are supported (but discouraged).
|
||||
await testCustomParam(1024, dheCipher);
|
||||
if (!common.hasOpenSSL(3, 2)) {
|
||||
await testCustomParam(1024, dheCipher);
|
||||
} else {
|
||||
await testCustomParam(3072, dheCipher);
|
||||
}
|
||||
await testCustomParam(2048, dheCipher);
|
||||
|
||||
// Invalid DHE parameters are discarded. ECDHE remains enabled.
|
||||
|
Loading…
Reference in New Issue
Block a user