0
0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 21:19:50 +01:00

test: fix test test-tls-dhe for OpenSSL32

Refs: https://github.com/nodejs/node/issues/53382

- OpenSSL32 has a minimum dh key size by 2048 by default.
- Adjust test to use larger 3072 key instead of 1024
  when OpenSSL32 is present.

Signed-off-by: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/54903
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Michael Dawson 2024-09-14 09:25:24 -04:00 committed by GitHub
parent 45f44badaf
commit c4f2954703
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -43,9 +43,12 @@ const dheCipher = 'DHE-RSA-AES128-SHA256';
const ecdheCipher = 'ECDHE-RSA-AES128-SHA256';
const ciphers = `${dheCipher}:${ecdheCipher}`;
// Test will emit a warning because the DH parameter size is < 2048 bits
common.expectWarning('SecurityWarning',
'DH parameter is less than 2048 bits');
if (!common.hasOpenSSL(3, 2)) {
// Test will emit a warning because the DH parameter size is < 2048 bits
// when the test is run on versions lower than OpenSSL32
common.expectWarning('SecurityWarning',
'DH parameter is less than 2048 bits');
}
function loadDHParam(n) {
const keyname = `dh${n}.pem`;
@ -104,7 +107,11 @@ function testCustomParam(keylen, expectedCipher) {
}, /DH parameter is less than 1024 bits/);
// Custom DHE parameters are supported (but discouraged).
await testCustomParam(1024, dheCipher);
if (!common.hasOpenSSL(3, 2)) {
await testCustomParam(1024, dheCipher);
} else {
await testCustomParam(3072, dheCipher);
}
await testCustomParam(2048, dheCipher);
// Invalid DHE parameters are discarded. ECDHE remains enabled.