This doesn't work in OpenSSL 1.1.0. Per discussion on the PR, it is
preferable to just deprecate this setting. Deprecate it and skip the
test in OpenSSL 1.1.0.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
The first group of tests makes one more connection and leave the server
alive for longer. Otherwise the test is just catching that the server
has closed the socket, depending on timing.
This does not quite make the test pass yet, however. There are some
quirks with how the http2 code handles errors which actually affect
1.0.2 as well.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
This test is testing the workaround for an OpenSSL 1.0.x bug, which was
fixed in 1.1.0. With the bug fixed, the test expectations need to change
slightly.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
OpenSSL 1.1.0 disables anonymous ciphers unless building with
enable-weak-crypto. Avoid unnecessary dependencies on these ciphers in
tests.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
This test is testing what happens to the server if the client shuts off
the connection (so the server sees ECONNRESET), but the way it does it
is convoluted. It uses a static RSA key exchange with a tiny (384-bit)
RSA key. The server doesn't notice (since it is static RSA, the client
acts on the key first), so the client tries to encrypt a premaster and
fails:
rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size
SSL routines:ssl3_send_client_key_exchange:bad rsa encrypt
OpenSSL happens not to send an alert in this case, so we get ECONNRESET
with no alert. This is quite fragile and, notably, breaks in OpenSSL
1.1.0 now that small RSA keys are rejected by libssl. Instead, test by
just connecting a TCP socket and immediately closing it.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
OpenSSL 1.1.0 rejects RSA keys smaller than 1024 bits by default. Fix
the tests to use larger ones. This test only cares that the PEM blob be
missing a trailing newline. Certificate adapted from
test/fixtures/cert.pem.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
"sha" in OpenSSL refers to SHA-0 which was removed from OpenSSL 1.1.0
and is insecure. Replace it with SHA-256 which is present in both 1.0.2
and 1.1.0. Short of shipping a reimplementation in Node, this is an
unavoidable behavior change with 1.1.0.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
Some errors in the two versions are different. The test-tls-no-sslv3 one
because OpenSSL 1.1.x finally does version negotiation properly. 1.0.x's
logic was somewhat weird and resulted in very inconsistent errors for
SSLv3 in particular.
Also the function codes are capitalized differently, but function codes
leak implementation details, so don't assert on them to begin with.
PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
This PR makes the prototype accessors added by StreamBase::AddMethods
nonenumerable and checks the signatures in the accessors so they
throw instead of raising assertions when called with incompatible
receivers. They could be enumerated when inspecting the prototype
with util.inspect or the inspector protocol.
PR-URL: https://github.com/nodejs/node/pull/16860
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
There is currently one if branch missing coverage in lib/vm.js.
This commit adds a test to cover the case where the third
argument to runInNewContext() is a string.
PR-URL: https://github.com/nodejs/node/pull/16906
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Print content of domain stack if it doesn't match expected values
PR-URL: https://github.com/nodejs/node/pull/16885
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
The motivation for this commit is that we need to specify system CA
certificates when building node. While we are aware of the environment
variable NODE_EXTRA_CA_CERTS this is not a great solution as we build
an RPM and we also don't want users to be able to unset them.
The suggestion is to add a configure time property like this:
--openssl-system-ca-path=OPENSSL_SYSTEM_CA_PATH
Use the specified path to system CA (PEM format) in
addition to the OpenSSL supplied CA store or compiled-
in Mozilla CA copy.
Usage example:
$ ./configure --openssl-system-ca-path=/etc/pki/tls/certs/ca-bundle.crt
This would add the specified CA certificates in addition to the ones
already being used.
PR-URL: https://github.com/nodejs/node/pull/16790
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
For variables such as LD_LIBRARY_PATH and DYLD_LIBRARY_PATH that are
needed for dynamically linked binaries
PR-URL: https://github.com/nodejs/node/pull/16405
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
`&vec[0]` is undefined behavior when `vec.size() == 0`.
It is mostly academic because package.json files are not usually empty
and because with most STL implementations it decays to something that
is legal C++ as long as the result is not dereferenced, but better safe
than sorry.
Note that the tests don't actually fail because of that, I added them
as sanity checks.
PR-URL: https://github.com/nodejs/node/pull/16871
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Make the `uv_fs_realpath()` binding (which calls the libc `realpath()`
on UNIX and `GetFinalPathNameByHandle()` on Windows) available as the
`fs.realpath.native()` and `fs.realpathSync.native()` functions.
The binding was already available as `process.binding('fs').realpath`
but was not exposed or tested - and partly broken as a result.
Fixes: https://github.com/nodejs/node/issues/8715
PR-URL: https://github.com/nodejs/node/pull/15776
Refs: https://github.com/nodejs/node/pull/7899
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
In test-stream-pipe-await-train-manual-resume, include unexpected value
in error messages.
PR-URL: https://github.com/nodejs/node/pull/16884
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Include the value that differed from the expected value in an assertion
message in test-require-dot.
PR-URL: https://github.com/nodejs/node/pull/16805
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
In test-require-extensions-main, include the values that caused the test
to fail in the messages reporting the failure.
PR-URL: https://github.com/nodejs/node/pull/16831
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Use fixtures module in test/parallel/test-tls-js-stream.js.
PR-URL: https://github.com/nodejs/node/pull/16817
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
If the console destination is a unix pipe (net.Socket), write() is
async. If the destination is broken, we are adding an 'error' event
listener to avoid a process crash. This PR makes sure that we are adding
that listener only once.
Fixes: https://github.com/nodejs/node/issues/16767
PR-URL: https://github.com/nodejs/node/pull/16770
Fixes: https://github.com/nodejs/node/issues/16767
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
This commit introduces test/common/internet.address, which
includes a set of addresses for doing internet tests.
These addresses can be overriden using NODE_TEST_* environment
variables.
PR-URL: https://github.com/nodejs/node/pull/16390
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
test-fs-utimes was doing some tests against __filename. This made the
test unreliable when multiple copies were run simultaneously. In
general, tests should use files in either the tmp directory or else
fixtures, so change to using `common.tmpDir` instead. Each copy of the
test (if using `test.py` harness for parallel runs) will use its own
directory, making the test robust again.
PR-URL: https://github.com/nodejs/node/pull/16774
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Before this commit they transparently invoked their magic methods but
that sometimes throws confusing exceptions with misbehaving proxies.
This change is not wholly uncontroversial but we can always change the
default if necessary. Let's see how it goes.
Fixes: https://github.com/nodejs/node/issues/16483
PR-URL: https://github.com/nodejs/node/pull/16485
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
In test/parallel/test-cluster-setup-master-cumulative.js:
Remove the message parameter to ensure that the compared
objects are printed out. Add the original message as a
comment above.
PR-URL: https://github.com/nodejs/node/pull/16838
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Do not call destroy each time rstStream is called since the
first call (or receipt of rst frame) will always trigger
destroy. Expand existing test for this behaviour.
PR-URL: https://github.com/nodejs/node/pull/16753
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Two instances of a similar test exist, with both testing the timeout on
the stream and neither on the session. Adjust one of them to test the
session timeout instead.
PR-URL: https://github.com/nodejs/node/pull/16754
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
test-http-keepalive-maxsockets.js will fail if sufficient copies are run
at once. Move to sequential.
PR-URL: https://github.com/nodejs/node/pull/16777
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
In test-child-process-spawnsync, the assert.strictEqual() custom
message was hiding information about why the test has failed. It
just showed what value is expected and in case of failure we want to
know which value has caused test to fail.
PR-URL: https://github.com/nodejs/node/pull/16819
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Improve assertion message by including expected and actual values.
PR-URL: https://github.com/nodejs/node/pull/16840
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
The custom message means that the values involved are not reported.
Remove the custom message for a more detailed error message.
PR-URL: https://github.com/nodejs/node/pull/16824
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
If the REPL history file is created with an invalid mode include
the failed mode in the error message.
PR-URL: https://github.com/nodejs/node/pull/16815
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
