From 9472340576e19c242689f516d22c43bfe1bbcabd Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Mon, 23 Sep 2024 21:14:41 +0000 Subject: [PATCH 1/3] test: fix test-tls-junk-closes-server Refs: https://github.com/nodejs/node/issues/53382 TLS spec seems to indicate there should should be a response sent when TLS handshake fails. See https://datatracker.ietf.org/doc/html/rfc8446#page-85 When compiled with OpenSSL32 we see the the following response '15 03 03 00 02 02 16' which decodes as a fatal (0x02) TLS error alert number 22 (0x16). which corresponds to TLS1_AD_RECORD_OVERFLOW which matches the error we see if NODE_DEBUG is turned on once you get through the define aliases. If there is a response from the server the test used to hang because the end event will not be emitted until after the response is consumed. This PR fixes the test so it consumes the response. Some earlier OpenSSL versions did not seem to send a response but the error handling seems to have been re-written/improved in OpenSSL32. Signed-off-by: Michael Dawson --- test/parallel/test-tls-junk-closes-server.js | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/test/parallel/test-tls-junk-closes-server.js b/test/parallel/test-tls-junk-closes-server.js index 06fa57267a9104..5c26a6a39e7658 100644 --- a/test/parallel/test-tls-junk-closes-server.js +++ b/test/parallel/test-tls-junk-closes-server.js @@ -39,6 +39,22 @@ const server = tls.createServer(options, common.mustNotCall()); server.listen(0, common.mustCall(function() { const c = net.createConnection(this.address().port); + c.on('data', function() { + // We must consume all data sent by the server. Otherwise the + // end event will not be sent and the test will hang. + // For example, when compiled with OpenSSL32 we see the + // the following response '15 03 03 00 02 02 16' which + // decodes as a fatal (0x02) TLS error alert number 22 (0x16). + // which corresponds to TLS1_AD_RECORD_OVERFLOW which matches + // the error we see if NODE_DEBUG is turned on. + // Some earlier OpenSSL versions did not seem to send a response + // but the TLS spec seems to indicate there should be one + // https://datatracker.ietf.org/doc/html/rfc8446#page-85 + // and error handling seems to have been re-written/improved + // in OpenSSL32. Consuming the data allows the test to pass + // either way. + }); + c.on('connect', common.mustCall(function() { c.write('blah\nblah\nblah\n'); })); From 0f549f480be1d004ffb9c7b72e5b066ad4b3816d Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 24 Sep 2024 08:53:37 -0400 Subject: [PATCH 2/3] Update test/parallel/test-tls-junk-closes-server.js Co-authored-by: Mohammed Keyvanzadeh --- test/parallel/test-tls-junk-closes-server.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/parallel/test-tls-junk-closes-server.js b/test/parallel/test-tls-junk-closes-server.js index 5c26a6a39e7658..24feab2e37442a 100644 --- a/test/parallel/test-tls-junk-closes-server.js +++ b/test/parallel/test-tls-junk-closes-server.js @@ -43,7 +43,7 @@ server.listen(0, common.mustCall(function() { // We must consume all data sent by the server. Otherwise the // end event will not be sent and the test will hang. // For example, when compiled with OpenSSL32 we see the - // the following response '15 03 03 00 02 02 16' which + // following response '15 03 03 00 02 02 16' which // decodes as a fatal (0x02) TLS error alert number 22 (0x16). // which corresponds to TLS1_AD_RECORD_OVERFLOW which matches // the error we see if NODE_DEBUG is turned on. From ff25b9969b5753dcf32b6b56a613459acf203365 Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Tue, 24 Sep 2024 08:53:46 -0400 Subject: [PATCH 3/3] Update test/parallel/test-tls-junk-closes-server.js Co-authored-by: Mohammed Keyvanzadeh --- test/parallel/test-tls-junk-closes-server.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/parallel/test-tls-junk-closes-server.js b/test/parallel/test-tls-junk-closes-server.js index 24feab2e37442a..08c2d39c6844f6 100644 --- a/test/parallel/test-tls-junk-closes-server.js +++ b/test/parallel/test-tls-junk-closes-server.js @@ -44,7 +44,7 @@ server.listen(0, common.mustCall(function() { // end event will not be sent and the test will hang. // For example, when compiled with OpenSSL32 we see the // following response '15 03 03 00 02 02 16' which - // decodes as a fatal (0x02) TLS error alert number 22 (0x16). + // decodes as a fatal (0x02) TLS error alert number 22 (0x16), // which corresponds to TLS1_AD_RECORD_OVERFLOW which matches // the error we see if NODE_DEBUG is turned on. // Some earlier OpenSSL versions did not seem to send a response