mirror of
https://github.com/nodejs/node.git
synced 2025-08-15 13:48:44 +02:00
640fe94354
This commit enables node to dynamically link against OpenSSL 3.0. The motivation for opening this PR even though OpenSSL 3.0 has not been released yet is to allow a nightly CI job to be created. This will allow us stay on top of changes required for OpenSSL 3.0, and also to make sure that changes to node crypto do not cause issues when linking to OpenSSL 3.0. PR-URL: https://github.com/nodejs/node/pull/37669 Refs: https://github.com/nodejs/node/issues/29817 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
79 lines
2.2 KiB
JavaScript
79 lines
2.2 KiB
JavaScript
'use strict';
|
|
const common = require('../common');
|
|
if (!common.hasCrypto)
|
|
common.skip('missing crypto');
|
|
|
|
const assert = require('assert');
|
|
const crypto = require('crypto');
|
|
const https = require('https');
|
|
const fixtures = require('../common/fixtures');
|
|
|
|
const options = {
|
|
key: fixtures.readKey('agent1-key.pem'),
|
|
cert: fixtures.readKey('agent1-cert.pem'),
|
|
ca: fixtures.readKey('ca1-cert.pem'),
|
|
minVersion: 'TLSv1.1',
|
|
ciphers: 'ALL@SECLEVEL=0'
|
|
};
|
|
|
|
const server = https.Server(options, (req, res) => {
|
|
res.writeHead(200);
|
|
res.end('hello world\n');
|
|
});
|
|
|
|
function getBaseOptions(port) {
|
|
return {
|
|
path: '/',
|
|
port: port,
|
|
ca: options.ca,
|
|
rejectUnauthorized: true,
|
|
servername: 'agent1',
|
|
ciphers: 'ALL@SECLEVEL=0'
|
|
};
|
|
}
|
|
|
|
const updatedValues = new Map([
|
|
['dhparam', fixtures.readKey('dh2048.pem')],
|
|
['ecdhCurve', 'secp384r1'],
|
|
['honorCipherOrder', true],
|
|
['secureOptions', crypto.constants.SSL_OP_CIPHER_SERVER_PREFERENCE],
|
|
['secureProtocol', 'TLSv1_1_method'],
|
|
['sessionIdContext', 'sessionIdContext'],
|
|
]);
|
|
|
|
let value;
|
|
function variations(iter, port, cb) {
|
|
return common.mustCall((res) => {
|
|
res.resume();
|
|
https.globalAgent.once('free', common.mustCall(() => {
|
|
// Verify that the most recent connection is in the freeSockets pool.
|
|
const keys = Object.keys(https.globalAgent.freeSockets);
|
|
if (value) {
|
|
assert.ok(
|
|
keys.some((val) => val.startsWith(value.toString() + ':') ||
|
|
val.endsWith(':' + value.toString()) ||
|
|
val.includes(':' + value.toString() + ':')),
|
|
`missing value: ${value.toString()} in ${keys}`
|
|
);
|
|
}
|
|
const next = iter.next();
|
|
|
|
if (next.done) {
|
|
https.globalAgent.destroy();
|
|
server.close();
|
|
} else {
|
|
// Save `value` for check the next time.
|
|
value = next.value.val;
|
|
const [key, val] = next.value;
|
|
https.get({ ...getBaseOptions(port), [key]: val },
|
|
variations(iter, port, cb));
|
|
}
|
|
}));
|
|
});
|
|
}
|
|
|
|
server.listen(0, common.mustCall(() => {
|
|
const port = server.address().port;
|
|
https.globalAgent.keepAlive = true;
|
|
https.get(getBaseOptions(port), variations(updatedValues.entries(), port));
|
|
}));
|