diff options
author | Ben Noordhuis <info@bnoordhuis.nl> | 2018-03-13 16:42:40 +0100 |
---|---|---|
committer | Myles Borins <mylesborins@google.com> | 2018-03-26 18:20:16 -0400 |
commit | dc875438a3953102febffa79b691317bb24ba2aa (patch) | |
tree | f1d8814e2d15cd34a0215c984cc484e87592f188 /test/parallel | |
parent | 79fa372b79c2b51c368a679164808425ec97f992 (diff) | |
download | android-node-v8-dc875438a3953102febffa79b691317bb24ba2aa.tar.gz android-node-v8-dc875438a3953102febffa79b691317bb24ba2aa.tar.bz2 android-node-v8-dc875438a3953102febffa79b691317bb24ba2aa.zip |
src: drop CNNIC+StartCom certificate whitelisting
Remove the CNNIC certificates again and remove the whitelist from commit
3beb88071 ("crypto: add cert check to CNNIC Whitelist") from June 2015.
PR-URL: https://github.com/nodejs/node/pull/19322
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'test/parallel')
-rw-r--r-- | test/parallel/test-tls-cnnic-whitelist.js | 2 | ||||
-rw-r--r-- | test/parallel/test-tls-startcom-wosign-whitelist.js | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/test/parallel/test-tls-cnnic-whitelist.js b/test/parallel/test-tls-cnnic-whitelist.js index d118567089..80f188f366 100644 --- a/test/parallel/test-tls-cnnic-whitelist.js +++ b/test/parallel/test-tls-cnnic-whitelist.js @@ -28,7 +28,7 @@ const testCases = [ rejectUnauthorized: true, ca: [loadPEM('fake-cnnic-root-cert')] }, - errorCode: 'CERT_REVOKED' + errorCode: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE' }, // Test 1: for the fix of node#2061 // agent6-cert.pem is signed by intermediate cert of ca3. diff --git a/test/parallel/test-tls-startcom-wosign-whitelist.js b/test/parallel/test-tls-startcom-wosign-whitelist.js index 86075f6a35..33da148848 100644 --- a/test/parallel/test-tls-startcom-wosign-whitelist.js +++ b/test/parallel/test-tls-startcom-wosign-whitelist.js @@ -25,7 +25,7 @@ const testCases = [ port: undefined, rejectUnauthorized: true }, - errorCode: 'CERT_OK' + errorCode: 'CERT_REVOKED' }, { // agent9 is signed by fake-startcom-root with notBefore of // Oct 21 00:00:01 2016 GMT. It fails StartCom/WoSign check. @@ -69,7 +69,7 @@ function runTest(tindex) { client.on('secureConnect', function() { // agent8 can pass StartCom/WoSign check so that the secureConnect // is established. - assert.strictEqual(tcase.errorCode, 'CERT_OK'); + assert.strictEqual(tcase.errorCode, 'CERT_REVOKED'); client.end(); runNextTest(server, tindex); }); |