summaryrefslogtreecommitdiff
path: root/test/parallel/test-tls-no-sslv3.js
blob: 4cbb62e3d595f140d24917911d8f153a5afa399a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
'use strict';
const common = require('../common');
if (!common.hasCrypto)
  common.skip('missing crypto');

if (common.opensslCli === false)
  common.skip('node compiled without OpenSSL CLI.');

const assert = require('assert');
const tls = require('tls');
const spawn = require('child_process').spawn;
const fixtures = require('../common/fixtures');

const cert = fixtures.readSync('test_cert.pem');
const key = fixtures.readSync('test_key.pem');
const server = tls.createServer({ cert, key }, common.mustNotCall());
const errors = [];
let stderr = '';

server.listen(0, '127.0.0.1', function() {
  const address = `${this.address().address}:${this.address().port}`;
  const args = ['s_client',
                '-ssl3',
                '-connect', address];

  const client = spawn(common.opensslCli, args, { stdio: 'pipe' });
  client.stdout.pipe(process.stdout);
  client.stderr.pipe(process.stderr);
  client.stderr.setEncoding('utf8');
  client.stderr.on('data', (data) => stderr += data);

  client.once('exit', common.mustCall(function(exitCode) {
    assert.strictEqual(exitCode, 1);
    server.close();
  }));
});

server.on('tlsClientError', (err) => errors.push(err));

process.on('exit', function() {
  if (/unknown option -ssl3/.test(stderr)) {
    common.printSkipMessage('`openssl s_client -ssl3` not supported.');
  } else {
    assert.strictEqual(errors.length, 1);
    // OpenSSL 1.0.x and 1.1.x report invalid client versions differently.
    assert(/:wrong version number/.test(errors[0].message) ||
           /:version too low/.test(errors[0].message));
  }
});