Skip to content

test: use lower security level in s_client#48192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nodejs-github-bot merged 1 commit into from
May 29, 2023
Merged

test: use lower security level in s_client #48192

nodejs-github-bot merged 1 commit into from
May 29, 2023

Conversation

@lpinca
Copy link
Member

@lpincalpinca commented May 26, 2023
edited
Loading

With the default security level (SECLEVEL=2), the following error

40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100

is raised on on Ubuntu 22.04 on WSL2.

@nodejs-github-botnodejs-github-bot added needs-ci PRs that need a full CI run. test Issues and PRs related to the tests. labels May 26, 2023
@lpincalpinca added the request-ci Add this label to start a Jenkins CI on a PR. label May 26, 2023
@lpinca
test: use lower security level in s_client
4c6ea53
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2.
@lpincalpincaforce-pushed the set/seclevel-for-s_client branch from c91a637 to 4c6ea53CompareMay 26, 2023 15:50
@github-actionsgithub-actionsbot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 26, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 26, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/51972/

@lpinca
Copy link
MemberAuthor

lpinca commented May 27, 2023

This is the full output

$ ./tools/test.py test/parallel/test-tls-dhe.js === release test-tls-dhe === Path: parallel/test-tls-dhe node:assert:991 throw newErr; ^ AssertionError [ERR_ASSERTION]: ifError got unwanted exception: Command failed: /home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 Can't use SSL_get_servername depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = [email protected] verify error:num=18:self-signed certificate verify return:1 depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = [email protected] verify return:1 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100: at /home/luigi/node/test/common/index.js:426:12 at /home/luigi/node/test/common/index.js:463:15 at ChildProcess.exithandler (node:child_process:427:5) at ChildProcess.exithandler (node:child_process:419:12) at ChildProcess.emit (node:events:511:28) at maybeClose (node:internal/child_process:1098:16) at ChildProcess._handle.onexit (node:internal/child_process:304:5){generatedMessage: false, code: 'ERR_ASSERTION', actual: Error: Command failed: /home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 Can't use SSL_get_servername depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = [email protected] verify error:num=18:self-signed certificate verify return:1 depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = [email protected] verify return:1 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100: at ChildProcess.exithandler (node:child_process:419:12) at ChildProcess.emit (node:events:511:28) at maybeClose (node:internal/child_process:1098:16) at ChildProcess._handle.onexit (node:internal/child_process:304:5){code: 1, killed: false, signal: null, cmd: '/home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256' }, expected: null, operator: 'ifError' } Node.js v21.0.0-pre Command: out/Release/node --no-warnings /home/luigi/node/test/parallel/test-tls-dhe.js [00:00|% 100|+ 0|- 1]: Done Failed tests: out/Release/node --no-warnings /home/luigi/node/test/parallel/test-tls-dhe.js

@lpincalpinca added the commit-queue Add this label to land a pull request using GitHub Actions. label May 29, 2023
@nodejs-github-botnodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label May 29, 2023
@nodejs-github-botnodejs-github-bot merged commit 20080f9 into nodejs:mainMay 29, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 29, 2023

Landed in 20080f9

@lpincalpinca deleted the set/seclevel-for-s_client branch May 29, 2023 19:26
targos pushed a commit that referenced this pull request May 30, 2023
@lpinca@targos
test: use lower security level in s_client
e12ee59
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: #48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
@richardlaurichardlau mentioned this pull request Jun 2, 2023
Merged
@targostargos mentioned this pull request Jun 4, 2023
Merged
richardlau pushed a commit to richardlau/node-1 that referenced this pull request Jul 6, 2023
@lpinca@richardlau
test: use lower security level in s_client
ee8fc9b
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
danielleadams pushed a commit that referenced this pull request Jul 6, 2023
@lpinca@danielleadams
test: use lower security level in s_client
8512e64
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: #48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
MoLow pushed a commit to MoLow/node that referenced this pull request Jul 6, 2023
@lpinca@MoLow
test: use lower security level in s_client
a9d0b8d
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
@danielleadamsdanielleadams mentioned this pull request Jul 10, 2023
Merged
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@lpinca@Ceres6
test: use lower security level in s_client
e1e285d
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@lpinca@Ceres6
test: use lower security level in s_client
909dc04
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: James M Snell <[email protected]>
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bnoordhuisbnoordhuisbnoordhuis approved these changes

@jasnelljasnelljasnell approved these changes

Assignees

No one assigned

Labels

needs-ciPRs that need a full CI run.testIssues and PRs related to the tests.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@lpinca@nodejs-github-bot@bnoordhuis@jasnell@targos@richardlau