Skip to content

test: use lower security level in s_client #48192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 29, 2023
Merged

test: use lower security level in s_client #48192

merged 1 commit into from
May 29, 2023

Conversation

@lpinca
Copy link
Member

@lpinca lpinca commented May 26, 2023
edited
Loading

With the default security level (SECLEVEL=2), the following error

40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100

is raised on on Ubuntu 22.04 on WSL2.
@nodejs-github-bot nodejs-github-bot added needs-ci PRs that need a full CI run. test Issues and PRs related to the tests. labels May 26, 2023
@lpinca lpinca added the request-ci Add this label to start a Jenkins CI on a PR. label May 26, 2023
@lpinca
test: use lower security level in s_client
4c6ea53 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2.
@lpinca lpinca force-pushed the set/seclevel-for-s_client branch from c91a637 to 4c6ea53 Compare May 26, 2023 15:50
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 26, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 26, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/51972/
@lpinca
Copy link
Member Author

lpinca commented May 27, 2023

This is the full output

$ ./tools/test.py test/parallel/test-tls-dhe.js === release test-tls-dhe === Path: parallel/test-tls-dhe node:assert:991 throw newErr; ^ AssertionError [ERR_ASSERTION]: ifError got unwanted exception: Command failed: /home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 Can't use SSL_get_servername depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = ry@tinyclouds.org verify error:num=18:self-signed certificate verify return:1 depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = ry@tinyclouds.org verify return:1 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100: at /home/luigi/node/test/common/index.js:426:12 at /home/luigi/node/test/common/index.js:463:15 at ChildProcess.exithandler (node:child_process:427:5) at ChildProcess.exithandler (node:child_process:419:12) at ChildProcess.emit (node:events:511:28) at maybeClose (node:internal/child_process:1098:16) at ChildProcess._handle.onexit (node:internal/child_process:304:5) { generatedMessage: false, code: 'ERR_ASSERTION', actual: Error: Command failed: /home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 Can't use SSL_get_servername depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = ry@tinyclouds.org verify error:num=18:self-signed certificate verify return:1 depth=0 C = US, ST = CA, L = SF, O = Joyent, OU = Node.js, CN = agent2, emailAddress = ry@tinyclouds.org verify return:1 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100: at ChildProcess.exithandler (node:child_process:419:12) at ChildProcess.emit (node:events:511:28) at maybeClose (node:internal/child_process:1098:16) at ChildProcess._handle.onexit (node:internal/child_process:304:5) { code: 1, killed: false, signal: null, cmd: '/home/luigi/node/out/Release/openssl-cli s_client -connect 127.0.0.1:35673 -cipher DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256' }, expected: null, operator: 'ifError' } Node.js v21.0.0-pre Command: out/Release/node --no-warnings /home/luigi/node/test/parallel/test-tls-dhe.js [00:00|% 100|+ 0|- 1]: Done Failed tests: out/Release/node --no-warnings /home/luigi/node/test/parallel/test-tls-dhe.js
@lpinca lpinca added the commit-queue Add this label to land a pull request using GitHub Actions. label May 29, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label May 29, 2023
@nodejs-github-bot nodejs-github-bot merged commit 20080f9 into nodejs:main May 29, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 29, 2023

Landed in 20080f9
@lpinca lpinca deleted the set/seclevel-for-s_client branch May 29, 2023 19:26
targos pushed a commit that referenced this pull request May 30, 2023
@lpinca @targos
test: use lower security level in s_client
e12ee59 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: #48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
@richardlau richardlau mentioned this pull request Jun 2, 2023
Merged
@targos targos mentioned this pull request Jun 4, 2023
Merged
richardlau pushed a commit to richardlau/node-1 that referenced this pull request Jul 6, 2023
@lpinca @richardlau
test: use lower security level in s_client
ee8fc9b 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
danielleadams pushed a commit that referenced this pull request Jul 6, 2023
@lpinca @danielleadams
test: use lower security level in s_client
8512e64 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: #48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
MoLow pushed a commit to MoLow/node that referenced this pull request Jul 6, 2023
@lpinca @MoLow
test: use lower security level in s_client
a9d0b8d 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
@danielleadams danielleadams mentioned this pull request Jul 10, 2023
Merged
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@lpinca @Ceres6
test: use lower security level in s_client
e1e285d 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@lpinca @Ceres6
test: use lower security level in s_client
909dc04 
With the default security level (SECLEVEL=2), the following error ``` 40E72B52DB7F0000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:../deps/openssl/openssl/ssl/statem/statem_clnt.c:2100 ``` is raised on on Ubuntu 22.04 on WSL2. PR-URL: nodejs#48192 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

needs-ci PRs that need a full CI run. test Issues and PRs related to the tests.

6 participants

@lpinca @nodejs-github-bot @bnoordhuis @jasnell @targos @richardlau