From 92ec6f69c33af9defe12a8f331480a6ff42533ca Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Sat, 23 Sep 2017 04:07:58 -0400
Subject: [PATCH] test: fix test-https-agent-session-eviction for 1.1

This test is testing the workaround for an OpenSSL 1.0.x bug, which was
fixed in 1.1.0. With the bug fixed, the test expectations need to change
slightly.

PR-URL: https://github.com/nodejs/node/pull/16130
Backport-PR-URL: https://github.com/nodejs/node/pull/18622
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
---
 src/node_constants.cc                         |  4 +++
 .../test-https-agent-session-eviction.js      | 28 +++++++++++++------
 2 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/src/node_constants.cc b/src/node_constants.cc
index 1023ada3e61fb5..aa245ad4fd8b3d 100644
--- a/src/node_constants.cc
+++ b/src/node_constants.cc
@@ -755,6 +755,10 @@ void DefineSignalConstants(Local<Object> target) {
 }
 
 void DefineOpenSSLConstants(Local<Object> target) {
+#ifdef OPENSSL_VERSION_NUMBER
+    NODE_DEFINE_CONSTANT(target, OPENSSL_VERSION_NUMBER);
+#endif
+
 #ifdef SSL_OP_ALL
     NODE_DEFINE_CONSTANT(target, SSL_OP_ALL);
 #endif
diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js
index 616604124acf34..cf6a1341c1e03f 100644
--- a/test/parallel/test-https-agent-session-eviction.js
+++ b/test/parallel/test-https-agent-session-eviction.js
@@ -8,7 +8,8 @@ if (!common.hasCrypto)
 
 const assert = require('assert');
 const https = require('https');
-const SSL_OP_NO_TICKET = require('crypto').constants.SSL_OP_NO_TICKET;
+const { OPENSSL_VERSION_NUMBER, SSL_OP_NO_TICKET } =
+    require('crypto').constants;
 
 const options = {
   key: readKey('agent1-key.pem'),
@@ -58,14 +59,25 @@ function second(server, session) {
     res.resume();
   });
 
-  // Let it fail
-  req.on('error', common.mustCall(function(err) {
-    assert(/wrong version number/.test(err.message));
+  if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+    // Although we have a TLS 1.2 session to offer to the TLS 1.0 server,
+    // connection to the TLS 1.0 server should work.
+    req.on('response', common.mustCall(function(res) {
+      // The test is now complete for OpenSSL 1.1.0.
+      server.close();
+    }));
+  } else {
+    // OpenSSL 1.0.x mistakenly locked versions based on the session it was
+    // offering. This causes this sequent request to fail. Let it fail, but
+    // test that this is mitigated on the next try by invalidating the session.
+    req.on('error', common.mustCall(function(err) {
+      assert(/wrong version number/.test(err.message));
 
-    req.on('close', function() {
-      third(server);
-    });
-  }));
+      req.on('close', function() {
+        third(server);
+      });
+    }));
+  }
   req.end();
 }