Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

failed test: parallel/test-tls-0-dns-altname when using shared openssl #617

Closed
jbergstroem opened this issue Jan 27, 2015 · 7 comments
Closed
Labels
tls Issues and PRs related to the tls subsystem.

Comments

@jbergstroem
Copy link
Member

Path: parallel/test-tls-0-dns-altname
assert.js:100
  throw new assert.AssertionError({
        ^
AssertionError: "DNS:google.com, DNS:just-another.com, IP Address:8.8.8.8, IP Address:8.8.4.4, DNS:last.com" == "DNS:google.com\u0000.evil.com, DNS:just-another.com, IP Address:8.8.8.8, IP Address:8.8.4.4, DNS:last.com"
    at TLSSocket.<anonymous> (test/parallel/test-tls-0-dns-altname.js:29:12)
    at TLSSocket.g (events.js:184:16)
    at TLSSocket.emit (events.js:95:17)
    at TLSSocket.<anonymous> (_tls_wrap.js:910:18)
    at TLSSocket.emit (events.js:95:17)
    at TLSSocket._finishInit (_tls_wrap.js:436:8)

The test checks for process.versions.openssl, which will always exist regardless of using a shared library or not. I'm not sure what we want to do here -- possibly just rewrite the check?

@micnic micnic added the tls Issues and PRs related to the tls subsystem. label Jan 28, 2015
@shigeki shigeki self-assigned this Feb 9, 2015
@shigeki
Copy link
Contributor

shigeki commented Feb 9, 2015

@jbergstroem This error is confirmed in my Ubuntu 14.04 with OpenSSL 1.0.1f installed by apt-get. Is this the same environment as yours?

@jbergstroem
Copy link
Member Author

@shigeki I have a newer openssl (OpenSSL 1.0.2 22 Jan 2015). Both this test and test-tls-no-sslv3 fails, but sslv3 at least fails because of the "right" reasons thanks to #762. I've also tested 1.0.1{j,k,l}.

@shigeki
Copy link
Contributor

shigeki commented Feb 9, 2015

@jbergstroem Thanks. That means this error is independent of openssl version. I'll take a look at it.

shigeki pushed a commit to shigeki/node that referenced this issue Feb 11, 2015
In the case of using openssl with shared library,
reinterpret_cast<X509V3_EXT_I2V>(i2v_GENERAL_NAMES)) refers plt
pointer so that SafeX509ExtPrint returns false.
Fix it to check it with method of NID_subject_alt_name

This patch originally was created by Fedor Indutny
and Ben Noordhuis

Fixes: nodejs#617
shigeki pushed a commit that referenced this issue Feb 11, 2015
In the case of using openssl with shared library,
reinterpret_cast<X509V3_EXT_I2V>(i2v_GENERAL_NAMES)) refers plt
pointer so that SafeX509ExtPrint returns false.
Fix it to check it with method of NID_subject_alt_name

This patch originally was created by Fedor Indutny
and Ben Noordhuis

Fixes: #617
PR-URL: #800

Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
@shigeki
Copy link
Contributor

shigeki commented Feb 11, 2015

Fixed in #800 . Close this.
@jbergstroem Thanks for your reporting and I'd like you to confirm that it is really fixed.

@shigeki shigeki closed this as completed Feb 11, 2015
@jbergstroem
Copy link
Member Author

@shigeki confirmed fixed, thanks. test-tls-no-sslv3 still fails for me though -- I guess #618 ended up being used for fixing openssl-binary path. Do you want me to create a new issue?

@shigeki
Copy link
Contributor

shigeki commented Feb 11, 2015

@jbergstroem I reopen #618 . Could you give me more information?

@jbergstroem
Copy link
Member Author

@shigeki Sorry, snuck a link in above comment. I'll post it to the other issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

No branches or pull requests

3 participants