test: replace s_client in test-https-ci-reneg-attack #25720
Conversation
Replace `s_client` in test-https-ci-reneg-attack with built-in client calling `tls.renegotiate()`. This also fixes the currently-broken test. (It is broken due to a change in behavior in a recently-updated-in-core version of `s_client`.)
|
Pummel tests are not run in regular CI so this combination should be sufficient: Lite CI: https://ci.nodejs.org/job/node-test-pull-request-lite-pipeline/2398/ Repurposed custom-suites job from node-daily-master that runs the pummel tests, but set to only run this one (because there is one other broken pummel test fixed in another PR that hasn't landed yet): https://ci.nodejs.org/job/node-test-commit-custom-suites/841/ |
Trott
added
the
flaky-test
| }); | ||
| const options = { | ||
| rejectUnauthorized: false, | ||
| agent |
Trott
added
the
author ready
|
Landed in 43c2a13` |
Replace `s_client` in test-https-ci-reneg-attack with built-in client calling `tls.renegotiate()`. This also fixes the currently-broken test. (It is broken due to a change in behavior in a recently-updated-in-core version of `s_client`.) PR-URL: nodejs#25720 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
BTW, a run with the full suite fails |
Interesting. it's a different test that fails (test-tls rather than test-https) but it's still TLS renegotiation... |
|
@refack Is it possible something funky is up with the git checkout on that run? Here's output from that run: 08:25:56 AssertionError [ERR_ASSERTION]: The expression evaluated to a falsy value:
08:25:56
08:25:56 assert(/TLS session renegotiation attack/.test(err))
08:25:56
08:25:56 at TLSSocket.<anonymous> (/home/iojs/build/workspace/node-test-commit-custom-suites/default/test/pummel/test-tls-ci-reneg-attack.js:59:7)But the |
|
Yeah, in fact, I'm going to call "funky checkout" on this one. It seems that somehow c421619 is missing. That change fixed that test for this sort of thing. And before that change, the |
I used the head of this PR - b2ad179: 11:20:08 > git fetch --no-tags --progress git@github.com:nodejs/node.git +refs/heads/*:refs/remotes/origin/* +refs/pull/25720/head:refs/remotes/origin/_jenkins_local_branch # timeout=20
11:20:15 Checking out Revision b2ad1797bde3da028813b073e68dc5ae2d3c9541 (refs/remotes/origin/_jenkins_local_branch)
11:20:15 > git config core.sparsecheckout # timeout=10
11:20:15 > git checkout -f b2ad1797bde3da028813b073e68dc5ae2d3c9541 # timeout=10 |
Replace `s_client` in test-https-ci-reneg-attack with built-in client calling `tls.renegotiate()`. This also fixes the currently-broken test. (It is broken due to a change in behavior in a recently-updated-in-core version of `s_client`.) PR-URL: #25720 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Ah! That'll do it. This branch didn't have the fix for the other test in it. But it had landed on master. |
Replace
s_clientin test-https-ci-reneg-attack with built-inclient calling
tls.renegotiate(). This also fixes the currently-brokentest. (It is broken due to a change in behavior in a
recently-updated-in-core version of
s_client.)Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passes