test: fix test test-tls-dhe for OpenSSL32

Refs: https://github.com/nodejs/node/issues/53382 - OpenSSL32 has a minimum dh key size by 2048 by default. - Adjust test to use larger 3072 key instead of 1024 when OpenSSL32 is present. Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: https://github.com/nodejs/node/pull/54903 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2024-11-21 10:59:27 +00:00 · 2024-09-14 09:25:24 -04:00 · 2024-09-14 09:25:24 -04:00 · c4f2954703
commit c4f2954703
parent 45f44badaf
1 changed files with 11 additions and 4 deletions
--- a/test/parallel/test-tls-dhe.js
+++ b/test/parallel/test-tls-dhe.js
@ -43,9 +43,12 @@ const dheCipher = 'DHE-RSA-AES128-SHA256';
 const ecdheCipher = 'ECDHE-RSA-AES128-SHA256';
 const ciphers = `${dheCipher}:${ecdheCipher}`;

-// Test will emit a warning because the DH parameter size is < 2048 bits
-common.expectWarning('SecurityWarning',
-                     'DH parameter is less than 2048 bits');
+if (!common.hasOpenSSL(3, 2)) {
+  // Test will emit a warning because the DH parameter size is < 2048 bits
+  // when the test is run on versions lower than OpenSSL32
+  common.expectWarning('SecurityWarning',
+                       'DH parameter is less than 2048 bits');
+}

 function loadDHParam(n) {
  const keyname = `dh${n}.pem`;
@ -104,7 +107,11 @@ function testCustomParam(keylen, expectedCipher) {
  }, /DH parameter is less than 1024 bits/);

  // Custom DHE parameters are supported (but discouraged).
-  await testCustomParam(1024, dheCipher);
+  if (!common.hasOpenSSL(3, 2)) {
+    await testCustomParam(1024, dheCipher);
+  } else {
+    await testCustomParam(3072, dheCipher);
+  }
  await testCustomParam(2048, dheCipher);

  // Invalid DHE parameters are discarded. ECDHE remains enabled.