mirror of
https://github.com/electron/electron.git
synced 2026-04-10 03:01:51 -04:00
603bcb73e3
* chore: bump node in DEPS to v24.14.0 * lib: prefer call() over apply() if argument list is not array https://github.com/nodejs/node/pull/60796 * build,deps: replace cjs-module-lexer with merve https://github.com/nodejs/node/pull/61456 * test: use fixture directories for sea tests https://github.com/nodejs/node/pull/61167 * src: throw RangeError on failed ArrayBuffer BackingStore allocation * chore: fixup patch indices --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
427 lines
17 KiB
Diff
427 lines
17 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Jeremy Rose <nornagon@nornagon.net>
|
|
Date: Tue, 9 Feb 2021 12:34:46 -0800
|
|
Subject: fix crypto tests to run with bssl
|
|
|
|
This fixes some crypto tests so that they pass when compiled with
|
|
BoringSSL.
|
|
|
|
This should be upstreamed in some form, though it may need to be tweaked
|
|
before it's acceptable to upstream, as this patch comments out a couple
|
|
of tests that upstream probably cares about.
|
|
|
|
diff --git a/test/fixtures/crypto/rsa_pss.js b/test/fixtures/crypto/rsa_pss.js
|
|
index 423f2c4d77bfc98bfbdab93c09aff8012c678cbd..fa0bcceb5697486930a9530732f9a9ab6e1bb5b0 100644
|
|
--- a/test/fixtures/crypto/rsa_pss.js
|
|
+++ b/test/fixtures/crypto/rsa_pss.js
|
|
@@ -1,6 +1,6 @@
|
|
'use strict';
|
|
|
|
-module.exports = function() {
|
|
+module.exports = function () {
|
|
const pkcs8 = Buffer.from(
|
|
'308204bf020100300d06092a864886f70d0101010500048204a9308204a5020100028' +
|
|
'2010100d3576092e62957364544e7e4233b7bdb293db2085122c479328546f9f0f712' +
|
|
diff --git a/test/parallel/test-crypto-async-sign-verify.js b/test/parallel/test-crypto-async-sign-verify.js
|
|
index 9876c4bb6ecd2e5b8879f153811cd0a0a22997aa..2c4bf03452eb10fec52c38a361b6aad93169f08d 100644
|
|
--- a/test/parallel/test-crypto-async-sign-verify.js
|
|
+++ b/test/parallel/test-crypto-async-sign-verify.js
|
|
@@ -102,17 +102,17 @@ if (!process.features.openssl_is_boringssl) {
|
|
// ECDSA w/ ieee-p1363 signature encoding
|
|
test('ec_secp256k1_public.pem', 'ec_secp256k1_private.pem', 'sha384', false,
|
|
{ dsaEncoding: 'ieee-p1363' });
|
|
-}
|
|
|
|
-// DSA w/ der signature encoding
|
|
-test('dsa_public.pem', 'dsa_private.pem', 'sha256',
|
|
- false);
|
|
-test('dsa_public.pem', 'dsa_private.pem', 'sha256',
|
|
- false, { dsaEncoding: 'der' });
|
|
+ // DSA w/ der signature encoding
|
|
+ test('dsa_public.pem', 'dsa_private.pem', 'sha256',
|
|
+ false);
|
|
+ test('dsa_public.pem', 'dsa_private.pem', 'sha256',
|
|
+ false, { dsaEncoding: 'der' });
|
|
|
|
-// DSA w/ ieee-p1363 signature encoding
|
|
-test('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
|
|
- { dsaEncoding: 'ieee-p1363' });
|
|
+ // DSA w/ ieee-p1363 signature encoding
|
|
+ test('dsa_public.pem', 'dsa_private.pem', 'sha256', false,
|
|
+ { dsaEncoding: 'ieee-p1363' });
|
|
+}
|
|
|
|
// Test Parallel Execution w/ KeyObject is threadsafe in openssl3
|
|
{
|
|
diff --git a/test/parallel/test-crypto-cipheriv-decipheriv.js b/test/parallel/test-crypto-cipheriv-decipheriv.js
|
|
index 6742722f9e90914b4dc8c079426d10040d476f72..8801ddfe7023fd0f7d5657b86a9164d75765322e 100644
|
|
--- a/test/parallel/test-crypto-cipheriv-decipheriv.js
|
|
+++ b/test/parallel/test-crypto-cipheriv-decipheriv.js
|
|
@@ -62,6 +62,10 @@ function testCipher2(key, iv) {
|
|
|
|
|
|
function testCipher3(key, iv) {
|
|
+ if (!crypto.getCiphers().includes('id-aes128-wrap')) {
|
|
+ common.printSkipMessage(`unsupported id-aes128-wrap test`);
|
|
+ return;
|
|
+ }
|
|
// Test encryption and decryption with explicit key and iv.
|
|
// AES Key Wrap test vector comes from RFC3394
|
|
const plaintext = Buffer.from('00112233445566778899AABBCCDDEEFF', 'hex');
|
|
diff --git a/test/parallel/test-crypto-dh-curves.js b/test/parallel/test-crypto-dh-curves.js
|
|
index 81a469c226c261564dee1e0b06b6571b18a41f1f..58b66045dba4201b7ebedd78b129420ffc316051 100644
|
|
--- a/test/parallel/test-crypto-dh-curves.js
|
|
+++ b/test/parallel/test-crypto-dh-curves.js
|
|
@@ -16,7 +16,7 @@ const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
|
|
crypto.createDiffieHellman(p, 'hex');
|
|
|
|
// Confirm DH_check() results are exposed for optional examination.
|
|
-const bad_dh = crypto.createDiffieHellman('02', 'hex');
|
|
+const bad_dh = crypto.createDiffieHellman('abcd', 'hex', 0);
|
|
assert.notStrictEqual(bad_dh.verifyError, 0);
|
|
|
|
const availableCurves = new Set(crypto.getCurves());
|
|
diff --git a/test/parallel/test-crypto-dh-errors.js b/test/parallel/test-crypto-dh-errors.js
|
|
index d7527d82617efccd931f0fc2f700ab876872c1e6..b14b4bbf88b902b6de916b92e3d48335c01df911 100644
|
|
--- a/test/parallel/test-crypto-dh-errors.js
|
|
+++ b/test/parallel/test-crypto-dh-errors.js
|
|
@@ -27,7 +27,7 @@ assert.throws(() => crypto.createDiffieHellman('abcdef', 13.37), {
|
|
for (const bits of [-1, 0, 1]) {
|
|
if (hasOpenSSL3) {
|
|
assert.throws(() => crypto.createDiffieHellman(bits), {
|
|
- code: 'ERR_OSSL_DH_MODULUS_TOO_SMALL',
|
|
+ code: 'ERR_OSSL_BN_BITS_TOO_SMALL',
|
|
name: 'Error',
|
|
message: /modulus too small/,
|
|
});
|
|
diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
|
|
index 3c00a5fc73bb9f86f944df74f29d6b5225bc2f0e..b4e7002d862907d2af3b4f8e985700bd03300809 100644
|
|
--- a/test/parallel/test-crypto-dh.js
|
|
+++ b/test/parallel/test-crypto-dh.js
|
|
@@ -97,17 +97,23 @@ const {
|
|
dh3.computeSecret('');
|
|
}, { message: hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
|
|
'Unspecified validation error' :
|
|
- 'Supplied key is too small' });
|
|
+ 'Supplied key is invalid' });
|
|
}
|
|
}
|
|
|
|
// Through a fluke of history, g=0 defaults to DH_GENERATOR (2).
|
|
{
|
|
const g = 0;
|
|
- crypto.createDiffieHellman('abcdef', g);
|
|
+ assert.throws(() => crypto.createDiffieHellman('abcdef', g), {
|
|
+ code: /ERR_CRYPTO_OPERATION_FAILED/,
|
|
+ name: 'Error'
|
|
+ });
|
|
crypto.createDiffieHellman('abcdef', 'hex', g);
|
|
}
|
|
|
|
{
|
|
- crypto.createDiffieHellman('abcdef', Buffer.from([2])); // OK
|
|
+ assert.throws(() => crypto.createDiffieHellman('abcdef', Buffer.from([2])), {
|
|
+ code: /ERR_CRYPTO_OPERATION_FAILED/,
|
|
+ name: 'Error'
|
|
+ });
|
|
}
|
|
diff --git a/test/parallel/test-crypto-hash-stream-pipe.js b/test/parallel/test-crypto-hash-stream-pipe.js
|
|
index d22281abbd5c3cab3aaa3ac494301fa6b4a8a968..5f0c6a4aed2e868a1a1049212edf218791cd6868 100644
|
|
--- a/test/parallel/test-crypto-hash-stream-pipe.js
|
|
+++ b/test/parallel/test-crypto-hash-stream-pipe.js
|
|
@@ -30,11 +30,11 @@ const crypto = require('crypto');
|
|
|
|
const stream = require('stream');
|
|
const s = new stream.PassThrough();
|
|
-const h = crypto.createHash('sha3-512');
|
|
-const expect = '36a38a2a35e698974d4e5791a3f05b05' +
|
|
- '198235381e864f91a0e8cd6a26b677ec' +
|
|
- 'dcde8e2b069bd7355fabd68abd6fc801' +
|
|
- '19659f25e92f8efc961ee3a7c815c758';
|
|
+const h = crypto.createHash('sha512');
|
|
+const expect = 'fba055c6fd0c5b6645407749ed7a8b41' +
|
|
+ 'b8f629f2163c3ca3701d864adabda1f8' +
|
|
+ '93c37bf82b22fdd151ba8e357f611da4' +
|
|
+ '88a74b6a5525dd9b69554c6ce5138ad7';
|
|
|
|
s.pipe(h).on('data', common.mustCall(function(c) {
|
|
assert.strictEqual(c, expect);
|
|
diff --git a/test/parallel/test-crypto-oneshot-hash-xof.js b/test/parallel/test-crypto-oneshot-hash-xof.js
|
|
index 75cb4800ff1bd51fedd7bc4e2d7e6af6f4f48346..b4363c31592763235116d970a5f45d4cf63de373 100644
|
|
--- a/test/parallel/test-crypto-oneshot-hash-xof.js
|
|
+++ b/test/parallel/test-crypto-oneshot-hash-xof.js
|
|
@@ -7,6 +7,10 @@ if (!common.hasCrypto) common.skip('missing crypto');
|
|
const assert = require('assert');
|
|
const crypto = require('crypto');
|
|
|
|
+if (process.features.openssl_is_boringssl) {
|
|
+ common.skip('BoringSSL does not support XOF hash functions');
|
|
+}
|
|
+
|
|
// Test XOF hash functions and the outputLength option.
|
|
{
|
|
// Default outputLengths.
|
|
diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
|
|
index 119bc3c2d20ea7d681f0b579f9d91ad46cdc3634..8d13b105fa426015a873c411ad1d7f64b3d9580e 100644
|
|
--- a/test/parallel/test-crypto-rsa-dsa.js
|
|
+++ b/test/parallel/test-crypto-rsa-dsa.js
|
|
@@ -29,12 +29,11 @@ const dsaPkcs8KeyPem = fixtures.readKey('dsa_private_pkcs8.pem');
|
|
const ec = new TextEncoder();
|
|
|
|
const openssl1DecryptError = {
|
|
- message: 'error:06065064:digital envelope routines:EVP_DecryptFinal_ex:' +
|
|
- 'bad decrypt',
|
|
- code: 'ERR_OSSL_EVP_BAD_DECRYPT',
|
|
- reason: 'bad decrypt',
|
|
- function: 'EVP_DecryptFinal_ex',
|
|
- library: 'digital envelope routines',
|
|
+ message: /error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt|error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT/,
|
|
+ code: /ERR_OSSL(_EVP)?_BAD_DECRYPT/,
|
|
+ reason: /bad decrypt|BAD_DECRYPT/,
|
|
+ function: /EVP_DecryptFinal_ex|OPENSSL_internal/,
|
|
+ library: /digital envelope routines|Cipher functions/,
|
|
};
|
|
|
|
const decryptError = hasOpenSSL3 ?
|
|
@@ -223,7 +222,7 @@ function test_rsa(padding, encryptOaepHash, decryptOaepHash) {
|
|
}, bufferToEncrypt);
|
|
|
|
|
|
- if (padding === constants.RSA_PKCS1_PADDING) {
|
|
+ if (!process.features.openssl_is_boringssl) {
|
|
if (!process.config.variables.node_shared_openssl) {
|
|
// TODO(richardlau) remove check and else branch after deps/openssl
|
|
// is upgraded.
|
|
@@ -489,7 +488,7 @@ assert.throws(() => {
|
|
//
|
|
// Test DSA signing and verification
|
|
//
|
|
-{
|
|
+if (!process.features.openssl_is_boringssl) {
|
|
const input = 'I AM THE WALRUS';
|
|
|
|
// DSA signatures vary across runs so there is no static string to verify
|
|
diff --git a/test/parallel/test-crypto-scrypt.js b/test/parallel/test-crypto-scrypt.js
|
|
index eafdfe392bde8eb1fde1dc7e7e9ae51682c74b87..2907e0175379266c90acb9df829d10283bd46652 100644
|
|
--- a/test/parallel/test-crypto-scrypt.js
|
|
+++ b/test/parallel/test-crypto-scrypt.js
|
|
@@ -192,7 +192,7 @@ for (const options of incompatibleOptions) {
|
|
|
|
for (const options of toobig) {
|
|
const expected = {
|
|
- message: /Invalid scrypt params:.*memory limit exceeded/,
|
|
+ message: /Invalid scrypt params/,
|
|
code: 'ERR_CRYPTO_INVALID_SCRYPT_PARAMS',
|
|
};
|
|
assert.throws(() => crypto.scrypt('pass', 'salt', 1, options, () => {}),
|
|
diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js
|
|
index a66f0a94efd7c952c1d2320fbc7a39fe3a88a8a1..dc5846db0e3dcf8f7cb5f7efcdbc81c1d767ab88 100644
|
|
--- a/test/parallel/test-crypto-sign-verify.js
|
|
+++ b/test/parallel/test-crypto-sign-verify.js
|
|
@@ -33,7 +33,7 @@ const keySize = 2048;
|
|
}
|
|
|
|
// Test handling of exceptional conditions
|
|
-{
|
|
+if (!process.features.openssl_is_boringssl) {
|
|
const library = {
|
|
configurable: true,
|
|
set() {
|
|
@@ -345,15 +345,15 @@ assert.throws(
|
|
padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
|
|
});
|
|
}, hasOpenSSL(3) ? {
|
|
- code: 'ERR_OSSL_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE',
|
|
- message: /illegal or unsupported padding mode/,
|
|
+ code: /^ERR_OSSL_(RSA|EVP)_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE$/,
|
|
+ message: /illegal or unsupported padding mode|ILLEGAL_OR_UNSUPPORTED_PADDING_MODE/,
|
|
} : {
|
|
- code: 'ERR_OSSL_RSA_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE',
|
|
- message: /illegal or unsupported padding mode/,
|
|
- opensslErrorStack: [
|
|
+ code: /^ERR_OSSL_(RSA|EVP)_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE$/,
|
|
+ message: /illegal or unsupported padding mode|ILLEGAL_OR_UNSUPPORTED_PADDING_MODE/,
|
|
+ /*opensslErrorStack: [
|
|
'error:06089093:digital envelope routines:EVP_PKEY_CTX_ctrl:' +
|
|
'command not supported',
|
|
- ],
|
|
+ ],*/
|
|
});
|
|
}
|
|
|
|
@@ -423,11 +423,13 @@ assert.throws(
|
|
public: fixtures.readKey('ed25519_public.pem', 'ascii'),
|
|
algo: null,
|
|
sigLen: 64 },
|
|
+ /*
|
|
{ private: fixtures.readKey('ed448_private.pem', 'ascii'),
|
|
public: fixtures.readKey('ed448_public.pem', 'ascii'),
|
|
algo: null,
|
|
supportsContext: true,
|
|
sigLen: 114 },
|
|
+ */
|
|
{ private: fixtures.readKey('rsa_private_2048.pem', 'ascii'),
|
|
public: fixtures.readKey('rsa_public_2048.pem', 'ascii'),
|
|
algo: 'sha1',
|
|
@@ -547,7 +549,7 @@ assert.throws(
|
|
|
|
{
|
|
const data = Buffer.from('Hello world');
|
|
- const keys = [['ec-key.pem', 64], ['dsa_private_1025.pem', 40]];
|
|
+ const keys = [['ec-key.pem', 64]/*, ['dsa_private_1025.pem', 40]*/];
|
|
|
|
for (const [file, length] of keys) {
|
|
const privKey = fixtures.readKey(file);
|
|
diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js
|
|
index d21a6bd3d98d6db26cc82896e62da2869cf22842..115a2046b4d4b2688eaf033b58514c903af7a4b5 100644
|
|
--- a/test/parallel/test-crypto.js
|
|
+++ b/test/parallel/test-crypto.js
|
|
@@ -62,7 +62,7 @@ assert.throws(() => {
|
|
// Throws general Error, so there is no opensslErrorStack property.
|
|
return err instanceof Error &&
|
|
err.name === 'Error' &&
|
|
- /^Error: mac verify failure$/.test(err) &&
|
|
+ (/^Error: (mac verify failure|INCORRECT_PASSWORD)$/.test(err)) &&
|
|
!('opensslErrorStack' in err);
|
|
});
|
|
|
|
@@ -72,7 +72,7 @@ assert.throws(() => {
|
|
// Throws general Error, so there is no opensslErrorStack property.
|
|
return err instanceof Error &&
|
|
err.name === 'Error' &&
|
|
- /^Error: mac verify failure$/.test(err) &&
|
|
+ (/^Error: (mac verify failure|INCORRECT_PASSWORD)$/.test(err)) &&
|
|
!('opensslErrorStack' in err);
|
|
});
|
|
|
|
@@ -82,7 +82,7 @@ assert.throws(() => {
|
|
// Throws general Error, so there is no opensslErrorStack property.
|
|
return err instanceof Error &&
|
|
err.name === 'Error' &&
|
|
- /^Error: not enough data$/.test(err) &&
|
|
+ /^Error: (not enough data|BAD_PKCS12_DATA)$/.test(err) &&
|
|
!('opensslErrorStack' in err);
|
|
});
|
|
|
|
@@ -145,8 +145,6 @@ assert(crypto.getHashes().includes('sha1'));
|
|
assert(crypto.getHashes().includes('sha256'));
|
|
assert(!crypto.getHashes().includes('SHA1'));
|
|
assert(!crypto.getHashes().includes('SHA256'));
|
|
-assert(crypto.getHashes().includes('RSA-SHA1'));
|
|
-assert(!crypto.getHashes().includes('rsa-sha1'));
|
|
validateList(crypto.getHashes());
|
|
// Make sure all of the hashes are supported by OpenSSL
|
|
for (const algo of crypto.getHashes())
|
|
@@ -197,6 +195,7 @@ assert.throws(
|
|
}
|
|
);
|
|
|
|
+if (!process.features.openssl_is_boringssl) {
|
|
assert.throws(() => {
|
|
const priv = [
|
|
'-----BEGIN RSA PRIVATE KEY-----',
|
|
@@ -253,7 +252,7 @@ if (!hasOpenSSL3) {
|
|
return true;
|
|
});
|
|
}
|
|
-
|
|
+}
|
|
// Make sure memory isn't released before being returned
|
|
console.log(crypto.randomBytes(16));
|
|
|
|
diff --git a/test/parallel/test-webcrypto-wrap-unwrap.js b/test/parallel/test-webcrypto-wrap-unwrap.js
|
|
index bd788ec4ed88289d35798b8af8c9490a68e081a2..1a5477ba928bce93320f8056db02e1a7b8ddcdf3 100644
|
|
--- a/test/parallel/test-webcrypto-wrap-unwrap.js
|
|
+++ b/test/parallel/test-webcrypto-wrap-unwrap.js
|
|
@@ -20,14 +20,15 @@ const kWrappingData = {
|
|
wrap: { label: new Uint8Array(8) },
|
|
pair: true
|
|
},
|
|
- 'AES-CTR': {
|
|
+ 'AES-CBC': {
|
|
generate: { length: 128 },
|
|
- wrap: { counter: new Uint8Array(16), length: 64 },
|
|
+ wrap: { iv: new Uint8Array(16) },
|
|
pair: false
|
|
},
|
|
- 'AES-CBC': {
|
|
+ /*
|
|
+ 'AES-CTR': {
|
|
generate: { length: 128 },
|
|
- wrap: { iv: new Uint8Array(16) },
|
|
+ wrap: { counter: new Uint8Array(16), length: 64 },
|
|
pair: false
|
|
},
|
|
'AES-GCM': {
|
|
@@ -46,30 +47,9 @@ if (!process.features.openssl_is_boringssl) {
|
|
generate: { length: 128 },
|
|
wrap: { },
|
|
pair: false
|
|
- };
|
|
- kWrappingData['ChaCha20-Poly1305'] = {
|
|
- wrap: {
|
|
- iv: new Uint8Array(12),
|
|
- additionalData: new Uint8Array(16),
|
|
- tagLength: 128
|
|
- },
|
|
- pair: false
|
|
- };
|
|
-} else {
|
|
- common.printSkipMessage('Skipping unsupported AES-KW test case');
|
|
-}
|
|
-
|
|
-if (hasOpenSSL(3)) {
|
|
- kWrappingData['AES-OCB'] = {
|
|
- generate: { length: 128 },
|
|
- wrap: {
|
|
- iv: new Uint8Array(15),
|
|
- additionalData: new Uint8Array(16),
|
|
- tagLength: 128
|
|
- },
|
|
- pair: false
|
|
- };
|
|
-}
|
|
+ }
|
|
+ */
|
|
+};
|
|
|
|
function generateWrappingKeys() {
|
|
return Promise.all(Object.keys(kWrappingData).map(async (name) => {
|
|
diff --git a/test/parallel/test-x509-escaping.js b/test/parallel/test-x509-escaping.js
|
|
index a5937a09cb1535778a6345885a69ca9bcecf3e96..336313d30b3329b73c04f2f6d6a5e02375a11a72 100644
|
|
--- a/test/parallel/test-x509-escaping.js
|
|
+++ b/test/parallel/test-x509-escaping.js
|
|
@@ -438,7 +438,7 @@ const { hasOpenSSL3 } = require('../common/crypto');
|
|
const cert = fixtures.readKey('incorrect_san_correct_subject-cert.pem');
|
|
|
|
// The hostname is the CN, but not a SAN entry.
|
|
- const servername = process.features.openssl_is_boringssl ? undefined : 'good.example.com';
|
|
+ const servername = 'good.example.com';
|
|
const certX509 = new X509Certificate(cert);
|
|
assert.strictEqual(certX509.subject, `CN=${servername}`);
|
|
assert.strictEqual(certX509.subjectAltName, 'DNS:evil.example.com');
|
|
@@ -448,7 +448,7 @@ const { hasOpenSSL3 } = require('../common/crypto');
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'default' }),
|
|
undefined);
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'always' }),
|
|
- servername);
|
|
+ undefined);
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'never' }),
|
|
undefined);
|
|
|
|
@@ -483,11 +483,11 @@ const { hasOpenSSL3 } = require('../common/crypto');
|
|
assert.strictEqual(certX509.subjectAltName, 'IP Address:1.2.3.4');
|
|
|
|
// The newer X509Certificate API allows customizing this behavior:
|
|
- assert.strictEqual(certX509.checkHost(servername), servername);
|
|
+ assert.strictEqual(certX509.checkHost(servername), undefined);
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'default' }),
|
|
- servername);
|
|
+ undefined);
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'always' }),
|
|
- servername);
|
|
+ undefined);
|
|
assert.strictEqual(certX509.checkHost(servername, { subject: 'never' }),
|
|
undefined);
|
|
|