1// Copyright Joyent, Inc. and other Node contributors. 2// 3// Permission is hereby granted, free of charge, to any person obtaining a 4// copy of this software and associated documentation files (the 5// "Software"), to deal in the Software without restriction, including 6// without limitation the rights to use, copy, modify, merge, publish, 7// distribute, sublicense, and/or sell copies of the Software, and to permit 8// persons to whom the Software is furnished to do so, subject to the 9// following conditions: 10// 11// The above copyright notice and this permission notice shall be included 12// in all copies or substantial portions of the Software. 13// 14// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 15// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN 17// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 18// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 19// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 20// USE OR OTHER DEALINGS IN THE SOFTWARE. 21 22'use strict'; 23const common = require('../common'); 24if (!common.hasCrypto) 25 common.skip('missing crypto'); 26 27if (!common.opensslCli) 28 common.skip('node compiled without OpenSSL CLI.'); 29 30const assert = require('assert'); 31const { execFile } = require('child_process'); 32const tls = require('tls'); 33const fixtures = require('../common/fixtures'); 34 35function loadPEM(n) { 36 return fixtures.readKey(`${n}.pem`); 37} 38 39const server = tls.Server({ 40 secureProtocol: 'TLSv1_2_server_method', 41 key: loadPEM('agent2-key'), 42 cert: loadPEM('agent2-cert') 43}, null).listen(0, common.mustCall(() => { 44 const args = ['s_client', '-quiet', '-tls1_1', 45 '-cipher', (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'), 46 '-connect', `127.0.0.1:${server.address().port}`]; 47 48 execFile(common.opensslCli, args, common.mustCall((err, _, stderr) => { 49 assert.strictEqual(err.code, 1); 50 assert.match(stderr, /SSL alert number 70/); 51 server.close(); 52 })); 53})); 54