Tests failing under Node.js 17 #1085
Description
Bug Description
Ran tests under Node.js 17, got the following:
FAIL test/tls-client-cert.js 3 failed of 3 100.353ms
✖ error:0A00018E:SSL routines::ca md too weak
✖ should be equal
✖ test unfinished
See also in actions: https://github.com/dominykas/undici/runs/4105824000?check_suite_focus=true#step:10:10005
Reproducible By
npm t
Expected Behavior
✅
Logs & Screenshots
Full stack traces
FAIL test/tls-client-cert.js
✖ error:0A00018E:SSL routines::ca md too weak
test/tls-client-cert.js
52 | method: 'GET'
53 | }, (err, { statusCode, body }) => {
> 54 | t.error(err)
| --------^
55 | t.equal(statusCode, 200)
56 |
57 | const authorized = client[kSocket].authorized
test: test/tls-client-cert.js Client using valid client certificate
origin:
at:
line: 65
column: 13
file: node:internal/tls/secure-context
stack: |
Array.forEach (<anonymous>)
Client.connect (lib/core/connect.js:31:20)
socket (lib/client.js:1144:25)
new Promise (<anonymous>)
connect (lib/client.js:1143:26)
library: SSL routines
reason: ca md too weak
code: ERR_SSL_CA_MD_TOO_WEAK
found:
!error
name: Error
message: error:0A00018E:SSL routines::ca md too weak
stack: >-
Error:
at node:internal/tls/secure-context:65:13
at Array.forEach (<anonymous>)
at setCerts (node:internal/tls/secure-context:63:3)
at configSecureContext (node:internal/tls/secure-context:152:5)
at Object.createSecureContext (node:_tls_common:116:3)
at Object.connect (node:_tls_wrap:1621:48)
at Client.connect (/Users/dominykas/devel/libs/undici/lib/core/connect.js:31:20)
at socket (/Users/dominykas/devel/libs/undici/lib/client.js:1144:25)
at new Promise (<anonymous>)
at connect (/Users/dominykas/devel/libs/undici/lib/client.js:1143:26)
library: SSL routines
reason: ca md too weak
code: ERR_SSL_CA_MD_TOO_WEAK
stack: |
test/tls-client-cert.js:54:9
lib/api/api-request.js:122:14
FAIL test/tls-client-cert.js
✖ should be equal
test/tls-client-cert.js
53 | }, (err, { statusCode, body }) => {
54 | t.error(err)
> 55 | t.equal(statusCode, 200)
| --------^
56 |
57 | const authorized = client[kSocket].authorized
58 | t.ok(authorized)
test: test/tls-client-cert.js Client using valid client certificate
found: null
wanted: 200
compare: ===
stack: |
test/tls-client-cert.js:55:9
lib/api/api-request.js:122:14
FAIL test/tls-client-cert.js
✖ test unfinished
test/tls-client-cert.js
18 | }
19 |
> 20 | test('Client using valid client certificate', t => {
| ^
21 | t.plan(5)
22 |
23 | const server = https.createServer(serverOptions, (req, res) => {
test: Client using valid client certificate
stack: |
Object.<anonymous> (test/tls-client-cert.js:20:1)
test/tls-client-cert.js 2> TypeError: Cannot read properties of null (reading 'authorized')
test/tls-client-cert.js 2> at /Users/dominykas/devel/libs/undici/test/tls-client-cert.js:57:42
test/tls-client-cert.js 2> at RequestHandler.runInAsyncScope (node:async_hooks:199:9)
test/tls-client-cert.js 2> at /Users/dominykas/devel/libs/undici/lib/api/api-request.js:122:14
test/tls-client-cert.js 2> at node:internal/process/task_queues:141:7
test/tls-client-cert.js 2> at AsyncResource.runInAsyncScope (node:async_hooks:199:9)
test/tls-client-cert.js 2> at AsyncResource.runMicrotask (node:internal/process/task_queues:138:8)
test/tls-client-cert.js 2> at processTicksAndRejections (node:internal/process/task_queues:96:5)
FAIL test/tls-client-cert.js 3 failed of 3 100.353ms
✖ error:0A00018E:SSL routines::ca md too weak
✖ should be equal
✖ test unfinished
Environment
Node.js 17.0.1 on Linux and macOS
Additional context
May or may not be related to NODE_OPTIONS=--openssl-legacy-provider (tests don't run at all without this; I haven't yet taken the time to understand what that is all about).
Somewhat related: I'm a couple of other PRs away from opening a PR for #1071, which would add Node.js 17 into the test matrix.