From 82017c90bbe1f9ac0f27ba8d5ab655f51419fc9e Mon Sep 17 00:00:00 2001
From: Richard Lau <rlau@redhat.com>
Date: Sun, 2 Jun 2024 19:12:23 +0100
Subject: [PATCH] test: fix test when compiled without engine support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Update the `addons/openssl-test-engine` test to pass when OpenSSL
has been compiled without support for custom engines. OpenSSL 3
deprecated support for engines, with the recommendation to move
to the provider model.

PR-URL: https://github.com/nodejs/node/pull/53232
Refs: https://github.com/openssl/openssl/blob/openssl-3.0.0/README-ENGINES.md
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 test/addons/openssl-test-engine/test.js | 61 ++++++++++++++-----------
 1 file changed, 35 insertions(+), 26 deletions(-)

diff --git a/test/addons/openssl-test-engine/test.js b/test/addons/openssl-test-engine/test.js
index fb531dcd75491a..e4ce6b5b519a55 100644
--- a/test/addons/openssl-test-engine/test.js
+++ b/test/addons/openssl-test-engine/test.js
@@ -11,50 +11,59 @@ const crypto = require('crypto');
 const fs = require('fs');
 const path = require('path');
 
+// Engine support in OpenSSL is checked later on.
+let hasEngineSupport = true;
 
-assert.throws(() => crypto.setEngine(true), /ERR_INVALID_ARG_TYPE/);
+assert.throws(() => crypto.setEngine(true), /ERR_INVALID_ARG_TYPE|ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED/);
 assert.throws(() => crypto.setEngine('/path/to/engine', 'notANumber'),
               /ERR_INVALID_ARG_TYPE/);
 
 {
   const invalidEngineName = 'xxx';
   assert.throws(() => crypto.setEngine(invalidEngineName),
-                /ERR_CRYPTO_ENGINE_UNKNOWN/);
+                /ERR_CRYPTO_ENGINE_UNKNOWN|ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED/);
   assert.throws(() => crypto.setEngine(invalidEngineName,
                                        crypto.constants.ENGINE_METHOD_RSA),
-                /ERR_CRYPTO_ENGINE_UNKNOWN/);
+                /ERR_CRYPTO_ENGINE_UNKNOWN|ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED/);
 }
 
-crypto.setEngine('dynamic');
-crypto.setEngine('dynamic');
+try {
+  crypto.setEngine('dynamic');
+  crypto.setEngine('dynamic');
 
-crypto.setEngine('dynamic', crypto.constants.ENGINE_METHOD_RSA);
-crypto.setEngine('dynamic', crypto.constants.ENGINE_METHOD_RSA);
+  crypto.setEngine('dynamic', crypto.constants.ENGINE_METHOD_RSA);
+  crypto.setEngine('dynamic', crypto.constants.ENGINE_METHOD_RSA);
+} catch (err) {
+  assert.strictEqual(err.code, 'ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED');
+  hasEngineSupport = false;
+}
 
-const engine = path.join(__dirname,
-                         `/build/${common.buildType}/testsetengine.engine`);
+if (hasEngineSupport) {
+  const engine = path.join(__dirname,
+                           `/build/${common.buildType}/testsetengine.engine`);
 
-if (!fs.existsSync(engine))
-  common.skip('no engine');
+  if (!fs.existsSync(engine))
+    common.skip('no engine');
 
-{
-  const engineId = path.parse(engine).name;
-  const execDir = path.parse(engine).dir;
+  {
+    const engineId = path.parse(engine).name;
+    const execDir = path.parse(engine).dir;
 
-  crypto.setEngine(engine);
-  // OpenSSL 3.0.1 and 1.1.1m now throw errors if an engine is loaded again
-  // with a duplicate absolute path.
-  // TODO(richardlau): figure out why this fails on macOS but not Linux.
-  // crypto.setEngine(engine);
+    crypto.setEngine(engine);
+    // OpenSSL 3.0.1 and 1.1.1m now throw errors if an engine is loaded again
+    // with a duplicate absolute path.
+    // TODO(richardlau): figure out why this fails on macOS but not Linux.
+    // crypto.setEngine(engine);
 
-  // crypto.setEngine(engine, crypto.constants.ENGINE_METHOD_RSA);
-  // crypto.setEngine(engine, crypto.constants.ENGINE_METHOD_RSA);
+    // crypto.setEngine(engine, crypto.constants.ENGINE_METHOD_RSA);
+    // crypto.setEngine(engine, crypto.constants.ENGINE_METHOD_RSA);
 
-  process.env.OPENSSL_ENGINES = execDir;
+    process.env.OPENSSL_ENGINES = execDir;
 
-  crypto.setEngine(engineId);
-  crypto.setEngine(engineId);
+    crypto.setEngine(engineId);
+    crypto.setEngine(engineId);
 
-  crypto.setEngine(engineId, crypto.constants.ENGINE_METHOD_RSA);
-  crypto.setEngine(engineId, crypto.constants.ENGINE_METHOD_RSA);
+    crypto.setEngine(engineId, crypto.constants.ENGINE_METHOD_RSA);
+    crypto.setEngine(engineId, crypto.constants.ENGINE_METHOD_RSA);
+  }
 }