From f4db363eb36b8f314b2c996f61bf4959163a76a8 Mon Sep 17 00:00:00 2001 From: Tim Perry Date: Wed, 4 Sep 2024 12:52:31 +0200 Subject: [PATCH] Only check unsupported error for OpenSSL 3+ - didn't exist before then --- src/crypto/crypto_context.cc | 2 ++ test/parallel/test-tls-legacy-pfx.js | 3 +++ 2 files changed, 5 insertions(+) diff --git a/src/crypto/crypto_context.cc b/src/crypto/crypto_context.cc index 28ea24e470e35c..aa5ba34c761224 100644 --- a/src/crypto/crypto_context.cc +++ b/src/crypto/crypto_context.cc @@ -1149,12 +1149,14 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo& args) { // TODO(@jasnell): Should this use ThrowCryptoError? unsigned long err = ERR_get_error(); // NOLINT(runtime/int) +#if OPENSSL_VERSION_MAJOR >= 3 if (ERR_GET_REASON(err) == ERR_R_UNSUPPORTED) { // OpenSSL's "unsupported" error without any context is very // common and not very helpful, so we override it: return THROW_ERR_CRYPTO_UNSUPPORTED_OPERATION( env, "Unsupported PKCS12 PFX data"); } +#endif const char* str = ERR_reason_error_string(err); str = str != nullptr ? str : "Unknown error"; diff --git a/test/parallel/test-tls-legacy-pfx.js b/test/parallel/test-tls-legacy-pfx.js index f4d6556a23da25..33b4c58fc6ccc3 100644 --- a/test/parallel/test-tls-legacy-pfx.js +++ b/test/parallel/test-tls-legacy-pfx.js @@ -2,6 +2,9 @@ const common = require('../common'); if (!common.hasCrypto) common.skip('missing crypto'); +if (!common.hasOpenSSL3) + common.skip('OpenSSL legacy failures are only testable with OpenSSL 3+'); + const fixtures = require('../common/fixtures'); const {