For historical reasons, the second argument of SSL_CTX_set_timeout is a
signed integer, and Node.js has so far passed arbitrary (signed) int32_t
values. However, new versions of OpenSSL have changed the handling of
negative values inside SSL_CTX_set_timeout, and we should shield users
of Node.js from both the old and the new behavior. Hence, reject any
negative values by throwing an error from within createSecureContext.
Refs: https://github.com/openssl/openssl/pull/19082
PR-URL: https://github.com/nodejs/node/pull/53002
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Move test-tls-session-timeout from pummel to sequential. It isn't very
pummel-y and this will result in it being run on our CI more than once a
day. (It broke recently and it would have been caught if it was in
sequential rather than pummel.)
It must be in sequential rather than pummel because it uses
`common.PORT` which can result in test failures if more than one test
uses it at one time in parallel.
PR-URL: https://github.com/nodejs/node/pull/26865
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Tobias Nießen
Livia Medeiros
Alex Aubuchon
Sam Roberts
Rich Trott