From 75697112e85b66e697db600d9238caff0ef69e0d Mon Sep 17 00:00:00 2001 From: Fedor Indutny Date: Tue, 4 Nov 2014 11:14:55 -0500 Subject: [PATCH] tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. Fix: https://github.com/joyent/node/issues/8660 Fix: https://github.com/joyent/node/issues/25735 Reviewed-By: Fedor Indutny PR-URL: https://github.com/joyent/node/pull/25739 --- lib/_tls_legacy.js | 7 +++++-- lib/_tls_wrap.js | 7 +++++-- test/simple/test-tls-ocsp-callback.js | 28 ++++++++++++++++++++------- 3 files changed, 31 insertions(+), 11 deletions(-) diff --git a/lib/_tls_legacy.js b/lib/_tls_legacy.js index 6dc5c3493cfceb..347b95e634566c 100644 --- a/lib/_tls_legacy.js +++ b/lib/_tls_legacy.js @@ -662,14 +662,17 @@ function onnewsession(key, session) { var self = this; var once = false; - self.server.emit('newSession', key, session, function() { + if (!self.server.emit('newSession', key, session, done)) + done(); + + function done() { if (once) return; once = true; if (self.ssl) self.ssl.newSessionDone(); - }); + }; } diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index 6e2a430840a92a..441776ad879113 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -201,7 +201,10 @@ function onnewsession(key, session) { var once = false; this._newSessionPending = true; - this.server.emit('newSession', key, session, function() { + if (!this.server.emit('newSession', key, session, done)) + done(); + + function done() { if (once) return; once = true; @@ -212,7 +215,7 @@ function onnewsession(key, session) { if (self._securePending) self._finishInit(); self._securePending = false; - }); + } } diff --git a/test/simple/test-tls-ocsp-callback.js b/test/simple/test-tls-ocsp-callback.js index fd45586b5ea0c9..4c7dd1d4423f1f 100644 --- a/test/simple/test-tls-ocsp-callback.js +++ b/test/simple/test-tls-ocsp-callback.js @@ -31,16 +31,19 @@ if (!common.opensslCli) { process.exit(0); } +var assert = require('assert'); +var tls = require('tls'); +var constants = require('constants'); +var fs = require('fs'); +var join = require('path').join; + test({ response: false }, function() { - test({ response: 'hello world' }); + test({ response: 'hello world' }, function() { + test({ ocsp: false }); + }); }); function test(testOptions, cb) { - var assert = require('assert'); - var tls = require('tls'); - var fs = require('fs'); - var join = require('path').join; - var spawn = require('child_process').spawn; var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem'); var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem'); @@ -54,6 +57,7 @@ function test(testOptions, cb) { ca: [ca] }; var requestCount = 0; + var clientSecure = 0; var ocspCount = 0; var ocspResponse; var session; @@ -83,9 +87,12 @@ function test(testOptions, cb) { server.listen(common.PORT, function() { var client = tls.connect({ port: common.PORT, - requestOCSP: true, + requestOCSP: testOptions.ocsp !== false, + secureOptions: testOptions.ocsp === false ? + constants.SSL_OP_NO_TICKET : 0, rejectUnauthorized: false }, function() { + clientSecure++; }); client.on('OCSPResponse', function(resp) { ocspResponse = resp; @@ -98,12 +105,19 @@ function test(testOptions, cb) { }); process.on('exit', function() { + if (testOptions.ocsp === false) { + assert.equal(requestCount, clientSecure); + assert.equal(requestCount, 1); + return; + } + if (testOptions.response) { assert.equal(ocspResponse.toString(), testOptions.response); } else { assert.ok(ocspResponse === null); } assert.equal(requestCount, testOptions.response ? 0 : 1); + assert.equal(clientSecure, requestCount); assert.equal(ocspCount, 1); }); }