tls: throw if SNICallback is not a function

If a value is passed for SNICallback and it is not a function, createServer() will now throw. PR-URL: #20969 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com>
nodejs · May 31, 2018 · eadcee1 · eadcee1
1 parent 89d211f
commit eadcee1
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 0 deletions.
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
@@ -896,6 +896,11 @@ function Server(options, listener) {
  'options.handshakeTimeout', 'number', options.handshakeTimeout);
  }
 
+ if (this[kSNICallback] && typeof this[kSNICallback] !== 'function') {
+ throw new ERR_INVALID_ARG_TYPE(
+ 'options.SNICallback', 'function', options.SNICallback);
+ }
+
  if (this.sessionTimeout) {
  this._sharedCreds.context.setSessionTimeout(this.sessionTimeout);
  }

diff --git a/test/parallel/test-tls-snicallback-error.js b/test/parallel/test-tls-snicallback-error.js
@@ -0,0 +1,17 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+ common.skip('missing crypto');
+
+if (!process.features.tls_sni)
+ common.skip('compiled without OpenSSL or with old OpenSSL version');
+
+const assert = require('assert');
+const tls = require('tls');
+
+['fhqwhgads', 42, {}, []].forEach((testValue) => {
+ assert.throws(
+ () => { tls.createServer({ SNICallback: testValue }); },
+ { code: 'ERR_INVALID_ARG_TYPE', message: /\boptions\.SNICallback\b/ }
+ );
+});