Skip to content

Commit

Permalink
src: inline SetSNICallback
Browse files Browse the repository at this point in the history
Refs: #30548 (comment)

PR-URL: #30548
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
  • Loading branch information
addaleax committed Nov 30, 2019
1 parent 7bd587e commit fc11db1
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 18 deletions.
17 changes: 1 addition & 16 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,6 @@ static bool extra_root_certs_loaded = false;
template void SSLWrap<TLSWrap>::AddMethods(Environment* env,
Local<FunctionTemplate> t);
template void SSLWrap<TLSWrap>::ConfigureSecureContext(SecureContext* sc);
template void SSLWrap<TLSWrap>::SetSNIContext(SecureContext* sc);
template int SSLWrap<TLSWrap>::SetCACerts(SecureContext* sc);
template void SSLWrap<TLSWrap>::MemoryInfo(MemoryTracker* tracker) const;
template SSL_SESSION* SSLWrap<TLSWrap>::GetSessionCallback(
Expand Down Expand Up @@ -2993,12 +2992,7 @@ void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) {
if (cons->HasInstance(ctx)) {
SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>());
CHECK_NOT_NULL(sc);
// XXX: There is a method w->SetSNIContext(sc), and you might think that
// it makes sense to call that here and make setting w->sni_context_ part
// of it. In fact, that passes the test suite, although SetSNIContext()
// performs a lot more operations.
// If anybody is familiar enough with the TLS code to know whether it makes
// sense, please do so or document why it doesn't.
// Store the SNI context for later use.
w->sni_context_ = BaseObjectPtr<SecureContext>(sc);

int rv;
Expand Down Expand Up @@ -3057,15 +3051,6 @@ void SSLWrap<Base>::DestroySSL() {
}


template <class Base>
void SSLWrap<Base>::SetSNIContext(SecureContext* sc) {
ConfigureSecureContext(sc);
CHECK_EQ(SSL_set_SSL_CTX(ssl_.get(), sc->ctx_.get()), sc->ctx_.get());

SetCACerts(sc);
}


template <class Base>
int SSLWrap<Base>::SetCACerts(SecureContext* sc) {
int err = SSL_set1_verify_cert_store(ssl_.get(),
Expand Down
1 change: 0 additions & 1 deletion src/node_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,6 @@ class SSLWrap {

void DestroySSL();
void WaitForCertCb(CertCb cb, void* arg);
void SetSNIContext(SecureContext* sc);
int SetCACerts(SecureContext* sc);

inline Environment* ssl_env() const {
Expand Down
6 changes: 5 additions & 1 deletion src/tls_wrap.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1068,7 +1068,11 @@ int TLSWrap::SelectSNIContextCallback(SSL* s, int* ad, void* arg) {
SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>());
CHECK_NOT_NULL(sc);
p->sni_context_ = BaseObjectPtr<SecureContext>(sc);
p->SetSNIContext(sc);

p->ConfigureSecureContext(sc);
CHECK_EQ(SSL_set_SSL_CTX(p->ssl_.get(), sc->ctx_.get()), sc->ctx_.get());
p->SetCACerts(sc);

return SSL_TLSEXT_ERR_OK;
}

Expand Down

0 comments on commit fc11db1

Please sign in to comment.