Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v10.x] backport more TLS changes #27967

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions lib/_tls_wrap.js
Original file line number Diff line number Diff line change
Expand Up @@ -929,8 +929,8 @@ Server.prototype._setServerData = function(data) {
};


Server.prototype.getTicketKeys = function getTicketKeys(keys) {
return this._sharedCreds.context.getTicketKeys(keys);
Server.prototype.getTicketKeys = function getTicketKeys() {
return this._sharedCreds.context.getTicketKeys();
};


Expand Down
5 changes: 3 additions & 2 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1475,7 +1475,7 @@ int SSLWrap<Base>::NewSessionCallback(SSL* s, SSL_SESSION* sess) {
reinterpret_cast<const char*>(session_id),
session_id_length).ToLocalChecked();
Local<Value> argv[] = { session, buff };
w->new_session_wait_ = true;
w->awaiting_new_session_ = true;
w->MakeCallback(env->onnewsession_string(), arraysize(argv), argv);

return 0;
Expand Down Expand Up @@ -2003,6 +2003,7 @@ void SSLWrap<Base>::Renegotiate(const FunctionCallbackInfo<Value>& args) {

ClearErrorOnReturn clear_error_on_return;

// XXX(sam) Return/throw an error, don't discard the SSL error reason.
bool yes = SSL_renegotiate(w->ssl_.get()) == 1;
args.GetReturnValue().Set(yes);
}
Expand Down Expand Up @@ -2036,7 +2037,7 @@ template <class Base>
void SSLWrap<Base>::NewSessionDone(const FunctionCallbackInfo<Value>& args) {
Base* w;
ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder());
w->new_session_wait_ = false;
w->awaiting_new_session_ = false;
w->NewSessionDoneCb();
}

Expand Down
6 changes: 3 additions & 3 deletions src/node_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,7 @@ class SSLWrap {
kind_(kind),
next_sess_(nullptr),
session_callbacks_(false),
new_session_wait_(false),
awaiting_new_session_(false),
cert_cb_(nullptr),
cert_cb_arg_(nullptr),
cert_cb_running_(false) {
Expand All @@ -234,7 +234,7 @@ class SSLWrap {
inline void enable_session_callbacks() { session_callbacks_ = true; }
inline bool is_server() const { return kind_ == kServer; }
inline bool is_client() const { return kind_ == kClient; }
inline bool is_waiting_new_session() const { return new_session_wait_; }
inline bool is_awaiting_new_session() const { return awaiting_new_session_; }
inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; }

protected:
Expand Down Expand Up @@ -324,7 +324,7 @@ class SSLWrap {
SSLSessionPointer next_sess_;
SSLPointer ssl_;
bool session_callbacks_;
bool new_session_wait_;
bool awaiting_new_session_;

// SSL_set_cert_cb
CertCb cert_cb_;
Expand Down
11 changes: 6 additions & 5 deletions src/node_crypto_bio.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ namespace node {
namespace crypto {

// This class represents buffers for OpenSSL I/O, implemented as a singly-linked
// list of chunks. It can be used both for writing data from Node to OpenSSL
// and back, but only one direction per instance.
// list of chunks. It can be used either for writing data from Node to OpenSSL,
// or for reading data back, but not both.
// The structure is only accessed, and owned by, the OpenSSL BIOPointer
// (a.k.a. std::unique_ptr<BIO>).
class NodeBIO : public MemoryRetainer {
Expand Down Expand Up @@ -80,11 +80,12 @@ class NodeBIO : public MemoryRetainer {
// Put `len` bytes from `data` into buffer
void Write(const char* data, size_t size);

// Return pointer to internal data and amount of
// contiguous data available for future writes
// Return pointer to contiguous block of reserved data and the size available
// for future writes. Call Commit() once the write is complete.
char* PeekWritable(size_t* size);

// Commit reserved data
// Specify how much data was written into the block returned by
// PeekWritable().
void Commit(size_t size);


Expand Down
3 changes: 3 additions & 0 deletions src/node_crypto_clienthello.h
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@
namespace node {
namespace crypto {

// Parse the client hello so we can do async session resumption. OpenSSL's
// session resumption uses synchronous callbacks, see SSL_CTX_sess_set_get_cb
// and get_session_cb.
class ClientHelloParser {
public:
inline ClientHelloParser();
Expand Down
2 changes: 1 addition & 1 deletion src/stream_wrap.cc
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,7 @@ void LibuvStreamWrap::OnUvRead(ssize_t nread, const uv_buf_t* buf) {
type = uv_pipe_pending_type(reinterpret_cast<uv_pipe_t*>(stream()));
}

// We should not be getting this callback if someone as already called
// We should not be getting this callback if someone has already called
// uv_close() on the handle.
CHECK_EQ(persistent().IsEmpty(), false);

Expand Down
Loading