quic: further refinement on OCSPRequest

PR-URL: #31
nodejs · Aug 19, 2019 · c59a18a · c59a18a
1 parent 63545c5
commit c59a18a
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 12 deletions.
diff --git a/lib/internal/quic/core.js b/lib/internal/quic/core.js
@@ -278,7 +278,7 @@ function onSessionCert(servername, callback) {
       }
     }
     try {
-      callback(context, ocspResponse);
+      callback(context ? context.context : undefined, ocspResponse);
     } catch (err) {
       this[owner_symbol].destroy(err);
     }
@@ -1271,6 +1271,7 @@ class QuicSession extends EventEmitter {
 }
 
 class QuicServerSession extends QuicSession {
+  #contexts = [];
   constructor(socket, handle) {
     super(socket);
     this[kHandle] = handle;
@@ -1292,17 +1293,35 @@ class QuicServerSession extends QuicSession {
 
   [kCert](servername, callback) {
     const { serverSecureContext } = this.socket;
-    if (!serverSecureContext)
-      callback(null, null);
-    const { context } = serverSecureContext;
+    let { context } = serverSecureContext;
+
+    for (var i = 0; i < this.#contexts.length; i++) {
+      const elem = this.#contexts[i];
+      if (elem[0].test(servername))
+        context = elem[1];
+        break;
+    }
+
     this.emit(
       'OCSPRequest',
       servername,
-      context.getCertificate(),
-      context.getIssuer(),
+      context,
       callback.bind(this[kHandle]));
   }
 
+  addContext(servername, context = {}) {
+    if (typeof servername !== 'string')
+      throw new ERR_INVALID_ARG_TYPE('servername', 'string', servername);
+
+    if (context == null || typeof context !== 'object')
+      throw new ERR_INVALID_ARG_TYPE('context', 'Object', context);
+
+    const re = new RegExp('^' +
+    servername.replace(/([.^$+?\-\\[\]{}])/g, '\\$1')
+              .replace(/\*/g, '[^.]*') +
+    '$');
+    this.#contexts.push([re, _createSecureContext(context)]);
+  }
 }
 
 function setSocketAfterBind(socket, callback) {

diff --git a/test/parallel/test-quic-client-server.js b/test/parallel/test-quic-client-server.js
@@ -77,18 +77,27 @@ server.on('session', common.mustCall((session) => {
     }));
 
   session.on('OCSPRequest', common.mustCall(
-    (servername, cert, issuer, cb) => {
+    (servername, context, cb) => {
       debug('QuicServerSession received a OCSP request');
       assert.strictEqual(servername, kServerName);
-      if (cert)
-        assert(cert instanceof Buffer);
-      if (issuer)
-        assert(issuer instanceof Buffer);
+
+      // This will be a SecureContext. By default it will
+      // be the SecureContext used to create the QuicSession.
+      // If the user wishes to do something with it, it can,
+      // but if it wishes to pass in a new SecureContext,
+      // it can pass it in as the second argument to the
+      // callback below.
+      assert(context);
+      debug('QuicServerSession Certificate: ', context.getCertificate());
+      debug('QuicServerSession Issuer: ', context.getIssuer());
+
       // The callback can be invoked asynchronously
       // TODO(@jasnell): Using setImmediate here causes the test
       // to fail, but it shouldn't. Investigate why.
       process.nextTick(() => {
-        // The first argument is a potential error
+        // The first argument is a potential error,
+        // in which case the session will be destroyed
+        // immediately.
         // The second is an optional new SecureContext
         // The third is the ocsp response.
         // All arguments are optional