diff options
author | Anna Henningsen <anna@addaleax.net> | 2019-11-19 22:15:17 +0100 |
---|---|---|
committer | Anna Henningsen <anna@addaleax.net> | 2019-11-30 01:14:47 +0100 |
commit | f0181d9980a0268eb0183bdee28abcc79b2d740c (patch) | |
tree | c2de92f6ac98a98e89db72d086c151f524face0a | |
parent | c5a31992b358aa90cffd7b2de8faba28dc2c31ae (diff) | |
download | android-node-v8-f0181d9980a0268eb0183bdee28abcc79b2d740c.tar.gz android-node-v8-f0181d9980a0268eb0183bdee28abcc79b2d740c.tar.bz2 android-node-v8-f0181d9980a0268eb0183bdee28abcc79b2d740c.zip |
src: inline SetSNICallback
Refs: https://github.com/nodejs/node/pull/30548#discussion_r348168855
PR-URL: https://github.com/nodejs/node/pull/30548
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
-rw-r--r-- | src/node_crypto.cc | 17 | ||||
-rw-r--r-- | src/node_crypto.h | 1 | ||||
-rw-r--r-- | src/tls_wrap.cc | 6 |
3 files changed, 6 insertions, 18 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 91704732d1..4b5e512102 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -142,7 +142,6 @@ static bool extra_root_certs_loaded = false; template void SSLWrap<TLSWrap>::AddMethods(Environment* env, Local<FunctionTemplate> t); template void SSLWrap<TLSWrap>::ConfigureSecureContext(SecureContext* sc); -template void SSLWrap<TLSWrap>::SetSNIContext(SecureContext* sc); template int SSLWrap<TLSWrap>::SetCACerts(SecureContext* sc); template void SSLWrap<TLSWrap>::MemoryInfo(MemoryTracker* tracker) const; template SSL_SESSION* SSLWrap<TLSWrap>::GetSessionCallback( @@ -2993,12 +2992,7 @@ void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) { if (cons->HasInstance(ctx)) { SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>()); CHECK_NOT_NULL(sc); - // XXX: There is a method w->SetSNIContext(sc), and you might think that - // it makes sense to call that here and make setting w->sni_context_ part - // of it. In fact, that passes the test suite, although SetSNIContext() - // performs a lot more operations. - // If anybody is familiar enough with the TLS code to know whether it makes - // sense, please do so or document why it doesn't. + // Store the SNI context for later use. w->sni_context_ = BaseObjectPtr<SecureContext>(sc); int rv; @@ -3058,15 +3052,6 @@ void SSLWrap<Base>::DestroySSL() { template <class Base> -void SSLWrap<Base>::SetSNIContext(SecureContext* sc) { - ConfigureSecureContext(sc); - CHECK_EQ(SSL_set_SSL_CTX(ssl_.get(), sc->ctx_.get()), sc->ctx_.get()); - - SetCACerts(sc); -} - - -template <class Base> int SSLWrap<Base>::SetCACerts(SecureContext* sc) { int err = SSL_set1_verify_cert_store(ssl_.get(), SSL_CTX_get_cert_store(sc->ctx_.get())); diff --git a/src/node_crypto.h b/src/node_crypto.h index 96292b4278..cd34c309c5 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -288,7 +288,6 @@ class SSLWrap { void DestroySSL(); void WaitForCertCb(CertCb cb, void* arg); - void SetSNIContext(SecureContext* sc); int SetCACerts(SecureContext* sc); inline Environment* ssl_env() const { diff --git a/src/tls_wrap.cc b/src/tls_wrap.cc index bacb1a0f27..cd7a5d59eb 100644 --- a/src/tls_wrap.cc +++ b/src/tls_wrap.cc @@ -1068,7 +1068,11 @@ int TLSWrap::SelectSNIContextCallback(SSL* s, int* ad, void* arg) { SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>()); CHECK_NOT_NULL(sc); p->sni_context_ = BaseObjectPtr<SecureContext>(sc); - p->SetSNIContext(sc); + + p->ConfigureSecureContext(sc); + CHECK_EQ(SSL_set_SSL_CTX(p->ssl_.get(), sc->ctx_.get()), sc->ctx_.get()); + p->SetCACerts(sc); + return SSL_TLSEXT_ERR_OK; } |