From 5bfbe5ceaecb6412b176db446caf00f77f84bae7 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Sat, 17 Mar 2018 05:13:47 +0100
Subject: tls: drop NPN (next protocol negotiation) support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

NPN has been superseded by ALPN.  Chrome and Firefox removed support for
NPN in 2016 and 2017 respectively to no ill effect.

Fixes: https://github.com/nodejs/node/issues/14602
PR-URL: https://github.com/nodejs/node/pull/19403
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
---
 lib/_tls_wrap.js | 13 -------------
 1 file changed, 13 deletions(-)

(limited to 'lib/_tls_wrap.js')

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index 686e109ca3..2e6b2e8da5 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -294,8 +294,6 @@ function initRead(tls, wrapped) {
 function TLSSocket(socket, opts) {
   const tlsOptions = Object.assign({}, opts);
 
-  if (tlsOptions.NPNProtocols)
-    tls.convertNPNProtocols(tlsOptions.NPNProtocols, tlsOptions);
   if (tlsOptions.ALPNProtocols)
     tls.convertALPNProtocols(tlsOptions.ALPNProtocols, tlsOptions);
 
@@ -306,7 +304,6 @@ function TLSSocket(socket, opts) {
   this._controlReleased = false;
   this._SNICallback = null;
   this.servername = null;
-  this.npnProtocol = null;
   this.alpnProtocol = null;
   this.authorized = false;
   this.authorizationError = null;
@@ -529,9 +526,6 @@ TLSSocket.prototype._init = function(socket, wrap) {
     ssl.enableCertCb();
   }
 
-  if (process.features.tls_npn && options.NPNProtocols)
-    ssl.setNPNProtocols(options.NPNProtocols);
-
   if (process.features.tls_alpn && options.ALPNProtocols) {
     // keep reference in secureContext not to be GC-ed
     ssl._secureContext.alpnBuffer = options.ALPNProtocols;
@@ -630,10 +624,6 @@ TLSSocket.prototype._releaseControl = function() {
 };
 
 TLSSocket.prototype._finishInit = function() {
-  if (process.features.tls_npn) {
-    this.npnProtocol = this._handle.getNegotiatedProtocol();
-  }
-
   if (process.features.tls_alpn) {
     this.alpnProtocol = this._handle.getALPNNegotiatedProtocol();
   }
@@ -790,7 +780,6 @@ function tlsConnectionListener(rawSocket) {
     requestCert: this.requestCert,
     rejectUnauthorized: this.rejectUnauthorized,
     handshakeTimeout: this[kHandshakeTimeout],
-    NPNProtocols: this.NPNProtocols,
     ALPNProtocols: this.ALPNProtocols,
     SNICallback: this[kSNICallback] || SNICallback
   });
@@ -982,7 +971,6 @@ Server.prototype.setOptions = function(options) {
   else
     this.honorCipherOrder = true;
   if (secureOptions) this.secureOptions = secureOptions;
-  if (options.NPNProtocols) tls.convertNPNProtocols(options.NPNProtocols, this);
   if (options.ALPNProtocols)
     tls.convertALPNProtocols(options.ALPNProtocols, this);
   if (options.sessionIdContext) {
@@ -1149,7 +1137,6 @@ exports.connect = function(...args /* [port,] [host,] [options,] [cb] */) {
     requestCert: true,
     rejectUnauthorized: options.rejectUnauthorized !== false,
     session: options.session,
-    NPNProtocols: options.NPNProtocols,
     ALPNProtocols: options.ALPNProtocols,
     requestOCSP: options.requestOCSP
   });
-- 
cgit v1.2.3