tls: fix SNICallback without .server option

`options.server` only needs to be set when its contents are actually being inspected. PR-URL: https://github.com/nodejs/node/pull/17835 Reviewed-By: Timothy Gu <timothygu99@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2017-12-23 09:01:58 +01:00 · 2017-12-23 09:01:58 +01:00 · 46510f54be
commit 46510f54be
parent 9e5ccf0313
2 changed files with 27 additions and 2 deletions
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@ -505,9 +505,8 @@ TLSSocket.prototype._init = function(socket, wrap) {
  if (process.features.tls_sni &&
      options.isServer &&
      options.SNICallback &&
-      options.server &&
      (options.SNICallback !== SNICallback ||
-       options.server._contexts.length)) {
+       (options.server && options.server._contexts.length))) {
    assert(typeof options.SNICallback === 'function');
    this._SNICallback = options.SNICallback;
    ssl.enableCertCb();
--- a/test/parallel/test-tls-socket-snicallback-without-server.js
+++ b/test/parallel/test-tls-socket-snicallback-without-server.js
@ -0,0 +1,26 @@
+'use strict';
+
+// This is based on test-tls-securepair-fiftharg.js
+// for the deprecated `tls.createSecurePair()` variant.
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const tls = require('tls');
+const fixtures = require('../common/fixtures');
+const makeDuplexPair = require('../common/duplexpair');
+
+const { clientSide, serverSide } = makeDuplexPair();
+new tls.TLSSocket(serverSide, {
+  isServer: true,
+  SNICallback: common.mustCall((servername, cb) => {
+    assert.strictEqual(servername, 'www.google.com');
+  })
+});
+
+// captured traffic from browser's request to https://www.google.com
+const sslHello = fixtures.readSync('google_ssl_hello.bin');
+
+clientSide.write(sslHello);