tls: fix SNICallback without .server option

`options.server` only needs to be set when its
contents are actually being inspected.

PR-URL: https://github.com/nodejs/node/pull/17835
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Anna Henningsen 2017-12-23 09:01:58 +01:00
parent 9e5ccf0313
commit 46510f54be
No known key found for this signature in database
GPG Key ID: 9C63F3A6CD2AD8F9
2 changed files with 27 additions and 2 deletions

View File

@ -505,9 +505,8 @@ TLSSocket.prototype._init = function(socket, wrap) {
if (process.features.tls_sni &&
options.isServer &&
options.SNICallback &&
options.server &&
(options.SNICallback !== SNICallback ||
options.server._contexts.length)) {
(options.server && options.server._contexts.length))) {
assert(typeof options.SNICallback === 'function');
this._SNICallback = options.SNICallback;
ssl.enableCertCb();

View File

@ -0,0 +1,26 @@
'use strict';
// This is based on test-tls-securepair-fiftharg.js
// for the deprecated `tls.createSecurePair()` variant.
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const tls = require('tls');
const fixtures = require('../common/fixtures');
const makeDuplexPair = require('../common/duplexpair');
const { clientSide, serverSide } = makeDuplexPair();
new tls.TLSSocket(serverSide, {
isServer: true,
SNICallback: common.mustCall((servername, cb) => {
assert.strictEqual(servername, 'www.google.com');
})
});
// captured traffic from browser's request to https://www.google.com
const sslHello = fixtures.readSync('google_ssl_hello.bin');
clientSide.write(sslHello);