From e2c5f41ddfc8704400342911db582ee0267a1168 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 28 Oct 2016 13:21:51 -0700 Subject: [PATCH] crypto: use SSL_get_servername. (Patch by David Benjamin.) Rather than reach into the SSL_SESSION, use the intended API, SSL_get_servername. This will also help the transition to OpenSSL 1.1.0. Also don't fill in the tlsTicket field here. This is never read by oncertcb and was always false anyway; that field is maintained by clients and tracks whether the server issued a ticket or a session ID. (Note this is distinct from the copy passed to onclienthello which is used and is not a no-op.) PR-URL: https://github.com/nodejs/node/pull/9347 Reviewed-By: Fedor Indutny Reviewed-By: Shigeki Ohtsu Reviewed-By: Ben Noordhuis --- src/node_crypto.cc | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index c6414a4ba82f8d..04c79702a7aa31 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2131,18 +2131,13 @@ int SSLWrap::SSLCertCallback(SSL* s, void* arg) { Local info = Object::New(env->isolate()); - SSL_SESSION* sess = SSL_get_session(s); - if (sess != nullptr) { - if (sess->tlsext_hostname == nullptr) { - info->Set(env->servername_string(), String::Empty(env->isolate())); - } else { - Local servername = OneByteString(env->isolate(), - sess->tlsext_hostname, - strlen(sess->tlsext_hostname)); - info->Set(env->servername_string(), servername); - } - info->Set(env->tls_ticket_string(), - Boolean::New(env->isolate(), sess->tlsext_ticklen != 0)); + const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); + if (servername == nullptr) { + info->Set(env->servername_string(), String::Empty(env->isolate())); + } else { + Local str = OneByteString(env->isolate(), servername, + strlen(servername)); + info->Set(env->servername_string(), str); } bool ocsp = false;