tls: do not hang without `newSession` handler

When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. Fix: https://github.com/joyent/node/issues/8660 Fix: https://github.com/joyent/node/issues/25735 Reviewed-By: Fedor Indutny <fedor@indutny.com> PR-URL: https://github.com/joyent/node/pull/25739
10 years ago · 75697112e8
3 changed files with 31 additions and 11 deletions
--- a/lib/_tls_legacy.js
+++ b/lib/_tls_legacy.js
@ -662,14 +662,17 @@ function onnewsession(key, session) {
  var self = this;
  var once = false;

-  self.server.emit('newSession', key, session, function() {
+  if (!self.server.emit('newSession', key, session, done))
+    done();
+
+  function done() {
    if (once)
      return;
    once = true;

    if (self.ssl)
      self.ssl.newSessionDone();
-  });
+  };
 }


--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@ -201,7 +201,10 @@ function onnewsession(key, session) {
  var once = false;

  this._newSessionPending = true;
-  this.server.emit('newSession', key, session, function() {
+  if (!this.server.emit('newSession', key, session, done))
+    done();
+
+  function done() {
    if (once)
      return;
    once = true;
@ -212,7 +215,7 @@ function onnewsession(key, session) {
    if (self._securePending)
      self._finishInit();
    self._securePending = false;
-  });
+  }
 }


--- a/test/simple/test-tls-ocsp-callback.js
+++ b/test/simple/test-tls-ocsp-callback.js
@ -31,16 +31,19 @@ if (!common.opensslCli) {
  process.exit(0);
 }

+var assert = require('assert');
+var tls = require('tls');
+var constants = require('constants');
+var fs = require('fs');
+var join = require('path').join;
+
 test({ response: false }, function() {
-  test({ response: 'hello world' });
+  test({ response: 'hello world' }, function() {
+    test({ ocsp: false });
+  });
 });

 function test(testOptions, cb) {
-  var assert = require('assert');
-  var tls = require('tls');
-  var fs = require('fs');
-  var join = require('path').join;
-  var spawn = require('child_process').spawn;

  var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
  var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
@ -54,6 +57,7 @@ function test(testOptions, cb) {
    ca: [ca]
  };
  var requestCount = 0;
+  var clientSecure = 0;
  var ocspCount = 0;
  var ocspResponse;
  var session;
@ -83,9 +87,12 @@ function test(testOptions, cb) {
  server.listen(common.PORT, function() {
    var client = tls.connect({
      port: common.PORT,
-      requestOCSP: true,
+      requestOCSP: testOptions.ocsp !== false,
+      secureOptions: testOptions.ocsp === false ?
+          constants.SSL_OP_NO_TICKET : 0,
      rejectUnauthorized: false
    }, function() {
+      clientSecure++;
    });
    client.on('OCSPResponse', function(resp) {
      ocspResponse = resp;
@ -98,12 +105,19 @@ function test(testOptions, cb) {
  });

  process.on('exit', function() {
+    if (testOptions.ocsp === false) {
+      assert.equal(requestCount, clientSecure);
+      assert.equal(requestCount, 1);
+      return;
+    }
+
    if (testOptions.response) {
      assert.equal(ocspResponse.toString(), testOptions.response);
    } else {
      assert.ok(ocspResponse === null);
    }
    assert.equal(requestCount, testOptions.response ? 0 : 1);
+    assert.equal(clientSecure, requestCount);
    assert.equal(ocspCount, 1);
  });
 }