crypto: use SSL_get_servername.

(Patch by David Benjamin.) Rather than reach into the SSL_SESSION, use the intended API, SSL_get_servername. This will also help the transition to OpenSSL 1.1.0. Also don't fill in the tlsTicket field here. This is never read by oncertcb and was always false anyway; that field is maintained by clients and tracks whether the server issued a ticket or a session ID. (Note this is distinct from the copy passed to onclienthello which is used and is not a no-op.) PR-URL: https://github.com/nodejs/node/pull/9347 Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
8 years ago · e2c5f41ddf
1 changed files with 7 additions and 12 deletions
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -2131,18 +2131,13 @@ int SSLWrap<Base>::SSLCertCallback(SSL* s, void* arg) {

  Local<Object> info = Object::New(env->isolate());

-  SSL_SESSION* sess = SSL_get_session(s);
-  if (sess != nullptr) {
-    if (sess->tlsext_hostname == nullptr) {
-      info->Set(env->servername_string(), String::Empty(env->isolate()));
-    } else {
-      Local<String> servername = OneByteString(env->isolate(),
-                                               sess->tlsext_hostname,
-                                               strlen(sess->tlsext_hostname));
-      info->Set(env->servername_string(), servername);
-    }
-    info->Set(env->tls_ticket_string(),
-              Boolean::New(env->isolate(), sess->tlsext_ticklen != 0));
+  const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+  if (servername == nullptr) {
+    info->Set(env->servername_string(), String::Empty(env->isolate()));
+  } else {
+    Local<String> str = OneByteString(env->isolate(), servername,
+                                      strlen(servername));
+    info->Set(env->servername_string(), str);
  }

  bool ocsp = false;