crypto: use SSL_get_servername.

(Patch by David Benjamin.) Rather than reach into the SSL_SESSION, use the intended API, SSL_get_servername. This will also help the transition to OpenSSL 1.1.0. Also don't fill in the tlsTicket field here. This is never read by oncertcb and was always false anyway; that field is maintained by clients and tracks whether the server issued a ticket or a session ID. (Note this is distinct from the copy passed to onclienthello which is used and is not a no-op.) PR-URL: #9347 Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
nodejs · Dec 21, 2016 · c5a0935 · c5a0935
1 parent 4a9793c
commit c5a0935
Showing 1 changed file with 7 additions and 12 deletions.
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -2321,18 +2321,13 @@ int SSLWrap<Base>::SSLCertCallback(SSL* s, void* arg) {
 
   Local<Object> info = Object::New(env->isolate());
 
-  SSL_SESSION* sess = SSL_get_session(s);
-  if (sess != nullptr) {
-    if (sess->tlsext_hostname == nullptr) {
-      info->Set(env->servername_string(), String::Empty(env->isolate()));
-    } else {
-      Local<String> servername = OneByteString(env->isolate(),
-                                               sess->tlsext_hostname,
-                                               strlen(sess->tlsext_hostname));
-      info->Set(env->servername_string(), servername);
-    }
-    info->Set(env->tls_ticket_string(),
-              Boolean::New(env->isolate(), sess->tlsext_ticklen != 0));
+  const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+  if (servername == nullptr) {
+    info->Set(env->servername_string(), String::Empty(env->isolate()));
+  } else {
+    Local<String> str = OneByteString(env->isolate(), servername,
+                                      strlen(servername));
+    info->Set(env->servername_string(), str);
   }
 
   bool ocsp = false;