feat: add event.client.tlsCipherOpensslName

fastly · Jul 7, 2023 · 49b0c99 · 49b0c99
1 parent d80baa8
commit 49b0c99
Show file tree

Hide file tree

Showing 9 changed files with 49 additions and 7 deletions.
diff --git a/runtime/js-compute-runtime/builtins/client-info.cpp b/runtime/js-compute-runtime/builtins/client-info.cpp
@@ -110,6 +110,21 @@ bool ClientInfo::geo_get(JSContext *cx, unsigned argc, JS::Value *vp) {
   return JS_ParseJSON(cx, geo_info_str, args.rval());
 }
 
+bool ClientInfo::tls_cipher_openssl_name_get(JSContext *cx, unsigned argc, JS::Value *vp) {
+  METHOD_HEADER(0);
+
+  auto res = HttpReq::http_req_downstream_tls_cipher_openssl_name();
+  if (auto *err = res.to_err()) {
+    HANDLE_ERROR(cx, *err);
+    return false;
+  }
+
+  HostString cipher = std::move(res.unwrap());
+  JS::RootedString result(cx, JS_NewStringCopyN(cx, cipher.ptr.get(), cipher.len));
+
+  args.rval().setString(result);
+  return true;
+}
 const JSFunctionSpec ClientInfo::static_methods[] = {
     JS_FS_END,
 };
@@ -125,6 +140,7 @@ const JSFunctionSpec ClientInfo::methods[] = {
 const JSPropertySpec ClientInfo::properties[] = {
     JS_PSG("address", address_get, JSPROP_ENUMERATE),
     JS_PSG("geo", geo_get, JSPROP_ENUMERATE),
+    JS_PSG("tlsCipherOpensslName", tls_cipher_openssl_name_get, JSPROP_ENUMERATE),
     JS_PS_END,
 };
 

diff --git a/runtime/js-compute-runtime/builtins/client-info.h b/runtime/js-compute-runtime/builtins/client-info.h
@@ -8,6 +8,7 @@ namespace builtins {
 class ClientInfo final : public BuiltinNoConstructor<ClientInfo> {
   static bool address_get(JSContext *cx, unsigned argc, JS::Value *vp);
   static bool geo_get(JSContext *cx, unsigned argc, JS::Value *vp);
+  static bool tls_cipher_openssl_name_get(JSContext *cx, unsigned argc, JS::Value *vp);
 
 public:
   static constexpr const char *class_name = "FetchEvent";

diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world.c b/runtime/js-compute-runtime/fastly-world/fastly_world.c
@@ -284,8 +284,8 @@ void __wasm_import_fastly_http_req_downstream_tls_protocol(int32_t);
 __attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-hello")))
 void __wasm_import_fastly_http_req_downstream_tls_client_hello(int32_t);
 
-__attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-certificate")))
-void __wasm_import_fastly_http_req_downstream_tls_client_certificate(int32_t);
+__attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-raw-client-certificate")))
+void __wasm_import_fastly_http_req_downstream_tls_raw_client_certificate(int32_t);
 
 __attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-cert-verify-result")))
 void __wasm_import_fastly_http_req_downstream_tls_client_cert_verify_result(int32_t);
@@ -937,11 +937,11 @@ bool fastly_http_req_downstream_tls_client_hello(fastly_world_list_u8_t *ret, fa
   }
 }
 
-bool fastly_http_req_downstream_tls_client_certificate(fastly_world_list_u8_t *ret, fastly_error_t *err) {
+bool fastly_http_req_downstream_tls_raw_client_certificate(fastly_world_list_u8_t *ret, fastly_error_t *err) {
   __attribute__((__aligned__(4)))
   uint8_t ret_area[12];
   int32_t ptr = (int32_t) &ret_area;
-  __wasm_import_fastly_http_req_downstream_tls_client_certificate(ptr);
+  __wasm_import_fastly_http_req_downstream_tls_raw_client_certificate(ptr);
   fastly_world_result_list_u8_error_t result;
   switch ((int32_t) (*((uint8_t*) (ptr + 0)))) {
     case 0: {

diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world.h b/runtime/js-compute-runtime/fastly-world/fastly_world.h
@@ -437,8 +437,8 @@ bool fastly_http_req_downstream_tls_cipher_openssl_name(fastly_world_string_t *r
                                                         fastly_error_t *err);
 bool fastly_http_req_downstream_tls_protocol(fastly_world_string_t *ret, fastly_error_t *err);
 bool fastly_http_req_downstream_tls_client_hello(fastly_world_list_u8_t *ret, fastly_error_t *err);
-bool fastly_http_req_downstream_tls_client_certificate(fastly_world_list_u8_t *ret,
-                                                       fastly_error_t *err);
+bool fastly_http_req_downstream_tls_raw_client_certificate(fastly_world_list_u8_t *ret,
+                                                           fastly_error_t *err);
 bool fastly_http_req_downstream_tls_client_cert_verify_result(fastly_error_t *err);
 bool fastly_http_req_downstream_tls_ja3_md5(fastly_world_list_u8_t *ret, fastly_error_t *err);
 bool fastly_http_req_new(fastly_request_handle_t *ret, fastly_error_t *err);

diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp b/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp
@@ -186,6 +186,14 @@ bool fastly_http_req_downstream_client_ip_addr(fastly_world_list_u8_t *ret, fast
       err);
 }
 
+bool fastly_http_req_downstream_tls_cipher_openssl_name(fastly_world_string_t *ret,
+                                                        fastly_error_t *err) {
+  ret->ptr = static_cast<char *>(cabi_malloc(128, 1));
+  return convert_result(fastly::req_downstream_tls_cipher_openssl_name(
+                            reinterpret_cast<char *>(ret->ptr), 128, &ret->len),
+                        err);
+}
+
 bool fastly_http_req_new(fastly_request_handle_t *ret, fastly_error_t *err) {
   return convert_result(fastly::req_new(ret), err);
 }

diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world_component_type.o b/runtime/js-compute-runtime/fastly-world/fastly_world_component_type.o
diff --git a/runtime/js-compute-runtime/host_interface/fastly.h b/runtime/js-compute-runtime/host_interface/fastly.h
@@ -149,7 +149,8 @@ int req_cache_override_v2_set(fastly_request_handle_t req_handle, int tag, uint3
 WASM_IMPORT("fastly_http_req", "downstream_client_ip_addr")
 int req_downstream_client_ip_addr_get(char *octets, size_t *nwritten);
 
-// TODO:
+WASM_IMPORT("fastly_http_req", "downstream_tls_cipher_openssl_name")
+int req_downstream_tls_cipher_openssl_name(char *ret, size_t ret_len, size_t *nwritten);
 
 // (@interface func (export "downstream_tls_cipher_openssl_name")
 //    (param $cipher_out (@witx pointer char8))

diff --git a/runtime/js-compute-runtime/host_interface/host_api.cpp b/runtime/js-compute-runtime/host_interface/host_api.cpp
@@ -502,6 +502,20 @@ Result<HostBytes> HttpReq::downstream_client_ip_addr() {
   return res;
 }
 
+// http-req-downstream-tls-cipher-openssl-name: func() -> result<string, error>
+Result<HostString> HttpReq::http_req_downstream_tls_cipher_openssl_name() {
+  Result<HostString> res;
+
+  fastly_error_t err;
+  fastly_world_string_t ret;
+  if (!fastly_http_req_downstream_tls_cipher_openssl_name(&ret, &err)) {
+    res.emplace_err(err);
+  } else {
+    res.emplace(ret);
+  }
+
+  return res;
+}
 bool HttpReq::is_valid() const { return this->handle != HttpReq::invalid; }
 
 Result<fastly_http_version_t> HttpReq::get_version() const {

diff --git a/runtime/js-compute-runtime/host_interface/host_api.h b/runtime/js-compute-runtime/host_interface/host_api.h
@@ -255,6 +255,8 @@ class HttpReq final : public HttpBase {
   /// Get the downstream ip address.
   static Result<HostBytes> downstream_client_ip_addr();
 
+  static Result<HostString> http_req_downstream_tls_cipher_openssl_name();
+
   /// Send this request synchronously, and wait for the response.
   Result<Response> send(HttpBody body, std::string_view backend);