From 49b0c99523147998304dc559b836bcc79008e8b0 Mon Sep 17 00:00:00 2001
From: Jake Champion <jchampion@fastly.com>
Date: Fri, 7 Jul 2023 13:46:15 +0100
Subject: [PATCH] feat: add event.client.tlsCipherOpensslName

---
 .../builtins/client-info.cpp                  |  16 ++++++++++++++++
 .../js-compute-runtime/builtins/client-info.h |   1 +
 .../fastly-world/fastly_world.c               |   8 ++++----
 .../fastly-world/fastly_world.h               |   4 ++--
 .../fastly-world/fastly_world_adapter.cpp     |   8 ++++++++
 .../fastly_world_component_type.o             | Bin 5781 -> 5785 bytes
 .../host_interface/fastly.h                   |   3 ++-
 .../host_interface/host_api.cpp               |  14 ++++++++++++++
 .../host_interface/host_api.h                 |   2 ++
 9 files changed, 49 insertions(+), 7 deletions(-)

diff --git a/runtime/js-compute-runtime/builtins/client-info.cpp b/runtime/js-compute-runtime/builtins/client-info.cpp
index 129bf4a453..1c928cd3a9 100644
--- a/runtime/js-compute-runtime/builtins/client-info.cpp
+++ b/runtime/js-compute-runtime/builtins/client-info.cpp
@@ -110,6 +110,21 @@ bool ClientInfo::geo_get(JSContext *cx, unsigned argc, JS::Value *vp) {
   return JS_ParseJSON(cx, geo_info_str, args.rval());
 }
 
+bool ClientInfo::tls_cipher_openssl_name_get(JSContext *cx, unsigned argc, JS::Value *vp) {
+  METHOD_HEADER(0);
+
+  auto res = HttpReq::http_req_downstream_tls_cipher_openssl_name();
+  if (auto *err = res.to_err()) {
+    HANDLE_ERROR(cx, *err);
+    return false;
+  }
+
+  HostString cipher = std::move(res.unwrap());
+  JS::RootedString result(cx, JS_NewStringCopyN(cx, cipher.ptr.get(), cipher.len));
+
+  args.rval().setString(result);
+  return true;
+}
 const JSFunctionSpec ClientInfo::static_methods[] = {
     JS_FS_END,
 };
@@ -125,6 +140,7 @@ const JSFunctionSpec ClientInfo::methods[] = {
 const JSPropertySpec ClientInfo::properties[] = {
     JS_PSG("address", address_get, JSPROP_ENUMERATE),
     JS_PSG("geo", geo_get, JSPROP_ENUMERATE),
+    JS_PSG("tlsCipherOpensslName", tls_cipher_openssl_name_get, JSPROP_ENUMERATE),
     JS_PS_END,
 };
 
diff --git a/runtime/js-compute-runtime/builtins/client-info.h b/runtime/js-compute-runtime/builtins/client-info.h
index 6053db4255..df8ef3eb8e 100644
--- a/runtime/js-compute-runtime/builtins/client-info.h
+++ b/runtime/js-compute-runtime/builtins/client-info.h
@@ -8,6 +8,7 @@ namespace builtins {
 class ClientInfo final : public BuiltinNoConstructor<ClientInfo> {
   static bool address_get(JSContext *cx, unsigned argc, JS::Value *vp);
   static bool geo_get(JSContext *cx, unsigned argc, JS::Value *vp);
+  static bool tls_cipher_openssl_name_get(JSContext *cx, unsigned argc, JS::Value *vp);
 
 public:
   static constexpr const char *class_name = "FetchEvent";
diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world.c b/runtime/js-compute-runtime/fastly-world/fastly_world.c
index 1b27a4a587..5e0e8fa076 100644
--- a/runtime/js-compute-runtime/fastly-world/fastly_world.c
+++ b/runtime/js-compute-runtime/fastly-world/fastly_world.c
@@ -284,8 +284,8 @@ void __wasm_import_fastly_http_req_downstream_tls_protocol(int32_t);
 __attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-hello")))
 void __wasm_import_fastly_http_req_downstream_tls_client_hello(int32_t);
 
-__attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-certificate")))
-void __wasm_import_fastly_http_req_downstream_tls_client_certificate(int32_t);
+__attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-raw-client-certificate")))
+void __wasm_import_fastly_http_req_downstream_tls_raw_client_certificate(int32_t);
 
 __attribute__((__import_module__("fastly"), __import_name__("http-req-downstream-tls-client-cert-verify-result")))
 void __wasm_import_fastly_http_req_downstream_tls_client_cert_verify_result(int32_t);
@@ -937,11 +937,11 @@ bool fastly_http_req_downstream_tls_client_hello(fastly_world_list_u8_t *ret, fa
   }
 }
 
-bool fastly_http_req_downstream_tls_client_certificate(fastly_world_list_u8_t *ret, fastly_error_t *err) {
+bool fastly_http_req_downstream_tls_raw_client_certificate(fastly_world_list_u8_t *ret, fastly_error_t *err) {
   __attribute__((__aligned__(4)))
   uint8_t ret_area[12];
   int32_t ptr = (int32_t) &ret_area;
-  __wasm_import_fastly_http_req_downstream_tls_client_certificate(ptr);
+  __wasm_import_fastly_http_req_downstream_tls_raw_client_certificate(ptr);
   fastly_world_result_list_u8_error_t result;
   switch ((int32_t) (*((uint8_t*) (ptr + 0)))) {
     case 0: {
diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world.h b/runtime/js-compute-runtime/fastly-world/fastly_world.h
index 130ee0c46d..2e3dcc7fd8 100644
--- a/runtime/js-compute-runtime/fastly-world/fastly_world.h
+++ b/runtime/js-compute-runtime/fastly-world/fastly_world.h
@@ -437,8 +437,8 @@ bool fastly_http_req_downstream_tls_cipher_openssl_name(fastly_world_string_t *r
                                                         fastly_error_t *err);
 bool fastly_http_req_downstream_tls_protocol(fastly_world_string_t *ret, fastly_error_t *err);
 bool fastly_http_req_downstream_tls_client_hello(fastly_world_list_u8_t *ret, fastly_error_t *err);
-bool fastly_http_req_downstream_tls_client_certificate(fastly_world_list_u8_t *ret,
-                                                       fastly_error_t *err);
+bool fastly_http_req_downstream_tls_raw_client_certificate(fastly_world_list_u8_t *ret,
+                                                           fastly_error_t *err);
 bool fastly_http_req_downstream_tls_client_cert_verify_result(fastly_error_t *err);
 bool fastly_http_req_downstream_tls_ja3_md5(fastly_world_list_u8_t *ret, fastly_error_t *err);
 bool fastly_http_req_new(fastly_request_handle_t *ret, fastly_error_t *err);
diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp b/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp
index e14100ddf9..d3d1306d2f 100644
--- a/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp
+++ b/runtime/js-compute-runtime/fastly-world/fastly_world_adapter.cpp
@@ -186,6 +186,14 @@ bool fastly_http_req_downstream_client_ip_addr(fastly_world_list_u8_t *ret, fast
       err);
 }
 
+bool fastly_http_req_downstream_tls_cipher_openssl_name(fastly_world_string_t *ret,
+                                                        fastly_error_t *err) {
+  ret->ptr = static_cast<char *>(cabi_malloc(128, 1));
+  return convert_result(fastly::req_downstream_tls_cipher_openssl_name(
+                            reinterpret_cast<char *>(ret->ptr), 128, &ret->len),
+                        err);
+}
+
 bool fastly_http_req_new(fastly_request_handle_t *ret, fastly_error_t *err) {
   return convert_result(fastly::req_new(ret), err);
 }
diff --git a/runtime/js-compute-runtime/fastly-world/fastly_world_component_type.o b/runtime/js-compute-runtime/fastly-world/fastly_world_component_type.o
index 4ab2e47e38061290299967cdd2828f9597ece572..f5dad0caf8f862cc709debebb4528867653a2928 100644
GIT binary patch
delta 32
ocmbQLJ5zUpB;($RQl^XxHwH9tGU`pf$SJ{Glvuv`1?O5G0JsSYS^xk5

delta 32
ocmbQKJ5_grB;(GBQl^Y^HwH9tGHOk}$SE=T04MwAFPuwx0J*&jXaE2J

diff --git a/runtime/js-compute-runtime/host_interface/fastly.h b/runtime/js-compute-runtime/host_interface/fastly.h
index 7b6b81742d..a47a41cc17 100644
--- a/runtime/js-compute-runtime/host_interface/fastly.h
+++ b/runtime/js-compute-runtime/host_interface/fastly.h
@@ -149,7 +149,8 @@ int req_cache_override_v2_set(fastly_request_handle_t req_handle, int tag, uint3
 WASM_IMPORT("fastly_http_req", "downstream_client_ip_addr")
 int req_downstream_client_ip_addr_get(char *octets, size_t *nwritten);
 
-// TODO:
+WASM_IMPORT("fastly_http_req", "downstream_tls_cipher_openssl_name")
+int req_downstream_tls_cipher_openssl_name(char *ret, size_t ret_len, size_t *nwritten);
 
 // (@interface func (export "downstream_tls_cipher_openssl_name")
 //    (param $cipher_out (@witx pointer char8))
diff --git a/runtime/js-compute-runtime/host_interface/host_api.cpp b/runtime/js-compute-runtime/host_interface/host_api.cpp
index c39d5a349f..3998bdfdef 100644
--- a/runtime/js-compute-runtime/host_interface/host_api.cpp
+++ b/runtime/js-compute-runtime/host_interface/host_api.cpp
@@ -502,6 +502,20 @@ Result<HostBytes> HttpReq::downstream_client_ip_addr() {
   return res;
 }
 
+// http-req-downstream-tls-cipher-openssl-name: func() -> result<string, error>
+Result<HostString> HttpReq::http_req_downstream_tls_cipher_openssl_name() {
+  Result<HostString> res;
+
+  fastly_error_t err;
+  fastly_world_string_t ret;
+  if (!fastly_http_req_downstream_tls_cipher_openssl_name(&ret, &err)) {
+    res.emplace_err(err);
+  } else {
+    res.emplace(ret);
+  }
+
+  return res;
+}
 bool HttpReq::is_valid() const { return this->handle != HttpReq::invalid; }
 
 Result<fastly_http_version_t> HttpReq::get_version() const {
diff --git a/runtime/js-compute-runtime/host_interface/host_api.h b/runtime/js-compute-runtime/host_interface/host_api.h
index 15eed87db2..7984e44c61 100644
--- a/runtime/js-compute-runtime/host_interface/host_api.h
+++ b/runtime/js-compute-runtime/host_interface/host_api.h
@@ -255,6 +255,8 @@ class HttpReq final : public HttpBase {
   /// Get the downstream ip address.
   static Result<HostBytes> downstream_client_ip_addr();
 
+  static Result<HostString> http_req_downstream_tls_cipher_openssl_name();
+
   /// Send this request synchronously, and wait for the response.
   Result<Response> send(HttpBody body, std::string_view backend);