Permalink
Browse files

crypto: use SSL_get_SSL_CTX.

SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

PR-URL: #8995
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
  • Loading branch information...
agl authored and jasnell committed Oct 9, 2016
1 parent 1afd7c1 commit 89643b645ebb1175867f515244d8fe372c21dde0
Showing with 4 additions and 3 deletions.
  1. +4 −3 src/node_crypto.cc
@@ -1095,7 +1095,7 @@ int SecureContext::TicketKeyCallback(SSL* ssl,
static const int kTicketPartSize = 16;
SecureContext* sc = static_cast<SecureContext*>(
SSL_CTX_get_app_data(ssl->ctx));
SSL_CTX_get_app_data(SSL_get_SSL_CTX(ssl)));
Environment* env = sc->env();
HandleScope handle_scope(env->isolate());
@@ -1632,7 +1632,7 @@ void SSLWrap<Base>::GetPeerCertificate(
// Last certificate should be self-signed
while (X509_check_issued(cert, cert) != X509_V_OK) {
X509* ca;
if (SSL_CTX_get_issuer(w->ssl_->ctx, cert, &ca) <= 0)
if (SSL_CTX_get_issuer(SSL_get_SSL_CTX(w->ssl_), cert, &ca) <= 0)
break;
Local<Object> ca_info = X509ToObject(env, ca);
@@ -2238,7 +2238,8 @@ void SSLWrap<Base>::SetALPNProtocols(
env->alpn_buffer_private_symbol(),
args[0]).FromJust());
// Server should select ALPN protocol from list of advertised by client
SSL_CTX_set_alpn_select_cb(w->ssl_->ctx, SelectALPNCallback, nullptr);
SSL_CTX_set_alpn_select_cb(SSL_get_SSL_CTX(w->ssl_), SelectALPNCallback,
nullptr);
}
#endif // TLSEXT_TYPE_application_layer_protocol_negotiation
}

0 comments on commit 89643b6

Please sign in to comment.