Skip to content
Permalink
Browse files

tls: remove unused ocsp extension parsing

The OCSP info from parsing the TLS ClientHello has not been used since
550c263, remove it.

See: #1464

PR-URL: #25153
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
  • Loading branch information...
sam-github authored and targos committed Dec 19, 2018
1 parent 56e7e4f commit acf7802fe3ae396a69d53302f79080c8ae12eedd
Showing with 0 additions and 22 deletions.
  1. +0 −3 src/node_crypto.cc
  2. +0 −1 src/node_crypto_clienthello-inl.h
  3. +0 −13 src/node_crypto_clienthello.cc
  4. +0 −5 src/node_crypto_clienthello.h
@@ -1532,9 +1532,6 @@ void SSLWrap<Base>::OnClientHello(void* arg,
hello_obj->Set(context,
env->tls_ticket_string(),
Boolean::New(env->isolate(), hello.has_ticket())).FromJust();
hello_obj->Set(context,
env->ocsp_request_string(),
Boolean::New(env->isolate(), hello.ocsp_request())).FromJust();

Local<Value> argv[] = { hello_obj };
w->MakeCallback(env->onclienthello_string(), arraysize(argv), argv);
@@ -48,7 +48,6 @@ inline void ClientHelloParser::Reset() {
tls_ticket_ = nullptr;
servername_size_ = 0;
servername_ = nullptr;
ocsp_request_ = 0;
}

inline void ClientHelloParser::Start(ClientHelloParser::OnHelloCb onhello_cb,
@@ -112,7 +112,6 @@ void ClientHelloParser::ParseHeader(const uint8_t* data, size_t avail) {
hello.session_id_ = session_id_;
hello.session_size_ = session_size_;
hello.has_ticket_ = tls_ticket_ != nullptr && tls_ticket_size_ != 0;
hello.ocsp_request_ = ocsp_request_;
hello.servername_ = servername_;
hello.servername_size_ = static_cast<uint8_t>(servername_size_);
onhello_cb_(cb_arg_, hello);
@@ -149,18 +148,6 @@ void ClientHelloParser::ParseExtension(const uint16_t type,
}
}
break;
case kStatusRequest:
// We are ignoring any data, just indicating the presence of extension
if (len < kMinStatusRequestSize)
return;

// Unknown type, ignore it
if (data[0] != kStatusRequestOCSP)
break;

// Ignore extensions, they won't work with caching on backend anyway
ocsp_request_ = 1;
break;
case kTLSSessionTicket:
tls_ticket_size_ = len;
tls_ticket_ = data + len;
@@ -41,15 +41,13 @@ class ClientHelloParser {
inline bool has_ticket() const { return has_ticket_; }
inline uint8_t servername_size() const { return servername_size_; }
inline const uint8_t* servername() const { return servername_; }
inline int ocsp_request() const { return ocsp_request_; }

private:
uint8_t session_size_;
const uint8_t* session_id_;
bool has_ticket_;
uint8_t servername_size_;
const uint8_t* servername_;
int ocsp_request_;

friend class ClientHelloParser;
};
@@ -69,7 +67,6 @@ class ClientHelloParser {
static const size_t kMaxTLSFrameLen = 16 * 1024 + 5;
static const size_t kMaxSSLExFrameLen = 32 * 1024;
static const uint8_t kServernameHostname = 0;
static const uint8_t kStatusRequestOCSP = 1;
static const size_t kMinStatusRequestSize = 5;

enum ParseState {
@@ -93,7 +90,6 @@ class ClientHelloParser {

enum ExtensionType {
kServerName = 0,
kStatusRequest = 5,
kTLSSessionTicket = 35
};

@@ -115,7 +111,6 @@ class ClientHelloParser {
const uint8_t* session_id_ = nullptr;
uint16_t servername_size_ = 0;
const uint8_t* servername_ = nullptr;
uint8_t ocsp_request_ = 0;
uint16_t tls_ticket_size_ = -1;
const uint8_t* tls_ticket_ = nullptr;
};

0 comments on commit acf7802

Please sign in to comment.
You can’t perform that action at this time.