From 488cab1a44dbddd1e9814a569b1728fcf23b43df Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Mon, 11 Sep 2017 17:23:39 -0400 Subject: [PATCH 1/2] crypto: use SSL_SESSION_get_id rather access fields directly This accessor exists in OpenSSL 1.0.2, so it may be used already. This is cherry-picked from PR #8491. --- src/node_crypto.cc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 174f502633d1e3..ecf3a7b7f93794 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -1430,10 +1430,13 @@ int SSLWrap::NewSessionCallback(SSL* s, SSL_SESSION* sess) { memset(serialized, 0, size); i2d_SSL_SESSION(sess, &serialized); + unsigned int session_id_length; + const unsigned char* session_id = SSL_SESSION_get_id(sess, + &session_id_length); Local session = Buffer::Copy( env, - reinterpret_cast(sess->session_id), - sess->session_id_length).ToLocalChecked(); + reinterpret_cast(session_id), + session_id_length).ToLocalChecked(); Local argv[] = { session, buff }; w->new_session_wait_ = true; w->MakeCallback(env->onnewsession_string(), arraysize(argv), argv); From a69a44384e48ca789c3e22c24c859bdd812eb4ea Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Mon, 11 Sep 2017 17:24:35 -0400 Subject: [PATCH 2/2] crypto: use X509V3_EXT_d2i There is no need to reach into quite so many internals to decode an extension. --- src/node_crypto.cc | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index ecf3a7b7f93794..685c52780c29b2 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -1483,12 +1483,7 @@ static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) { if (method != X509V3_EXT_get_nid(NID_subject_alt_name)) return false; - const unsigned char* p = ext->value->data; - GENERAL_NAMES* names = reinterpret_cast(ASN1_item_d2i( - NULL, - &p, - ext->value->length, - ASN1_ITEM_ptr(method->it))); + GENERAL_NAMES* names = static_cast(X509V3_EXT_d2i(ext)); if (names == NULL) return false;