-
Notifications
You must be signed in to change notification settings - Fork 29.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Backport ALPN to v4.x LTS #10831
Backport ALPN to v4.x LTS #10831
Conversation
cherry-pick 802a2e7 from v6-staging. ALPN is added to tls according to RFC7301, which supersedes NPN. When the server receives both NPN and ALPN extensions from the client, ALPN takes precedence over NPN and the server does not send NPN extension to the client. alpnProtocol in TLSSocket always returns false when no selected protocol exists by ALPN. In https server, http/1.1 token is always set when no options.ALPNProtocols exists. PR-URL: nodejs#2564 Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
cherry-pick 7eee372 from v6-staging. This fix is to be consistent implementation with ALPN. Tow NPN protocol data in the persistent memebers move to hidden variables in the wrap object. PR-URL: nodejs#2564 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
cherry-pick 65030c7 from v6-staging. openssl/openssl@af2db04 changed some ALPN behaviors. The tests when ALPN has no selection should be fixed because openssl was changed NPN callback to be invoked in this case. Fixes: nodejs#6458 PR-URL: nodejs#6550 Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
cherry-pick c26b9af from v6-staging. `convertNPNProtocols` and `convertALPNProtocols' uses the `protocols` buffer object as it is, and if it is modified outside of core, it might have an impact. This patch makes a copy of the buffer object, before using it. PR-URL: nodejs#8055 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
CI is running on https://ci.nodejs.org/job/node-test-pull-request/5879/ . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with two suggestions.
|
||
w->npn_protos_.Reset(args.GetIsolate(), args[0].As<Object>()); | ||
Local<Value> npn_buffer = Local<Value>::New(env->isolate(), args[0]); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Local<Value> npn_buffer = args[0]
? Could be folded into the SetHiddenValue() call below.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bnoordhuis Thanks. Fixed.
int r = SSL_set_alpn_protos(w->ssl_, alpn_protos, alpn_protos_len); | ||
CHECK_EQ(r, 0); | ||
} else { | ||
Local<Value> alpn_buffer = Local<Value>::New(env->isolate(), args[0]); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is also fixed.
The Local variables of `npn_buffer` and `alpn_buffer` are not necessary to be created from `args[0]`. Remove and fold them into the subsequent call.
CI looks good. @nodejs/lts any comments before landing? Will look at getting this landed tomorrow if there are no objections. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rubber stamp LGTM
The Local variables of `npn_buffer` and `alpn_buffer` are not necessary to be created from `args[0]`. Remove and fold them into the subsequent call. PR-URL: #10831 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
landed in 151cca6...4341166 |
The Local variables of `npn_buffer` and `alpn_buffer` are not necessary to be created from `args[0]`. Remove and fold them into the subsequent call. PR-URL: #10831 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
The Local variables of `npn_buffer` and `alpn_buffer` are not necessary to be created from `args[0]`. Remove and fold them into the subsequent call. PR-URL: #10831 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passesAffected core subsystem(s)
tls,crypto
As listed in nodejs/Release#177, this backports the ALPN feature to v4.x LTS by cherry-picking four commits of 802a2e7, 7eee372, 65030c7 and c26b9af from v6-staging with resolving several conflicts.
/CC @nodejs/crypto @MylesBorins