Getting null cert and null issuer in OCSPRequest which leads to crash #6822

Rush · 2016-05-17T23:38:07Z

Version: at least 4.x to 6.1.0
Platform: Linux
Subsystem: tls

server.on('OCSPRequest', function(cert, issuer, cb) {

When I debug the data here, I get cert === null and issuer === null. If I do cb(null, null); then I get a crash:

Error: error:140C6043:SSL routines:SSL_use_certificate:passed a null parameter
at Error (native)
  at _tls_wrap.js:174:20
  at onOCSP (_tls_wrap.js:143:5)
  at Server.<anonymous> (/opt/virtkick/src/node_modules/http-master/src/HttpMasterWorker.js:249:16)
  at emitThree (events.js:116:13)
  at Server.emit (events.js:194:7)
  at requestOCSP (_tls_wrap.js:123:17)
  at _tls_wrap.js:167:5
  at _tls_wrap.js:106:5
  at TLSSocket.sniCallback [as _SNICallback] (/opt/virtkick/src/node_modules/http-master/src/HttpMasterWorker.js:73:20)
  at loadSNI (_tls_wrap.js:91:8)

Sorry, I don't have a test case and cannot share my letsencrypt certificate here. @indutny - any ideas what's happening or if the problem is somehow on my end?

The text was updated successfully, but these errors were encountered:

mscdex · 2016-05-18T02:02:33Z

/cc @nodejs/crypto

indutny · 2016-05-18T02:07:33Z

Thank you for reporting this. Do you use SNI too?

Rush · 2016-05-18T04:46:38Z

Thank you for reporting this. Do you use SNI too?

Yes sir

indutny · 2016-05-18T21:31:56Z

@Rush may I ask you to share your SNICallback with us? How do you create SecureContexts?

Catch and emit `certCbDone` exceptions instead of throwing them as `uncaughtException` and crashing the whole process. Fix: nodejs#6822

indutny · 2016-05-20T00:36:21Z

@Rush nevermind, this should fix it #6887

Catch and emit `certCbDone` exceptions instead of throwing them as `uncaughtException` and crashing the whole process. Fix: nodejs#6822 PR-URL: nodejs#6887 Reviewed-By: Ben Noordhuis <[email protected]>

Catch and emit `certCbDone` exceptions instead of throwing them as `uncaughtException` and crashing the whole process. Fix: #6822 PR-URL: #6887 Reviewed-By: Ben Noordhuis <[email protected]>

mscdex added the tls Issues and PRs related to the tls subsystem. label May 18, 2016

indutny added a commit to indutny/io.js that referenced this issue May 20, 2016

tls: catch certCbDone exceptions

5d91d5a

Catch and emit `certCbDone` exceptions instead of throwing them as `uncaughtException` and crashing the whole process. Fix: nodejs#6822

indutny mentioned this issue May 20, 2016

tls: catch certCbDone exceptions #6887

Closed

4 tasks

indutny closed this as completed in 9cac8c8 May 25, 2016

rvagg pushed a commit that referenced this issue Jun 2, 2016

tls: catch certCbDone exceptions

21e3135

Catch and emit `certCbDone` exceptions instead of throwing them as `uncaughtException` and crashing the whole process. Fix: #6822 PR-URL: #6887 Reviewed-By: Ben Noordhuis <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Getting null cert and null issuer in OCSPRequest which leads to crash #6822

Getting null cert and null issuer in OCSPRequest which leads to crash #6822

Rush commented May 17, 2016

mscdex commented May 18, 2016

indutny commented May 18, 2016

Rush commented May 18, 2016

indutny commented May 18, 2016

indutny commented May 20, 2016

Getting null cert and null issuer in OCSPRequest which leads to crash #6822

Getting null cert and null issuer in OCSPRequest which leads to crash #6822

Comments

Rush commented May 17, 2016

mscdex commented May 18, 2016

indutny commented May 18, 2016

Rush commented May 18, 2016

indutny commented May 18, 2016

indutny commented May 20, 2016