diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 34b19407c93150..afdb2e3c270348 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2486,7 +2486,7 @@ void SSLWrap::CertCbDone(const FunctionCallbackInfo& args) { // Store the SNI context for later use. w->sni_context_ = BaseObjectPtr(sc); - if (UseSNIContext(w->ssl_, sc) && !w->SetCACerts(sc)) { + if (UseSNIContext(w->ssl_, w->sni_context_) && !w->SetCACerts(sc)) { // Not clear why sometimes we throw error, and sometimes we call // onerror(). Both cause .destroy(), but onerror does a bit more. unsigned long err = ERR_get_error(); // NOLINT(runtime/int) diff --git a/src/node_crypto_common.cc b/src/node_crypto_common.cc index 197bc5cd5913a4..9358edb66b3cb9 100644 --- a/src/node_crypto_common.cc +++ b/src/node_crypto_common.cc @@ -1,3 +1,4 @@ +#include "base_object-inl.h" #include "env-inl.h" #include "node_buffer.h" #include "node_crypto.h" @@ -223,7 +224,7 @@ long VerifyPeerCertificate( // NOLINT(runtime/int) return err; } -int UseSNIContext(const SSLPointer& ssl, SecureContext* context) { +int UseSNIContext(const SSLPointer& ssl, BaseObjectPtr context) { SSL_CTX* ctx = context->ctx_.get(); X509* x509 = SSL_CTX_get0_certificate(ctx); EVP_PKEY* pkey = SSL_CTX_get0_privatekey(ctx); diff --git a/src/node_crypto_common.h b/src/node_crypto_common.h index 8d40052bcca2f9..c373a97e4763a4 100644 --- a/src/node_crypto_common.h +++ b/src/node_crypto_common.h @@ -71,7 +71,7 @@ long VerifyPeerCertificate( // NOLINT(runtime/int) const SSLPointer& ssl, long def = X509_V_ERR_UNSPECIFIED); // NOLINT(runtime/int) -int UseSNIContext(const SSLPointer& ssl, SecureContext* context); +int UseSNIContext(const SSLPointer& ssl, BaseObjectPtr context); const char* GetClientHelloALPN(const SSLPointer& ssl);