From 4074c1c6c09580c073ba41d5592b2d475acf55b4 Mon Sep 17 00:00:00 2001
From: Nick Romito <nick@cribl.io>
Date: Thu, 16 Nov 2023 16:05:28 -0600
Subject: [PATCH] Apply node tls crash patch fix found here:
 https://github.com/nodejs/node/pull/49635

---
 src/NodeBuilder.js                    | 10 +++++++-
 src/patch/18.15.0/crypto_tls.cc.patch | 34 +++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 src/patch/18.15.0/crypto_tls.cc.patch

diff --git a/src/NodeBuilder.js b/src/NodeBuilder.js
index ee4b8a9..64d33ce 100644
--- a/src/NodeBuilder.js
+++ b/src/NodeBuilder.js
@@ -220,9 +220,17 @@ class NodeJsBuilder {
       join(this.patchDir, 'push_registers_asm.cc.patch'));	  
   }
 
+  async patchBugs() {
+    await patchFile(
+      this.nodePath('src', 'crypto', 'crypto_tls.cc'),
+      join(this.patchDir, 'crypto_tls.cc.patch')
+    );
+  }
+
   async applyPatches() {
      await this.patchThirdPartyMain();
-     await this.patchNodeCompileIssues(); 
+     await this.patchNodeCompileIssues();
+     await this.patchBugs(); 
   }
 
   printDiskUsage() {
diff --git a/src/patch/18.15.0/crypto_tls.cc.patch b/src/patch/18.15.0/crypto_tls.cc.patch
new file mode 100644
index 0000000..1699069
--- /dev/null
+++ b/src/patch/18.15.0/crypto_tls.cc.patch
@@ -0,0 +1,34 @@
+From 1643adf771dafce8034a00faacf98a2e57d5eebc Thu Oct 5 01:40:07 2023
+fixes TLS segfault crash
+
+--- a/src/crypto/crypto_tls.cc
++++ b/src/crypto/crypto_tls.cc
+@@ -223,7 +223,7 @@ int SelectALPNCallback(
+     const unsigned char* in,
+     unsigned int inlen,
+     void* arg) {
+-  TLSWrap* w = static_cast<TLSWrap*>(arg);
++  TLSWrap* w = static_cast<TLSWrap*>(SSL_get_app_data(s));
+   if (w->alpn_callback_enabled_) {
+     Environment* env = w->env();
+     HandleScope handle_scope(env->isolate());
+@@ -1293,7 +1293,8 @@ void TLSWrap::EnableALPNCb(const FunctionCallbackInfo<Value>& args) {
+   wrap->alpn_callback_enabled_ = true;
+ 
+   SSL* ssl = wrap->ssl_.get();
+-  SSL_CTX_set_alpn_select_cb(SSL_get_SSL_CTX(ssl), SelectALPNCallback, wrap);
++  SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(ssl);
++  SSL_CTX_set_alpn_select_cb(ssl_ctx, SelectALPNCallback, nullptr);
+ }
+ 
+ void TLSWrap::GetServername(const FunctionCallbackInfo<Value>& args) {
+@@ -1589,7 +1590,8 @@ void TLSWrap::SetALPNProtocols(const FunctionCallbackInfo<Value>& args) {
+   } else {
+     w->alpn_protos_ = std::vector<unsigned char>(
+         protos.data(), protos.data() + protos.length());
+-    SSL_CTX_set_alpn_select_cb(SSL_get_SSL_CTX(ssl), SelectALPNCallback, w);
++    SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(ssl);
++    SSL_CTX_set_alpn_select_cb(ssl_ctx, SelectALPNCallback, nullptr);
+   }
+ }
+