tls,http2: handle writes after SSL destroy more gracefully

This might otherwise result in a hard crash when trying to write to a socket after a sudden disconnect. Note that the test here uses an aborted `h2load` run to create the failing requests; That’s far from ideal, but it provides a reasonably reliably reproduction at this point. PR-URL: #18987Fixes: #18973 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Matteo Collina <[email protected]>

Author: addaleax

src/tls_wrap.cc

@@ -565,7 +565,12 @@ int TLSWrap::DoWrite(WriteWrap* w,
 size_t count,
 uv_stream_t* send_handle){
 CHECK_EQ(send_handle, nullptr);
-CHECK_NE(ssl_, nullptr);
+
+if (ssl_ == nullptr){
+ClearError();
+ error_ = "Write after DestroySSL";
+return UV_EPROTO;
+ }
 
 bool empty = true;
 
@@ -605,12 +610,6 @@ int TLSWrap::DoWrite(WriteWrap* w,
 return0;
  }
 
-if (ssl_ == nullptr){
-ClearError();
- error_ = "Write after DestroySSL";
-return UV_EPROTO;
- }
-
  crypto::MarkPopErrorOnReturn mark_pop_error_on_return;
 
 int written = 0;

test/parallel/test-http2-tls-disconnect.js

@@ -0,0 +1,32 @@
+'use strict';
+constcommon=require('../common');
+constfixtures=require('../common/fixtures');
+
+if(!common.hasCrypto)
+common.skip('missing crypto');
+
+constchild_process=require('child_process');
+consthttp2=require('http2');
+constfs=require('fs');
+
+constkey=fixtures.readKey('agent8-key.pem','binary');
+constcert=fixtures.readKey('agent8-cert.pem','binary');
+
+constserver=http2.createSecureServer({ key, cert },(request,response)=>{
+fs.createReadStream(process.execPath).pipe(response);
+});
+
+// This should be doable with a reproduction purely written in Node;
+// that just requires somebody to take the time and actually do it.
+server.listen(0,()=>{
+constproc=child_process.spawn('h2load',[
+'-n','1000',
+`https://localhost:${server.address().port}/`
+]);
+proc.on('error',(err)=>{
+if(err.code==='ENOENT')
+common.skip('no h2load');
+});
+proc.on('exit',()=>server.close());
+setTimeout(()=>proc.kill(2),100);
+});