tls: throw if SNICallback is not a function

If a value is passed for SNICallback and it is not a function,
createServer() will now throw.

PR-URL: #20969
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>

Author: Trott

lib/_tls_wrap.js

@@ -896,6 +896,11 @@ function Server(options, listener) {
       'options.handshakeTimeout', 'number', options.handshakeTimeout);
   }
 
+  if (this[kSNICallback] && typeof this[kSNICallback] !== 'function') {
+    throw new ERR_INVALID_ARG_TYPE(
+      'options.SNICallback', 'function', options.SNICallback);
+  }
+
   if (this.sessionTimeout) {
     this._sharedCreds.context.setSessionTimeout(this.sessionTimeout);
   }

test/parallel/test-tls-snicallback-error.js

@@ -0,0 +1,17 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+if (!process.features.tls_sni)
+  common.skip('compiled without OpenSSL or with old OpenSSL version');
+
+const assert = require('assert');
+const tls = require('tls');
+
+['fhqwhgads', 42, {}, []].forEach((testValue) => {
+  assert.throws(
+    () => { tls.createServer({ SNICallback: testValue }); },
+    { code: 'ERR_INVALID_ARG_TYPE', message: /\boptions\.SNICallback\b/ }
+  );
+});