Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

tls: parsing multiple values of a key in ssl certificate

Fixes #2864.
  • Loading branch information
ssuda authored and koichik committed Mar 3, 2012
1 parent 36761b2 commit 9b672bcaa2ea427fd84b647fceba97162d08540e
Showing with 88 additions and 1 deletion.
  1. +8 −1 lib/tls.js
  2. +22 −0 test/fixtures/multi-alice.crt
  3. +58 −0 test/simple/test-tls-peer-certificate-multi-keys.js
@@ -197,7 +197,14 @@ function parseCertString(s) {
if (sepIndex > 0) {
var key = parts[i].slice(0, sepIndex);
var value = parts[i].slice(sepIndex + 1);
out[key] = value;
if (key in out) {
if (!Array.isArray(out[key])) {
out[key] = [out[key]];
}
out[key].push(value);
} else {
out[key] = value;
}
}
}
return out;
@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDnjCCAoYCCQCXooHS0l6bHDANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMC
QVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdp
dHMgUHR5IEx0ZDEfMB0GA1UECwwWSW5mb3JtYXRpb24gVGVjaG5vbG9neTEUMBIG
A1UECwwLRW5naW5lZXJpbmcxEjAQBgNVBAsMCU1hcmtldGluZzAeFw0xMjAzMDQx
NDA4MDVaFw0xMjA0MDMxNDA4MDVaMIGQMQswCQYDVQQGEwJBVTETMBEGA1UECAwK
U29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8w
HQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRQwEgYDVQQLDAtFbmdpbmVl
cmluZzESMBAGA1UECwwJTWFya2V0aW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAz+LXZOjcQCJq3+ZKUFabj71oo/ex/XsBcFqtBThjjTw9CVEVwfPQ
Qp4XwtPiB204vnYXwQ1/R2NdTQqCZu47l79LssL/u2a5Y9+0NEU3nQA5qdt+1FAE
0c5oexPimXOrR3GWfKz7PmZ2O0117IeCUUXPG5U8umhDe/4mDF4ZNJiKc404Wthq
uTqgS7rLQZHhZ6D0EnGnOkzlmxJMYPNHSOY1/6ivdNUUcC87awNEA3lgfhy25IyB
K3QJc+aYKNTbt70Lery3bu2wWLFGtmNiGlQTS4JsxImRsECTI727ObS7/FWAQsqW
+COL0Sa5BuMFrFIpjPrEe0ih7vRRbdmXRwIDAQABMA0GCSqGSIb3DQEBBQUAA4IB
AQC7kyzjGXy7SnT1tvefdvtdAtErDuD375/sB2l1V72+BNXlIlddmEC8IkAVSKg2
5Y7MuQ4yMsHlhrdUxj/XOOVMHY/49xsZiN5hF2jb2mdq7KdvlVMYqyf126bW2mOx
cLVSiuucdp88zoJopWBUnNyVOYhh18St9bNosGgPzppGBCpL+MJvoSn3wrnFn8ER
wwN1m3ga590wHa4fny+qlD/hJNww16wbwgdF9NqsuR/e+sj9ZsoIYRCF8iKBajzt
3o7cZIRlvGtJfJRM87YCAn4BR3JgQPXfbhx31KwtMXtAJNzOHk26bblW3jTC8c7+
Cu1gNEM083vUq6/UxJUM8lOM
-----END CERTIFICATE-----
@@ -0,0 +1,58 @@
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

if (!process.versions.openssl) {
console.error('Skipping because node compiled without OpenSSL.');
process.exit(0);
}

var common = require('../common');
var assert = require('assert');
var tls = require('tls');
var fs = require('fs');
var util = require('util');
var join = require('path').join;
var spawn = require('child_process').spawn;

var options = {
key: fs.readFileSync(join(common.fixturesDir, 'agent.key')),
cert: fs.readFileSync(join(common.fixturesDir, 'multi-alice.crt'))
};
var verified = false;

var server = tls.createServer(options, function(cleartext) {
cleartext.end('World');
});
server.listen(common.PORT, function() {
var socket = tls.connect({port: common.PORT}, function() {
var peerCert = socket.getPeerCertificate();
common.debug(util.inspect(peerCert));
assert.deepEqual(peerCert.subject.OU,
['Information Technology', 'Engineering', 'Marketing']);
verified = true;
server.close();
});
socket.end('Hello');
});

process.on('exit', function() {
assert.ok(verified);
});

0 comments on commit 9b672bc

Please sign in to comment.
You can’t perform that action at this time.