Browse Source

crypto: separate altname extensions with ", "

In newly introduced `SafeX509ExtPrint` I forgot to insert separators
between extensions, which lead to the "DNS:...DNS:..." thing for npm.

Fix: iojs/io.js#105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/113.patch
archived-io.js-v0.12
Fedor Indutny 10 years ago
parent
commit
687dfc9875
  1. 3
      src/node_crypto.cc
  2. 23
      test/fixtures/keys/0-dns-cert.pem
  3. 7
      test/simple/test-tls-0-dns-altname.js

3
src/node_crypto.cc

@ -1144,6 +1144,9 @@ static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) {
for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) {
GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i);
if (i != 0)
BIO_write(out, ", ", 2);
if (gen->type == GEN_DNS) {
ASN1_IA5STRING* name = gen->d.dNSName;

23
test/fixtures/keys/0-dns-cert.pem

@ -1,18 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIC2jCCAcSgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
Lmdvc2gwHxcNMTQxMTA1MDMyMDUyWhcOMzQwMTAzMTAzMjA1MlowEzERMA8GA1UE
AxYIZXZpbC5jb20wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKCAQCsFwwf1dsr
MIIC/zCCAemgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
Lmdvc2gwHhcNMTQxMjA4MTM0MTUzWhcNMzQxMjAzMTM0MTUzWjATMREwDwYDVQQD
FghldmlsLmNvbTCCASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCsFwwf1dsr
PdxyTHBreymbFGACLQtaOihGsSkYtIzUEF1aT90YDMzNdoLr4wkwWig5FPRMnjmX
7pXY9RVbWmwG/M2eku9S62LekUFkeY1W/QftV9LYgAg7wVDA+v3+zk/EMEqADYm6
W735tzDIKtvx+/3Dd9puQ0TLFNHBxAmTz7YNaJdIUqzs3DWT4zeZQj0RCOyWCjQL
NfqQ80I7NYFYb4IJqiUY8iOTL5kPi7b5szem5EakQbhufDWun4xGTZk/URZHgYgp
REbOLTYs2hqbK76biW/Yvwd1l7RsptIvJvkuQ1R/dO1WPv6PLKLTuS1EOHM3YqNH
o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjoyYwJDAiBgNVHREB
AQAEGDAWghRnb29nbGUuY29tAC5ldmlsLmNvbTALBgkqhkiG9w0BAQEDggEBAHuf
1kxr49w51fC4nou96xj3IjcrJjOy5Aywn755enmaQ5Wh6AuVMHKqheITSbtoDT42
jlIFJ3x+XmfenzV5ac8tawGNzJ+vy4+EYwL4QC11nZJ0FSLZ6KZgPI3lpShMy6Gs
bWFHDKrz6oivsitpUpeCK7aH1a7MVmr/G004vpVFe3OHggfyn9mHK3pCp0WIQuRl
PLiRgZSvryvOaf9cbVLvaUqcL480gcDVd4RGicBU52CeStocYeIHmPat1T+IOLFc
uv0VYQ4dzUfZ5c5YwwMPpHCVprxVR+grpZtd0su0bHDL5wETKBXEz8u2bmSORHgB
x2H+/2UOb6jab+IuQ08=
o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjo0swSTBHBgNVHREE
QDA+ghRnb29nbGUuY29tAC5ldmlsLmNvbYIQanVzdC1hbm90aGVyLmNvbYcECAgI
CIcECAgEBIIIbGFzdC5jb20wCwYJKoZIhvcNAQEBA4IBAQBAC2n4CIXLnyONTjPc
qU0wu41wI+IQlb9mi0C7WEd9HumCbskahAp8vTs35DehnSxrl15FG0rABVtTROCv
eflBKuzwPjtnfZm37UIbQKQUtcxwMQ/zvA83w4GLrLvrFtaQRpXn/RtL/q4CIpQH
MGaPW1Gs24RVBHxI7OXf9UlUruB1yQLUbbtdBtxZ6pk/B32e3yWowbvG7OxuUL0F
1w4DD2m+GfbTyZSCfYKP/zMp3xhTxihVfZ2g07ufc51bNCftWKBLHM/QHJmn4pVo
rrz1vS9nMf/i16zrJ8Xmj61Eo4Aes37lAH5kUiT1VsNxSDcQCiqr1mcj6ByXKNCQ
wDzO
-----END CERTIFICATE-----

7
test/simple/test-tls-0-dns-altname.js

@ -47,7 +47,12 @@ var server = tls.createServer({
}, function() {
requests++;
var cert = c.getPeerCertificate();
assert.equal(cert.subjectaltname, 'DNS:google.com\0.evil.com');
assert.equal(cert.subjectaltname,
'DNS:google.com\0.evil.com, ' +
'DNS:just-another.com, ' +
'IP Address:8.8.8.8, '+
'IP Address:8.8.4.4, '+
'DNS:last.com');
c.write('ok');
});
});

Loading…
Cancel
Save