Skip to content

Commit

Permalink
crypto: separate altname extensions with ", "
Browse files Browse the repository at this point in the history
In newly introduced `SafeX509ExtPrint` I forgot to insert separators
between extensions, which lead to the "DNS:...DNS:..." thing for npm.

Fix: nodejs#105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/113.patch
  • Loading branch information
indutny committed Dec 10, 2014
1 parent ac18ebd commit 687dfc9
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 12 deletions.
3 changes: 3 additions & 0 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1144,6 +1144,9 @@ static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) {
for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) {
GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i);

if (i != 0)
BIO_write(out, ", ", 2);

if (gen->type == GEN_DNS) {
ASN1_IA5STRING* name = gen->d.dNSName;

Expand Down
23 changes: 12 additions & 11 deletions test/fixtures/keys/0-dns-cert.pem
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIC2jCCAcSgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
Lmdvc2gwHxcNMTQxMTA1MDMyMDUyWhcOMzQwMTAzMTAzMjA1MlowEzERMA8GA1UE
AxYIZXZpbC5jb20wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKCAQCsFwwf1dsr
MIIC/zCCAemgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
Lmdvc2gwHhcNMTQxMjA4MTM0MTUzWhcNMzQxMjAzMTM0MTUzWjATMREwDwYDVQQD
FghldmlsLmNvbTCCASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCsFwwf1dsr
PdxyTHBreymbFGACLQtaOihGsSkYtIzUEF1aT90YDMzNdoLr4wkwWig5FPRMnjmX
7pXY9RVbWmwG/M2eku9S62LekUFkeY1W/QftV9LYgAg7wVDA+v3+zk/EMEqADYm6
W735tzDIKtvx+/3Dd9puQ0TLFNHBxAmTz7YNaJdIUqzs3DWT4zeZQj0RCOyWCjQL
NfqQ80I7NYFYb4IJqiUY8iOTL5kPi7b5szem5EakQbhufDWun4xGTZk/URZHgYgp
REbOLTYs2hqbK76biW/Yvwd1l7RsptIvJvkuQ1R/dO1WPv6PLKLTuS1EOHM3YqNH
o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjoyYwJDAiBgNVHREB
AQAEGDAWghRnb29nbGUuY29tAC5ldmlsLmNvbTALBgkqhkiG9w0BAQEDggEBAHuf
1kxr49w51fC4nou96xj3IjcrJjOy5Aywn755enmaQ5Wh6AuVMHKqheITSbtoDT42
jlIFJ3x+XmfenzV5ac8tawGNzJ+vy4+EYwL4QC11nZJ0FSLZ6KZgPI3lpShMy6Gs
bWFHDKrz6oivsitpUpeCK7aH1a7MVmr/G004vpVFe3OHggfyn9mHK3pCp0WIQuRl
PLiRgZSvryvOaf9cbVLvaUqcL480gcDVd4RGicBU52CeStocYeIHmPat1T+IOLFc
uv0VYQ4dzUfZ5c5YwwMPpHCVprxVR+grpZtd0su0bHDL5wETKBXEz8u2bmSORHgB
x2H+/2UOb6jab+IuQ08=
o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjo0swSTBHBgNVHREE
QDA+ghRnb29nbGUuY29tAC5ldmlsLmNvbYIQanVzdC1hbm90aGVyLmNvbYcECAgI
CIcECAgEBIIIbGFzdC5jb20wCwYJKoZIhvcNAQEBA4IBAQBAC2n4CIXLnyONTjPc
qU0wu41wI+IQlb9mi0C7WEd9HumCbskahAp8vTs35DehnSxrl15FG0rABVtTROCv
eflBKuzwPjtnfZm37UIbQKQUtcxwMQ/zvA83w4GLrLvrFtaQRpXn/RtL/q4CIpQH
MGaPW1Gs24RVBHxI7OXf9UlUruB1yQLUbbtdBtxZ6pk/B32e3yWowbvG7OxuUL0F
1w4DD2m+GfbTyZSCfYKP/zMp3xhTxihVfZ2g07ufc51bNCftWKBLHM/QHJmn4pVo
rrz1vS9nMf/i16zrJ8Xmj61Eo4Aes37lAH5kUiT1VsNxSDcQCiqr1mcj6ByXKNCQ
wDzO
-----END CERTIFICATE-----
7 changes: 6 additions & 1 deletion test/simple/test-tls-0-dns-altname.js
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,12 @@ var server = tls.createServer({
}, function() {
requests++;
var cert = c.getPeerCertificate();
assert.equal(cert.subjectaltname, 'DNS:google.com\0.evil.com');
assert.equal(cert.subjectaltname,
'DNS:google.com\0.evil.com, ' +
'DNS:just-another.com, ' +
'IP Address:8.8.8.8, '+
'IP Address:8.8.4.4, '+
'DNS:last.com');
c.write('ok');
});
});
Expand Down

0 comments on commit 687dfc9

Please sign in to comment.