crypto: separate altname extensions with ", "

In newly introduced `SafeX509ExtPrint` I forgot to insert separators
between extensions, which lead to the "DNS:...DNS:..." thing for npm.

Fix: iojs/io.js#105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/113.patch

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index efaa390..918c2b9 100644 (file)
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -1144,6 +1144,9 @@ static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) {
   for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) {
     GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i);
 
+    if (i != 0)
+      BIO_write(out, ", ", 2);
+
     if (gen->type == GEN_DNS) {
       ASN1_IA5STRING* name = gen->d.dNSName;
 

diff --git a/test/fixtures/keys/0-dns-cert.pem b/test/fixtures/keys/0-dns-cert.pem
index 70171dc..6cfc6c4 100644 (file)
--- a/test/fixtures/keys/0-dns-cert.pem
+++ b/test/fixtures/keys/0-dns-cert.pem
@@ -1,18 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIC2jCCAcSgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
-Lmdvc2gwHxcNMTQxMTA1MDMyMDUyWhcOMzQwMTAzMTAzMjA1MlowEzERMA8GA1UE
-AxYIZXZpbC5jb20wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKCAQCsFwwf1dsr
+MIIC/zCCAemgAwIBAgICJxEwCwYJKoZIhvcNAQEFMBUxEzARBgNVBAMWCm9oLm15
+Lmdvc2gwHhcNMTQxMjA4MTM0MTUzWhcNMzQxMjAzMTM0MTUzWjATMREwDwYDVQQD
+FghldmlsLmNvbTCCASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCsFwwf1dsr
 PdxyTHBreymbFGACLQtaOihGsSkYtIzUEF1aT90YDMzNdoLr4wkwWig5FPRMnjmX
 7pXY9RVbWmwG/M2eku9S62LekUFkeY1W/QftV9LYgAg7wVDA+v3+zk/EMEqADYm6
 W735tzDIKtvx+/3Dd9puQ0TLFNHBxAmTz7YNaJdIUqzs3DWT4zeZQj0RCOyWCjQL
 NfqQ80I7NYFYb4IJqiUY8iOTL5kPi7b5szem5EakQbhufDWun4xGTZk/URZHgYgp
 REbOLTYs2hqbK76biW/Yvwd1l7RsptIvJvkuQ1R/dO1WPv6PLKLTuS1EOHM3YqNH
-o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjoyYwJDAiBgNVHREB
-AQAEGDAWghRnb29nbGUuY29tAC5ldmlsLmNvbTALBgkqhkiG9w0BAQEDggEBAHuf
-1kxr49w51fC4nou96xj3IjcrJjOy5Aywn755enmaQ5Wh6AuVMHKqheITSbtoDT42
-jlIFJ3x+XmfenzV5ac8tawGNzJ+vy4+EYwL4QC11nZJ0FSLZ6KZgPI3lpShMy6Gs
-bWFHDKrz6oivsitpUpeCK7aH1a7MVmr/G004vpVFe3OHggfyn9mHK3pCp0WIQuRl
-PLiRgZSvryvOaf9cbVLvaUqcL480gcDVd4RGicBU52CeStocYeIHmPat1T+IOLFc
-uv0VYQ4dzUfZ5c5YwwMPpHCVprxVR+grpZtd0su0bHDL5wETKBXEz8u2bmSORHgB
-x2H+/2UOb6jab+IuQ08=
+o7wDSplOJe5rAgMBAAGhCQMHADEyMzQ1NqIJAwcANzg5YWJjo0swSTBHBgNVHREE
+QDA+ghRnb29nbGUuY29tAC5ldmlsLmNvbYIQanVzdC1hbm90aGVyLmNvbYcECAgI
+CIcECAgEBIIIbGFzdC5jb20wCwYJKoZIhvcNAQEBA4IBAQBAC2n4CIXLnyONTjPc
+qU0wu41wI+IQlb9mi0C7WEd9HumCbskahAp8vTs35DehnSxrl15FG0rABVtTROCv
+eflBKuzwPjtnfZm37UIbQKQUtcxwMQ/zvA83w4GLrLvrFtaQRpXn/RtL/q4CIpQH
+MGaPW1Gs24RVBHxI7OXf9UlUruB1yQLUbbtdBtxZ6pk/B32e3yWowbvG7OxuUL0F
+1w4DD2m+GfbTyZSCfYKP/zMp3xhTxihVfZ2g07ufc51bNCftWKBLHM/QHJmn4pVo
+rrz1vS9nMf/i16zrJ8Xmj61Eo4Aes37lAH5kUiT1VsNxSDcQCiqr1mcj6ByXKNCQ
+wDzO
 -----END CERTIFICATE-----

diff --git a/test/simple/test-tls-0-dns-altname.js b/test/simple/test-tls-0-dns-altname.js
index 29ee7fc..002a5ca 100644 (file)
--- a/test/simple/test-tls-0-dns-altname.js
+++ b/test/simple/test-tls-0-dns-altname.js
@@ -47,7 +47,12 @@ var server = tls.createServer({
   }, function() {
     requests++;
     var cert = c.getPeerCertificate();
-    assert.equal(cert.subjectaltname, 'DNS:google.com\0.evil.com');
+    assert.equal(cert.subjectaltname,
+                 'DNS:google.com\0.evil.com, ' +
+                     'DNS:just-another.com, ' +
+                     'IP Address:8.8.8.8, '+
+                     'IP Address:8.8.4.4, '+
+                     'DNS:last.com');
     c.write('ok');
   });
 });