diff options
author | Ben Noordhuis <info@bnoordhuis.nl> | 2012-08-12 23:46:56 +0400 |
---|---|---|
committer | Ben Noordhuis <info@bnoordhuis.nl> | 2012-08-12 23:48:26 +0400 |
commit | 6b18e88b68a723b3749d7770c043d7f711c89569 (patch) | |
tree | fc9bc7da22a5f4a4b92b8cf617a773e44f7edd21 /lib | |
parent | 4ef808ec0af61011f6015c29deb4bcc063845e8b (diff) |
tls: handle multiple CN fields when verifying cert
Fixes #3861.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/tls.js | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/tls.js b/lib/tls.js index 05e48d03a97..71a2724e149 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -154,7 +154,14 @@ function checkServerIdentity(host, cert) { // And only after check if hostname matches CN // (because CN is deprecated, but should be used for compatiblity anyway) - dnsNames.push(regexpify(cert.subject.CN, false)); + var commonNames = cert.subject.CN; + if (Array.isArray(commonNames)) { + for (var i = 0, k = commonNames.length; i < k; ++i) { + dnsNames.push(regexpify(commonNames[i], false)); + } + } else { + dnsNames.push(regexpify(commonNames, false)); + } valid = dnsNames.some(function(re) { return re.test(host); |