diff options
Diffstat (limited to 'test/parallel/test-tls-0-dns-altname.js')
| -rw-r--r-- | test/parallel/test-tls-0-dns-altname.js | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/test/parallel/test-tls-0-dns-altname.js b/test/parallel/test-tls-0-dns-altname.js index 874dc6b235d..483d256564a 100644 --- a/test/parallel/test-tls-0-dns-altname.js +++ b/test/parallel/test-tls-0-dns-altname.js @@ -2,6 +2,8 @@ const common = require('../common'); const assert = require('assert'); +// Check getPeerCertificate can properly handle '\0' for fix CVE-2009-2408. + if (!common.hasCrypto) { common.skip('missing crypto'); return; @@ -11,8 +13,8 @@ const tls = require('tls'); const fs = require('fs'); const server = tls.createServer({ - key: fs.readFileSync(common.fixturesDir + '/keys/0-dns-key.pem'), - cert: fs.readFileSync(common.fixturesDir + '/keys/0-dns-cert.pem') + key: fs.readFileSync(common.fixturesDir + '/0-dns/0-dns-key.pem'), + cert: fs.readFileSync(common.fixturesDir + '/0-dns/0-dns-cert.pem') }, function(c) { c.once('data', function() { c.destroy(); @@ -24,11 +26,11 @@ const server = tls.createServer({ }, common.mustCall(function() { const cert = c.getPeerCertificate(); assert.strictEqual(cert.subjectaltname, - 'DNS:google.com\0.evil.com, ' + - 'DNS:just-another.com, ' + + 'DNS:good.example.org\0.evil.example.com, ' + + 'DNS:just-another.example.com, ' + 'IP Address:8.8.8.8, ' + 'IP Address:8.8.4.4, ' + - 'DNS:last.com'); + 'DNS:last.example.com'); c.write('ok'); })); })); |