crypto: clear error in GetPeerCertificate

fix #6945
2014-01-23 16:03:32 +04:00 · 2014-01-23 16:03:32 +04:00 · cc4b6e6e58
commit cc4b6e6e58
parent a454063ea1
7 changed files with 119 additions and 1 deletions
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -972,6 +972,9 @@ void SSLWrap<Base>::GetPeerCertificate(
  Base* w = Unwrap<Base>(args.This());
  Environment* env = w->ssl_env();
  ClearErrorOnReturn clear_error_on_return;
  (void) &clear_error_on_return;  // Silence unused variable warning.
  Local<Object> info = Object::New();
  X509* peer_cert = SSL_get_peer_certificate(w->ssl_);
  if (peer_cert != NULL) {
--- a/test/fixtures/keys/Makefile
+++ b/test/fixtures/keys/Makefile
@ -1,4 +1,4 @@
-all: agent1-cert.pem agent2-cert.pem agent3-cert.pem agent4-cert.pem ca2-crl.pem
+all: agent1-cert.pem agent2-cert.pem agent3-cert.pem agent4-cert.pem ca2-crl.pem ec-cert.pem
 #
@ -130,6 +130,19 @@ ca2-crl.pem: ca2-key.pem ca2-cert.pem ca2.cnf
 		-out ca2-crl.pem \
 		-passin 'pass:password'
 ec-key.pem:
 	openssl ecparam -genkey -out ec-key.pem -name prime256v1
 ec-csr.pem: ec-key.pem
 	openssl req -new -config ec.cnf -key ec-key.pem -out ec-csr.pem
 ec-cert.pem: ec-csr.pem ec-key.pem
 	openssl x509 -req \
 		-days 9999 \
 		-in ec-csr.pem \
 		-signkey ec-key.pem \
 		-out ec-cert.pem
 clean:
 	rm -f *.pem *.srl ca2-database.txt ca2-serial
--- a/test/fixtures/keys/ec-cert.pem
+++ b/test/fixtures/keys/ec-cert.pem
@ -0,0 +1,13 @@
 -----BEGIN CERTIFICATE-----
 MIIB6DCCAY8CCQDxe0NTwQvhajAJBgcqhkjOPQQBMH0xCzAJBgNVBAYTAlVTMQsw
 CQYDVQQIEwJDQTELMAkGA1UEBxMCU0YxDzANBgNVBAoTBkpveWVudDEQMA4GA1UE
 CxMHTm9kZS5qczEPMA0GA1UEAxMGYWdlbnQyMSAwHgYJKoZIhvcNAQkBFhFyeUB0
 aW55Y2xvdWRzLm9yZzAeFw0xNDAxMjUyMzQ1NTRaFw00MTA2MTEyMzQ1NTRaMH0x
 CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTELMAkGA1UEBxMCU0YxDzANBgNVBAoT
 BkpveWVudDEQMA4GA1UECxMHTm9kZS5qczEPMA0GA1UEAxMGYWdlbnQyMSAwHgYJ
 KoZIhvcNAQkBFhFyeUB0aW55Y2xvdWRzLm9yZzBZMBMGByqGSM49AgEGCCqGSM49
 AwEHA0IABMF+Qkla0cb0tH6NcJDnd2drh0xr74hkJY8SWtsZ/7WyL8VHN8SfoDOo
 2BZDByoBmHkFy1BEC0b7JFYOCAs/ShwwCQYHKoZIzj0EAQNIADBFAiEAwcJ6lRH6
 EhV5Iywr9VlmDsPDypEGIXMWLvw4Sbe+2+cCIC/TOweK9vmYiY2Y1ewAqhO7TGeX
 9nTgmSQD2OBZrrOf
 -----END CERTIFICATE-----
--- a/test/fixtures/keys/ec-csr.pem
+++ b/test/fixtures/keys/ec-csr.pem
@ -0,0 +1,9 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIIBNjCB3wIBADB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcT
 AlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMT
 BmFnZW50MjEgMB4GCSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwWTATBgcq
 hkjOPQIBBggqhkjOPQMBBwNCAATBfkJJWtHG9LR+jXCQ53dna4dMa++IZCWPElrb
 Gf+1si/FRzfEn6AzqNgWQwcqAZh5BctQRAtG+yRWDggLP0ocoAAwCQYHKoZIzj0E
 AQNHADBEAiBqnVIhsMk35UAXt3/dgIAKUpnE652YTQ4rgidrxgbvqQIgDXs1gfj0
 3HACt3JASAlNgFGGUYmmDvKTj/7H1gQRB7Q=
 -----END CERTIFICATE REQUEST-----
--- a/test/fixtures/keys/ec-key.pem
+++ b/test/fixtures/keys/ec-key.pem
@ -0,0 +1,8 @@
 -----BEGIN EC PARAMETERS-----
 BggqhkjOPQMBBw==
 -----END EC PARAMETERS-----
 -----BEGIN EC PRIVATE KEY-----
 MHcCAQEEINozA3blScV9x7C5R9RCaSqV4KOkrm0Gh0Qx7vr6VcnOoAoGCCqGSM49
 AwEHoUQDQgAEwX5CSVrRxvS0fo1wkOd3Z2uHTGvviGQljxJa2xn/tbIvxUc3xJ+g
 M6jYFkMHKgGYeQXLUEQLRvskVg4ICz9KHA==
 -----END EC PRIVATE KEY-----
--- a/test/fixtures/keys/ec.cnf
+++ b/test/fixtures/keys/ec.cnf
@ -0,0 +1,17 @@
 [ req ]
 default_bits           = 1024
 days                   = 999
 distinguished_name     = req_distinguished_name
 attributes             = req_attributes
 prompt                 = no
 [ req_distinguished_name ]
 C                      = US
 ST                     = CA
 L                      = SF
 O                      = Joyent
 OU                     = Node.js
 CN                     = agent2
 emailAddress           = ry@tinyclouds.org
 [ req_attributes ]
--- a/test/simple/test-tls-no-rsa-key.js
+++ b/test/simple/test-tls-no-rsa-key.js
@ -0,0 +1,55 @@
 // Copyright Joyent, Inc. and other Node contributors.
 //
 // Permission is hereby granted, free of charge, to any person obtaining a
 // copy of this software and associated documentation files (the
 // "Software"), to deal in the Software without restriction, including
 // without limitation the rights to use, copy, modify, merge, publish,
 // distribute, sublicense, and/or sell copies of the Software, and to permit
 // persons to whom the Software is furnished to do so, subject to the
 // following conditions:
 //
 // The above copyright notice and this permission notice shall be included
 // in all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 if (!process.versions.openssl) {
  console.error('Skipping because node compiled without OpenSSL.');
  process.exit(0);
 }
 var common = require('../common');
 var assert = require('assert');
 var tls = require('tls');
 var fs = require('fs');
 var fs = require('fs');
 var options = {
  key: fs.readFileSync(common.fixturesDir + '/keys/ec-key.pem'),
  cert: fs.readFileSync(common.fixturesDir + '/keys/ec-cert.pem')
 };
 var cert = null;
 var server = tls.createServer(options, function(conn) {
  conn.end('ok');
 }).listen(common.PORT, function() {
  var c = tls.connect(common.PORT, {
    rejectUnauthorized: false
  }, function() {
    cert = c.getPeerCertificate();
    c.destroy();
    server.close();
  });
 });
 process.on('exit', function() {
  assert(cert);
  assert.equal(cert.subject.C, 'US');
 });