tls: handle empty cert in checkServerIndentity

This resolves joyent/node#9272. `tlsSocket.getPeerCertificate` will return an empty object when the peer does not provide a certificate, but, prior to this, when the certificate is empty, `checkServerIdentity` would throw because the `subject` wasn't present on the cert. `checkServerIdentity` must return an error, not throw one, so this returns an error when the cert is empty instead of throwing a `TypeError`. PR-URL: https://github.com/nodejs/node/pull/2343 Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
author: Mike Atkins <mike.atkins@lanetix.com> 2015-08-10 11:55:37 -0400
committer: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2015-08-21 11:24:51 +0900
commit: f1810ed1b86cbbe5560a96839f5320b4be6ec5f7 (patch)
tree: 63317705d35e276e0e51a24316ade3e86ab860ef /test/parallel/test-tls-check-server-identity.js
parent: ec6e5c79993599a8b6977050bcc09b32b187a8ac (diff)
download: node-new-f1810ed1b86cbbe5560a96839f5320b4be6ec5f7.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/test/parallel/test-tls-check-server-identity.js b/test/parallel/test-tls-check-server-identity.js
index e659f40aa9..8d2155b94e 100644
--- a/test/parallel/test-tls-check-server-identity.js
+++ b/test/parallel/test-tls-check-server-identity.js
@@ -30,6 +30,13 @@ var tests = [
            'DNS:omg.com'
   },
 
+  // Empty Cert
+  {
+    host: 'a.com',
+    cert: { },
+    error: 'Cert is empty'
+  },
+
   // Multiple CN fields
   {
     host: 'foo.com', cert: {
author	Mike Atkins <mike.atkins@lanetix.com>	2015-08-10 11:55:37 -0400
committer	Shigeki Ohtsu <ohtsu@iij.ad.jp>	2015-08-21 11:24:51 +0900
commit	f1810ed1b86cbbe5560a96839f5320b4be6ec5f7 (patch)
tree	63317705d35e276e0e51a24316ade3e86ab860ef /test/parallel/test-tls-check-server-identity.js
parent	ec6e5c79993599a8b6977050bcc09b32b187a8ac (diff)
download	node-new-f1810ed1b86cbbe5560a96839f5320b4be6ec5f7.tar.gz