diff options
| author | Fedor Indutny <fedor.indutny@gmail.com> | 2013-01-14 21:09:35 +0400 |
|---|---|---|
| committer | Fedor Indutny <fedor.indutny@gmail.com> | 2013-01-14 21:31:34 +0400 |
| commit | 45024e7b7551eca7796e16fe453b2cbaee94b916 (patch) | |
| tree | 73a0f599c30b6b19e4ab03a9ae47025f3c0e94de | |
| parent | f3e78bd3c21028dfd96efed7ae2654ceff1e7878 (diff) | |
| download | node-45024e7b7551eca7796e16fe453b2cbaee94b916.tar.gz | |
tls: allow wildcards in common name
see #4592
| -rw-r--r-- | lib/tls.js | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/tls.js b/lib/tls.js index c62d40f8f..d6518f502 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -156,14 +156,13 @@ function checkServerIdentity(host, cert) { dnsNames = dnsNames.concat(uriNames); // And only after check if hostname matches CN - // (because CN is deprecated, but should be used for compatiblity anyway) var commonNames = cert.subject.CN; if (Array.isArray(commonNames)) { for (var i = 0, k = commonNames.length; i < k; ++i) { - dnsNames.push(regexpify(commonNames[i], false)); + dnsNames.push(regexpify(commonNames[i], true)); } } else { - dnsNames.push(regexpify(commonNames, false)); + dnsNames.push(regexpify(commonNames, true)); } valid = dnsNames.some(function(re) { |