diff options
author | Fedor Indutny <fedor.indutny@gmail.com> | 2014-01-20 00:37:15 +0000 |
---|---|---|
committer | Fedor Indutny <fedor.indutny@gmail.com> | 2014-01-22 02:42:04 +0400 |
commit | cdde9a386aca90ae151be9ad9455d0d0586d113b (patch) | |
tree | fa02e253877555404389cc085c31aecbf68b82ed /lib/crypto.js | |
parent | 661190af13a82301c61d761c0949b4148e1761f3 (diff) | |
download | android-node-v8-cdde9a386aca90ae151be9ad9455d0d0586d113b.tar.gz android-node-v8-cdde9a386aca90ae151be9ad9455d0d0586d113b.tar.bz2 android-node-v8-cdde9a386aca90ae151be9ad9455d0d0586d113b.zip |
crypto: add newline to cert and key if not present
After one of OpenSSL updates we have stopped accepting PEM private keys
and certificates that doesn't end with a newline (`\n`) character.
Handle this regression in `crypto.js` to make less trouble to our users.
fix #6892
Diffstat (limited to 'lib/crypto.js')
-rw-r--r-- | lib/crypto.js | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/lib/crypto.js b/lib/crypto.js index 33baa40467..050d54afd1 100644 --- a/lib/crypto.js +++ b/lib/crypto.js @@ -78,6 +78,18 @@ function Credentials(secureProtocol, flags, context) { exports.Credentials = Credentials; +function addNewline(buf) { + var last = buf[buf.length - 1]; + var isBuf = Buffer.isBuffer(buf); + + if (!isBuf && !util.isString(buf)) + throw new Error('Certificate should be of type Buffer or string'); + + if (isBuf ? last !== 10 : last !== '\n') + return buf.toString().trim() + '\n'; + else + return buf; +} exports.createCredentials = function(options, context) { if (!options) options = {}; @@ -89,14 +101,15 @@ exports.createCredentials = function(options, context) { if (context) return c; if (options.key) { + var key = addNewline(options.key); if (options.passphrase) { - c.context.setKey(options.key, options.passphrase); + c.context.setKey(key, options.passphrase); } else { - c.context.setKey(options.key); + c.context.setKey(key); } } - if (options.cert) c.context.setCert(options.cert); + if (options.cert) c.context.setCert(addNewline(options.cert)); if (options.ciphers) c.context.setCiphers(options.ciphers); |