From db35fee1e1ca909f0f33940c0d9501a72baf2375 Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Thu, 8 Nov 2018 13:40:46 -0800 Subject: tls: get the local certificate after tls handshake Add an API to get the local certificate chosen during TLS handshake from the SSL context. Fix: https://github.com/nodejs/node/issues/24095 PR-URL: https://github.com/nodejs/node/pull/24261 Fixes: https://github.com/nodejs/node/issues/24095 Reviewed-By: Ben Noordhuis Reviewed-By: Anna Henningsen Reviewed-By: Daniel Bevenius --- lib/_tls_common.js | 3 +++ lib/_tls_wrap.js | 12 +++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/_tls_common.js b/lib/_tls_common.js index 7153334a14..4028b02be2 100644 --- a/lib/_tls_common.js +++ b/lib/_tls_common.js @@ -202,6 +202,9 @@ exports.createSecureContext = function createSecureContext(options) { return c; }; +// Translate some fields from the handle's C-friendly format into more idiomatic +// javascript object representations before passing them back to the user. Can +// be used on any cert object, but changing the name would be semver-major. exports.translatePeerCertificate = function translatePeerCertificate(c) { if (!c) return null; diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index f0d86f3d87..2e32366028 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -660,7 +660,17 @@ TLSSocket.prototype.setSession = function(session) { TLSSocket.prototype.getPeerCertificate = function(detailed) { if (this._handle) { return common.translatePeerCertificate( - this._handle.getPeerCertificate(detailed)); + this._handle.getPeerCertificate(detailed)) || {}; + } + + return null; +}; + +TLSSocket.prototype.getCertificate = function() { + if (this._handle) { + // It's not a peer cert, but the formatting is identical. + return common.translatePeerCertificate( + this._handle.getCertificate()) || {}; } return null; -- cgit v1.2.3