Skip to content

Commit 259226f

Browse files
author
Joshua Houghton
committed
code cleanup and add a unit test to check that cert validation can fail
1 parent 22901ff commit 259226f

File tree

3 files changed

+59
-3
lines changed

3 files changed

+59
-3
lines changed

LDAPCnx.cc

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -77,8 +77,9 @@ void LDAPCnx::New(const Nan::FunctionCallbackInfo<Value>& info) {
7777

7878
struct timeval ntimeout = { timeout/1000, (timeout%1000) * 1000 };
7979

80-
if (!info[8]->IsUndefined())
81-
ldap_set_option (ld->ld, LDAP_OPT_X_TLS_CACERTFILE, *cacertfile);
80+
if (!info[8]->IsUndefined()) {
81+
ldap_set_option(ld->ld, LDAP_OPT_X_TLS_CACERTFILE, *cacertfile);
82+
}
8283

8384
ldap_set_option(ld->ld, LDAP_OPT_PROTOCOL_VERSION, &ver);
8485
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &debug);

test/certs/wrongca.crt

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIFfTCCA2WgAwIBAgIUI8YwKAVnOqAcsENwBMFoOju6/20wDQYJKoZIhvcNAQEL
3+
BQAwTjELMAkGA1UEBhMCVUsxEDAOBgNVBAgMB0VuZ2xhbmQxEzARBgNVBAcMCkNo
4+
ZWx0ZW5oYW0xDDAKBgNVBAoMA2pqaDEKMAgGA1UEAwwBKjAeFw0xOTA2MTQyMDMy
5+
NDhaFw0yMjA2MTQyMDMyNDhaME4xCzAJBgNVBAYTAlVLMRAwDgYDVQQIDAdFbmds
6+
YW5kMRMwEQYDVQQHDApDaGVsdGVuaGFtMQwwCgYDVQQKDANqamgxCjAIBgNVBAMM
7+
ASowggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0Vex3WyX6zHorsi28
8+
3+INfk/BxK8uT+peO4bcSBJvIp/3xswIGN0D7RnOsP5EpXDn57DWQGXW72Or3ec6
9+
dGYOQVA/tSv9qyx2HHytbvArhPVDwDscwDlict3qNoSCZIH5gjQZchmLxi5L0RJ7
10+
qBSiOzbMFcJGHJJvTCY10XeImlde+T/jak5NZQ3CAWBh6BEMZE7gK+ufdX4+M3N5
11+
ZfD7VlxA6q5TiZT50r5g9G9mKPM66UEK4TrosBGbCYNeGunLC4Q94oX7MzhAsAwl
12+
i8aHsA71455IH8g9WQ5/y2mYxuwdz4xdmBNtcmGlvd+BJ4PFtGvUqWdG5ECD55Ah
13+
718C2dnFnA53ZnHbIzf2XFSKILsUd/1uWhq0vBm5OlF96eD8BWYlBiBj6CXH9A24
14+
Gu0HzZtkKyO83yWC+uF3zz2/Ec7VN/cQUHIn2pixYL737o6EPxWnWxFuRCau2sue
15+
YnIw1x9BEg1cOLmSL6lHZj5Llr4mVCsewNMgMxzE2MfMpsnsEc0lwfX1ICFM347L
16+
sqx2LuArRytDV+ZJYueL33/eLw86BMjQ9FEBDNv3oEPi84raA76RMz1Z4yFAEW0M
17+
kcj9cUOsrM8G8Kud3eC/YnAMnOTQx2QETlnJv+E3frbgTYVxan8G5ynrbkJ7v0SD
18+
+R8j57QzoTPAsDzJiIR0h2XfHQIDAQABo1MwUTAdBgNVHQ4EFgQUrQHskQDWP3Az
19+
mBnBpsC+wcBts7MwHwYDVR0jBBgwFoAUrQHskQDWP3AzmBnBpsC+wcBts7MwDwYD
20+
VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAar561zQXRH+t9nALpOuU
21+
ew1+hUqQlNmpg98Up2ZAjMtQmB+FiFc/2xMgk56F/sMUB3NHhtxQdPTpKELqdgmh
22+
sWJH0VwtAWB0lYOIvkTSLYEHvRRyzJOLJ9hUdS0ghLd52fNyBH5XOMo68z1CtjvN
23+
SCejAwkI/iZfXy94ZQAKaRLzRMd/MHDdIf4HrG3QHDA5WTlUUMnL+YyrmMtVjt3d
24+
9xZSIAXDvvAtqhyQN29wPY8d+m2xZIUs/sqluXvWB/z4Ze54tMqdKtnOfoBDIPoy
25+
Rnb24NY4pOrptj1qo2O7uNILXuK7snKBgVL4QtyG3UdOuVmzw+KfDr5fL1DmitIw
26+
JcLgQPY3ImVZA0owtScTV2sza7p7hrQJb3tc+JmXO7jywRzcr051Yrx9MgSO53RY
27+
veghNUHJYT/k4w4SbrNw5nJvcvnYMFxQgme/fLHhds+UsyjtlGRHI1VI39uZzjn2
28+
y8pPMPE+UWybc1BHP0xUCbShbqHlT2NTN8E+WyRM6SwzDTXRWKe87JaJQ/BU4InM
29+
3Msa9rdveyJMFBYmsq+/ikOltjp4kYSv2eUg38eemaK2Vo4E+lV9Vh7mjRinF1GA
30+
6cu6C8VbhlEIVz2KlS+hc7asLO2KNMbZYVSQf+4ASsLoVH2SeFZ4jIydEVAfhbJx
31+
pV7SBCA1RpxXszJYCDf4A6w=
32+
-----END CERTIFICATE-----

test/tls.js

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,6 @@ describe('LDAP TLS', function() {
8989
base: 'dc=sample,dc=com',
9090
attrs: '*',
9191
validatecert: true,
92-
debug: false,
9392
ca: "test/certs/ca.crt"
9493
}, function(err) {
9594
assert.ifError(err);
@@ -110,4 +109,28 @@ describe('LDAP TLS', function() {
110109
});
111110
});
112111
});
112+
it ('Should not validate cert', function(done) {
113+
this.timeout(10000);
114+
const ldap = new LDAP({
115+
uri: 'ldap://localhost:1234',
116+
base: 'dc=sample,dc=com',
117+
attrs: '*',
118+
validatecert: true,
119+
ca: "test/certs/wrongca.crt"
120+
}, function(err) {
121+
assert.ifError(err);
122+
ldap.starttls(function(err) {
123+
assert.ifError(err);
124+
ldap.installtls();
125+
assert(ldap.tlsactive());
126+
ldap.search({
127+
filter: '(cn=babs)',
128+
scope: LDAP.SUBTREE
129+
}, function(err, res) {
130+
assert.ifError(!err);
131+
done();
132+
});
133+
});
134+
});
135+
});
113136
});

0 commit comments

Comments
 (0)