1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

Add servername option to TLS config node for SNI

This commit is contained in:
Nick O'Leary 2018-07-10 23:24:32 +01:00
parent 49da324c5d
commit 54d9656f09
No known key found for this signature in database
GPG Key ID: 4F2157149161A6C9
3 changed files with 14 additions and 2 deletions

View File

@ -63,6 +63,11 @@
<input type="checkbox" id="node-config-input-verifyservercert" style="display: inline-block; width: auto; vertical-align: top;"> <input type="checkbox" id="node-config-input-verifyservercert" style="display: inline-block; width: auto; vertical-align: top;">
<label for="node-config-input-verifyservercert" style="width: calc(100% - 170px);" data-i18n="tls.label.verify-server-cert"></label> <label for="node-config-input-verifyservercert" style="width: calc(100% - 170px);" data-i18n="tls.label.verify-server-cert"></label>
</div> </div>
<div class="form-row">
<label style="width: 120px;" for="node-config-input-servername"><i class="fa fa-server"></i> <span data-i18n="tls.label.servername"></span></label>
<input style="width: calc(100% - 170px);" type="text" id="node-config-input-servername" data-i18n="[placeholder]tls.placeholder.servername">
</div>
<hr>
<div class="form-row"> <div class="form-row">
<label style="width: 120px;" for="node-config-input-name"><i class="fa fa-tag"></i> <span data-i18n="common.label.name"></span></label> <label style="width: 120px;" for="node-config-input-name"><i class="fa fa-tag"></i> <span data-i18n="common.label.name"></span></label>
<input style="width: calc(100% - 170px);" type="text" id="node-config-input-name" data-i18n="[placeholder]common.label.name"> <input style="width: calc(100% - 170px);" type="text" id="node-config-input-name" data-i18n="[placeholder]common.label.name">
@ -96,6 +101,7 @@
certname: {value:""}, certname: {value:""},
keyname: {value:""}, keyname: {value:""},
caname: {value:""}, caname: {value:""},
servername: {value:""},
verifyservercert: {value: true} verifyservercert: {value: true}
}, },
credentials: { credentials: {

View File

@ -25,6 +25,7 @@ module.exports = function(RED) {
var certPath = n.cert.trim(); var certPath = n.cert.trim();
var keyPath = n.key.trim(); var keyPath = n.key.trim();
var caPath = n.ca.trim(); var caPath = n.ca.trim();
this.servername = (n.servername||"").trim();
if ((certPath.length > 0) || (keyPath.length > 0)) { if ((certPath.length > 0) || (keyPath.length > 0)) {
@ -102,6 +103,9 @@ module.exports = function(RED) {
if (this.credentials && this.credentials.passphrase) { if (this.credentials && this.credentials.passphrase) {
opts.passphrase = this.credentials.passphrase; opts.passphrase = this.credentials.passphrase;
} }
if (this.servername) {
opts.servername = this.servername;
}
opts.rejectUnauthorized = this.verifyservercert; opts.rejectUnauthorized = this.verifyservercert;
} }
return opts; return opts;

View File

@ -153,13 +153,15 @@
"key": "Private Key", "key": "Private Key",
"passphrase": "Passphrase", "passphrase": "Passphrase",
"ca": "CA Certificate", "ca": "CA Certificate",
"verify-server-cert":"Verify server certificate" "verify-server-cert":"Verify server certificate",
"servername": "Server Name"
}, },
"placeholder": { "placeholder": {
"cert":"path to certificate (PEM format)", "cert":"path to certificate (PEM format)",
"key":"path to private key (PEM format)", "key":"path to private key (PEM format)",
"ca":"path to CA certificate (PEM format)", "ca":"path to CA certificate (PEM format)",
"passphrase":"private key passphrase (optional)" "passphrase":"private key passphrase (optional)",
"servername":"for use with SNI"
}, },
"error": { "error": {
"missing-file": "No certificate/key file provided" "missing-file": "No certificate/key file provided"