Fails with TLS and certificates containing IPv6 addresses

[mattiash]

I setup https-servers that have TLS certificates that include the ipv6-address of the server. This does currently not work with the https-implementation in node. I have filed an issue with the node project about this (nodejs/node#14736) and I have also submitted a PR for fixing this in node that will hopefully be accepted soon.

I have now found the same bug in the agentkeepalive library. The code contains the following lines:

    const hostHeader = req.getHeader('host');
    if (hostHeader) {
      options.servername = hostHeader.replace(/:.*$/, '');
    }

This does not work when the host-header has the value [::1]:3000

I have written a test-case for this at https://github.com/mattiash/test-checkServerIdentity With the latest node (without my patch) the test-case fails for both plain node and agentkeepalive

Test 1 failed: Shall connect to ::1. Error:  Host: [. is not in the cert's altnames: IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1
Test 3 failed: Shall connect to ::1 with keepaliveagent. Error:  IP: ::1 is not in the cert's list: 127.0.0.1, 0:0:0:0:0:0:0:1
Test 4 ok: Shall connect to 127.0.0.1 with keepaliveagent
Test 2 ok: Shall connect to 127.0.0.1

With a patched node, it only fails with agentkeepalive:

Test 3 failed: Shall connect to ::1 with keepaliveagent. Error:  Host: [. is not in the cert's altnames: IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1
Test 1 ok: Shall connect to ::1
Test 4 ok: Shall connect to 127.0.0.1 with keepaliveagent
Test 2 ok: Shall connect to 127.0.0.1

I will post a PR soon that resolves the problem in agentkeepalive as well.

[mattiash]

PR #53 has been merged, so this issue is resolved.