Fixed parsing of caFile & caString

Added test for multiple ca's in caFile

acceptance.sh

@@ -7,5 +7,6 @@ acceptance/tests/testAuthProxy.sh &&
 acceptance/tests/testEnvVars.sh &&
 acceptance/tests/testStrictSSL.sh &&
 acceptance/tests/testCAFile.sh &&
-acceptance/tests/testCAString.sh &&
+acceptance/tests/testCAMultiFile.sh &&
+acceptance/tests/testCAString.sh
 acceptance/tests/test32.sh

acceptance/support/keys/multi-ca.crt

@@ -0,0 +1,48 @@
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIJANSQQyljKhqiMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV
+BAYTAlVLMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRvbjEeMBwGA1UE
+ChMVbm9kZS1zYXVjZS1jb25uZWN0LWNhMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcN
+MTcxMDIyMTMyMTUxWhcNNDIxMDIyMTMyMTUxWjBjMQswCQYDVQQGEwJVSzEPMA0G
+A1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xHjAcBgNVBAoTFW5vZGUtc2F1
+Y2UtY29ubmVjdC1jYTESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA0nQey37BhKeyg2zhr5i9Wd0/O7FYcQROYjZgjTsx
+koPm8WzREqn1YPnVPgS2Qsqg4IqWhEKhGCQeAN7bb9zE5LsWL2ynTfTUuWr1GEyl
+3GHKOQsE7nafYVYPqjwZL9RbF0rl0/SJM+ACiXJHK/6nlp5qM17q9r9ukvMfcS5H
+ZHc6hIleDhd4ddqinZTZLtVNaT/2fCUaCJooUy2v4UW51aWZK8K+04YiD1o8BBeG
+lOjLTew70M9HtzM3tkEr7tTGqgSKfgQKmvSVPi5CoJ27F8CVbj/On/q8PftwrhyV
+zvr2RJTz2ryTaH5hIY+qbpVWeMYz1E1abl1POk+brUYWdQIDAQABo4HIMIHFMB0G
+A1UdDgQWBBR/5UKbMyYJBLtVLpTvAIFHtCHYcDCBlQYDVR0jBIGNMIGKgBR/5UKb
+MyYJBLtVLpTvAIFHtCHYcKFnpGUwYzELMAkGA1UEBhMCVUsxDzANBgNVBAgTBkxv
+bmRvbjEPMA0GA1UEBxMGTG9uZG9uMR4wHAYDVQQKExVub2RlLXNhdWNlLWNvbm5l
+Y3QtY2ExEjAQBgNVBAMTCWxvY2FsaG9zdIIJANSQQyljKhqiMAwGA1UdEwQFMAMB
+Af8wDQYJKoZIhvcNAQEFBQADggEBAMgEhFIvYGncyNUov/BUuIBfSyaNryTc2DH6
++KHQelc00IobgvUQndb3z2It0cIHJ91+LzklwxJIwzYPm47pfBTzXOb0Xu44ngGn
+K1P++mp50SjCK2JaVBU0K5evx92RMj5d2ldp54udSYg1PT/HJBvqBXz+XT/LElDC
+Id1yWeaarI/7Z4Qn+rOYlhbamuY2RzQJcCHCBWDafKKQYGE0ZqHJkR+ovnp07JpB
+H3qoRgYYAdwdfZ1ydqJvymG6kMZ1JCsdAiJXeRzzI8Q0U/QHAwrqoeFO+HTSHOsC
+ulDfH78oUNqN3xOAOEZerX68Kc9unDyuVGDunldUPc62+OH+OuM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIJANSQQyljKhqiMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV
+BAYTAlVLMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRvbjEeMBwGA1UE
+ChMVbm9kZS1zYXVjZS1jb25uZWN0LWNhMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcN
+MTcxMDIyMTMyMTUxWhcNNDIxMDIyMTMyMTUxWjBjMQswCQYDVQQGEwJVSzEPMA0G
+A1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xHjAcBgNVBAoTFW5vZGUtc2F1
+Y2UtY29ubmVjdC1jYTESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA0nQey37BhKeyg2zhr5i9Wd0/O7FYcQROYjZgjTsx
+koPm8WzREqn1YPnVPgS2Qsqg4IqWhEKhGCQeAN7bb9zE5LsWL2ynTfTUuWr1GEyl
+3GHKOQsE7nafYVYPqjwZL9RbF0rl0/SJM+ACiXJHK/6nlp5qM17q9r9ukvMfcS5H
+ZHc6hIleDhd4ddqinZTZLtVNaT/2fCUaCJooUy2v4UW51aWZK8K+04YiD1o8BBeG
+lOjLTew70M9HtzM3tkEr7tTGqgSKfgQKmvSVPi5CoJ27F8CVbj/On/q8PftwrhyV
+zvr2RJTz2ryTaH5hIY+qbpVWeMYz1E1abl1POk+brUYWdQIDAQABo4HIMIHFMB0G
+A1UdDgQWBBR/5UKbMyYJBLtVLpTvAIFHtCHYcDCBlQYDVR0jBIGNMIGKgBR/5UKb
+MyYJBLtVLpTvAIFHtCHYcKFnpGUwYzELMAkGA1UEBhMCVUsxDzANBgNVBAgTBkxv
+bmRvbjEPMA0GA1UEBxMGTG9uZG9uMR4wHAYDVQQKExVub2RlLXNhdWNlLWNvbm5l
+Y3QtY2ExEjAQBgNVBAMTCWxvY2FsaG9zdIIJANSQQyljKhqiMAwGA1UdEwQFMAMB
+Af8wDQYJKoZIhvcNAQEFBQADggEBAMgEhFIvYGncyNUov/BUuIBfSyaNryTc2DH6
++KHQelc00IobgvUQndb3z2It0cIHJ91+LzklwxJIwzYPm47pfBTzXOb0Xu44ngGn
+K1P++mp50SjCK2JaVBU0K5evx92RMj5d2ldp54udSYg1PT/HJBvqBXz+XT/LElDC
+Id1yWeaarI/7Z4Qn+rOYlhbamuY2RzQJcCHCBWDafKKQYGE0ZqHJkR+ovnp07JpB
+H3qoRgYYAdwdfZ1ydqJvymG6kMZ1JCsdAiJXeRzzI8Q0U/QHAwrqoeFO+HTSHOsC
+ulDfH78oUNqN3xOAOEZerX68Kc9unDyuVGDunldUPc62+OH+OuM=
+-----END CERTIFICATE-----

acceptance/tests/testCAMultiFile.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+# remove old sauce connect
+rm ./lib/sc
+
+# start proxy in bg
+node ./acceptance/support/self-signed-https-server.js &
+
+SSL_PROXY_PID=$!
+
+echo "SSL reverse proxy started on 8081 PID: ${SSL_PROXY_PID}"
+
+export SAUCECONNECT_CDNURL=https://localhost:8081/downloads
+npm config set cafile=./acceptance/support/keys/multi-ca.crt
+
+# install sc
+npm install
+
+unset SAUCECONNECT_CDNURL
+npm config rm cafile
+
+# test
+./acceptance/tests/test.sh
+
+# ps -p Checks if the process is still running. If it is it returns 0,
+# otherwise it returns 1
+ps -p $SSL_PROXY_PID > /dev/null
+SSL_PROXY_TASK_RUNNING=$?
+
+# check if the process is still running by examining the exit code of ps -p
+CA_FILE_TEST_RESULT=1
+
+if [ $SSL_PROXY_TASK_RUNNING -eq 1 ]; then
+  # not running, so has been hit.
+  echo "SSL proxy finished, test passed"
+  CA_FILE_TEST_RESULT=0
+else
+  echo "SSL proxy not finished, test failed"
+  kill $SSL_PROXY_PID
+fi
+
+exit $CA_FILE_TEST_RESULT

acceptance/tests/testCAString.sh

@@ -14,7 +14,7 @@ export SAUCECONNECT_CDNURL=https://localhost:8081/downloads
 CA_STRING=$(awk '{printf "%s\\n", $0}' ./acceptance/support/keys/ca.crt)
 
 # write to .npmrc as bash parses newlines
-echo ca=$CA_STRING >> .npmrc
+echo ca=\"$CA_STRING\" > .npmrc
 
 # install sc
 npm install

lib/httpsRequest.js

@@ -16,23 +16,20 @@ function create(strictSSL, caFile, caString) {
     }
 
     ca = fs.readFileSync(caFile, { encoding: 'utf8' });
+    ca = ca.match(/(-----BEGIN CERTIFICATE-----[\S\s]*?-----END CERTIFICATE-----)/g);
 
   } else if (ca) {
 
-    if (ca.match(/^"[\s\S]*"$/)) {
-      try {
-        ca = JSON.parse(ca.trim());
-      } catch (e) {
-        throw new Error('Failed parsing ca string');
-      }
+    try {
+      ca = JSON.parse(ca.trim());
+    } catch (e) {
+      throw new Error('Failed parsing ca string');
     }
 
   }
 
   if (ca) {
 
-    ca = ca.match(/(-----BEGIN CERTIFICATE-----[\S\s]*?-----END CERTIFICATE-----)/g);
-
     options.agentOptions = {
       ca: ca
     };

tests/httpsRequest.test.js

@@ -22,7 +22,7 @@ describe('httpsRequest.js', function () {
     var cert2Newlines = cert2.replace(/\n/g, '\\n');
     var cert1Env = '"' + cert1Newlines + '"';
     var cert2Env = '"' + cert2Newlines + '"';
-    var cert1Cert2Env = '"' + cert1Newlines + '\\n' + cert2Newlines + '"';
+    var cert1Cert2Env = '["' + cert1Newlines + '","' + cert2Newlines + '"]';
     var cert1Parsed = JSON.parse(cert1Env).trim();
     var cert2Parsed = JSON.parse(cert2Env).trim();
 
@@ -70,10 +70,10 @@ describe('httpsRequest.js', function () {
       httpsRequest.create('true', '', cert1Env);
 
       expect(request.defaults).to.have.been.calledWith({
-        ca: [cert1Parsed],
+        ca: cert1Parsed,
         strictSSL: true,
         agentOptions: {
-          ca: [cert1Parsed]
+          ca: cert1Parsed
         }
       });
 
@@ -84,10 +84,10 @@ describe('httpsRequest.js', function () {
       httpsRequest.create('true', '', cert1Env);
 
       expect(request.defaults).to.have.been.calledWith({
-        ca: [cert1Parsed],
+        ca: cert1Parsed,
         strictSSL: true,
         agentOptions: {
-          ca: [cert1Parsed]
+          ca: cert1Parsed
         }
       });
 
@@ -112,10 +112,10 @@ describe('httpsRequest.js', function () {
       httpsRequest.create('', '', cert1Env);
 
       expect(request.defaults).to.have.been.calledWith({
-        ca: [cert1Parsed],
+        ca: cert1Parsed,
         strictSSL: false,
         agentOptions: {
-          ca: [cert1Parsed]
+          ca: cert1Parsed
         }
       });
 
@@ -155,13 +155,13 @@ describe('httpsRequest.js', function () {
 
     it('should give ca param precedence over caFile param', function () {
 
-      httpsRequest.create('true', crtFile, cert2);
+      httpsRequest.create('true', crtFile, cert2Env);
 
       expect(request.defaults).to.have.been.calledWith({
-        ca: [cert2],
+        ca: cert2,
         strictSSL: true,
         agentOptions: {
-          ca: [cert2]
+          ca: cert2
         }
       });