Make Kestrel config case-insensitive for certificates (#23268)

* Make Kestrel config case-insensitive for certificates * Move tests to ConfigurationReaderTests
2020-06-23 23:40:38 -07:00 · 2020-06-23 23:40:38 -07:00 · e34469482c
parent e73e3a84ae
commit e34469482c
2 changed files with 34 additions and 1 deletions
--- a/src/Servers/Kestrel/Core/src/Internal/ConfigurationReader.cs
+++ b/src/Servers/Kestrel/Core/src/Internal/ConfigurationReader.cs
@ -39,7 +39,7 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Core.Internal

        private IDictionary<string, CertificateConfig> ReadCertificates()
        {
-            var certificates = new Dictionary<string, CertificateConfig>(0);
+            var certificates = new Dictionary<string, CertificateConfig>(0, StringComparer.OrdinalIgnoreCase);

            var certificatesConfig = _configuration.GetSection(CertificatesKey).GetChildren();
            foreach (var certificateConfig in certificatesConfig)
--- a/src/Servers/Kestrel/Kestrel/test/ConfigurationReaderTests.cs
+++ b/src/Servers/Kestrel/Kestrel/test/ConfigurationReaderTests.cs
@ -68,6 +68,39 @@ namespace Microsoft.AspNetCore.Server.Kestrel.Tests
            Assert.True(storeCert.AllowInvalid);
        }

+        [Fact]
+        public void ReadCertificatesSection_IsCaseInsensitive()
+        {
+            var config = new ConfigurationBuilder().AddInMemoryCollection(new[]
+            {
+                new KeyValuePair<string, string>("Certificates:filecert:Path", "/path/cert.pfx"),
+                new KeyValuePair<string, string>("Certificates:FILECERT:Password", "certpassword"),
+            }).Build();
+            var reader = new ConfigurationReader(config);
+            var certificates = reader.Certificates;
+            Assert.NotNull(certificates);
+            Assert.Equal(1, certificates.Count);
+
+            var fileCert = certificates["FiLeCeRt"];
+            Assert.True(fileCert.IsFileCert);
+            Assert.False(fileCert.IsStoreCert);
+            Assert.Equal("/path/cert.pfx", fileCert.Path);
+            Assert.Equal("certpassword", fileCert.Password);
+        }
+
+        [Fact]
+        public void ReadCertificatesSection_ThrowsOnCaseInsensitiveDuplicate()
+        {
+            var exception = Assert.Throws<ArgumentException>(() => 
+                new ConfigurationBuilder().AddInMemoryCollection(new[]
+                {
+                    new KeyValuePair<string, string>("Certificates:filecert:Password", "certpassword"),
+                    new KeyValuePair<string, string>("Certificates:FILECERT:Password", "certpassword"),
+                }).Build());
+
+            Assert.Contains("An item with the same key has already been added", exception.Message);
+        }
+
        [Fact]
        public void ReadEndpointsWhenNoEndpointsSection_ReturnsEmptyCollection()
        {