Make Kestrel config case-insensitive for certificates (dotnet#23268)

wtgodbe · web-flow · commit e34469482c64 · 2020-06-24T06:40:38.000Z
* Make Kestrel config case-insensitive for certificates

* Move tests to ConfigurationReaderTests
diff --git a/src/Servers/Kestrel/Core/src/Internal/ConfigurationReader.cs b/src/Servers/Kestrel/Core/src/Internal/ConfigurationReader.cs
@@ -39,7 +39,7 @@ public ConfigurationReader(IConfiguration configuration)
 
         private IDictionary<string, CertificateConfig> ReadCertificates()
         {
-            var certificates = new Dictionary<string, CertificateConfig>(0);
+            var certificates = new Dictionary<string, CertificateConfig>(0, StringComparer.OrdinalIgnoreCase);
 
             var certificatesConfig = _configuration.GetSection(CertificatesKey).GetChildren();
             foreach (var certificateConfig in certificatesConfig)
diff --git a/src/Servers/Kestrel/Kestrel/test/ConfigurationReaderTests.cs b/src/Servers/Kestrel/Kestrel/test/ConfigurationReaderTests.cs
@@ -68,6 +68,39 @@ public void ReadCertificatesSection_ReturnsCollection()
             Assert.True(storeCert.AllowInvalid);
         }
 
+        [Fact]
+        public void ReadCertificatesSection_IsCaseInsensitive()
+        {
+            var config = new ConfigurationBuilder().AddInMemoryCollection(new[]
+            {
+                new KeyValuePair<string, string>("Certificates:filecert:Path", "/path/cert.pfx"),
+                new KeyValuePair<string, string>("Certificates:FILECERT:Password", "certpassword"),
+            }).Build();
+            var reader = new ConfigurationReader(config);
+            var certificates = reader.Certificates;
+            Assert.NotNull(certificates);
+            Assert.Equal(1, certificates.Count);
+
+            var fileCert = certificates["FiLeCeRt"];
+            Assert.True(fileCert.IsFileCert);
+            Assert.False(fileCert.IsStoreCert);
+            Assert.Equal("/path/cert.pfx", fileCert.Path);
+            Assert.Equal("certpassword", fileCert.Password);
+        }
+
+        [Fact]
+        public void ReadCertificatesSection_ThrowsOnCaseInsensitiveDuplicate()
+        {
+            var exception = Assert.Throws<ArgumentException>(() => 
+                new ConfigurationBuilder().AddInMemoryCollection(new[]
+                {
+                    new KeyValuePair<string, string>("Certificates:filecert:Password", "certpassword"),
+                    new KeyValuePair<string, string>("Certificates:FILECERT:Password", "certpassword"),
+                }).Build());
+
+            Assert.Contains("An item with the same key has already been added", exception.Message);
+        }
+
         [Fact]
         public void ReadEndpointsWhenNoEndpointsSection_ReturnsEmptyCollection()
         {

Original file line number	Diff line number	Diff line change
`@@ -39,7 +39,7 @@ public ConfigurationReader(IConfiguration configuration)`
`39`	`39`
`40`	`40`	`private IDictionary<string, CertificateConfig> ReadCertificates()`
`41`	`41`	`{`
`42`		`- var certificates = new Dictionary<string, CertificateConfig>(0);`
	`42`	`+ var certificates = new Dictionary<string, CertificateConfig>(0, StringComparer.OrdinalIgnoreCase);`
`43`	`43`
`44`	`44`	`var certificatesConfig = _configuration.GetSection(CertificatesKey).GetChildren();`
`45`	`45`	`foreach (var certificateConfig in certificatesConfig)`