diff options
| author | root <root@dmc259.mc.wgenhq.net> | 2010-11-05 17:25:10 -0400 |
|---|---|---|
| committer | root <root@dmc259.mc.wgenhq.net> | 2010-11-05 17:25:10 -0400 |
| commit | a1a0321602585314375d0577516fb012e27f2c59 (patch) | |
| tree | b666c34cf4e5060d0cc92629917c14ada8b563c6 /src/lib/Server/Plugins/SSLCA.py | |
| parent | 3d10ec2113ab4df5e93419a83129f5820cfa2644 (diff) | |
| download | bcfg2-a1a0321602585314375d0577516fb012e27f2c59.tar.gz bcfg2-a1a0321602585314375d0577516fb012e27f2c59.tar.bz2 bcfg2-a1a0321602585314375d0577516fb012e27f2c59.zip | |
fixed needless syntax error bug i checked int ealier. Also ensured that the hostname gets added to any subjectAltNames so that the cert will work for the hostname as well as aliases
Diffstat (limited to 'src/lib/Server/Plugins/SSLCA.py')
| -rw-r--r-- | src/lib/Server/Plugins/SSLCA.py | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/Server/Plugins/SSLCA.py b/src/lib/Server/Plugins/SSLCA.py index a9986d284..0dc448e69 100644 --- a/src/lib/Server/Plugins/SSLCA.py +++ b/src/lib/Server/Plugins/SSLCA.py @@ -159,7 +159,7 @@ class SSLCA(Bcfg2.Server.Plugin.GroupSpool): cert = self.data + filename cmd = "openssl verify -CAfile %s %s" % (chaincert, cert) res = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT).stdout.read() - if res == cert + ": OK\n" + if res == cert + ": OK\n": return True return False @@ -213,8 +213,10 @@ class SSLCA(Bcfg2.Server.Plugin.GroupSpool): for key in defaults[section]: cp.set(section, key, defaults[section][key]) x = 1 - for alias in metadata.aliases: - cp.set('alt_names', 'DNS.'+str(x), alias) + altnames = list(metadata.aliases) + altnames.append(metadata.hostname) + for altname in altnames: + cp.set('alt_names', 'DNS.'+str(x), altname) x += 1 for item in ['C', 'L', 'ST', 'O', 'OU', 'emailAddress']: if self.cert_specs[entry.get('name')][item]: |