Allow IP-based subject alt names ... even when no other subject alt names provided Previously, a non-voting job in barbican's gate would fail with something like X509 V3 routines:X509V3_parse_list:invalid null name:v3_utl.c:319: X509 V3 routines:DO_EXT_NCONF:invalid extension string:v3_conf.c:140:name=subjectAltName,section=DNS:pykmip-server,,IP:198.72.124.103 X509 V3 routines:X509V3_EXT_nconf:error in extension:v3_conf.c:95:name=subjectAltName, value=DNS:pykmip-server,,IP:198.72.124.103 because we'd have an invalid empty string. Change-Id: I5459b8976539924cd6cc6c1e681b6753a76b804c

commit: 0137703825ea5f493e7486e19c2d83b328ca2998 [log] [tgz]
author: Tim Burke <tim.burke@gmail.com> Fri Nov 30 14:40:12 2018 -0800
committer: Tim Burke <tim.burke@gmail.com> Fri Nov 30 14:40:12 2018 -0800
tree: f93bffbe8e8f891be85ffabd188d61b126d1b7e4
parent: 78a564bb0304b6f930e1491e7e116a0a0f6d9ab6 [diff] [blame]
diff --git a/lib/tls b/lib/tls
index 217f40e..9b55099 100644
--- a/lib/tls
+++ b/lib/tls

@@ -252,7 +252,11 @@
 
     if [ "$common_name" != "$SERVICE_HOST" ]; then
         if is_ipv4_address "$SERVICE_HOST" ; then
-            alt_names="$alt_names,IP:$SERVICE_HOST"
+            if [[ -z "$alt_names" ]]; then
+                alt_names="IP:$SERVICE_HOST"
+            else
+                alt_names="$alt_names,IP:$SERVICE_HOST"
+            fi
         fi
     fi
commit	0137703825ea5f493e7486e19c2d83b328ca2998	[log] [tgz]
author	Tim Burke <tim.burke@gmail.com>	Fri Nov 30 14:40:12 2018 -0800
committer	Tim Burke <tim.burke@gmail.com>	Fri Nov 30 14:40:12 2018 -0800
tree	f93bffbe8e8f891be85ffabd188d61b126d1b7e4
parent	78a564bb0304b6f930e1491e7e116a0a0f6d9ab6 [diff] [blame]