From 37b5dbf6215fc1888399ddafe6de288e927f756d Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Feb 14 2017 20:02:35 +0000
Subject: Add IP.1 altname to generated certificates


This is needed because newer versions of python-requests verify that this is
correct.

Merges: #253
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Randy Barlow <randy@electronsweatshop.com>

---

diff --git a/tests/helpers/common.py b/tests/helpers/common.py
index ddefbcb..878fe12 100755
--- a/tests/helpers/common.py
+++ b/tests/helpers/common.py
@@ -124,8 +124,8 @@ policy = myca_policy
 [ myca_policy ]
 commonName = supplied
 [ alt_names ]
-[ alt_names ]
 DNS.1 = ${ENV::ADDR}
+IP.1 = ${ENV::IPADDR}
 [ myca_extensions ]
 subjectKeyIdentifier = hash
 subjectAltName = @alt_names
@@ -203,7 +203,15 @@ basicConstraints = CA:false""" % {'certdir': os.path.join(self.testdir,
                '-config', os.path.join(self.testdir, 'certs', 'openssl.conf'),
                '-in', '%s.csr' % certpath,
                '-out', certpath]
-        subprocess.check_call(cmd, env={'ADDR': addr})
+        ipaddr = addr
+        if not ipaddr.startswith('127.'):
+            # Lazy check whether this is a hostname (like in testnameid)
+            # Note: this IP address might not be correct, but if when the
+            # hostname is consistently used, that doesn't matter.
+            # We just set it to a known value to make sure openssl doesn't
+            # crash.
+            ipaddr = '127.0.0.10'
+        subprocess.check_call(cmd, env={'ADDR': addr, 'IPADDR': ipaddr})
 
     def setup_idp_server(self, profile, name, addr, port, env):
         http_conf_file = self.setup_http(name, addr, port)