trim newlines from default keynames

2022-01-31 19:33:44 -05:00
parent 69ef8a0344
commit 7fefd783b2
3 changed files with 17 additions and 4 deletions
--- a/cmd/reseed.go
+++ b/cmd/reseed.go
@@ -32,11 +32,11 @@ func getDefaultSigner() string {
 	if intentionalsigner == "" {
 		adminsigner := os.Getenv("MAILTO")
 		if adminsigner != "" {
-			return adminsigner
+			return strings.Replace(adminsigner, "\n", "", -1)
 		}
 		return ""
 	}
-	return intentionalsigner
+	return strings.Replace(intentionalsigner, "\n", "", -1)
 }

 func getHostName() string {
@@ -44,7 +44,7 @@ func getHostName() string {
 	if hostname == "" {
 		hostname, _ = os.Hostname()
 	}
-	return hostname
+	return strings.Replace(hostname, "\n", "", -1)
 }

 func NewReseedCommand() cli.Command {
--- a/cmd/utils.go
+++ b/cmd/utils.go
@@ -347,6 +347,10 @@ func createSigningCertificate(signerID string) error {
 }

 func createTLSCertificate(host string) error {
+	return CreateTLSCertificate(host)
+}
+
+func CreateTLSCertificate(host string) error {
 	fmt.Println("Generating TLS keys. This may take a minute...")
 	priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
 	if err != nil {
--- a/reseed/utils.go
+++ b/reseed/utils.go
@@ -34,8 +34,16 @@ func SignerFilename(signer string) string {
 }

 func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
+	return NewTLSCertificateAltNames(priv, host)
+}
+
+func NewTLSCertificateAltNames(priv *ecdsa.PrivateKey, hosts ...string) ([]byte, error) {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(5 * 365 * 24 * time.Hour)
+	host := ""
+	if len(hosts) > 0 {
+		host = hosts[0]
+	}

 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
@@ -61,9 +69,10 @@ func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
 		BasicConstraintsValid: true,
 		IsCA:                  true,
+		DNSNames:              hosts[1:],
 	}

-	hosts := strings.Split(host, ",")
+	hosts = strings.Split(host, ",")
 	for _, h := range hosts {
 		if ip := net.ParseIP(h); ip != nil {
 			template.IPAddresses = append(template.IPAddresses, ip)