Index: chrome/browser/chromeos/login/test/https_forwarder.py |
diff --git a/chrome/browser/chromeos/login/test/https_forwarder.py b/chrome/browser/chromeos/login/test/https_forwarder.py |
index e68bcca41758bb7be2e3a84386fa550def9376dd..6578871776ef738379b2cf7bcb5b7d5c161efc11 100644 |
--- a/chrome/browser/chromeos/login/test/https_forwarder.py |
+++ b/chrome/browser/chromeos/login/test/https_forwarder.py |
@@ -9,6 +9,7 @@ server that supports http only to be accessed over https. |
import BaseHTTPServer |
import minica |
import re |
+import socket |
import SocketServer |
import sys |
import urllib2 |
@@ -161,9 +162,32 @@ class ServerRunner(testserver_base.TestServerRunner): |
host = self.options.host |
ssl_host = self.options.ssl_host |
+ # Allow |ssl_host| to be an IP address or a domain name, and ensure |
+ # it gets added as the appropriate subjectAltName of the generated |
+ # certificate. |
+ dns_sans = None |
+ ip_sans = None |
+ ip = None |
+ if ip is None: |
+ try: |
+ ip = socket.inet_pton(socket.AF_INET, ssl_host) |
+ ip_sans = [ip] |
+ except socket.error: |
+ pass |
+ if ip is None: |
+ try: |
+ ip = socket.inet_pton(socket.AF_INET6, ssl_host) |
+ ip_sans = [ip] |
+ except socket.error: |
+ pass |
+ if ip is None: |
+ dns_sans = [ssl_host] |
+ |
(pem_cert_and_key, ocsp_der) = minica.GenerateCertKeyAndOCSP( |
subject = self.options.ssl_host, |
- ocsp_url = None) |
+ ocsp_url = None, |
+ ip_sans = ip_sans, |
+ dns_sans = dns_sans) |
server = MultiThreadedHTTPSServer((host, port), |
RequestForwarder, |