From e182d24589b30935e796521ea0c2c69f0ee7233c Mon Sep 17 00:00:00 2001
From: "Kirill A. Korinsky" <kirill@korins.ky>
Date: Tue, 22 Apr 2025 00:36:39 +0200
Subject: tests: Fixed alt_names in test_tls_sni_same_alt

alt_names should be an array of strings, When it is just a string we end
up with an alt_names entry in openssl.cnf which contains:

  [ alt_names ]
  DNS.1 = s
  DNS.2 = a
  DNS.3 = m
  DNS.4 = e
  DNS.5 = .
  DNS.6 = a
  DNS.7 = l
  DNS.8 = t
  DNS.9 = n
  DNS.10 = a
  DNS.11 = m
  DNS.12 = e
  DNS.13 = .
  DNS.14 = c
  DNS.15 = o
  DNS.16 = m

This may or may not work depending on TLS library due to the '.''s.
I.e. OpenSSL accepts them LibreSSL doesn't and errors with

  62345808257024:error:22FFF077:X509 V3 routines:CRYPTO_internal:bad object:x509/x509_alt.c:707:name=DNS value='.'

What was much more likely intended was to end up with

  [ alt_names ]
  DNS.1 = same.altname.com

[ Tweaked commit message - Andrew ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
---
 test/test_tls_sni.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'test')

diff --git a/test/test_tls_sni.py b/test/test_tls_sni.py
index b2fc05c0..ac8274ca 100644
--- a/test/test_tls_sni.py
+++ b/test/test_tls_sni.py
@@ -255,8 +255,8 @@ def test_tls_sni_duplicated_bundle():
 
 def test_tls_sni_same_alt():
     bundles = {
-        "localhost": {"subj": "subj1", "alt_names": "same.altname.com"},
-        "example": {"subj": "subj2", "alt_names": "same.altname.com"},
+        "localhost": {"subj": "subj1", "alt_names": ["same.altname.com"]},
+        "example": {"subj": "subj2", "alt_names": ["same.altname.com"]},
     }
     ctx = config_bundles(bundles)
     add_tls(["localhost", "example"])
-- 
cgit