Skip to content

Commit

Permalink
Fallback to fqdn vs IP and don't fail on ipv6 addresses
Browse files Browse the repository at this point in the history 
Filling in local hostname if a local IP can't be resolved seems like a
better fallback.
Revisiting 4231a52

Also ignoring errors when trying to look up a IPv6 address in a IPv4
subnet which will not work.

Referring to  juju#732
  • Loading branch information
Tilman Baumann committed Nov 29, 2022
1 parent 86bb28d commit 51ff29e
Showing 1 changed file with 14 additions and 4 deletions.
18 changes: 14 additions & 4 deletions charmhelpers/contrib/openstack/cert_utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

import os
import json
import socket
from base64 import b64decode

from charmhelpers.contrib.network.ip import (
Expand Down Expand Up @@ -86,11 +87,14 @@ def add_hostname_cn(self):
# If a vip is being used without os-hostname config or
# network spaces then we need to ensure the local units
# cert has the appropriate vip in the SAN list
vip = get_vip_in_network(resolve_network_cidr(ip))
try:
vip = get_vip_in_network(resolve_network_cidr(ip))
except:
vip = None
if vip:
addresses.append(vip)
self.hostname_entry = {
'cn': get_hostname(ip) or ip,
'cn': get_hostname(ip) or socket.getfqdn(),
'addresses': addresses}

def add_hostname_cn_ip(self, addresses):
Expand Down Expand Up @@ -156,7 +160,10 @@ def get_certificate_request(json_encode=True, bindings=None):
net_addr = None
ip = network_get_primary_address(binding)
addresses = [net_addr, ip]
vip = get_vip_in_network(resolve_network_cidr(ip))
try:
vip = get_vip_in_network(resolve_network_cidr(ip))
except:
vip = None
if vip:
addresses.append(vip)

Expand Down Expand Up @@ -217,7 +224,10 @@ def get_certificate_sans(bindings=None):
net_addr = None
ip = get_relation_ip(binding, cidr_network=net_config)
_sans = _sans + [net_addr, ip]
vip = get_vip_in_network(resolve_network_cidr(ip))
try:
vip = get_vip_in_network(resolve_network_cidr(ip))
except:
vip = None
if vip:
_sans.append(vip)
# Clear any Nones and duplicates
Expand Down

0 comments on commit 51ff29e

Please sign in to comment.