Skip to content

Commit

Permalink
Merge pull request #164 from gardener/fix/update-entry-cn64
Browse files Browse the repository at this point in the history
Fix updateEntry for first domain len > 64
  • Loading branch information
MartinWeindel authored Mar 6, 2024
2 parents 3ff6269 + 4c34a12 commit 226baf5
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 6 deletions.
9 changes: 7 additions & 2 deletions pkg/cert/source/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -397,8 +397,13 @@ func (r *sourceReconciler) updateEntry(logger logger.LogContext, info CertInfo,
var cn *string
var dnsNames []string
if len(info.Domains) > 0 {
cn = &info.Domains[0]
dnsNames = info.Domains[1:]
if len(info.Domains[0]) <= 64 {
cn = &info.Domains[0]
dnsNames = info.Domains[1:]
} else {
cn = nil
dnsNames = info.Domains
}
}

mod.AssureStringPtrPtr(&spec.CommonName, cn)
Expand Down
8 changes: 4 additions & 4 deletions pkg/controller/issuer/certificate/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -771,10 +771,10 @@ func (r *certReconciler) buildSpecNewHash(spec *api.CertificateSpec, issuerKey u
if spec.CommonName != nil {
h.Write([]byte(*spec.CommonName))
h.Write([]byte{0})
for _, domain := range spec.DNSNames {
h.Write([]byte(domain))
h.Write([]byte{0})
}
}
for _, domain := range spec.DNSNames {
h.Write([]byte(domain))
h.Write([]byte{0})
}
if spec.CSR != nil {
h.Write([]byte{0})
Expand Down

0 comments on commit 226baf5

Please sign in to comment.