limited opened a new pull request #4998:
URL: https://github.com/apache/trafficcontrol/pull/4998
## What does this PR (Pull Request) do?
When validating the certificate subject name against the sslkeys hostname,
TR did not properly parse Subject Alternate Names. Specifically TR assumes all
subject names were contained on the Common Name (CN) line and attempted to
strip off the remainder of subject before removing the wildcard.
On subject alternate names, there is no CN= delimiter and the wildcard
removal was failing.
- [x] This PR is not related to any Issue
## Which Traffic Control components are affected by this PR?
- Traffic Router
- NO Docs (just a bugfix)
## What is the best way to verify this PR?
- Run automated unit tests, specifically CertificateDataConverterTest
## The following criteria are ALL met by this PR
- [x] This PR includes tests
- [x] I have explained why documentation is unnecessary
- [x] This PR includes an update to CHANGELOG.md
- [x] This PR includes any and all required license headers
- [x] This PR does not include a database migration
- [x] This PR **DOES NOT FIX A SERIOUS SECURITY VULNERABILITY** (see [the
Apache Software Foundation's security
guidelines](https://www.apache.org/security/) for details)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
