git-echo/linux_patch_manager
Private
Public Access
1
0
Fork 0
Code Releases 8 Wiki Activity

fix(ca): strip CIDR netmask from IP before adding to server cert SANs
All checks were successful
CI Pipeline / Rust Format Check (push) Successful in 4s
Details
CI Pipeline / Clippy Lints (push) Successful in 52s
Details
CI Pipeline / Rust Unit Tests (push) Successful in 1m12s
Details
CI Pipeline / Security Audit (push) Successful in 4s
Details
CI Pipeline / Frontend Lint & Type Check (push) Successful in 14s
Details
CI Pipeline / Build .deb & Release (push) Has been skipped
Details

Browse Source
This commit is contained in:
Echo
2026-05-18 16:19:39 +00:00
parent d326b25203
commit b3ae42215b
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates/pm-ca/src/ca.rs
View File

@ -351,7 +351,9 @@ impl CertAuthority {
let mut sans = vec![SanType::DnsName( let mut sans = vec![SanType::DnsName(
Ia5String::try_from(hostname.to_owned()).context("hostname is not valid IA5")?, Ia5String::try_from(hostname.to_owned()).context("hostname is not valid IA5")?,
)]; )];
if let Ok(ip) = ip_address.parse::<IpAddr>() { // Strip CIDR netmask (e.g. "192.168.3.36/32") before parsing
let ip_str = ip_address.split('/').next().unwrap_or(ip_address);
if let Ok(ip) = ip_str.parse::<IpAddr>() {
sans.push(SanType::IpAddress(ip)); sans.push(SanType::IpAddress(ip));
} else { } else {
tracing::warn!( tracing::warn!(