From 713f1d633ed01dc9425a1df6c8c7c2c0dff164d4 Mon Sep 17 00:00:00 2001
From: Richard Bonhomme <tincanteksup@gmail.com>
Date: Mon, 10 Jun 2019 20:13:59 +0100
Subject: [PATCH] Default SAN for serverClient, additional op_test

Signed-off-by: Richard Bonhomme <tincanteksup@gmail.com>
---
 easyrsa3/easyrsa |  2 +-
 op_test.sh       | 14 +++++++++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index eba0e11..857e8ef 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -849,7 +849,7 @@ $(display_dn req "$req_in")
 
 		# If type is server and no subjectAltName was requested,
 		# add one to the extensions file
-		if [ "$crt_type" = 'server' ];
+		if [ "$crt_type" = 'server' -o "$crt_type" = 'serverClient' ];
 		then
 			echo "$EASYRSA_EXTRA_EXTS" |
 				grep -q subjectAltName ||
diff --git a/op_test.sh b/op_test.sh
index b78a66e..14bbc70 100755
--- a/op_test.sh
+++ b/op_test.sh
@@ -372,7 +372,7 @@ build_full ()
 build_san_full ()
 {
 	newline 1
-	STEP_NAME="--subject-alt-name=DNS:www.example.org,IP:0.0.0.0 build-server-full $REQ_name nopass"
+	STEP_NAME="--subject-alt-name=DNS:www.example.org,IP:0.0.0.0 build-$REQ_type-full $REQ_name nopass"
 	action
 	secure_key
 }
@@ -491,6 +491,18 @@ create_pki ()
 	REQ_name="s03"
 	build_full
 	show_cert
+	wait_sec 3
+	renew_cert
+	show_cert
+	revoke_cert
+
+	REQ_type="serverClient"
+	REQ_name="s04"
+	build_san_full
+	show_cert
+	wait_sec 3
+	renew_cert
+	show_cert
 	revoke_cert
 
 	REQ_type="client"