Add SANs specification arguments to pathod

2 files changed, 10 insertions, 2 deletions

diff --git a/libpathod/cmdline.py b/libpathod/cmdline.py
index 8399ea2e..a3b92649 100644
--- a/libpathod/cmdline.py
+++ b/libpathod/cmdline.py
@@ -297,7 +297,7 @@ def args_pathod(argv, stdout=sys.stdout, stderr=sys.stderr):
         may include a wildcard, and is equal to "*" if not specified. The file
         at path is a certificate in PEM format. If a private key is included in
         the PEM, it is used, else the default key in the conf dir is used. Can
-        be passed multiple times.'
+        be passed multiple times.
         """
     )
     group.add_argument(
@@ -305,6 +305,11 @@ def args_pathod(argv, stdout=sys.stdout, stderr=sys.stderr):
         help="SSL cipher specification"
     )
     group.add_argument(
+        "--sans", dest="sans", type=str, default="",
+        help="""Comma-separated list of subject Altnernate Names to add to
+        the server certificate."""
+    )
+    group.add_argument(
         "--sslversion", dest="sslversion", type=int, default=4,
         choices=[1, 2, 3, 4],
         help=""""Use a specified protocol - TLSv1, SSLv2, SSLv3, SSLv23. Default
@@ -340,6 +345,8 @@ def args_pathod(argv, stdout=sys.stdout, stderr=sys.stderr):
     )
     args = parser.parse_args(argv[1:])
 
+    args.sans = args.sans.split(",")
+
     certs = []
     for i in args.ssl_certs:
         parts = i.split("=", 1)
diff --git a/libpathod/pathod.py b/libpathod/pathod.py
index 457bdf61..de6bde3a 100644
--- a/libpathod/pathod.py
+++ b/libpathod/pathod.py
@@ -400,7 +400,8 @@ def main(args): # pragma: nocover
         not_after_connect = args.ssl_not_after_connect,
         ciphers = args.ciphers,
         sslversion = utils.SSLVERSIONS[args.sslversion],
-        certs = args.ssl_certs
+        certs = args.ssl_certs,
+        sans = args.sans
     )
 
     root = logging.getLogger()