add a method to collect the DNS names from a certificate #6
Conversation
Codecov Report
@@ Coverage Diff @@
## main #6 +/- ##
==========================================
+ Coverage 74.60% 76.86% +2.25%
==========================================
Files 19 19
Lines 1788 1962 +174
==========================================
+ Hits 1334 1508 +174
Misses 454 454
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
| /// `WildcardDnsName` stores a copy of the input it was constructed from in a `String` | ||
| /// and so it is only available when the `alloc` default feature is enabled. | ||
| /// | ||
| /// `Eq`, `PartialEq`, etc. are not implemented because name comparison |
There was a problem hiding this comment.
Drive-by: This comment doesn't match the derive below?
| #[cfg(feature = "alloc")] | ||
| pub fn list_cert_dns_names<'names>( | ||
| cert: &'names crate::EndEntityCert<'names>, | ||
| ) -> Result<Vec<GeneralDnsNameRef<'names>>, Error> { |
There was a problem hiding this comment.
How hard would it be to rewire this to return an impl Iterator instead?
There was a problem hiding this comment.
it certainly could be rewritten to return impl Iterator --- I wanted to start by coping the original diff from upstream exactly, but would be happy to revise.
|
@hawkw 👋 gentle poke for this branch. Do you think you'll have a chance to address the earlier feedback? It looks like a useful change 👍 |
sure, i'm happy to pick this back up! |
|
I'd like to see this work land so I've adopted the branch to try and address the last bits of feedback. If any of the original authors want to pick this back up again I'm happy to step back to a reviewer role. In the meantime I made a second PR because I couldn't push commits to the linkerd fork for this branch. PTAL at #42 I'm going to close this PR to consolidate discussion on the new one but as mentioned, also happy to come back to this branch if Eliza or someone else has cycles to iterate. Thanks for getting it so close to being done! |
|
Just wanted to mention in case folks are watching this PR - we landed the feature in #42. |
This branch adds an
EndEntityCert::dns_namesmethod, which returns alist of the DNS names provided in the subject alternative names
extension of the certificate.
This branch is based on work done by @seanmonstar in
briansmith/webpki#91 and @Geal in briansmith/webpki#103. I've simply
updated this change to track the
mainbranch of therustls/webpkirepository.
Closes #2
Authored-by: Geoffroy Couprie geo.couprie@gmail.com
Co-authored-by: Sean McArthur sean@seanmonstar.com
Co-authored-by: Eliza Weisman eliza@buoyant.io
Signed-off-by: Eliza Weisman eliza@buoyant.io