lib: rm alloc req. for dns_names and assoc types

With the update to the `dns_names` function in the previous commit we can now make `EndEntity.dns_names` work without requiring `alloc`. The associated `GeneralDnsNameRef` and `WildcardDnsNameRef` types get the same treatment.
rustls · Sep 14, 2023 · bf20589 · bf20589
1 parent 49e62bd
commit bf20589
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 21 deletions.
diff --git a/src/end_entity.rs b/src/end_entity.rs
@@ -16,9 +16,7 @@ use pki_types::{CertificateDer, SignatureVerificationAlgorithm, TrustAnchor, Uni
 
 use crate::crl::RevocationOptions;
 use crate::error::Error;
-#[cfg(feature = "alloc")]
-use crate::subject_name::GeneralDnsNameRef;
-use crate::subject_name::{self, SubjectNameRef};
+use crate::subject_name::{self, GeneralDnsNameRef, SubjectNameRef};
 use crate::verify_cert::{self, KeyUsage};
 use crate::{cert, signed_data};
 
@@ -156,7 +154,6 @@ impl<'a> EndEntityCert<'a> {
     /// This function must not be used to implement custom DNS name verification.
     /// Checking that a certificate is valid for a given subject name should always be done with
     /// [EndEntityCert::verify_is_valid_for_subject_name].
-    #[cfg(feature = "alloc")]
     pub fn dns_names(&'a self) -> impl Iterator<Item = GeneralDnsNameRef<'a>> {
         subject_name::list_cert_dns_names(self)
     }

diff --git a/src/lib.rs b/src/lib.rs
@@ -73,8 +73,8 @@ pub use {
     error::{DerTypeId, Error},
     signed_data::alg_id,
     subject_name::{
-        AddrParseError, DnsNameRef, InvalidDnsNameError, InvalidSubjectNameError, IpAddrRef,
-        SubjectNameRef,
+        AddrParseError, DnsNameRef, GeneralDnsNameRef, InvalidDnsNameError,
+        InvalidSubjectNameError, IpAddrRef, SubjectNameRef, WildcardDnsNameRef,
     },
     trust_anchor::extract_trust_anchor,
     verify_cert::KeyUsage,
@@ -85,7 +85,7 @@ pub use pki_types as types;
 #[cfg(feature = "alloc")]
 pub use {
     crl::{OwnedCertRevocationList, OwnedRevokedCert},
-    subject_name::{DnsName, GeneralDnsNameRef, IpAddr, WildcardDnsNameRef},
+    subject_name::{DnsName, IpAddr},
 };
 
 #[cfg(feature = "ring")]

diff --git a/src/subject_name/mod.rs b/src/subject_name/mod.rs
@@ -13,10 +13,10 @@
 // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 mod dns_name;
-pub use dns_name::{DnsNameRef, InvalidDnsNameError};
+pub use dns_name::{DnsNameRef, GeneralDnsNameRef, InvalidDnsNameError, WildcardDnsNameRef};
 
 #[cfg(feature = "alloc")]
-pub use dns_name::{DnsName, GeneralDnsNameRef, WildcardDnsNameRef};
+pub use dns_name::DnsName;
 
 mod name;
 pub use name::{InvalidSubjectNameError, SubjectNameRef};
@@ -28,6 +28,6 @@ pub use ip_address::{AddrParseError, IpAddrRef};
 pub use ip_address::IpAddr;
 
 mod verify;
-#[cfg(feature = "alloc")]
-pub(super) use verify::list_cert_dns_names;
-pub(super) use verify::{check_name_constraints, verify_cert_subject_name, GeneralName};
+pub(super) use verify::{
+    check_name_constraints, list_cert_dns_names, verify_cert_subject_name, GeneralName,
+};
diff --git a/src/subject_name/verify.rs b/src/subject_name/verify.rs
@@ -12,9 +12,7 @@
 // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
-#[cfg(feature = "alloc")]
-use super::dns_name::GeneralDnsNameRef;
-use super::dns_name::{self, DnsNameRef};
+use super::dns_name::{self, DnsNameRef, GeneralDnsNameRef};
 use super::ip_address::{self, IpAddrRef};
 use super::name::SubjectNameRef;
 use crate::der::{self, FromDer};
@@ -314,7 +312,6 @@ impl<'a> Iterator for NameIterator<'a> {
     }
 }
 
-#[cfg(feature = "alloc")]
 pub(crate) fn list_cert_dns_names<'names>(
     cert: &'names crate::EndEntityCert<'names>,
 ) -> impl Iterator<Item = GeneralDnsNameRef<'names>> {

diff --git a/tests/integration.rs b/tests/integration.rs
@@ -255,7 +255,6 @@ fn read_ee_with_large_pos_serial() {
     webpki::EndEntityCert::try_from(&ee).expect("should parse 20-octet positive serial number");
 }
 
-#[cfg(feature = "alloc")]
 #[test]
 fn list_netflix_names() {
     expect_cert_dns_names(
@@ -277,7 +276,6 @@ fn list_netflix_names() {
     );
 }
 
-#[cfg(feature = "alloc")]
 #[test]
 fn invalid_subject_alt_names() {
     expect_cert_dns_names(
@@ -301,7 +299,6 @@ fn invalid_subject_alt_names() {
     );
 }
 
-#[cfg(feature = "alloc")]
 #[test]
 fn wildcard_subject_alternative_names() {
     expect_cert_dns_names(
@@ -325,13 +322,11 @@ fn wildcard_subject_alternative_names() {
     );
 }
 
-#[cfg(feature = "alloc")]
 #[test]
 fn no_subject_alt_names() {
     expect_cert_dns_names(include_bytes!("misc/no_subject_alternative_name.der"), [])
 }
 
-#[cfg(feature = "alloc")]
 fn expect_cert_dns_names<'name>(
     cert_der: &[u8],
     expected_names: impl IntoIterator<Item = &'name str>,