-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add a method to collect the DNS names from a certificate #6
Conversation
Codecov Report
@@ Coverage Diff @@
## main #6 +/- ##
==========================================
+ Coverage 74.60% 76.86% +2.25%
==========================================
Files 19 19
Lines 1788 1962 +174
==========================================
+ Hits 1334 1508 +174
Misses 454 454
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
/// `WildcardDnsName` stores a copy of the input it was constructed from in a `String` | ||
/// and so it is only available when the `alloc` default feature is enabled. | ||
/// | ||
/// `Eq`, `PartialEq`, etc. are not implemented because name comparison |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Drive-by: This comment doesn't match the derive below?
#[cfg(feature = "alloc")] | ||
pub fn list_cert_dns_names<'names>( | ||
cert: &'names crate::EndEntityCert<'names>, | ||
) -> Result<Vec<GeneralDnsNameRef<'names>>, Error> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How hard would it be to rewire this to return an impl Iterator
instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it certainly could be rewritten to return impl Iterator
--- I wanted to start by coping the original diff from upstream exactly, but would be happy to revise.
@hawkw 👋 gentle poke for this branch. Do you think you'll have a chance to address the earlier feedback? It looks like a useful change 👍 |
sure, i'm happy to pick this back up! |
I'd like to see this work land so I've adopted the branch to try and address the last bits of feedback. If any of the original authors want to pick this back up again I'm happy to step back to a reviewer role. In the meantime I made a second PR because I couldn't push commits to the linkerd fork for this branch. PTAL at #42 I'm going to close this PR to consolidate discussion on the new one but as mentioned, also happy to come back to this branch if Eliza or someone else has cycles to iterate. Thanks for getting it so close to being done! |
Just wanted to mention in case folks are watching this PR - we landed the feature in #42. |
This branch adds an
EndEntityCert::dns_names
method, which returns alist of the DNS names provided in the subject alternative names
extension of the certificate.
This branch is based on work done by @seanmonstar in
briansmith/webpki#91 and @Geal in briansmith/webpki#103. I've simply
updated this change to track the
main
branch of therustls/webpki
repository.
Closes #2
Authored-by: Geoffroy Couprie [email protected]
Co-authored-by: Sean McArthur [email protected]
Co-authored-by: Eliza Weisman [email protected]
Signed-off-by: Eliza Weisman [email protected]