hatter/acme-client-rs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: dns names

Browse Source
This commit is contained in:
Hatter Jiang
2021-05-05 11:42:33 +08:00
parent 3e09332a2e
commit 9be8f5b353
3 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/config.rs
View File

@@ -110,15 +110,25 @@ impl CertConfigItem {
}
let path_buff = opt_result!(PathBuf::from_str(&self.path), "Path: {}, failed: {}", self.path);
let cert_path_buff = path_buff.join(CERT_NAME);
if self.common_name.is_none() || self.dns_names.is_none() {
if self.common_name.is_none() && self.dns_names.is_none() {
let pem = opt_result!(fs::read_to_string(cert_path_buff.clone()), "Read file: {:?}, failed: {}", cert_path_buff);
let x509_certificate = opt_result!(x509::parse_x509(&format!("{}/{}", self.path, CERT_NAME), &pem), "Parse x509: {}/{}, faield: {}", self.path, CERT_NAME);
self.common_name = Some(x509_certificate.common_name.clone());
self.dns_names = Some(x509_certificate.alt_names.clone());
if let Some(pos) = x509_certificate.alt_names.iter().position(|n| n == &x509_certificate.common_name) {
if let Some(dns_names) = &mut self.dns_names {
dns_names.remove(pos);
}
}
self.algo = None;
self.public_key_algo = Some(x509_certificate.public_key_algo.clone());
Ok(Some(x509_certificate))
} else {
if self.common_name.is_none() {
if let Some(dns_names) = &mut self.dns_names {
self.common_name = Some(dns_names.remove(0));
}
}
if self.public_key_algo.is_none() {
self.public_key_algo = match &self.algo {
None => Some(X509PublicKeyAlgo::Rsa(2048)),
@@ -141,6 +151,9 @@ impl CertConfigItem {
let mut sorted_dns_names = dns_names.clone();
sorted_dns_names.sort();
let mut cert_sorted_dns_names = x509_certificate.alt_names.clone();
if let Some(pos) = cert_sorted_dns_names.iter().position(|n| n == self.common_name.as_ref().unwrap()) {
cert_sorted_dns_names.remove(pos);
}
cert_sorted_dns_names.sort();
if sorted_dns_names != cert_sorted_dns_names {
warning!("Cert: {}, dns names mis-match: {:?} vs {:?}", self.path, sorted_dns_names, cert_sorted_dns_names);