mirror of https://github.com/rwf2/Rocket.git
Update 'x509-parser' to 0.16.
This commit is contained in:
Sergio Benitez
parent
02011a1307
commit
225655817a
|
|
@ -55,7 +55,7 @@ tokio-rustls = { version = "0.25", optional = true }
|
|||
rustls-pemfile = { version = "2.0.0", optional = true }
|
||||
|
||||
# Optional MTLS dependencies
|
||||
x509-parser = { version = "0.13", optional = true }
|
||||
x509-parser = { version = "0.16", optional = true }
|
||||
|
||||
# Hyper dependencies
|
||||
http = "1"
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ impl<'a> Certificate<'a> {
|
|||
|
||||
fn parse_one(raw: &[u8]) -> Result<x509::X509Certificate<'_>> {
|
||||
use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME;
|
||||
use x509_parser::traits::FromDer;
|
||||
use x509::FromDer;
|
||||
|
||||
let (left, x509) = x509::X509Certificate::from_der(raw)?;
|
||||
if !left.is_empty() {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ use std::num::NonZeroUsize;
|
|||
|
||||
use crate::mtls::x509::{self, nom};
|
||||
|
||||
/// An error returned by the [`Certificate`] request guard.
|
||||
/// An error returned by the [`Certificate`](crate::mtls::Certificate) guard.
|
||||
///
|
||||
/// To retrieve this error in a handler, use an `mtls::Result<Certificate>`
|
||||
/// guard type:
|
||||
|
|
@ -65,10 +65,10 @@ impl From<nom::Err<x509::X509Error>> for Error {
|
|||
}
|
||||
|
||||
impl std::error::Error for Error {
|
||||
// fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
|
||||
// match self {
|
||||
// Error::Parse(e) => Some(e),
|
||||
// _ => None
|
||||
// }
|
||||
// }
|
||||
fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
|
||||
match self {
|
||||
Error::Parse(e) => Some(e),
|
||||
_ => None
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
//! Support for mutual TLS client certificates.
|
||||
//!
|
||||
//! For details on how to configure mutual TLS, see
|
||||
//! [`MutualTls`](crate::config::MutualTls) and the [TLS
|
||||
//! For details on how to configure mutual TLS, see [`MtlsConfig`] and the [TLS
|
||||
//! guide](https://rocket.rs/master/guide/configuration/#tls). See
|
||||
//! [`Certificate`] for a request guard that validated, verifies, and retrieves
|
||||
//! [`Certificate`] for a request guard that validates, verifies, and retrieves
|
||||
//! client certificates.
|
||||
|
||||
pub mod oid {
|
||||
|
|
@ -28,17 +27,7 @@ pub mod x509 {
|
|||
//! Lack of documentation is directly inherited from the source crate.
|
||||
//! Prefer to use Rocket's wrappers when possible.
|
||||
|
||||
pub(crate) use x509_parser::nom;
|
||||
pub use x509_parser::certificate::*;
|
||||
pub use x509_parser::cri_attributes::*;
|
||||
pub use x509_parser::error::*;
|
||||
pub use x509_parser::extensions::*;
|
||||
pub use x509_parser::revocation_list::*;
|
||||
pub use x509_parser::time::*;
|
||||
pub use x509_parser::x509::*;
|
||||
pub use x509_parser::der_parser::der;
|
||||
pub use x509_parser::der_parser::ber;
|
||||
pub use x509_parser::traits::*;
|
||||
pub use x509_parser::prelude::*;
|
||||
}
|
||||
|
||||
mod certificate;
|
||||
|
|
@ -51,6 +40,5 @@ pub use name::Name;
|
|||
pub use config::MtlsConfig;
|
||||
pub use certificate::{Certificate, CertificateDer};
|
||||
|
||||
/// A type alias for [`Result`](std::result::Result) with the error type set to
|
||||
/// [`Error`].
|
||||
/// A type alias for `Result` with the error type set to [`Error`].
|
||||
pub type Result<T, E = Error> = std::result::Result<T, E>;
|
||||
|
|
|
|||
|
|
@ -6,11 +6,12 @@ use ref_cast::RefCast;
|
|||
use crate::mtls::x509::X509Name;
|
||||
use crate::mtls::oid;
|
||||
|
||||
/// An X.509 Distinguished Name (DN) found in a [`Certificate`].
|
||||
/// An X.509 Distinguished Name (DN) found in a
|
||||
/// [`Certificate`](crate::mtls::Certificate).
|
||||
///
|
||||
/// This type is a wrapper over [`x509::X509Name`] with convenient methods and
|
||||
/// This type is a wrapper over [`X509Name`] with convenient methods and
|
||||
/// complete documentation. Should the data exposed by the inherent methods not
|
||||
/// suffice, this type derefs to [`x509::X509Name`].
|
||||
/// suffice, this type derefs to [`X509Name`].
|
||||
#[repr(transparent)]
|
||||
#[derive(Debug, PartialEq, RefCast)]
|
||||
pub struct Name<'a>(X509Name<'a>);
|
||||
|
|
@ -113,7 +114,9 @@ impl<'a> Name<'a> {
|
|||
/// Returns `true` if `self` has no data.
|
||||
///
|
||||
/// When this is the case for a `subject()`, the subject data can be found
|
||||
/// in the `subjectAlt` [`extension()`](Certificate::extensions()).
|
||||
/// in the `subjectAlt` [`extension`].
|
||||
///
|
||||
/// [`extension`]: crate::mtls::Certificate::extensions()
|
||||
///
|
||||
/// # Example
|
||||
///
|
||||
|
|
|
|||
Loading…
Reference in New Issue