rwf2
/
Rocket
mirror of https://github.com/rwf2/Rocket.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update 'x509-parser' to 0.16.

This commit is contained in:
Sergio Benitez 2024-03-20 01:37:31 -07:00
parent 02011a1307
commit 225655817a
5 changed files with 20 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/lib/Cargo.toml
View File

@ -55,7 +55,7 @@ tokio-rustls = { version = "0.25", optional = true }
rustls-pemfile = { version = "2.0.0", optional = true } rustls-pemfile = { version = "2.0.0", optional = true }
# Optional MTLS dependencies # Optional MTLS dependencies
x509-parser = { version = "0.13", optional = true } x509-parser = { version = "0.16", optional = true }
# Hyper dependencies # Hyper dependencies
http = "1" http = "1"

2
core/lib/src/mtls/certificate.rs
View File

@ -133,7 +133,7 @@ impl<'a> Certificate<'a> {
fn parse_one(raw: &[u8]) -> Result<x509::X509Certificate<'_>> { fn parse_one(raw: &[u8]) -> Result<x509::X509Certificate<'_>> {
use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME; use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME;
use x509_parser::traits::FromDer; use x509::FromDer;
let (left, x509) = x509::X509Certificate::from_der(raw)?; let (left, x509) = x509::X509Certificate::from_der(raw)?;
if !left.is_empty() { if !left.is_empty() {

14
core/lib/src/mtls/error.rs
View File

@ -3,7 +3,7 @@ use std::num::NonZeroUsize;
use crate::mtls::x509::{self, nom}; use crate::mtls::x509::{self, nom};
/// An error returned by the [`Certificate`] request guard. /// An error returned by the [`Certificate`](crate::mtls::Certificate) guard.
/// ///
/// To retrieve this error in a handler, use an `mtls::Result<Certificate>` /// To retrieve this error in a handler, use an `mtls::Result<Certificate>`
/// guard type: /// guard type:
@ -65,10 +65,10 @@ impl From<nom::Err<x509::X509Error>> for Error {
} }
impl std::error::Error for Error { impl std::error::Error for Error {
// fn source(&self) -> Option<&(dyn std::error::Error + 'static)> { fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
// match self { match self {
// Error::Parse(e) => Some(e), Error::Parse(e) => Some(e),
// _ => None _ => None
// } }
// } }
} }

20
core/lib/src/mtls/mod.rs
View File

@ -1,9 +1,8 @@
//! Support for mutual TLS client certificates. //! Support for mutual TLS client certificates.
//! //!
//! For details on how to configure mutual TLS, see //! For details on how to configure mutual TLS, see [`MtlsConfig`] and the [TLS
//! [`MutualTls`](crate::config::MutualTls) and the [TLS
//! guide](https://rocket.rs/master/guide/configuration/#tls). See //! guide](https://rocket.rs/master/guide/configuration/#tls). See
//! [`Certificate`] for a request guard that validated, verifies, and retrieves //! [`Certificate`] for a request guard that validates, verifies, and retrieves
//! client certificates. //! client certificates.
pub mod oid { pub mod oid {
@ -28,17 +27,7 @@ pub mod x509 {
//! Lack of documentation is directly inherited from the source crate. //! Lack of documentation is directly inherited from the source crate.
//! Prefer to use Rocket's wrappers when possible. //! Prefer to use Rocket's wrappers when possible.
pub(crate) use x509_parser::nom; pub use x509_parser::prelude::*;
pub use x509_parser::certificate::*;
pub use x509_parser::cri_attributes::*;
pub use x509_parser::error::*;
pub use x509_parser::extensions::*;
pub use x509_parser::revocation_list::*;
pub use x509_parser::time::*;
pub use x509_parser::x509::*;
pub use x509_parser::der_parser::der;
pub use x509_parser::der_parser::ber;
pub use x509_parser::traits::*;
} }
mod certificate; mod certificate;
@ -51,6 +40,5 @@ pub use name::Name;
pub use config::MtlsConfig; pub use config::MtlsConfig;
pub use certificate::{Certificate, CertificateDer}; pub use certificate::{Certificate, CertificateDer};
/// A type alias for [`Result`](std::result::Result) with the error type set to /// A type alias for `Result` with the error type set to [`Error`].
/// [`Error`].
pub type Result<T, E = Error> = std::result::Result<T, E>; pub type Result<T, E = Error> = std::result::Result<T, E>;

11
core/lib/src/mtls/name.rs
View File

@ -6,11 +6,12 @@ use ref_cast::RefCast;
use crate::mtls::x509::X509Name; use crate::mtls::x509::X509Name;
use crate::mtls::oid; use crate::mtls::oid;
/// An X.509 Distinguished Name (DN) found in a [`Certificate`]. /// An X.509 Distinguished Name (DN) found in a
/// [`Certificate`](crate::mtls::Certificate).
/// ///
/// This type is a wrapper over [`x509::X509Name`] with convenient methods and /// This type is a wrapper over [`X509Name`] with convenient methods and
/// complete documentation. Should the data exposed by the inherent methods not /// complete documentation. Should the data exposed by the inherent methods not
/// suffice, this type derefs to [`x509::X509Name`]. /// suffice, this type derefs to [`X509Name`].
#[repr(transparent)] #[repr(transparent)]
#[derive(Debug, PartialEq, RefCast)] #[derive(Debug, PartialEq, RefCast)]
pub struct Name<'a>(X509Name<'a>); pub struct Name<'a>(X509Name<'a>);
@ -113,7 +114,9 @@ impl<'a> Name<'a> {
/// Returns `true` if `self` has no data. /// Returns `true` if `self` has no data.
/// ///
/// When this is the case for a `subject()`, the subject data can be found /// When this is the case for a `subject()`, the subject data can be found
/// in the `subjectAlt` [`extension()`](Certificate::extensions()). /// in the `subjectAlt` [`extension`].
///
/// [`extension`]: crate::mtls::Certificate::extensions()
/// ///
/// # Example /// # Example
/// ///