mirror of https://github.com/rwf2/Rocket.git
Sergio Benitez
parent
66d18bf665
commit
2f59515752
|
|
@ -43,7 +43,7 @@ cookie = { version = "0.16.0", features = ["percent-encode", "secure"] }
|
||||||
state = "0.5.1"
|
state = "0.5.1"
|
||||||
|
|
||||||
[dependencies.x509-parser]
|
[dependencies.x509-parser]
|
||||||
version = "0.9.2"
|
version = "0.12"
|
||||||
optional = true
|
optional = true
|
||||||
|
|
||||||
[dependencies.hyper]
|
[dependencies.hyper]
|
||||||
|
|
|
||||||
|
|
@ -30,16 +30,16 @@ pub mod x509 {
|
||||||
pub use x509_parser::x509::*;
|
pub use x509_parser::x509::*;
|
||||||
pub use x509_parser::der_parser::der;
|
pub use x509_parser::der_parser::der;
|
||||||
pub use x509_parser::der_parser::ber;
|
pub use x509_parser::der_parser::ber;
|
||||||
|
pub use x509_parser::traits::*;
|
||||||
}
|
}
|
||||||
|
|
||||||
use std::fmt;
|
use std::fmt;
|
||||||
use std::ops::Deref;
|
use std::ops::Deref;
|
||||||
use std::collections::HashMap;
|
|
||||||
use std::num::NonZeroUsize;
|
use std::num::NonZeroUsize;
|
||||||
|
|
||||||
use ref_cast::RefCast;
|
use ref_cast::RefCast;
|
||||||
use x509_parser::nom;
|
use x509_parser::nom;
|
||||||
use x509::{ParsedExtension, X509Name, X509Certificate, TbsCertificate, X509Error};
|
use x509::{ParsedExtension, X509Name, X509Certificate, TbsCertificate, X509Error, FromDer};
|
||||||
use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME;
|
use oid::OID_X509_EXT_SUBJECT_ALT_NAME as SUBJECT_ALT_NAME;
|
||||||
|
|
||||||
use crate::listener::RawCertificate;
|
use crate::listener::RawCertificate;
|
||||||
|
|
@ -201,8 +201,9 @@ impl<'a> Certificate<'a> {
|
||||||
return Err(Error::Trailing(left.len()));
|
return Err(Error::Trailing(left.len()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Ensure we have a subject or a subjectAlt.
|
||||||
if x509.subject().as_raw().is_empty() {
|
if x509.subject().as_raw().is_empty() {
|
||||||
if let Some(ext) = x509.extensions().get(&SUBJECT_ALT_NAME) {
|
if let Some(ext) = x509.extensions().iter().find(|e| e.oid == SUBJECT_ALT_NAME) {
|
||||||
if !matches!(ext.parsed_extension(), ParsedExtension::SubjectAlternativeName(..)) {
|
if !matches!(ext.parsed_extension(), ParsedExtension::SubjectAlternativeName(..)) {
|
||||||
return Err(Error::NoSubject);
|
return Err(Error::NoSubject);
|
||||||
} else if !ext.critical {
|
} else if !ext.critical {
|
||||||
|
|
@ -308,7 +309,7 @@ impl<'a> Certificate<'a> {
|
||||||
Name::ref_cast(&self.inner().issuer)
|
Name::ref_cast(&self.inner().issuer)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Returns a map of the extensions in the X.509 certificate.
|
/// Returns a slice of the extensions in the X.509 certificate.
|
||||||
///
|
///
|
||||||
/// # Example
|
/// # Example
|
||||||
///
|
///
|
||||||
|
|
@ -319,8 +320,8 @@ impl<'a> Certificate<'a> {
|
||||||
///
|
///
|
||||||
/// #[get("/auth")]
|
/// #[get("/auth")]
|
||||||
/// fn auth(cert: Certificate<'_>) {
|
/// fn auth(cert: Certificate<'_>) {
|
||||||
/// let subject_alt = cert.extensions()
|
/// let subject_alt = cert.extensions().iter()
|
||||||
/// .get(&oid::OID_X509_EXT_SUBJECT_ALT_NAME)
|
/// .find(|e| e.oid == oid::OID_X509_EXT_SUBJECT_ALT_NAME)
|
||||||
/// .and_then(|e| match e.parsed_extension() {
|
/// .and_then(|e| match e.parsed_extension() {
|
||||||
/// x509::ParsedExtension::SubjectAlternativeName(s) => Some(s),
|
/// x509::ParsedExtension::SubjectAlternativeName(s) => Some(s),
|
||||||
/// _ => None
|
/// _ => None
|
||||||
|
|
@ -335,8 +336,8 @@ impl<'a> Certificate<'a> {
|
||||||
/// }
|
/// }
|
||||||
/// }
|
/// }
|
||||||
/// ```
|
/// ```
|
||||||
pub fn extensions(&self) -> &HashMap<oid::Oid<'a>, x509::X509Extension<'a>> {
|
pub fn extensions(&self) -> &[x509::X509Extension<'a>] {
|
||||||
&self.inner().extensions
|
&self.inner().extensions()
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Checks if the certificate has the serial number `number`.
|
/// Checks if the certificate has the serial number `number`.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue