move SplitSANs to cli

This commit is contained in:
max furman 2019-02-05 19:32:01 -08:00
parent 6937bfea7b
commit 3415a1fef8
3 changed files with 6 additions and 25 deletions

4
Gopkg.lock generated
View file

@ -212,7 +212,7 @@
[[projects]]
branch = "sans"
digest = "1:84a773da390eabc9a292221bbc2c16653093f8eb805a1b16f738ef3cd88df701"
digest = "1:4c9e30abfe7c119eb4d40287f6c23f854f3ad71c69206d8dc6402e1fef14ac88"
name = "github.com/smallstep/cli"
packages = [
"command",
@ -231,7 +231,7 @@
"utils",
]
pruneopts = "UT"
revision = "49d4a4c26c802e83c5ed160abdd5babab1c9b5c6"
revision = "1379a62e0cf06b164d35e20a912d017ac8bad071"
[[projects]]
branch = "master"

View file

@ -3,12 +3,12 @@ package authority
import (
"crypto/x509"
"encoding/asn1"
"net"
"net/http"
"net/url"
"time"
"github.com/pkg/errors"
"github.com/smallstep/cli/crypto/x509util"
"gopkg.in/square/go-jose.v2/jwt"
)
@ -126,7 +126,7 @@ func (a *Authority) Authorize(ott string) ([]interface{}, error) {
if len(claims.SANs) == 0 {
claims.SANs = []string{claims.Subject}
}
dnsNames, ips := SplitSANs(claims.SANs)
dnsNames, ips := x509util.SplitSANs(claims.SANs)
if err != nil {
return nil, err
}
@ -150,26 +150,6 @@ func (a *Authority) Authorize(ott string) ([]interface{}, error) {
return signOps, nil
}
// SplitSANs splits a slice of Subject Alternative Names into slices of
// IP Addresses and DNS Names. If an element is not an IP address, then it
// is bucketed as a DNS Name.
func SplitSANs(sans []string) (dnsNames []string, ips []net.IP) {
dnsNames = []string{}
ips = []net.IP{}
if sans == nil {
return
}
for _, san := range sans {
if ip := net.ParseIP(san); ip != nil {
ips = append(ips, ip)
} else {
// If not IP then assume DNSName.
dnsNames = append(dnsNames, san)
}
}
return
}
// authorizeRenewal tries to locate the step provisioner extension, and checks
// if for the configured provisioner, the renewal is enabled or not. If the
// extra extension cannot be found, authorize the renewal by default.

View file

@ -23,6 +23,7 @@ import (
"github.com/pkg/errors"
"github.com/smallstep/certificates/api"
"github.com/smallstep/certificates/authority"
"github.com/smallstep/cli/crypto/x509util"
"gopkg.in/square/go-jose.v2/jwt"
)
@ -452,7 +453,7 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
return nil, nil, errors.Wrap(err, "error generating key")
}
dnsNames, ips := authority.SplitSANs(claims.SANs)
dnsNames, ips := x509util.SplitSANs(claims.SANs)
template := &x509.CertificateRequest{
Subject: pkix.Name{