[COMMIT seastar master] tls: Add alt name ostream operators
1 view
Skip to first unread message
Commit Bot
<bot@cloudius-systems.com>May 11, 2023, 4:15:51 PM5/11/23
to seastar-dev@googlegroups.com, Calle Wilund
From: Calle Wilund <ca...@scylladb.com>
Committer: Calle Wilund <ca...@scylladb.com>
Branch: master
tls: Add alt name ostream operators
For printing. And consequential parsing/matching.
Note: because naming of alternative names is inconsistent between tools,
and because openssl is probably more popular when creating certs anyway,
this routine will be inconsistent with both gnutls and openssl (though more
in line with the latter) and name the constants as follows:
* dnsname: "DNS"
* rfc822name: "EMAIL"
* uri: "URI"
* ipaddress "IP"
* othername: "OTHERNAME"
* dn: "DIRNAME"
---
diff --git a/include/seastar/net/tls.hh b/include/seastar/net/tls.hh
--- a/include/seastar/net/tls.hh
+++ b/include/seastar/net/tls.hh
@@ -387,6 +387,25 @@ namespace tls {
* If the socket is not a TLS socket an exception will be thrown.
*/
future<std::vector<subject_alt_name>> get_alt_name_information(connected_socket& socket, std::unordered_set<subject_alt_name_type> types = {});
+
+ std::ostream& operator<<(std::ostream&, const subject_alt_name::value_type&);
+ std::ostream& operator<<(std::ostream&, const subject_alt_name&);
+
+ /**
+ * Alt name to string.
+ * Note: because naming of alternative names is inconsistent between tools,
+ * and because openssl is probably more popular when creating certs anyway,
+ * this routine will be inconsistent with both gnutls and openssl (though more
+ * in line with the latter) and name the constants as follows:
+ *
+ * dnsname: "DNS"
+ * rfc822name: "EMAIL"
+ * uri: "URI"
+ * ipaddress "IP"
+ * othername: "OTHERNAME"
+ * dn: "DIRNAME"
+ */
+ std::ostream& operator<<(std::ostream&, subject_alt_name_type);
}
}
diff --git a/src/net/tls.cc b/src/net/tls.cc
--- a/src/net/tls.cc
+++ b/src/net/tls.cc
@@ -1912,4 +1912,27 @@ future<std::vector<tls::subject_alt_name>> tls::get_alt_name_information(connect
return get_tls_socket(socket)->get_alt_name_information(std::move(types));
}
+std::ostream& tls::operator<<(std::ostream& os, subject_alt_name_type type) {
+ switch (type) {
+ case subject_alt_name_type::dnsname: os << "DNS"; break;
+ case subject_alt_name_type::rfc822name: os << "EMAIL"; break;
+ case subject_alt_name_type::uri: os << "URI"; break;
+ case subject_alt_name_type::ipaddress: os << "IP"; break;
+ case subject_alt_name_type::othername: os << "OTHERNAME"; break;
+ case subject_alt_name_type::dn: os << "DIRNAME"; break;
+ default: break;
+ }
+ return os;
+}
+
+std::ostream& tls::operator<<(std::ostream& os, const subject_alt_name::value_type& v) {
+ std::visit([&](auto& vv) { os << vv; }, v);
+ return os;
+}
+
+std::ostream& tls::operator<<(std::ostream& os, const subject_alt_name& a) {
+ return os << a.type << "=" << a.value;
+}
+
+
}
Committer: Calle Wilund <ca...@scylladb.com>
Branch: master
tls: Add alt name ostream operators
For printing. And consequential parsing/matching.
Note: because naming of alternative names is inconsistent between tools,
and because openssl is probably more popular when creating certs anyway,
this routine will be inconsistent with both gnutls and openssl (though more
in line with the latter) and name the constants as follows:
* dnsname: "DNS"
* rfc822name: "EMAIL"
* uri: "URI"
* ipaddress "IP"
* othername: "OTHERNAME"
* dn: "DIRNAME"
---
diff --git a/include/seastar/net/tls.hh b/include/seastar/net/tls.hh
--- a/include/seastar/net/tls.hh
+++ b/include/seastar/net/tls.hh
@@ -387,6 +387,25 @@ namespace tls {
* If the socket is not a TLS socket an exception will be thrown.
*/
future<std::vector<subject_alt_name>> get_alt_name_information(connected_socket& socket, std::unordered_set<subject_alt_name_type> types = {});
+
+ std::ostream& operator<<(std::ostream&, const subject_alt_name::value_type&);
+ std::ostream& operator<<(std::ostream&, const subject_alt_name&);
+
+ /**
+ * Alt name to string.
+ * Note: because naming of alternative names is inconsistent between tools,
+ * and because openssl is probably more popular when creating certs anyway,
+ * this routine will be inconsistent with both gnutls and openssl (though more
+ * in line with the latter) and name the constants as follows:
+ *
+ * dnsname: "DNS"
+ * rfc822name: "EMAIL"
+ * uri: "URI"
+ * ipaddress "IP"
+ * othername: "OTHERNAME"
+ * dn: "DIRNAME"
+ */
+ std::ostream& operator<<(std::ostream&, subject_alt_name_type);
}
}
diff --git a/src/net/tls.cc b/src/net/tls.cc
--- a/src/net/tls.cc
+++ b/src/net/tls.cc
@@ -1912,4 +1912,27 @@ future<std::vector<tls::subject_alt_name>> tls::get_alt_name_information(connect
return get_tls_socket(socket)->get_alt_name_information(std::move(types));
}
+std::ostream& tls::operator<<(std::ostream& os, subject_alt_name_type type) {
+ switch (type) {
+ case subject_alt_name_type::dnsname: os << "DNS"; break;
+ case subject_alt_name_type::rfc822name: os << "EMAIL"; break;
+ case subject_alt_name_type::uri: os << "URI"; break;
+ case subject_alt_name_type::ipaddress: os << "IP"; break;
+ case subject_alt_name_type::othername: os << "OTHERNAME"; break;
+ case subject_alt_name_type::dn: os << "DIRNAME"; break;
+ default: break;
+ }
+ return os;
+}
+
+std::ostream& tls::operator<<(std::ostream& os, const subject_alt_name::value_type& v) {
+ std::visit([&](auto& vv) { os << vv; }, v);
+ return os;
+}
+
+std::ostream& tls::operator<<(std::ostream& os, const subject_alt_name& a) {
+ return os << a.type << "=" << a.value;
+}
+
+
}
Reply all
Reply to author
Forward
0 new messages