Make Cert::valid_dns_names() public

rustls · Sep 21, 2023 · 12fe2bb · 12fe2bb
1 parent f93369a
commit 12fe2bb
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 12 deletions.
diff --git a/src/cert.rs b/src/cert.rs
@@ -123,7 +123,14 @@ impl<'a> Cert<'a> {
         )
     }
 
-    pub(crate) fn valid_dns_names(&self) -> impl Iterator<Item = &str> {
+    /// Returns a list of valid DNS names provided in the subject alternative names extension
+    ///
+    /// This function must not be used to implement custom DNS name verification.
+    /// Checking that a certificate is valid for a given subject name should always be done with
+    /// [EndEntityCert::verify_is_valid_for_subject_name].
+    ///
+    /// [EndEntityCert::verify_is_valid_for_subject_name]: crate::EndEntityCert::verify_is_valid_for_subject_name
+    pub fn valid_dns_names(&self) -> impl Iterator<Item = &str> {
         NameIterator::new(Some(self.subject), self.subject_alt_name).filter_map(|result| {
             let presented_id = match result.ok()? {
                 GeneralName::DnsName(presented) => presented,

diff --git a/src/end_entity.rs b/src/end_entity.rs
@@ -145,15 +145,6 @@ impl<'a> EndEntityCert<'a> {
             untrusted::Input::from(signature),
         )
     }
-
-    /// Returns a list of valid DNS names provided in the subject alternative names extension
-    ///
-    /// This function must not be used to implement custom DNS name verification.
-    /// Checking that a certificate is valid for a given subject name should always be done with
-    /// [EndEntityCert::verify_is_valid_for_subject_name].
-    pub fn dns_names(&'a self) -> impl Iterator<Item = &'a str> {
-        self.inner.valid_dns_names()
-    }
 }
 
 impl<'a> Deref for EndEntityCert<'a> {
@@ -215,7 +206,7 @@ mod tests {
         let cert =
             EndEntityCert::try_from(der).expect("should parse end entity certificate correctly");
 
-        let mut names = cert.dns_names();
+        let mut names = cert.valid_dns_names();
         assert_eq!(names.next(), Some(name));
         assert_eq!(names.next(), None);
     }

diff --git a/tests/integration.rs b/tests/integration.rs
@@ -319,5 +319,5 @@ fn expect_cert_dns_names<'name>(
     let cert = webpki::EndEntityCert::try_from(&der)
         .expect("should parse end entity certificate correctly");
 
-    assert!(cert.dns_names().eq(expected_names))
+    assert!(cert.valid_dns_names().eq(expected_names))
 }