letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

identifier: Rename FromDNSNames & AsProto; add ACMEIdentifiers named type (#8070) 

Rename `FromDNSNames` to `NewDNSSlice`, since it's exactly `NewDNS`
except for slices.

Rename `AsProto` to use the "To" prefix, since it's the opposite of
"From".

Add a named type `ACMEIdentifiers` so that we can add methods to slices.
We will have a lot of slice handling code coming up, which this will
make more elegant and readable.

Add a comment to explain naming conventions in the `identifier` package.

Part of #7311
Alternative to #8068
This commit is contained in:
James Renken 2025-03-19 17:03:39 -04:00 committed by GitHub
parent b8eb2f2fe7
commit 9f4b18c6ce
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
csr/csr.go
View File

@ -82,7 +82,7 @@ func VerifyCSR(ctx context.Context, csr *x509.CertificateRequest, maxNames int,
return berrors.BadCSRError("CSR contains more than %d DNS names", maxNames) return berrors.BadCSRError("CSR contains more than %d DNS names", maxNames)
} }
err = pa.WillingToIssue(identifier.FromDNSNames(names.SANs)) err = pa.WillingToIssue(identifier.NewDNSSlice(names.SANs))
if err != nil { if err != nil {
return err return err
} }

15
identifier/identifier.go
View File

@ -1,6 +1,11 @@
// The identifier package defines types for RFC 8555 ACME identifiers. // The identifier package defines types for RFC 8555 ACME identifiers.
//
// It exists as a separate package to prevent an import loop between the core // It exists as a separate package to prevent an import loop between the core
// and probs packages. // and probs packages.
//
// Function naming conventions:
// - "New" creates a new instance from one or more simple base type inputs.
// - "From" and "To" extract information from, or compose, a more complex object.
package identifier package identifier
import ( import (
@ -32,7 +37,11 @@ type ACMEIdentifier struct {
Value string `json:"value"` Value string `json:"value"`
} }
func (i ACMEIdentifier) AsProto() *corepb.Identifier { // ACMEIdentifiers is a named type for a slice of ACME identifiers, so that
// methods can be applied to these slices.
type ACMEIdentifiers []ACMEIdentifier
func (i ACMEIdentifier) ToProto() *corepb.Identifier {
return &corepb.Identifier{ return &corepb.Identifier{
Type: string(i.Type), Type: string(i.Type),
Value: i.Value, Value: i.Value,
@ -64,9 +73,9 @@ func NewDNS(domain string) ACMEIdentifier {
} }
} }
// FromDNSNames is a convenience function for creating a slice of ACMEIdentifier // NewDNSSlice is a convenience function for creating a slice of ACMEIdentifier
// with Type "dns" for a given slice of domain names. // with Type "dns" for a given slice of domain names.
func FromDNSNames(input []string) []ACMEIdentifier { func NewDNSSlice(input []string) ACMEIdentifiers {
var out []ACMEIdentifier var out []ACMEIdentifier
for _, in := range input { for _, in := range input {
out = append(out, NewDNS(in)) out = append(out, NewDNS(in))

4
ra/ra.go
View File

@ -2281,7 +2281,7 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New
} }
// Validate that our policy allows issuing for each of the names in the order // Validate that our policy allows issuing for each of the names in the order
err = ra.PA.WillingToIssue(identifier.FromDNSNames(newOrder.DnsNames)) err = ra.PA.WillingToIssue(identifier.NewDNSSlice(newOrder.DnsNames))
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -2435,7 +2435,7 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New
} }
newAuthzs = append(newAuthzs, &sapb.NewAuthzRequest{ newAuthzs = append(newAuthzs, &sapb.NewAuthzRequest{
Identifier: ident.AsProto(), Identifier: ident.ToProto(),
RegistrationID: newOrder.RegistrationID, RegistrationID: newOrder.RegistrationID,
Expires: timestamppb.New(ra.clk.Now().Add(profile.pendingAuthzLifetime).Truncate(time.Second)), Expires: timestamppb.New(ra.clk.Now().Add(profile.pendingAuthzLifetime).Truncate(time.Second)),
ChallengeTypes: challStrs, ChallengeTypes: challStrs,

2
ratelimits/names.go
View File

@ -200,7 +200,7 @@ func validateFQDNSet(id string) error {
return fmt.Errorf( return fmt.Errorf(
"invalid fqdnSet, %q must be formatted 'fqdnSet'", id) "invalid fqdnSet, %q must be formatted 'fqdnSet'", id)
} }
return policy.WellFormedIdentifiers(identifier.FromDNSNames(domains)) return policy.WellFormedIdentifiers(identifier.NewDNSSlice(domains))
} }
func validateIdForName(name Name, id string) error { func validateIdForName(name Name, id string) error {

2
va/va_test.go
View File

@ -85,7 +85,7 @@ var accountURIPrefixes = []string{"http://boulder.service.consul:4000/acme/reg/"
func createValidationRequest(ident identifier.ACMEIdentifier, challengeType core.AcmeChallenge) *vapb.PerformValidationRequest { func createValidationRequest(ident identifier.ACMEIdentifier, challengeType core.AcmeChallenge) *vapb.PerformValidationRequest {
return &vapb.PerformValidationRequest{ return &vapb.PerformValidationRequest{
Identifier: ident.AsProto(), Identifier: ident.ToProto(),
Challenge: &corepb.Challenge{ Challenge: &corepb.Challenge{
Type: string(challengeType), Type: string(challengeType),
Status: string(core.StatusPending), Status: string(core.StatusPending),

2
wfe2/wfe.go
View File

@ -2293,7 +2293,7 @@ func (wfe *WebFrontEndImpl) NewOrder(
} }
names = core.UniqueLowerNames(names) names = core.UniqueLowerNames(names)
err = policy.WellFormedIdentifiers(identifier.FromDNSNames(names)) err = policy.WellFormedIdentifiers(identifier.NewDNSSlice(names))
if err != nil { if err != nil {
wfe.sendError(response, logEvent, web.ProblemDetailsForError(err, "Invalid identifiers requested"), nil) wfe.sendError(response, logEvent, web.ProblemDetailsForError(err, "Invalid identifiers requested"), nil)
return return