mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
Remove unused x509 code
This commit is contained in:
parent
f70410959d
commit
82f603c327
@ -19,7 +19,6 @@ package x509
|
|||||||
import (
|
import (
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"crypto/x509/pkix"
|
"crypto/x509/pkix"
|
||||||
"encoding/asn1"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"time"
|
"time"
|
||||||
@ -191,25 +190,3 @@ var CommonNameUserConversion = UserConversionFunc(func(chain []*x509.Certificate
|
|||||||
Groups: chain[0].Subject.Organization,
|
Groups: chain[0].Subject.Organization,
|
||||||
}, true, nil
|
}, true, nil
|
||||||
})
|
})
|
||||||
|
|
||||||
// DNSNameUserConversion builds user info from a certificate chain using the first DNSName on the certificate
|
|
||||||
var DNSNameUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
|
|
||||||
if len(chain[0].DNSNames) == 0 {
|
|
||||||
return nil, false, nil
|
|
||||||
}
|
|
||||||
return &user.DefaultInfo{Name: chain[0].DNSNames[0]}, true, nil
|
|
||||||
})
|
|
||||||
|
|
||||||
// EmailAddressUserConversion builds user info from a certificate chain using the first EmailAddress on the certificate
|
|
||||||
var EmailAddressUserConversion = UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) {
|
|
||||||
var emailAddressOID asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 9, 1}
|
|
||||||
if len(chain[0].EmailAddresses) == 0 {
|
|
||||||
for _, name := range chain[0].Subject.Names {
|
|
||||||
if name.Type.Equal(emailAddressOID) {
|
|
||||||
return &user.DefaultInfo{Name: name.Value.(string)}, true, nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return nil, false, nil
|
|
||||||
}
|
|
||||||
return &user.DefaultInfo{Name: chain[0].EmailAddresses[0]}, true, nil
|
|
||||||
})
|
|
||||||
|
@ -586,41 +586,6 @@ func TestX509(t *testing.T) {
|
|||||||
ExpectOK: true,
|
ExpectOK: true,
|
||||||
ExpectErr: false,
|
ExpectErr: false,
|
||||||
},
|
},
|
||||||
"empty dns": {
|
|
||||||
Opts: getDefaultVerifyOptions(t),
|
|
||||||
Certs: getCerts(t, clientCNCert),
|
|
||||||
User: DNSNameUserConversion,
|
|
||||||
|
|
||||||
ExpectOK: false,
|
|
||||||
ExpectErr: false,
|
|
||||||
},
|
|
||||||
"dns": {
|
|
||||||
Opts: getDefaultVerifyOptions(t),
|
|
||||||
Certs: getCerts(t, clientDNSCert),
|
|
||||||
User: DNSNameUserConversion,
|
|
||||||
|
|
||||||
ExpectUserName: "client_dns.example.com",
|
|
||||||
ExpectOK: true,
|
|
||||||
ExpectErr: false,
|
|
||||||
},
|
|
||||||
|
|
||||||
"empty email": {
|
|
||||||
Opts: getDefaultVerifyOptions(t),
|
|
||||||
Certs: getCerts(t, clientCNCert),
|
|
||||||
User: EmailAddressUserConversion,
|
|
||||||
|
|
||||||
ExpectOK: false,
|
|
||||||
ExpectErr: false,
|
|
||||||
},
|
|
||||||
"email": {
|
|
||||||
Opts: getDefaultVerifyOptions(t),
|
|
||||||
Certs: getCerts(t, clientEmailCert),
|
|
||||||
User: EmailAddressUserConversion,
|
|
||||||
|
|
||||||
ExpectUserName: "client_email@example.com",
|
|
||||||
ExpectOK: true,
|
|
||||||
ExpectErr: false,
|
|
||||||
},
|
|
||||||
|
|
||||||
"custom conversion error": {
|
"custom conversion error": {
|
||||||
Opts: getDefaultVerifyOptions(t),
|
Opts: getDefaultVerifyOptions(t),
|
||||||
|
Loading…
Reference in New Issue
Block a user