dubbo.apache.org/dubbo-go/v3@v3.1.1/xds/credentials/certgenerate/dual_use.go

dubbo.apache.org/dubbo-go/v3@v3.1.1/xds/credentials/certgenerate/dual_use.go (about)

     1  /*
     2   * Licensed to the Apache Software Foundation (ASF) under one or more
     3   * contributor license agreements.  See the NOTICE file distributed with
     4   * this work for additional information regarding copyright ownership.
     5   * The ASF licenses this file to You under the Apache License, Version 2.0
     6   * (the "License"); you may not use this file except in compliance with
     7   * the License.  You may obtain a copy of the License at
     8   *
     9   *     http://www.apache.org/licenses/LICENSE-2.0
    10   *
    11   * Unless required by applicable law or agreed to in writing, software
    12   * distributed under the License is distributed on an "AS IS" BASIS,
    13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14   * See the License for the specific language governing permissions and
    15   * limitations under the License.
    16   */
    17  
    18  /*
    19   *
    20   * Copyright Istio Authors
    21   *
    22   */
    23  
    24  package certgenerate
    25  
    26  import (
    27  	"fmt"
    28  	"strings"
    29  )
    30  
    31  // DualUseCommonName extracts a valid CommonName from a comma-delimited host string
    32  // for dual-use certificates.
    33  func DualUseCommonName(host string) (string, error) {
    34  	// cn uses one hostname, drop the rest
    35  	first := strings.SplitN(host, ",", 2)[0]
    36  
    37  	// cn max length is 64 (ub-common-name @ https://tools.ietf.org/html/rfc5280)
    38  	if l := len(first); l > 64 {
    39  		return "", fmt.Errorf("certificate CN upper bound exceeded (%v>64): %s", l, first)
    40  	}
    41  
    42  	return first, nil
    43  }