gazagnaire.org / ca-certs
upstream: github.com/mirage/ca-certs
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge pull request #26 from hannesm/no-astring

remove astring dependency

authored by

Hannes Mehnert and committed by
GitHub efd88849 e5e4e480

+34 -17
+1 -1
.ocamlformat
··· 1 - version = 0.23.0 1 + version = 0.25.1 2 2 profile=conventional
+32 -15
lib/ca_certs.ml
··· 114 114 undecodable certificate - while we'd like to stay operational, and ignore 115 115 some certificates *) 116 116 let d = "-----" in 117 - let sep = d ^ "END CERTIFICATE" ^ d in 118 - let certs = Astring.String.cuts ~sep ~empty:false data in 119 - let cas = 120 - let affix = d ^ "BEGIN CERTIFICATE" ^ d in 117 + let new_cert = d ^ "BEGIN CERTIFICATE" ^ d 118 + and end_of_cert = d ^ "END CERTIFICATE" ^ d in 119 + let len_new = String.length new_cert 120 + and len_end = String.length end_of_cert in 121 + let lines = String.split_on_char '\n' data in 122 + let it, cas = 121 123 List.fold_left 122 - (fun acc data -> 123 - if not (Astring.String.is_infix ~affix data) then acc 124 - else 125 - let data = data ^ sep in 126 - match X509.Certificate.decode_pem (Cstruct.of_string data) with 127 - | Ok ca -> ca :: acc 128 - | Error (`Msg msg) -> 129 - Log.warn (fun m -> m "Failed to decode a trust anchor %s." msg); 130 - Log.debug (fun m -> m "Full certificate:@.%s" data); 131 - acc) 132 - [] certs 124 + (fun (acc, cas) line -> 125 + match acc with 126 + | None 127 + when String.length line >= len_new 128 + && String.(equal (sub line 0 len_new) new_cert) -> 129 + (Some [ line ], cas) 130 + | None -> 131 + Log.debug (fun m -> m "ignoring line %s" line); 132 + (None, cas) 133 + | Some lines 134 + when String.length line >= len_end 135 + && String.(equal (sub line 0 len_end) end_of_cert) -> ( 136 + let data = String.concat "\n" (List.rev (line :: lines)) in 137 + match X509.Certificate.decode_pem (Cstruct.of_string data) with 138 + | Ok ca -> (None, ca :: cas) 139 + | Error (`Msg msg) -> 140 + Log.warn (fun m -> m "Failed to decode a trust anchor %s." msg); 141 + Log.debug (fun m -> m "Full certificate:@.%s" data); 142 + (None, cas)) 143 + | Some lines -> (Some (line :: lines), cas)) 144 + (None, []) lines 133 145 in 146 + (match it with 147 + | None -> () 148 + | Some lines -> 149 + Log.debug (fun m -> 150 + m "ignoring leftover data: %s" (String.concat "\n" (List.rev lines)))); 134 151 let cas = List.rev cas in 135 152 match cas with 136 153 | [] -> Error (`Msg ("ca-certs: empty trust anchors.\n" ^ issue))
+1 -1
lib/dune
··· 1 1 (library 2 2 (name ca_certs) 3 3 (public_name ca-certs) 4 - (libraries mirage-crypto x509 astring bos fpath logs ptime.clock.os) 4 + (libraries mirage-crypto x509 bos fpath logs ptime.clock.os) 5 5 (foreign_stubs 6 6 (language c) 7 7 (names ca_certs_stubs))