feat: ✨ make IPAddress optional for client and server certs

dergecko · Dec 15, 2024 · ab0f016 · ab0f016
1 parent 1d37eef
commit ab0f016
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 20 deletions.
diff --git a/test-certs/src/configuration/certificates.rs b/test-certs/src/configuration/certificates.rs
@@ -70,6 +70,7 @@ pub struct ServerConfiguration {
 #[serde(deny_unknown_fields)]
 pub struct SubjectAlternativeNames {
     /// Ip addresses of the client.
+    #[serde(default)]
     #[serde_as(as = "OneOrMany<_, PreferOne>")]
     pub ip: Vec<IpAddr>,
 
@@ -306,6 +307,27 @@ mod tests {
 
         #[test]
         fn should_deserialize_client() {
+            let expected = ClientConfiguration {
+                export_key: false,
+                subject_alternative_names: SubjectAlternativeNames {
+                    ip: vec![],
+                    dns_name: vec!["my-client.org".to_string()],
+                },
+                include_certificate_chain: false,
+            };
+            let json = json!({
+                "export_key": false,
+                "dns_name": "my-client.org",
+                "include_certificate_chain": false
+            });
+
+            let deserialized: ClientConfiguration = serde_json::from_value(json).unwrap();
+
+            assert_eq!(deserialized, expected)
+        }
+
+        #[test]
+        fn should_deserialize_client_with_ip() {
             let expected = ClientConfiguration {
                 export_key: false,
                 subject_alternative_names: SubjectAlternativeNames {

diff --git a/test-certs/src/lib.rs b/test-certs/src/lib.rs
@@ -45,23 +45,6 @@ pub struct Certificate {
     issuer: Option<Issuer>,
 }
 
-impl PartialEq for Certificate {
-    fn eq(&self, other: &Self) -> bool {
-        let Certificate {
-            certificate,
-            key,
-            export_key,
-            name,
-            issuer,
-        } = self;
-        certificate.der() == other.certificate.der()
-            && key.serialized_der() == other.key.serialize_der()
-            && *export_key == other.export_key
-            && *name == other.name
-            && *issuer == other.issuer
-    }
-}
-
 impl Certificate {
     /// Write the certificate and the key if marked for export to the specified folder.
     pub fn write(&self, directory: &Path) -> Result<(), Error> {
@@ -165,6 +148,23 @@ impl Debug for Certificate {
     }
 }
 
+impl PartialEq for Certificate {
+    fn eq(&self, other: &Self) -> bool {
+        let Certificate {
+            certificate,
+            key,
+            export_key,
+            name,
+            issuer,
+        } = self;
+        certificate.der() == other.certificate.der()
+            && key.serialized_der() == other.key.serialize_der()
+            && *export_key == other.export_key
+            && *name == other.name
+            && *issuer == other.issuer
+    }
+}
+
 #[cfg(test)]
 mod test {
     use configuration::certificates::fixtures::{

diff --git a/test-certs/tests/examples/intermediate_ca.yaml b/test-certs/tests/examples/intermediate_ca.yaml
@@ -1,12 +1,12 @@
 # Creates a root ca
 my-root-ca:
-  # the my-root-ca key file is by default not exported
+  # The my-root-ca key file is by default not exported
   type: ca
   certificates:
-    # my-intermediate-ca is issued by my-root-ca
+    # The my-intermediate-ca is issued by my-root-ca
     my-intermediate-ca:
       type: ca
-      # We want to export the my-intermediate-ca key to be exported
+      # We want the my-intermediate-ca key to be exported
       export_key: true
       certificates:
         # Create a client auth certificate issued by my-intermediate-ca