add a method to collect DNS names from a certificate

[cpu]

This branch adds an EndEntityCert::dns_names method, which returns a list of the DNS names provided in the subject alternative names extension of the certificate.

This branch is based on work done by @seanmonstar in briansmith/webpki#91, by @Geal in briansmith/webpki#103 and @hawkw in #6. The development train keeps chugging along in this branch :-)

In #6 @hawkw updated the changeset to track the main branch of the rustls/webpki repository. Since I wasn't able to push commits to the linkerd fork to continue develop in #6 I have addressed the feedback on that branch in this separate PR. The new changes are:

• Updating list_cert_dns_names to return impl Iterator instead of a Vec based on @djc's feedback.
• Fixing the stale comments about Eq, PartialEq, etc flagged by @samlh in a drive-by review. Brian Smith implemented Eq, PartialEq and Hash for the DNSName type in briansmith/webpki@96de094 but the comments referring to not implementing them slipped through.
• Rebasing on main.
• Applying cargo fmt, fixing cargo clippy findings, import drifts.
• Removing alloc requirement on Debug impls with an allocation-free strategy for lowercasing.
• Removing unnecessary use of a RefCell by changing the name iterator helper to accept an impl FnMut argument instead of dyn Fn.
• Removing the owned WildcardDnsName type.
• Clarifying the rationale for the GeneralDnsNameRef type, and why DnsNameRef can't contain wildcards while WildcardDnsNameRef may.
• Implementing AsRef<str> for GeneralDnsNameRef.

Any bugs/errors are mine :-P

Closes #2
Replaces #6

Authored-by: Geoffroy Couprie geo.couprie@gmail.com
Co-authored-by: Sean McArthur sean@seanmonstar.com
Co-authored-by: Eliza Weisman eliza@buoyant.io
Co-authored-by: Daniel McCarney daniel@binaryparadox.net
Signed-off-by: Daniel McCarney daniel@binaryparadox.net

[cpu]

Oops, looks like I picked a stale base branch and need to resolve conflicts. Setting this as WIP to fix that up.

[cpu]

need to resolve conflicts. Setting this as WIP to fix that up.

All fixed up.

[djc]

Would be nice to squash this all into a single commit (with a whole bunch of co-author lines).

[hawkw]

Looks good to me, thanks for picking up this work!

I had one small suggestion that occurred to me while skimming this code.

[cpu]

I had one small suggestion that occurred to me while skimming this code.

Thanks for the review!

Would be nice to squash this all into a single commit (with a whole bunch of co-author lines).

Done ☑️

[codecov]

Codecov Report

Merging #42 (9b66ec4) into main (6dd4a44) will decrease coverage by 0.40%.
The diff coverage is 82.27%.

@@            Coverage Diff             @@
##             main      #42      +/-   ##
==========================================
- Coverage   94.17%   93.78%   -0.40%     
==========================================
  Files          14       14              
  Lines        2505     2573      +68     
==========================================
+ Hits         2359     2413      +54     
- Misses        146      160      +14     

Impacted Files	Coverage Δ
src/subject_name/dns_name.rs	87.14% <68.88%> (-3.28%)	⬇️
src/end_entity.rs	54.54% <100.00%> (+2.16%)	⬆️
src/subject_name/verify.rs	95.81% <100.00%> (+0.49%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[Geal]

I'm amazed to see this merged, it took a few detours, but it's there!! Thanks!