On February 28, 2023 5:36 pm, Max Carrara wrote:
> Signed-off-by: Max Carrara <[email protected]>
> ---
> src/PVE/Certificate.pm | 23 ++++++++++++-----------
> 1 file changed, 12 insertions(+), 11 deletions(-)
>
> diff --git a/src/PVE/Certificate.pm b/src/PVE/Certificate.pm
> index 5ec1c6b..31def4c 100644
> --- a/src/PVE/Certificate.pm
> +++ b/src/PVE/Certificate.pm
> @@ -385,19 +385,19 @@ sub generate_csr {
> $ssl_die->("Failed to allocate X509_NAME object\n") if !$name;
> my $add_name_entry = sub {
> my ($k, $v) = @_;
> - if (!Net::SSLeay::X509_NAME_add_entry_by_txt($name,
> - $k,
> -
> &Net::SSLeay::MBSTRING_UTF8,
> - encode('utf-8', $v))) {
> + if (!Net::SSLeay::X509_NAME_add_entry_by_txt(
> + $name, $k, &Net::SSLeay::MBSTRING_UTF8, encode('utf-8', $v)
not sure if I wouldn't prefer
if (!Net::SSLeay::X509_NAME_add_entry_by_txt(
$name,
$k,
&Net::SSLeay::MBSTRING_UTF8,
encode('utf-8', $v),
)) {
here, it's kinda ugly in both variants to be honest ;)
maybe
my $res = Net::SSLeay::X509_NAME_add_entry_by_txt(
$name,
$k,
&Net::SSLeay::MBSTRING_UTF8,
encode('utf-8', $v),
);
$cleanup->(..) if !$res;
would be nicer?
> + )
> + ) {
> $cleanup->(1, "Failed to add '$k'='$v' to DN\n");
> }
> };
>
> $add_name_entry->('CN', $common_name);
> for (qw(C ST L O OU)) {
> - if (defined(my $v = $attr{$_})) {
> + if (defined(my $v = $attr{$_})) {
> $add_name_entry->($_, $v);
> - }
> + }
> }
>
> if (defined($pem_key)) {
> @@ -431,11 +431,12 @@ sub generate_csr {
> if (!Net::SSLeay::X509_REQ_set_subject_name($req, $name));
>
> $cleanup->(1, "Failed to add extensions to CSR\n")
> - if !Net::SSLeay::P_X509_REQ_add_extensions($req,
> - &Net::SSLeay::NID_key_usage =>
> 'digitalSignature,keyEncipherment',
> - &Net::SSLeay::NID_basic_constraints => 'CA:FALSE',
> - &Net::SSLeay::NID_ext_key_usage => 'serverAuth,clientAuth',
> - &Net::SSLeay::NID_subject_alt_name => join(',', map { "DNS:$_"
> } @$san),
> + if !Net::SSLeay::P_X509_REQ_add_extensions(
> + $req,
> + &Net::SSLeay::NID_key_usage => 'digitalSignature,keyEncipherment',
> + &Net::SSLeay::NID_basic_constraints => 'CA:FALSE',
> + &Net::SSLeay::NID_ext_key_usage => 'serverAuth,clientAuth',
> + &Net::SSLeay::NID_subject_alt_name => join(',', map { "DNS:$_" }
> @$san),
> );
this one is actually against our style guide in both old and new, it should use
a regular if with proper wrapping, not a post-if, like the first hunk of this
patch :)
https://pve.proxmox.com/wiki/Perl_Style_Guide#Breaking_long_lines_and_strings
could also use the 'store result in variable' style if it helps with
readability.
>
> $cleanup->(1, "Failed to set public key\n")
> --
> 2.30.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> [email protected]
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
_______________________________________________
pve-devel mailing list
[email protected]
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
