From f8f25e76b65caeae06c35c99759e8a0d9294fefc Mon Sep 17 00:00:00 2001 From: Michael Klishin Date: Mon, 19 Apr 2021 13:56:39 +0300 Subject: [PATCH] Pass Dialyzer x.509 certificate extensions do not really have types in OTP's public_key, so our hands are tied. (cherry picked from commit 15875017337efb7affa862034c3389bd5b3aa6b2) --- deps/rabbit/src/rabbit_ssl.erl | 2 ++ deps/rabbit_common/src/rabbit_cert_info.erl | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/deps/rabbit/src/rabbit_ssl.erl b/deps/rabbit/src/rabbit_ssl.erl index 7fc0700aff60..44dbdada7bc7 100644 --- a/deps/rabbit/src/rabbit_ssl.erl +++ b/deps/rabbit/src/rabbit_ssl.erl @@ -28,6 +28,8 @@ {ssl_cipher_format, suite_map_to_openssl_str, 1}, {ssl_cipher_format, suite_map_to_bin, 1}]). +-dialyzer({nowarn_function, peer_cert_auth_name/2}). + -type certificate() :: rabbit_cert_info:certificate(). -type cipher_suites_mode() :: default | all | anonymous. diff --git a/deps/rabbit_common/src/rabbit_cert_info.erl b/deps/rabbit_common/src/rabbit_cert_info.erl index 4f217aa89111..2ea1ebd5944e 100644 --- a/deps/rabbit_common/src/rabbit_cert_info.erl +++ b/deps/rabbit_common/src/rabbit_cert_info.erl @@ -25,6 +25,10 @@ -type certificate() :: public_key:der_encoded(). +%% x.509 certificate extensions usually look like key/value pairs but can +%% be just about any value +-type certificate_extension_value() :: any(). + %%-------------------------------------------------------------------------- %% High-level functions used by reader %%-------------------------------------------------------------------------- @@ -68,7 +72,7 @@ extensions(Cert) -> Extensions end, Cert). --spec subject_alternative_names(certificate()) -> [{atom(), string()}]. +-spec subject_alternative_names(certificate()) -> [certificate_extension_value()]. subject_alternative_names(Cert) -> Extensions = extensions(Cert), try lists:keyfind(?'id-ce-subjectAltName', #'Extension'.extnID, Extensions) of