Closed msuliq closed 3 months ago
Hello !
Thanks for your contribution.
However, I will not merge it because extract_dns_subject_alternative_names()
was never part of SSLyze's public API (for example it is located in a file that starts with _ ie. "_certificate_utils.py" to indicate that).
Functions that are not part of the public API are not guaranteed to stay the same and keeping API-compatibility for all functions in SSLyze (including the private ones) would be too much work.
Reintroduce extract_dns_subject_alternative_names Method for Compatibility with Legacy Systems
This PR reinstates the
extract_dns_subject_alternative_names
method, which was part of the library up to version 5.0.6 inclusive. The method was deprecated and subsequently removed in favor ofparse_subject_alternative_name_extension
, but with this PR it be added back, however it will be using the existing code ofparse_subject_alternative_name_extension
instead of the deprecated method contents in order to benefit from better handling of Subject Alternative Names (SAN) in X.509 certificates. Reintroducing this method, will allow to support legacy systems that still depend on theextract_dns_subject_alternative_names
method and will ease upgrade of thesslyze
and dependencies, e.g.cryptography
for more enhanced and robust security.Changes Introduced
Add new method
extract_dns_subject_alternative_names
that shares name with deprecated method and utilizes functionality ofparse_subject_alternative_name_extension
to ensure consistency and maintainability. Methodextract_dns_subject_alternative_names
callsparse_subject_alternative_name_extension
and extracts only DNS names, ensuring it functions similarly to the original method but aligns with the new code design.