Add get_names_from_csruse-cn-from-csr

author: Brad Warren <bmw@eff.org> 2016-05-18 20:14:15 +0300
committer: Brad Warren <bmw@eff.org> 2016-05-18 20:14:15 +0300
commit: 8e17d7498de484857daead51b56f50b186341233 (patch)
tree: d57ab8809b7786b577be8beab0fb456e92b6608d
parent: 50421e99beefd319cc864fa90cd7ba13e9f41786 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/certbot/crypto_util.py b/certbot/crypto_util.py
index 41e675471..b273cf59f 100644
--- a/certbot/crypto_util.py
+++ b/certbot/crypto_util.py
@@ -272,6 +272,27 @@ def get_sans_from_csr(csr, typ=OpenSSL.crypto.FILETYPE_PEM):
         csr, OpenSSL.crypto.load_certificate_request, typ)
 
 
+def get_names_from_csr(csr, typ=OpenSSL.crypto.FILETYPE_PEM):
+    """Get a list of domains from a CSR, including the CN if it is set.
+
+    :param str csr: CSR (encoded).
+    :param typ: `OpenSSL.crypto.FILETYPE_PEM` or `OpenSSL.crypto.FILETYPE_ASN1`
+
+    :returns: A list of domain names.
+    :rtype: list
+
+    """
+    loaded_csr = _load_cert_or_req(
+        csr, OpenSSL.crypto.load_certificate_request, typ)
+    common_name = loaded_csr.get_subject().CN
+
+    # Use a set to avoid duplication with CN and Subject Alt Names
+    domains = set() if common_name is None else set((common_name,))
+    # pylint: disable=protected-access
+    domains.update(acme_crypto_util._pyopenssl_cert_or_req_san(loaded_csr))
+    return list(domains)
+
+
 def dump_pyopenssl_chain(chain, filetype=OpenSSL.crypto.FILETYPE_PEM):
     """Dump certificate chain into a bundle.
author	Brad Warren <bmw@eff.org>	2016-05-18 20:14:15 +0300
committer	Brad Warren <bmw@eff.org>	2016-05-18 20:14:15 +0300
commit	8e17d7498de484857daead51b56f50b186341233 (patch)
tree	d57ab8809b7786b577be8beab0fb456e92b6608d
parent	50421e99beefd319cc864fa90cd7ba13e9f41786 (diff)