--- TODO Rename? Split out subroutines?
--- Also, this is probably openssl specific, what TODO about that?
-function genx509san(hosts, config, certhosts, raw) -- recive config through that or some better way?
- local function utf8string(s)
- -- This is how we tell openssl not to encode UTF-8 strings as Latin1
- return s_format("FORMAT:UTF8,UTF8:%s", s);
- end
-
- local function ia5string(s)
- return s_format("IA5STRING:%s", s);
- end
-
- local function dnsname(t, host)
- t_insert(t.DNS, idna_to_ascii(host));
- end
-
- local function srvname(t, host, service)
- t_insert(t.otherName, s_format("%s;%s", oid_dnssrv, ia5string("_" .. service .."." .. idna_to_ascii(host))));
- end
-
- local function xmppAddr(t, host)
- t_insert(t.otherName, s_format("%s;%s", oid_xmppaddr, utf8string(host)));
- end
-
- -----------------------------
-
- local san = {
- DNS = {};
- otherName = {};
- };
-
- local sslsanconf = { };