Avoid warning dv cn (#843)

* lint about the encoding of qcstatements for PSD2 * Revert "lint about the encoding of qcstatements for PSD2" This reverts commit 6c23670. * util: gtld_map autopull updates for 2021-10-21T07:25:20 UTC * always check and perform the operation in the execution * synchronised with project * synchronised with project * synchronised with project * synchronised with project * fixed merge error * synchronised with project * synchronised with project * Revert "synchronised with project" This reverts commit bad73ee. * Revert "synchronised with project" This reverts commit 2cd7d08. * avoiding warning when CN is present. --------- Co-authored-by: mtg <git@mtg.de> Co-authored-by: GitHub <noreply@github.com> Co-authored-by: Christopher Henderson <chris@chenderson.org>
zmap · May 25, 2024 · 068ae82 · 068ae82
1 parent 8523152
commit 068ae82
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 12 deletions.
diff --git a/v3/lints/cabf_br/lint_cab_dv_subject_invalid_values.go b/v3/lints/cabf_br/lint_cab_dv_subject_invalid_values.go
@@ -66,21 +66,12 @@ func (l *dvSubjectInvalidValues) CheckApplies(cert *x509.Certificate) bool {
 
 func (l *dvSubjectInvalidValues) Execute(cert *x509.Certificate) *lint.LintResult {
 	names := util.GetTypesInName(&cert.Subject)
-	var cnFound = false
 	for _, n := range names {
-		if n.Equal(util.CommonNameOID) {
-			cnFound = true
-			continue
-		}
-		if n.Equal(util.CountryNameOID) {
+		if n.Equal(util.CommonNameOID) || n.Equal(util.CountryNameOID) {
 			continue
 		}
 		return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("DV certificate contains the invalid attribute type %s", n)}
 	}
 
-	if cnFound {
-		return &lint.LintResult{Status: lint.Warn, Details: "DV certificate contains a subject common name, this is not recommended."}
-	}
-
 	return &lint.LintResult{Status: lint.Pass}
 }
diff --git a/v3/lints/cabf_br/lint_cab_dv_subject_invalid_values_test.go b/v3/lints/cabf_br/lint_cab_dv_subject_invalid_values_test.go
@@ -46,9 +46,9 @@ func TestNewDvSubjectInvalidValues(t *testing.T) {
 			ExpectedDetails: "DV certificate contains the invalid attribute type 2.5.4.5",
 		},
 		{
-			Name:            "warn - DV with valid values in subjectDN, with CN, on SC62",
+			Name:            "pass - DV with valid values in subjectDN, with CN, on SC62",
 			InputFilename:   "dvWithCNAndCountry.pem",
-			ExpectedResult:  lint.Warn,
+			ExpectedResult:  lint.Pass,
 			ExpectedDetails: "DV certificate contains a subject common name, this is not recommended",
 		},
 		{