From cf9eb769d430b6b517af09006aac060accae0460 Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Thu, 5 May 2022 15:19:33 +0200
Subject: [PATCH] Add duplicate removal for Common Names

---
 policy.go      |  2 ++
 policy_test.go | 36 ++++++++++++++++++++----------------
 2 files changed, 22 insertions(+), 16 deletions(-)

diff --git a/policy.go b/policy.go
index 80663b5..478e857 100644
--- a/policy.go
+++ b/policy.go
@@ -11,12 +11,14 @@ func (p *Policy) Deduplicate() {
 			allow.Ips = removeDuplicates(allow.Ips)
 			allow.Emails = removeDuplicates(allow.Emails)
 			allow.Uris = removeDuplicates(allow.Uris)
+			allow.CommonNames = removeDuplicates(allow.CommonNames)
 		}
 		if deny := p.GetX509().GetDeny(); deny != nil {
 			deny.Dns = removeDuplicates(deny.Dns)
 			deny.Ips = removeDuplicates(deny.Ips)
 			deny.Emails = removeDuplicates(deny.Emails)
 			deny.Uris = removeDuplicates(deny.Uris)
+			deny.CommonNames = removeDuplicates(deny.CommonNames)
 		}
 	}
 	if ssh := p.GetSsh(); ssh != nil {
diff --git a/policy_test.go b/policy_test.go
index 552f90b..3bba039 100644
--- a/policy_test.go
+++ b/policy_test.go
@@ -54,32 +54,36 @@ func TestPolicy_Deduplicate(t *testing.T) {
 			policy: &Policy{
 				X509: &X509Policy{
 					Allow: &X509Names{
-						Dns:    []string{"*.local", "*.example.com", "*.local"},
-						Ips:    []string{"192.168.0.0/24", "10.10.10.0/24", "192.168.0.0/24"},
-						Emails: []string{"@example.com", "@local", "@example.com"},
-						Uris:   []string{"*.local", "*.example.com", "*.local"},
+						Dns:         []string{"*.local", "*.example.com", "*.local"},
+						Ips:         []string{"192.168.0.0/24", "10.10.10.0/24", "192.168.0.0/24"},
+						Emails:      []string{"@example.com", "@local", "@example.com"},
+						Uris:        []string{"*.local", "*.example.com", "*.local"},
+						CommonNames: []string{"bla", "host", "bla"},
 					},
 					Deny: &X509Names{
-						Dns:    []string{"*.local", "*.example.com", "*.local"},
-						Ips:    []string{"192.168.0.0/24", "10.10.10.0/24", "192.168.0.0/24"},
-						Emails: []string{"@example.com", "@local", "@example.com"},
-						Uris:   []string{"*.local", "*.example.com", "*.local"},
+						Dns:         []string{"*.local", "*.example.com", "*.local"},
+						Ips:         []string{"192.168.0.0/24", "10.10.10.0/24", "192.168.0.0/24"},
+						Emails:      []string{"@example.com", "@local", "@example.com"},
+						Uris:        []string{"*.local", "*.example.com", "*.local"},
+						CommonNames: []string{"bla", "host", "bla"},
 					},
 				},
 			},
 			expected: &Policy{
 				X509: &X509Policy{
 					Allow: &X509Names{
-						Dns:    []string{"*.local", "*.example.com"},
-						Ips:    []string{"192.168.0.0/24", "10.10.10.0/24"},
-						Emails: []string{"@example.com", "@local"},
-						Uris:   []string{"*.local", "*.example.com"},
+						Dns:         []string{"*.local", "*.example.com"},
+						Ips:         []string{"192.168.0.0/24", "10.10.10.0/24"},
+						Emails:      []string{"@example.com", "@local"},
+						Uris:        []string{"*.local", "*.example.com"},
+						CommonNames: []string{"bla", "host"},
 					},
 					Deny: &X509Names{
-						Dns:    []string{"*.local", "*.example.com"},
-						Ips:    []string{"192.168.0.0/24", "10.10.10.0/24"},
-						Emails: []string{"@example.com", "@local"},
-						Uris:   []string{"*.local", "*.example.com"},
+						Dns:         []string{"*.local", "*.example.com"},
+						Ips:         []string{"192.168.0.0/24", "10.10.10.0/24"},
+						Emails:      []string{"@example.com", "@local"},
+						Uris:        []string{"*.local", "*.example.com"},
+						CommonNames: []string{"bla", "host"},
 					},
 				},
 			},