dns-name: Remove webpki dependency (#1316)

The `dns::Name` type is backed by `webpki::DNSName`; and the `webpki`
crate has a dependency on `ring`. As we setup to support alternate
cryptographic implementations, we don't want to incur this dependency
for such a simple type that only validates DNS-like names.

This change copies the `webpki::DNSName` and `webpki::DNSNameRef` types
as `dns::Name` and `dns::NameRef` (preserving copyright information).
Name parsing is simplified, as we don't need to handle wildcards with
these types.

Furthermore, this change updates the various identity-type wrapper types
to implement `Deref` so that `dns::Name::as_str` and
`dns::Name::as_bytes` are available implicitly.

Author: olix0r

Cargo.lock

@@ -879,7 +879,6 @@ version = "0.1.0"
 dependencies = [
  "thiserror",
  "untrusted",
- "webpki",
 ]
 
 [[package]]

linkerd/app/gateway/src/gateway.rs

@@ -155,7 +155,7 @@ where
                 {
                     if let Some(by) = fwd_by(forwarded) {
                         tracing::info!(%forwarded);
-                        if by == local_id.as_ref() {
+                        if by == local_id.as_str() {
                             return Box::pin(future::err(GatewayLoop.into()));
                         }
                     }

linkerd/app/inbound/src/http/set_identity_header.rs

@@ -43,7 +43,7 @@ where
             .and_then(|tls| match tls {
                 tls::ServerTls::Established { client_id, .. } => {
                     client_id.as_ref().and_then(|id| {
-                        match http::HeaderValue::from_str(id.as_ref().as_ref()) {
+                        match http::HeaderValue::from_str(id.as_str()) {
                             Ok(v) => Some(v),
                             Err(error) => {
                                 tracing::warn!(%error, "identity not a valid header value");

linkerd/app/inbound/src/policy/mod.rs

@@ -144,8 +144,8 @@ impl AllowPolicy {
                             ..
                         }) = tls
                         {
-                            if identities.contains(id.as_ref())
-                                || suffixes.iter().any(|s| s.contains(id.as_ref()))
+                            if identities.contains(id.as_str())
+                                || suffixes.iter().any(|s| s.contains(id.as_str()))
                             {
                                 return Ok(Permit::new(self.dst, &*server, authz));
                             }

linkerd/app/outbound/src/http/require_id_header.rs

@@ -86,7 +86,7 @@ where
         if let Some(require_id) = Self::extract_id(&mut request) {
             match self.tls.as_ref() {
                 Conditional::Some(tls::ClientTls { server_id, .. }) => {
-                    if require_id != *server_id.as_ref() {
+                    if require_id != **server_id {
                         debug!(
                             required = %require_id,
                             found = %server_id,

linkerd/dns/name/Cargo.toml

@@ -9,4 +9,3 @@ publish = false
 [dependencies]
 thiserror = "1.0"
 untrusted = "0.7"
-webpki = "0.21"

linkerd/dns/name/src/lib.rs

@@ -4,5 +4,5 @@
 mod name;
 mod suffix;
 
-pub use self::name::{InvalidName, Name};
+pub use self::name::{InvalidName, Name, NameRef};
 pub use self::suffix::Suffix;