From e2f40827552fe822cc2c98198fe1b458b0d52e3c Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Tue, 29 Mar 2022 18:31:55 +0200 Subject: [PATCH] Move openssl specific code to opensslcertdb package --- cmd/cacertocsp/main.go | 4 +++- .../{opensslcertdb_test.go => ocspsource_test.go} | 4 ++-- pkg/{ocspsource => opensslcertdb}/opensslcertdb.go | 14 ++++++++------ 3 files changed, 13 insertions(+), 9 deletions(-) rename pkg/ocspsource/{opensslcertdb_test.go => ocspsource_test.go} (99%) rename pkg/{ocspsource => opensslcertdb}/opensslcertdb.go (94%) diff --git a/cmd/cacertocsp/main.go b/cmd/cacertocsp/main.go index 145456c..63f3005 100644 --- a/cmd/cacertocsp/main.go +++ b/cmd/cacertocsp/main.go @@ -37,6 +37,8 @@ import ( "github.com/knadh/koanf/providers/file" "github.com/sirupsen/logrus" + "git.cacert.org/cacert-goocsp/pkg/opensslcertdb" + "git.cacert.org/cacert-goocsp/pkg/ocsp" "git.cacert.org/cacert-goocsp/pkg/ocspsource" @@ -134,7 +136,7 @@ func configureIssuers(ctx context.Context, issuerConfigs []*koanf.Koanf, opts [] continue } - certDb, err := ocspsource.NewCertDB(ctx, issuerConfig.String(issuerCertList)) + certDb, err := opensslcertdb.NewCertDB(ctx, issuerConfig.String(issuerCertList)) if err != nil { logrus.Errorf("could not create certificate db %d: %v", number, err) diff --git a/pkg/ocspsource/opensslcertdb_test.go b/pkg/ocspsource/ocspsource_test.go similarity index 99% rename from pkg/ocspsource/opensslcertdb_test.go rename to pkg/ocspsource/ocspsource_test.go index d40b555..bd537c2 100644 --- a/pkg/ocspsource/opensslcertdb_test.go +++ b/pkg/ocspsource/ocspsource_test.go @@ -219,7 +219,7 @@ func newTestCertDB() *testCertDB { } func (t testCertDB) LookupResponseTemplate(serial *big.Int) *ocsp.Response { - serialText := serial.Text(hexBase) + serialText := serial.Text(16) if response, ok := t.content[serialText]; ok { return response @@ -234,7 +234,7 @@ func (t testCertDB) LookupResponseTemplate(serial *big.Int) *ocsp.Response { } func (t testCertDB) UpdateCertificate(update *CertificateUpdate) { - t.content[update.Serial.Text(hexBase)] = &ocsp.Response{ + t.content[update.Serial.Text(16)] = &ocsp.Response{ Status: update.Status, SerialNumber: update.Serial, RevokedAt: update.RevokedAt, diff --git a/pkg/ocspsource/opensslcertdb.go b/pkg/opensslcertdb/opensslcertdb.go similarity index 94% rename from pkg/ocspsource/opensslcertdb.go rename to pkg/opensslcertdb/opensslcertdb.go index dacf23d..697b947 100644 --- a/pkg/ocspsource/opensslcertdb.go +++ b/pkg/opensslcertdb/opensslcertdb.go @@ -15,7 +15,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package ocspsource +package opensslcertdb import ( "bufio" @@ -33,6 +33,8 @@ import ( "github.com/fsnotify/fsnotify" "github.com/sirupsen/logrus" + "git.cacert.org/cacert-goocsp/pkg/ocspsource" + "git.cacert.org/cacert-goocsp/pkg/ocsp" ) @@ -58,7 +60,7 @@ type OpenSSLCertDB struct { content map[string]*ocsp.Response } -func (o *OpenSSLCertDB) UpdateCertificate(update *CertificateUpdate) { +func (o *OpenSSLCertDB) UpdateCertificate(update *ocspsource.CertificateUpdate) { o.content[update.Serial.Text(hexBase)] = &ocsp.Response{ Status: update.Status, SerialNumber: update.Serial, @@ -211,7 +213,7 @@ func (o *OpenSSLCertDB) watchIndexFile(watcher *fsnotify.Watcher) { } // The parseLine function parses a line of index.txt. -func parseLine(line string) *CertificateUpdate { +func parseLine(line string) *ocspsource.CertificateUpdate { const ( fieldSeparator = "\t" ) @@ -234,7 +236,7 @@ func parseLine(line string) *CertificateUpdate { return nil } - update := &CertificateUpdate{ + update := &ocspsource.CertificateUpdate{ Serial: serialNumber, } @@ -268,7 +270,7 @@ func parseSerialNumber(parts []string) (string, *big.Int, error) { return serial, serialNumber, nil } -func mapStatusField(update *CertificateUpdate, parts []string) { +func mapStatusField(update *ocspsource.CertificateUpdate, parts []string) { switch parts[idxStatus] { case "V": update.Status = ocsp.Good @@ -292,7 +294,7 @@ func traceParsedCertificateLine(parts []string, serial string) { ) } -func handleRevoked(response *CertificateUpdate, parts []string, serial string) error { +func handleRevoked(response *ocspsource.CertificateUpdate, parts []string, serial string) error { const lenWithReason = 2 if parts[idxRevocation] == "" {