|
|
@ -15,7 +15,7 @@ See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
package ocspsource
|
|
|
|
package opensslcertdb
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"bufio"
|
|
|
@ -33,6 +33,8 @@ import (
|
|
|
|
"github.com/fsnotify/fsnotify"
|
|
|
|
"github.com/fsnotify/fsnotify"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
"git.cacert.org/cacert-goocsp/pkg/ocspsource"
|
|
|
|
|
|
|
|
|
|
|
|
"git.cacert.org/cacert-goocsp/pkg/ocsp"
|
|
|
|
"git.cacert.org/cacert-goocsp/pkg/ocsp"
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
@ -58,7 +60,7 @@ type OpenSSLCertDB struct {
|
|
|
|
content map[string]*ocsp.Response
|
|
|
|
content map[string]*ocsp.Response
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (o *OpenSSLCertDB) UpdateCertificate(update *CertificateUpdate) {
|
|
|
|
func (o *OpenSSLCertDB) UpdateCertificate(update *ocspsource.CertificateUpdate) {
|
|
|
|
o.content[update.Serial.Text(hexBase)] = &ocsp.Response{
|
|
|
|
o.content[update.Serial.Text(hexBase)] = &ocsp.Response{
|
|
|
|
Status: update.Status,
|
|
|
|
Status: update.Status,
|
|
|
|
SerialNumber: update.Serial,
|
|
|
|
SerialNumber: update.Serial,
|
|
|
@ -211,7 +213,7 @@ func (o *OpenSSLCertDB) watchIndexFile(watcher *fsnotify.Watcher) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// The parseLine function parses a line of index.txt.
|
|
|
|
// The parseLine function parses a line of index.txt.
|
|
|
|
func parseLine(line string) *CertificateUpdate {
|
|
|
|
func parseLine(line string) *ocspsource.CertificateUpdate {
|
|
|
|
const (
|
|
|
|
const (
|
|
|
|
fieldSeparator = "\t"
|
|
|
|
fieldSeparator = "\t"
|
|
|
|
)
|
|
|
|
)
|
|
|
@ -234,7 +236,7 @@ func parseLine(line string) *CertificateUpdate {
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
update := &CertificateUpdate{
|
|
|
|
update := &ocspsource.CertificateUpdate{
|
|
|
|
Serial: serialNumber,
|
|
|
|
Serial: serialNumber,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -268,7 +270,7 @@ func parseSerialNumber(parts []string) (string, *big.Int, error) {
|
|
|
|
return serial, serialNumber, nil
|
|
|
|
return serial, serialNumber, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func mapStatusField(update *CertificateUpdate, parts []string) {
|
|
|
|
func mapStatusField(update *ocspsource.CertificateUpdate, parts []string) {
|
|
|
|
switch parts[idxStatus] {
|
|
|
|
switch parts[idxStatus] {
|
|
|
|
case "V":
|
|
|
|
case "V":
|
|
|
|
update.Status = ocsp.Good
|
|
|
|
update.Status = ocsp.Good
|
|
|
@ -292,7 +294,7 @@ func traceParsedCertificateLine(parts []string, serial string) {
|
|
|
|
)
|
|
|
|
)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func handleRevoked(response *CertificateUpdate, parts []string, serial string) error {
|
|
|
|
func handleRevoked(response *ocspsource.CertificateUpdate, parts []string, serial string) error {
|
|
|
|
const lenWithReason = 2
|
|
|
|
const lenWithReason = 2
|
|
|
|
|
|
|
|
|
|
|
|
if parts[idxRevocation] == "" {
|
|
|
|
if parts[idxRevocation] == "" {
|