From bcdb792897b910afb48eaf8a5c04a5120a65c6fd Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Fri, 12 Jan 2024 19:27:00 +0100
Subject: [PATCH] Fix signer behaviour for broken CRLs

---
 internal/x509/revoking/revoking.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/internal/x509/revoking/revoking.go b/internal/x509/revoking/revoking.go
index 4341b73..f2ef569 100644
--- a/internal/x509/revoking/revoking.go
+++ b/internal/x509/revoking/revoking.go
@@ -191,10 +191,12 @@ func (r *X509Revoking) GetCRL(number *big.Int) (*CRLInformation, error) {
 			r.logger.WithError(err).Warn("could not parse CRL")
 		}
 
-		stillValid := list.ThisUpdate.Add(maximumCRLLifetime).After(time.Now().UTC())
+		if list != nil {
+			stillValid := list.ThisUpdate.Add(maximumCRLLifetime).After(time.Now().UTC())
 
-		if number != nil || stillValid {
-			return &CRLInformation{CRL: crl, Number: list.Number, NextUpdate: list.NextUpdate}, nil
+			if number != nil || stillValid {
+				return &CRLInformation{CRL: crl, Number: list.Number, NextUpdate: list.NextUpdate}, nil
+			}
 		}
 	}