Fix signer behaviour for broken CRLs

- update dependencies
- remove required year from Copyright

.golangci.yml

@@ -17,7 +17,7 @@ linters-settings:
       const:
         ORGANIZATION: CAcert Inc.
     template: |-
-      Copyright {{ YEAR-RANGE }} {{ ORGANIZATION }}
+      Copyright {{ ORGANIZATION }}
       SPDX-License-Identifier: Apache-2.0
 
       Licensed under the Apache License, Version 2.0 (the "License");

cmd/clientsim/main.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022-2023 CAcert Inc.
+Copyright CAcert Inc.
 SPDX-License-Identifier: Apache-2.0
 
 Licensed under the Apache License, Version 2.0 (the "License");

go.mod

@@ -6,13 +6,13 @@ require (
 	github.com/ThalesIgnite/crypto11 v1.2.5
 	github.com/balacode/go-delta v0.1.0
 	github.com/dave/jennifer v1.7.0
-	github.com/google/uuid v1.3.1
+	github.com/google/uuid v1.5.0
 	github.com/justincpresley/go-cobs v1.3.1
 	github.com/shamaton/msgpackgen v0.3.0
 	github.com/sirupsen/logrus v1.9.3
 	github.com/stretchr/testify v1.8.0
 	github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07
-	golang.org/x/term v0.12.0
+	golang.org/x/term v0.16.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -24,5 +24,5 @@ require (
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/shamaton/msgpack/v2 v2.1.1 // indirect
 	github.com/thales-e-security/pool v0.0.2 // indirect
-	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/sys v0.16.0 // indirect
 )

go.sum

@@ -13,6 +13,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
 github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
+github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/justincpresley/go-cobs v1.3.1 h1:PbQ6FqJ5GTIECZz+FwgDTJlHl2avdboWpGrjJG9Khjg=
 github.com/justincpresley/go-cobs v1.3.1/go.mod h1:L0d+EbGirv6IzsXNzwULduI2/z3ijkkAmsAuPMpLfqA=
 github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
@@ -44,8 +46,12 @@ github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpu
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
+golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
+golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/x509/revoking/revoking.go

@@ -191,10 +191,12 @@ func (r *X509Revoking) GetCRL(number *big.Int) (*CRLInformation, error) {
 			r.logger.WithError(err).Warn("could not parse CRL")
 		}
 
-		stillValid := list.ThisUpdate.Add(maximumCRLLifetime).After(time.Now().UTC())
+		if list != nil {
+			stillValid := list.ThisUpdate.Add(maximumCRLLifetime).After(time.Now().UTC())
 
-		if number != nil || stillValid {
-			return &CRLInformation{CRL: crl, Number: list.Number, NextUpdate: list.NextUpdate}, nil
+			if number != nil || stillValid {
+				return &CRLInformation{CRL: crl, Number: list.Number, NextUpdate: list.NextUpdate}, nil
+			}
 		}
 	}