letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cmd/bad-key-revoker: don't skip certificates where the account has no contacts (#4872)

This commit is contained in:
Roland Bracewell Shoemaker 2020-06-15 10:33:28 -07:00 committed by GitHub
parent 20031f9796
commit 356510aa54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmd/bad-key-revoker/main.go
View File

@ -153,15 +153,19 @@ func (bkr *badKeyRevoker) resolveContacts(ids []int64) (map[int64][]string, erro
}
err := bkr.dbMap.SelectOne(&emails, "SELECT contact FROM registrations WHERE id = ?", id)
if err != nil {
if db.IsNoRows(err) {
continue
}
// ErrNoRows is not acceptable here since there should always be a
// row for the registration, even if there are no contacts
return nil, err
}
if len(emails.Contact) != 0 {
for _, email := range emails.Contact {
idToEmail[id] = append(idToEmail[id], strings.TrimPrefix(email, "mailto:"))
}
} else {
// if the account has no contacts add a placeholder empty contact
// so that we don't skip any certificates
idToEmail[id] = append(idToEmail[id], "")
continue
}
}
return idToEmail, nil

8
cmd/bad-key-revoker/main_test.go
View File

@ -145,7 +145,7 @@ func TestFindUnrevoked(t *testing.T) {
test.AssertNotError(t, err, "failed setting up db client")
defer test.ResetSATestDatabase(t)()
regID := insertRegistration(t, dbMap, "")
regID := insertRegistration(t, dbMap)
bkr := &badKeyRevoker{dbMap: dbMap, serialBatchSize: 1, maxRevocations: 10}
@ -177,12 +177,12 @@ func TestResolveContacts(t *testing.T) {
bkr := &badKeyRevoker{dbMap: dbMap}
regIDA := insertRegistration(t, dbMap, "")
regIDA := insertRegistration(t, dbMap)
regIDB := insertRegistration(t, dbMap, "example.com", "example-2.com")
regIDC := insertRegistration(t, dbMap, "example.com")
regIDD := insertRegistration(t, dbMap, "example-2.com")
idToEmail, err := bkr.resolveContacts([]int64{0, regIDA, regIDB, regIDC, regIDD})
idToEmail, err := bkr.resolveContacts([]int64{regIDA, regIDB, regIDC, regIDD})
test.AssertNotError(t, err, "resolveContacts failed")
test.AssertDeepEquals(t, idToEmail, map[int64][]string{
regIDA: {""},
@ -254,7 +254,7 @@ func TestInvoke(t *testing.T) {
regIDA := insertRegistration(t, dbMap, "example.com")
regIDB := insertRegistration(t, dbMap, "example.com")
regIDC := insertRegistration(t, dbMap, "other.example.com", "uno.example.com")
regIDD := insertRegistration(t, dbMap, "")
regIDD := insertRegistration(t, dbMap)
hashA := randHash(t)
insertBlockedRow(t, dbMap, hashA, regIDC, false)
insertCert(t, dbMap, hashA, "ff", regIDA, false, false)