letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add opti-lock (for v1) col, fix certificatesStatus typo, better FinalizeAuthorization

This commit is contained in:
Roland Shoemaker 2015-05-03 02:29:58 -07:00
parent 421434f2cb
commit 7a1a7ec32a
1 changed files with 30 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
sa/storage-authority.go
View File

@ -43,16 +43,22 @@ var dialectMap map[string]interface{} = map[string]interface{}{
type Registration struct { type Registration struct {
Thumbprint string `db:"thumbprint"` Thumbprint string `db:"thumbprint"`
core.Registration core.Registration
Version int64 // Lock column
} }
type Pending_auth struct { type Pending_auth struct {
core.Authorization core.Authorization
Version int64 // Lock column
} }
type Auth struct { type Auth struct {
Sequence int64 `db:"sequence"` Sequence int64 `db:"sequence"`
Digest string `db:"digest"` Digest string `db:"digest"`
core.Authorization core.Authorization
Version int64 // Lock column
} }
type Certificate struct { type Certificate struct {
@ -60,13 +66,17 @@ type Certificate struct {
Digest string `db:"digest"` Digest string `db:"digest"`
Content []byte `db:"content"` Content []byte `db:"content"`
Issued time.Time `db:"issued"` Issued time.Time `db:"issued"`
Version int64 // Lock column
} }
type CertificateStats struct { type CertificateStatus struct {
Serial string `db:"serial"` Serial string `db:"serial"`
RevokedDate time.Time `db:"revokedDate"` RevokedDate time.Time `db:"revokedDate"`
RevokedReason int `db:"revokedReason"` RevokedReason int `db:"revokedReason"`
core.CertificateStatus core.CertificateStatus
Version int64 // Lock column
} }
type OcspResponse struct { type OcspResponse struct {
@ -74,12 +84,16 @@ type OcspResponse struct {
Serial string `db:"serial"` Serial string `db:"serial"`
CreatedAt time.Time `db:"createdAt"` CreatedAt time.Time `db:"createdAt"`
Response []byte `db:"response"` Response []byte `db:"response"`
Version int64 // Lock column
} }
type Crl struct { type Crl struct {
Serial string `db:"serial"` Serial string `db:"serial"`
CreatedAt time.Time `db:"createdAt"` CreatedAt time.Time `db:"createdAt"`
Crl string `db:"crl"` Crl string `db:"crl"`
Version int64 // Lock column
} }
// Type converter // Type converter
@ -174,7 +188,7 @@ func (ssa *SQLStorageAuthority) InitTables() (err error) {
ssa.dbMap.AddTableWithName(Pending_auth{}, "pending_authz").SetKeys(false, "ID") ssa.dbMap.AddTableWithName(Pending_auth{}, "pending_authz").SetKeys(false, "ID")
ssa.dbMap.AddTableWithName(Auth{}, "authz").SetKeys(false, "ID") ssa.dbMap.AddTableWithName(Auth{}, "authz").SetKeys(false, "ID")
ssa.dbMap.AddTableWithName(Certificate{}, "certificates").SetKeys(false, "Serial") ssa.dbMap.AddTableWithName(Certificate{}, "certificates").SetKeys(false, "Serial")
ssa.dbMap.AddTableWithName(CertificateStats{}, "certificateStatus").SetKeys(false, "Serial") ssa.dbMap.AddTableWithName(CertificateStatus{}, "certificateStatus").SetKeys(false, "Serial")
ssa.dbMap.AddTableWithName(OcspResponse{}, "ocspResponses").SetKeys(true, "ID") ssa.dbMap.AddTableWithName(OcspResponse{}, "ocspResponses").SetKeys(true, "ID")
ssa.dbMap.AddTableWithName(Crl{}, "crls").SetKeys(false, "CreatedAt") ssa.dbMap.AddTableWithName(Crl{}, "crls").SetKeys(false, "CreatedAt")
@ -230,7 +244,7 @@ func (ssa *SQLStorageAuthority) DumpTables() {
} }
fmt.Printf("\n----- certificateStatus -----\n") fmt.Printf("\n----- certificateStatus -----\n")
var certificateStatuses []CertificateStats var certificateStatuses []CertificateStatus
_, err = ssa.dbMap.Select(&certificateStatuses, "SELECT * FROM certificateStatus") _, err = ssa.dbMap.Select(&certificateStatuses, "SELECT * FROM certificateStatus")
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
@ -366,12 +380,12 @@ func (ssa *SQLStorageAuthority) GetCertificateStatus(serial string) (status core
return return
} }
certificateStats, err := ssa.dbMap.Get(CertificateStats{}, serial) certificateStats, err := ssa.dbMap.Get(CertificateStatus{}, serial)
if err != nil { if err != nil {
return return
} }
cs := certificateStats.(*CertificateStats) cs := certificateStats.(*CertificateStatus)
status = cs.CertificateStatus status = cs.CertificateStatus
return return
} }
@ -420,7 +434,7 @@ func (ssa *SQLStorageAuthority) MarkCertificateRevoked(serial string, ocspRespon
return return
} }
statusObj, err := tx.Get(CertificateStats{}, serial) statusObj, err := tx.Get(CertificateStatus{}, serial)
if err != nil { if err != nil {
tx.Rollback() tx.Rollback()
return return
@ -430,7 +444,7 @@ func (ssa *SQLStorageAuthority) MarkCertificateRevoked(serial string, ocspRespon
tx.Rollback() tx.Rollback()
return return
} }
status := statusObj.(*CertificateStats) status := statusObj.(*CertificateStatus)
status.Status = core.OCSPStatusRevoked status.Status = core.OCSPStatusRevoked
status.RevokedDate = time.Now() status.RevokedDate = time.Now()
status.RevokedReason = reasonCode status.RevokedReason = reasonCode
@ -531,14 +545,19 @@ func (ssa *SQLStorageAuthority) FinalizeAuthorization(authz core.Authorization)
// ???: is this still needed? ^+v // ???: is this still needed? ^+v
digest := core.Fingerprint256(jsonAuthz) digest := core.Fingerprint256(jsonAuthz)
auth := &Auth{sequence, digest, authz} auth := &Auth{sequence, digest, authz, 0}
authObj, err := ssa.dbMap.Get(Pending_auth{}, authz.ID)
if err != nil {
return
}
oldAuth := authObj.(*Pending_auth)
err = ssa.dbMap.Insert(auth) err = ssa.dbMap.Insert(auth)
if err != nil { if err != nil {
return return
} }
_, err = ssa.dbMap.Delete(&Pending_auth{authz}) _, err = ssa.dbMap.Delete(oldAuth)
return return
} }
@ -551,8 +570,8 @@ func (ssa *SQLStorageAuthority) AddCertificate(certDER []byte) (digest string, e
serial := fmt.Sprintf("%032x", parsedCertificate.SerialNumber) serial := fmt.Sprintf("%032x", parsedCertificate.SerialNumber)
digest = core.Fingerprint256(certDER) digest = core.Fingerprint256(certDER)
cert := &Certificate{serial, digest, certDER, time.Now()} cert := &Certificate{serial, digest, certDER, time.Now(), 0}
certStatus := &CertificateStats{serial, time.Time{}, 0, core.CertificateStatus{false, "good", time.Time{}}} certStatus := &CertificateStatus{serial, time.Time{}, 0, core.CertificateStatus{false, "good", time.Time{}}, 0}
tx, err := ssa.dbMap.Begin() tx, err := ssa.dbMap.Begin()
if err != nil { if err != nil {