From d1848624278e132ad4f411d9ce3d0c8db9197808 Mon Sep 17 00:00:00 2001 From: Roland Shoemaker Date: Mon, 25 May 2015 01:17:28 +0100 Subject: [PATCH] gofmt and move deniedCSR table creation back to SA --- cmd/admin-revoker/main.go | 36 ++++++++++++++++-------------------- core/interfaces.go | 2 -- ra/registration-authority.go | 2 +- rpc/rpc-wrappers.go | 35 +---------------------------------- sa/storage-authority.go | 1 + sa/storage-authority_test.go | 7 ------- 6 files changed, 19 insertions(+), 64 deletions(-) diff --git a/cmd/admin-revoker/main.go b/cmd/admin-revoker/main.go index 5c066b931..3d8e7bb64 100644 --- a/cmd/admin-revoker/main.go +++ b/cmd/admin-revoker/main.go @@ -11,12 +11,12 @@ import ( "fmt" "io/ioutil" "os" - "strconv" "sort" + "strconv" "strings" - "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/codegangsta/cli" "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/cactus/go-statsd-client/statsd" + "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/codegangsta/cli" // Load both drivers to allow configuring either _ "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/go-sql-driver/mysql" @@ -32,13 +32,13 @@ import ( ) var reasons map[int]string = map[int]string{ - 0: "unspecified", - 1: "keyCompromise", - 2: "cACompromise", - 3: "affiliationChanged", - 4: "superseded", - 5: "cessationOfOperation", - 6: "certificateHold", + 0: "unspecified", + 1: "keyCompromise", + 2: "cACompromise", + 3: "affiliationChanged", + 4: "superseded", + 5: "cessationOfOperation", + 6: "certificateHold", // 7 is unused 8: "removeFromCRL", // needed? 9: "privilegeWithdrawn", @@ -74,10 +74,6 @@ func setupContext(context *cli.Context) (rpc.CertificateAuthorityClient, *blog.A dbMap, err := sa.NewDbMap(c.Revoker.DBDriver, c.Revoker.DBName) cmd.FailOnError(err, "Couldn't setup database connection") - dbMap.AddTableWithName(core.DeniedCsr{}, "deniedCsrs").SetKeys(true, "ID") - err = dbMap.CreateTablesIfNotExists() - cmd.FailOnError(err, "Could not create the deniedCsrs table") - return cac, auditlogger, dbMap } @@ -146,7 +142,7 @@ func main() { Name: "config", Value: "config.json", EnvVar: "BOULDER_CONFIG", - Usage: "Path to Boulder JSON configuration file", + Usage: "Path to Boulder JSON configuration file", }, cli.BoolFlag{ Name: "deny-future", @@ -155,7 +151,7 @@ func main() { } app.Commands = []cli.Command{ { - Name: "serial-revoke", + Name: "serial-revoke", Usage: "Revoke a single certificate by the hex serial number", Action: func(c *cli.Context) { // 1: serial, 2: reasonCode (3: deny flag) @@ -182,7 +178,7 @@ func main() { }, }, { - Name: "reg-revoke", + Name: "reg-revoke", Usage: "Revoke all certificates associated with a registration ID", Action: func(c *cli.Context) { // 1: registration ID, 2: reasonCode (3: deny flag) @@ -196,7 +192,7 @@ func main() { // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 defer auditlogger.AuditPanic() blog.SetAuditLogger(auditlogger) - + tx, err := dbMap.Begin() if err != nil { tx.Rollback() @@ -210,7 +206,7 @@ func main() { }, }, { - Name: "list-reasons", + Name: "list-reasons", Usage: "List possible revocation reason codes", Action: func(c *cli.Context) { var codes []int @@ -218,7 +214,7 @@ func main() { codes = append(codes, k) } sort.Ints(codes) - fmt.Println("Revocation reason codes\n-----------------------\n") + fmt.Printf("Revocation reason codes\n-----------------------\n\n") for _, k := range codes { fmt.Printf("%d: %s\n", k, reasons[k]) } @@ -228,4 +224,4 @@ func main() { err := app.Run(os.Args) cmd.FailOnError(err, "Failed to run application") -} \ No newline at end of file +} diff --git a/core/interfaces.go b/core/interfaces.go index b20f74960..5be099b1e 100644 --- a/core/interfaces.go +++ b/core/interfaces.go @@ -107,8 +107,6 @@ type StorageAdder interface { MarkCertificateRevoked(serial string, ocspResponse []byte, reasonCode int) error AddCertificate([]byte, int64) (string, error) - - AddDeniedCSR([]string) error } // StorageAuthority interface represents a simple key/value diff --git a/ra/registration-authority.go b/ra/registration-authority.go index 420046b74..f4a2e646e 100644 --- a/ra/registration-authority.go +++ b/ra/registration-authority.go @@ -280,7 +280,7 @@ func (ra *RegistrationAuthorityImpl) UpdateAuthorization(base core.Authorization func (ra *RegistrationAuthorityImpl) RevokeCertificate(cert x509.Certificate) error { serialString := core.SerialToString(cert.SerialNumber) - err := ra.CA.RevokeCertificate(serialString) + err := ra.CA.RevokeCertificate(serialString, 0) // AUDIT[ Revocation Requests ] 4e85d791-09c0-4ab3-a837-d3d67e945134 if err != nil { diff --git a/rpc/rpc-wrappers.go b/rpc/rpc-wrappers.go index 7833a0b2f..a9fb4c71a 100644 --- a/rpc/rpc-wrappers.go +++ b/rpc/rpc-wrappers.go @@ -727,24 +727,6 @@ func NewStorageAuthorityServer(serverQueue string, channel *amqp.Channel, impl c return nil }) - rpc.Handle(MethodAddDeniedCSR, func(req []byte) []byte { - var csrReq struct { - Names []string - } - - if err := json.Unmarshal(req, csrReq); err != nil { - // AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64 - improperMessage(MethodAddDeniedCSR, err, req) - return nil - } - - if err := impl.AddDeniedCSR(csrReq.Names); err != nil { - // AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3 - errorCondition(MethodAddDeniedCSR, err, csrReq) - } - return nil - }) - rpc.Handle(MethodAlreadyDeniedCSR, func(req []byte) []byte { var csrReq struct { Names []string @@ -956,21 +938,6 @@ func (cac StorageAuthorityClient) AddCertificate(cert []byte, regID int64) (id s return } -func (cac StorageAuthorityClient) AddDeniedCSR(names []string) (err error) { - var sliceReq struct { - Names []string - } - sliceReq.Names = names - - data, err := json.Marshal(sliceReq) - if err != nil { - return - } - - _, err = cac.rpc.DispatchSync(MethodAddDeniedCSR, data) - return -} - func (cac StorageAuthorityClient) AlreadyDeniedCSR(names []string) (exists bool, err error) { var sliceReq struct { Names []string @@ -984,7 +951,7 @@ func (cac StorageAuthorityClient) AlreadyDeniedCSR(names []string) (exists bool, response, err := cac.rpc.DispatchSync(MethodAlreadyDeniedCSR, data) if err != nil || len(response) == 0 { - err = errors.New("AddDeniedCSR RPC failed") // XXX + err = errors.New("AlreadyDeniedCSR RPC failed") // XXX return } diff --git a/sa/storage-authority.go b/sa/storage-authority.go index 97c7c8b6b..045850eb2 100644 --- a/sa/storage-authority.go +++ b/sa/storage-authority.go @@ -190,6 +190,7 @@ func (ssa *SQLStorageAuthority) InitTables() (err error) { ssa.dbMap.AddTableWithName(core.CertificateStatus{}, "certificateStatus").SetKeys(false, "Serial").SetVersionCol("LockCol") ssa.dbMap.AddTableWithName(core.OcspResponse{}, "ocspResponses").SetKeys(true, "ID") ssa.dbMap.AddTableWithName(core.Crl{}, "crls").SetKeys(false, "Serial") + ssa.dbMap.AddTableWithName(core.DeniedCsr{}, "deniedCsrs").SetKeys(true, "ID") err = ssa.dbMap.CreateTablesIfNotExists() return diff --git a/sa/storage-authority_test.go b/sa/storage-authority_test.go index 66e76e77b..35a820b95 100644 --- a/sa/storage-authority_test.go +++ b/sa/storage-authority_test.go @@ -203,11 +203,4 @@ func TestDeniedCSR(t *testing.T) { exists, err := sa.AlreadyDeniedCSR(append(csr.DNSNames, csr.Subject.CommonName)) test.AssertNotError(t, err, "AlreadyDeniedCSR failed") test.Assert(t, !exists, "Found non-existent CSR") - - err = sa.AddDeniedCSR(append(csr.DNSNames, csr.Subject.CommonName)) - test.AssertNotError(t, err, "Couldn't add the denied CSR to the DB") - - exists, err = sa.AlreadyDeniedCSR(append(csr.DNSNames, csr.Subject.CommonName)) - test.AssertNotError(t, err, "AlreadyDeniedCSR failed") - test.Assert(t, exists, "Couldn't find denied CSR in DB") }