From 1991963cab3b18de4ecc3f6d28962cceb1b636c9 Mon Sep 17 00:00:00 2001 From: Slawek Koszewski Date: Sat, 2 Aug 2025 13:51:14 +0200 Subject: [PATCH] Bug fixes for referening and not copying objects and few others. --- ca.go | 4 ++-- certdb.go | 29 ++++++++++++++--------------- 2 files changed, 16 insertions(+), 17 deletions(-) diff --git a/ca.go b/ca.go index 418cf46..29cc238 100644 --- a/ca.go +++ b/ca.go @@ -72,7 +72,7 @@ func (def *CertificateDefinition) FillDefaultValues(defaults *CertificateDefault def.Validity = defaults.Validity } if len(def.SAN) == 0 && len(defaults.SAN) > 0 { - def.SAN = defaults.SAN + def.SAN = append([]string(nil), defaults.SAN...) } } @@ -705,7 +705,7 @@ func IssueCertificate(certDef CertificateDefinition, overwrite bool, dryRun bool fmt.Printf("%s certificate and key for '%s' generated.\n", certDef.Type, certDef.Subject) if err := SaveCAState(); err != nil { - fmt.Printf("Error saving CA state: %v\n", err) + fmt.Printf("Error saving CA state: %v", err) } return nil diff --git a/certdb.go b/certdb.go index fc39bc2..182f41f 100644 --- a/certdb.go +++ b/certdb.go @@ -36,41 +36,42 @@ type CertificateRecord struct { // Look for a certifcate by its name func (c *CAState) FindByName(name string, all bool) *CertificateRecord { - for _, cert := range c.Certificates { + for i := range c.Certificates { + cert := &c.Certificates[i] if cert.RevokedAt != "" && !all { continue } if cert.Name == name { - return &cert + return cert } } - return nil } // Look for a certificate by its serial func (c *CAState) FindBySerial(serial string, all bool) *CertificateRecord { - for _, cert := range c.Certificates { + for i := range c.Certificates { + cert := &c.Certificates[i] if cert.RevokedAt != "" && !all { continue } if cert.Serial == serial { - return &cert + return cert } } - return nil } -// func caStatePath() string { -// return filepath.Join(filepath.Dir(caConfigPath), caConfig.GetStateFileName()) -// } - // LoadCAState loads the CA state from a JSON file func LoadCAState() error { fmt.Printf("Loading CA state from %s\n", caStatePath) f, err := os.Open(caStatePath) if err != nil { + if os.IsNotExist(err) { + // File does not exist, treat as empty state + caState = &CAState{} + return nil + } return err } defer f.Close() @@ -97,8 +98,7 @@ func SaveCAState() error { // UpdateCAStateAfterIssue updates the CA state JSON after issuing a certificate func (s *CAState) UpdateCAStateAfterIssue(serialType, name string, subject string, certType string, serialNumber any, validity time.Duration) error { if s == nil { - fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in UpdateCAStateAfterIssue. This indicates a programming error.\n") - os.Exit(1) + return fmt.Errorf("CAState is nil in UpdateCAStateAfterIssue. This indicates a programming error.") } issued := time.Now().UTC().Format(time.RFC3339) expires := time.Now().Add(validity).UTC().Format(time.RFC3339) @@ -119,7 +119,7 @@ func (s *CAState) UpdateCAStateAfterIssue(serialType, name string, subject strin func (s *CAState) AddCertificate(name, subject, certType, issued, expires, serial string) { if s == nil { fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in AddCertificate. This indicates a programming error.\n") - os.Exit(1) + return } rec := CertificateRecord{ Name: name, @@ -135,8 +135,7 @@ func (s *CAState) AddCertificate(name, subject, certType, issued, expires, seria // RevokeCertificate revokes a certificate by serial number and reason code, updates state, and saves to disk func (s *CAState) RevokeCertificate(serial string, reason int) error { if s == nil { - fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in RevokeCertificate. This indicates a programming error.\n") - os.Exit(1) + return fmt.Errorf("CAState is nil in RevokeCertificate. This indicates a programming error.") } revoked := false revokedAt := time.Now().UTC().Format(time.RFC3339)