Compare commits
2 Commits
b0f0467346
...
v0.3.2
| Author | SHA1 | Date | |
|---|---|---|---|
| 176901d960 | |||
| 1991963cab |
4
ca.go
4
ca.go
@@ -72,7 +72,7 @@ func (def *CertificateDefinition) FillDefaultValues(defaults *CertificateDefault
|
|||||||
def.Validity = defaults.Validity
|
def.Validity = defaults.Validity
|
||||||
}
|
}
|
||||||
if len(def.SAN) == 0 && len(defaults.SAN) > 0 {
|
if len(def.SAN) == 0 && len(defaults.SAN) > 0 {
|
||||||
def.SAN = defaults.SAN
|
def.SAN = append([]string(nil), defaults.SAN...)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -705,7 +705,7 @@ func IssueCertificate(certDef CertificateDefinition, overwrite bool, dryRun bool
|
|||||||
|
|
||||||
fmt.Printf("%s certificate and key for '%s' generated.\n", certDef.Type, certDef.Subject)
|
fmt.Printf("%s certificate and key for '%s' generated.\n", certDef.Type, certDef.Subject)
|
||||||
if err := SaveCAState(); err != nil {
|
if err := SaveCAState(); err != nil {
|
||||||
fmt.Printf("Error saving CA state: %v\n", err)
|
fmt.Printf("Error saving CA state: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
|
|||||||
29
certdb.go
29
certdb.go
@@ -36,41 +36,42 @@ type CertificateRecord struct {
|
|||||||
|
|
||||||
// Look for a certifcate by its name
|
// Look for a certifcate by its name
|
||||||
func (c *CAState) FindByName(name string, all bool) *CertificateRecord {
|
func (c *CAState) FindByName(name string, all bool) *CertificateRecord {
|
||||||
for _, cert := range c.Certificates {
|
for i := range c.Certificates {
|
||||||
|
cert := &c.Certificates[i]
|
||||||
if cert.RevokedAt != "" && !all {
|
if cert.RevokedAt != "" && !all {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if cert.Name == name {
|
if cert.Name == name {
|
||||||
return &cert
|
return cert
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Look for a certificate by its serial
|
// Look for a certificate by its serial
|
||||||
func (c *CAState) FindBySerial(serial string, all bool) *CertificateRecord {
|
func (c *CAState) FindBySerial(serial string, all bool) *CertificateRecord {
|
||||||
for _, cert := range c.Certificates {
|
for i := range c.Certificates {
|
||||||
|
cert := &c.Certificates[i]
|
||||||
if cert.RevokedAt != "" && !all {
|
if cert.RevokedAt != "" && !all {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if cert.Serial == serial {
|
if cert.Serial == serial {
|
||||||
return &cert
|
return cert
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// func caStatePath() string {
|
|
||||||
// return filepath.Join(filepath.Dir(caConfigPath), caConfig.GetStateFileName())
|
|
||||||
// }
|
|
||||||
|
|
||||||
// LoadCAState loads the CA state from a JSON file
|
// LoadCAState loads the CA state from a JSON file
|
||||||
func LoadCAState() error {
|
func LoadCAState() error {
|
||||||
fmt.Printf("Loading CA state from %s\n", caStatePath)
|
fmt.Printf("Loading CA state from %s\n", caStatePath)
|
||||||
f, err := os.Open(caStatePath)
|
f, err := os.Open(caStatePath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
if os.IsNotExist(err) {
|
||||||
|
// File does not exist, treat as empty state
|
||||||
|
caState = &CAState{}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
defer f.Close()
|
defer f.Close()
|
||||||
@@ -97,8 +98,7 @@ func SaveCAState() error {
|
|||||||
// UpdateCAStateAfterIssue updates the CA state JSON after issuing a certificate
|
// UpdateCAStateAfterIssue updates the CA state JSON after issuing a certificate
|
||||||
func (s *CAState) UpdateCAStateAfterIssue(serialType, name string, subject string, certType string, serialNumber any, validity time.Duration) error {
|
func (s *CAState) UpdateCAStateAfterIssue(serialType, name string, subject string, certType string, serialNumber any, validity time.Duration) error {
|
||||||
if s == nil {
|
if s == nil {
|
||||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in UpdateCAStateAfterIssue. This indicates a programming error.\n")
|
return fmt.Errorf("CAState is nil in UpdateCAStateAfterIssue. This indicates a programming error.")
|
||||||
os.Exit(1)
|
|
||||||
}
|
}
|
||||||
issued := time.Now().UTC().Format(time.RFC3339)
|
issued := time.Now().UTC().Format(time.RFC3339)
|
||||||
expires := time.Now().Add(validity).UTC().Format(time.RFC3339)
|
expires := time.Now().Add(validity).UTC().Format(time.RFC3339)
|
||||||
@@ -119,7 +119,7 @@ func (s *CAState) UpdateCAStateAfterIssue(serialType, name string, subject strin
|
|||||||
func (s *CAState) AddCertificate(name, subject, certType, issued, expires, serial string) {
|
func (s *CAState) AddCertificate(name, subject, certType, issued, expires, serial string) {
|
||||||
if s == nil {
|
if s == nil {
|
||||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in AddCertificate. This indicates a programming error.\n")
|
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in AddCertificate. This indicates a programming error.\n")
|
||||||
os.Exit(1)
|
return
|
||||||
}
|
}
|
||||||
rec := CertificateRecord{
|
rec := CertificateRecord{
|
||||||
Name: name,
|
Name: name,
|
||||||
@@ -135,8 +135,7 @@ func (s *CAState) AddCertificate(name, subject, certType, issued, expires, seria
|
|||||||
// RevokeCertificate revokes a certificate by serial number and reason code, updates state, and saves to disk
|
// RevokeCertificate revokes a certificate by serial number and reason code, updates state, and saves to disk
|
||||||
func (s *CAState) RevokeCertificate(serial string, reason int) error {
|
func (s *CAState) RevokeCertificate(serial string, reason int) error {
|
||||||
if s == nil {
|
if s == nil {
|
||||||
fmt.Fprintf(os.Stderr, "FATAL: CAState is nil in RevokeCertificate. This indicates a programming error.\n")
|
return fmt.Errorf("CAState is nil in RevokeCertificate. This indicates a programming error.")
|
||||||
os.Exit(1)
|
|
||||||
}
|
}
|
||||||
revoked := false
|
revoked := false
|
||||||
revokedAt := time.Now().UTC().Format(time.RFC3339)
|
revokedAt := time.Now().UTC().Format(time.RFC3339)
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
VERSION=$(git describe --tags --always --dirty 2>/dev/null || echo "dev")
|
VERSION=${1:-$(git describe --tags --always --dirty 2>/dev/null || echo "dev")}
|
||||||
# Allow git to track changes to version.go
|
# Allow git to track changes to version.go
|
||||||
git update-index --no-assume-unchanged version.go
|
git update-index --no-assume-unchanged version.go
|
||||||
# Hardcode the version into main.go
|
# Hardcode the version into main.go
|
||||||
|
|||||||
@@ -1,3 +1,3 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
var Version = "dev"
|
var Version = "v0.3.2"
|
||||||
|
|||||||
Reference in New Issue
Block a user