+53
-2
lines changedFilter options
+53
-2
lines changed Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
1 1
package certdb
2 2 3 3
import (
4 +
"database/sql"
4 5
"encoding/json"
5 6
"time"
6 7
@@ -22,7 +23,7 @@ type CertificateRecord struct {
22 23
NotBefore time.Time `db:"not_before"`
23 24
MetadataJSON types.JSONText `db:"metadata"`
24 25
SANsJSON types.JSONText `db:"sans"`
25 -
CommonName string `db:"common_name"`
26 +
CommonName sql.NullString `db:"common_name"`
26 27
}
27 28 28 29
// SetMetadata sets the metadata json
@@ -52,6 +52,7 @@ func roughlySameTime(t1, t2 time.Time) bool {
52 52
func testEverything(ta TestAccessor, t *testing.T) {
53 53
testInsertCertificateAndGetCertificate(ta, t)
54 54
testInsertCertificateAndGetUnexpiredCertificate(ta, t)
55 +
testInsertCertificateAndGetUnexpiredCertificateNullCommonName(ta, t)
55 56
testUpdateCertificateAndGetCertificate(ta, t)
56 57
testInsertOCSPAndGetOCSP(ta, t)
57 58
testInsertOCSPAndGetUnexpiredOCSP(ta, t)
@@ -153,6 +154,54 @@ func testInsertCertificateAndGetUnexpiredCertificate(ta TestAccessor, t *testing
153 154
t.Error("Should have 1 unexpired certificate record:", len(unexpired))
154 155
}
155 156
}
157 +
func testInsertCertificateAndGetUnexpiredCertificateNullCommonName(ta TestAccessor, t *testing.T) {
158 +
ta.Truncate()
159 + 160 +
expiry := time.Now().Add(time.Minute)
161 +
want := certdb.CertificateRecord{
162 +
PEM: "fake cert data",
163 +
Serial: "fake serial 2",
164 +
AKI: fakeAKI,
165 +
Status: "good",
166 +
Reason: 0,
167 +
Expiry: expiry,
168 +
}
169 + 170 +
if err := ta.Accessor.InsertCertificate(want); err != nil {
171 +
t.Fatal(err)
172 +
}
173 + 174 +
// simulate situation where there are rows before migrate 002 has been run
175 +
ta.DB.MustExec("update certificates set common_name = NULL")
176 + 177 +
rets, err := ta.Accessor.GetCertificate(want.Serial, want.AKI)
178 +
if err != nil {
179 +
t.Fatal(err)
180 +
}
181 + 182 +
if len(rets) != 1 {
183 +
t.Fatal("should return exactly one record")
184 +
}
185 + 186 +
got := rets[0]
187 + 188 +
// reflection comparison with zero time objects are not stable as it seems
189 +
if want.Serial != got.Serial || want.Status != got.Status ||
190 +
want.AKI != got.AKI || !got.RevokedAt.IsZero() ||
191 +
want.PEM != got.PEM || !roughlySameTime(got.Expiry, expiry) {
192 +
t.Errorf("want Certificate %+v, got %+v", want, got)
193 +
}
194 + 195 +
unexpired, err := ta.Accessor.GetUnexpiredCertificates()
196 + 197 +
if err != nil {
198 +
t.Fatal(err)
199 +
}
200 + 201 +
if len(unexpired) != 1 {
202 +
t.Error("Should have 1 unexpired certificate record:", len(unexpired))
203 +
}
204 +
}
156 205 157 206
func testUpdateCertificateAndGetCertificate(ta TestAccessor, t *testing.T) {
158 207
ta.Truncate()
@@ -9,6 +9,7 @@ import (
9 9
"crypto/rand"
10 10
"crypto/x509"
11 11
"crypto/x509/pkix"
12 +
"database/sql"
12 13
"encoding/asn1"
13 14
"encoding/hex"
14 15
"encoding/pem"
@@ -517,7 +518,7 @@ func (s *Signer) Sign(req signer.SignRequest) (cert []byte, err error) {
517 518
PEM: string(signedCert),
518 519
IssuedAt: time.Now(),
519 520
NotBefore: certTBS.NotBefore,
520 -
CommonName: certTBS.Subject.CommonName,
521 +
CommonName: sql.NullString{String: certTBS.Subject.CommonName, Valid: true},
521 522
}
522 523 523 524
if err := certRecord.SetMetadata(req.Metadata); err != nil {
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4