Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-10-31 03:20:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove buggy logic on GetRevokedCertificates()

Browse Source
This commit is contained in:
Mariano Cano 2022-10-27 11:58:01 -07:00
parent 51c7f56030
commit f066ac3d40
No known key found for this signature in database
1 changed files with 1 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
db/db.go
View File

@ -248,29 +248,12 @@ func (db *DB) GetRevokedCertificates() (*[]RevokedCertificateInfo, error) {
return nil, err return nil, err
} }
var revokedCerts []RevokedCertificateInfo var revokedCerts []RevokedCertificateInfo
now := time.Now().Truncate(time.Second)
for _, e := range entries { for _, e := range entries {
var data RevokedCertificateInfo var data RevokedCertificateInfo
if err := json.Unmarshal(e.Value, &data); err != nil { if err := json.Unmarshal(e.Value, &data); err != nil {
return nil, err return nil, err
} }
revokedCerts = append(revokedCerts, data)
if !data.RevokedAt.IsZero() {
revokedCerts = append(revokedCerts, data)
} else if data.RevokedAt.IsZero() {
cert, err := db.GetCertificate(data.Serial)
if err != nil {
revokedCerts = append(revokedCerts, data) // a revoked certificate may not be in the database,
// so its expiry date is undiscoverable and will need
// to be added to the crl always
continue
}
if cert.NotAfter.After(now) {
revokedCerts = append(revokedCerts, data)
}
}
} }
return &revokedCerts, nil return &revokedCerts, nil
} }