"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "ra/ra.go" between
boulder-release-2021-07-12.tar.gz and boulder-release-2021-07-19.tar.gz

About: Boulder is an ACME-based Certificate Authority (CA) used by Let’s Encrypt (written in Go).

ra.go  (boulder-release-2021-07-12):ra.go  (boulder-release-2021-07-19)
skipping to change at line 1793 skipping to change at line 1793
issuer, ok := ra.issuers[issuance.GetIssuerNameID(&cert)] issuer, ok := ra.issuers[issuance.GetIssuerNameID(&cert)]
if !ok { if !ok {
return fmt.Errorf("unable to identify issuer of certificate to re voke: %v", cert) return fmt.Errorf("unable to identify issuer of certificate to re voke: %v", cert)
} }
serial := core.SerialToString(cert.SerialNumber) serial := core.SerialToString(cert.SerialNumber)
reason := int32(code) reason := int32(code)
revokedAt := ra.clk.Now().UnixNano() revokedAt := ra.clk.Now().UnixNano()
ocspResponse, err := ra.CA.GenerateOCSP(ctx, &capb.GenerateOCSPRequest{ ocspResponse, err := ra.CA.GenerateOCSP(ctx, &capb.GenerateOCSPRequest{
Serial: serial, Serial: serial,
IssuerID: int64(issuer.ID()), IssuerID: int64(issuer.NameID()),
Status: string(core.OCSPStatusRevoked), Status: string(core.OCSPStatusRevoked),
Reason: reason, Reason: reason,
RevokedAt: revokedAt, RevokedAt: revokedAt,
}) })
if err != nil { if err != nil {
return err return err
} }
err = ra.SA.RevokeCertificate(ctx, &sapb.RevokeCertificateRequest{ err = ra.SA.RevokeCertificate(ctx, &sapb.RevokeCertificateRequest{
Serial: serial, Serial: serial,
skipping to change at line 1919 skipping to change at line 1919
state = fmt.Sprintf("Failure -- %s", err) state = fmt.Sprintf("Failure -- %s", err)
return err return err
} }
ra.revocationReasonCounter.WithLabelValues(revocation.ReasonToString[revo cationCode]).Inc() ra.revocationReasonCounter.WithLabelValues(revocation.ReasonToString[revo cationCode]).Inc()
state = "Success" state = "Success"
return nil return nil
} }
// DeactivateRegistration deactivates a valid registration // DeactivateRegistration deactivates a valid registration
func (ra *RegistrationAuthorityImpl) DeactivateRegistration(ctx context.Context, func (ra *RegistrationAuthorityImpl) DeactivateRegistration(ctx context.Context,
reg core.Registration) error { reg *corepb.Registration) (*emptypb.Empty, error) {
if reg.Status != core.StatusValid { if reg == nil || reg.Id == 0 {
return berrors.MalformedError("only valid registrations can be de return nil, errIncompleteGRPCRequest
activated") }
if reg.Status != string(core.StatusValid) {
return nil, berrors.MalformedError("only valid registrations can
be deactivated")
} }
err := ra.SA.DeactivateRegistration(ctx, reg.ID) err := ra.SA.DeactivateRegistration(ctx, reg.Id)
if err != nil { if err != nil {
return berrors.InternalServerError(err.Error()) return nil, berrors.InternalServerError(err.Error())
} }
return nil return &emptypb.Empty{}, nil
} }
// DeactivateAuthorization deactivates a currently valid authorization // DeactivateAuthorization deactivates a currently valid authorization
func (ra *RegistrationAuthorityImpl) DeactivateAuthorization(ctx context.Context , auth core.Authorization) error { func (ra *RegistrationAuthorityImpl) DeactivateAuthorization(ctx context.Context , auth core.Authorization) error {
if auth.Status != core.StatusValid && auth.Status != core.StatusPending { if auth.Status != core.StatusValid && auth.Status != core.StatusPending {
return berrors.MalformedError("only valid and pending authorizati ons can be deactivated") return berrors.MalformedError("only valid and pending authorizati ons can be deactivated")
} }
authzID, err := strconv.ParseInt(auth.ID, 10, 64) authzID, err := strconv.ParseInt(auth.ID, 10, 64)
if err != nil { if err != nil {
return err return err
 End of changes. 5 change blocks. 
9 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)