From b3e323bbccc0c681125aaf5d7401c3f37c956aaf Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Tue, 20 Dec 2016 11:07:20 -0500
Subject: [PATCH 1/2] pki: Avoiding a storage read

---
 builtin/logical/pki/crl_util.go | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/builtin/logical/pki/crl_util.go b/builtin/logical/pki/crl_util.go
index aaaea5c76..a62b97f7c 100644
--- a/builtin/logical/pki/crl_util.go
+++ b/builtin/logical/pki/crl_util.go
@@ -31,7 +31,7 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
 	alreadyRevoked := false
 	var revInfo revocationInfo
 
-	certEntry, err := fetchCertBySerial(req, "revoked/", serial)
+	revEntry, err := fetchCertBySerial(req, "revoked/", serial)
 	if err != nil {
 		switch err.(type) {
 		case errutil.UserError:
@@ -40,15 +40,9 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
 			return nil, err
 		}
 	}
-	if certEntry != nil {
+	if revEntry != nil {
 		// Set the revocation info to the existing values
 		alreadyRevoked = true
-
-		revEntry, err := req.Storage.Get("revoked/" + serial)
-		if revEntry == nil || err != nil {
-			return nil, fmt.Errorf("Error getting existing revocation info")
-		}
-
 		err = revEntry.DecodeJSON(&revInfo)
 		if err != nil {
 			return nil, fmt.Errorf("Error decoding existing revocation info")
@@ -56,7 +50,7 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
 	}
 
 	if !alreadyRevoked {
-		certEntry, err = fetchCertBySerial(req, "certs/", serial)
+		certEntry, err := fetchCertBySerial(req, "certs/", serial)
 		if err != nil {
 			switch err.(type) {
 			case errutil.UserError:
@@ -92,12 +86,12 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
 		revInfo.RevocationTime = currTime.Unix()
 		revInfo.RevocationTimeUTC = currTime.UTC()
 
-		certEntry, err = logical.StorageEntryJSON("revoked/"+serial, revInfo)
+		revEntry, err := logical.StorageEntryJSON("revoked/"+serial, revInfo)
 		if err != nil {
 			return nil, fmt.Errorf("Error creating revocation entry")
 		}
 
-		err = req.Storage.Put(certEntry)
+		err = req.Storage.Put(revEntry)
 		if err != nil {
 			return nil, fmt.Errorf("Error saving revoked certificate to new location")
 		}

From 1816446f46fc39e9ee766d0099c0f5455c6e0db7 Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Tue, 20 Dec 2016 11:19:47 -0500
Subject: [PATCH 2/2] Address review feedback

---
 builtin/logical/pki/crl_util.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/builtin/logical/pki/crl_util.go b/builtin/logical/pki/crl_util.go
index a62b97f7c..aa15f6cc6 100644
--- a/builtin/logical/pki/crl_util.go
+++ b/builtin/logical/pki/crl_util.go
@@ -86,7 +86,7 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
 		revInfo.RevocationTime = currTime.Unix()
 		revInfo.RevocationTimeUTC = currTime.UTC()
 
-		revEntry, err := logical.StorageEntryJSON("revoked/"+serial, revInfo)
+		revEntry, err = logical.StorageEntryJSON("revoked/"+serial, revInfo)
 		if err != nil {
 			return nil, fmt.Errorf("Error creating revocation entry")
 		}