Merge pull request #2196 from hashicorp/pki-rev-entry

pki: Avoiding a storage read
This commit is contained in:
Vishal Nayak 2016-12-20 11:19:33 -05:00 committed by GitHub
commit a288752328

View file

@ -31,7 +31,7 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
alreadyRevoked := false
var revInfo revocationInfo
certEntry, err := fetchCertBySerial(req, "revoked/", serial)
revEntry, err := fetchCertBySerial(req, "revoked/", serial)
if err != nil {
switch err.(type) {
case errutil.UserError:
@ -40,15 +40,9 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
return nil, err
}
}
if certEntry != nil {
if revEntry != nil {
// Set the revocation info to the existing values
alreadyRevoked = true
revEntry, err := req.Storage.Get("revoked/" + serial)
if revEntry == nil || err != nil {
return nil, fmt.Errorf("Error getting existing revocation info")
}
err = revEntry.DecodeJSON(&revInfo)
if err != nil {
return nil, fmt.Errorf("Error decoding existing revocation info")
@ -56,7 +50,7 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
}
if !alreadyRevoked {
certEntry, err = fetchCertBySerial(req, "certs/", serial)
certEntry, err := fetchCertBySerial(req, "certs/", serial)
if err != nil {
switch err.(type) {
case errutil.UserError:
@ -92,12 +86,12 @@ func revokeCert(b *backend, req *logical.Request, serial string, fromLease bool)
revInfo.RevocationTime = currTime.Unix()
revInfo.RevocationTimeUTC = currTime.UTC()
certEntry, err = logical.StorageEntryJSON("revoked/"+serial, revInfo)
revEntry, err = logical.StorageEntryJSON("revoked/"+serial, revInfo)
if err != nil {
return nil, fmt.Errorf("Error creating revocation entry")
}
err = req.Storage.Put(certEntry)
err = req.Storage.Put(revEntry)
if err != nil {
return nil, fmt.Errorf("Error saving revoked certificate to new location")
}