8000 add DB accessor to get unexpired certs by one or more labels · cloudflare/cfssl@d4488a8 · GitHub
[go: up one dir, main page]
Skip to content

Commit d4488a8

Browse files
nickysemenzanickysemenza
committed
add DB accessor to get unexpired certs by one or more labels
1 parent d4be5f5 commit d4488a8

File tree

2 files changed

+26
-0
lines changed

2 files changed

+26
-0
lines changed

certdb/certdb.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,7 @@ type Accessor interface {
7676
GetCertificate(serial, aki string) ([]CertificateRecord, error)
7777
GetUnexpiredCertificates() ([]CertificateRecord, error)
7878
GetRevokedAndUnexpiredCertificates() ([]CertificateRecord, error)
79+
GetUnexpiredCertificatesByLabel(labels []string) (crs []CertificateRecord, err error)
7980
GetRevokedAndUnexpiredCertificatesByLabel(label string) ([]CertificateRecord, error)
8081
GetRevokedAndUnexpiredCertificatesByLabelSelectColumns(label string) ([]CertificateRecord, error)
8182
RevokeCertificate(serial, aki string, reasonCode int) error

certdb/sql/database_accessor.go

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,8 @@ type Accessor struct {
7272
db *sqlx.DB
7373
}
7474

75+
var _ certdb.Accessor = &Accessor{}
76+
7577
func wrapSQLError(err error) error {
7678
if err != nil {
7779
return cferr.Wrap(cferr.CertStoreError, cferr.Unknown, err)
@@ -176,6 +178,29 @@ func (d *Accessor) GetUnexpiredCertificates() (crs []certdb.CertificateRecord, e
176178
return crs, nil
177179
}
178180

181+
// GetUnexpiredCertificatesByLabel gets all unexpired certificate from db that have the provided label.
182+
func (d *Accessor) GetUnexpiredCertificatesByLabel(labels []string) (crs []certdb.CertificateRecord, err error) {
183+
err = d.checkDB()
184+
if err != nil {
185+
return nil, err
186+
}
187+
188+
query, args, err := sqlx.In(
189+
fmt.Sprintf(`SELECT %s FROM certificates WHERE CURRENT_TIMESTAMP < expiry AND ca_label IN (?)`,
190+
sqlstruct.Columns(certdb.CertificateRecord{}),
191+
), labels)
192+
if err != nil {
193+
return nil, wrapSQLError(err)
194+
}
195+
196+
err = d.db.Select(&crs, d.db.Rebind(query), args...)
197+
if err != nil {
198+
return nil, wrapSQLError(err)
199+
}
200+
201+
return crs, nil
202+
}
203+
179204
// GetRevokedAndUnexpiredCertificates gets all revoked and unexpired certificate from db (for CRLs).
180205
func (d *Accessor) GetRevokedAndUnexpiredCertificates() (crs []certdb.CertificateRecord, err error) {
181206
err = d.checkDB()

0 commit comments

Comments
 (0)
0