From 92818dff6962495949da5c518732097d5e52a721 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Mon, 6 Feb 2017 18:10:18 -0500
Subject: Correctly deal with failing to get a cert (eg: because of a timeout)

---
 diff-pem2html.go |  4 +++-
 diff.go          | 20 +++++++++++++++-----
 tls-getcerts.go  | 11 +++++------
 tls-pem2html.go  |  4 +++-
 4 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/diff-pem2html.go b/diff-pem2html.go
index 3b7716b..50c521b 100644
--- a/diff-pem2html.go
+++ b/diff-pem2html.go
@@ -89,7 +89,9 @@ func main() {
 		}
 
 		cert.X509, err = x509.ParseCertificate(certPem.Bytes)
-		handleErr(err, "Error parsing cert: %v\n")
+		if err != nil {
+			cert.X509 = new(x509.Certificate)
+		}
 
 		certs = append(certs, cert)
 	}
diff --git a/diff.go b/diff.go
index 96947b6..da27a62 100644
--- a/diff.go
+++ b/diff.go
@@ -6,8 +6,10 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"net/url"
 	"os"
 	"sort"
+	"strings"
 )
 
 func handleErr(err error, str string, a ...interface{}) {
@@ -51,11 +53,19 @@ func readTLS(filename string) (map[string]Cert, error) {
 		certPem, data = pem.Decode(data)
 		certX509, err := x509.ParseCertificate(certPem.Bytes)
 		if err != nil {
-			return nil, err
-		}
-		ret[certX509.Subject.CommonName] = Cert{
-			Url: fmt.Sprintf("https://crt.sh/?serial=%036x", certX509.SerialNumber),
-			X509: certX509,
+			url, err2 := url.Parse(certPem.Headers["X-Socket"])
+			if err2 != nil {
+				fmt.Fprintf(os.Stderr, "Could not get cert or even parse URL:\ncert: %v\nurl: %v\n", err, err2)
+				os.Exit(1)
+			}
+			ret[strings.Split(url.Host, ":")[0]] = Cert{
+				X509: new(x509.Certificate),
+			}
+		} else {
+			ret[certX509.Subject.CommonName] = Cert{
+				Url:  fmt.Sprintf("https://crt.sh/?serial=%036x", certX509.SerialNumber),
+				X509: certX509,
+			}
 		}
 	}
 	return ret, nil
diff --git a/tls-getcerts.go b/tls-getcerts.go
index c78436a..dfec7f8 100644
--- a/tls-getcerts.go
+++ b/tls-getcerts.go
@@ -121,15 +121,14 @@ func split(socket string) (net, addr string) {
 
 func main() {
 	for _, socket := range os.Args[1:] {
-		cert, err := getcert(socket)
-		if cert == nil {
-			fmt.Fprintf(os.Stderr, "Could not get certificate for socket %q: %q\n", socket, err)
-			os.Exit(1)
-		}
 		block := pem.Block{
 			Type: "CERTIFICATE",
 			Headers: map[string]string{"X-Socket": socket},
-			Bytes: cert.Raw,
+			Bytes: nil,
+		}
+		cert, err := getcert(socket)
+		if cert != nil {
+			block.Bytes = cert.Raw
 		}
 		if err != nil {
 			block.Headers["X-Error"] = err.Error()
diff --git a/tls-pem2html.go b/tls-pem2html.go
index 5a9101e..4861787 100644
--- a/tls-pem2html.go
+++ b/tls-pem2html.go
@@ -180,7 +180,9 @@ func main() {
 		cert.Error, ok = certPem.Headers["X-Error"]
 
 		cert.X509, err = x509.ParseCertificate(certPem.Bytes)
-		handleErr(err, "Error parsing cert: %v\n")
+		if err != nil {
+			cert.X509 = new(x509.Certificate)
+		}
 
 		certs = append(certs, cert)
 	}
-- 
cgit v1.1-4-g5e80