From 92818dff6962495949da5c518732097d5e52a721 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Mon, 6 Feb 2017 18:10:18 -0500 Subject: Correctly deal with failing to get a cert (eg: because of a timeout) --- diff-pem2html.go | 4 +++- diff.go | 20 +++++++++++++++----- tls-getcerts.go | 11 +++++------ tls-pem2html.go | 4 +++- 4 files changed, 26 insertions(+), 13 deletions(-) diff --git a/diff-pem2html.go b/diff-pem2html.go index 3b7716b..50c521b 100644 --- a/diff-pem2html.go +++ b/diff-pem2html.go @@ -89,7 +89,9 @@ func main() { } cert.X509, err = x509.ParseCertificate(certPem.Bytes) - handleErr(err, "Error parsing cert: %v\n") + if err != nil { + cert.X509 = new(x509.Certificate) + } certs = append(certs, cert) } diff --git a/diff.go b/diff.go index 96947b6..da27a62 100644 --- a/diff.go +++ b/diff.go @@ -6,8 +6,10 @@ import ( "fmt" "io" "io/ioutil" + "net/url" "os" "sort" + "strings" ) func handleErr(err error, str string, a ...interface{}) { @@ -51,11 +53,19 @@ func readTLS(filename string) (map[string]Cert, error) { certPem, data = pem.Decode(data) certX509, err := x509.ParseCertificate(certPem.Bytes) if err != nil { - return nil, err - } - ret[certX509.Subject.CommonName] = Cert{ - Url: fmt.Sprintf("https://crt.sh/?serial=%036x", certX509.SerialNumber), - X509: certX509, + url, err2 := url.Parse(certPem.Headers["X-Socket"]) + if err2 != nil { + fmt.Fprintf(os.Stderr, "Could not get cert or even parse URL:\ncert: %v\nurl: %v\n", err, err2) + os.Exit(1) + } + ret[strings.Split(url.Host, ":")[0]] = Cert{ + X509: new(x509.Certificate), + } + } else { + ret[certX509.Subject.CommonName] = Cert{ + Url: fmt.Sprintf("https://crt.sh/?serial=%036x", certX509.SerialNumber), + X509: certX509, + } } } return ret, nil diff --git a/tls-getcerts.go b/tls-getcerts.go index c78436a..dfec7f8 100644 --- a/tls-getcerts.go +++ b/tls-getcerts.go @@ -121,15 +121,14 @@ func split(socket string) (net, addr string) { func main() { for _, socket := range os.Args[1:] { - cert, err := getcert(socket) - if cert == nil { - fmt.Fprintf(os.Stderr, "Could not get certificate for socket %q: %q\n", socket, err) - os.Exit(1) - } block := pem.Block{ Type: "CERTIFICATE", Headers: map[string]string{"X-Socket": socket}, - Bytes: cert.Raw, + Bytes: nil, + } + cert, err := getcert(socket) + if cert != nil { + block.Bytes = cert.Raw } if err != nil { block.Headers["X-Error"] = err.Error() diff --git a/tls-pem2html.go b/tls-pem2html.go index 5a9101e..4861787 100644 --- a/tls-pem2html.go +++ b/tls-pem2html.go @@ -180,7 +180,9 @@ func main() { cert.Error, ok = certPem.Headers["X-Error"] cert.X509, err = x509.ParseCertificate(certPem.Bytes) - handleErr(err, "Error parsing cert: %v\n") + if err != nil { + cert.X509 = new(x509.Certificate) + } certs = append(certs, cert) } -- cgit v1.2.3-2-g168b