diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2016-06-19 23:44:25 +0100 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2016-07-03 18:01:24 +0100 |
commit | dee5a19d36554a8f9a365efd65d13b134889bf63 (patch) | |
tree | 41103a2d3665d604fe22dcd16d110ed56c466f6d /server/store/mem.go | |
parent | 6e7dfa0df6b102219817e26095f2ba636cd9288c (diff) |
first pass at a certificate store
Diffstat (limited to 'server/store/mem.go')
-rw-r--r-- | server/store/mem.go | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/server/store/mem.go b/server/store/mem.go new file mode 100644 index 0000000..8b78e27 --- /dev/null +++ b/server/store/mem.go @@ -0,0 +1,86 @@ +package store + +import ( + "fmt" + "sync" + "time" + + "golang.org/x/crypto/ssh" +) + +type memoryStore struct { + sync.Mutex + certs map[string]*CertRecord +} + +func (ms *memoryStore) Get(id string) (*CertRecord, error) { + ms.Lock() + defer ms.Unlock() + r, ok := ms.certs[id] + if !ok { + return nil, fmt.Errorf("unknown cert %s", id) + } + return r, nil +} + +func (ms *memoryStore) SetCert(cert *ssh.Certificate) error { + return ms.SetRecord(parseCertificate(cert)) +} + +func (ms *memoryStore) SetRecord(record *CertRecord) error { + ms.Lock() + defer ms.Unlock() + ms.certs[record.KeyID] = record + return nil +} + +func (ms *memoryStore) List() ([]*CertRecord, error) { + var records []*CertRecord + ms.Lock() + defer ms.Unlock() + for _, value := range ms.certs { + records = append(records, value) + } + return records, nil +} + +func (ms *memoryStore) Revoke(id string) error { + r, err := ms.Get(id) + if err != nil { + return err + } + r.Revoked = true + ms.SetRecord(r) + return nil +} + +func (ms *memoryStore) GetRevoked() ([]*CertRecord, error) { + var revoked []*CertRecord + all, _ := ms.List() + for _, r := range all { + if r.Revoked && uint64(time.Now().UTC().Unix()) <= r.Expires { + revoked = append(revoked, r) + } + } + return revoked, nil +} + +func (ms *memoryStore) Close() error { + ms.Lock() + defer ms.Unlock() + ms.certs = nil + return nil +} + +func (ms *memoryStore) clear() { + for k := range ms.certs { + delete(ms.certs, k) + } +} + +// NewMemoryStore returns an in-memory CertStorer. +func NewMemoryStore() CertStorer { + return &memoryStore{ + certs: make(map[string]*CertRecord), + } +} |