From 8eeaadb76934364d1e359d079197304f7e0b17e8 Mon Sep 17 00:00:00 2001
From: Tony Cavella <9434191+acavella@users.noreply.github.com>
Date: Thu, 18 Jan 2024 19:58:14 +0000
Subject: [PATCH 1/4] dev: refactor main loop

---
 main.go | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/main.go b/main.go
index 287543f..bb97bf3 100644
--- a/main.go
+++ b/main.go
@@ -67,6 +67,60 @@ func main() {
 
 	getcrl(caid, cauri, refresh)
 
+	for {
+		for i := 0; i < len(caid); i++ {
+
+			var tmpfile string = workpath + "/crl/tmp/" + caid[i] + ".crl"
+			var httpfile string = workpath + "/crl/static/" + caid[i] + ".crl"
+
+			DownloadFile(tmpfile, cauri[i]) // Download CRL from remote
+
+			crlfile, err := os.ReadFile(tmpfile)
+			if err != nil {
+				log.Error("Problem opening downloaded file: ", err)
+			} else {
+				crl, err := x509.ParseRevocationList(crlfile)
+				if err != nil {
+					log.Error(err)
+				} else {
+					log.Infof("CRL %s is valid, issued by %s\n", crl.Issuer.SerialNumber, crl.Issuer.CommonName)
+				}
+			}
+
+			if _, err := os.Stat(httpfile); err == nil {
+				// file exists
+				log.Info("CRL already exists")
+				h1, err := getHash(tmpfile)
+				if err != nil {
+					log.Error("Error hashing: ", err)
+					return
+				}
+				h2, err2 := getHash(httpfile)
+				if err2 != nil {
+					log.Error("Error hashing: ", err2)
+					return
+				}
+				log.Debug(h1, h2, h1 == h2)
+				if h1 != h2 {
+					log.Info("File hashes do not match: ", h1, h2)
+					log.Info("Copying file to destination: ", httpfile)
+					copy(tmpfile, httpfile)
+				} else {
+					log.Info("No changes detected, proceeding.")
+				}
+			} else if errors.Is(err, os.ErrNotExist) {
+				// file does not exist
+				log.Info("CRL is new, copying to: ", httpfile)
+				copy(tmpfile, httpfile)
+			} else {
+				// catch anything else
+				return
+			}
+
+		}
+		time.Sleep(time.Duration(int(time.Second) * refresh)) // Defines time to sleep before repeating
+	}
+
 }
 
 // DownloadFile will download from a given url to a file. It will

From 30e06849956db06aead8991a6d924b36e7dd154a Mon Sep 17 00:00:00 2001
From: Tony Cavella <9434191+acavella@users.noreply.github.com>
Date: Fri, 19 Jan 2024 21:26:19 +0000
Subject: [PATCH 2/4] update

---
 main.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/main.go b/main.go
index bb97bf3..0a7f19e 100644
--- a/main.go
+++ b/main.go
@@ -65,7 +65,7 @@ func main() {
 	log.Info("CRLs in list: ", len(caid))
 	log.Info("Refresh interval: ", time.Duration(int(time.Second)*int(refresh)))
 
-	getcrl(caid, cauri, refresh)
+	//getcrl(caid, cauri, refresh)
 
 	for {
 		for i := 0; i < len(caid); i++ {
@@ -93,12 +93,10 @@ func main() {
 				h1, err := getHash(tmpfile)
 				if err != nil {
 					log.Error("Error hashing: ", err)
-					return
 				}
 				h2, err2 := getHash(httpfile)
 				if err2 != nil {
 					log.Error("Error hashing: ", err2)
-					return
 				}
 				log.Debug(h1, h2, h1 == h2)
 				if h1 != h2 {
@@ -195,6 +193,7 @@ func copy(src, dst string) (int64, error) {
 	return nBytes, err
 }
 
+/*
 func getcrl(caid []string, cauri []string, refresh int) {
 	for {
 		log.Info("Checking for new CRL(s)")
@@ -255,6 +254,7 @@ func getcrl(caid []string, cauri []string, refresh int) {
 		time.Sleep(time.Duration(int(time.Second) * refresh)) // Defines time to sleep before repeating
 	}
 }
+*/
 
 func webserver(webport string) {
 	// Disabled for testing

From 574c9b7836ab0128aceb31897a94bed39a625289 Mon Sep 17 00:00:00 2001
From: Tony Cavella <9434191+acavella@users.noreply.github.com>
Date: Sun, 21 Jan 2024 18:59:15 +0000
Subject: [PATCH 3/4] dev: refactor crl download loop

---
 conf/config.yml |  4 +--
 main.go         | 68 +++----------------------------------------------
 2 files changed, 5 insertions(+), 67 deletions(-)

diff --git a/conf/config.yml b/conf/config.yml
index 5a133ea..718e4d9 100644
--- a/conf/config.yml
+++ b/conf/config.yml
@@ -1,7 +1,7 @@
 ---
 default:
   gateway: crls.pki.goog    # ip or fqdn to check used for connectivity checks
-  interval: 900             # update interval to check for new crls, in seconds
+  interval: 5             # update interval to check for new crls, in seconds
   webserver: false          # enables built-in webserver, when true
   port: 4000                # port used by built-in webserver
 
@@ -10,5 +10,5 @@ ca:
     - x21
     - x11
   uri: 
-    - http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl
+    - http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.cr
     - http://crl.godaddy.com/gdig2s1-5609.crl
diff --git a/main.go b/main.go
index 0a7f19e..e0d4b16 100644
--- a/main.go
+++ b/main.go
@@ -81,7 +81,8 @@ func main() {
 			} else {
 				crl, err := x509.ParseRevocationList(crlfile)
 				if err != nil {
-					log.Error(err)
+					log.Errorln("Skipping CRL: ", err)
+					goto SKIP
 				} else {
 					log.Infof("CRL %s is valid, issued by %s\n", crl.Issuer.SerialNumber, crl.Issuer.CommonName)
 				}
@@ -114,7 +115,7 @@ func main() {
 				// catch anything else
 				return
 			}
-
+		SKIP:
 		}
 		time.Sleep(time.Duration(int(time.Second) * refresh)) // Defines time to sleep before repeating
 	}
@@ -193,69 +194,6 @@ func copy(src, dst string) (int64, error) {
 	return nBytes, err
 }
 
-/*
-func getcrl(caid []string, cauri []string, refresh int) {
-	for {
-		log.Info("Checking for new CRL(s)")
-		// Simple loop through arrays, downloads each crl from source
-		for i := 0; i < len(caid); i++ {
-
-			var tmpfile string = workpath + "/crl/tmp/" + caid[i] + ".crl"
-			var httpfile string = workpath + "/crl/static/" + caid[i] + ".crl"
-
-			err := DownloadFile(tmpfile, cauri[i])
-			if err != nil {
-				fmt.Println("Error downloading file: ", err)
-				return
-			}
-			log.Info("Downloading file: ", cauri[i])
-			log.Info("Download location: ", tmpfile)
-
-			csr, err := os.ReadFile(tmpfile)
-			if err != nil {
-				log.Info(err)
-			} else {
-				cert, err := x509.ParseRevocationList(csr)
-				if err != nil {
-					log.Info(err)
-				} else {
-					log.Info("CRL validated: ", cert.Issuer.CommonName)
-					if _, err := os.Stat(httpfile); err == nil {
-						// file exists
-						h1, err := getHash(tmpfile)
-						if err != nil {
-							log.Error("Error hashing: ", err)
-							return
-						}
-						h2, err2 := getHash(httpfile)
-						if err2 != nil {
-							log.Error("Error hashing: ", err2)
-							return
-						}
-						log.Debug(h1, h2, h1 == h2)
-						if h1 != h2 {
-							log.Info("File hashes do not match: ", h1, h2)
-							log.Info("Copying file to destination: ", httpfile)
-							copy(tmpfile, httpfile)
-						} else {
-							log.Info("No changes detected, proceeding.")
-						}
-					} else if errors.Is(err, os.ErrNotExist) {
-						// file does not exist
-						log.Info("Copying file to destination: ", httpfile)
-						copy(tmpfile, httpfile)
-					} else {
-						// catch anything else
-						return
-					}
-				}
-			}
-		}
-		time.Sleep(time.Duration(int(time.Second) * refresh)) // Defines time to sleep before repeating
-	}
-}
-*/
-
 func webserver(webport string) {
 	// Disabled for testing
 	// Simple http fileserver, serves all files in ./crl/static/

From 00e00c8681da5a400615256df36a3fcd2f34460a Mon Sep 17 00:00:00 2001
From: Tony Cavella <9434191+acavella@users.noreply.github.com>
Date: Sun, 21 Jan 2024 19:00:10 +0000
Subject: [PATCH 4/4] update testing config

---
 conf/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/config.yml b/conf/config.yml
index 718e4d9..fd4593a 100644
--- a/conf/config.yml
+++ b/conf/config.yml
@@ -10,5 +10,5 @@ ca:
     - x21
     - x11
   uri: 
-    - http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.cr
+    - http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl
     - http://crl.godaddy.com/gdig2s1-5609.crl