Commit b26d006f authored by ale's avatar ale

Minor fixes

Fix exit status when --check is used, fix certificate metadata comparison.
parent 866e67ff
...@@ -208,7 +208,7 @@ func (c *initCmd) Execute(ctx context.Context, _ *flag.FlagSet, _ ...interface{} ...@@ -208,7 +208,7 @@ func (c *initCmd) Execute(ctx context.Context, _ *flag.FlagSet, _ ...interface{}
} }
changed = true changed = true
} }
return exitStatus(changed) return exitStatus(changed, c.checkOnly)
} }
func init() { func init() {
......
...@@ -7,7 +7,6 @@ import ( ...@@ -7,7 +7,6 @@ import (
"fmt" "fmt"
"log" "log"
"net" "net"
"reflect"
"sort" "sort"
"strings" "strings"
"time" "time"
...@@ -85,15 +84,31 @@ func (l sortableStringList) Less(i, j int) bool { ...@@ -85,15 +84,31 @@ func (l sortableStringList) Less(i, j int) bool {
} }
func compareStringList(a, b []string) bool { func compareStringList(a, b []string) bool {
if len(a) != len(b) {
return false
}
sort.Sort(sortableStringList(a)) sort.Sort(sortableStringList(a))
sort.Sort(sortableStringList(b)) sort.Sort(sortableStringList(b))
return reflect.DeepEqual(a, b) for i := 0; i < len(a); i++ {
if a[i] != b[i] {
return false
}
}
return true
} }
func compareIPList(a, b []net.IP) bool { func compareIPList(a, b []net.IP) bool {
if len(a) != len(b) {
return false
}
sort.Sort(sortableIPList(a)) sort.Sort(sortableIPList(a))
sort.Sort(sortableIPList(b)) sort.Sort(sortableIPList(b))
return reflect.DeepEqual(a, b) for i := 0; i < len(a); i++ {
if !a[i].Equal(b[i]) {
return false
}
}
return true
} }
func pkixEqual(a, b pkix.Name) bool { func pkixEqual(a, b pkix.Name) bool {
...@@ -211,14 +226,18 @@ func (c *signCmd) Execute(ctx context.Context, _ *flag.FlagSet, _ ...interface{} ...@@ -211,14 +226,18 @@ func (c *signCmd) Execute(ctx context.Context, _ *flag.FlagSet, _ ...interface{}
if c.checkOnly { if c.checkOnly {
return subcommands.ExitFailure return subcommands.ExitFailure
} }
log.Printf("renewing certificate for %s", pkixNameToString(*c.subject.Name)) if aboutToExpire(cert) {
log.Printf("renewing certificate for %s", pkixNameToString(*c.subject.Name))
} else {
log.Printf("updating certificate for %s", pkixNameToString(*c.subject.Name))
}
cert, err = ca.signCertificate(pkey, c.certPath, c.subject.Name, c.sanList, c.ipList, c.isClient, c.isServer, time.Duration(c.validityDays)*oneDay) cert, err = ca.signCertificate(pkey, c.certPath, c.subject.Name, c.sanList, c.ipList, c.isClient, c.isServer, time.Duration(c.validityDays)*oneDay)
if err != nil { if err != nil {
log.Printf("ERROR: could not renew certificate: %v", err) log.Printf("ERROR: could not renew certificate: %v", err)
} }
changed = true changed = true
} }
return exitStatus(changed) return exitStatus(changed, c.checkOnly)
} }
func init() { func init() {
......
...@@ -193,8 +193,9 @@ func init() { ...@@ -193,8 +193,9 @@ func init() {
subcommands.Register(subcommands.CommandsCommand(), "") subcommands.Register(subcommands.CommandsCommand(), "")
} }
func exitStatus(changed bool) subcommands.ExitStatus { func exitStatus(changed, checkOnly bool) subcommands.ExitStatus {
if *useCustomExitStatus && changed { if !checkOnly && *useCustomExitStatus && changed {
log.Printf("files have been modified")
return subcommands.ExitStatus(filesModifiedExitStatus) return subcommands.ExitStatus(filesModifiedExitStatus)
} }
return subcommands.ExitSuccess return subcommands.ExitSuccess
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment