added enhanced logging

Gr33nbl00d · Dec 1, 2023 · 1a5989c · 1a5989c
1 parent 46d2c88
commit 1a5989c
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 4 deletions.
diff --git a/configparser.go b/configparser.go
@@ -5,7 +5,7 @@ import (
 	"encoding/pem"
 	"fmt"
 	"github.com/gr33nbl00d/caddy-revocation-validator/config"
-	"io/ioutil"
+	"os"
 	"time"
 )
 
@@ -164,7 +164,7 @@ func parseTrustedCrlSignerCerts(crlConfig *config.CRLConfig) error {
 }
 
 func parseCertFromFile(certFile string) (*x509.Certificate, error) {
-	certBytes, err := ioutil.ReadFile(certFile)
+	certBytes, err := os.ReadFile(certFile)
 	if err != nil {
 		return nil, err
 	}
@@ -174,7 +174,7 @@ func parseCertFromFile(certFile string) (*x509.Certificate, error) {
 	}
 	certificate, err := x509.ParseCertificate(block.Bytes)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("could not parse certificate from file #{certFile}", err)
 	}
 	return certificate, nil
 }

diff --git a/crl/crlrepository/crlrepository.go b/crl/crlrepository/crlrepository.go
@@ -274,6 +274,7 @@ func (R *Repository) updateCRL(identifier string) error {
 }
 
 func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateChains) (err error) {
+	R.logger.Info("updating crl " + entry.CRLLoader.GetDescription())
 	var store crlstore.CRLStore
 	tempFileName, err := R.createTempFile()
 	if err != nil {
@@ -291,6 +292,7 @@ func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateCha
 	defer os.Remove(tempFileName)
 
 	var chains = newChains
+
 	points, storedChains, err := R.getCrlUpdateInformation(entry, err)
 	if err != nil {
 		return err
@@ -302,6 +304,7 @@ func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateCha
 	if err != nil {
 		return err
 	}
+	R.logger.Info("loading crl " + entry.CRLLoader.GetDescription())
 	err = loader.LoadCRL(tempFileName)
 	if err != nil {
 		return err
@@ -316,7 +319,7 @@ func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateCha
 	}
 
 	var processor = crlstore.CRLPersisterProcessor{CRLStore: store}
-
+	R.logger.Info("parsing crl loaded from " + entry.CRLLoader.GetDescription())
 	err = processor.UpdateCRLLocations(points)
 	if err != nil {
 		return err
@@ -326,6 +329,7 @@ func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateCha
 	if err != nil {
 		return err
 	}
+	R.logger.Info("verify crl signature of crl " + entry.CRLLoader.GetDescription())
 	signatureCert, err := verifyCRLSignature(result, chains)
 	if err != nil {
 		R.setLastSignatureVerifyFailed(entry, result)
@@ -344,6 +348,7 @@ func (R *Repository) updateCrlEntry(entry *Entry, newChains *core.CertificateCha
 		R.deleteEntrySync(identifier)
 		return err
 	}
+	R.logger.Info("finished updating crl " + entry.CRLLoader.GetDescription())
 	return nil
 }
 

diff --git a/crl/crlrevocationchecker.go b/crl/crlrevocationchecker.go
@@ -65,10 +65,12 @@ func (c *CRLRevocationChecker) Provision(crlConfig *config.CRLConfig, logger *za
 
 	logger.Info("creating crl certificate chains")
 	chains := core.NewCertificateChains(nil, crlConfig.TrustedSignatureCerts)
+	logger.Info("adding crl entries from crl_urls config")
 	err = c.addCrlUrlsFromConfig(chains)
 	if err != nil {
 		return err
 	}
+	logger.Info("adding crl entries from crl_files config")
 	err = c.addCrlFilesFromConfig(chains)
 	if err != nil {
 		return err
@@ -101,6 +103,7 @@ func (c *CRLRevocationChecker) addCrlUrlsFromConfig(chains *core.CertificateChai
 			return err
 		}
 		//update in case chains have changed
+		c.logger.Info("Updating crl from location " + crlUrl)
 		err = c.crlRepository.UpdateCRL(&crlLocations, chains)
 		if err != nil {
 			return err
@@ -119,6 +122,7 @@ func (c *CRLRevocationChecker) addCrlFilesFromConfig(chains *core.CertificateCha
 			return err
 		}
 		//update in case chains have changed
+		c.logger.Info("Updating crl from location " + crlFile)
 		err = c.crlRepository.UpdateCRL(&crlLocations, chains)
 		if err != nil {
 			return err