From b071349a3ddf92e655f8c82425c4bb9e27f4449e Mon Sep 17 00:00:00 2001
From: Jeremy Clerc <jclerc@google.com>
Date: Sat, 12 Sep 2015 11:09:09 +0200
Subject: avoid nested code in easyca.GenCRL

---
 pkg/easyca/easyca.go | 42 ++++++++++++++++++++++--------------------
 1 file changed, 22 insertions(+), 20 deletions(-)

(limited to 'pkg')

diff --git a/pkg/easyca/easyca.go b/pkg/easyca/easyca.go
index 06bb587..26bf5f0 100644
--- a/pkg/easyca/easyca.go
+++ b/pkg/easyca/easyca.go
@@ -185,27 +185,29 @@ func GenCRL(pkiroot string, expire int) error {
 		if len(matches) != 7 {
 			return fmt.Errorf("wrong line format %v elems: %v, %v", len(matches), matches, scanner.Text())
 		}
-		if matches[1] == "R" {
-			crt, err := GetCertificate(filepath.Join(pkiroot, "issued", matches[5]))
-			if err != nil {
-				return fmt.Errorf("get certificate %v: %v", matches[5], err)
-			}
+		if matches[1] != "R" {
+			continue
+		}
 
-			matchedSerial := big.NewInt(0)
-			fmt.Sscanf(matches[4], "%X", matchedSerial)
-			if matchedSerial.Cmp(crt.SerialNumber) != 0 {
-				return fmt.Errorf("serial in index does not match revoked certificate: %v", matches[0])
-			}
-			revocationTime, err := time.Parse("060102150405", strings.TrimSuffix(matches[3], "Z"))
-			if err != nil {
-				return fmt.Errorf("parse revocation time: %v", err)
-			}
-			revokedCerts = append(revokedCerts, pkix.RevokedCertificate{
-				SerialNumber:   crt.SerialNumber,
-				RevocationTime: revocationTime,
-				Extensions:     crt.Extensions,
-			})
+		crt, err := GetCertificate(filepath.Join(pkiroot, "issued", matches[5]))
+		if err != nil {
+			return fmt.Errorf("get certificate %v: %v", matches[5], err)
+		}
+
+		matchedSerial := big.NewInt(0)
+		fmt.Sscanf(matches[4], "%X", matchedSerial)
+		if matchedSerial.Cmp(crt.SerialNumber) != 0 {
+			return fmt.Errorf("serial in index does not match revoked certificate: %v", matches[0])
+		}
+		revocationTime, err := time.Parse("060102150405", strings.TrimSuffix(matches[3], "Z"))
+		if err != nil {
+			return fmt.Errorf("parse revocation time: %v", err)
 		}
+		revokedCerts = append(revokedCerts, pkix.RevokedCertificate{
+			SerialNumber:   crt.SerialNumber,
+			RevocationTime: revocationTime,
+			Extensions:     crt.Extensions,
+		})
 	}
 	caCrt, caKey, err := GetCA(pkiroot)
 	if err != nil {
@@ -387,7 +389,7 @@ func GeneratePKIStructure(pkiroot string) error {
 		{Name: "index.txt.attr", Content: "unique_subject = no"},
 	}
 	for _, f := range files {
-		// if using := here i get needs identifier, hm ?
+		// if using := here i get needs identifier, hm ?, needs to declare err before
 		var err error
 		f.File, err = os.Create(filepath.Join(pkiroot, f.Name))
 		if err != nil {
-- 
cgit v1.3