From 1dcbe91877d94d721cb39b4473d80b9bf21ae097 Mon Sep 17 00:00:00 2001
From: Andrew Ayer <agwa@andrewayer.name>
Date: Sun, 7 Feb 2016 14:47:05 -0800
Subject: [PATCH] WriteCertRepository: avoid serializing precerts twice

With pre-certs, Chain[0] is the pre-cert itself.
---
 helpers.go | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/helpers.go b/helpers.go
index 3601f35..ee4d52a 100644
--- a/helpers.go
+++ b/helpers.go
@@ -249,9 +249,9 @@ func WriteCertRepository (repoPath string, entry *ct.LogEntry) (bool, string, er
 	fingerprint := sha256hex(getRaw(entry))
 	prefixPath := filepath.Join(repoPath, fingerprint[0:2])
 	var filenameSuffix string
-	if entry.Precert != nil {
+	if entry.Leaf.TimestampedEntry.EntryType == ct.PrecertLogEntryType {
 		filenameSuffix = ".precert.pem"
-	} else if entry.X509Cert != nil {
+	} else if entry.Leaf.TimestampedEntry.EntryType == ct.X509LogEntryType {
 		filenameSuffix = ".cert.pem"
 	}
 	if err := os.Mkdir(prefixPath, 0777); err != nil && !os.IsExist(err) {
@@ -266,9 +266,11 @@ func WriteCertRepository (repoPath string, entry *ct.LogEntry) (bool, string, er
 			return false, path, fmt.Errorf("Failed to open %s for writing: %s", path, err)
 		}
 	}
-	if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: getRaw(entry)}); err != nil {
-		file.Close()
-		return false, path, fmt.Errorf("Error writing to %s: %s", path, err)
+	if entry.Leaf.TimestampedEntry.EntryType == ct.X509LogEntryType {
+		if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: entry.Leaf.TimestampedEntry.X509Entry}); err != nil {
+			file.Close()
+			return false, path, fmt.Errorf("Error writing to %s: %s", path, err)
+		}
 	}
 	for _, chainCert := range entry.Chain {
 		if err := pem.Encode(file, &pem.Block{Type: "CERTIFICATE", Bytes: chainCert}); err != nil {