Store issuers cache under os.UserCacheDir
This commit is contained in:
parent
6151cb26da
commit
8119925c16
|
@ -89,6 +89,13 @@ func defaultConfigDir() string {
|
||||||
return filepath.Join(homedir(), ".certspotter")
|
return filepath.Join(homedir(), ".certspotter")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
func defaultCacheDir() string {
|
||||||
|
userCacheDir, err := os.UserCacheDir()
|
||||||
|
if err != nil {
|
||||||
|
panic(fmt.Errorf("unable to determine user cache directory: %w", err))
|
||||||
|
}
|
||||||
|
return filepath.Join(userCacheDir, "certspotter")
|
||||||
|
}
|
||||||
func defaultWatchListPath() string {
|
func defaultWatchListPath() string {
|
||||||
return filepath.Join(defaultConfigDir(), "watchlist")
|
return filepath.Join(defaultConfigDir(), "watchlist")
|
||||||
}
|
}
|
||||||
|
@ -192,6 +199,7 @@ func main() {
|
||||||
|
|
||||||
fsstate := &monitor.FilesystemState{
|
fsstate := &monitor.FilesystemState{
|
||||||
StateDir: flags.stateDir,
|
StateDir: flags.stateDir,
|
||||||
|
CacheDir: defaultCacheDir(),
|
||||||
SaveCerts: !flags.noSave,
|
SaveCerts: !flags.noSave,
|
||||||
Script: flags.script,
|
Script: flags.script,
|
||||||
ScriptDir: defaultScriptDir(),
|
ScriptDir: defaultScriptDir(),
|
||||||
|
|
|
@ -28,6 +28,7 @@ import (
|
||||||
|
|
||||||
type FilesystemState struct {
|
type FilesystemState struct {
|
||||||
StateDir string
|
StateDir string
|
||||||
|
CacheDir string
|
||||||
SaveCerts bool
|
SaveCerts bool
|
||||||
Script string
|
Script string
|
||||||
ScriptDir string
|
ScriptDir string
|
||||||
|
@ -40,7 +41,13 @@ func (s *FilesystemState) logStateDir(logID LogID) string {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *FilesystemState) Prepare(ctx context.Context) error {
|
func (s *FilesystemState) Prepare(ctx context.Context) error {
|
||||||
return prepareStateDir(s.StateDir)
|
if err := prepareStateDir(s.StateDir); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := prepareCacheDir(s.CacheDir); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *FilesystemState) PrepareLog(ctx context.Context, logID LogID) error {
|
func (s *FilesystemState) PrepareLog(ctx context.Context, logID LogID) error {
|
||||||
|
@ -94,12 +101,12 @@ func (s *FilesystemState) RemoveSTH(ctx context.Context, logID LogID, sth *cttyp
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *FilesystemState) StoreIssuer(ctx context.Context, fingerprint *[32]byte, issuer []byte) error {
|
func (s *FilesystemState) StoreIssuer(ctx context.Context, fingerprint *[32]byte, issuer []byte) error {
|
||||||
filePath := filepath.Join(s.StateDir, "issuers", hex.EncodeToString(fingerprint[:]))
|
filePath := filepath.Join(s.CacheDir, "issuers", hex.EncodeToString(fingerprint[:]))
|
||||||
return writeFile(filePath, issuer, 0666)
|
return writeFile(filePath, issuer, 0666)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *FilesystemState) LoadIssuer(ctx context.Context, fingerprint *[32]byte) ([]byte, error) {
|
func (s *FilesystemState) LoadIssuer(ctx context.Context, fingerprint *[32]byte) ([]byte, error) {
|
||||||
filePath := filepath.Join(s.StateDir, "issuers", hex.EncodeToString(fingerprint[:]))
|
filePath := filepath.Join(s.CacheDir, "issuers", hex.EncodeToString(fingerprint[:]))
|
||||||
issuer, err := os.ReadFile(filePath)
|
issuer, err := os.ReadFile(filePath)
|
||||||
if errors.Is(err, fs.ErrNotExist) {
|
if errors.Is(err, fs.ErrNotExist) {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
|
|
|
@ -145,7 +145,7 @@ func prepareStateDir(stateDir string) error {
|
||||||
return fmt.Errorf("%s was created by a newer version of certspotter; upgrade to the latest version of certspotter or remove this directory to start from scratch", stateDir)
|
return fmt.Errorf("%s was created by a newer version of certspotter; upgrade to the latest version of certspotter or remove this directory to start from scratch", stateDir)
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, subdir := range []string{"certs", "logs", "healthchecks", "issuers"} {
|
for _, subdir := range []string{"certs", "logs", "healthchecks"} {
|
||||||
if err := os.Mkdir(filepath.Join(stateDir, subdir), 0777); err != nil && !errors.Is(err, fs.ErrExist) {
|
if err := os.Mkdir(filepath.Join(stateDir, subdir), 0777); err != nil && !errors.Is(err, fs.ErrExist) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -153,3 +153,15 @@ func prepareStateDir(stateDir string) error {
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func prepareCacheDir(cacheDir string) error {
|
||||||
|
if err := os.MkdirAll(cacheDir, 0777); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
for _, subdir := range []string{"issuers"} {
|
||||||
|
if err := os.Mkdir(filepath.Join(cacheDir, subdir), 0777); err != nil && !errors.Is(err, fs.ErrExist) {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue