fix bug with sanitizing rejections

canonical · Aug 23, 2024 · 124145c · 124145c
1 parent 4238c94
commit 124145c
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 6 deletions.
diff --git a/internal/api/handlers_test.go b/internal/api/handlers_test.go
@@ -132,11 +132,11 @@ btZkbfdL5A==
 var (
 	expectedGetAllCertsResponseBody1 = fmt.Sprintf("[{\"id\":1,\"csr\":\"%s\",\"certificate\":\"\"}]", trimmed(AppleCSR))
 	expectedGetAllCertsResponseBody2 = fmt.Sprintf("[{\"id\":1,\"csr\":\"%s\",\"certificate\":\"\"},{\"id\":2,\"csr\":\"%s\",\"certificate\":\"\"}]", trimmed(AppleCSR), trimmed(BananaCSR))
-	expectedGetAllCertsResponseBody3 = fmt.Sprintf("[{\"id\":2,\"csr\":\"%s\",\"certificate\":\"%s\\n%s\\n\"},{\"id\":3,\"csr\":\"%s\",\"certificate\":\"\"},{\"id\":4,\"csr\":\"%s\",\"certificate\":\"rejected\"}]", trimmed(BananaCSR), trimmed(BananaCert), trimmed(IssuerCert), trimmed(StrawberryCSR), trimmed(AppleCSR))
+	expectedGetAllCertsResponseBody3 = fmt.Sprintf("[{\"id\":2,\"csr\":\"%s\",\"certificate\":\"%s\\n%s\"},{\"id\":3,\"csr\":\"%s\",\"certificate\":\"\"},{\"id\":4,\"csr\":\"%s\",\"certificate\":\"rejected\"}]", trimmed(BananaCSR), trimmed(BananaCert), trimmed(IssuerCert), trimmed(StrawberryCSR), trimmed(AppleCSR))
 	expectedGetAllCertsResponseBody4 = fmt.Sprintf("[{\"id\":2,\"csr\":\"%s\",\"certificate\":\"\"},{\"id\":3,\"csr\":\"%s\",\"certificate\":\"\"},{\"id\":4,\"csr\":\"%s\",\"certificate\":\"rejected\"}]", trimmed(BananaCSR), trimmed(StrawberryCSR), trimmed(AppleCSR))
 	expectedGetCertReqResponseBody1  = fmt.Sprintf("{\"id\":2,\"csr\":\"%s\",\"certificate\":\"\"}", trimmed(BananaCSR))
 	expectedGetCertReqResponseBody2  = fmt.Sprintf("{\"id\":4,\"csr\":\"%s\",\"certificate\":\"\"}", trimmed(AppleCSR))
-	expectedGetCertReqResponseBody3  = fmt.Sprintf("{\"id\":2,\"csr\":\"%s\",\"certificate\":\"%s\\n%s\\n\"}", trimmed(BananaCSR), trimmed(BananaCert), trimmed(IssuerCert))
+	expectedGetCertReqResponseBody3  = fmt.Sprintf("{\"id\":2,\"csr\":\"%s\",\"certificate\":\"%s\\n%s\"}", trimmed(BananaCSR), trimmed(BananaCert), trimmed(IssuerCert))
 	expectedGetCertReqResponseBody4  = fmt.Sprintf("{\"id\":2,\"csr\":\"%s\",\"certificate\":\"\"}", trimmed(BananaCSR))
 )
 

diff --git a/internal/certdb/certdb.go b/internal/certdb/certdb.go
@@ -126,8 +126,9 @@ func (db *CertificateRequestsRepository) UpdateCSR(id string, cert string) (int6
 		if err != nil {
 			return 0, errors.New("cert validation failed: " + err.Error())
 		}
+		cert = sanitizeCertificateBundle(cert)
 	}
-	result, err := db.conn.Exec(fmt.Sprintf(queryUpdateCSR, db.certificateTable), sanitizeCertificateBundle(cert), csr.ID)
+	result, err := db.conn.Exec(fmt.Sprintf(queryUpdateCSR, db.certificateTable), cert, csr.ID)
 	if err != nil {
 		return 0, err
 	}

diff --git a/internal/certdb/certdb_test.go b/internal/certdb/certdb_test.go
@@ -61,13 +61,14 @@ func TestCSRsEndToEnd(t *testing.T) {
 	if len(res) != 2 {
 		t.Fatalf("CSR's weren't deleted from the DB properly")
 	}
-	_, err = db.UpdateCSR(strconv.FormatInt(id2, 10), fmt.Sprintf("%s%s", BananaCert, IssuerCert))
+	var BananaCertBundle = strings.TrimSpace(fmt.Sprintf("%s%s", BananaCert, IssuerCert))
+	_, err = db.UpdateCSR(strconv.FormatInt(id2, 10), BananaCertBundle)
 	if err != nil {
 		t.Fatalf("Couldn't complete Update: %s", err)
 	}
 	retrievedCSR, _ = db.RetrieveCSR(strconv.FormatInt(id2, 10))
-	if retrievedCSR.Certificate != fmt.Sprintf("%s%s", BananaCert, IssuerCert) {
-		t.Fatalf("The certificate that was uploaded does not match the certificate that was given.\n Retrieved: %s\nGiven: %s", retrievedCSR.Certificate, BananaCert)
+	if retrievedCSR.Certificate != BananaCertBundle {
+		t.Fatalf("The certificate that was uploaded does not match the certificate that was given.\n Retrieved: %s\nGiven: %s", retrievedCSR.Certificate, BananaCertBundle)
 	}
 	_, err = db.UpdateCSR(strconv.FormatInt(id2, 10), "")
 	if err != nil {