Only SelectCertificate by serial

letsencrypt · Jul 11, 2020 · ad1f1e4 · ad1f1e4
1 parent 30eabe0
commit ad1f1e4
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 11 deletions.
diff --git a/cmd/admin-revoker/main.go b/cmd/admin-revoker/main.go
@@ -106,7 +106,7 @@ func revokeCertificate(ctx context.Context, certObj core.Certificate, reasonCode
 }
 
 func revokeBySerial(ctx context.Context, serial string, reasonCode revocation.Reason, rac core.RegistrationAuthority, logger blog.Logger, dbMap db.Executor) error {
-	certObj, err := sa.SelectCertificate(dbMap, "WHERE serial = ?", serial)
+	certObj, err := sa.SelectCertificate(dbMap, serial)
 	if err != nil {
 		if db.IsNoRows(err) {
 			return berrors.NotFoundError("certificate with serial %q not found", serial)

diff --git a/cmd/expiration-mailer/main.go b/cmd/expiration-mailer/main.go
@@ -299,7 +299,7 @@ func (m *mailer) findExpiringCertificates() error {
 		var certs []core.Certificate
 		for _, serial := range serials {
 			var cert core.Certificate
-			cert, err := sa.SelectCertificate(m.dbMap, "WHERE serial = ?", serial)
+			cert, err := sa.SelectCertificate(m.dbMap, serial)
 			if err != nil {
 				// We can get a NoRowsErr when processing a serial number corresponding
 				// to a precertificate with no final certificate. Since this certificate

diff --git a/cmd/ocsp-updater/main.go b/cmd/ocsp-updater/main.go
@@ -160,11 +160,7 @@ func (updater *OCSPUpdater) findStaleOCSPResponses(oldestLastUpdatedTime time.Ti
 }
 
 func getCertDER(selector ocspDB, serial string) ([]byte, error) {
-	cert, err := sa.SelectCertificate(
-		selector,
-		"WHERE serial = ?",
-		serial,
-	)
+	cert, err := sa.SelectCertificate(selector, serial)
 	if err != nil {
 		if db.IsNoRows(err) {
 			cert, err = sa.SelectPrecertificate(selector, serial)

diff --git a/sa/model.go b/sa/model.go
@@ -65,12 +65,13 @@ func selectRegistration(s db.OneSelector, q string, args ...interface{}) (*regMo
 const certFields = "registrationID, serial, digest, der, issued, expires"
 
 // SelectCertificate selects all fields of one certificate object
-func SelectCertificate(s db.OneSelector, q string, args ...interface{}) (core.Certificate, error) {
+// identified by serial.
+func SelectCertificate(s db.OneSelector, serial string) (core.Certificate, error) {
 	var model core.Certificate
 	err := s.SelectOne(
 		&model,
-		"SELECT "+certFields+" FROM certificates "+q,
-		args...,
+		"SELECT "+certFields+" FROM certificates WHERE serial = ?",
+		serial,
 	)
 	return model, err
 }

diff --git a/sa/sa.go b/sa/sa.go
@@ -309,7 +309,7 @@ func (ssa *SQLStorageAuthority) GetCertificate(ctx context.Context, serial strin
 		return core.Certificate{}, err
 	}
 
-	cert, err := SelectCertificate(ssa.dbMap.WithContext(ctx), "WHERE serial = ?", serial)
+	cert, err := SelectCertificate(ssa.dbMap.WithContext(ctx), serial)
 	if db.IsNoRows(err) {
 		return core.Certificate{}, berrors.NotFoundError("certificate with serial %q not found", serial)
 	}