This commit moves the information about certificate revocation into an
own table. All locations accessing this information have been adapted.
Old Behavior:
Table "certs" has a column "revoked" that is "NULL" for all non-revoked
certificates and contains the revocation time (from cassiopeia) for all
revoked certificates.
on revoke: gigi creates a "job" indicating the row in "certs" to revoke
on revoke execution: cassiopeia marks the "job" done and inserts a
revocation date in "certs"
Possible States:
1. revoked is NULL, no revocation job exists
2. revoked is NULL, revocation job exists.
(2b. this transition is not a transaction in cassiopeia so an in-between
state might be observed)
3. revoked is not NULL, revocation job is marked as done
New Behavior:
Table "certs" doesn't have a "revoked" column instead there is a new
table.
on revoke: gigi inserts the "revocation"-row without a revocation date
filled in, but with the reason and other information about the
revocation. Additionally a "job" is created to trigger cassiopeia.
on revoke execution: cassiopeia marks the job as done and updates the
revocation date in the revocation column.
Possible States:
1. no revocation entry and not revocation job exist.
(1b. again strictly speaking not a transaction here)
2. revocation entry without date and revocation job exist
(2b. also still no transaction)
3. date in revocation entry is filled and revocation job is marked done
projects / gigi.git / commit