1 files changed, 34 insertions, 13 deletions

diff --git a/src/catlfish.erl b/src/catlfish.erl
index 83ca3db..3956eec 100644
--- a/src/catlfish.erl
+++ b/src/catlfish.erl
@@ -4,8 +4,8 @@
 -module(catlfish).
 -export([add_chain/2, entries/2, entry_and_proof/2]).
 -export([known_roots/0, update_known_roots/0]).
+-export([init_cache_table/0]).
 -include_lib("eunit/include/eunit.hrl").
--include("catlfish.hrl").
 
 -define(PROTOCOL_VERSION, 0).
 
@@ -133,6 +133,14 @@ entry_and_proof(Index, TreeSize) ->
               {error_message, list_to_binary(Msg)}]}
     end.
 
+-define(CACHE_TABLE, catlfish_cache).
+init_cache_table() ->
+    case ets:info(?CACHE_TABLE) of
+	undefined -> ok;
+	_ -> ets:delete(?CACHE_TABLE)
+    end,
+    ets:new(?CACHE_TABLE, [set, public, named_table]).
+
 %% Private functions.
 unpack_entry(Entry) ->
     <<Timestamp:64, LogEntry/binary>> = Entry,
@@ -183,37 +191,50 @@ known_roots(Directory, CacheUsage) ->
         use_cache ->
             case ets:lookup(?CACHE_TABLE, ?ROOTS_CACHE_KEY) of
                 [] ->
-                    read_files_and_udpate_table(Directory);
+                    read_files_and_update_table(Directory);
                 [{roots, DerList}] ->
                     DerList
             end;
         update_tab ->
-            read_files_and_udpate_table(Directory)
+            read_files_and_update_table(Directory)
     end.
 
-read_files_and_udpate_table(Directory) ->
-    L = x509:read_pemfiles_from_dir(Directory),
-    true = ets:insert(?CACHE_TABLE, {?ROOTS_CACHE_KEY, L}),
-    L.
+read_files_and_update_table(Directory) ->
+    Certs = x509:read_pemfiles_from_dir(Directory),
+    Proper = x509:self_signed(Certs),
+    case length(Certs) - length(Proper) of
+        0 -> ok;
+        N -> lager:warning(
+               "Ignoring ~p root certificates not signing themselves properly",
+               [N])
+    end,
+    true = ets:insert(?CACHE_TABLE, {?ROOTS_CACHE_KEY, Proper}),
+    lager:info("Known roots imported: ~p", [length(Proper)]),
+    Proper.
 
 %%%%%%%%%%%%%%%%%%%%
 %% Testing internal functions.
--define(PEMFILES_DIR_OK, "../test/testdata/known-roots").
--define(PEMFILES_DIR_NONEXISTENT, "../test/testdata/nonexistent-dir").
+-define(PEMFILES_DIR_OK, "test/testdata/known_roots").
+-define(PEMFILES_DIR_NONEXISTENT, "test/testdata/nonexistent-dir").
 
 read_pemfiles_test_() ->
     {setup,
-     fun() -> {known_roots(?PEMFILES_DIR_OK, use_cache),
-               known_roots(?PEMFILES_DIR_OK, use_cache)}
+     fun() ->
+             init_cache_table(),
+             {known_roots(?PEMFILES_DIR_OK, update_tab),
+              known_roots(?PEMFILES_DIR_OK, use_cache)}
      end,
      fun(_) -> ets:delete(?CACHE_TABLE, ?ROOTS_CACHE_KEY) end,
      fun({L, LCached}) ->
-             [?_assertMatch(7, length(L)),
+             [?_assertMatch(4, length(L)),
               ?_assertEqual(L, LCached)]
      end}.
 
 read_pemfiles_fail_test_() ->
     {setup,
-     fun() -> known_roots(?PEMFILES_DIR_NONEXISTENT, use_cache) end,
+     fun() ->
+             init_cache_table(),
+             known_roots(?PEMFILES_DIR_NONEXISTENT, update_tab)
+     end,
      fun(_) -> ets:delete(?CACHE_TABLE, ?ROOTS_CACHE_KEY) end,
      fun(Empty) -> [?_assertMatch([], Empty)] end}.