From 3be490f6cb520fae7655c69662e45aa5aa80051e Mon Sep 17 00:00:00 2001 From: xenolf Date: Wed, 18 Nov 2015 19:44:47 +0100 Subject: [PATCH] Change how challenge order is preserved as suggested by @zakjan --- acme/client.go | 32 ++++++++++---------------------- acme/client_test.go | 32 -------------------------------- 2 files changed, 10 insertions(+), 54 deletions(-) diff --git a/acme/client.go b/acme/client.go index e06917a0..15e1d4c7 100644 --- a/acme/client.go +++ b/acme/client.go @@ -239,8 +239,6 @@ func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (Certificat return CertificateResource{}, failures } - challenges = reorderAuthorizations(domains, challenges) - errs := c.solveChallenges(challenges) // If any challenge fails - return. Do not generate partial SAN certificates. if len(errs) > 0 { @@ -458,21 +456,28 @@ func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[s }(domain) } - var responses []authorizationResource + responses := make(map[string]authorizationResource) failures := make(map[string]error) for i := 0; i < len(domains); i++ { select { case res := <-resc: - responses = append(responses, res) + responses[res.Domain] = res case err := <-errc: failures[err.Domain] = err.Error } } + challenges := make([]authorizationResource, 0, len(responses)) + for _, domain := range domains { + if challenge, ok := responses[domain]; ok { + challenges = append(challenges, challenge) + } + } + close(resc) close(errc) - return responses, failures + return challenges, failures } // requestCertificates iterates all granted authorizations, creates RSA private keys and CSRs. @@ -663,20 +668,3 @@ func parseLinks(links []string) map[string]string { return linkMap } - -func reorderAuthorizations(domains []string, challenges []authorizationResource) []authorizationResource { - // restore order of challenges - for i, domain := range domains { - if domain == challenges[i].Domain { - continue - } - - for j, chlng := range challenges { - if chlng.Domain == domain { - challenges[i], challenges[j] = challenges[j], challenges[i] - } - } - } - - return challenges -} diff --git a/acme/client_test.go b/acme/client_test.go index a7cd8ad8..1a29bf45 100644 --- a/acme/client_test.go +++ b/acme/client_test.go @@ -4,8 +4,6 @@ import ( "crypto/rand" "crypto/rsa" "encoding/json" - "fmt" - mrand "math/rand" "net/http" "net/http/httptest" "testing" @@ -70,33 +68,3 @@ type mockUser struct { func (u mockUser) GetEmail() string { return u.email } func (u mockUser) GetRegistration() *RegistrationResource { return u.regres } func (u mockUser) GetPrivateKey() *rsa.PrivateKey { return u.privatekey } - -func TestReorderAuthorizations(t *testing.T) { - // generate fake domains - var domains []string - for i := 0; i < 30; i++ { - domains = append(domains, fmt.Sprintf("example%d.com", i)) - } - - // generate authorizationResources from the domains - var challenges []authorizationResource - for _, domain := range domains { - challenges = append(challenges, authorizationResource{Domain: domain}) - } - - // shuffle the challenges slice - for i := len(challenges) - 1; i > 0; i-- { - j := mrand.Intn(i + 1) - challenges[i], challenges[j] = challenges[j], challenges[i] - } - - // reorder the challenges - reordered := reorderAuthorizations(domains, challenges) - - // test if reordering was successfull - for i, domain := range domains { - if domain != reordered[i].Domain { - t.Errorf("Expected reordered[%d] to equal %s but was %s", i, domain, reordered[i].Domain) - } - } -}