TrueCloudLab/lego
15
0
Fork 4
Code Issues 1 Pull requests 2 Projects Releases Packages Wiki Activity

Change how challenge order is preserved as suggested by @zakjan

Browse source
This commit is contained in:
xenolf 2015-11-18 19:44:47 +01:00
parent ca5c3a4315
commit 3be490f6cb
2 changed files with 10 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
acme/client.go
View file

@ -239,8 +239,6 @@ func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (Certificat
return CertificateResource{}, failures return CertificateResource{}, failures
} }
challenges = reorderAuthorizations(domains, challenges)
errs := c.solveChallenges(challenges) errs := c.solveChallenges(challenges)
// If any challenge fails - return. Do not generate partial SAN certificates. // If any challenge fails - return. Do not generate partial SAN certificates.
if len(errs) > 0 { if len(errs) > 0 {
@ -458,21 +456,28 @@ func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[s
}(domain) }(domain)
} }
var responses []authorizationResource responses := make(map[string]authorizationResource)
failures := make(map[string]error) failures := make(map[string]error)
for i := 0; i < len(domains); i++ { for i := 0; i < len(domains); i++ {
select { select {
case res := <-resc: case res := <-resc:
responses = append(responses, res) responses[res.Domain] = res
case err := <-errc: case err := <-errc:
failures[err.Domain] = err.Error failures[err.Domain] = err.Error
} }
} }
challenges := make([]authorizationResource, 0, len(responses))
for _, domain := range domains {
if challenge, ok := responses[domain]; ok {
challenges = append(challenges, challenge)
}
}
close(resc) close(resc)
close(errc) close(errc)
return responses, failures return challenges, failures
} }
// requestCertificates iterates all granted authorizations, creates RSA private keys and CSRs. // requestCertificates iterates all granted authorizations, creates RSA private keys and CSRs.
@ -663,20 +668,3 @@ func parseLinks(links []string) map[string]string {
return linkMap return linkMap
} }
func reorderAuthorizations(domains []string, challenges []authorizationResource) []authorizationResource {
// restore order of challenges
for i, domain := range domains {
if domain == challenges[i].Domain {
continue
}
for j, chlng := range challenges {
if chlng.Domain == domain {
challenges[i], challenges[j] = challenges[j], challenges[i]
}
}
}
return challenges
}

32
acme/client_test.go
View file

@ -4,8 +4,6 @@ import (
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"encoding/json" "encoding/json"
"fmt"
mrand "math/rand"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
@ -70,33 +68,3 @@ type mockUser struct {
func (u mockUser) GetEmail() string { return u.email } func (u mockUser) GetEmail() string { return u.email }
func (u mockUser) GetRegistration() *RegistrationResource { return u.regres } func (u mockUser) GetRegistration() *RegistrationResource { return u.regres }
func (u mockUser) GetPrivateKey() *rsa.PrivateKey { return u.privatekey } func (u mockUser) GetPrivateKey() *rsa.PrivateKey { return u.privatekey }
func TestReorderAuthorizations(t *testing.T) {
// generate fake domains
var domains []string
for i := 0; i < 30; i++ {
domains = append(domains, fmt.Sprintf("example%d.com", i))
}
// generate authorizationResources from the domains
var challenges []authorizationResource
for _, domain := range domains {
challenges = append(challenges, authorizationResource{Domain: domain})
}
// shuffle the challenges slice
for i := len(challenges) - 1; i > 0; i-- {
j := mrand.Intn(i + 1)
challenges[i], challenges[j] = challenges[j], challenges[i]
}
// reorder the challenges
reordered := reorderAuthorizations(domains, challenges)
// test if reordering was successfull
for i, domain := range domains {
if domain != reordered[i].Domain {
t.Errorf("Expected reordered[%d] to equal %s but was %s", i, domain, reordered[i].Domain)
}
}
}