Change how challenge order is preserved as suggested by @zakjan

2015-11-18 19:44:47 +01:00 · 2015-11-18 19:44:47 +01:00 · 3be490f6cb
commit 3be490f6cb
parent ca5c3a4315
2 changed files with 10 additions and 54 deletions
--- a/acme/client.go
+++ b/acme/client.go
@ -239,8 +239,6 @@ func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (Certificat
 		return CertificateResource{}, failures
 	}

-	challenges = reorderAuthorizations(domains, challenges)
-
 	errs := c.solveChallenges(challenges)
 	// If any challenge fails - return. Do not generate partial SAN certificates.
 	if len(errs) > 0 {
@ -458,21 +456,28 @@ func (c *Client) getChallenges(domains []string) ([]authorizationResource, map[s
 		}(domain)
 	}

-	var responses []authorizationResource
+	responses := make(map[string]authorizationResource)
 	failures := make(map[string]error)
 	for i := 0; i < len(domains); i++ {
 		select {
 		case res := <-resc:
-			responses = append(responses, res)
+			responses[res.Domain] = res
 		case err := <-errc:
 			failures[err.Domain] = err.Error
 		}
 	}

+	challenges := make([]authorizationResource, 0, len(responses))
+	for _, domain := range domains {
+		if challenge, ok := responses[domain]; ok {
+			challenges = append(challenges, challenge)
+		}
+	}
+
 	close(resc)
 	close(errc)

-	return responses, failures
+	return challenges, failures
 }

 // requestCertificates iterates all granted authorizations, creates RSA private keys and CSRs.
@ -663,20 +668,3 @@ func parseLinks(links []string) map[string]string {

 	return linkMap
 }
-
-func reorderAuthorizations(domains []string, challenges []authorizationResource) []authorizationResource {
-	// restore order of challenges
-	for i, domain := range domains {
-		if domain == challenges[i].Domain {
-			continue
-		}
-
-		for j, chlng := range challenges {
-			if chlng.Domain == domain {
-				challenges[i], challenges[j] = challenges[j], challenges[i]
-			}
-		}
-	}
-
-	return challenges
-}
--- a/acme/client_test.go
+++ b/acme/client_test.go
@ -4,8 +4,6 @@ import (
 	"crypto/rand"
 	"crypto/rsa"
 	"encoding/json"
-	"fmt"
-	mrand "math/rand"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@ -70,33 +68,3 @@ type mockUser struct {
 func (u mockUser) GetEmail() string                       { return u.email }
 func (u mockUser) GetRegistration() *RegistrationResource { return u.regres }
 func (u mockUser) GetPrivateKey() *rsa.PrivateKey         { return u.privatekey }
-
-func TestReorderAuthorizations(t *testing.T) {
-	// generate fake domains
-	var domains []string
-	for i := 0; i < 30; i++ {
-		domains = append(domains, fmt.Sprintf("example%d.com", i))
-	}
-
-	// generate authorizationResources from the domains
-	var challenges []authorizationResource
-	for _, domain := range domains {
-		challenges = append(challenges, authorizationResource{Domain: domain})
-	}
-
-	// shuffle the challenges slice
-	for i := len(challenges) - 1; i > 0; i-- {
-		j := mrand.Intn(i + 1)
-		challenges[i], challenges[j] = challenges[j], challenges[i]
-	}
-
-	// reorder the challenges
-	reordered := reorderAuthorizations(domains, challenges)
-
-	// test if reordering was successfull
-	for i, domain := range domains {
-		if domain != reordered[i].Domain {
-			t.Errorf("Expected reordered[%d] to equal %s but was %s", i, domain, reordered[i].Domain)
-		}
-	}
-}