acme/autocert/internal/acmetest: don't validate in goroutine

rolandshoemaker · rolandshoemaker · commit c6db032c6c88 · 2022-05-11T20:02:25.000Z
In the test server, rather than spawning a goroutine to validate challenges, block on the validation before responding to the client. This prevents a test race, where testing.T.Logf is called after the test is completed. While this has a slight behavioral difference to some production ACME server implementations (although is behavior allowed in the spec), the change has little material impact on what we are testing, since previously the validation would happen so quickly that it would be indistinguishable from the new blocking behavior (i.e. we would not be sending multiple requests during polling previously.) Fixes golang/go#52170 Change-Id: I75e3b2da69ddc2302be25a99f1b1151ed0f4af9b Reviewed-on: https://go-review.googlesource.com/c/crypto/+/405548 Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Bryan Mills <bcmills@google.com>
diff --git a/acme/autocert/internal/acmetest/ca.go b/acme/autocert/internal/acmetest/ca.go
@@ -380,7 +380,7 @@ func (ca *CAServer) handle(w http.ResponseWriter, r *http.Request) {
 			ca.httpErrorf(w, http.StatusBadRequest, "challenge accept: %v", err)
 			return
 		}
-		go ca.validateChallenge(a, typ)
+		ca.validateChallenge(a, typ)
 		w.Write([]byte("{}"))
 
 	// Get authorization status requests.

Original file line number	Diff line number	Diff line change
`@@ -380,7 +380,7 @@ func (ca CAServer) handle(w http.ResponseWriter, r http.Request) {`
`380`	`380`	`ca.httpErrorf(w, http.StatusBadRequest, "challenge accept: %v", err)`
`381`	`381`	`return`
`382`	`382`	`}`
`383`		`- go ca.validateChallenge(a, typ)`
	`383`	`+ ca.validateChallenge(a, typ)`
`384`	`384`	`w.Write([]byte("{}"))`
`385`	`385`
`386`	`386`	`// Get authorization status requests.`