Smart nonces #144
Smart nonces #144
Conversation
|
@mmaney Could you link the PR number that this relies on on? |
|
Sorry - when I submitted this hoping to get some feedback, it was an offshoot of "wrap requests" which had some other motivation (using pebble for testing, maybe?). The branch includes its prerequisite (the two "wrap" commits) because that's how git works. I'll edit above to make this less unclear (I hope). [later] I've closed the wrap-requests PR as it's subsumed by this PR. That may help the confusion, too. |
|
@mmaney tests are failing, could you have a look? |
|
I don't understand what that CI system is trying to say, but from that first error it looks like an error with the aliyundns access key, which I can't do anything about? Oh, the traceback (and some useful clues) is hidden 'way below. Yuck. Is this trying to talk to LE's staging? that's known not to work since they switched that to reject the older draft v.2 protocol, so until the rfc8555 updates are in, the CI is useless. If I understand what's going on... |
@mmaney As far as I know, As an example one of the tests that is failing is: sewer/sewer/tests/test_Client.py Lines 274 to 281 in be72ee6 as you can see, that test begins with; with mock.patch("requests.post") as mock_requests_post ...so that any network IO is mocked. The problem is that this PR has changed, instead of having with mock.patch("sewer.Client.POST") as mock_requests_post ....:etc |
|
One damn thing after another, isn't it? I'm going to drop back ten and punt. |
Fixes #143 by adding a simple fresh nonce cache that is refilled opportunistically from Replay-Nonce header included in most server responses.
NB: this builds on top of wrap-requests and requires that PR.
[to clarify: this branch will bring along the "wrap requests" work, because that's how git works. I called it out separately when it was first submitted because the "wrap requests" code had been an earlier PR, and the nonce harvesting wasn't the original goal.]