diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 0e031a32d282..17240522c1b3 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -1,6 +1,6 @@ { "ImportPath": "github.com/letsencrypt/boulder", - "GoVersion": "go1.10", + "GoVersion": "go1.11", "GodepVersion": "v80", "Packages": [ "./..." diff --git a/ra/ra.go b/ra/ra.go index a55bb11047ef..91e8be3ca089 100644 --- a/ra/ra.go +++ b/ra/ra.go @@ -1840,7 +1840,7 @@ func (ra *RegistrationAuthorityImpl) NewOrder(ctx context.Context, req *rapb.New // An authz without an expiry is an unexpected internal server event if authz.Expires == nil { return nil, berrors.InternalServerError( - "SA.GetAuthorizations returned an authz (%d) with nil expiry", + "SA.GetAuthorizations returned an authz (%s) with nil expiry", *authz.Id) } // If the reused authorization expires before the minExpiry, it's expiry diff --git a/sa/sa.go b/sa/sa.go index c140daadd198..41fa68f7d49b 100644 --- a/sa/sa.go +++ b/sa/sa.go @@ -795,13 +795,13 @@ func (ssa *SQLStorageAuthority) UpdatePendingAuthorization(ctx context.Context, } if !existingPending(tx, authz.ID) { - err = berrors.InternalServerError("authorization with ID '%d' not found", authz.ID) + err = berrors.InternalServerError("authorization with ID '%s' not found", authz.ID) return Rollback(tx, err) } _, err = selectPendingAuthz(tx, "WHERE id = ?", authz.ID) if err == sql.ErrNoRows { - err = berrors.InternalServerError("authorization with ID '%d' not found", authz.ID) + err = berrors.InternalServerError("authorization with ID '%s' not found", authz.ID) return Rollback(tx, err) } if err != nil { diff --git a/va/va.go b/va/va.go index 0617c5df24ac..f57ac3bac38c 100644 --- a/va/va.go +++ b/va/va.go @@ -499,8 +499,8 @@ func (va *ValidationAuthorityImpl) fetchHTTP(ctx context.Context, identifier cor // io.LimitedReader will silently truncate a Reader so if the // resulting payload is the same size as maxResponseSize fail if len(body) >= maxResponseSize { - return nil, validationRecords, probs.Unauthorized("Invalid response from %s: q", url, - replaceInvalidUTF8(body)) + return nil, validationRecords, probs.Unauthorized(fmt.Sprintf("Invalid response from %s: %q", url, + replaceInvalidUTF8(body))) } if httpResponse.StatusCode != 200 { diff --git a/wfe2/wfe_test.go b/wfe2/wfe_test.go index 8d76d734382e..3206314dd798 100644 --- a/wfe2/wfe_test.go +++ b/wfe2/wfe_test.go @@ -1996,11 +1996,6 @@ func TestFinalizeOrder(t *testing.T) { Request: signAndPost(t, "1/7", "http://localhost/1/7", goodCertCSRPayload, 1, wfe.nonceService), ExpectedBody: `{"type":"` + probs.V2ErrorNS + `malformed","detail":"Order 7 is expired","status":404}`, }, - { - Name: "Invalid CSR", - Request: signAndPost(t, "1/4", "http://localhost/1/4", `{"CSR": "ABCD"}`, 1, wfe.nonceService), - ExpectedBody: `{"type":"` + probs.V2ErrorNS + `malformed","detail":"Error parsing certificate request: asn1: structure error: tags don't match (16 vs {class:0 tag:0 length:16 isCompound:false}) {optional:false explicit:false application:false defaultValue:\u003cnil\u003e tag:\u003cnil\u003e stringType:0 timeType:0 set:false omitEmpty:false} certificateRequest @2","status":400}`, - }, { Name: "Good CSR, Pending Order", Request: signAndPost(t, "1/4", "http://localhost/1/4", goodCertCSRPayload, 1, wfe.nonceService), @@ -2052,6 +2047,17 @@ func TestFinalizeOrder(t *testing.T) { tc.ExpectedBody) }) } + + // Check a bad CSR request separately from the above testcases. We don't want + // to match the whole response body because the "detail" of a bad CSR problem + // contains a verbose Go error message that can change between versions (e.g. + // Go 1.10.4 to 1.11 changed the expected format) + badCSRReq := signAndPost(t, "1/4", "http://localhost/1/4", `{"CSR": "ABCD"}`, 1, wfe.nonceService) + responseWriter.Body.Reset() + responseWriter.HeaderMap = http.Header{} + wfe.FinalizeOrder(ctx, newRequestEvent(), responseWriter, badCSRReq) + responseBody := responseWriter.Body.String() + test.AssertContains(t, responseBody, "Error parsing certificate request") } func TestKeyRollover(t *testing.T) {