New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ACMEv2 - Errors during finalization leave order stuck processing. #3403

Closed
cpu opened this Issue Jan 27, 2018 · 0 comments

Comments

Projects
None yet
2 participants
@cpu
Member

cpu commented Jan 27, 2018

When a user POSTs an order's finalization URL the RA eventually invokes ra.SA.SetOrderProcessing to mark the order as status processing (or to set BeganProcessing once #3402 has landed). If an error occurs after this point when calling ra.issueCertificate to get the CA to create a certificate, or when calling ra.SA.FinalizeOrder to write the certificate serial & valid order status to the DB, then the order remains stuck in status processing. You can't POST finalize again because the RA only allows pending orders to be switched to processing.

This can also happen in the case where the order isn't fully authorized yet. We set the order to processing before issueCertificate where the authorization state is checked.

The most conservative answer is probably to set the order to an invalid status when this occurs and require the client to submit a new order that will reuse the valid authorizations that existed from the failed order. Allowing finalization of already processing orders breaks the semantics we established for RA->CA order processing. Switching the order back to pending also seems fraught with potentially significant consequences. This is Yet Another fun side-effect of order based issuance :-(

Relates to #3392 - the transient errors specific to the staging env cause 500s during finalization and can provoke this problem.

@jsha jsha assigned cpu Jan 30, 2018

@jsha jsha added this to the Sprint 2018-01-30 milestone Jan 30, 2018

@cpu cpu closed this in #3404 Feb 7, 2018

cpu added a commit that referenced this issue Feb 7, 2018

Handle order finalization errors. (#3404)
This commit resolves the case where an error during finalization occurs.
Prior to this commit if an error (expected or otherwise) occurred after
setting an order to status processing at the start of order
finalization the order would be stuck processing forever.

The SA now has a `SetOrderError` RPC that can be used by the RA to
persist an error onto an order. The order status calculation can use
this error to decide if the order is invalid. The WFE is updated to
write the error to the order JSON when displaying the order information.

Prior to this commit the order protobuf had the error field as
a `[]byte`. It doesn't seem like this is the right decision, we have
a specific protobuf type for ProblemDetails and so this commit switches
the error field to use it. The conversion to/from `[]byte` is done with
the model by the SA.

An integration test is included that prior to this commit left an order
in a stuck processing state. With this commit the integration test
passes as expected.

Resolves #3403
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment