letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow authz creation in absence of GSB response. (#2972) 

This commit updates the VA's `IsSafeDomain` RPC to treat errors from the
Google Safe Browsing client as a positive response. Subsequently the VA
will only block authz creation in the case that the GSB API returns
a true negative (e.g. confirms an unsafe domain). If the database is in
an inconsistent state due to an API outage we will allow the authz to be
created.
This commit is contained in:
Daniel McCarney 2017-08-11 14:22:53 -04:00 committed by Roland Bracewell Shoemaker
parent 6a6a6537aa
commit 2bc7b604bd
2 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
va/gsb.go
View File

@ -40,17 +40,23 @@ func (va *ValidationAuthorityImpl) IsSafeDomain(ctx context.Context, req *vaPB.I
return &vaPB.IsDomainSafe{IsSafe: &status}, nil
}
var status bool
list, err := va.safeBrowsing.IsListed(*req.Domain)
if err != nil {
stats.Inc("IsSafeDomain.Errors", 1)
return nil, err
}
// In the event of an error checking the GSB status we allow the domain in
// question to be treated as safe to avoid coupling the availability of the
// VA to the GSB API. This is acceptable for Let's Encrypt because we do not
// have a hard commitment to GSB filtering in our CP/CPS.
status = true
} else {
stats.Inc("IsSafeDomain.Successes", 1)
status := (list == "")
status = (list == "")
if status {
stats.Inc("IsSafeDomain.Status.Good", 1)
} else {
stats.Inc("IsSafeDomain.Status.Bad", 1)
}
}
return &vaPB.IsDomainSafe{IsSafe: &status}, nil
}

10
va/gsb_test.go
View File

@ -58,13 +58,15 @@ func TestIsSafeDomain(t *testing.T) {
t.Errorf("bad.com: want false, got %t", resp.GetIsSafe())
}
// If there is an error looking up a domain (e.g. because of a GSB outage),
// then we expect the VA to allow the authz to be created without error.
domain = "errorful.com"
resp, err = va.IsSafeDomain(ctx, &vaPB.IsSafeDomainRequest{Domain: &domain})
if err == nil {
t.Errorf("errorful.com: want error, got none")
if err != nil {
t.Errorf("errorful.com: want no error, got %v", resp)
}
if resp != nil {
t.Errorf("errorful.com: want resp == nil, got %v", resp)
if !resp.GetIsSafe() {
t.Errorf("errorful.com: want true, got %t", resp.GetIsSafe())
}
}