Update VA RPCs to proto3 (#5005)

This updates va.proto to use proto3 syntax, and updates all clients of the autogenerated code to use the new types. In particular, it removes indirection from built-in types (proto3 uses ints, rather than pointers to ints, for example). Depends on #5003 Fixes #4956
2020-08-17 15:20:51 -07:00 · 2020-08-17 15:20:51 -07:00 · 8556d8a801
parent 7e57a788d5
commit 8556d8a801
8 changed files with 73 additions and 77 deletions
--- a/ra/ra.go
+++ b/ra/ra.go
@ -844,9 +844,9 @@ func (ra *RegistrationAuthorityImpl) recheckCAA(ctx context.Context, authzs []*c
 			}
 			resp, err := ra.caa.IsCAAValid(ctx, &vapb.IsCAAValidRequest{
-				Domain:           &name,
+				Domain:           name,
-				ValidationMethod: &method,
+				ValidationMethod: method,
-				AccountURIID:     &authz.RegistrationID,
+				AccountURIID:     authz.RegistrationID,
 			})
 			if err != nil {
 				ra.log.AuditErrf("Rechecking CAA: %s", err)
@ -1613,11 +1613,11 @@ func (ra *RegistrationAuthorityImpl) PerformValidation(
 		chall, _ := bgrpc.ChallengeToPB(authz.Challenges[challIndex])
 		req := vapb.PerformValidationRequest{
-			Domain:    &authz.Identifier.Value,
+			Domain:    authz.Identifier.Value,
 			Challenge: chall,
 			Authz: &vapb.AuthzMeta{
-				Id:    &authz.ID,
+				Id:    authz.ID,
-				RegID: &authz.RegistrationID,
+				RegID: authz.RegistrationID,
 			},
 		}
 		res, err := ra.VA.PerformValidation(vaCtx, &req)
--- a/ra/ra_test.go
+++ b/ra/ra_test.go
@ -1850,7 +1850,7 @@ func (cr *caaRecorder) IsCAAValid(
 ) (*vapb.IsCAAValidResponse, error) {
 	cr.Lock()
 	defer cr.Unlock()
-	cr.names[*in.Domain] = true
+	cr.names[in.Domain] = true
 	return &vapb.IsCAAValidResponse{}, nil
 }
@ -1969,7 +1969,7 @@ func (cf *caaFailer) IsCAAValid(
 	opts ...grpc.CallOption,
 ) (*vapb.IsCAAValidResponse, error) {
 	cvrpb := &vapb.IsCAAValidResponse{}
-	switch *in.Domain {
+	switch in.Domain {
 	case "a.com":
 		cvrpb.Problem = &corepb.ProblemDetails{
 			Detail: proto.String("CAA invalid for a.com"),
--- a/va/caa.go
+++ b/va/caa.go
@ -16,14 +16,14 @@ import (
 )
 type caaParams struct {
-	accountURIID     *int64
+	accountURIID     int64
-	validationMethod *string
+	validationMethod string
 }
 func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsCAAValidRequest) (*vapb.IsCAAValidResponse, error) {
 	acmeID := identifier.ACMEIdentifier{
 		Type:  identifier.DNS,
-		Value: *req.Domain,
+		Value: req.Domain,
 	}
 	params := &caaParams{
 		accountURIID:     req.AccountURIID,
@ -31,7 +31,7 @@ func (va *ValidationAuthorityImpl) IsCAAValid(ctx context.Context, req *vapb.IsC
 	}
 	if prob := va.checkCAA(ctx, acmeID, params); prob != nil {
 		typ := string(prob.Type)
-		detail := fmt.Sprintf("While processing CAA for %s: %s", *req.Domain, prob.Detail)
+		detail := fmt.Sprintf("While processing CAA for %s: %s", req.Domain, prob.Detail)
 		return &vapb.IsCAAValidResponse{
 			Problem: &corepb.ProblemDetails{
 				ProblemType: &typ,
@ -59,11 +59,11 @@ func (va *ValidationAuthorityImpl) checkCAA(
 	}
 	accountID, validationMethod := "unknown", "unknown"
-	if params.accountURIID != nil && *params.accountURIID != 0 {
+	if params.accountURIID != 0 {
-		accountID = fmt.Sprintf("%d", *params.accountURIID)
+		accountID = fmt.Sprintf("%d", params.accountURIID)
 	}
-	if params.validationMethod != nil && *params.validationMethod != "" {
+	if params.validationMethod != "" {
-		validationMethod = *params.validationMethod
+		validationMethod = params.validationMethod
 	}
 	va.log.AuditInfof("Checked CAA records for %s, [Present: %t, Account ID: %s, Challenge: %s, Valid for issuance: %t] Records=%s",
@ -265,10 +265,10 @@ func (va *ValidationAuthorityImpl) validateCAASet(caaSet *CAASet, wildcard bool,
 			// https://tools.ietf.org/html/draft-ietf-acme-caa-04
 			caaAccountURI, ok := caaParameters["accounturi"]
 			if ok {
-				if params.accountURIID == nil {
+				if params.accountURIID == 0 {
 					continue
 				}
-				if !checkAccountURI(caaAccountURI, va.accountURIPrefixes, *params.accountURIID) {
+				if !checkAccountURI(caaAccountURI, va.accountURIPrefixes, params.accountURIID) {
 					continue
 				}
 			}
@ -279,10 +279,10 @@ func (va *ValidationAuthorityImpl) validateCAASet(caaSet *CAASet, wildcard bool,
 			// https://tools.ietf.org/html/draft-ietf-acme-caa-04
 			caaMethods, ok := caaParameters["validationmethods"]
 			if ok {
-				if params.validationMethod == nil {
+				if params.validationMethod == "" {
 					continue
 				}
-				if !containsMethod(caaMethods, *params.validationMethod) {
+				if !containsMethod(caaMethods, params.validationMethod) {
 					continue
 				}
 			}
--- a/va/caa_test.go
+++ b/va/caa_test.go
@ -392,7 +392,7 @@ func TestCAAChecking(t *testing.T) {
 	accountURIID := int64(123)
 	method := "http-01"
-	params := &caaParams{accountURIID: &accountURIID, validationMethod: &method}
+	params := &caaParams{accountURIID: accountURIID, validationMethod: method}
 	va, _ := setup(nil, 0, "", nil)
 	if err := features.Set(map[string]bool{"CAAValidationMethods": true, "CAAAccountURI": true}); err != nil {
@ -533,10 +533,9 @@ func TestCAALogging(t *testing.T) {
 			mockLog := va.log.(*blog.Mock)
 			mockLog.Clear()
 			validationMethod := string(tc.ChallengeType)
 			params := &caaParams{
-				accountURIID:     &tc.AccountURIID,
+				accountURIID:     tc.AccountURIID,
-				validationMethod: &validationMethod,
+				validationMethod: string(tc.ChallengeType),
 			}
 			_ = va.checkCAA(ctx, identifier.ACMEIdentifier{Type: identifier.DNS, Value: tc.Domain}, params)
@ -561,7 +560,7 @@ func TestIsCAAValidErrMessage(t *testing.T) {
 	// caaMockDNS.
 	domain := "caa-timeout.com"
 	resp, err := va.IsCAAValid(ctx, &vapb.IsCAAValidRequest{
-		Domain: &domain,
+		Domain: domain,
 	})
 	// The lookup itself should not return an error
--- a/va/proto/va.pb.go
+++ b/va/proto/va.pb.go
@ -36,9 +36,9 @@ type IsCAAValidRequest struct {
 	unknownFields protoimpl.UnknownFields
 	// NOTE: Domain may be a name with a wildcard prefix (e.g. `*.example.com`)
-	Domain           *string `protobuf:"bytes,1,opt,name=domain" json:"domain,omitempty"`
+	Domain           string `protobuf:"bytes,1,opt,name=domain,proto3" json:"domain,omitempty"`
-	ValidationMethod *string `protobuf:"bytes,2,opt,name=validationMethod" json:"validationMethod,omitempty"`
+	ValidationMethod string `protobuf:"bytes,2,opt,name=validationMethod,proto3" json:"validationMethod,omitempty"`
-	AccountURIID     *int64  `protobuf:"varint,3,opt,name=accountURIID" json:"accountURIID,omitempty"`
+	AccountURIID     int64  `protobuf:"varint,3,opt,name=accountURIID,proto3" json:"accountURIID,omitempty"`
 }
 func (x *IsCAAValidRequest) Reset() {
@ -74,22 +74,22 @@ func (*IsCAAValidRequest) Descriptor() ([]byte, []int) {
 }
 func (x *IsCAAValidRequest) GetDomain() string {
-	if x != nil && x.Domain != nil {
+	if x != nil {
-		return *x.Domain
+		return x.Domain
 	}
 	return ""
 }
 func (x *IsCAAValidRequest) GetValidationMethod() string {
-	if x != nil && x.ValidationMethod != nil {
+	if x != nil {
-		return *x.ValidationMethod
+		return x.ValidationMethod
 	}
 	return ""
 }
 func (x *IsCAAValidRequest) GetAccountURIID() int64 {
-	if x != nil && x.AccountURIID != nil {
+	if x != nil {
-		return *x.AccountURIID
+		return x.AccountURIID
 	}
 	return 0
 }
@ -100,7 +100,7 @@ type IsCAAValidResponse struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
-	Problem *proto1.ProblemDetails `protobuf:"bytes,1,opt,name=problem" json:"problem,omitempty"`
+	Problem *proto1.ProblemDetails `protobuf:"bytes,1,opt,name=problem,proto3" json:"problem,omitempty"`
 }
 func (x *IsCAAValidResponse) Reset() {
@ -147,9 +147,9 @@ type PerformValidationRequest struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
-	Domain    *string           `protobuf:"bytes,1,opt,name=domain" json:"domain,omitempty"`
+	Domain    string            `protobuf:"bytes,1,opt,name=domain,proto3" json:"domain,omitempty"`
-	Challenge *proto1.Challenge `protobuf:"bytes,2,opt,name=challenge" json:"challenge,omitempty"`
+	Challenge *proto1.Challenge `protobuf:"bytes,2,opt,name=challenge,proto3" json:"challenge,omitempty"`
-	Authz     *AuthzMeta        `protobuf:"bytes,3,opt,name=authz" json:"authz,omitempty"`
+	Authz     *AuthzMeta        `protobuf:"bytes,3,opt,name=authz,proto3" json:"authz,omitempty"`
 }
 func (x *PerformValidationRequest) Reset() {
@ -185,8 +185,8 @@ func (*PerformValidationRequest) Descriptor() ([]byte, []int) {
 }
 func (x *PerformValidationRequest) GetDomain() string {
-	if x != nil && x.Domain != nil {
+	if x != nil {
-		return *x.Domain
+		return x.Domain
 	}
 	return ""
 }
@ -210,8 +210,8 @@ type AuthzMeta struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
-	Id    *string `protobuf:"bytes,1,opt,name=id" json:"id,omitempty"`
+	Id    string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
-	RegID *int64  `protobuf:"varint,2,opt,name=regID" json:"regID,omitempty"`
+	RegID int64  `protobuf:"varint,2,opt,name=regID,proto3" json:"regID,omitempty"`
 }
 func (x *AuthzMeta) Reset() {
@ -247,15 +247,15 @@ func (*AuthzMeta) Descriptor() ([]byte, []int) {
 }
 func (x *AuthzMeta) GetId() string {
-	if x != nil && x.Id != nil {
+	if x != nil {
-		return *x.Id
+		return x.Id
 	}
 	return ""
 }
 func (x *AuthzMeta) GetRegID() int64 {
-	if x != nil && x.RegID != nil {
+	if x != nil {
-		return *x.RegID
+		return x.RegID
 	}
 	return 0
 }
@ -265,8 +265,8 @@ type ValidationResult struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
-	Records  []*proto1.ValidationRecord `protobuf:"bytes,1,rep,name=records" json:"records,omitempty"`
+	Records  []*proto1.ValidationRecord `protobuf:"bytes,1,rep,name=records,proto3" json:"records,omitempty"`
-	Problems *proto1.ProblemDetails     `protobuf:"bytes,2,opt,name=problems" json:"problems,omitempty"`
+	Problems *proto1.ProblemDetails     `protobuf:"bytes,2,opt,name=problems,proto3" json:"problems,omitempty"`
 }
 func (x *ValidationResult) Reset() {
@ -364,7 +364,7 @@ var file_va_proto_va_proto_rawDesc = []byte{
 	0x69, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x29, 0x5a, 0x27,
 	0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65,
 	0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x76,
-	0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
--- a/va/proto/va.proto
+++ b/va/proto/va.proto
@ -1,4 +1,4 @@
-syntax = "proto2";
+syntax = "proto3";
 package va;
 option go_package = "github.com/letsencrypt/boulder/va/proto";
@ -15,28 +15,28 @@ service CAA {
 message IsCAAValidRequest {
  // NOTE: Domain may be a name with a wildcard prefix (e.g. `*.example.com`)
-  optional string domain = 1;
+  string domain = 1;
-  optional string validationMethod = 2;
+  string validationMethod = 2;
-  optional int64 accountURIID = 3;
+  int64 accountURIID = 3;
 }
 // If CAA is valid for the requested domain, the problem will be empty
 message IsCAAValidResponse {
-  optional core.ProblemDetails problem = 1;
+  core.ProblemDetails problem = 1;
 }
 message PerformValidationRequest {
-  optional string domain = 1;
+  string domain = 1;
-  optional core.Challenge challenge = 2;
+  core.Challenge challenge = 2;
-  optional AuthzMeta authz = 3;
+  AuthzMeta authz = 3;
 }
 message AuthzMeta {
-  optional string id = 1;
+  string id = 1;
-  optional int64 regID = 2;
+  int64 regID = 2;
 }
 message ValidationResult {
  repeated core.ValidationRecord records = 1;
-  optional core.ProblemDetails problems = 2;
+  core.ProblemDetails problems = 2;
 }
--- a/va/va.go
+++ b/va/va.go
@ -330,10 +330,9 @@ func (va *ValidationAuthorityImpl) validate(
 	// `baseIdentifier`
 	ch := make(chan *probs.ProblemDetails, 1)
 	go func() {
 		validationMethod := string(challenge.Type)
 		params := &caaParams{
-			accountURIID:     &regid,
+			accountURIID:     regid,
-			validationMethod: &validationMethod,
+			validationMethod: string(challenge.Type),
 		}
 		ch <- va.checkCAA(ctx, identifier, params)
 	}()
@ -596,9 +595,9 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
 		return nil, berrors.InternalServerError("Incomplete validation request")
 	}
 	logEvent := verificationRequestEvent{
-		ID:        *req.Authz.Id,
+		ID:        req.Authz.Id,
-		Requester: *req.Authz.RegID,
+		Requester: req.Authz.RegID,
-		Hostname:  *req.Domain,
+		Hostname:  req.Domain,
 	}
 	vStart := va.clk.Now()
@ -613,7 +612,7 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
 		return nil, probs.ServerInternal("Challenge failed to deserialize")
 	}
-	records, prob := va.validate(ctx, identifier.DNSIdentifier(*req.Domain), *req.Authz.RegID, challenge)
+	records, prob := va.validate(ctx, identifier.DNSIdentifier(req.Domain), req.Authz.RegID, challenge)
 	challenge.ValidationRecord = records
 	localValidationLatency := time.Since(vStart)
@ -635,8 +634,8 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
 			// routine to avoid blocking the primary VA.
 			go func() {
 				_ = va.processRemoteResults(
-					*req.Domain,
+					req.Domain,
-					*req.Authz.RegID,
+					req.Authz.RegID,
 					string(challenge.Type),
 					prob,
 					remoteResults,
@ -648,8 +647,8 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
 			challenge.Status = core.StatusValid
 		} else if features.Enabled(features.EnforceMultiVA) {
 			remoteProb := va.processRemoteResults(
-				*req.Domain,
+				req.Domain,
-				*req.Authz.RegID,
+				req.Authz.RegID,
 				string(challenge.Type),
 				prob,
 				remoteResults,
@ -662,7 +661,7 @@ func (va *ValidationAuthorityImpl) PerformValidation(ctx context.Context, req *v
 				challenge.Error = remoteProb
 				logEvent.Error = remoteProb.Error()
 				va.log.Infof("Validation failed due to remote failures: identifier=%v err=%s",
-					*req.Domain, remoteProb)
+					req.Domain, remoteProb)
 				va.metrics.remoteValidationFailures.Inc()
 			} else {
 				challenge.Status = core.StatusValid
--- a/va/va_test.go
+++ b/va/va_test.go
@ -82,10 +82,8 @@ var accountURIPrefixes = []string{"http://boulder:4000/acme/reg/"}
 func createValidationRequest(domain string, challengeType core.AcmeChallenge) *vapb.PerformValidationRequest {
 	ctype := string(challengeType)
 	status := string(core.StatusPending)
 	authzID := ""
 	authzRegID := int64(0)
 	return &vapb.PerformValidationRequest{
-		Domain: &domain,
+		Domain: domain,
 		Challenge: &corepb.Challenge{
 			Type:              &ctype,
 			Status:            &status,
@ -94,8 +92,8 @@ func createValidationRequest(domain string, challengeType core.AcmeChallenge) *v
 			KeyAuthorization:  &expectedKeyAuthorization,
 		},
 		Authz: &vapb.AuthzMeta{
-			Id:    &authzID,
+			Id:    "",
-			RegID: &authzRegID,
+			RegID: 0,
 		},
 	}
 }