remove unused CheckCAA RPC

Helpful for #1486 and was already in my local repo.

core/va.go

@@ -9,7 +9,6 @@ package core
 type ValidationAuthority interface {
 	// [RegistrationAuthority]
 	UpdateValidations(Authorization, int) error
-	CheckCAARecords(AcmeIdentifier) (bool, bool, error)
 	IsSafeDomain(*IsSafeDomainRequest) (*IsSafeDomainResponse, error)
 }
 

ra/registration-authority_test.go

@@ -49,10 +49,6 @@ func (dva *DummyValidationAuthority) UpdateValidations(authz core.Authorization,
 	return
 }
 
-func (dva *DummyValidationAuthority) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error) {
-	return false, true, nil
-}
-
 func (dva *DummyValidationAuthority) IsSafeDomain(req *core.IsSafeDomainRequest) (*core.IsSafeDomainResponse, error) {
 	if dva.IsSafeDomainErr != nil {
 		return nil, dva.IsSafeDomainErr

rpc/rpc-wrappers.go

@@ -46,7 +46,6 @@ const (
 	MethodAdministrativelyRevokeCertificate = "AdministrativelyRevokeCertificate" // RA
 	MethodOnValidationUpdate                = "OnValidationUpdate"                // RA
 	MethodUpdateValidations                 = "UpdateValidations"                 // VA
-	MethodCheckCAARecords                   = "CheckCAARecords"                   // VA
 	MethodIsSafeDomain                      = "IsSafeDomain"                      // VA
 	MethodIssueCertificate                  = "IssueCertificate"                  // CA
 	MethodGenerateOCSP                      = "GenerateOCSP"                      // CA
@@ -533,32 +532,6 @@ func NewValidationAuthorityServer(rpc Server, impl core.ValidationAuthority) (er
 		return
 	})
 
-	rpc.Handle(MethodCheckCAARecords, func(req []byte) (response []byte, err error) {
-		var caaReq caaRequest
-		if err = json.Unmarshal(req, &caaReq); err != nil {
-			// AUDIT[ Improper Messages ] 0786b6f2-91ca-4f48-9883-842a19084c64
-			improperMessage(MethodCheckCAARecords, err, req)
-			return
-		}
-
-		present, valid, err := impl.CheckCAARecords(caaReq.Ident)
-		if err != nil {
-			return
-		}
-
-		var caaResp caaResponse
-		caaResp.Present = present
-		caaResp.Valid = valid
-		caaResp.Err = err
-		response, err = json.Marshal(caaResp)
-		if err != nil {
-			// AUDIT[ Error Conditions ] 9cc4d537-8534-4970-8665-4b382abe82f3
-			errorCondition(MethodCheckCAARecords, err, caaReq)
-			return
-		}
-		return
-	})
-
 	rpc.Handle(MethodIsSafeDomain, func(req []byte) ([]byte, error) {
 		r := &core.IsSafeDomainRequest{}
 		if err := json.Unmarshal(req, r); err != nil {
@@ -606,31 +579,6 @@ func (vac ValidationAuthorityClient) UpdateValidations(authz core.Authorization,
 	return nil
 }
 
-// CheckCAARecords sends a request to check CAA records
-func (vac ValidationAuthorityClient) CheckCAARecords(ident core.AcmeIdentifier) (present bool, valid bool, err error) {
-	var caaReq caaRequest
-	caaReq.Ident = ident
-	data, err := json.Marshal(caaReq)
-	if err != nil {
-		return
-	}
-
-	jsonResp, err := vac.rpc.DispatchSync(MethodCheckCAARecords, data)
-	if err != nil {
-		return
-	}
-
-	var caaResp caaResponse
-
-	err = json.Unmarshal(jsonResp, &caaResp)
-	if err != nil {
-		return
-	}
-	present = caaResp.Present
-	valid = caaResp.Valid
-	return
-}
-
 // IsSafeDomain returns true if the domain given is determined to be safe by an
 // third-party safe browsing API.
 func (vac ValidationAuthorityClient) IsSafeDomain(req *core.IsSafeDomainRequest) (*core.IsSafeDomainResponse, error) {

va/validation-authority.go

@@ -624,13 +624,6 @@ func (va *ValidationAuthorityImpl) getCAASet(ctx context.Context, hostname strin
 	return nil, nil
 }
 
-// CheckCAARecords verifies that, if the indicated subscriber domain has any CAA
-// records, they authorize the configured CA domain to issue a certificate
-func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error) {
-	// TODO(#1292): add a proper deadline here
-	return va.checkCAARecords(context.TODO(), identifier)
-}
-
 func (va *ValidationAuthorityImpl) checkCAARecords(ctx context.Context, identifier core.AcmeIdentifier) (present, valid bool, err error) {
 	hostname := strings.ToLower(identifier.Value)
 	caaSet, err := va.getCAASet(ctx, hostname)

va/validation-authority_test.go

@@ -688,11 +688,10 @@ func TestCAAChecking(t *testing.T) {
 	va.DNSResolver = &bdns.MockDNSResolver{}
 	va.IssuerDomain = "letsencrypt.org"
 	for _, caaTest := range tests {
-		present, valid, err := va.CheckCAARecords(core.AcmeIdentifier{Type: "dns", Value: caaTest.Domain})
+		present, valid, err := va.checkCAARecords(context.Background(), core.AcmeIdentifier{Type: "dns", Value: caaTest.Domain})
 		if err != nil {
 			t.Errorf("CheckCAARecords error for %s: %s", caaTest.Domain, err)
 		}
-		fmt.Println(caaTest.Domain, caaTest.Present == present, caaTest.Valid == valid)
 		if present != caaTest.Present {
 			t.Errorf("CheckCAARecords presence mismatch for %s: got %t expected %t", caaTest.Domain, present, caaTest.Present)
 		}
@@ -701,12 +700,12 @@ func TestCAAChecking(t *testing.T) {
 		}
 	}
 
-	present, valid, err := va.CheckCAARecords(core.AcmeIdentifier{Type: "dns", Value: "servfail.com"})
+	present, valid, err := va.checkCAARecords(context.Background(), core.AcmeIdentifier{Type: "dns", Value: "servfail.com"})
 	test.AssertError(t, err, "servfail.com")
 	test.Assert(t, !present, "Present should be false")
 	test.Assert(t, !valid, "Valid should be false")
 
-	_, _, err = va.CheckCAARecords(core.AcmeIdentifier{Type: "dns", Value: "servfail.com"})
+	_, _, err = va.checkCAARecords(context.Background(), core.AcmeIdentifier{Type: "dns", Value: "servfail.com"})
 	if err == nil {
 		t.Errorf("Should have returned error on CAA lookup, but did not: %s", "servfail.com")
 	}