From edc3c7fa6d641dfa4325479a60286e8cad8bbd2d Mon Sep 17 00:00:00 2001 From: James Renken Date: Fri, 14 Mar 2025 10:59:38 -0700 Subject: [PATCH] Shorten "identifier(s)" in variable names & function arguments (#8066) For consistency, and to prevent confusion with the `identifier` package, use "ident(s)" instead. Part of #7311 --- cmd/admin/pause_identifier.go | 26 ++++++------ core/util_test.go | 4 +- csr/csr_test.go | 2 +- grpc/pb-marshalling_test.go | 6 +-- pkcs11helpers/helpers.go | 4 +- sa/sa.go | 20 +++++----- sa/saro.go | 12 +++--- sfe/sfe.go | 12 +++--- unpause/unpause.go | 5 ++- unpause/unpause_test.go | 75 ++++++++++++++++++----------------- wfe2/wfe.go | 10 ++--- 11 files changed, 89 insertions(+), 87 deletions(-) diff --git a/cmd/admin/pause_identifier.go b/cmd/admin/pause_identifier.go index 6ccd5fe38..ffeaf4805 100644 --- a/cmd/admin/pause_identifier.go +++ b/cmd/admin/pause_identifier.go @@ -39,12 +39,12 @@ func (p *subcommandPauseIdentifier) Run(ctx context.Context, a *admin) error { return errors.New("the -batch-file flag is required") } - identifiers, err := a.readPausedAccountFile(p.batchFile) + idents, err := a.readPausedAccountFile(p.batchFile) if err != nil { return err } - _, err = a.pauseIdentifiers(ctx, identifiers, p.parallelism) + _, err = a.pauseIdentifiers(ctx, idents, p.parallelism) if err != nil { return err } @@ -60,19 +60,19 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa return nil, errors.New("cannot pause identifiers because no pauseData was sent") } - accountToIdentifiers := make(map[int64][]*corepb.Identifier) + accountToIdents := make(map[int64][]*corepb.Identifier) for _, entry := range entries { - accountToIdentifiers[entry.accountID] = append(accountToIdentifiers[entry.accountID], &corepb.Identifier{ + accountToIdents[entry.accountID] = append(accountToIdents[entry.accountID], &corepb.Identifier{ Type: string(entry.identifierType), Value: entry.identifierValue, }) } var errCount atomic.Uint64 - respChan := make(chan *sapb.PauseIdentifiersResponse, len(accountToIdentifiers)) + respChan := make(chan *sapb.PauseIdentifiersResponse, len(accountToIdents)) work := make(chan struct { - accountID int64 - identifiers []*corepb.Identifier + accountID int64 + idents []*corepb.Identifier }, parallelism) var wg sync.WaitGroup @@ -83,11 +83,11 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa for data := range work { response, err := a.sac.PauseIdentifiers(ctx, &sapb.PauseRequest{ RegistrationID: data.accountID, - Identifiers: data.identifiers, + Identifiers: data.idents, }) if err != nil { errCount.Add(1) - a.log.Errf("error pausing identifier(s) %q for account %d: %v", data.identifiers, data.accountID, err) + a.log.Errf("error pausing identifier(s) %q for account %d: %v", data.idents, data.accountID, err) } else { respChan <- response } @@ -95,11 +95,11 @@ func (a *admin) pauseIdentifiers(ctx context.Context, entries []pauseCSVData, pa }() } - for accountID, identifiers := range accountToIdentifiers { + for accountID, idents := range accountToIdents { work <- struct { - accountID int64 - identifiers []*corepb.Identifier - }{accountID, identifiers} + accountID int64 + idents []*corepb.Identifier + }{accountID, idents} } close(work) wg.Wait() diff --git a/core/util_test.go b/core/util_test.go index be4331908..7ba423c47 100644 --- a/core/util_test.go +++ b/core/util_test.go @@ -256,7 +256,7 @@ func TestUniqueLowerNames(t *testing.T) { } func TestNormalizeIdentifiers(t *testing.T) { - identifiers := []identifier.ACMEIdentifier{ + idents := []identifier.ACMEIdentifier{ {Type: "DNS", Value: "foobar.com"}, {Type: "DNS", Value: "fooBAR.com"}, {Type: "DNS", Value: "baz.com"}, @@ -271,7 +271,7 @@ func TestNormalizeIdentifiers(t *testing.T) { {Type: "DNS", Value: "baz.com"}, {Type: "DNS", Value: "foobar.com"}, } - u := NormalizeIdentifiers(identifiers) + u := NormalizeIdentifiers(idents) test.AssertDeepEquals(t, expected, u) } diff --git a/csr/csr_test.go b/csr/csr_test.go index 8680da6ba..f95377876 100644 --- a/csr/csr_test.go +++ b/csr/csr_test.go @@ -22,7 +22,7 @@ import ( type mockPA struct{} -func (pa *mockPA) ChallengeTypesFor(identifier identifier.ACMEIdentifier) ([]core.AcmeChallenge, error) { +func (pa *mockPA) ChallengeTypesFor(ident identifier.ACMEIdentifier) ([]core.AcmeChallenge, error) { return []core.AcmeChallenge{}, nil } diff --git a/grpc/pb-marshalling_test.go b/grpc/pb-marshalling_test.go index 3273eeab3..71c12d6a9 100644 --- a/grpc/pb-marshalling_test.go +++ b/grpc/pb-marshalling_test.go @@ -227,7 +227,7 @@ func TestRegistration(t *testing.T) { func TestAuthz(t *testing.T) { exp := time.Now().AddDate(0, 0, 1).UTC() - identifier := identifier.NewDNS("example.com") + ident := identifier.NewDNS("example.com") challA := core.Challenge{ Type: core.ChallengeTypeDNS01, Status: core.StatusPending, @@ -240,7 +240,7 @@ func TestAuthz(t *testing.T) { } inAuthz := core.Authorization{ ID: "1", - Identifier: identifier, + Identifier: ident, RegistrationID: 5, Status: core.StatusPending, Expires: &exp, @@ -254,7 +254,7 @@ func TestAuthz(t *testing.T) { inAuthzNilExpires := core.Authorization{ ID: "1", - Identifier: identifier, + Identifier: ident, RegistrationID: 5, Status: core.StatusPending, Expires: nil, diff --git a/pkcs11helpers/helpers.go b/pkcs11helpers/helpers.go index 173123e17..4c02146d8 100644 --- a/pkcs11helpers/helpers.go +++ b/pkcs11helpers/helpers.go @@ -235,7 +235,7 @@ const ( // Hash identifiers required for PKCS#11 RSA signing. Only support SHA-256, SHA-384, // and SHA-512 -var hashIdentifiers = map[crypto.Hash][]byte{ +var hashIdents = map[crypto.Hash][]byte{ crypto.SHA256: {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}, crypto.SHA384: {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}, crypto.SHA512: {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}, @@ -250,7 +250,7 @@ func (s *Session) Sign(object pkcs11.ObjectHandle, keyType keyType, digest []byt switch keyType { case RSAKey: mech[0] = pkcs11.NewMechanism(pkcs11.CKM_RSA_PKCS, nil) - prefix, ok := hashIdentifiers[hash] + prefix, ok := hashIdents[hash] if !ok { return nil, errors.New("unsupported hash function") } diff --git a/sa/sa.go b/sa/sa.go index bc1cc5cad..594fde798 100644 --- a/sa/sa.go +++ b/sa/sa.go @@ -1324,17 +1324,17 @@ func (ssa *SQLStorageAuthority) PauseIdentifiers(ctx context.Context, req *sapb. } // Marshal the identifier now that we've crossed the RPC boundary. - identifiers, err := newIdentifierModelsFromPB(req.Identifiers) + idents, err := newIdentifierModelsFromPB(req.Identifiers) if err != nil { return nil, err } response := &sapb.PauseIdentifiersResponse{} _, err = db.WithTransaction(ctx, ssa.dbMap, func(tx db.Executor) (interface{}, error) { - for _, identifier := range identifiers { + for _, ident := range idents { pauseError := func(op string, err error) error { return fmt.Errorf("while %s identifier %s for registration ID %d: %w", - op, identifier.Value, req.RegistrationID, err, + op, ident.Value, req.RegistrationID, err, ) } @@ -1347,8 +1347,8 @@ func (ssa *SQLStorageAuthority) PauseIdentifiers(ctx context.Context, req *sapb. identifierType = ? AND identifierValue = ?`, req.RegistrationID, - identifier.Type, - identifier.Value, + ident.Type, + ident.Value, ) switch { @@ -1362,8 +1362,8 @@ func (ssa *SQLStorageAuthority) PauseIdentifiers(ctx context.Context, req *sapb. RegistrationID: req.RegistrationID, PausedAt: ssa.clk.Now().Truncate(time.Second), identifierModel: identifierModel{ - Type: identifier.Type, - Value: identifier.Value, + Type: ident.Type, + Value: ident.Value, }, }) if err != nil && !db.IsDuplicate(err) { @@ -1395,8 +1395,8 @@ func (ssa *SQLStorageAuthority) PauseIdentifiers(ctx context.Context, req *sapb. unpausedAt IS NOT NULL`, ssa.clk.Now().Truncate(time.Second), req.RegistrationID, - identifier.Type, - identifier.Value, + ident.Type, + ident.Value, ) if err != nil { return nil, pauseError("repausing", err) @@ -1409,7 +1409,7 @@ func (ssa *SQLStorageAuthority) PauseIdentifiers(ctx context.Context, req *sapb. default: // This indicates a database state which should never occur. return nil, fmt.Errorf("impossible database state encountered while pausing identifier %s", - identifier.Value, + ident.Value, ) } } diff --git a/sa/saro.go b/sa/saro.go index 6bdf4e876..da800f912 100644 --- a/sa/saro.go +++ b/sa/saro.go @@ -1155,19 +1155,19 @@ func (ssa *SQLStorageAuthorityRO) CheckIdentifiersPaused(ctx context.Context, re return nil, errIncompleteRequest } - identifiers, err := newIdentifierModelsFromPB(req.Identifiers) + idents, err := newIdentifierModelsFromPB(req.Identifiers) if err != nil { return nil, err } - if len(identifiers) == 0 { + if len(idents) == 0 { // No identifier values to check. return nil, nil } - identifiersByType := map[uint8][]string{} - for _, id := range identifiers { - identifiersByType[id.Type] = append(identifiersByType[id.Type], id.Value) + identsByType := map[uint8][]string{} + for _, id := range idents { + identsByType[id.Type] = append(identsByType[id.Type], id.Value) } // Build a query to retrieve up to 15 paused identifiers using OR clauses @@ -1187,7 +1187,7 @@ func (ssa *SQLStorageAuthorityRO) CheckIdentifiersPaused(ctx context.Context, re var conditions []string args := []interface{}{req.RegistrationID} - for idType, values := range identifiersByType { + for idType, values := range identsByType { conditions = append(conditions, fmt.Sprintf("identifierType = ? AND identifierValue IN (%s)", db.QuestionMarks(len(values)), diff --git a/sfe/sfe.go b/sfe/sfe.go index ee8b5f939..370646597 100644 --- a/sfe/sfe.go +++ b/sfe/sfe.go @@ -152,7 +152,7 @@ func (sfe *SelfServiceFrontEndImpl) BuildID(response http.ResponseWriter, reques func (sfe *SelfServiceFrontEndImpl) UnpauseForm(response http.ResponseWriter, request *http.Request) { incomingJWT := request.URL.Query().Get("jwt") - accountID, identifiers, err := sfe.parseUnpauseJWT(incomingJWT) + accountID, idents, err := sfe.parseUnpauseJWT(incomingJWT) if err != nil { if errors.Is(err, jwt.ErrExpired) { // JWT expired before the Subscriber visited the unpause page. @@ -170,14 +170,14 @@ func (sfe *SelfServiceFrontEndImpl) UnpauseForm(response http.ResponseWriter, re } type tmplData struct { - PostPath string - JWT string - AccountID int64 - Identifiers []string + PostPath string + JWT string + AccountID int64 + Idents []string } // Present the unpause form to the Subscriber. - sfe.renderTemplate(response, "unpause-form.html", tmplData{unpausePostForm, incomingJWT, accountID, identifiers}) + sfe.renderTemplate(response, "unpause-form.html", tmplData{unpausePostForm, incomingJWT, accountID, idents}) } // UnpauseSubmit serves a page showing the result of the unpause form submission. diff --git a/unpause/unpause.go b/unpause/unpause.go index f88b589f1..72cde8a15 100644 --- a/unpause/unpause.go +++ b/unpause/unpause.go @@ -10,6 +10,7 @@ import ( "github.com/go-jose/go-jose/v4" "github.com/go-jose/go-jose/v4/jwt" "github.com/jmhodges/clock" + "github.com/letsencrypt/boulder/cmd" ) @@ -70,7 +71,7 @@ type JWTClaims struct { } // GenerateJWT generates a serialized unpause JWT with the provided claims. -func GenerateJWT(signer JWTSigner, regID int64, identifiers []string, lifetime time.Duration, clk clock.Clock) (string, error) { +func GenerateJWT(signer JWTSigner, regID int64, idents []string, lifetime time.Duration, clk clock.Clock) (string, error) { claims := JWTClaims{ Claims: jwt.Claims{ Issuer: defaultIssuer, @@ -81,7 +82,7 @@ func GenerateJWT(signer JWTSigner, regID int64, identifiers []string, lifetime t Expiry: jwt.NewNumericDate(clk.Now().Add(lifetime)), }, V: APIVersion, - I: strings.Join(identifiers, ","), + I: strings.Join(idents, ","), } serialized, err := jwt.Signed(signer).Claims(&claims).Serialize() diff --git a/unpause/unpause_test.go b/unpause/unpause_test.go index 3d72ca583..eeffd5529 100644 --- a/unpause/unpause_test.go +++ b/unpause/unpause_test.go @@ -6,6 +6,7 @@ import ( "github.com/go-jose/go-jose/v4/jwt" "github.com/jmhodges/clock" + "github.com/letsencrypt/boulder/cmd" "github.com/letsencrypt/boulder/test" ) @@ -21,12 +22,12 @@ func TestUnpauseJWT(t *testing.T) { test.AssertNotError(t, err, "unexpected error from Load()") type args struct { - key []byte - version string - account int64 - identifiers []string - lifetime time.Duration - clk clock.Clock + key []byte + version string + account int64 + idents []string + lifetime time.Duration + clk clock.Clock } tests := []struct { @@ -39,12 +40,12 @@ func TestUnpauseJWT(t *testing.T) { { name: "valid one identifier", args: args{ - key: hmacKey, - version: APIVersion, - account: 1234567890, - identifiers: []string{"example.com"}, - lifetime: time.Hour, - clk: fc, + key: hmacKey, + version: APIVersion, + account: 1234567890, + idents: []string{"example.com"}, + lifetime: time.Hour, + clk: fc, }, want: JWTClaims{ Claims: jwt.Claims{ @@ -62,12 +63,12 @@ func TestUnpauseJWT(t *testing.T) { { name: "valid multiple identifiers", args: args{ - key: hmacKey, - version: APIVersion, - account: 1234567890, - identifiers: []string{"example.com", "example.org", "example.net"}, - lifetime: time.Hour, - clk: fc, + key: hmacKey, + version: APIVersion, + account: 1234567890, + idents: []string{"example.com", "example.org", "example.net"}, + lifetime: time.Hour, + clk: fc, }, want: JWTClaims{ Claims: jwt.Claims{ @@ -85,12 +86,12 @@ func TestUnpauseJWT(t *testing.T) { { name: "invalid no account", args: args{ - key: hmacKey, - version: APIVersion, - account: 0, - identifiers: []string{"example.com"}, - lifetime: time.Hour, - clk: fc, + key: hmacKey, + version: APIVersion, + account: 0, + idents: []string{"example.com"}, + lifetime: time.Hour, + clk: fc, }, want: JWTClaims{}, wantGenerateJWTErr: false, @@ -102,12 +103,12 @@ func TestUnpauseJWT(t *testing.T) { // the key is loaded to initialize a signer. name: "invalid key too small", args: args{ - key: []byte("key"), - version: APIVersion, - account: 1234567890, - identifiers: []string{"example.com"}, - lifetime: time.Hour, - clk: fc, + key: []byte("key"), + version: APIVersion, + account: 1234567890, + idents: []string{"example.com"}, + lifetime: time.Hour, + clk: fc, }, want: JWTClaims{}, wantGenerateJWTErr: false, @@ -116,12 +117,12 @@ func TestUnpauseJWT(t *testing.T) { { name: "invalid no identifiers", args: args{ - key: hmacKey, - version: APIVersion, - account: 1234567890, - identifiers: nil, - lifetime: time.Hour, - clk: fc, + key: hmacKey, + version: APIVersion, + account: 1234567890, + idents: nil, + lifetime: time.Hour, + clk: fc, }, want: JWTClaims{}, wantGenerateJWTErr: false, @@ -131,7 +132,7 @@ func TestUnpauseJWT(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - token, err := GenerateJWT(signer, tt.args.account, tt.args.identifiers, tt.args.lifetime, tt.args.clk) + token, err := GenerateJWT(signer, tt.args.account, tt.args.idents, tt.args.lifetime, tt.args.clk) if tt.wantGenerateJWTErr { test.AssertError(t, err, "expected error from GenerateJWT()") return diff --git a/wfe2/wfe.go b/wfe2/wfe.go index 559d97b4f..c98820931 100644 --- a/wfe2/wfe.go +++ b/wfe2/wfe.go @@ -2194,10 +2194,10 @@ func (wfe *WebFrontEndImpl) validateCertificateProfileName(profile string) error } func (wfe *WebFrontEndImpl) checkIdentifiersPaused(ctx context.Context, orderIdentifiers []identifier.ACMEIdentifier, regID int64) ([]string, error) { - uniqueOrderIdentifiers := core.NormalizeIdentifiers(orderIdentifiers) - var identifiers []*corepb.Identifier - for _, ident := range uniqueOrderIdentifiers { - identifiers = append(identifiers, &corepb.Identifier{ + uniqueOrderIdents := core.NormalizeIdentifiers(orderIdentifiers) + var idents []*corepb.Identifier + for _, ident := range uniqueOrderIdents { + idents = append(idents, &corepb.Identifier{ Type: string(ident.Type), Value: ident.Value, }) @@ -2205,7 +2205,7 @@ func (wfe *WebFrontEndImpl) checkIdentifiersPaused(ctx context.Context, orderIde paused, err := wfe.sa.CheckIdentifiersPaused(ctx, &sapb.PauseRequest{ RegistrationID: regID, - Identifiers: identifiers, + Identifiers: idents, }) if err != nil { return nil, err