diff --git a/core/challenges.go b/core/challenges.go index 257582bb6..57c65059d 100644 --- a/core/challenges.go +++ b/core/challenges.go @@ -12,11 +12,12 @@ import ( ) func SimpleHTTPSChallenge() Challenge { + tls := true return Challenge{ Type: ChallengeTypeSimpleHTTPS, Status: StatusPending, Token: NewToken(), - TLS: true, + TLS: &tls, } } diff --git a/core/objects.go b/core/objects.go index 050604946..f82b6cd29 100644 --- a/core/objects.go +++ b/core/objects.go @@ -182,7 +182,7 @@ type Challenge struct { // Used by simpleHTTPS challenges Path string `json:"path,omitempty"` - TLS bool `json:"tls,omitempty"` + TLS *bool `json:"tls,omitempty"` // Used by dvsni challenges R string `json:"r,omitempty"` @@ -220,7 +220,7 @@ func (ch Challenge) IsSane(completed bool) bool { return false } // TLS should set set to true by default - if !ch.TLS { + if ch.TLS == nil || !*ch.TLS { return false } } @@ -234,7 +234,7 @@ func (ch Challenge) IsSane(completed bool) bool { } case ChallengeTypeDVSNI: // check extra fields aren't used - if ch.Path != "" || ch.Token != "" || ch.TLS { + if ch.Path != "" || ch.Token != "" || ch.TLS != nil { return false } @@ -284,8 +284,8 @@ func (ch Challenge) MergeResponse(resp Challenge) Challenge { ch.S = resp.S } - if !resp.TLS { - ch.TLS = false + if resp.TLS != nil { + ch.TLS = resp.TLS } return ch diff --git a/core/objects_test.go b/core/objects_test.go index 95059a2e2..b468da250 100644 --- a/core/objects_test.go +++ b/core/objects_test.go @@ -33,6 +33,7 @@ func TestRegistrationUupdate(t *testing.T) { } func TestSanityCheck(t *testing.T) { + tls := true chall := Challenge{Type: ChallengeTypeSimpleHTTPS, Status: StatusValid} test.Assert(t, !chall.IsSane(false), "IsSane should be false") chall.Status = StatusPending @@ -52,7 +53,7 @@ func TestSanityCheck(t *testing.T) { chall.Token = "KQqLsiS5j0CONR_eUXTUSUDNVaHODtc-0pD6ACif7U4" chall.Path = "" test.Assert(t, !chall.IsSane(false), "IsSane should be false") - chall.TLS = true + chall.TLS = &tls test.Assert(t, chall.IsSane(false), "IsSane should be true") test.Assert(t, !chall.IsSane(true), "IsSane should be false") @@ -72,7 +73,7 @@ func TestSanityCheck(t *testing.T) { chall = Challenge{Type: ChallengeTypeDVSNI, Status: StatusPending} chall.Path = "bad" chall.Token = "bad" - chall.TLS = true + chall.TLS = &tls test.Assert(t, !chall.IsSane(false), "IsSane should be false") chall = Challenge{Type: ChallengeTypeDVSNI, Status: StatusPending} test.Assert(t, !chall.IsSane(false), "IsSane should be false") diff --git a/va/validation-authority.go b/va/validation-authority.go index b7ee30559..621e7bd43 100644 --- a/va/validation-authority.go +++ b/va/validation-authority.go @@ -63,7 +63,7 @@ func (va ValidationAuthorityImpl) validateSimpleHTTPS(identifier core.AcmeIdenti } hostName := identifier.Value var protocol string - if input.TLS { + if input.TLS == nil || (input.TLS != nil && *input.TLS) { protocol = "https" } else { protocol = "http" diff --git a/va/validation-authority_test.go b/va/validation-authority_test.go index ee9e0cbc8..73710e3ec 100644 --- a/va/validation-authority_test.go +++ b/va/validation-authority_test.go @@ -167,12 +167,14 @@ func TestSimpleHttps(t *testing.T) { test.AssertEquals(t, finChall.Status, core.StatusValid) test.AssertNotError(t, err, chall.Path) - chall.TLS = false + tls := false + chall.TLS = &tls finChall, err = va.validateSimpleHTTPS(ident, chall) test.AssertEquals(t, finChall.Status, core.StatusValid) test.AssertNotError(t, err, chall.Path) - chall.TLS = true + tls = true + chall.TLS = &tls chall.Path = path404 invalidChall, err = va.validateSimpleHTTPS(ident, chall) test.AssertEquals(t, invalidChall.Status, core.StatusInvalid)