1837aa9ef2
If two revocation requests for the same cert arrive in rapid succession, it is possible for one of them to complete in the time between the other one's initial check (that the cert isn't revoked already) and final database update. This causes the db update to fail, and the request to end in a 500. Other methods, such as new account registration, have a three-step "check for duplicates, update db, if that failed check for duplicates again" flow. This change updates the cert revocation handlers to have a similar flow. It returns the RFC 8555 `alreadyRevoked` from wfe2, to match the error code returned by the initial duplicate check. It returns the non-standardized 409 Conflict from wfe, to match the code returned by that frontend's initial duplicate check. Fixes #5107 |
||
|---|---|---|
| .. | ||
| test | ||
| README.md | ||
| stale.go | ||
| stale_test.go | ||
| stats.go | ||
| verify.go | ||
| verify_test.go | ||
| wfe.go | ||
| wfe_test.go | ||
README.md
WFE v2
The wfe2 package is copied from the wfe package in order to implement the
"ACME v2" API. This design choice
was made to facilitate a clean separation between v1 and v2 code and to support
running a separate API process on a different port alongside the v1 API process.