Skip to content

Commit 7329118

Browse files
aarongableaarongable
committed
Review comments
1 parent 25d8304 commit 7329118

6 files changed

Lines changed: 18 additions & 9 deletions

File tree

cmd/admin/dryrun.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ func (d dryRunSAC) EnableRateLimitOverride(ctx context.Context, req *sapb.Enable
7979
}
8080

8181
func (d dryRunSAC) PauseIdentifiers(ctx context.Context, req *sapb.PauseRequest, _ ...grpc.CallOption) (*sapb.PauseIdentifiersResponse, error) {
82-
d.log.Info(ctx, "dry-run: sa.EnableRateLimitOverride",
82+
d.log.Info(ctx, "dry-run: sa.PauseIdentifiers",
8383
blog.Acct(req.RegistrationID),
8484
blog.Idents(identifier.FromProtoSlice(req.Identifiers)...),
8585
)

cmd/admin/overrides_import.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ func (c *subcommandImportOverrides) Run(ctx context.Context, a *admin) error {
7575
for range overrideCount {
7676
result := <-results
7777
if result.err != nil {
78-
a.log.Error(ctx, "failed to add override", err,
78+
a.log.Error(ctx, "failed to add override", result.err,
7979
slog.Int64("limit", result.ov.LimitEnum),
8080
slog.String("bucketKey", result.ov.BucketKey),
8181
)

cmd/shell.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -228,7 +228,7 @@ func NewLogger(logConf blog.Config) blog.Logger {
228228
go func() {
229229
for {
230230
time.Sleep(time.Hour)
231-
logger.Info(context.Background(), "heartbeat", slog.Time("time", time.Now()))
231+
logger.Info(context.Background(), "heartbeat", slog.Time("now", time.Now()))
232232
}
233233
}()
234234
return logger

ra/ra.go

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1594,8 +1594,9 @@ func (ra *RegistrationAuthorityImpl) RevokeCertByApplicant(ctx context.Context,
15941594
defer func() {
15951595
if err != nil {
15961596
ra.log.AuditError(ctx, "Revocation request", err)
1597+
} else {
1598+
ra.log.AuditInfo(ctx, "Revocation request")
15971599
}
1598-
ra.log.AuditInfo(ctx, "Revocation request")
15991600
}()
16001601

16011602
metadata, err := ra.SA.GetSerialMetadata(ctx, &sapb.Serial{Serial: serialString})
@@ -1736,8 +1737,9 @@ func (ra *RegistrationAuthorityImpl) RevokeCertByKey(ctx context.Context, req *r
17361737
defer func() {
17371738
if err != nil {
17381739
ra.log.AuditError(ctx, "Revocation request", err)
1740+
} else {
1741+
ra.log.AuditInfo(ctx, "Revocation request")
17391742
}
1740-
ra.log.AuditInfo(ctx, "Revocation request")
17411743
}()
17421744

17431745
// We revoke the cert before adding it to the blocked keys list, to avoid a
@@ -1824,8 +1826,9 @@ func (ra *RegistrationAuthorityImpl) AdministrativelyRevokeCertificate(ctx conte
18241826
defer func() {
18251827
if err != nil {
18261828
ra.log.AuditError(ctx, "Revocation request", err)
1829+
} else {
1830+
ra.log.AuditInfo(ctx, "Revocation request")
18271831
}
1828-
ra.log.AuditInfo(ctx, "Revocation request")
18291832
}()
18301833

18311834
var cert *x509.Certificate

va/caa.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,6 @@ func (va *ValidationAuthorityImpl) DoCAA(ctx context.Context, req *vapb.IsCAAVal
101101
if va.isPrimaryVA() {
102102
// Observe total check latency (primary+remote).
103103
va.observeLatency(opCAA, allPerspectives, string(challType), probType, outcome, va.clk.Since(start))
104-
logAttrs = append(logAttrs, slog.String("status", string(core.StatusValid)))
105104
}
106105

107106
va.log.AuditInfo(ctx, "CAA check result", logAttrs...)

va/va.go

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -610,6 +610,8 @@ func summarizeMPIC(passed, failed []string, passedRIRSet map[string]struct{}) *m
610610
// Internal logic errors are logged. If the number of operation failures exceeds
611611
// va.maxRemoteFailures, the first encountered problem is returned as a
612612
// *probs.ProblemDetails.
613+
//
614+
// It always returns a non-nil summary, whether or not there's also a prob.
613615
func (va *ValidationAuthorityImpl) doRemoteOperation(ctx context.Context, op remoteOperation, req proto.Message) (*mpicSummary, *probs.ProblemDetails) {
614616
remoteVACount := len(va.remoteVAs)
615617
// - Mar 15, 2026: MUST implement using at least 3 perspectives
@@ -618,7 +620,7 @@ func (va *ValidationAuthorityImpl) doRemoteOperation(ctx context.Context, op rem
618620
// See "Phased Implementation Timeline" in
619621
// https://github.com/cabforum/servercert/blob/main/docs/BR.md#3229-multi-perspective-issuance-corroboration
620622
if remoteVACount < 3 {
621-
return nil, probs.ServerInternal("Insufficient remote perspectives: need at least 3")
623+
return summarizeMPIC(nil, nil, nil), probs.ServerInternal("Insufficient remote perspectives: need at least 3")
622624
}
623625

624626
type response struct {
@@ -883,7 +885,12 @@ func (va *ValidationAuthorityImpl) DoDCV(ctx context.Context, req *vapb.PerformV
883885
}
884886
var summary *mpicSummary
885887
summary, prob = va.doRemoteOperation(ctx, op, req)
886-
logAttrs = append(logAttrs, slog.Any("mpicSummary", summary))
888+
logAttrs = append(logAttrs, slog.Group("mpic",
889+
slog.Any("passed", summary.Passed),
890+
slog.Any("failed", summary.Failed),
891+
slog.Any("passedRIRs", summary.PassedRIRs),
892+
slog.String("quorum", summary.QuorumResult),
893+
))
887894
}
888895

889896
return bgrpc.ValidationResultToPB(records, filterProblemDetails(prob), va.perspective, va.rir)

0 commit comments

Comments
 (0)