From 5df9434286e55c22450e012514b8b359cad1e62b Mon Sep 17 00:00:00 2001 From: Mariano Cano Date: Thu, 8 Sep 2022 10:59:51 -0700 Subject: [PATCH] Fix old comment, device-attest-01 uses the acme payload --- acme/api/handler.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/acme/api/handler.go b/acme/api/handler.go index 177e7b66..760b8234 100644 --- a/acme/api/handler.go +++ b/acme/api/handler.go @@ -289,19 +289,18 @@ func GetChallenge(w http.ResponseWriter, r *http.Request) { render.Error(w, err) return } - // Just verify that the payload was set, since we're not strictly adhering - // to ACME V2 spec for reasons specified below. + payload, err := payloadFromContext(ctx) if err != nil { render.Error(w, err) return } - // NOTE: We should be checking ^^^ that the request is either a POST-as-GET, or - // that the payload is an empty JSON block ({}). However, older ACME clients - // still send a vestigial body (rather than an empty JSON block) and - // strict enforcement would render these clients broken. For the time being - // we'll just ignore the body. + // NOTE: We should be checking that the request is either a POST-as-GET, or + // that the payload is an empty JSON block ({}) for non device attestation + // challenges. However, older ACME clients still send a vestigial body + // (rather than an empty JSON block) and strict enforcement would render + // these clients broken. azID := chi.URLParam(r, "authzID") ch, err := db.GetChallenge(ctx, chi.URLParam(r, "chID"), azID)