Pending authorizations

I would like to report to you something that can be a potential issue.

GetAuthorizations2 function selects authorizations that can be reused. The query to select them from the database is executed in that function and authorizations are returned from the function.

Then, this code manipulates on the returned list of authorizations. Because the query mentioned above is not in the same transaction with an insert, a lot of things can happen in the meantime, for example other authorizations can be added between a select and an insert and they should be reused but they are not.

What do you think about that behavior?

3 Likes

Welcome to the Let's Encrypt Community :slightly_smiling_face:

@lestaff

Any thoughts here?

Interesting! Please open a Boulder issue: https://github.com/letsencrypt/boulder

I’ll mention this to our software engineering team, too.

2 Likes

Hi @dnowakowski

... and what's the problem with that behaviour?

If someone triggers that problem, he must run minimal two different orders with the same domain name "in the same time".

So it's a possible, but a bad behaviour.

Result: The first authorization isn't reused, instead, a new authorization is created. That's not really a problem. Re-using authorizations isn't standard, it's an exception. If I renew my certificates one time 60 - 85 days after the last certificate, I don't use such re-used authorizations.

But starting a transaction to fix that: Millions of authorizations would start transactions.

That would increase the database load.

That would be a really bad idea.

2 Likes

Thanks for the welcome.

@JuergenAuer It can happen when the request to create a new order is retried because the first one failed. If the first authorization has been created but it is not reused, it will leak consuming the quota.

2 Likes

@dnowakowski first off, welcome to the Let's Encrypt Community :partying_face:

Hopefully I can shed some light on this; Authorization reuse is not a required part of of the order process. Authorization reuse is an optional optimization that makes things easier on both the ACME client and the Servers.

What would be alarming, is if a bug in our Authorization code allowed for re-use of Authorizations that it shouldn't. I don't believe that to be the case here.

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.