BUG/MINOR: acme: allow "processing" in challenge requests

Allow the "processing" status in the challenge object when requesting
to do the challenge, in addition to "pending".

According to RFC 8555 https://datatracker.ietf.org/doc/html/rfc8555/#section-7.1.6

   Challenge objects are created in the "pending" state.  They
   transition to the "processing" state when the client responds to the
   challenge (see Section 7.5.1)

However some CA could respond with a "processing" state without ever
transitioning to "pending".

Must be backported to 3.2.

diff --git a/src/acme.c b/src/acme.c
index ca3179c8af2ed9fe4cd15928d690c00c026f62f5..33f18420e3a373726e758ed58a41681cbd18e359 100644 (file)
--- a/src/acme.c
+++ b/src/acme.c
@@ -1230,7 +1230,7 @@ enum acme_ret acme_res_challenge(struct task *task, struct acme_ctx *ctx, struct
        }
        trash.data = res;
 
-       if (strncasecmp("pending", trash.area, trash.data) == 0) {
+       if (strncasecmp("pending", trash.area, trash.data) == 0 || strncasecmp("processing", trash.area, trash.data) == 0) {
                if (chk) { /* during challenge chk */
                        memprintf(errmsg, "challenge status: %.*s", (int)trash.data, trash.area);
                        ret = ACME_RET_RETRY;
@@ -1241,16 +1241,10 @@ enum acme_ret acme_res_challenge(struct task *task, struct acme_ctx *ctx, struct
                }
        }
 
-       /* during challenge check */
        if (strncasecmp("valid", trash.area, trash.data) == 0) {
                ret = ACME_RET_OK;
                goto out;
        }
-       if (strncasecmp("processing", trash.area, trash.data) == 0) {
-               memprintf(errmsg, "challenge status: %.*s", (int)trash.data, trash.area);
-               ret = ACME_RET_RETRY;
-               goto out;
-       }
 
        if (hc->res.status < 200 || hc->res.status >= 300 || mjson_find(hc->res.buf.area, hc->res.buf.data, "$.error", NULL, NULL) == MJSON_TOK_OBJECT) {
                /* XXX: need a generic URN error parser */