From 00e2ca574f6ecdcc1980d6e65dfe0e1d4a8f0ba7 Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Fri, 17 Sep 2021 12:18:41 +0000 Subject: *) mod_md: when MDMessageCmd for a 'challenge-setup::' fails (!= 0 exit), the renewal process is aborted and an error is reported for the MDomain. This provides scripts that distribute information in a cluster to abort early with bothering an ACME server to validate a dns name that will not work. The common retry logic will make another attempt in the future, as with other failures. Fixed a bug when adding private key specs to an already working MDomain, see . git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1893399 13f79535-47bb-0310-9956-ffa450edef68 --- modules/md/md_acme_authz.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'modules/md/md_acme_authz.c') diff --git a/modules/md/md_acme_authz.c b/modules/md/md_acme_authz.c index 0988d45969..d5632fa6b6 100644 --- a/modules/md/md_acme_authz.c +++ b/modules/md/md_acme_authz.c @@ -275,7 +275,13 @@ static apr_status_t cha_http_01_setup(md_acme_authz_cha_t *cha, md_acme_authz_t /* Raise event that challenge data has been set up before we tell the ACME server. Clusters might want to distribute it. */ event = apr_psprintf(p, "challenge-setup:%s:%s", MD_AUTHZ_TYPE_HTTP01, authz->domain); - md_result_holler(result, event, p); + rv = md_result_raise(result, event, p); + if (APR_SUCCESS != rv) { + md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, rv, p, + "%s: event '%s' failed. aborting challenge setup", + authz->domain, event); + goto out; + } /* challenge is setup or was changed from previous data, tell ACME server * so it may (re)try verification */ authz_req_ctx_init(&ctx, acme, NULL, authz, p); -- cgit v1.2.3