Remove unnecessary account ID match check. (#7416)

* Remove unnecessary account ID match check. Right now the Account object calculates an ID using md5. This is unnecessary and causes problems on FIPS systems that forbid md5. It's just as good to pick a random series of bytes for the ID, since the ID gets read out of renewal/foo.conf. However, if we switched the algorithm right now, we could wind up breaking forward compatibility / downgradeability, since older versions would run into this check. Removing this check now lays the ground to change the ID-calculation algorithm in the future. Related to #1948 and https://github.com/certbot/certbot/pull/1013#issuecomment-149983479. * Remove test. * Remove unused import.
2026-06-08 16:22:18 -04:00 · 2019-10-02 14:44:25 -07:00 · 2019-10-02 14:44:25 -07:00 · 3608abb01a
commit 3608abb01a
parent 4739a0616d
2 changed files with 1 additions and 14 deletions
--- a/certbot/account.py
+++ b/certbot/account.py
@ -231,12 +231,7 @@ class AccountFileStorage(interfaces.AccountStorage):
        except IOError as error:
            raise errors.AccountStorageError(error)

-        acc = Account(regr, key, meta)
-        if acc.id != account_id:
-            raise errors.AccountStorageError(
-                "Account ids mismatch (expected: {0}, found: {1}".format(
-                    account_id, acc.id))
-        return acc
+        return Account(regr, key, meta)

    def load(self, account_id):
        return self._load_for_server_path(account_id, self.config.server_path)
--- a/certbot/tests/account_test.py
+++ b/certbot/tests/account_test.py
@ -1,7 +1,6 @@
 """Tests for certbot.account."""
 import datetime
 import json
-import shutil
 import unittest

 import josepy as jose
@ -170,13 +169,6 @@ class AccountFileStorageTest(test_util.ConfigTestCase):
    def test_load_non_existent_raises_error(self):
        self.assertRaises(errors.AccountNotFound, self.storage.load, "missing")

-    def test_load_id_mismatch_raises_error(self):
-        self.storage.save(self.acc, self.mock_client)
-        shutil.move(os.path.join(self.config.accounts_dir, self.acc.id),
-                    os.path.join(self.config.accounts_dir, "x" + self.acc.id))
-        self.assertRaises(errors.AccountStorageError, self.storage.load,
-                          "x" + self.acc.id)
-
    def _set_server(self, server):
        self.config.server = server
        from certbot.account import AccountFileStorage