Merge pull request #2809 from letsencrypt/domain-ordering

Preserve domain ordering in CSR
2026-06-09 00:32:12 -04:00 · 2016-04-28 14:34:12 -07:00 · 2016-04-28 14:34:12 -07:00 · eb56c166d7
commit eb56c166d7
parent a4681d37b1 5424473f54
2 changed files with 5 additions and 3 deletions
--- a/certbot/client.py
+++ b/certbot/client.py
@ -245,8 +245,9 @@ class Client(object):
                domains,
                self.config.allow_subset_of_names)

-        domains = [a.body.identifier.value.encode('ascii')
-                                          for a in authzr]
+        auth_domains = set(a.body.identifier.value.encode('ascii')
+                           for a in authzr)
+        domains = [d for d in domains if d in auth_domains]

        # Create CSR from names
        key = crypto_util.init_save_key(
--- a/certbot/tests/client_test.py
+++ b/certbot/tests/client_test.py
@ -201,7 +201,8 @@ class ClientTest(unittest.TestCase):

        authzr = []

-        for domain in domains:
+        # domain ordering should not be affected by authorization order
+        for domain in reversed(domains):
            authzr.append(
                mock.MagicMock(
                    body=mock.MagicMock(