Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/acme: Set a meaningful user-agent #24496

Closed
jsha opened this issue Mar 22, 2018 · 5 comments
Closed

x/crypto/acme: Set a meaningful user-agent #24496

jsha opened this issue Mar 22, 2018 · 5 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone

Comments

@jsha
Copy link

jsha commented Mar 22, 2018

The x/crypto/acme package does not provide a User-Agent, defaulting to "Go-http-client/1.1". This makes it hard to distinguish between requests from x/crypto/acme and other Go implementations. The ACME spec recommends setting a meaningful User-Agent string, including the library version.

Ideally this would look something like:

User-Agent: Go-acme/1.2.3

However, since packages under x aren't explicitly versioned as far as I know, this could be tricky. Perhaps the maintainer could choose a starting version to be stored in a package-level variable, and bumped on major changes? My goal is for ACME server maintainers to be able to look at access logs for misbehaving clients and determine which library produced those requests, in order to contact the maintainers and request a fix. Additionally, it would be nice to be able to tell roughly which version of the library produced the requests, so the server maintainer can tell whether the requests are caused by a known issue or a new one.

@gopherbot gopherbot added this to the Unreleased milestone Mar 22, 2018
@jsha
Copy link
Author

jsha commented Mar 22, 2018

Ideally there would also be a mechanism for downstream libraries to tack on their own name and version. For instance, https://github.com/jetstack/kube-lego uses x/crypto/acme, and it would be useful to distinguish its requests from those of other users of x/crypto/acme. So, for instance, acme.Client could have a UserAgent string field that could be either left blank (resulting in Go-acme/1.2.3) or filled in with "fooclient/0.1.2" (resulting in fooclient/0.1.2 Go-acme/1.2.3).

@titanous titanous added the NeedsFix The path to resolution is known, but the work has not been done. label Mar 22, 2018
@gopherbot
Copy link

Change https://golang.org/cl/86635 mentions this issue: acme: Implement IETF draft-12

@jsha
Copy link
Author

jsha commented Jun 21, 2018

Hi, friendly ping on this? Thanks!

aeijdenberg pushed a commit to govau/le-dns-certs that referenced this issue Aug 9, 2018
Fixes golang/go#21081
Fixes golang/go#24496

Change-Id: I56e624bcf5a85bd6c360fd97e0e9f6c2536430ac
@gopherbot
Copy link

Change https://golang.org/cl/183267 mentions this issue: acme: send User-Agent and add Client.UserAgent

@gopherbot
Copy link

Change https://golang.org/cl/198538 mentions this issue: acme: keep custom User-Agent as is

@golang golang locked and limited conversation to collaborators Oct 2, 2020
c-expert-zigbee pushed a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 28, 2022
This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496

Change-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/183267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
c-expert-zigbee added a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 29, 2022
This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496

Change-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/183267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
c-expert-zigbee added a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 29, 2022
This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496

Change-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/183267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
LewiGoddard pushed a commit to LewiGoddard/crypto that referenced this issue Feb 16, 2023
This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496

Change-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/183267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
BiiChris pushed a commit to BiiChris/crypto that referenced this issue Sep 15, 2023
This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496

Change-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/183267
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Development

No branches or pull requests

3 participants