From b004ec54665c14ea9bbb0de105d1fa1fc214b1be Mon Sep 17 00:00:00 2001
From: Arjan H <github@hakwerk.com>
Date: Sat, 4 Jun 2022 16:40:56 +0200
Subject: [PATCH] Bump boulder version to release-2022-05-31

---
 gui/setup.sh                         |  2 +-
 install                              |  2 +-
 mail-tester.go                       |  7 ++---
 patches/cert-checker_main.patch      | 14 +++++-----
 patches/docker-compose.patch         |  2 +-
 patches/expiration-mailer_main.patch | 14 +++++-----
 patches/mail_mailer.patch            | 38 ++++++++++------------------
 7 files changed, 35 insertions(+), 44 deletions(-)

diff --git a/gui/setup.sh b/gui/setup.sh
index ba522c4..22e0826 100755
--- a/gui/setup.sh
+++ b/gui/setup.sh
@@ -8,7 +8,7 @@ set -e
 if [ ! -e bin/labca ]; then
     go mod download
 
-    go build -o bin/labca
+    go build -buildvcs=false -o bin/labca
 fi
 
 [ -e /bin/ip ] || (apt update && apt install -y iproute2)
diff --git a/install b/install
index 4954be9..6da2c80 100755
--- a/install
+++ b/install
@@ -24,7 +24,7 @@ dockerComposeVersion="v2.5.0"
 
 labcaUrl="https://github.com/hakwerk/labca/"
 boulderUrl="https://github.com/letsencrypt/boulder/"
-boulderTag="release-2022-05-09"
+boulderTag="release-2022-05-31"
 
 # Feature flags
 flag_skip_redis=true
diff --git a/mail-tester.go b/mail-tester.go
index 15024b7..eaf6583 100644
--- a/mail-tester.go
+++ b/mail-tester.go
@@ -136,13 +136,14 @@ func main() {
 		1*time.Second,
 		5*60*time.Second)
 
-	mailClient.Connect()
-	defer mailClient.Close()
+	conn, err := mailClient.Connect()
+	cmd.FailOnError(err, "mail-tester failed to connect")
+	defer conn.Close()
 
 	recipients := []string{}
 	recipients = append(recipients, recipient)
 
-	err = mailClient.SendMail(recipients, "Test Email from LabCA", "Test sending email from the LabCA server")
+	err = conn.SendMail(recipients, "Test Email from LabCA", "Test sending email from the LabCA server")
 	cmd.FailOnError(err, "mail-tester has failed")
 }
 
diff --git a/patches/cert-checker_main.patch b/patches/cert-checker_main.patch
index d91969e..98c6741 100644
--- a/patches/cert-checker_main.patch
+++ b/patches/cert-checker_main.patch
@@ -1,8 +1,8 @@
 diff --git a/cmd/cert-checker/main.go b/cmd/cert-checker/main.go
-index 725c5d08..f2f730cc 100644
+index b1fccdbd..8b64cfa2 100644
 --- a/cmd/cert-checker/main.go
 +++ b/cmd/cert-checker/main.go
-@@ -95,9 +95,10 @@ type certChecker struct {
+@@ -97,9 +97,10 @@ type certChecker struct {
  	issuedReport                report
  	checkPeriod                 time.Duration
  	acceptableValidityDurations map[time.Duration]bool
@@ -14,7 +14,7 @@ index 725c5d08..f2f730cc 100644
  	return certChecker{
  		pa:                          pa,
  		kp:                          kp,
-@@ -108,6 +109,7 @@ func newChecker(saDbMap certDB, clk clock.Clock, pa core.PolicyAuthority, kp goo
+@@ -110,6 +111,7 @@ func newChecker(saDbMap certDB, clk clock.Clock, pa core.PolicyAuthority, kp goo
  		issuedReport:                report{Entries: make(map[string]reportEntry)},
  		checkPeriod:                 period,
  		acceptableValidityDurations: avd,
@@ -22,7 +22,7 @@ index 725c5d08..f2f730cc 100644
  	}
  }
  
-@@ -283,7 +285,7 @@ func (c *certChecker) checkCert(cert core.Certificate, ignoredLints map[string]b
+@@ -285,7 +287,7 @@ func (c *certChecker) checkCert(cert core.Certificate, ignoredLints map[string]b
  			err = c.pa.WillingToIssueWildcards([]identifier.ACMEIdentifier{id})
  			if err != nil {
  				problems = append(problems, fmt.Sprintf("Policy Authority isn't willing to issue for '%s': %s", name, err))
@@ -31,7 +31,7 @@ index 725c5d08..f2f730cc 100644
  				// For defense-in-depth, even if the PA was willing to issue for a name
  				// we double check it against a list of forbidden domains. This way even
  				// if the hostnamePolicyFile malfunctions we will flag the forbidden
-@@ -334,11 +336,12 @@ type Config struct {
+@@ -336,11 +338,12 @@ type Config struct {
  		DB cmd.DBConfig
  		cmd.HostnamePolicyConfig
  
@@ -49,7 +49,7 @@ index 725c5d08..f2f730cc 100644
  
  		// AcceptableValidityDurations is a list of durations which are
  		// acceptable for certificates we issue.
-@@ -398,6 +401,8 @@ func main() {
+@@ -406,6 +409,8 @@ func main() {
  		acceptableValidityDurations[ninetyDays] = true
  	}
  
@@ -58,7 +58,7 @@ index 725c5d08..f2f730cc 100644
  	// Validate PA config and set defaults if needed.
  	cmd.FailOnError(config.PA.CheckChallenges(), "Invalid PA configuration")
  
-@@ -432,6 +437,7 @@ func main() {
+@@ -445,6 +450,7 @@ func main() {
  		kp,
  		config.CertChecker.CheckPeriod.Duration,
  		acceptableValidityDurations,
diff --git a/patches/docker-compose.patch b/patches/docker-compose.patch
index 6f82111..548061c 100644
--- a/patches/docker-compose.patch
+++ b/patches/docker-compose.patch
@@ -3,7 +3,7 @@ index 0cd8c8dd..36619190 100644
 --- a/docker-compose.yml
 +++ b/docker-compose.yml
 @@ -8,7 +8,7 @@ services:
-     image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.18.1_2022-04-12}
+     image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.18.1_2022-05-19}
      environment:
        FAKE_DNS: 10.77.77.77
 -      BOULDER_CONFIG_DIR: test/config
diff --git a/patches/expiration-mailer_main.patch b/patches/expiration-mailer_main.patch
index c2d17b1..49bf079 100644
--- a/patches/expiration-mailer_main.patch
+++ b/patches/expiration-mailer_main.patch
@@ -1,8 +1,8 @@
 diff --git a/cmd/expiration-mailer/main.go b/cmd/expiration-mailer/main.go
-index 0ea463a8..1c7c6931 100644
+index df8adaf4..000b1c03 100644
 --- a/cmd/expiration-mailer/main.go
 +++ b/cmd/expiration-mailer/main.go
-@@ -22,6 +22,7 @@ import (
+@@ -23,6 +23,7 @@ import (
  	"github.com/jmhodges/clock"
  	"google.golang.org/grpc"
  
@@ -11,15 +11,15 @@ index 0ea463a8..1c7c6931 100644
  	"github.com/letsencrypt/boulder/core"
  	corepb "github.com/letsencrypt/boulder/core/proto"
 @@ -38,7 +39,7 @@ import (
+ )
  
  const (
- 	defaultNagCheckInterval  = 24 * time.Hour
 -	defaultExpirationSubject = "Let's Encrypt certificate expiration notice for domain {{.ExpirationSubject}}"
 +	defaultExpirationSubject = "LabCA certificate expiration notice for domain {{.ExpirationSubject}}"
  )
  
  type regStore interface {
-@@ -415,6 +416,9 @@ type Config struct {
+@@ -495,6 +496,9 @@ type Config struct {
  		TLS       cmd.TLSConfig
  		SAService *cmd.GRPCClientConfig
  
@@ -29,7 +29,7 @@ index 0ea463a8..1c7c6931 100644
  		// Path to a file containing a list of trusted root certificates for use
  		// during the SMTP connection (as opposed to the gRPC connections).
  		SMTPTrustedRootFile string
-@@ -424,6 +428,12 @@ type Config struct {
+@@ -504,6 +508,12 @@ type Config struct {
  
  	Syslog  cmd.SyslogConfig
  	Beeline cmd.BeelineConfig
@@ -42,7 +42,7 @@ index 0ea463a8..1c7c6931 100644
  }
  
  func initStats(stats prometheus.Registerer) mailerStats {
-@@ -542,6 +552,32 @@ func main() {
+@@ -631,6 +641,32 @@ func main() {
  	cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
  	sac := sapb.NewStorageAuthorityClient(conn)
  
@@ -75,7 +75,7 @@ index 0ea463a8..1c7c6931 100644
  	var smtpRoots *x509.CertPool
  	if c.Mailer.SMTPTrustedRootFile != "" {
  		pem, err := ioutil.ReadFile(c.Mailer.SMTPTrustedRootFile)
-@@ -577,6 +613,7 @@ func main() {
+@@ -666,6 +702,7 @@ func main() {
  		c.Mailer.Username,
  		smtpPassword,
  		smtpRoots,
diff --git a/patches/mail_mailer.patch b/patches/mail_mailer.patch
index 54c60d1..0df700e 100644
--- a/patches/mail_mailer.patch
+++ b/patches/mail_mailer.patch
@@ -1,5 +1,5 @@
 diff --git a/mail/mailer.go b/mail/mailer.go
-index b20de949..91979e9c 100644
+index 4249108e..ee8b6fb4 100644
 --- a/mail/mailer.go
 +++ b/mail/mailer.go
 @@ -21,10 +21,14 @@ import (
@@ -17,7 +17,7 @@ index b20de949..91979e9c 100644
  )
  
  type idGenerator interface {
-@@ -122,6 +126,7 @@ func New(
+@@ -139,6 +143,7 @@ func New(
  	username,
  	password string,
  	rootCAs *x509.CertPool,
@@ -25,34 +25,24 @@ index b20de949..91979e9c 100644
  	from mail.Address,
  	logger blog.Logger,
  	stats prometheus.Registerer,
-@@ -136,11 +141,12 @@ func New(
- 
- 	return &MailerImpl{
- 		dialer: &dialerImpl{
--			username: username,
--			password: password,
--			server:   server,
--			port:     port,
--			rootCAs:  rootCAs,
-+			username:  username,
-+			password:  password,
-+			server:    server,
-+			port:      port,
-+			rootCAs:   rootCAs,
-+			dnsClient: resolver,
- 		},
- 		log:              logger,
- 		from:             from,
-@@ -181,7 +187,7 @@ func (m *MailerImpl) generateMessage(to []string, subject, body string) ([]byte,
+@@ -159,6 +164,7 @@ func New(
+ 				server:   server,
+ 				port:     port,
+ 				rootCAs:  rootCAs,
++				dnsClient: resolver,
+ 			},
+ 			log:              logger,
+ 			from:             from,
+@@ -202,7 +208,7 @@ func (c config) generateMessage(to []string, subject, body string) ([]byte, erro
  		fmt.Sprintf("To: %s", strings.Join(addrs, ", ")),
- 		fmt.Sprintf("From: %s", m.from.String()),
+ 		fmt.Sprintf("From: %s", c.from.String()),
  		fmt.Sprintf("Subject: %s", subject),
 -		fmt.Sprintf("Date: %s", now.Format(time.RFC822)),
 +		fmt.Sprintf("Date: %s", now.Format(time.RFC1123Z)),
- 		fmt.Sprintf("Message-Id: <%s.%s.%s>", now.Format("20060102T150405"), mid.String(), m.from.Address),
+ 		fmt.Sprintf("Message-Id: <%s.%s.%s>", now.Format("20060102T150405"), mid.String(), c.from.Address),
  		"MIME-Version: 1.0",
  		"Content-Type: text/plain; charset=UTF-8",
-@@ -238,23 +244,32 @@ func (m *MailerImpl) Connect() error {
+@@ -259,23 +265,32 @@ func (m *mailerImpl) Connect() (Conn, error) {
  type dialerImpl struct {
  	username, password, server, port string
  	rootCAs                          *x509.CertPool