diff --git a/sa/model.go b/sa/model.go index 54d90fbc9e7..ba4adf4e4d7 100644 --- a/sa/model.go +++ b/sa/model.go @@ -695,7 +695,7 @@ func authzPBToModel(authz *corepb.Authorization) (*authzModel, error) { IdentifierValue: authz.Identifier, RegistrationID: authz.RegistrationID, Status: statusToUint[core.AcmeStatus(authz.Status)], - Expires: authz.Expires.AsTime().Truncate(time.Second), + Expires: authz.Expires.AsTime(), } if authz.Id != "" { // The v1 internal authorization objects use a string for the ID, the v2 @@ -734,7 +734,7 @@ func authzPBToModel(authz *corepb.Authorization) (*authzModel, error) { // If validated Unix timestamp is zero then keep the core.Challenge Validated object nil. var validated *time.Time if !core.IsAnyNilOrZero(chall.Validated) { - val := chall.Validated.AsTime().Truncate(time.Second) + val := chall.Validated.AsTime() validated = &val } am.AttemptedAt = validated diff --git a/sa/sa.go b/sa/sa.go index 84ae73c2b77..55af1483e11 100644 --- a/sa/sa.go +++ b/sa/sa.go @@ -475,13 +475,15 @@ func (ssa *SQLStorageAuthority) NewOrderAndAuthzs(ctx context.Context, req *sapb if err != nil { return nil, err } + // These parameters correspond to the fields listed in `authzFields`, as used in the + // `db.NewMultiInserter` call above, and occur in the same order. err = inserter.Add([]interface{}{ am.ID, am.IdentifierType, am.IdentifierValue, am.RegistrationID, statusToUint[core.StatusPending], - am.Expires, + am.Expires.Truncate(time.Second), am.Challenges, nil, nil, @@ -503,10 +505,11 @@ func (ssa *SQLStorageAuthority) NewOrderAndAuthzs(ctx context.Context, req *sapb var orderID int64 var err error created := ssa.clk.Now().Truncate(time.Second) + expires := req.NewOrder.Expires.AsTime().Truncate(time.Second) if features.Get().MultipleCertificateProfiles { omv2 := orderModelv2{ RegistrationID: req.NewOrder.RegistrationID, - Expires: req.NewOrder.Expires.AsTime().Truncate(time.Second), + Expires: expires, Created: created, CertificateProfileName: req.NewOrder.CertificateProfileName, } @@ -515,7 +518,7 @@ func (ssa *SQLStorageAuthority) NewOrderAndAuthzs(ctx context.Context, req *sapb } else { omv1 := orderModelv1{ RegistrationID: req.NewOrder.RegistrationID, - Expires: req.NewOrder.Expires.AsTime().Truncate(time.Second), + Expires: expires, Created: created, } err = tx.Insert(ctx, &omv1) @@ -570,20 +573,20 @@ func (ssa *SQLStorageAuthority) NewOrderAndAuthzs(ctx context.Context, req *sapb req.NewOrder.Names, orderID, req.NewOrder.RegistrationID, - req.NewOrder.Expires.AsTime().Truncate(time.Second), + expires, ) if err != nil { return nil, err } - // Finally, build the overall Order PB. + // Finally, build the overall Order PB to return. res := &corepb.Order{ // ID and Created were auto-populated on the order model when it was inserted. Id: orderID, Created: timestamppb.New(created), // These are carried over from the original request unchanged. RegistrationID: req.NewOrder.RegistrationID, - Expires: req.NewOrder.Expires, + Expires: timestamppb.New(expires), Names: req.NewOrder.Names, // Have to combine the already-associated and newly-reacted authzs. V2Authorizations: append(req.NewOrder.V2Authorizations, newAuthzIDs...), diff --git a/sa/saro.go b/sa/saro.go index 31399162a23..1f4217ae2c4 100644 --- a/sa/saro.go +++ b/sa/saro.go @@ -766,7 +766,7 @@ func (ssa *SQLStorageAuthorityRO) GetOrderForNames(ctx context.Context, req *sap ORDER BY expires ASC LIMIT 1`, fqdnHash, - ssa.clk.Now().Truncate(time.Second)) + ssa.clk.Now().Truncate(time.Second)) if db.IsNoRows(err) { return nil, berrors.NotFoundError("no order matching request found")