From 104c39335bc04f2fa991dc4ff6c5ceea42bae8c8 Mon Sep 17 00:00:00 2001 From: Phil Porada Date: Wed, 15 Nov 2023 11:03:20 -0500 Subject: [PATCH] VA: Check that maxRemoteValidationFailures is non-negative (#7150) Prevents a panic when the VA config field `maxRemoteValidationFailures` is set to a negative number by adding validation tags Fixes https://github.com/letsencrypt/boulder/issues/7149 --- cmd/boulder-va/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/boulder-va/main.go b/cmd/boulder-va/main.go index 1c998bc9787..4fd45ea2c8e 100644 --- a/cmd/boulder-va/main.go +++ b/cmd/boulder-va/main.go @@ -32,7 +32,7 @@ type Config struct { DNSAllowLoopbackAddresses bool RemoteVAs []cmd.GRPCClientConfig `validate:"omitempty,dive"` - MaxRemoteValidationFailures int + MaxRemoteValidationFailures int `validate:"omitempty,min=0,required_with=RemoteVAs"` Features map[string]bool