test: Remove badNonce retries and increase nonce maxConnectionAge

beautifulentropy · beautifulentropy · commit 3f8196ee2124 · 2026-03-10T15:46:56.000-04:00
diff --git a/test/chisel2.py b/test/chisel2.py
@@ -14,8 +14,6 @@
 import sys
 import signal
 import threading
-import time
-
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography import x509
@@ -55,11 +53,11 @@ def make_client(email=None):
     """Build an acme.Client and register a new account with a random key."""
     client = uninitialized_client()
     tos = client.directory.meta.terms_of_service
-    if tos == ACCEPTABLE_TOS:
-        client.net.account = client.new_account(messages.NewRegistration.from_data(email=email,
-            terms_of_service_agreed=True))
-    else:
+    if tos != ACCEPTABLE_TOS:
         raise Exception("Unrecognized terms of service URL %s" % tos)
+    
+    client.net.account = client.new_account(messages.NewRegistration.from_data(email=email,
+        terms_of_service_agreed=True))
     return client
 
 class NoClientError(ValueError):
@@ -140,21 +138,13 @@ def auth_and_issue(domains, chall_type="dns-01", email=None, cert_output=None, c
     else:
         raise Exception("invalid challenge type %s" % chall_type)
 
-    # Make up to three attempts, retrying on badNonce errors
-    for n in range(3):
-        time.sleep(0.2 * n)  # No sleep before the first attempt, then backoff
-        try:
-            order = client.poll_and_finalize(order)
-            if cert_output is not None:
-                with open(cert_output, "w") as f:
-                    f.write(order.fullchain_pem)
-        except messages.Error as e:
-            if e.typ == "urn:ietf:params:acme:error:badNonce":
-                continue
-        else:
-            break
-        finally:
-            cleanup()
+    try:
+        order = client.poll_and_finalize(order)
+        if cert_output is not None:
+            with open(cert_output, "w") as f:
+                f.write(order.fullchain_pem)
+    finally:
+        cleanup()
 
     return order
 
diff --git a/test/config-next/nonce-a.json b/test/config-next/nonce-a.json
@@ -13,7 +13,7 @@
 			"sampleratio": 1
 		},
 		"grpc": {
-			"maxConnectionAge": "30s",
+			"maxConnectionAge": "30m",
 			"services": {
 				"nonce.NonceService": {
 					"clientNames": [
diff --git a/test/config-next/nonce-b.json b/test/config-next/nonce-b.json
@@ -13,7 +13,7 @@
 			"sampleratio": 1
 		},
 		"grpc": {
-			"maxConnectionAge": "30s",
+			"maxConnectionAge": "30m",
 			"services": {
 				"nonce.NonceService": {
 					"clientNames": [
diff --git a/test/config/nonce-a.json b/test/config/nonce-a.json
@@ -10,7 +10,7 @@
 		},
 		"debugAddr": ":8111",
 		"grpc": {
-			"maxConnectionAge": "30s",
+			"maxConnectionAge": "30m",
 			"address": ":9101",
 			"services": {
 				"nonce.NonceService": {
diff --git a/test/config/nonce-b.json b/test/config/nonce-b.json
@@ -10,7 +10,7 @@
 		},
 		"debugAddr": ":8111",
 		"grpc": {
-			"maxConnectionAge": "30s",
+			"maxConnectionAge": "30m",
 			"address": ":9101",
 			"services": {
 				"nonce.NonceService": {
