5 files changed, 37 insertions, 36 deletions

diff --git a/vendor/golang.org/x/crypto/acme/acme.go b/vendor/golang.org/x/crypto/acme/acme.go
index a7b6ce4e9..4e409be6d 100644
--- a/vendor/golang.org/x/crypto/acme/acme.go
+++ b/vendor/golang.org/x/crypto/acme/acme.go
@@ -207,7 +207,7 @@ func (c *Client) CreateCert(ctx context.Context, csr []byte, exp time.Duration,
 		return nil, "", responseError(res)
 	}
 
-	curl := res.Header.Get("location") // cert permanent URL
+	curl := res.Header.Get("Location") // cert permanent URL
 	if res.ContentLength == 0 {
 		// no cert in the body; poll until we get it
 		cert, err := c.FetchCert(ctx, curl, bundle)
@@ -240,7 +240,7 @@ func (c *Client) FetchCert(ctx context.Context, url string, bundle bool) ([][]by
 		if res.StatusCode > 299 {
 			return nil, responseError(res)
 		}
-		d := retryAfter(res.Header.Get("retry-after"), 3*time.Second)
+		d := retryAfter(res.Header.Get("Retry-After"), 3*time.Second)
 		select {
 		case <-time.After(d):
 			// retry
@@ -444,7 +444,7 @@ func (c *Client) WaitAuthorization(ctx context.Context, url string) (*Authorizat
 		if err != nil {
 			return nil, err
 		}
-		retry := res.Header.Get("retry-after")
+		retry := res.Header.Get("Retry-After")
 		if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusAccepted {
 			res.Body.Close()
 			if err := sleep(retry, 1); err != nil {
@@ -703,7 +703,7 @@ func (c *Client) retryPostJWS(ctx context.Context, key crypto.Signer, url string
 				// clear any nonces that we might've stored that might now be
 				// considered bad
 				c.clearNonces()
-				retry := res.Header.Get("retry-after")
+				retry := res.Header.Get("Retry-After")
 				if err := sleep(retry, 1); err != nil {
 					return nil, err
 				}
diff --git a/vendor/golang.org/x/crypto/acme/acme_test.go b/vendor/golang.org/x/crypto/acme/acme_test.go
index a4d276db8..14832de49 100644
--- a/vendor/golang.org/x/crypto/acme/acme_test.go
+++ b/vendor/golang.org/x/crypto/acme/acme_test.go
@@ -74,7 +74,7 @@ func TestDiscover(t *testing.T) {
 		revoke = "https://example.com/acme/revoke-cert"
 	)
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("content-type", "application/json")
+		w.Header().Set("Content-Type", "application/json")
 		fmt.Fprintf(w, `{
 			"new-reg": %q,
 			"new-authz": %q,
@@ -107,7 +107,7 @@ func TestRegister(t *testing.T) {
 
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -173,7 +173,7 @@ func TestUpdateReg(t *testing.T) {
 
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -234,7 +234,7 @@ func TestGetReg(t *testing.T) {
 
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -290,7 +290,7 @@ func TestGetReg(t *testing.T) {
 func TestAuthorize(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -371,7 +371,7 @@ func TestAuthorize(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id1", c.URI)
 	}
 	if c.Token != "token1" {
-		t.Errorf("c.Token = %q; want token1", c.Type)
+		t.Errorf("c.Token = %q; want token1", c.Token)
 	}
 
 	c = auth.Challenges[1]
@@ -382,7 +382,7 @@ func TestAuthorize(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id2", c.URI)
 	}
 	if c.Token != "token2" {
-		t.Errorf("c.Token = %q; want token2", c.Type)
+		t.Errorf("c.Token = %q; want token2", c.Token)
 	}
 
 	combs := [][]int{{0}, {1}}
@@ -394,7 +394,7 @@ func TestAuthorize(t *testing.T) {
 func TestAuthorizeValid(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "nonce")
+			w.Header().Set("Replay-Nonce", "nonce")
 			return
 		}
 		w.WriteHeader(http.StatusCreated)
@@ -464,7 +464,7 @@ func TestGetAuthorization(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id1", c.URI)
 	}
 	if c.Token != "token1" {
-		t.Errorf("c.Token = %q; want token1", c.Type)
+		t.Errorf("c.Token = %q; want token1", c.Token)
 	}
 
 	c = auth.Challenges[1]
@@ -475,7 +475,7 @@ func TestGetAuthorization(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id2", c.URI)
 	}
 	if c.Token != "token2" {
-		t.Errorf("c.Token = %q; want token2", c.Type)
+		t.Errorf("c.Token = %q; want token2", c.Token)
 	}
 
 	combs := [][]int{{0}, {1}}
@@ -488,7 +488,7 @@ func TestWaitAuthorization(t *testing.T) {
 	var count int
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		count++
-		w.Header().Set("retry-after", "0")
+		w.Header().Set("Retry-After", "0")
 		if count > 1 {
 			fmt.Fprintf(w, `{"status":"valid"}`)
 			return
@@ -551,7 +551,7 @@ func TestWaitAuthorizationInvalid(t *testing.T) {
 
 func TestWaitAuthorizationCancel(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("retry-after", "60")
+		w.Header().Set("Retry-After", "60")
 		fmt.Fprintf(w, `{"status":"pending"}`)
 	}))
 	defer ts.Close()
@@ -579,7 +579,7 @@ func TestWaitAuthorizationCancel(t *testing.T) {
 func TestRevokeAuthorization(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "nonce")
+			w.Header().Set("Replay-Nonce", "nonce")
 			return
 		}
 		switch r.URL.Path {
@@ -645,14 +645,14 @@ func TestPollChallenge(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id1", chall.URI)
 	}
 	if chall.Token != "token1" {
-		t.Errorf("c.Token = %q; want token1", chall.Type)
+		t.Errorf("c.Token = %q; want token1", chall.Token)
 	}
 }
 
 func TestAcceptChallenge(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -707,7 +707,7 @@ func TestAcceptChallenge(t *testing.T) {
 		t.Errorf("c.URI = %q; want https://ca.tld/acme/challenge/publickey/id1", c.URI)
 	}
 	if c.Token != "token1" {
-		t.Errorf("c.Token = %q; want token1", c.Type)
+		t.Errorf("c.Token = %q; want token1", c.Token)
 	}
 }
 
@@ -718,7 +718,7 @@ func TestNewCert(t *testing.T) {
 
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "test-nonce")
+			w.Header().Set("Replay-Nonce", "test-nonce")
 			return
 		}
 		if r.Method != "POST" {
@@ -801,7 +801,7 @@ func TestFetchCert(t *testing.T) {
 		count++
 		if count < 3 {
 			up := fmt.Sprintf("<%s>;rel=up", ts.URL)
-			w.Header().Set("link", up)
+			w.Header().Set("Link", up)
 		}
 		w.Write([]byte{count})
 	}))
@@ -820,7 +820,7 @@ func TestFetchCertRetry(t *testing.T) {
 	var count int
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if count < 1 {
-			w.Header().Set("retry-after", "0")
+			w.Header().Set("Retry-After", "0")
 			w.WriteHeader(http.StatusAccepted)
 			count++
 			return
@@ -840,7 +840,7 @@ func TestFetchCertRetry(t *testing.T) {
 
 func TestFetchCertCancel(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("retry-after", "0")
+		w.Header().Set("Retry-After", "0")
 		w.WriteHeader(http.StatusAccepted)
 	}))
 	defer ts.Close()
@@ -867,7 +867,7 @@ func TestFetchCertDepth(t *testing.T) {
 			t.Errorf("count = %d; want at most %d", count, maxChainLen+1)
 			w.WriteHeader(http.StatusInternalServerError)
 		}
-		w.Header().Set("link", fmt.Sprintf("<%s>;rel=up", ts.URL))
+		w.Header().Set("Link", fmt.Sprintf("<%s>;rel=up", ts.URL))
 		w.Write([]byte{count})
 	}))
 	defer ts.Close()
@@ -881,7 +881,7 @@ func TestFetchCertBreadth(t *testing.T) {
 	var ts *httptest.Server
 	ts = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		for i := 0; i < maxChainLen+1; i++ {
-			w.Header().Add("link", fmt.Sprintf("<%s>;rel=up", ts.URL))
+			w.Header().Add("Link", fmt.Sprintf("<%s>;rel=up", ts.URL))
 		}
 		w.Write([]byte{1})
 	}))
@@ -907,7 +907,7 @@ func TestFetchCertSize(t *testing.T) {
 func TestRevokeCert(t *testing.T) {
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Method == "HEAD" {
-			w.Header().Set("replay-nonce", "nonce")
+			w.Header().Set("Replay-Nonce", "nonce")
 			return
 		}
 
@@ -977,7 +977,7 @@ func TestNonce_fetch(t *testing.T) {
 		if r.Method != "HEAD" {
 			t.Errorf("%d: r.Method = %q; want HEAD", i, r.Method)
 		}
-		w.Header().Set("replay-nonce", tests[i].nonce)
+		w.Header().Set("Replay-Nonce", tests[i].nonce)
 		w.WriteHeader(tests[i].code)
 	}))
 	defer ts.Close()
@@ -1018,7 +1018,7 @@ func TestNonce_postJWS(t *testing.T) {
 	seen := make(map[string]bool)
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		count++
-		w.Header().Set("replay-nonce", fmt.Sprintf("nonce%d", count))
+		w.Header().Set("Replay-Nonce", fmt.Sprintf("nonce%d", count))
 		if r.Method == "HEAD" {
 			// We expect the client do a HEAD request
 			// but only to fetch the first nonce.
@@ -1072,7 +1072,7 @@ func TestRetryPostJWS(t *testing.T) {
 	var count int
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		count++
-		w.Header().Set("replay-nonce", fmt.Sprintf("nonce%d", count))
+		w.Header().Set("Replay-Nonce", fmt.Sprintf("nonce%d", count))
 		if r.Method == "HEAD" {
 			// We expect the client to do 2 head requests to fetch
 			// nonces, one to start and another after getting badNonce
diff --git a/vendor/golang.org/x/crypto/acme/autocert/autocert_test.go b/vendor/golang.org/x/crypto/acme/autocert/autocert_test.go
index 0352e340d..43a62011a 100644
--- a/vendor/golang.org/x/crypto/acme/autocert/autocert_test.go
+++ b/vendor/golang.org/x/crypto/acme/autocert/autocert_test.go
@@ -278,7 +278,7 @@ func startACMEServerStub(t *testing.T, man *Manager, domain string) (url string,
 	// ACME CA server stub
 	var ca *httptest.Server
 	ca = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("replay-nonce", "nonce")
+		w.Header().Set("Replay-Nonce", "nonce")
 		if r.Method == "HEAD" {
 			// a nonce request
 			return
@@ -295,7 +295,7 @@ func startACMEServerStub(t *testing.T, man *Manager, domain string) (url string,
 			w.Write([]byte("{}"))
 		// domain authorization
 		case "/new-authz":
-			w.Header().Set("location", ca.URL+"/authz/1")
+			w.Header().Set("Location", ca.URL+"/authz/1")
 			w.WriteHeader(http.StatusCreated)
 			if err := authzTmpl.Execute(w, ca.URL); err != nil {
 				t.Errorf("authzTmpl: %v", err)
@@ -326,7 +326,7 @@ func startACMEServerStub(t *testing.T, man *Manager, domain string) (url string,
 				t.Errorf("new-cert: dummyCert: %v", err)
 			}
 			chainUp := fmt.Sprintf("<%s/ca-cert>; rel=up", ca.URL)
-			w.Header().Set("link", chainUp)
+			w.Header().Set("Link", chainUp)
 			w.WriteHeader(http.StatusCreated)
 			w.Write(der)
 		// CA chain cert
diff --git a/vendor/golang.org/x/crypto/acme/autocert/cache_test.go b/vendor/golang.org/x/crypto/acme/autocert/cache_test.go
index 6e1b88d57..653b05bed 100644
--- a/vendor/golang.org/x/crypto/acme/autocert/cache_test.go
+++ b/vendor/golang.org/x/crypto/acme/autocert/cache_test.go
@@ -21,6 +21,7 @@ func TestDirCache(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
+	defer os.RemoveAll(dir)
 	dir = filepath.Join(dir, "certs") // a nonexistent dir
 	cache := DirCache(dir)
 	ctx := context.Background()
diff --git a/vendor/golang.org/x/crypto/acme/autocert/renewal_test.go b/vendor/golang.org/x/crypto/acme/autocert/renewal_test.go
index f232619c2..11d40ff5d 100644
--- a/vendor/golang.org/x/crypto/acme/autocert/renewal_test.go
+++ b/vendor/golang.org/x/crypto/acme/autocert/renewal_test.go
@@ -53,7 +53,7 @@ func TestRenewFromCache(t *testing.T) {
 	// ACME CA server stub
 	var ca *httptest.Server
 	ca = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("replay-nonce", "nonce")
+		w.Header().Set("Replay-Nonce", "nonce")
 		if r.Method == "HEAD" {
 			// a nonce request
 			return
@@ -70,7 +70,7 @@ func TestRenewFromCache(t *testing.T) {
 			w.Write([]byte("{}"))
 		// domain authorization
 		case "/new-authz":
-			w.Header().Set("location", ca.URL+"/authz/1")
+			w.Header().Set("Location", ca.URL+"/authz/1")
 			w.WriteHeader(http.StatusCreated)
 			w.Write([]byte(`{"status": "valid"}`))
 		// cert request
@@ -89,7 +89,7 @@ func TestRenewFromCache(t *testing.T) {
 				t.Fatalf("new-cert: dummyCert: %v", err)
 			}
 			chainUp := fmt.Sprintf("<%s/ca-cert>; rel=up", ca.URL)
-			w.Header().Set("link", chainUp)
+			w.Header().Set("Link", chainUp)
 			w.WriteHeader(http.StatusCreated)
 			w.Write(der)
 		// CA chain cert