Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix a couple of race conditions in the renewal of certificates.

Browse Source
pull/166/head^2
Mariano Cano 4 years ago committed by max furman
parent df60fe3f0d
commit 3d6a18180e
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
ca/mutable_tls_config.go
Unescape Escape View File

@ -40,7 +40,7 @@ func (c *mutableTLSConfig) Init(base *tls.Config) {
// tls.Config GetConfigForClient. // tls.Config GetConfigForClient.
func (c *mutableTLSConfig) TLSConfig() (config *tls.Config) { func (c *mutableTLSConfig) TLSConfig() (config *tls.Config) {
c.RLock() c.RLock()
config = c.config config = c.config.Clone()
c.RUnlock() c.RUnlock()
return return
} }

2
ca/renew.go
Unescape Escape View File

@ -80,7 +80,9 @@ func NewTLSRenewer(cert *tls.Certificate, fn RenewFunc, opts ...tlsRenewerOption
func (r *TLSRenewer) Run() { func (r *TLSRenewer) Run() {
cert := r.getCertificate() cert := r.getCertificate()
next := r.nextRenewDuration(cert.Leaf.NotAfter) next := r.nextRenewDuration(cert.Leaf.NotAfter)
r.Lock()
r.timer = time.AfterFunc(next, r.renewCertificate) r.timer = time.AfterFunc(next, r.renewCertificate)
r.Unlock()
} }
// RunContext starts the certificate renewer for the given certificate. // RunContext starts the certificate renewer for the given certificate.

Write Preview
Loading…
Cancel
Save