mirror of
https://git.sr.ht/~emersion/tlstunnel
synced 2024-11-19 15:53:50 +01:00
Protect acmeCache.config with atomic.Value
GetConfigForCert can be called from multiple goroutines.
This commit is contained in:
parent
649ef6f327
commit
c5d8549b09
@ -20,7 +20,7 @@ import (
|
|||||||
const tlsHandshakeTimeout = 20 * time.Second
|
const tlsHandshakeTimeout = 20 * time.Second
|
||||||
|
|
||||||
type acmeCache struct {
|
type acmeCache struct {
|
||||||
config *certmagic.Config
|
config atomic.Value
|
||||||
cache *certmagic.Cache
|
cache *certmagic.Cache
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -28,7 +28,7 @@ func newACMECache() *acmeCache {
|
|||||||
cache := &acmeCache{}
|
cache := &acmeCache{}
|
||||||
cache.cache = certmagic.NewCache(certmagic.CacheOptions{
|
cache.cache = certmagic.NewCache(certmagic.CacheOptions{
|
||||||
GetConfigForCert: func(certmagic.Certificate) (*certmagic.Config, error) {
|
GetConfigForCert: func(certmagic.Certificate) (*certmagic.Config, error) {
|
||||||
return cache.config, nil
|
return cache.config.Load().(*certmagic.Config), nil
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
return cache
|
return cache
|
||||||
@ -87,7 +87,7 @@ func (srv *Server) startACME() error {
|
|||||||
|
|
||||||
srv.ACMEConfig.Issuers = []certmagic.Issuer{srv.ACMEManager}
|
srv.ACMEConfig.Issuers = []certmagic.Issuer{srv.ACMEManager}
|
||||||
|
|
||||||
srv.acmeCache.config = srv.ACMEConfig
|
srv.acmeCache.config.Store(srv.ACMEConfig)
|
||||||
|
|
||||||
for _, cert := range srv.UnmanagedCerts {
|
for _, cert := range srv.UnmanagedCerts {
|
||||||
if err := srv.ACMEConfig.CacheUnmanagedTLSCertificate(cert, nil); err != nil {
|
if err := srv.ACMEConfig.CacheUnmanagedTLSCertificate(cert, nil); err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user