Protect acmeCache.config with atomic.Value

GetConfigForCert can be called from multiple goroutines.
This commit is contained in:
Simon Ser 2021-02-18 18:20:47 +01:00
parent 649ef6f327
commit c5d8549b09
1 changed files with 3 additions and 3 deletions

View File

@ -20,7 +20,7 @@ import (
const tlsHandshakeTimeout = 20 * time.Second
type acmeCache struct {
config *certmagic.Config
config atomic.Value
cache *certmagic.Cache
}
@ -28,7 +28,7 @@ func newACMECache() *acmeCache {
cache := &acmeCache{}
cache.cache = certmagic.NewCache(certmagic.CacheOptions{
GetConfigForCert: func(certmagic.Certificate) (*certmagic.Config, error) {
return cache.config, nil
return cache.config.Load().(*certmagic.Config), nil
},
})
return cache
@ -87,7 +87,7 @@ func (srv *Server) startACME() error {
srv.ACMEConfig.Issuers = []certmagic.Issuer{srv.ACMEManager}
srv.acmeCache.config = srv.ACMEConfig
srv.acmeCache.config.Store(srv.ACMEConfig)
for _, cert := range srv.UnmanagedCerts {
if err := srv.ACMEConfig.CacheUnmanagedTLSCertificate(cert, nil); err != nil {