Add config vars and wire them into cmd/boulder and cmd/boulder-wfe

2015-07-17 17:44:03 -07:00 · 2015-07-17 17:44:03 -07:00 · 6a2344e1bf
parent f08261edb5
commit 6a2344e1bf
8 changed files with 44 additions and 8 deletions
--- a/cmd/boulder-wfe/main.go
+++ b/cmd/boulder-wfe/main.go
@ -97,6 +97,15 @@ func main() {
 		wfe.Stats = stats
 		wfe.SubscriberAgreementURL = c.SubscriberAgreementURL

+		wfe.CertCacheDuration, err = time.ParseDuration(c.WFE.CertCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse certificate caching duration")
+		wfe.CertNoCacheExpirationWindow, err = time.ParseDuration(c.WFE.CertNoCacheExpirationWindow)
+		cmd.FailOnError(err, "Couldn't parse certificate expiration no-cache window")
+		wfe.IndexCacheDuration, err = time.ParseDuration(c.WFE.IndexCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse index caching duration")
+		wfe.IssuerCacheDuration, err = time.ParseDuration(c.WFE.IssuerCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse issuer caching duration")
+
 		wfe.IssuerCert, err = cmd.LoadCert(c.Common.IssuerCert)
 		cmd.FailOnError(err, fmt.Sprintf("Couldn't read issuer cert [%s]", c.Common.IssuerCert))

--- a/cmd/boulder/main.go
+++ b/cmd/boulder/main.go
@ -82,6 +82,15 @@ func main() {
 		cmd.FailOnError(err, "Unable to create SA")
 		sa.SetSQLDebug(c.SQL.SQLDebug)

+		wfei.CertCacheDuration, err = time.ParseDuration(c.WFE.CertCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse certificate caching duration")
+		wfei.CertNoCacheExpirationWindow, err = time.ParseDuration(c.WFE.CertNoCacheExpirationWindow)
+		cmd.FailOnError(err, "Couldn't parse certificate expiration no-cache window")
+		wfei.IndexCacheDuration, err = time.ParseDuration(c.WFE.IndexCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse index caching duration")
+		wfei.IssuerCacheDuration, err = time.ParseDuration(c.WFE.IssuerCacheDuration)
+		cmd.FailOnError(err, "Couldn't parse issuer caching duration")
+
 		ra := ra.NewRegistrationAuthorityImpl()

 		va := va.NewValidationAuthorityImpl(c.CA.TestMode)
--- a/cmd/shell.go
+++ b/cmd/shell.go
@ -73,6 +73,11 @@ type Config struct {
 		BaseURL       string
 		ListenAddress string

+		CertCacheDuration           string
+		CertNoCacheExpirationWindow string
+		IndexCacheDuration          string
+		IssuerCacheDuration         string
+
 		// DebugAddr is the address to run the /debug handlers on.
 		DebugAddr string
 	}
--- a/test/boulder-config.json
+++ b/test/boulder-config.json
@ -37,6 +37,10 @@

  "wfe": {
    "listenAddress": "127.0.0.1:4000",
+    "certCacheDuration": "6h",
+    "certNoCacheExpirationWindow": "96h",
+    "indexCacheDuration": "24h",
+    "issuerCacheDuration": "48h",
    "debugAddr": "localhost:8000"
  },

--- a/test/boulder-pkcs11-example-config.json
+++ b/test/boulder-pkcs11-example-config.json
@ -32,6 +32,10 @@

  "wfe": {
    "listenAddress": "127.0.0.1:4000",
+    "certCacheDuration": "6h",
+    "certNoCacheExpirationWindow": "96h",
+    "indexCacheDuration": "24h",
+    "issuerCacheDuration": "48h",
    "debugAddr": "localhost:8000"
  },

--- a/test/boulder-test-config.json
+++ b/test/boulder-test-config.json
@ -32,6 +32,10 @@

  "wfe": {
    "listenAddress": "127.0.0.1:4300",
+    "certCacheDuration": "6h",
+    "certNoCacheExpirationWindow": "96h",
+    "indexCacheDuration": "24h",
+    "issuerCacheDuration": "48h",
    "debugAddr": "localhost:8000"
  },

--- a/wfe/web-front-end.go
+++ b/wfe/web-front-end.go
@ -68,10 +68,10 @@ type WebFrontEndImpl struct {
 	nonceService core.NonceService

 	// Cache settings
-	CertCacheDuration         time.Duration
-	CertCacheExpirationWindow time.Duration
-	IssuerCacheDuration       time.Duration
-	IndexCacheDuration        time.Duration
+	CertCacheDuration           time.Duration
+	CertNoCacheExpirationWindow time.Duration
+	IndexCacheDuration          time.Duration
+	IssuerCacheDuration         time.Duration
 }

 func statusCodeFromError(err interface{}) int {
@ -1015,7 +1015,7 @@ func (wfe *WebFrontEndImpl) Certificate(response http.ResponseWriter, request *h
 		}

 		// Set cache-control header if certificate NotAfter is > time.Now().Add(-WFE.CertCacheExpirationWindow)
-		if time.Now().Add(-wfe.CertCacheExpirationWindow).After(cert.Expires) {
+		if time.Now().Add(-wfe.CertNoCacheExpirationWindow).After(cert.Expires) {
 			response.Header().Add("Cache-Control", fmt.Sprintf("public, max-age=%.f", wfe.CertCacheDuration.Seconds()))
 		} else {
 			response.Header().Add("Cache-Control", "public, max-age=0, no-cache")
--- a/wfe/web-front-end_test.go
+++ b/wfe/web-front-end_test.go
@ -1053,13 +1053,14 @@ func TestIssuer(t *testing.T) {
 func TestGetCertificate(t *testing.T) {
 	wfe := setupWFE(t)
 	wfe.CertCacheDuration = time.Second * 10
-	wfe.CertCacheExpirationWindow = time.Hour * 24 * 7
+	wfe.CertNoCacheExpirationWindow = time.Hour * 24 * 7
 	wfe.SA = &MockSA{}

-	responseWriter := httptest.NewRecorder()
-
 	certPemBytes, _ := ioutil.ReadFile("test/178.crt")
 	certBlock, _ := pem.Decode(certPemBytes)
+
+	responseWriter := httptest.NewRecorder()
+
 	path, _ := url.Parse("/acme/cert/00000000000000b2")
 	wfe.Certificate(responseWriter, &http.Request{
 		Method: "GET",