diff --git a/ca/crl.go b/ca/crl.go index 8b4ca6ba6..70af76402 100644 --- a/ca/crl.go +++ b/ca/crl.go @@ -81,7 +81,7 @@ func (ci *crlImpl) GenerateCRL(stream capb.CRLGenerator_GenerateCRLServer) error return fmt.Errorf("got unrecognized IssuerNameID: %d", payload.Metadata.IssuerNameID) } - shard = payload.Metadata.Shard + shard = payload.Metadata.ShardIdx case *capb.GenerateCRLRequest_Entry: rc, err := ci.entryToRevokedCertificate(payload.Entry) diff --git a/ca/proto/ca.pb.go b/ca/proto/ca.pb.go index 21b51d584..349538bce 100644 --- a/ca/proto/ca.pb.go +++ b/ca/proto/ca.pb.go @@ -424,7 +424,7 @@ type CRLMetadata struct { IssuerNameID int64 `protobuf:"varint,1,opt,name=issuerNameID,proto3" json:"issuerNameID,omitempty"` ThisUpdate int64 `protobuf:"varint,2,opt,name=thisUpdate,proto3" json:"thisUpdate,omitempty"` // Unix timestamp (nanoseconds), also used for CRLNumber. - Shard int64 `protobuf:"varint,3,opt,name=shard,proto3" json:"shard,omitempty"` + ShardIdx int64 `protobuf:"varint,3,opt,name=shardIdx,proto3" json:"shardIdx,omitempty"` } func (x *CRLMetadata) Reset() { @@ -473,9 +473,9 @@ func (x *CRLMetadata) GetThisUpdate() int64 { return 0 } -func (x *CRLMetadata) GetShard() int64 { +func (x *CRLMetadata) GetShardIdx() int64 { if x != nil { - return x.Shard + return x.ShardIdx } return 0 } @@ -573,52 +573,52 @@ var file_ca_proto_rawDesc = []byte{ 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x26, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x52, 0x4c, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x48, 0x00, 0x52, 0x05, 0x65, 0x6e, 0x74, - 0x72, 0x79, 0x42, 0x09, 0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0x67, 0x0a, + 0x72, 0x79, 0x42, 0x09, 0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0x6d, 0x0a, 0x0b, 0x43, 0x52, 0x4c, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x22, 0x0a, 0x0c, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0c, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x49, 0x44, 0x12, 0x1e, 0x0a, 0x0a, 0x74, 0x68, 0x69, 0x73, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0a, 0x74, 0x68, 0x69, 0x73, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x12, 0x14, 0x0a, 0x05, 0x73, 0x68, 0x61, 0x72, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, - 0x05, 0x73, 0x68, 0x61, 0x72, 0x64, 0x22, 0x2b, 0x0a, 0x13, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, - 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, - 0x05, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x63, 0x68, - 0x75, 0x6e, 0x6b, 0x32, 0xd8, 0x02, 0x0a, 0x14, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, - 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x55, 0x0a, 0x13, - 0x49, 0x73, 0x73, 0x75, 0x65, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, - 0x61, 0x74, 0x65, 0x12, 0x1b, 0x2e, 0x63, 0x61, 0x2e, 0x49, 0x73, 0x73, 0x75, 0x65, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x1f, 0x2e, 0x63, 0x61, 0x2e, 0x49, 0x73, 0x73, 0x75, 0x65, 0x50, 0x72, 0x65, 0x63, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x22, 0x00, 0x12, 0x66, 0x0a, 0x21, 0x49, 0x73, 0x73, 0x75, 0x65, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x46, 0x6f, 0x72, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, - 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x2c, 0x2e, 0x63, 0x61, 0x2e, 0x49, 0x73, - 0x73, 0x75, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x46, 0x6f, - 0x72, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x11, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x22, 0x00, 0x12, 0x3b, 0x0a, 0x0c, 0x47, - 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, 0x50, 0x12, 0x17, 0x2e, 0x63, 0x61, - 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, 0x50, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x63, 0x61, 0x2e, 0x4f, 0x43, 0x53, 0x50, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x44, 0x0a, 0x0b, 0x47, 0x65, 0x6e, 0x65, - 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x12, 0x16, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, - 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x32, 0x4c, - 0x0a, 0x0d, 0x4f, 0x43, 0x53, 0x50, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, - 0x3b, 0x0a, 0x0c, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, 0x50, 0x12, - 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, - 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x63, 0x61, 0x2e, 0x4f, 0x43, - 0x53, 0x50, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x32, 0x54, 0x0a, 0x0c, - 0x43, 0x52, 0x4c, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x44, 0x0a, 0x0b, - 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x12, 0x16, 0x2e, 0x63, 0x61, - 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x1a, 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, - 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, - 0x30, 0x01, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, - 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x63, 0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x68, 0x61, 0x72, 0x64, 0x49, 0x64, 0x78, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x03, 0x52, 0x08, 0x73, 0x68, 0x61, 0x72, 0x64, 0x49, 0x64, 0x78, 0x22, 0x2b, 0x0a, 0x13, + 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0c, 0x52, 0x05, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x32, 0xd8, 0x02, 0x0a, 0x14, 0x43, 0x65, + 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x74, 0x79, 0x12, 0x55, 0x0a, 0x13, 0x49, 0x73, 0x73, 0x75, 0x65, 0x50, 0x72, 0x65, 0x63, 0x65, + 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1b, 0x2e, 0x63, 0x61, 0x2e, 0x49, + 0x73, 0x73, 0x75, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x63, 0x61, 0x2e, 0x49, 0x73, 0x73, 0x75, + 0x65, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x66, 0x0a, 0x21, 0x49, 0x73, 0x73, + 0x75, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x46, 0x6f, 0x72, + 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x2c, + 0x2e, 0x63, 0x61, 0x2e, 0x49, 0x73, 0x73, 0x75, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, + 0x63, 0x61, 0x74, 0x65, 0x46, 0x6f, 0x72, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, + 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x11, 0x2e, 0x63, + 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x22, + 0x00, 0x12, 0x3b, 0x0a, 0x0c, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, + 0x50, 0x12, 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x4f, + 0x43, 0x53, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, 0x2e, 0x63, 0x61, 0x2e, + 0x4f, 0x43, 0x53, 0x50, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x44, + 0x0a, 0x0b, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x12, 0x16, 0x2e, + 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, + 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, + 0x28, 0x01, 0x30, 0x01, 0x32, 0x4c, 0x0a, 0x0d, 0x4f, 0x43, 0x53, 0x50, 0x47, 0x65, 0x6e, 0x65, + 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x3b, 0x0a, 0x0c, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, + 0x65, 0x4f, 0x43, 0x53, 0x50, 0x12, 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, + 0x61, 0x74, 0x65, 0x4f, 0x43, 0x53, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x10, + 0x2e, 0x63, 0x61, 0x2e, 0x4f, 0x43, 0x53, 0x50, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x00, 0x32, 0x54, 0x0a, 0x0c, 0x43, 0x52, 0x4c, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, + 0x6f, 0x72, 0x12, 0x44, 0x0a, 0x0b, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, + 0x4c, 0x12, 0x16, 0x2e, 0x63, 0x61, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, + 0x52, 0x4c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x17, 0x2e, 0x63, 0x61, 0x2e, 0x47, + 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x43, 0x52, 0x4c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, + 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x63, 0x61, 0x2f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/ca/proto/ca.proto b/ca/proto/ca.proto index 255e3c4f4..899d05801 100644 --- a/ca/proto/ca.proto +++ b/ca/proto/ca.proto @@ -67,7 +67,7 @@ message GenerateCRLRequest { message CRLMetadata { int64 issuerNameID = 1; int64 thisUpdate = 2; // Unix timestamp (nanoseconds), also used for CRLNumber. - int64 shard = 3; + int64 shardIdx = 3; } message GenerateCRLResponse { diff --git a/crl/updater/updater.go b/crl/updater/updater.go index 485ec7628..8183d2107 100644 --- a/crl/updater/updater.go +++ b/crl/updater/updater.go @@ -206,40 +206,40 @@ func (cu *crlUpdater) tickIssuer(ctx context.Context, atTime time.Time, issuerID cu.log.Debugf("Ticking issuer %d at time %s", issuerID, atTime) type shardResult struct { - shardID int - err error + shardIdx int + err error } shardWorker := func(in <-chan int, out chan<- shardResult) { - for id := range in { + for idx := range in { select { case <-ctx.Done(): return default: out <- shardResult{ - shardID: id, - err: cu.tickShard(ctx, atTime, issuerID, id), + shardIdx: idx, + err: cu.tickShard(ctx, atTime, issuerID, idx), } } } } - shardIDs := make(chan int, cu.numShards) + shardIdxs := make(chan int, cu.numShards) shardResults := make(chan shardResult, cu.numShards) for i := 0; i < cu.maxParallelism; i++ { - go shardWorker(shardIDs, shardResults) + go shardWorker(shardIdxs, shardResults) } for shardID := 0; shardID < cu.numShards; shardID++ { - shardIDs <- shardID + shardIdxs <- shardID } - close(shardIDs) + close(shardIdxs) for i := 0; i < cu.numShards; i++ { res := <-shardResults if res.err != nil { result = "failed" - return fmt.Errorf("updating shard %d: %w", res.shardID, res.err) + return fmt.Errorf("updating shard %d: %w", res.shardIdx, res.err) } } @@ -248,16 +248,16 @@ func (cu *crlUpdater) tickIssuer(ctx context.Context, atTime time.Time, issuerID return nil } -func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID issuance.IssuerNameID, shardID int) error { +func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID issuance.IssuerNameID, shardIdx int) error { start := cu.clk.Now() result := "success" defer func() { cu.tickHistogram.WithLabelValues(cu.issuers[issuerID].Subject.CommonName, result).Observe(cu.clk.Since(start).Seconds()) cu.generatedCounter.WithLabelValues(result).Inc() }() - cu.log.Debugf("Ticking shard %d of issuer %d at time %s", shardID, issuerID, atTime) + cu.log.Debugf("Ticking shard %d of issuer %d at time %s", shardIdx, issuerID, atTime) - expiresAfter, expiresBefore := cu.getShardBoundaries(atTime, shardID) + expiresAfter, expiresBefore := cu.getShardBoundaries(atTime, shardIdx) saStream, err := cu.sa.GetRevokedCerts(ctx, &sapb.GetRevokedCertsRequest{ IssuerNameID: int64(issuerID), @@ -267,13 +267,13 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID }) if err != nil { result = "failed" - return fmt.Errorf("connecting to SA for shard %d: %w", shardID, err) + return fmt.Errorf("connecting to SA for shard %d: %w", shardIdx, err) } caStream, err := cu.ca.GenerateCRL(ctx) if err != nil { result = "failed" - return fmt.Errorf("connecting to CA for shard %d: %w", shardID, err) + return fmt.Errorf("connecting to CA for shard %d: %w", shardIdx, err) } err = caStream.Send(&capb.GenerateCRLRequest{ @@ -281,13 +281,13 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID Metadata: &capb.CRLMetadata{ IssuerNameID: int64(issuerID), ThisUpdate: atTime.UnixNano(), - Shard: int64(shardID), + ShardIdx: int64(shardIdx), }, }, }) if err != nil { result = "failed" - return fmt.Errorf("sending CA metadata for shard %d: %w", shardID, err) + return fmt.Errorf("sending CA metadata for shard %d: %w", shardIdx, err) } for { @@ -297,7 +297,7 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID break } result = "failed" - return fmt.Errorf("retrieving entry from SA for shard %d: %w", shardID, err) + return fmt.Errorf("retrieving entry from SA for shard %d: %w", shardIdx, err) } err = caStream.Send(&capb.GenerateCRLRequest{ @@ -307,7 +307,7 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID }) if err != nil { result = "failed" - return fmt.Errorf("sending entry to CA for shard %d: %w", shardID, err) + return fmt.Errorf("sending entry to CA for shard %d: %w", shardIdx, err) } } @@ -317,7 +317,7 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID err = caStream.CloseSend() if err != nil { result = "failed" - return fmt.Errorf("closing CA request stream for shard %d: %w", shardID, err) + return fmt.Errorf("closing CA request stream for shard %d: %w", shardIdx, err) } // TODO(#6162): Connect to the crl-storer, and stream the bytes there. @@ -330,7 +330,7 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID break } result = "failed" - return fmt.Errorf("receiving CRL bytes for shard %d: %w", shardID, err) + return fmt.Errorf("receiving CRL bytes for shard %d: %w", shardIdx, err) } crlBytes = append(crlBytes, out.Chunk...) @@ -340,7 +340,7 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID crlHash := crlHasher.Sum(nil) cu.log.AuditInfof( "Received CRL: issuerID=[%d] number=[%d] shard=[%d] size=[%d] hash=[%x]", - issuerID, atTime.UnixNano(), shardID, len(crlBytes), crlHash) + issuerID, atTime.UnixNano(), shardIdx, len(crlBytes), crlHash) return nil } @@ -390,9 +390,9 @@ func (cu *crlUpdater) tickShard(ctx context.Context, atTime time.Time, issuerID // there is a buffer of at least one whole chunk width between the actual // furthest-future expiration (generally atTime+90d) and the right-hand edge of // the window (atTime+lookforwardPeriod). -func (cu *crlUpdater) getShardBoundaries(atTime time.Time, shardID int) (time.Time, time.Time) { - // Ensure that the given shardID falls within the space of acceptable IDs. - shardID = shardID % cu.numShards +func (cu *crlUpdater) getShardBoundaries(atTime time.Time, shardIdx int) (time.Time, time.Time) { + // Ensure that the given shard index falls within the space of acceptable indices. + shardIdx = shardIdx % cu.numShards // Compute the width of the full window. windowWidth := cu.lookbackPeriod + cu.lookforwardPeriod @@ -406,10 +406,10 @@ func (cu *crlUpdater) getShardBoundaries(atTime time.Time, shardID int) (time.Ti shardWidth := time.Duration(windowWidth.Nanoseconds() / int64(cu.numShards)) // Compute the amount of time between the left-hand edge of the most recent // "0" chunk and the left-hand edge of the desired chunk. - shardOffset := time.Duration(int64(shardID) * shardWidth.Nanoseconds()) - // Compute the left-hand edge of the most recent chunk with the given ID. + shardOffset := time.Duration(int64(shardIdx) * shardWidth.Nanoseconds()) + // Compute the left-hand edge of the most recent chunk with the given index. shardStart := zeroStart.Add(shardOffset) - // Compute the right-hand edge of the most recent chunk with the given ID. + // Compute the right-hand edge of the most recent chunk with the given index. shardEnd := shardStart.Add(shardWidth) // But the shard boundaries we just computed might be for a chunk that is diff --git a/issuance/issuance.go b/issuance/issuance.go index 35bfb2262..4fcad19a9 100644 --- a/issuance/issuance.go +++ b/issuance/issuance.go @@ -345,8 +345,6 @@ type IssuerID int64 // both CA and end-entity certs to link them together into a validation chain. // It is computed as a truncated hash over the issuer Subject Name bytes, or // over the end-entity's Issuer Name bytes, which are required to be equal. -// TODO(#5152): Rename this "IssuerID" when we've fully deprecated the old-style -// IssuerIDs and replaced them with NameIDs. type IssuerNameID int64 // Certificate embeds an *x509.Certificate and represents the added semantics