letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Protect report entries map with mutex to prevent concurrent writes causing a bad map state

This commit is contained in:
Roland Shoemaker 2015-09-02 17:45:19 -07:00
parent d5599c47c3
commit 961231ba48
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/cert-checker/main.go
View File

@ -70,8 +70,9 @@ type certChecker struct {
pa core.PolicyAuthority pa core.PolicyAuthority
dbMap *gorp.DbMap dbMap *gorp.DbMap
certs chan core.Certificate certs chan core.Certificate
issuedReport report
clock clock.Clock clock clock.Clock
rMu *sync.Mutex
issuedReport report
} }
func newChecker(saDbMap *gorp.DbMap, paDbMap *gorp.DbMap, enforceWhitelist bool) certChecker { func newChecker(saDbMap *gorp.DbMap, paDbMap *gorp.DbMap, enforceWhitelist bool) certChecker {
@ -82,8 +83,10 @@ func newChecker(saDbMap *gorp.DbMap, paDbMap *gorp.DbMap, enforceWhitelist bool)
dbMap: saDbMap, dbMap: saDbMap,
certs: make(chan core.Certificate, batchSize), certs: make(chan core.Certificate, batchSize),
clock: clock.Default(), clock: clock.Default(),
rMu: new(sync.Mutex),
} }
c.issuedReport.Entries = make(map[string]reportEntry) c.issuedReport.Entries = make(map[string]reportEntry)
return c return c
} }
@ -130,10 +133,12 @@ func (c *certChecker) processCerts(wg *sync.WaitGroup) {
for cert := range c.certs { for cert := range c.certs {
problems := c.checkCert(cert) problems := c.checkCert(cert)
valid := len(problems) == 0 valid := len(problems) == 0
c.rMu.Lock()
c.issuedReport.Entries[cert.Serial] = reportEntry{ c.issuedReport.Entries[cert.Serial] = reportEntry{
Valid: valid, Valid: valid,
Problems: problems, Problems: problems,
} }
c.rMu.Unlock()
if !valid { if !valid {
atomic.AddInt64(&c.issuedReport.BadCerts, 1) atomic.AddInt64(&c.issuedReport.BadCerts, 1)
} else { } else {