boulder/ocsp/responder/live
Jacob Hoffman-Andrews fe2cf7d136
ocsp: add load shedding for live signer (#6523)
In live.go we use a semaphore to limit how many inflight signing
requests we can have, so a flood of OCSP traffic doesn't flood our CA
instances. If traffic exceeds our capacity to sign responses for long
enough, we want to eventually start fast-rejecting inbound requests that
are unlikely to get serviced before their deadline is reached. To do
that, add a MaxSigningWaiters config field to the OCSP responder.

Note that the files in //semaphore are forked from x/sync/semaphore,
with modifications to add the MaxWaiters field and functionality.

Fixes #6392
2022-12-12 15:48:44 -08:00
..
live.go ocsp: add load shedding for live signer (#6523) 2022-12-12 15:48:44 -08:00
live_test.go ocsp: add load shedding for live signer (#6523) 2022-12-12 15:48:44 -08:00