boulder

History

Jacob Hoffman-Andrews 29724cb0b7 ocsp/responder: update Redis source to use live signing (#6207 ) This enables ocsp-responder to talk to the RA and request freshly signed OCSP responses. ocsp/responder/redis_source is moved to ocsp/responder/redis/redis_source.go and significantly modified. Instead of assuming a response is always available in Redis, it wraps a live-signing source. When a response is not available, it attempts a live signing. If live signing succeeds, the Redis responder returns the result right away and attempts to write a copy to Redis on a goroutine using a background context. To make things more efficient, I eliminate an unneeded ocsp.ParseResponse from the storage path. And I factored out a FakeResponse helper to make the unittests more manageable. Commits should be reviewable one-by-one. Fixes #6191	2022-07-18 10:47:14 -07:00
..
response.go	ocsp/responder: update Redis source to use live signing (#6207 )	2022-07-18 10:47:14 -07:00

Jacob Hoffman-Andrews 29724cb0b7

ocsp/responder: update Redis source to use live signing (#6207 )

This enables ocsp-responder to talk to the RA and request freshly signed
OCSP responses.

ocsp/responder/redis_source is moved to ocsp/responder/redis/redis_source.go
and significantly modified. Instead of assuming a response is always available
in Redis, it wraps a live-signing source. When a response is not available,
it attempts a live signing.

If live signing succeeds, the Redis responder returns the result right away
and attempts to write a copy to Redis on a goroutine using a background
context.

To make things more efficient, I eliminate an unneeded ocsp.ParseResponse
from the storage path. And I factored out a FakeResponse helper to make
the unittests more manageable.

Commits should be reviewable one-by-one.

Fixes #6191

2022-07-18 10:47:14 -07:00

response.go

ocsp/responder: update Redis source to use live signing (#6207 )

2022-07-18 10:47:14 -07:00