forked from TrueCloudLab/certificates
Fix a couple of race conditions in the renewal of certificates.
This commit is contained in:
parent
99e5bf4782
commit
f21f07689e
2 changed files with 3 additions and 1 deletions
|
@ -40,7 +40,7 @@ func (c *mutableTLSConfig) Init(base *tls.Config) {
|
|||
// tls.Config GetConfigForClient.
|
||||
func (c *mutableTLSConfig) TLSConfig() (config *tls.Config) {
|
||||
c.RLock()
|
||||
config = c.config
|
||||
config = c.config.Clone()
|
||||
c.RUnlock()
|
||||
return
|
||||
}
|
||||
|
|
|
@ -80,7 +80,9 @@ func NewTLSRenewer(cert *tls.Certificate, fn RenewFunc, opts ...tlsRenewerOption
|
|||
func (r *TLSRenewer) Run() {
|
||||
cert := r.getCertificate()
|
||||
next := r.nextRenewDuration(cert.Leaf.NotAfter)
|
||||
r.Lock()
|
||||
r.timer = time.AfterFunc(next, r.renewCertificate)
|
||||
r.Unlock()
|
||||
}
|
||||
|
||||
// RunContext starts the certificate renewer for the given certificate.
|
||||
|
|
Loading…
Reference in a new issue