1// Copyright 2016 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package autocert 6 7import ( 8 "context" 9 "crypto" 10 "sync" 11 "time" 12) 13 14// renewJitter is the maximum deviation from Manager.RenewBefore. 15const renewJitter = time.Hour 16 17// domainRenewal tracks the state used by the periodic timers 18// renewing a single domain's cert. 19type domainRenewal struct { 20 m *Manager 21 ck certKey 22 key crypto.Signer 23 24 timerMu sync.Mutex 25 timer *time.Timer 26} 27 28// start starts a cert renewal timer at the time 29// defined by the certificate expiration time exp. 30// 31// If the timer is already started, calling start is a noop. 32func (dr *domainRenewal) start(exp time.Time) { 33 dr.timerMu.Lock() 34 defer dr.timerMu.Unlock() 35 if dr.timer != nil { 36 return 37 } 38 dr.timer = time.AfterFunc(dr.next(exp), dr.renew) 39} 40 41// stop stops the cert renewal timer. 42// If the timer is already stopped, calling stop is a noop. 43func (dr *domainRenewal) stop() { 44 dr.timerMu.Lock() 45 defer dr.timerMu.Unlock() 46 if dr.timer == nil { 47 return 48 } 49 dr.timer.Stop() 50 dr.timer = nil 51} 52 53// renew is called periodically by a timer. 54// The first renew call is kicked off by dr.start. 55func (dr *domainRenewal) renew() { 56 dr.timerMu.Lock() 57 defer dr.timerMu.Unlock() 58 if dr.timer == nil { 59 return 60 } 61 62 ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute) 63 defer cancel() 64 // TODO: rotate dr.key at some point? 65 next, err := dr.do(ctx) 66 if err != nil { 67 next = renewJitter / 2 68 next += time.Duration(pseudoRand.int63n(int64(next))) 69 } 70 dr.timer = time.AfterFunc(next, dr.renew) 71 testDidRenewLoop(next, err) 72} 73 74// updateState locks and replaces the relevant Manager.state item with the given 75// state. It additionally updates dr.key with the given state's key. 76func (dr *domainRenewal) updateState(state *certState) { 77 dr.m.stateMu.Lock() 78 defer dr.m.stateMu.Unlock() 79 dr.key = state.key 80 dr.m.state[dr.ck] = state 81} 82 83// do is similar to Manager.createCert but it doesn't lock a Manager.state item. 84// Instead, it requests a new certificate independently and, upon success, 85// replaces dr.m.state item with a new one and updates cache for the given domain. 86// 87// It may lock and update the Manager.state if the expiration date of the currently 88// cached cert is far enough in the future. 89// 90// The returned value is a time interval after which the renewal should occur again. 91func (dr *domainRenewal) do(ctx context.Context) (time.Duration, error) { 92 // a race is likely unavoidable in a distributed environment 93 // but we try nonetheless 94 if tlscert, err := dr.m.cacheGet(ctx, dr.ck); err == nil { 95 next := dr.next(tlscert.Leaf.NotAfter) 96 if next > dr.m.renewBefore()+renewJitter { 97 signer, ok := tlscert.PrivateKey.(crypto.Signer) 98 if ok { 99 state := &certState{ 100 key: signer, 101 cert: tlscert.Certificate, 102 leaf: tlscert.Leaf, 103 } 104 dr.updateState(state) 105 return next, nil 106 } 107 } 108 } 109 110 der, leaf, err := dr.m.authorizedCert(ctx, dr.key, dr.ck) 111 if err != nil { 112 return 0, err 113 } 114 state := &certState{ 115 key: dr.key, 116 cert: der, 117 leaf: leaf, 118 } 119 tlscert, err := state.tlscert() 120 if err != nil { 121 return 0, err 122 } 123 if err := dr.m.cachePut(ctx, dr.ck, tlscert); err != nil { 124 return 0, err 125 } 126 dr.updateState(state) 127 return dr.next(leaf.NotAfter), nil 128} 129 130func (dr *domainRenewal) next(expiry time.Time) time.Duration { 131 d := expiry.Sub(dr.m.now()) - dr.m.renewBefore() 132 // add a bit of randomness to renew deadline 133 n := pseudoRand.int63n(int64(renewJitter)) 134 d -= time.Duration(n) 135 if d < 0 { 136 return 0 137 } 138 return d 139} 140 141var testDidRenewLoop = func(next time.Duration, err error) {} 142