Skip to content

Commit

Permalink
Rename file; use new RNG source with mutex
Browse files Browse the repository at this point in the history
  • Loading branch information
@mholt
mholt committed Jun 20, 2023
1 parent 5ae23ac commit 979a0e3
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 7 deletions.
18 changes: 11 additions & 7 deletions client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,6 @@ import (
"golang.org/x/net/idna"
)

func init() {
weakrand.Seed(time.Now().UnixNano())
}

// Client is a high-level API for ACME operations. It wraps
// a lower-level ACME client with useful functions to make
// common flows easier, especially for the issuance of
Expand Down Expand Up @@ -346,10 +342,12 @@ func (c *Client) getAuthzObjects(ctx context.Context, account acme.Account, orde
preferredChallenges.addUnique(chal.Type)
}
if preferredWasEmpty {
weakrand.Shuffle(len(preferredChallenges), func(i, j int) {
randomSourceMu.Lock()
randomSource.Shuffle(len(preferredChallenges), func(i, j int) {
preferredChallenges[i], preferredChallenges[j] =
preferredChallenges[j], preferredChallenges[i]
})
randomSourceMu.Unlock()
}
preferredChallengesMu.Unlock()

Expand Down Expand Up @@ -796,9 +794,15 @@ type retryableErr struct{ error }

func (re retryableErr) Unwrap() error { return re.error }

// Keep a list of challenges we've seen offered by servers,
// and prefer keep an ordered list of
// Keep a list of challenges we've seen offered by servers, ordered by success rate.
var (
preferredChallenges challengeTypes
preferredChallengesMu sync.Mutex
)

// Best practice is to avoid the default RNG source and seed our own;
// custom sources are not safe for concurrent use, hence the mutex.
var (
randomSource = weakrand.New(weakrand.NewSource(time.Now().UnixNano()))
randomSourceMu sync.Mutex
)
14 changes: 14 additions & 0 deletions certificate_request.go → csr.go
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
// Copyright 2020 Matthew Holt
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package acmez

import (
Expand Down

0 comments on commit 979a0e3

Please sign in to comment.