MCPcopy
hub / github.com/caddyserver/caddy / rotate

Method rotate

modules/caddytls/standardstek/stek.go:84–128  ·  view source on GitHub ↗

rotate rotates keys on a regular basis, sending each updated set of keys down keysChan, until doneChan is closed.

(doneChan <-chan struct{}, keysChan chan<- [][32]byte)

Source from the content-addressed store, hash-verified

82// rotate rotates keys on a regular basis, sending each updated set of
83// keys down keysChan, until doneChan is closed.
84func (s *standardSTEKProvider) rotate(doneChan <-chan struct{}, keysChan chan<- [][32]byte) {
85 defer func() {
86 if err := recover(); err != nil {
87 log.Printf("[PANIC] standard STEK rotation: %v\n%s", err, debug.Stack())
88 }
89 }()
90 for {
91 select {
92 case now := <-s.timer.C:
93 // copy the slice header to avoid races
94 mutex.RLock()
95 keysCopy := keys
96 mutex.RUnlock()
97
98 // generate a new key, rotating old ones
99 var err error
100 keysCopy, err = s.stekConfig.RotateSTEKs(keysCopy)
101 if err != nil {
102 // TODO: improve this handling
103 log.Printf("[ERROR] Generating STEK: %v", err)
104 continue
105 }
106
107 // replace keys slice with updated value and
108 // record the timestamp of rotation
109 mutex.Lock()
110 keys = keysCopy
111 lastRotation = now
112 mutex.Unlock()
113
114 // send the updated keys to the service
115 keysChan <- keysCopy
116
117 // timer channel is already drained, so reset directly (see godoc)
118 s.timer.Reset(time.Duration(s.stekConfig.RotationInterval))
119
120 case <-doneChan:
121 // again, see godocs for why timer is stopped this way
122 if !s.timer.Stop() {
123 <-s.timer.C
124 }
125 return
126 }
127 }
128}
129
130var (
131 lastRotation time.Time

Callers 1

NextMethod · 0.95

Calls 4

RotateSTEKsMethod · 0.80
DurationMethod · 0.80
ResetMethod · 0.65
StopMethod · 0.65

Tested by

no test coverage detected