fix: double close chan on TLS challenge

Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com>
This commit is contained in:
Ludovic Fernandez 2021-03-08 11:18:04 +01:00 committed by GitHub
parent 3c8675bb8b
commit 09d5f59701
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -63,27 +63,24 @@ func (c *ChallengeTLSALPN) Present(domain, _, keyAuth string) error {
timer := time.NewTimer(c.Timeout) timer := time.NewTimer(c.Timeout)
var errC error
select { select {
case t := <-timer.C: case t := <-timer.C:
timer.Stop() timer.Stop()
close(c.chans[string(certPEMBlock)])
c.muChans.Lock()
c.cleanChan(string(certPEMBlock))
c.muChans.Unlock()
err = c.CleanUp(domain, "", keyAuth) err = c.CleanUp(domain, "", keyAuth)
if err != nil { if err != nil {
logger.Errorf("Failed to clean up TLS challenge: %v", err) logger.Errorf("Failed to clean up TLS challenge: %v", err)
} }
errC = fmt.Errorf("timeout %s", t) return fmt.Errorf("timeout %s", t)
case <-ch: case <-ch:
// noop // noop
return nil
} }
c.muChans.Lock()
delete(c.chans, string(certPEMBlock))
c.muChans.Unlock()
return errC
} }
// CleanUp cleans the challenges when certificate is obtained. // CleanUp cleans the challenges when certificate is obtained.
@ -115,17 +112,24 @@ func (c *ChallengeTLSALPN) Provide(configurationChan chan<- dynamic.Message, _ *
// ListenConfiguration sets a new Configuration into the configurationChan. // ListenConfiguration sets a new Configuration into the configurationChan.
func (c *ChallengeTLSALPN) ListenConfiguration(conf dynamic.Configuration) { func (c *ChallengeTLSALPN) ListenConfiguration(conf dynamic.Configuration) {
c.muChans.Lock()
for _, certificate := range conf.TLS.Certificates { for _, certificate := range conf.TLS.Certificates {
if !containsACMETLS1(certificate.Stores) { if !containsACMETLS1(certificate.Stores) {
continue continue
} }
c.muChans.Lock() c.cleanChan(certificate.CertFile.String())
if _, ok := c.chans[certificate.CertFile.String()]; ok {
close(c.chans[certificate.CertFile.String()])
} }
c.muChans.Unlock() c.muChans.Unlock()
} }
func (c *ChallengeTLSALPN) cleanChan(key string) {
if _, ok := c.chans[key]; ok {
close(c.chans[key])
delete(c.chans, key)
}
} }
func createMessage(certs map[string]*Certificate) dynamic.Message { func createMessage(certs map[string]*Certificate) dynamic.Message {