From c0c7437fa5b8e91c0ed12a118a52f36f056b4c83 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Mon, 28 Aug 2017 19:21:17 -0600 Subject: [PATCH] caddytls: Fix data race in test (close #1844) The race was in the test only; not in the production code --- caddytls/crypto.go | 13 +++++++++---- caddytls/crypto_test.go | 9 ++++++--- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/caddytls/crypto.go b/caddytls/crypto.go index 14914eee..bdf13afa 100644 --- a/caddytls/crypto.go +++ b/caddytls/crypto.go @@ -21,6 +21,7 @@ import ( "net" "os" "path/filepath" + "sync" "time" "golang.org/x/crypto/ocsp" @@ -243,8 +244,9 @@ func RotateSessionTicketKeys(cfg *tls.Config) chan struct{} { // Functions that may be swapped out for testing var ( - runTLSTicketKeyRotation = standaloneTLSTicketKeyRotation - setSessionTicketKeysTestHook = func(keys [][32]byte) [][32]byte { return keys } + runTLSTicketKeyRotation = standaloneTLSTicketKeyRotation + setSessionTicketKeysTestHook = func(keys [][32]byte) [][32]byte { return keys } + setSessionTicketKeysTestHookMu sync.Mutex ) // standaloneTLSTicketKeyRotation governs over the array of TLS ticket keys used to de/crypt TLS tickets. @@ -271,7 +273,10 @@ func standaloneTLSTicketKeyRotation(c *tls.Config, ticker *time.Ticker, exitChan c.SessionTicketsDisabled = true // bail if we don't have the entropy for the first one return } - c.SetSessionTicketKeys(setSessionTicketKeysTestHook(keys)) + setSessionTicketKeysTestHookMu.Lock() + setSessionTicketKeysHook := setSessionTicketKeysTestHook + setSessionTicketKeysTestHookMu.Unlock() + c.SetSessionTicketKeys(setSessionTicketKeysHook(keys)) for { select { @@ -298,7 +303,7 @@ func standaloneTLSTicketKeyRotation(c *tls.Config, ticker *time.Ticker, exitChan keys[0] = newTicketKey } // pushes the last key out, doesn't matter that we don't have a new one - c.SetSessionTicketKeys(setSessionTicketKeysTestHook(keys)) + c.SetSessionTicketKeys(setSessionTicketKeysHook(keys)) } } } diff --git a/caddytls/crypto_test.go b/caddytls/crypto_test.go index 0a9ee0db..1cfc6c2e 100644 --- a/caddytls/crypto_test.go +++ b/caddytls/crypto_test.go @@ -86,17 +86,20 @@ func TestStandaloneTLSTicketKeyRotation(t *testing.T) { tlsGovChan := make(chan struct{}) defer close(tlsGovChan) - callSync := make(chan *syncPkt, 1) - defer close(callSync) + callSync := make(chan syncPkt) + setSessionTicketKeysTestHookMu.Lock() oldHook := setSessionTicketKeysTestHook defer func() { + setSessionTicketKeysTestHookMu.Lock() setSessionTicketKeysTestHook = oldHook + setSessionTicketKeysTestHookMu.Unlock() }() setSessionTicketKeysTestHook = func(keys [][32]byte) [][32]byte { - callSync <- &syncPkt{keys[0], len(keys)} + callSync <- syncPkt{keys[0], len(keys)} return keys } + setSessionTicketKeysTestHookMu.Unlock() c := new(tls.Config) timer := time.NewTicker(time.Millisecond * 1)