Fix CA Timeout and show progress to the user (#915)

* Fix idle after CA timeout and show progress to the user so they don't think we've hung

* fix timeout again since it was lost in a rebase
This commit is contained in:
Matt Robinson 2019-01-02 09:41:01 -05:00 committed by GitHub
parent 3fa9d78690
commit cbc5fdf99a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 32 additions and 9 deletions

View File

@ -11,6 +11,7 @@ import (
"crypto/x509"
"encoding/pem"
"io/ioutil"
"log"
"github.com/zeebo/errs"
@ -178,16 +179,20 @@ func (pc PeerCAConfig) Load() (*PeerCertificateAuthority, error) {
func NewCA(ctx context.Context, opts NewCAOptions) (
rv *FullCertificateAuthority, err error) {
defer mon.Task()(&ctx)(&err)
var (
highscore uint32
)
if opts.Concurrency < 1 {
opts.Concurrency = 1
}
ctx, cancel := context.WithCancel(ctx)
log.Printf("Generating a certificate matching a difficulty of %d\n", opts.Difficulty)
eC := make(chan error)
caC := make(chan FullCertificateAuthority, 1)
for i := 0; i < int(opts.Concurrency); i++ {
go newCAWorker(ctx, opts.Difficulty, opts.ParentCert, opts.ParentKey, caC, eC)
go newCAWorker(ctx, i, &highscore, opts.Difficulty, opts.ParentCert, opts.ParentKey, caC, eC)
}
select {
@ -197,6 +202,9 @@ func NewCA(ctx context.Context, opts NewCAOptions) (
case err := <-eC:
cancel()
return nil, err
case <-ctx.Done():
cancel()
return nil, ctx.Err()
}
}

View File

@ -20,13 +20,15 @@ func SetupIdentity(ctx context.Context, c CASetupConfig, i SetupConfig) error {
if s := c.Status(); s != NoCertNoKey && !c.Overwrite {
return ErrSetup.New("certificate authority file(s) exist: %s", s)
}
t, err := time.ParseDuration(c.Timeout)
if err != nil {
return errs.Wrap(err)
var cancel func()
if c.Timeout != "0" {
t, err := time.ParseDuration(c.Timeout)
if err != nil {
return errs.Wrap(err)
}
ctx, cancel = context.WithTimeout(ctx, t)
defer cancel()
}
ctx, cancel := context.WithTimeout(ctx, t)
defer cancel()
// Create a new certificate authority
ca, err := c.Create(ctx)

View File

@ -12,8 +12,10 @@ import (
"encoding/asn1"
"encoding/pem"
"io/ioutil"
"log"
"os"
"path/filepath"
"sync/atomic"
"github.com/zeebo/errs"
@ -94,7 +96,7 @@ func decodePEM(PEMBytes []byte) ([][]byte, error) {
return DERBytes, nil
}
func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certificate, parentKey crypto.PrivateKey, caC chan FullCertificateAuthority, eC chan error) {
func newCAWorker(ctx context.Context, workerid int, highscore *uint32, difficulty uint16, parentCert *x509.Certificate, parentKey crypto.PrivateKey, caC chan FullCertificateAuthority, eC chan error) {
var (
k crypto.PrivateKey
i storj.NodeID
@ -103,6 +105,7 @@ func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certif
for {
select {
case <-ctx.Done():
eC <- ctx.Err()
return
default:
k, err = peertls.NewKey()
@ -128,7 +131,15 @@ func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certif
eC <- err
continue
}
hs := atomic.LoadUint32(highscore)
if uint32(d) > hs {
atomic.CompareAndSwapUint32(highscore, hs, uint32(d))
log.Printf("Found a certificate matching difficulty of %d\n", hs)
}
if d >= difficulty {
log.Printf("Found a certificate matching difficulty of %d\n", d)
break
}
}

View File

@ -7,6 +7,7 @@ import (
"context"
"flag"
"fmt"
"log"
"os"
"os/signal"
"path/filepath"
@ -91,7 +92,8 @@ func Ctx(cmd *cobra.Command) context.Context {
c := make(chan os.Signal, 1)
signal.Notify(c, syscall.SIGINT, syscall.SIGTERM)
go func() {
<-c
sig := <-c
log.Printf("Got a signal from the OS: %q", sig)
signal.Stop(c)
cancel()
}()