Fix CA Timeout and show progress to the user (#915)

* Fix idle after CA timeout and show progress to the user so they don't think we've hung * fix timeout again since it was lost in a rebase
2019-01-02 09:41:01 -05:00 · 2019-01-02 09:41:01 -05:00 · cbc5fdf99a
commit cbc5fdf99a
parent 3fa9d78690
4 changed files with 32 additions and 9 deletions
--- a/pkg/identity/certificate_authority.go
+++ b/pkg/identity/certificate_authority.go
@ -11,6 +11,7 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"io/ioutil"
+	"log"

 	"github.com/zeebo/errs"

@ -178,16 +179,20 @@ func (pc PeerCAConfig) Load() (*PeerCertificateAuthority, error) {
 func NewCA(ctx context.Context, opts NewCAOptions) (
 	rv *FullCertificateAuthority, err error) {
 	defer mon.Task()(&ctx)(&err)
+	var (
+		highscore uint32
+	)

 	if opts.Concurrency < 1 {
 		opts.Concurrency = 1
 	}
 	ctx, cancel := context.WithCancel(ctx)

+	log.Printf("Generating a certificate matching a difficulty of %d\n", opts.Difficulty)
 	eC := make(chan error)
 	caC := make(chan FullCertificateAuthority, 1)
 	for i := 0; i < int(opts.Concurrency); i++ {
-		go newCAWorker(ctx, opts.Difficulty, opts.ParentCert, opts.ParentKey, caC, eC)
+		go newCAWorker(ctx, i, &highscore, opts.Difficulty, opts.ParentCert, opts.ParentKey, caC, eC)
 	}

 	select {
@ -197,6 +202,9 @@ func NewCA(ctx context.Context, opts NewCAOptions) (
 	case err := <-eC:
 		cancel()
 		return nil, err
+	case <-ctx.Done():
+		cancel()
+		return nil, ctx.Err()
 	}
 }

--- a/pkg/identity/setup.go
+++ b/pkg/identity/setup.go
@ -20,13 +20,15 @@ func SetupIdentity(ctx context.Context, c CASetupConfig, i SetupConfig) error {
 	if s := c.Status(); s != NoCertNoKey && !c.Overwrite {
 		return ErrSetup.New("certificate authority file(s) exist: %s", s)
 	}
-
-	t, err := time.ParseDuration(c.Timeout)
-	if err != nil {
-		return errs.Wrap(err)
+	var cancel func()
+	if c.Timeout != "0" {
+		t, err := time.ParseDuration(c.Timeout)
+		if err != nil {
+			return errs.Wrap(err)
+		}
+		ctx, cancel = context.WithTimeout(ctx, t)
+		defer cancel()
 	}
-	ctx, cancel := context.WithTimeout(ctx, t)
-	defer cancel()

 	// Create a new certificate authority
 	ca, err := c.Create(ctx)
--- a/pkg/identity/utils.go
+++ b/pkg/identity/utils.go
@ -12,8 +12,10 @@ import (
 	"encoding/asn1"
 	"encoding/pem"
 	"io/ioutil"
+	"log"
 	"os"
 	"path/filepath"
+	"sync/atomic"

 	"github.com/zeebo/errs"

@ -94,7 +96,7 @@ func decodePEM(PEMBytes []byte) ([][]byte, error) {
 	return DERBytes, nil
 }

-func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certificate, parentKey crypto.PrivateKey, caC chan FullCertificateAuthority, eC chan error) {
+func newCAWorker(ctx context.Context, workerid int, highscore *uint32, difficulty uint16, parentCert *x509.Certificate, parentKey crypto.PrivateKey, caC chan FullCertificateAuthority, eC chan error) {
 	var (
 		k   crypto.PrivateKey
 		i   storj.NodeID
@ -103,6 +105,7 @@ func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certif
 	for {
 		select {
 		case <-ctx.Done():
+			eC <- ctx.Err()
 			return
 		default:
 			k, err = peertls.NewKey()
@ -128,7 +131,15 @@ func newCAWorker(ctx context.Context, difficulty uint16, parentCert *x509.Certif
 			eC <- err
 			continue
 		}
+
+		hs := atomic.LoadUint32(highscore)
+		if uint32(d) > hs {
+			atomic.CompareAndSwapUint32(highscore, hs, uint32(d))
+			log.Printf("Found a certificate matching difficulty of %d\n", hs)
+		}
+
 		if d >= difficulty {
+			log.Printf("Found a certificate matching difficulty of %d\n", d)
 			break
 		}
 	}
--- a/pkg/process/exec_conf.go
+++ b/pkg/process/exec_conf.go
@ -7,6 +7,7 @@ import (
 	"context"
 	"flag"
 	"fmt"
+	"log"
 	"os"
 	"os/signal"
 	"path/filepath"
@ -91,7 +92,8 @@ func Ctx(cmd *cobra.Command) context.Context {
 	c := make(chan os.Signal, 1)
 	signal.Notify(c, syscall.SIGINT, syscall.SIGTERM)
 	go func() {
-		<-c
+		sig := <-c
+		log.Printf("Got a signal from the OS: %q", sig)
 		signal.Stop(c)
 		cancel()
 	}()