fix(http-client): avoid a data race EE-5634

portainer · Jun 23, 2023 · dbd7adc · dbd7adc
1 parent d083787
commit dbd7adc
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/edge/client/build.go b/edge/client/build.go
@@ -5,6 +5,7 @@ import (
 	"crypto/x509"
 	"net/http"
 	"os"
+	"sync"
 	"time"
 
 	"github.com/rs/zerolog/log"
@@ -22,6 +23,7 @@ type edgeHTTPClient struct {
 	certMTime     time.Time
 	keyMTime      time.Time
 	caMTime       time.Time
+	mu            sync.RWMutex
 }
 
 func BuildHTTPClient(timeout float64, options *agent.Options) *edgeHTTPClient {
@@ -35,17 +37,25 @@ func BuildHTTPClient(timeout float64, options *agent.Options) *edgeHTTPClient {
 		revokeService: revokeService,
 	}
 
+	c.mu.Lock()
 	c.httpClient.Transport = c.buildTransport()
+	c.mu.Unlock()
 
 	return c
 }
 
 func (c *edgeHTTPClient) Do(req *http.Request) (*http.Response, error) {
 	if c.certsNeedsRotation() {
 		log.Debug().Msg("reloading certificates")
+
+		c.mu.Lock()
 		c.httpClient.Transport = c.buildTransport()
+		c.mu.Unlock()
 	}
 
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
 	return c.httpClient.Do(req)
 }