Skip to content

Commit

Permalink
Make ocsp retries configurable
Browse files Browse the repository at this point in the history
  • Loading branch information
@sfc-gh-pfus
sfc-gh-pfus committed May 27, 2024
1 parent dc76c36 commit 2f6ed6e
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions ocsp.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,9 +76,9 @@ const (
)

var (
ocspCacheServerTimeout = defaultOCSPCacheServerTimeout
ocspResponderTimeout = defaultOCSPResponderTimeout
ocspMaxRetryCount = defaultOCSPMaxRetryCount
OcspCacheServerTimeout = defaultOCSPCacheServerTimeout

Check failure on line 79 in ocsp.go

View workflow job for this annotation

GitHub Actions / Check linter 

exported var OcspCacheServerTimeout should have comment or be unexported
OcspResponderTimeout = defaultOCSPResponderTimeout
OcspMaxRetryCount = defaultOCSPMaxRetryCount
)

const (
Expand Down Expand Up @@ -388,7 +388,7 @@ func checkOCSPCacheServer(
ocspS *ocspStatus) {
var respd map[string][]interface{}
headers := make(map[string]string)
res, err := newRetryHTTP(ctx, client, req, ocspServerHost, headers, totalTimeout, ocspMaxRetryCount, defaultTimeProvider, nil).execute()
res, err := newRetryHTTP(ctx, client, req, ocspServerHost, headers, totalTimeout, OcspMaxRetryCount, defaultTimeProvider, nil).execute()
if err != nil {
logger.WithContext(ctx).Errorf("failed to get OCSP cache from OCSP Cache Server. %v", err)
return nil, &ocspStatus{
Expand Down Expand Up @@ -451,7 +451,7 @@ func retryOCSP(
}
res, err := newRetryHTTP(
ctx, client, req, ocspHost, headers,
totalTimeout*time.Duration(multiplier), ocspMaxRetryCount, defaultTimeProvider, nil).doPost().setBody(reqBody).execute()
totalTimeout*time.Duration(multiplier), OcspMaxRetryCount, defaultTimeProvider, nil).doPost().setBody(reqBody).execute()
if err != nil {
return ocspRes, ocspResBytes, &ocspStatus{
code: ocspFailedSubmit,
Expand Down Expand Up @@ -504,7 +504,7 @@ func fallbackRetryOCSPToGETRequest(
multiplier = 3 // up to 3 times for Fail Close mode
}
res, err := newRetryHTTP(ctx, client, req, ocspHost, headers,
totalTimeout*time.Duration(multiplier), ocspMaxRetryCount, defaultTimeProvider, nil).execute()
totalTimeout*time.Duration(multiplier), OcspMaxRetryCount, defaultTimeProvider, nil).execute()
if err != nil {
return ocspRes, ocspResBytes, &ocspStatus{
code: ocspFailedSubmit,
Expand Down Expand Up @@ -624,7 +624,7 @@ func getRevocationStatus(ctx context.Context, subject, issuer *x509.Certificate)
headers[httpHeaderContentLength] = strconv.Itoa(len(ocspReq))
headers[httpHeaderHost] = hostname
timeoutStr := os.Getenv(ocspTestResponderTimeoutEnv)
timeout := ocspResponderTimeout
timeout := OcspResponderTimeout
if timeoutStr != "" {
var timeoutInMilliseconds int
timeoutInMilliseconds, err = strconv.Atoi(timeoutStr)
Expand Down Expand Up @@ -777,7 +777,7 @@ func downloadOCSPCacheServer() {
}
logger.Infof("downloading OCSP Cache from server %v", ocspCacheServerURL)
timeoutStr := os.Getenv(ocspTestResponseCacheServerTimeoutEnv)
timeout := ocspCacheServerTimeout
timeout := OcspCacheServerTimeout
if timeoutStr != "" {
var timeoutInMilliseconds int
timeoutInMilliseconds, err = strconv.Atoi(timeoutStr)
Expand Down

0 comments on commit 2f6ed6e

Please sign in to comment.