File: cache.go

package info (click to toggle)
golang-agwa-go-listener 0.6.1-1.1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 168 kB
  • sloc: makefile: 2
file content (95 lines) | stat: -rw-r--r-- 2,660 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
 
// Copyright (C) 2022 Andrew Ayer
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the "Software"),
// to deal in the Software without restriction, including without limitation
// the rights to use, copy, modify, merge, publish, distribute, sublicense,
// and/or sell copies of the Software, and to permit persons to whom the
// Software is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
// THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
// OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
// OTHER DEALINGS IN THE SOFTWARE.
//
// Except as contained in this notice, the name(s) of the above copyright
// holders shall not be used in advertising or otherwise to promote the
// sale, use or other dealings in this Software without prior written
// authorization.

package cert

import (
	"crypto/tls"
	"os"
	"sync"
	"time"
)

type cachedFile struct {
	*tls.Certificate
	modTime time.Time
}

func (c *cachedFile) isFresh(latestModTime time.Time) bool {
	return c.Certificate != nil && c.modTime.Equal(latestModTime)
}

type fileCache struct {
	mu    sync.RWMutex
	certs map[string]cachedFile
}

func newFileCache() *fileCache {
	return &fileCache{
		certs: make(map[string]cachedFile),
	}
}

func (c *fileCache) get(filename string) cachedFile {
	c.mu.RLock()
	defer c.mu.RUnlock()
	return c.certs[filename]
}

func (c *fileCache) add(filename string, cert cachedFile) {
	c.mu.Lock()
	defer c.mu.Unlock()
	c.certs[filename] = cert
}

func (c *fileCache) Load(filename string) (*tls.Certificate, error) {
	fileinfo, err := os.Stat(filename)
	if err != nil {
		return nil, err
	}
	modTime := fileinfo.ModTime()

	if cachedFile := c.get(filename); cachedFile.isFresh(modTime) {
		return cachedFile.Certificate, nil
	}
	cert, err := LoadCertificate(filename)
	if err != nil {
		return nil, err
	}
	c.add(filename, cachedFile{Certificate: cert, modTime: modTime})
	return cert, nil
}

func (c *fileCache) Clean() {
	c.mu.Lock()
	defer c.mu.Unlock()

	now := time.Now()
	for filename, cert := range c.certs {
		if now.After(cert.Leaf.NotAfter) {
			delete(c.certs, filename)
		}
	}
}