60 lines
1.4 KiB
Go
60 lines
1.4 KiB
Go
package live
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
|
|
capb "github.com/letsencrypt/boulder/ca/proto"
|
|
"github.com/letsencrypt/boulder/core"
|
|
berrors "github.com/letsencrypt/boulder/errors"
|
|
"github.com/letsencrypt/boulder/ocsp/responder"
|
|
rapb "github.com/letsencrypt/boulder/ra/proto"
|
|
"github.com/letsencrypt/boulder/semaphore"
|
|
"golang.org/x/crypto/ocsp"
|
|
"google.golang.org/grpc"
|
|
)
|
|
|
|
type ocspGenerator interface {
|
|
GenerateOCSP(ctx context.Context, in *rapb.GenerateOCSPRequest, opts ...grpc.CallOption) (*capb.OCSPResponse, error)
|
|
}
|
|
|
|
type Source struct {
|
|
ra ocspGenerator
|
|
sem *semaphore.Weighted
|
|
}
|
|
|
|
func New(ra ocspGenerator, maxInflight int64, maxWaiters int) *Source {
|
|
return &Source{
|
|
ra: ra,
|
|
sem: semaphore.NewWeighted(maxInflight, maxWaiters),
|
|
}
|
|
}
|
|
|
|
func (s *Source) Response(ctx context.Context, req *ocsp.Request) (*responder.Response, error) {
|
|
err := s.sem.Acquire(ctx, 1)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer s.sem.Release(1)
|
|
if ctx.Err() != nil {
|
|
return nil, ctx.Err()
|
|
}
|
|
|
|
resp, err := s.ra.GenerateOCSP(ctx, &rapb.GenerateOCSPRequest{
|
|
Serial: core.SerialToString(req.SerialNumber),
|
|
})
|
|
if err != nil {
|
|
if errors.Is(err, berrors.NotFound) {
|
|
return nil, responder.ErrNotFound
|
|
}
|
|
return nil, err
|
|
}
|
|
parsed, err := ocsp.ParseResponse(resp.Response, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &responder.Response{
|
|
Raw: resp.Response,
|
|
Response: parsed,
|
|
}, nil
|
|
}
|