sdgoij/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2026-03-17 14:34:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

caddytls: Ensure key list always gets set (fix #7555)

Browse Source
This commit is contained in:
Matthew Holt
2026-03-16 16:21:47 -06:00
parent 1fbb28720b
commit 8499e34e10
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
modules/caddytls/ech.go
View File

@@ -132,7 +132,10 @@ func (ech *ECH) Provision(ctx caddy.Context) ([]string, error) {
} }
} }
// ensure old keys are rotated out // convert the configs into a structure ready for the std lib to use
ech.updateKeyList()
// ensure any old keys are rotated out
if err = ech.rotateECHKeys(ctx, logger, true); err != nil { if err = ech.rotateECHKeys(ctx, logger, true); err != nil {
return nil, fmt.Errorf("rotating ECH configs: %w", err) return nil, fmt.Errorf("rotating ECH configs: %w", err)
} }
@@ -179,9 +182,11 @@ func (ech *ECH) setConfigsFromStorage(ctx caddy.Context, logger *zap.Logger) ([]
return outerNames, nil return outerNames, nil
} }
// rotateECHKeys updates the ECH keys/configs that are outdated. It should be called // rotateECHKeys updates the ECH keys/configs that are outdated if rotation is needed.
// in a write lock on ech.configsMu. If a lock is already obtained in storage, then // It should be called in a write lock on ech.configsMu. If a lock is already obtained
// pass true for storageSynced. // in storage, then pass true for storageSynced.
//
// This function sets/updates the stdlib-ready key list only if a rotation occurs.
func (ech *ECH) rotateECHKeys(ctx caddy.Context, logger *zap.Logger, storageSynced bool) error { func (ech *ECH) rotateECHKeys(ctx caddy.Context, logger *zap.Logger, storageSynced bool) error {
storage := ctx.Storage() storage := ctx.Storage()