Skip to content

Commit 01c1488

Browse files
jshajsha
authored
va: use cancels to early-return. (#7832)
This allows us to collect a consistent number of error results for logging. Related to #7616.
1 parent 8bf13a9 commit 01c1488

File tree

1 file changed

+20
-11
lines changed

1 file changed

+20
-11
lines changed

va/va.go

Lines changed: 20 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -461,10 +461,13 @@ func (va *ValidationAuthorityImpl) performRemoteValidation(
461461
err error
462462
}
463463

464+
subCtx, cancel := context.WithCancel(ctx)
465+
defer cancel()
466+
464467
responses := make(chan *response, remoteVACount)
465468
for _, i := range rand.Perm(remoteVACount) {
466469
go func(rva RemoteVA) {
467-
res, err := rva.PerformValidation(ctx, req)
470+
res, err := rva.PerformValidation(subCtx, req)
468471
responses <- &response{rva.Address, res, err}
469472
}(va.remoteVAs[i])
470473
}
@@ -507,26 +510,32 @@ func (va *ValidationAuthorityImpl) performRemoteValidation(
507510
firstProb = currProb
508511
}
509512

513+
// To respond faster, if we get enough successes or too many failures, we cancel remaining RPCs.
514+
// Finish the loop to collect remaining responses into `failed` so we can rely on having a response
515+
// for every request we made.
510516
if len(passed) >= required {
511-
// Enough successful responses to reach quorum.
512-
return nil
517+
cancel()
513518
}
514519
if len(failed) > va.maxRemoteFailures {
515-
// Too many failed responses to reach quorum.
516-
firstProb.Detail = fmt.Sprintf("During secondary domain validation: %s", firstProb.Detail)
517-
return firstProb
520+
cancel()
518521
}
519522

520-
// If we somehow haven't returned early, we need to break the loop once all
521-
// of the VAs have returned a result.
523+
// Once all the VAs have returned a result, break the loop.
522524
if len(passed)+len(failed) >= remoteVACount {
523525
break
524526
}
525527
}
526528

527-
// This condition should not occur - it indicates the passed/failed counts
528-
// neither met the required threshold nor the maxRemoteFailures threshold.
529-
return probs.ServerInternal("Too few remote PerformValidation RPC results")
529+
if len(passed) >= required {
530+
return nil
531+
} else if len(failed) > va.maxRemoteFailures {
532+
firstProb.Detail = fmt.Sprintf("During secondary domain validation: %s", firstProb.Detail)
533+
return firstProb
534+
} else {
535+
// This condition should not occur - it indicates the passed/failed counts
536+
// neither met the required threshold nor the maxRemoteFailures threshold.
537+
return probs.ServerInternal("Too few remote PerformValidation RPC results")
538+
}
530539
}
531540

532541
// logRemoteResults is called by `processRemoteCAAResults` when the

0 commit comments

Comments
 (0)