don't do time(0) under signature cache lock

author bert hubert <bert.hubert@netherlabs.nl>

Wed, 10 Dec 2014 14:41:23 +0000 (15:41 +0100)

committer mind04 <mind04@monshouwer.org>

Tue, 23 Dec 2014 07:35:37 +0000 (08:35 +0100)
author bert hubert <bert.hubert@netherlabs.nl>
Wed, 10 Dec 2014 14:41:23 +0000 (15:41 +0100)
committer mind04 <mind04@monshouwer.org>
Tue, 23 Dec 2014 07:35:37 +0000 (08:35 +0100)
diff --git a/pdns/dnssecsigner.cc b/pdns/dnssecsigner.cc

index 82766ccc996184f8dc21359cfd6b34ee4ea09d83..626a6c0a774a4c14930c76c73712928bae147bb7 100644 (file)
--- a/pdns/dnssecsigner.cc
+++ b/pdns/dnssecsigner.cc
@@ -152,11 +152,11 @@ void fillOutRRSIG(DNSSECPrivateKey& dpk, const std::string& signQName, RRSIGReco
    rrc.d_signature = rc->sign(msg);
  
    if(doCache) {
-    WriteLock l(&g_signatures_lock);
      /* we add some jitter here so not all your slaves start pruning their caches at the very same millisecond */
      int weekno = (time(0) - dns_random(3600)) / (86400*7);  // we just spent milliseconds doing a signature, microsecond more won't kill us
      const static int maxcachesize=::arg().asNum("max-signature-cache-entries", INT_MAX);
-  
+
+    WriteLock l(&g_signatures_lock);
      if(g_cacheweekno < weekno || g_signatures.size() >= (uint) maxcachesize) {  // blunt but effective (C) Habbie, mind04
        L<<Logger::Warning<<"Cleared signature cache."<<endl;
        g_signatures.clear();
author	bert hubert <bert.hubert@netherlabs.nl>
	Wed, 10 Dec 2014 14:41:23 +0000 (15:41 +0100)
committer	mind04 <mind04@monshouwer.org>
	Tue, 23 Dec 2014 07:35:37 +0000 (08:35 +0100)