// LSBaseQuery builds the base query that both LSCount and LSStat share
func LSBaseQuery(now time.Time, indexRoot string, l LogstashElasticHosts, keystring string, filter, sduration, eduration string, size int) (*LogstashRequest, error) {
start, err := opentsdb.ParseDuration(sduration)
if err != nil {
return nil, err
}
var end opentsdb.Duration
if eduration != "" {
end, err = opentsdb.ParseDuration(eduration)
if err != nil {
return nil, err
}
}
st := now.Add(time.Duration(-start))
en := now.Add(time.Duration(-end))
r := LogstashRequest{
IndexRoot: indexRoot,
Start: &st,
End: &en,
Source: elastic.NewSearchSource().Size(size),
}
tf := elastic.NewRangeFilter("@timestamp").Gte(st).Lte(en)
filtered := elastic.NewFilteredQuery(tf)
r.KeyMatches, err = ProcessLSKeys(keystring, filter, &filtered)
if err != nil {
return nil, err
}
r.Source = r.Source.Query(filtered)
return &r, nil
}
// CleanDir removes binary files under rundir in case they were not
// accessed for more than CleanFileDelay nanoseconds. A last-cleaned
// marker file is created so that the next verification is only done
// after CleanFileDelay nanoseconds.
func CleanDir(rundir string, now time.Time) error {
cleanedfile := filepath.Join(rundir, "last-cleaned")
cleanLine := now.Add(-CleanFileDelay)
if info, err := os.Stat(cleanedfile); err == nil && info.ModTime().After(cleanLine) {
// It's been cleaned recently.
return nil
}
f, err := os.Create(cleanedfile)
if err != nil {
return err
}
_, err = f.Write([]byte(now.Format(time.RFC3339)))
f.Close()
if err != nil {
return err
}
// Look for expired files.
d, err := os.Open(rundir)
if err != nil {
return err
}
infos, err := d.Readdir(-1)
for _, info := range infos {
atim := atime(info)
access := time.Unix(int64(atim.Sec), int64(atim.Nsec))
if access.Before(cleanLine) {
os.Remove(filepath.Join(rundir, info.Name()))
}
}
return nil
}
// create a time limit code
// code format: 12 length date time string + 6 minutes string + 40 sha1 encoded string
func CreateTimeLimitCode(data string, minutes int, startInf interface{}) string {
format := "200601021504"
var start, end time.Time
var startStr, endStr string
if startInf == nil {
// Use now time create code
start = time.Now()
startStr = start.Format(format)
} else {
// use start string create code
startStr = startInf.(string)
start, _ = time.ParseInLocation(format, startStr, time.Local)
startStr = start.Format(format)
}
end = start.Add(time.Minute * time.Duration(minutes))
endStr = end.Format(format)
// create sha1 encode string
sh := sha1.New()
sh.Write([]byte(data + setting.SecretKey + startStr + endStr + com.ToStr(minutes)))
encoded := hex.EncodeToString(sh.Sum(nil))
code := fmt.Sprintf("%s%06d%s", startStr, minutes, encoded)
return code
}
func Retry(maxWait time.Duration, failAfter time.Duration, f func() error) (err error) {
var lastStart time.Time
err = errors.New("Did not connect.")
loopWait := time.Millisecond * 500
retryStart := time.Now()
for retryStart.Add(failAfter).After(time.Now()) {
lastStart = time.Now()
if err = f(); err == nil {
return nil
}
if lastStart.Add(maxWait * 2).Before(time.Now()) {
retryStart = time.Now()
}
LogError(err)
logrus.Infof("Retrying in %f seconds...", loopWait.Seconds())
time.Sleep(loopWait)
loopWait = loopWait * time.Duration(int64(2))
if loopWait > maxWait {
loopWait = maxWait
}
}
return err
}
func (ss *StacktraceSource) loadStacktrace() {
var lastUpdated time.Time
var size int = 512
var i int = 0
var stacktrace []byte
for {
select {
case ret := <-ss.getStacktraceRec:
now := time.Now()
if now.After(lastUpdated.Add(2 * time.Second)) {
for {
stacktrace = make([]byte, size)
i = runtime.Stack(stacktrace, true)
if i == size {
size = int(float64(size) * 1.5)
continue
}
size = int(float64(i) * 1.25)
break
}
lastUpdated = now
}
ret <- StacktraceRecord{stacktrace[:i], lastUpdated}
}
}
}
// Determine when the next housekeeping should occur.
func (self *containerData) nextHousekeeping(lastHousekeeping time.Time) time.Time {
if *allowDynamicHousekeeping {
stats, err := self.storageDriver.RecentStats(self.info.Name, 2)
if err != nil {
if self.allowErrorLogging() {
glog.Warningf("Failed to get RecentStats(%q) while determining the next housekeeping: %v", self.info.Name, err)
}
} else if len(stats) == 2 {
// TODO(vishnuk): Use no processes as a signal.
// Raise the interval if usage hasn't changed in the last housekeeping.
if stats[0].StatsEq(stats[1]) && (self.housekeepingInterval < *maxHousekeepingInterval) {
self.housekeepingInterval *= 2
if self.housekeepingInterval > *maxHousekeepingInterval {
self.housekeepingInterval = *maxHousekeepingInterval
}
glog.V(3).Infof("Raising housekeeping interval for %q to %v", self.info.Name, self.housekeepingInterval)
} else if self.housekeepingInterval != *HousekeepingInterval {
// Lower interval back to the baseline.
self.housekeepingInterval = *HousekeepingInterval
glog.V(3).Infof("Lowering housekeeping interval for %q to %v", self.info.Name, self.housekeepingInterval)
}
}
}
return lastHousekeeping.Add(self.housekeepingInterval)
}
func createPayload(payload Payload, token string, id uint32, now time.Time) (*rawPayload, error) {
p := &rawPayload{id: id, created: now}
// prepare binary payload from JSON structure
bpayload, err := json.Marshal(payload)
if err != nil {
return nil, err
}
// decode hexadecimal push device token to binary byte array
btoken, err := hex.DecodeString(token)
if err != nil {
return nil, errors.New(fmt.Sprintf("Error decoding token: %v. Error: %v", token, err))
}
buffer := make([]byte, 1+4+4+2+len(btoken)+2+len(bpayload))
// build the actual pdu
buffer[0] = uint8(1) // command
binary.BigEndian.PutUint32(buffer[1:], id) // transaction id, optional
binary.BigEndian.PutUint32(buffer[5:], uint32(now.Add(1*time.Hour).Unix())) // expiration time, 1 hour
binary.BigEndian.PutUint16(buffer[9:], uint16(len(btoken))) // push device token
copy(buffer[11:], btoken) //
binary.BigEndian.PutUint16(buffer[11+len(btoken):], uint16(len(bpayload))) // push payload
copy(buffer[11+len(btoken)+2:], bpayload) //
p.data = buffer
return p, nil
}
// create a time limit code
// code format: 12 length date time string + 6 minutes string + 40 sha1 encoded string
func CreateTimeLimitCode(data string, minutes int, startInf interface{}) string {
format := "YmdHi"
var start, end time.Time
var startStr, endStr string
if startInf == nil {
// Use now time create code
start = time.Now()
startStr = DateFormat(start, format)
} else {
// use start string create code
startStr = startInf.(string)
start, _ = DateParse(startStr, format)
startStr = DateFormat(start, format)
}
end = start.Add(time.Minute * time.Duration(minutes))
endStr = DateFormat(end, format)
// create sha1 encode string
sh := sha1.New()
sh.Write([]byte(data + SecretKey + startStr + endStr + ToStr(minutes)))
encoded := hex.EncodeToString(sh.Sum(nil))
code := fmt.Sprintf("%s%06d%s", startStr, minutes, encoded)
return code
}
/*
A common feature of the above techniques—indeed, the key technique that
allows us to track the decayed weights efficiently—is that they maintain
counts and other quantities based on g(ti − L), and only scale by g(t − L)
at query time. But while g(ti −L)/g(t−L) is guaranteed to lie between zero
and one, the intermediate values of g(ti − L) could become very large. For
polynomial functions, these values should not grow too large, and should be
effectively represented in practice by floating point values without loss of
precision. For exponential functions, these values could grow quite large as
new values of (ti − L) become large, and potentially exceed the capacity of
common floating point types. However, since the values stored by the
algorithms are linear combinations of g values (scaled sums), they can be
rescaled relative to a new landmark. That is, by the analysis of exponential
decay in Section III-A, the choice of L does not affect the final result. We
can therefore multiply each value based on L by a factor of exp(−α(L′ − L)),
and obtain the correct value as if we had instead computed relative to a new
landmark L′ (and then use this new L′ at query time). This can be done with
a linear pass over whatever data structure is being used.
*/
func (s *exponentiallyDecayingSample) rescale(now time.Time) {
s.nextScaleTime = now.Add(edRescaleThreshold)
oldStartTime := s.startTime
s.startTime = now
scale := math.Exp(-s.alpha * s.startTime.Sub(oldStartTime).Seconds())
s.values.ScalePriority(scale)
}
// checkTokenWithTime checks token using the given time.
func checkTokenWithTime(c context.Context, token, user, action string, now time.Time) error {
if token == "" {
return fmt.Errorf("token is not given")
}
d, err := base64.URLEncoding.DecodeString(token)
sig := &sigData{}
if err = json.Unmarshal(d, sig); err != nil {
return err
}
issueTime := time.Unix(0, sig.IssueTime)
if now.Sub(issueTime) >= Timeout {
return fmt.Errorf("signature has already expired")
}
if issueTime.After(now.Add(validFuture)) {
return fmt.Errorf("token come from future")
}
toVerify := toData(user, action, sig.IssueTime)
certs, err := signature.PublicCerts(c)
if err != nil {
return err
}
cert := signature.X509CertByName(certs, sig.Key)
if cert == nil {
return fmt.Errorf("cannot find cert")
}
return signature.Check(toVerify, cert, sig.Signature)
}
// DialTCPSAddrTimeout 同 DialTCPSAddr 函数,增加了超时功能
func (p *directProxyClient) DialTCPSAddrTimeout(network string, raddr string, timeout time.Duration) (rconn ProxyTCPConn, rerr error) {
switch network {
case "tcp", "tcp4", "tcp6":
default:
return nil, fmt.Errorf("不支持的 network 类型:%v", network)
}
d := net.Dialer{Timeout: timeout, LocalAddr: &p.TCPLocalAddr}
conn, err := d.Dial(network, raddr)
if err != nil {
return nil, err
}
splitHttp := false
if p.splitHttp {
raddr, err := net.ResolveTCPAddr(network, raddr)
if err == nil && raddr.Port == 80 {
splitHttp = true
}
}
wTime := time.Time{}
if p.sleep != 0 {
wTime = time.Now()
wTime = wTime.Add(p.sleep)
}
if tcpConn, ok := conn.(*net.TCPConn); ok {
return &directTCPConn{*tcpConn, splitHttp, wTime, p}, nil
}
return nil, fmt.Errorf("内部错误")
}
// Incrementally creates any elimination matches that can be created, based on the results of alliance
// selection or prior elimination rounds. Returns the winning alliance once it has been determined.
func (database *Database) UpdateEliminationSchedule(startTime time.Time) ([]AllianceTeam, error) {
alliances, err := database.GetAllAlliances()
if err != nil {
return []AllianceTeam{}, err
}
winner, err := database.buildEliminationMatchSet(1, 1, len(alliances))
if err != nil {
return []AllianceTeam{}, err
}
// Update the scheduled time for all matches that have yet to be run.
matches, err := database.GetMatchesByType("elimination")
if err != nil {
return []AllianceTeam{}, err
}
matchIndex := 0
for _, match := range matches {
if match.Status == "complete" {
continue
}
match.Time = startTime.Add(time.Duration(matchIndex*elimMatchSpacingSec) * time.Second)
database.SaveMatch(&match)
matchIndex++
}
return winner, err
}
func (m *MaxReplicationLagModule) updateNextAllowedIncrease(now time.Time, increase float64, key string) {
minDuration := m.config.MinDurationBetweenChanges()
// We may have to wait longer than the configured minimum duration
// until we see an effect of the increase.
// Example: If the increase was fully over the capacity, it will take
// 1 / increase seconds until the replication lag goes up by 1 second.
// E.g.
// (If the system was already at its maximum capacity (e.g. 1k QPS) and we
// increase the rate by e.g. 5% to 1050 QPS, it will take 20 seconds until
// 1000 extra queries are buffered and the lag increases by 1 second.)
// On top of that, add 2 extra seconds to account for a delayed propagation
// of the data (because the throttler takes over the updated rate only every
// second and it publishes its rate history only after a second is over).
// TODO(mberlin): Instead of adding 2 seconds, should we wait for twice the
// calculated time instead?
minPropagationTime := time.Duration(1.0/increase+2) * time.Second
if minPropagationTime > minDuration {
minDuration = minPropagationTime
}
if minDuration > m.config.MaxDurationBetweenIncreases() {
// Cap the rate to a reasonable amount of time (very small increases may
// result into a 20 minutes wait otherwise.)
minDuration = m.config.MaxDurationBetweenIncreases()
}
m.nextAllowedIncrease = now.Add(minDuration)
m.replicaUnderIncreaseTest = key
}
func (w Window) makeWindows(left, right TimeShiftFunc) []Window {
var ws []Window
if w.From.After(w.Until) {
return ws
}
var start, end time.Time
from := w.From
for {
switch {
case len(ws) == 0:
start = now.New(w.From).BeginningOfDay()
default:
start = left(from)
}
end = right(from)
if end.After(w.Until) {
// discard end and use the end of day of until
ws = append(ws, Window{From: start, Until: now.New(w.Until).EndOfDay()})
break
}
ws = append(ws, Window{From: start, Until: end})
from = end.Add(oneDay)
}
return ws
}
func (p *OauthProxy) MakeCookie(req *http.Request, value string, expiration time.Duration, now time.Time) *http.Cookie {
domain := req.Host
if h, _, err := net.SplitHostPort(domain); err == nil {
domain = h
}
if p.CookieDomain != "" {
if !strings.HasSuffix(domain, p.CookieDomain) {
log.Printf("Warning: request host is %q but using configured cookie domain of %q", domain, p.CookieDomain)
}
domain = p.CookieDomain
}
if value != "" {
value = cookie.SignedValue(p.CookieSeed, p.CookieName, value, now)
}
return &http.Cookie{
Name: p.CookieName,
Value: value,
Path: "/",
Domain: domain,
HttpOnly: p.CookieHttpOnly,
Secure: p.CookieSecure,
Expires: now.Add(expiration),
}
}
/** 微博时间格式化显示
* @param timestamp,标准时间戳
*/
func TimeSince(created time.Time) string {
//减去8小时
d, _ := time.ParseDuration("-8h")
t := created.Add(d)
since := int(time.Since(t).Minutes())
output := ""
switch {
case since < 0:
output = fmt.Sprintf("穿越了 %d 分钟..", -since)
case since < 1:
output = "刚刚" //"小于 1 分钟"
case since < 60:
output = fmt.Sprintf("%d 分钟之前", since)
case since < 60*24:
output = fmt.Sprintf("%d 小时之前", since/(60))
case since < 60*24*30:
output = fmt.Sprintf("%d 天之前", since/(60*24))
case since < 60*24*365:
output = fmt.Sprintf("%d 月之前", since/(60*24*30))
default:
output = fmt.Sprintf("%d 年之前", since/(60*24*365))
}
return output
}
// PrintSummary ...
func PrintSummary(buildRunResults models.BuildRunResultsModel) {
iconBoxWidth := len(" ")
timeBoxWidth := len(" time (s) ")
titleBoxWidth := stepRunSummaryBoxWidthInChars - 4 - iconBoxWidth - timeBoxWidth
fmt.Println()
fmt.Println()
log.Infof("+%s+", strings.Repeat("-", stepRunSummaryBoxWidthInChars-2))
whitespaceWidth := (stepRunSummaryBoxWidthInChars - 2 - len("bitrise summary")) / 2
log.Infof("|%sbitrise summary%s|", strings.Repeat(" ", whitespaceWidth), strings.Repeat(" ", whitespaceWidth))
log.Infof("+%s+%s+%s+", strings.Repeat("-", iconBoxWidth), strings.Repeat("-", titleBoxWidth), strings.Repeat("-", timeBoxWidth))
whitespaceWidth = stepRunSummaryBoxWidthInChars - len("| | title") - len("| time (s) |")
log.Infof("| | title%s| time (s) |", strings.Repeat(" ", whitespaceWidth))
log.Infof("+%s+%s+%s+", strings.Repeat("-", iconBoxWidth), strings.Repeat("-", titleBoxWidth), strings.Repeat("-", timeBoxWidth))
orderedResults := buildRunResults.OrderedResults()
tmpTime := time.Time{}
for _, stepRunResult := range orderedResults {
tmpTime = tmpTime.Add(stepRunResult.RunTime)
log.Info(stepResultCell(stepRunResult))
}
runtime := tmpTime.Sub(time.Time{})
log.Infof("+%s+", strings.Repeat("-", stepRunSummaryBoxWidthInChars-2))
runtimeStr := TimeToFormattedSeconds(runtime, " sec")
whitespaceWidth = stepRunSummaryBoxWidthInChars - len(fmt.Sprintf("| Total runtime: %s|", runtimeStr))
log.Infof("| Total runtime: %s%s|", runtimeStr, strings.Repeat(" ", whitespaceWidth))
log.Infof("+%s+", strings.Repeat("-", stepRunSummaryBoxWidthInChars-2))
fmt.Println()
}
func (conn *obfs4Conn) closeAfterDelay(sf *obfs4ServerFactory, startTime time.Time) {
// I-it's not like I w-wanna handshake with you or anything. B-b-baka!
defer conn.Conn.Close()
delay := time.Duration(sf.closeDelay)*time.Second + serverHandshakeTimeout
deadline := startTime.Add(delay)
if time.Now().After(deadline) {
return
}
if err := conn.Conn.SetReadDeadline(deadline); err != nil {
return
}
// Consume and discard data on this connection until either the specified
// interval passes or a certain size has been reached.
discarded := 0
var buf [framing.MaximumSegmentLength]byte
for discarded < int(sf.closeDelayBytes) {
n, err := conn.Conn.Read(buf[:])
if err != nil {
return
}
discarded += n
}
}
// ESBaseQuery builds the base query that both ESCount and ESStat share
func ESBaseQuery(now time.Time, indexer ESIndexer, l ElasticHosts, filter elastic.Query, sduration, eduration string, size int) (*ElasticRequest, error) {
start, err := opentsdb.ParseDuration(sduration)
if err != nil {
return nil, err
}
var end opentsdb.Duration
if eduration != "" {
end, err = opentsdb.ParseDuration(eduration)
if err != nil {
return nil, err
}
}
st := now.Add(time.Duration(-start))
en := now.Add(time.Duration(-end))
r := ElasticRequest{
Indexer: indexer,
Start: &st,
End: &en,
Source: elastic.NewSearchSource().Size(size),
}
var q elastic.Query
q = elastic.NewRangeQuery(indexer.TimeField).Gte(st).Lte(en)
r.Source = r.Source.Query(q)
r.Source = r.Source.Query(filter)
return &r, nil
}
func TestAfter(t *testing.T) {
b := &SimpleBackoff{
Factor: 2,
Min: 100 * time.Millisecond,
Max: 2 * time.Second,
MaxAttempts: 1,
}
var t1, t2, t3 time.Time
var err1, err2 error
t1 = time.Now()
select {
case err1 = <-After(b):
t2 = time.Now()
case <-time.After(101 * time.Millisecond):
t.Error("Not executed on time")
}
select {
case err2 = <-After(b):
case <-time.After(time.Millisecond):
t.Error("Not executed on time")
}
t3 = time.Now()
assert.WithinDuration(t, t1.Add(100*time.Millisecond), t2, time.Millisecond)
assert.WithinDuration(t, t2, t3, time.Millisecond)
assert.Nil(t, err1)
assert.NotNil(t, err2)
}
// Times returns the start and stop time for
// the closest Day translation to now.
func (d *Day) Times(now time.Time) (closestStart time.Time, closestStop time.Time) {
if now.IsZero() {
Log.Error("Cannot find times without reference")
return
}
if loc, err := d.GetLocation(); loc != nil && err == nil {
now = now.In(loc)
}
// find nearest start time of this slot
if now.Weekday() == d.Day && todayAt(now, d.Start).Before(now) {
// if the schedule is for today
// and we are after that scheduled time,
// then we have found the closest start
closestStart = todayAt(now, d.Start)
} else {
// Step back a day at a time until we find
// the most recent day that matches the day
// of the week of our Day.
for i := 1; i < 8; i++ {
sTime := now.Add(-time.Duration(i) * 24 * time.Hour)
if sTime.Weekday() == d.Day {
closestStart = todayAt(sTime, d.Start)
break
}
}
}
// closestStop is just the closests start plus
// the duration
closestStop = closestStart.Add(d.Duration)
return
}
// Valid returns true if token is a valid, unexpired token returned by Generate.
func validAtTime(token, key, userID string, now time.Time) bool {
// Decode the token.
data, err := base64.URLEncoding.DecodeString(token)
if err != nil {
return false
}
// Extract the issue time of the token.
sep := bytes.LastIndex(data, []byte{':'})
if sep < 0 {
return false
}
nanos, err := strconv.ParseInt(string(data[sep+1:]), 10, 64)
if err != nil {
return false
}
issueTime := time.Unix(0, nanos)
// Check that the token is not expired.
if now.Sub(issueTime) >= timeout {
return false
}
// Check that the token is not from the future.
// Allow 1 minute grace period in case the token is being verified on a
// machine whose clock is behind the machine that issued the token.
if issueTime.After(now.Add(1 * time.Minute)) {
return false
}
// Check that the token matches the expected value.
expected := generateAtTime(key, userID, issueTime)
return token == expected
}
// precreate performs actual resource precreation.
func (s *Service) precreate(now time.Time) error {
cutoff := now.Add(s.advancePeriod).UTC()
if err := s.MetaClient.PrecreateShardGroups(now, cutoff); err != nil {
return err
}
return nil
}
func (a *HotActor) updateQueryCache(t time.Time) error {
defer atomic.CompareAndSwapInt32(&a.queryCacheUpdated, 1, 0)
if !atomic.CompareAndSwapInt32(&a.queryCacheUpdated, 0, 1) {
return nil
}
if (t.Unix() - a.lastQueryCacheUpdate.Unix()) < GOAT_UPDATE_SPAN_SEC {
return nil
}
qcsize := len(a.queryDurations)
a.wg = utils.NewWaitGroup(2 * qcsize) //hot and flame
var from time.Time
for i := 0; i < qcsize; i++ {
if a.queryDurations[i] > 0 {
from = t.Add(-1 * a.queryDurations[i])
} else {
from = time.Time{}
}
go a.updateQueryCacheTask(from, t, proto.TopicListRequest_Hot, &a.hotQueryCache[i], a.wg)
go a.updateQueryCacheTask(from, t, proto.TopicListRequest_Flame, &a.flameQueryCache[i], a.wg)
}
if err := a.wg.Wait(); err != nil {
log.Printf("update fails with %v", err)
a.available = false
return err
} else {
log.Printf("update success")
a.available = true
a.lastQueryCacheUpdate = t
}
return nil
}
func (s *server) signSet(r []dns.RR, now time.Time, incep, expir uint32) (*dns.RRSIG, error) {
key := cache.Key(r)
if m, exp, hit := s.scache.Search(key); hit { // There can only be one sig in this cache.
// Is it still valid 24 hours from now?
if now.Add(+24*time.Hour).Sub(exp) < -24*time.Hour {
return m.Answer[0].(*dns.RRSIG), nil
}
s.scache.Remove(key)
}
logf("scache miss for %s type %d", r[0].Header().Name, r[0].Header().Rrtype)
StatsDnssecCacheMiss.Inc(1)
promCacheMiss.WithLabelValues("signature").Inc()
sig, err, shared := inflight.Do(key, func() (*dns.RRSIG, error) {
sig1 := s.NewRRSIG(incep, expir)
sig1.Header().Ttl = r[0].Header().Ttl
if r[0].Header().Rrtype == dns.TypeTXT {
sig1.OrigTtl = 0
}
e := sig1.Sign(s.config.PrivKey, r)
if e != nil {
logf("failed to sign: %s", e.Error())
}
return sig1, e
})
if err != nil {
return nil, err
}
if !shared {
s.scache.InsertSignature(key, sig)
}
return dns.Copy(sig).(*dns.RRSIG), nil
}
func (crtkit *CertKit) GenerateServer(subject pkix.Name, host, email string, NotBefore ...time.Time) error {
var e error
var derBytes []byte
var notBefore time.Time
priv, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return errors.New(fmt.Sprintf("failed to generate private key: %s", err))
}
if len(NotBefore) > 0 {
notBefore = NotBefore[0]
} else {
notBefore = time.Now()
}
serialNumber, err := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128))
if err != nil {
return errors.New(fmt.Sprintf("failed to generate serial number: %s", err))
}
if host == "" {
host, _ = os.Hostname()
}
Goose.Generator.Logf(6, "Certificate authority used: %#v", crtkit.CACert)
template := x509.Certificate{
SerialNumber: serialNumber,
Subject: subject,
IsCA: false,
NotBefore: notBefore,
NotAfter: notBefore.Add(365 * 24 * time.Hour),
DNSNames: []string{host, strings.Split(host, ".")[0]},
AuthorityKeyId: crtkit.CACert.SubjectKeyId,
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageContentCommitment,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
BasicConstraintsValid: true,
}
Goose.Generator.Logf(4, "X509 Template: %#v", template)
if crtkit.CACert.CRLDistributionPoints != nil {
template.CRLDistributionPoints = crtkit.CACert.CRLDistributionPoints
} else {
Goose.Generator.Logf(1, "Certificate authority without CRL distribution points")
}
crtkit.ServerKey = priv
crtkit.ServerCert = &template
derBytes, e = x509.CreateCertificate(rand.Reader, &template, crtkit.CACert, &priv.PublicKey, crtkit.CAKey)
if e != nil {
return errors.New(fmt.Sprintf("Failed to create certificate: %s", e))
}
Goose.Generator.Logf(4, "DER Certificate: %s", derBytes)
crtkit.ServerCertPem = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
crtkit.ServerKeyPem = pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
Goose.Generator.Logf(4, "PEM Certificate: %s", crtkit.ServerCertPem)
return nil
}
// Determine when the next housekeeping should occur.
func (self *containerData) nextHousekeeping(lastHousekeeping time.Time) time.Time {
if self.allowDynamicHousekeeping {
var empty time.Time
stats, err := self.memoryCache.RecentStats(self.info.Name, empty, empty, 2)
if err != nil {
if self.allowErrorLogging() {
glog.Warningf("Failed to get RecentStats(%q) while determining the next housekeeping: %v", self.info.Name, err)
}
} else if len(stats) == 2 {
// TODO(vishnuk): Use no processes as a signal.
// Raise the interval if usage hasn't changed in the last housekeeping.
if stats[0].StatsEq(stats[1]) && (self.housekeepingInterval < self.maxHousekeepingInterval) {
self.housekeepingInterval *= 2
if self.housekeepingInterval > self.maxHousekeepingInterval {
self.housekeepingInterval = self.maxHousekeepingInterval
}
} else if self.housekeepingInterval != *HousekeepingInterval {
// Lower interval back to the baseline.
self.housekeepingInterval = *HousekeepingInterval
}
}
}
return lastHousekeeping.Add(self.housekeepingInterval)
}
// validTokenAtTime reports whether a token is valid at the given time.
func validTokenAtTime(token, key, userID, actionID string, now time.Time) bool {
// Extract the issue time of the token.
sep := strings.LastIndex(token, ":")
if sep < 0 {
return false
}
millis, err := strconv.ParseInt(token[sep+1:], 10, 64)
if err != nil {
return false
}
issueTime := time.Unix(0, millis*1e6)
// Check that the token is not expired.
if now.Sub(issueTime) >= Timeout {
return false
}
// Check that the token is not from the future.
// Allow 1 minute grace period in case the token is being verified on a
// machine whose clock is behind the machine that issued the token.
if issueTime.After(now.Add(1 * time.Minute)) {
return false
}
expected := generateTokenAtTime(key, userID, actionID, issueTime)
// Check that the token matches the expected value.
// Use constant time comparison to avoid timing attacks.
return subtle.ConstantTimeCompare([]byte(token), []byte(expected)) == 1
}
func runDialTest(t *testing.T, test dialtest) {
var (
vtime time.Time
running int
)
pm := func(ps []*Peer) map[discover.NodeID]*Peer {
m := make(map[discover.NodeID]*Peer)
for _, p := range ps {
m[p.rw.id] = p
}
return m
}
for i, round := range test.rounds {
for _, task := range round.done {
running--
if running < 0 {
panic("running task counter underflow")
}
test.init.taskDone(task, vtime)
}
new := test.init.newTasks(running, pm(round.peers), vtime)
if !sametasks(new, round.new) {
t.Errorf("round %d: new tasks mismatch:\ngot %v\nwant %v\nstate: %v\nrunning: %v\n",
i, spew.Sdump(new), spew.Sdump(round.new), spew.Sdump(test.init), spew.Sdump(running))
}
// Time advances by 16 seconds on every round.
vtime = vtime.Add(16 * time.Second)
running += len(new)
}
}
func (suite *QueriesCacheTestSuite) TestGetOrder() {
var (
query1 *testQuery = newTestQuery("order")
query2 *testQuery = newTestQuery("order")
query3 *testQuery = newTestQuery("order")
time1 time.Time
time2 time.Time
time3 time.Time
)
time1 = time.Now().Truncate(time.Millisecond)
time2 = time1.Add(5 * time.Hour).Truncate(time.Millisecond)
time3 = time1.Add(-3 * time.Hour).Truncate(time.Millisecond)
query1.ComputedAt = time1
query2.ComputedAt = time2
query3.ComputedAt = time3
suite.cache.Store(query1)
suite.cache.Store(query2)
suite.cache.Store(query3)
partial := newTestQuery("order")
found := suite.cache.Get(partial)
assert := assert.New(suite.T())
assert.Equal(true, found)
assert.Equal(query2.ComputedAt, partial.ComputedAt)
}