1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
// Copyright 2022 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package tls
import (
"encoding/pem"
"fmt"
"runtime"
"testing"
"time"
)
func TestCertCache(t *testing.T) {
cc := certCache{}
p, _ := pem.Decode([]byte(rsaCertPEM))
if p == nil {
t.Fatal("Failed to decode certificate")
}
certA, err := cc.newCert(p.Bytes)
if err != nil {
t.Fatalf("newCert failed: %s", err)
}
certB, err := cc.newCert(p.Bytes)
if err != nil {
t.Fatalf("newCert failed: %s", err)
}
if certA.cert != certB.cert {
t.Fatal("newCert returned a unique reference for a duplicate certificate")
}
if entry, ok := cc.Load(string(p.Bytes)); !ok {
t.Fatal("cache does not contain expected entry")
} else {
if refs := entry.(*cacheEntry).refs.Load(); refs != 2 {
t.Fatalf("unexpected number of references: got %d, want 2", refs)
}
}
timeoutRefCheck := func(t *testing.T, key string, count int64) {
t.Helper()
c := time.After(4 * time.Second)
for {
select {
case <-c:
t.Fatal("timed out waiting for expected ref count")
default:
e, ok := cc.Load(key)
if !ok && count != 0 {
t.Fatal("cache does not contain expected key")
} else if count == 0 && !ok {
return
}
if e.(*cacheEntry).refs.Load() == count {
return
}
}
}
}
// Keep certA alive until at least now, so that we can
// purposefully nil it and force the finalizer to be
// called.
runtime.KeepAlive(certA)
certA = nil
runtime.GC()
timeoutRefCheck(t, string(p.Bytes), 1)
// Keep certB alive until at least now, so that we can
// purposefully nil it and force the finalizer to be
// called.
runtime.KeepAlive(certB)
certB = nil
runtime.GC()
timeoutRefCheck(t, string(p.Bytes), 0)
}
func BenchmarkCertCache(b *testing.B) {
p, _ := pem.Decode([]byte(rsaCertPEM))
if p == nil {
b.Fatal("Failed to decode certificate")
}
cc := certCache{}
b.ReportAllocs()
b.ResetTimer()
// We expect that calling newCert additional times after
// the initial call should not cause additional allocations.
for extra := 0; extra < 4; extra++ {
b.Run(fmt.Sprint(extra), func(b *testing.B) {
actives := make([]*activeCert, extra+1)
b.ResetTimer()
for i := 0; i < b.N; i++ {
var err error
actives[0], err = cc.newCert(p.Bytes)
if err != nil {
b.Fatal(err)
}
for j := 0; j < extra; j++ {
actives[j+1], err = cc.newCert(p.Bytes)
if err != nil {
b.Fatal(err)
}
}
for j := 0; j < extra+1; j++ {
actives[j] = nil
}
runtime.GC()
}
})
}
}
|
