auth: fix race on stopping simple token keeper

run goroutine was resetting a field for no reason and without holding a lock. This patch cleans up the run goroutine management to make the start/stop path less racey in general.
2024-09-27 06:25:44 +00:00 · 2017-04-14 09:50:33 -07:00 · 2017-04-14 09:50:33 -07:00 · a20295c65b
commit a20295c65b
parent 9f7bb0df3a
2 changed files with 18 additions and 13 deletions
--- a/auth/simple_token.go
+++ b/auth/simple_token.go
@ -38,16 +38,18 @@ var (

 type simpleTokenTTLKeeper struct {
 	tokens          map[string]time.Time
-	stopCh          chan chan struct{}
+	donec           chan struct{}
+	stopc           chan struct{}
 	deleteTokenFunc func(string)
 	mu              *sync.Mutex
 }

 func (tm *simpleTokenTTLKeeper) stop() {
-	waitCh := make(chan struct{})
-	tm.stopCh <- waitCh
-	<-waitCh
-	close(tm.stopCh)
+	select {
+	case tm.stopc <- struct{}{}:
+	case <-tm.donec:
+	}
+	<-tm.donec
 }

 func (tm *simpleTokenTTLKeeper) addSimpleToken(token string) {
@ -66,7 +68,10 @@ func (tm *simpleTokenTTLKeeper) deleteSimpleToken(token string) {

 func (tm *simpleTokenTTLKeeper) run() {
 	tokenTicker := time.NewTicker(simpleTokenTTLResolution)
-	defer tokenTicker.Stop()
+	defer func() {
+		tokenTicker.Stop()
+		close(tm.donec)
+	}()
 	for {
 		select {
 		case <-tokenTicker.C:
@ -79,9 +84,7 @@ func (tm *simpleTokenTTLKeeper) run() {
 				}
 			}
 			tm.mu.Unlock()
-		case waitCh := <-tm.stopCh:
-			tm.tokens = make(map[string]time.Time)
-			waitCh <- struct{}{}
+		case <-tm.stopc:
 			return
 		}
 	}
@ -96,7 +99,8 @@ func (as *authStore) enable() {
 	}
 	as.simpleTokenKeeper = &simpleTokenTTLKeeper{
 		tokens:          make(map[string]time.Time),
-		stopCh:          make(chan chan struct{}),
+		donec:           make(chan struct{}),
+		stopc:           make(chan struct{}),
 		deleteTokenFunc: delf,
 		mu:              &as.simpleTokensMu,
 	}
--- a/auth/store.go
+++ b/auth/store.go
@ -243,11 +243,12 @@ func (as *authStore) AuthDisable() {
 	as.enabled = false

 	as.simpleTokensMu.Lock()
+	tk := as.simpleTokenKeeper
+	as.simpleTokenKeeper = nil
 	as.simpleTokens = make(map[string]string) // invalidate all tokens
 	as.simpleTokensMu.Unlock()
-	if as.simpleTokenKeeper != nil {
-		as.simpleTokenKeeper.stop()
-		as.simpleTokenKeeper = nil
+	if tk != nil {
+		tk.stop()
 	}

 	plog.Noticef("Authentication disabled")