paleolimbot commented on issue #1315:
URL: https://github.com/apache/arrow-adbc/issues/1315#issuecomment-1824815421
Ok, so I got a version to work; however because the env vars are checked in
the module `init()`, there's no opportunity for the R package to disable the
line of code that creates the cache file or set anything about the process.
Also, setting `SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED` to `false` results in a
panic.
Because the dependencies are bundled, I was able to patch + submit to CRAN;
however, this really should be upstreamed (particularly the part that causes a
panic). I'm happy to do that (just posting here in the meantime until I find
the right place to report to).
The patch for ocsp.go:
```diff
--- tools/ocsp.go.patched 2023-11-23 12:38:54
+++ src/go/adbc/vendor/github.com/snowflakedb/gosnowflake/ocsp.go
2023-11-23 14:37:59
@@ -266,7 +266,7 @@
}
func checkOCSPResponseCache(encodedCertID *certIDKey, subject, issuer
*x509.Certificate) *ocspStatus {
- if !strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "true") {
+ if strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "false") {
return &ocspStatus{code: ocspNoServer}
}
ocspResponseCacheLock.RLock()
@@ -641,7 +641,7 @@
}
func downloadOCSPCacheServer() {
- if !strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "true") {
+ if strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "false") {
return
}
ocspCacheServerURL := os.Getenv(cacheServerURLEnv)
@@ -716,12 +716,11 @@
// initOCSPCache initializes OCSP Response cache file.
func initOCSPCache() {
- ocspResponseCache = make(map[certIDKey][]interface{})
- ocspResponseCacheLock = &sync.RWMutex{}
-
- if !strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "true") {
+ if strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "false") {
return
}
+ ocspResponseCache = make(map[certIDKey][]interface{})
+ ocspResponseCacheLock = &sync.RWMutex{}
logger.Infof("reading OCSP Response cache file. %v\n", cacheFileName)
f, err := os.OpenFile(cacheFileName, os.O_CREATE|os.O_RDONLY,
os.ModePerm)
@@ -819,7 +818,7 @@
// writeOCSPCacheFile writes a OCSP Response cache file. This is called if
all revocation status is success.
// lock file is used to mitigate race condition with other process.
func writeOCSPCacheFile() {
- if !strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "true") {
+ if strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "false") {
return
}
logger.Infof("writing OCSP Response cache file. %v\n", cacheFileName)
@@ -893,7 +892,7 @@
// createOCSPCacheDir creates OCSP response cache directory and set the
cache file name.
func createOCSPCacheDir() {
- if !strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "true") {
+ if strings.EqualFold(os.Getenv(cacheServerEnabledEnv), "false") {
logger.Info(`OCSP Cache Server disabled. All further access
and use of
OCSP Cache will be disabled for this OCSP Status
Query`)
return
```
Commit on the CRAN packaging branch:
https://github.com/paleolimbot/arrow-adbc/commit/ae13d9474b68f04f60d9e38f84de14853711fe4f
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
