-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Concurrency error when trying to get a certificate. #119
Comments
Thanks for the bug report @BenjaminSchubert 🍰 Can you share the Certbot command line you ran when you produced this Pebble output? |
Ensuring we don't have anything in /etc/letsencrypt; I run:
On a fedora:27 image up to date. |
@cpu here is a vagrant file that contains my environment and the steps I perform. To reproduce you can do:
|
@BenjaminSchubert Thanks for the detailed reproduction notes & the Vagrantfile! That's a great help. I'll try to take a look at this crash this afternoon. |
Hi again @BenjaminSchubert 👋 I was able to reproduce this bug and put a fix out in #120 Thanks again for the bug report!!
The issue here is that the With the bug fixed applied you'll get a different result:
As a side-note: You might be able to simplify your I run Certbot against Pebble on my localhost like this: |
In `VA.setAuthzInvalid` we `defer` the `Unlock()` of a challenge's `sync.RWMutex`: https://github.com/letsencrypt/pebble/blob/43f6c387dc6278772c54da74f3eb7fb0c1703256/va/va.go#L183 Unfortunately, we also explicitly call `Unlock()` at the end of the function: https://github.com/letsencrypt/pebble/blob/43f6c387dc6278772c54da74f3eb7fb0c1703256/va/va.go#L188 The combination of doing both would panic the `pebble` binary when a challenge validation failed with an error like: `fatal error: sync: Unlock of unlocked RWMutex` This commit removes the superfluous explicit `Unlock()`, fixes the panic, and resolves #119. Thanks to @BenjaminSchubert for reporting this bug! 🏆
I created #121 to fix the input validation to reject nonsense domains earlier. |
And with #120 now merged this should be fixed in master 👍 |
Hi,
Launching a pebble server and trying to get a certificate with cerbot gives me the following stacktrace:
I sadly don't know enough of go to debug this but I can help in reproducing/testing if needed.
The text was updated successfully, but these errors were encountered: