Skip to content

Commit

Permalink
Merge #21: Set max-age for short-term AIA responses
Browse files Browse the repository at this point in the history 
895ec93 Set max-age for short-term AIA responses (Jeremy Rand)

Pull request description:

  Refs #19

Top commit has no ACKs.

Tree-SHA512: 93728fd70729b9fc851790d5a5c5291f007e6d1a63958591d4f6623e5f33fa09f8500dd29fe48bd72dba772fba856849ac976e2877dbcc9f80fe8fb4873bc674
  • Loading branch information
@JeremyRand
JeremyRand committed Aug 26, 2021
2 parents 50491ec + 895ec93 commit c70714c
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"math/big"
"net/http"
"path/filepath"
"strconv"
"strings"
"sync"
"time"
Expand Down Expand Up @@ -523,6 +524,12 @@ func (s *Server) aiaHandler(w http.ResponseWriter, req *http.Request) {
return
}

// Set short-term caching duration of half the cert validity
maxAge := safetlsa.ValidityShortTerm() / 2
maxAgeSeconds := int(maxAge / time.Second)
maxAgeStr := strconv.Itoa(maxAgeSeconds)
w.Header().Set("Cache-Control", "max-age="+maxAgeStr)

for _, rr := range dnsResponse.Answer {
tlsa, ok := rr.(*dns.TLSA)
if !ok {
Expand Down

0 comments on commit c70714c

Please sign in to comment.