From 2856771c6d57415dc2ecb6c5076ce81a6fb9b5cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Wed, 9 Jun 2021 22:32:11 +0300 Subject: [PATCH] Startup race condition fixes --- ocsp_responder.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/ocsp_responder.py b/ocsp_responder.py index a3a07f1..30481b3 100755 --- a/ocsp_responder.py +++ b/ocsp_responder.py @@ -11,6 +11,7 @@ from oscrypto import asymmetric from prometheus_client import Counter, Histogram from sanic import Sanic, response from sanic_prometheus import monitor +from time import sleep ocsp_request_valid = Counter("pinecrypt_ocsp_request_valid", "Valid OCSP requests") @@ -29,10 +30,16 @@ ocsp_response_status = Counter("pinecrypt_ocsp_response_status", app = Sanic("events") monitor(app).expose_endpoint() - -# Load CA certificate -with open("/server-secrets/ca_cert.pem", "rb") as fh: - authority_cert = asymmetric.load_certificate(fh.read()) +while True: + try: + # Load CA certificate + with open("/server-secrets/ca_cert.pem", "rb") as fh: + authority_cert = asymmetric.load_certificate(fh.read()) + except FileNotFoundError: + sleep(1) + continue + else: + break # Load CA private key with open("/authority-secrets/ca_key.pem", "rb") as fh: