querysub 0.76.0 → 0.77.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/-e-certs/EdgeCertController.ts +20 -18
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "querysub",
3
- "version": "0.76.0",
3
+ "version": "0.77.0",
4
4
  "main": "index.js",
5
5
  "license": "MIT",
6
6
  "note1": "note on node-forge fork, see https://github.com/digitalbazaar/forge/issues/744 for details",
package/src/-e-certs/EdgeCertController.ts CHANGED
@@ -185,7 +185,7 @@ const runEdgeDomainAliveLoop = lazy(() => {
185
185
  // NOTE: Our DNS TTL is 1 minute, which means no matter how fast we poll,
186
186
  // we can't get below that. Of course the worst case is that + our poll rate,
187
187
  // but still, this means there is less and less benefit the lower this value is.
188
- runInfinitePoll(1000 * 60, checkEdgeDomainsAlive);
188
+ runInfinitePoll(timeInMinute, checkEdgeDomainsAlive);
189
189
  });
190
190
  async function checkEdgeDomainsAlive() {
191
191
  if (isNoNetwork()) return;
@@ -213,6 +213,25 @@ async function checkEdgeDomainsAlive() {
213
213
  }
214
214
 
215
215
  async function getHTTPSKeyCertInner(callerIP: string) {
216
+ let cert = await getBaseCert();
217
+ // If the cert is 50% expired generate a new one
218
+ let certObj = parseCert(cert.cert);
219
+
220
+ // Get expiration date
221
+ let expirationTime = +new Date(certObj.validity.notAfter);
222
+ let createTime = +new Date(certObj.validity.notBefore);
223
+
224
+ // If 50% of the lifetime has passed, renew the cert
225
+ let renewDate = createTime + (expirationTime - createTime) * 0.5;
226
+ if (renewDate < Date.now()) {
227
+ console.log(`HTTPS certificate is looking too old, forcefully renewing`);
228
+ getHTTPSKeyCert.clear(getDomain());
229
+ getBaseCert = createGetBaseCert();
230
+ cert = await getBaseCert();
231
+ }
232
+
233
+ // IMPORTANT! We have to set our A record AFTER we create our cert, otherwise we might wait a while
234
+ // with our A record public while we create our cert.
216
235
  runEdgeDomainAliveLoop();
217
236
  const edgeDomain = getDomain();
218
237
  if (callerIP) {
@@ -262,23 +281,6 @@ async function getHTTPSKeyCertInner(callerIP: string) {
262
281
  }
263
282
  }
264
283
 
265
- let cert = await getBaseCert();
266
- // If the cert is 50% expired generate a new one
267
- let certObj = parseCert(cert.cert);
268
-
269
- // Get expiration date
270
- let expirationTime = +new Date(certObj.validity.notAfter);
271
- let createTime = +new Date(certObj.validity.notBefore);
272
-
273
- // If 50% of the lifetime has passed, renew the cert
274
- let renewDate = createTime + (expirationTime - createTime) * 0.5;
275
- if (renewDate < Date.now()) {
276
- console.log(`HTTPS certificate is looking too old, forcefully renewing`);
277
- getHTTPSKeyCert.clear(getDomain());
278
- getBaseCert = createGetBaseCert();
279
- cert = await getBaseCert();
280
- }
281
-
282
284
  return cert;
283
285
  }
284
286