github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

[cron] sleep random seconds (<59), if not interactive or forced 

https://github.com/acmesh-official/acme.sh/pull/944#issuecomment-707255200

Let's Encrypt employee said in the comments "we do see peaks at the beginning of minutes and even seconds; the finer-grained time randomization, the better."

This adds a random amount of sleep second before beginning the cron job. I considered reading from `/dev/urandom` and so on, but we aren't doing anything security critical here so I thought that just using the process number modulo 59 (the largest prime <= 60) should give decent variability across the systems. The starting hour and minute are already randomized during the installation.
pull/5215/head
oittaa 2024-07-20 13:11:39 +02:00 committed by GitHub
parent 0f61e9c15e
commit 795d987b9b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
acme.sh
View File

@ -6737,6 +6737,11 @@ cron() {
export _ACME_IN_CRON=1 export _ACME_IN_CRON=1
_initpath _initpath
_info "$(__green "===Starting cron===")" _info "$(__green "===Starting cron===")"
if [ -z "$FORCE" ] && [ -z "$__INTERACTIVE" ]; then
random_sec=$(_math $$ % 59)
_info "Sleeping for $random_sec seconds."
_sleep $random_sec
fi
if [ "$AUTO_UPGRADE" = "1" ]; then if [ "$AUTO_UPGRADE" = "1" ]; then
export LE_WORKING_DIR export LE_WORKING_DIR
( (