kevinburke1
commented
3 years ago Here's a sample stack trace
runtime/debug.Stack(0x17, 0x17, 0x163d843)
/Users/kevin/go/src/runtime/debug/stack.go:24 +0x9f
runtime/debug.PrintStack()
/Users/kevin/go/src/runtime/debug/stack.go:16 +0x25
crypto/x509.parseCertificate(0xc000571500, 0x40b, 0x41a, 0x1540dc0)
/Users/kevin/go/src/crypto/x509/x509.go:1296 +0x5a
crypto/x509.ParseCertificate(0xc000465b00, 0x40b, 0x41a, 0xc0082a3d70, 0xc000591fcc, 0x0)
/Users/kevin/go/src/crypto/x509/x509.go:1560 +0xf8
crypto/x509.(*CertPool).AppendCertsFromPEM(0xc008212150, 0xc000582000, 0xffcc, 0xffcd, 0xffcd)
/Users/kevin/go/src/crypto/x509/cert_pool.go:218 +0x16c
github.com/meterup/project/vendor/github.com/lib/pq.sslCertificateAuthority(0xc000435e00, 0xc000630060, 0x0, 0x0)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/ssl.go:145 +0x16c
github.com/meterup/project/vendor/github.com/lib/pq.ssl(0xc000630060, 0x11, 0x1a68120, 0x3)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/ssl.go:57 +0x2cc
github.com/meterup/project/vendor/github.com/lib/pq.(*conn).ssl(0xc0004322c0, 0xc000630060, 0x16e7750, 0xc000560600)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/conn.go:1028 +0x45
github.com/meterup/project/vendor/github.com/lib/pq.(*Connector).open(0xc000202210, 0x16eb9d0, 0xc0000a8000, 0xc0004322c0, 0x0, 0x0)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/conn.go:312 +0x227
github.com/meterup/project/vendor/github.com/lib/pq.DialOpen(0x16e7750, 0xc000560600, 0xc00003600d, 0x14c, 0x0, 0x106a0ac, 0xc000560198, 0x1554a20)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/conn.go:285 +0xa5
github.com/meterup/project/vendor/github.com/lib/pq.Open(...)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/conn.go:275
github.com/meterup/project/vendor/github.com/lib/pq.(*Driver).Open(0x1a66a60, 0xc00003600d, 0x14c, 0xc0000961e0, 0x0, 0xc000560100, 0x1650000)
/Users/kevin/src/github.com/meterup/project/vendor/github.com/lib/pq/conn.go:48 +0x9f
database/sql.dsnConnector.Connect(...)
/Users/kevin/go/src/database/sql/sql.go:707
database/sql.(*DB).conn(0xc0000a41a0, 0x16eba08, 0xc000560180, 0xc0004bc301, 0xc0006040e0, 0x0, 0x0)
/Users/kevin/go/src/database/sql/sql.go:1310 +0xa42
database/sql.(*DB).begin(0xc0000a41a0, 0x16eba08, 0xc000560180, 0x0, 0x2000001f01, 0x1569900, 0xc00081d9a0, 0x0)
/Users/kevin/go/src/database/sql/sql.go:1776 +0x4f
database/sql.(*DB).BeginTx(0xc0000a41a0, 0x16eba08, 0xc000560180, 0x0, 0x72656c7564656863, 0x2f726f646e65762f, 0x632e627568746967)
/Users/kevin/go/src/database/sql/sql.go:1755 +0x8f
My program provides a custom sslrootcert. Every time sql opens a new connection (which happens fairly frequently), the same certificate is re-parsed.
It would be good to check to see if we have parsed the certificate before and then reuse it instead of repeatedly doing the same work over and over again.