prosody
7e1ca18fdfb3
core/portmanager.lua
Software / code / prosody
Comparison
core/portmanager.lua @ 11597:7e1ca18fdfb3
core.portmanager: Reload direct TLS certificates after config reload
This should re-create all contexts the same way as when the service was
activated, which reloads certificates.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 10 Jun 2021 15:30:54 +0200 |
| parent | 11596:f6f1b50cbedf |
| child | 11598:081e550b973a |
comparison
equal
deleted
inserted
replaced
| 11596:f6f1b50cbedf | 11597:7e1ca18fdfb3 |
|---|---|
| 278 active_service.server.hosts[host] = nil; | 278 active_service.server.hosts[host] = nil; |
| 279 end | 279 end |
| 280 end | 280 end |
| 281 end); | 281 end); |
| 282 | 282 |
| 283 prosody.events.add_handler("config-reloaded", function () | |
| 284 for service_name, interface, port, _, active_service in active_services:iter(nil, nil, nil, nil) do | |
| 285 if active_service.tls_cfg then | |
| 286 local service_info = active_service.service; | |
| 287 local config_prefix = (service_info.config_prefix or service_name).."_"; | |
| 288 if config_prefix == "_" then | |
| 289 config_prefix = ""; | |
| 290 end | |
| 291 local ssl, cfg, err = get_port_ssl_ctx(port, interface, config_prefix, service_info); | |
| 292 if ssl then | |
| 293 active_service.server:set_sslctx(ssl); | |
| 294 active_service.tls_cfg = cfg; | |
| 295 else | |
| 296 log("error", "Error reloading certificate for encrypted port for %s: %s", service_info.name, | |
| 297 error_to_friendly_message(service_name, port, err) or "unknown error"); | |
| 298 end | |
| 299 end | |
| 300 end | |
| 301 -- TODO Update SNI too | |
| 302 end, -1); | |
| 303 | |
| 283 return { | 304 return { |
| 284 activate = activate; | 305 activate = activate; |
| 285 deactivate = deactivate; | 306 deactivate = deactivate; |
| 286 register_service = register_service; | 307 register_service = register_service; |
| 287 unregister_service = unregister_service; | 308 unregister_service = unregister_service; |
