Software / code / prosody
Changeset
11597:7e1ca18fdfb3
core.portmanager: Reload direct TLS certificates after config reload
This should re-create all contexts the same way as when the service was
activated, which reloads certificates.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 10 Jun 2021 15:30:54 +0200 |
| parents | 11596:f6f1b50cbedf |
| children | 11598:081e550b973a |
| files | core/portmanager.lua |
| diffstat | 1 files changed, 21 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/core/portmanager.lua Thu Jun 10 15:21:07 2021 +0200 +++ b/core/portmanager.lua Thu Jun 10 15:30:54 2021 +0200 @@ -280,6 +280,27 @@ end end); +prosody.events.add_handler("config-reloaded", function () + for service_name, interface, port, _, active_service in active_services:iter(nil, nil, nil, nil) do + if active_service.tls_cfg then + local service_info = active_service.service; + local config_prefix = (service_info.config_prefix or service_name).."_"; + if config_prefix == "_" then + config_prefix = ""; + end + local ssl, cfg, err = get_port_ssl_ctx(port, interface, config_prefix, service_info); + if ssl then + active_service.server:set_sslctx(ssl); + active_service.tls_cfg = cfg; + else + log("error", "Error reloading certificate for encrypted port for %s: %s", service_info.name, + error_to_friendly_message(service_name, port, err) or "unknown error"); + end + end + end + -- TODO Update SNI too +end, -1); + return { activate = activate; deactivate = deactivate;
