mirror of
https://github.com/Icinga/icinga2.git
synced 2025-07-22 21:24:41 +02:00
Merge pull request #8515 from Icinga/feature/update-ssl-context-after-accepting-new-connection-8501
API: Update the ssl context after each accepting incoming connection
This commit is contained in:
commit
4063e39d5f
@ -1367,6 +1367,13 @@ bool Utility::PathExists(const String& path)
|
|||||||
return fs::exists(fs::path(path.Begin(), path.End()), ec) && !ec;
|
return fs::exists(fs::path(path.Begin(), path.End()), ec) && !ec;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
time_t Utility::GetFileCreationTime(const String& path)
|
||||||
|
{
|
||||||
|
namespace fs = boost::filesystem;
|
||||||
|
|
||||||
|
return fs::last_write_time(boost::lexical_cast<fs::path>(path));
|
||||||
|
}
|
||||||
|
|
||||||
Value Utility::LoadJsonFile(const String& path)
|
Value Utility::LoadJsonFile(const String& path)
|
||||||
{
|
{
|
||||||
std::ifstream fp;
|
std::ifstream fp;
|
||||||
|
@ -112,6 +112,7 @@ public:
|
|||||||
static tm LocalTime(time_t ts);
|
static tm LocalTime(time_t ts);
|
||||||
|
|
||||||
static bool PathExists(const String& path);
|
static bool PathExists(const String& path);
|
||||||
|
static time_t GetFileCreationTime(const String& path);
|
||||||
|
|
||||||
static void Remove(const String& path);
|
static void Remove(const String& path);
|
||||||
static void RemoveDirRecursive(const String& path);
|
static void RemoveDirRecursive(const String& path);
|
||||||
|
@ -432,11 +432,31 @@ void ApiListener::ListenerCoroutineProc(boost::asio::yield_context yc, const Sha
|
|||||||
|
|
||||||
auto& io (IoEngine::Get().GetIoContext());
|
auto& io (IoEngine::Get().GetIoContext());
|
||||||
|
|
||||||
|
time_t lastModified = -1;
|
||||||
|
const String crlPath = GetCrlPath();
|
||||||
|
|
||||||
|
if (!crlPath.IsEmpty()) {
|
||||||
|
lastModified = Utility::GetFileCreationTime(crlPath);
|
||||||
|
}
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
try {
|
try {
|
||||||
auto sslConn (Shared<AsioTlsStream>::Make(io, *sslContext));
|
asio::ip::tcp::socket socket (io);
|
||||||
|
|
||||||
server->async_accept(sslConn->lowest_layer(), yc);
|
server->async_accept(socket.lowest_layer(), yc);
|
||||||
|
|
||||||
|
if (!crlPath.IsEmpty()) {
|
||||||
|
time_t currentCreationTime = Utility::GetFileCreationTime(crlPath);
|
||||||
|
|
||||||
|
if (lastModified != currentCreationTime) {
|
||||||
|
UpdateSSLContext();
|
||||||
|
|
||||||
|
lastModified = currentCreationTime;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
auto sslConn (Shared<AsioTlsStream>::Make(io, *sslContext));
|
||||||
|
sslConn->lowest_layer() = std::move(socket);
|
||||||
|
|
||||||
auto strand (Shared<asio::io_context::strand>::Make(io));
|
auto strand (Shared<asio::io_context::strand>::Make(io));
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user