Actions
Enhancement #758
openLoad new certificates on /BIP RELOAD / SIGHUP
Start date:
2022-03-15
Due date:
% Done:
100%
Estimated time:
Patch Available:
Yes
Found in Versions:
Confirmed:
No
Branch:
Security:
Help Needed:
Description
We need to find a way to re-read SSL cert/key for use with new client connections.
Most people probably use Let's Encrypt, which means they need to restart BIP every 3 months.
Files
Updated by Loïc Gomez over 1 year ago
- File 0001-Close-and-re-open-listening-socket-when-reloading-BI.patch added
- Patch Available set to Yes
Well that was easier than expected.
This needs careful review, as I'm not 100% sure all I did was correct, like did I close/free all required, is there a cleaner solution ?
I also allowed bip to retry 3 times to listen() before going fatal() as there might be issues reusing the port for a few seconds. We use SO_REUSEADDR though, so it should be ok.
Tested changing port or cert and worked for me (/bip RELOAD or SIGHUP) ;)
Updated by Loïc Gomez over 1 year ago
- File deleted (
0001-Close-and-re-open-listening-socket-when-reloading-BI.patch)
Updated by Loïc Gomez over 1 year ago
- File 0001-Close-and-re-open-listening-socket-when-reloading-BI.patch 0001-Close-and-re-open-listening-socket-when-reloading-BI.patch added
Forgot to lint.
Actions