diff options
Diffstat (limited to 'https.cpp')
-rw-r--r-- | https.cpp | 56 |
1 files changed, 9 insertions, 47 deletions
@@ -43,8 +43,6 @@ using tcp = boost::asio::ip::tcp; // from <boost/asio/ip/tcp.hpp> namespace { - // reload certs once a day: may be updated by certbot - const int32_t certificates_timer_seconds { 24 * 60*60 }; //------------------------------------------------------------------------------ // Report a failure @@ -200,7 +198,7 @@ public: ) { if(ec) - return fail(ec, "handshake"); + return fail(ec, "https handshake"); do_read(); } @@ -254,7 +252,7 @@ public: return do_close(); if(ec) - return fail(ec, "read"); + return fail(ec, "https read"); req_ = parser_->get(); @@ -278,7 +276,7 @@ public: boost::ignore_unused(bytes_transferred); if(ec) - return fail(ec, "write"); + return fail(ec, "https write"); if(close) { @@ -321,7 +319,7 @@ public: on_shutdown(beast::error_code ec) { if(ec) - return fail(ec, "shutdown"); + return fail(ec, "https shutdown"); // At this point the connection is closed gracefully } @@ -368,7 +366,7 @@ public: acceptor_.open(endpoint.protocol(), ec); if(ec) { - fail(ec, "open"); + fail(ec, "https open"); return; } @@ -376,7 +374,7 @@ public: acceptor_.set_option(net::socket_base::reuse_address(true), ec); if(ec) { - fail(ec, "set_option"); + fail(ec, "https set_option"); return; } @@ -384,7 +382,7 @@ public: acceptor_.bind(endpoint, ec); if(ec) { - fail(ec, "bind"); + fail(ec, "https bind"); return; } @@ -393,7 +391,7 @@ public: net::socket_base::max_listen_connections, ec); if(ec) { - fail(ec, "listen"); + fail(ec, "https listen"); return; } } @@ -439,7 +437,7 @@ private: { if(ec) { - fail(ec, "accept"); + fail(ec, "https accept"); } else { @@ -631,20 +629,8 @@ namespace HTTPS { Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins, Statistics& statistics) : ::Server(config, ioc, socket, plugins, statistics) - , m_certificates_timer(ioc, boost::asio::chrono::seconds(certificates_timer_seconds)) -#if 0 // problem: at this point, privileges are dropped and access to certbot keys is limited. File re-load fails with exception. - , m_certificates_timer_callback { - [&](const boost::system::error_code& error){ - reload_certificates(); - m_certificates_timer.expires_at(m_certificates_timer.expires_at() + boost::asio::chrono::seconds(certificates_timer_seconds)); - m_certificates_timer.async_wait(m_certificates_timer_callback); - }} -#endif { load_certificates(); // load initially - - // Reload certs once a day, maybe updated by certbot - m_certificates_timer.async_wait(m_certificates_timer_callback); } Server::~Server() @@ -679,30 +665,6 @@ void Server::load_certificates() } } -void Server::reload_certificates() -{ - for (const auto& serve_site: m_socket.serve_sites) { - for (const auto& site: m_config.Sites()) { - if (site.first == serve_site) { - - std::cout << "Updating SSL context/cert for site " << serve_site << " on port " << m_socket.port << std::endl; - - auto it_host {site.second.hosts.begin()}; - if (it_host == site.second.hosts.end()) { - std::cout << " Warning: No configured host found." << std::endl; - } else { - auto it_ctx {m_ctx.find(*it_host)}; - if (it_ctx == m_ctx.end()) { - std::cout << " Warning: No context found for configured host." << std::endl; - } else { - load_server_certificate(*it_ctx->second, site.second.cert_path, site.second.key_path); - } - } - } - } - } -} - int Server::start() { auto const address = net::ip::make_address(m_socket.address); |