From 2d0bd5acd12a76e12d1fda9d8f2b2a5170298a50 Mon Sep 17 00:00:00 2001 From: Roland Reichwein Date: Tue, 19 May 2020 13:47:11 +0200 Subject: Code cleanup --- https.cpp | 56 +++++++++----------------------------------------------- https.h | 3 --- 2 files changed, 9 insertions(+), 50 deletions(-) diff --git a/https.cpp b/https.cpp index 0cbce8e..e56af9a 100644 --- a/https.cpp +++ b/https.cpp @@ -43,8 +43,6 @@ using tcp = boost::asio::ip::tcp; // from namespace { - // reload certs once a day: may be updated by certbot - const int32_t certificates_timer_seconds { 24 * 60*60 }; //------------------------------------------------------------------------------ // Report a failure @@ -200,7 +198,7 @@ public: ) { if(ec) - return fail(ec, "handshake"); + return fail(ec, "https handshake"); do_read(); } @@ -254,7 +252,7 @@ public: return do_close(); if(ec) - return fail(ec, "read"); + return fail(ec, "https read"); req_ = parser_->get(); @@ -278,7 +276,7 @@ public: boost::ignore_unused(bytes_transferred); if(ec) - return fail(ec, "write"); + return fail(ec, "https write"); if(close) { @@ -321,7 +319,7 @@ public: on_shutdown(beast::error_code ec) { if(ec) - return fail(ec, "shutdown"); + return fail(ec, "https shutdown"); // At this point the connection is closed gracefully } @@ -368,7 +366,7 @@ public: acceptor_.open(endpoint.protocol(), ec); if(ec) { - fail(ec, "open"); + fail(ec, "https open"); return; } @@ -376,7 +374,7 @@ public: acceptor_.set_option(net::socket_base::reuse_address(true), ec); if(ec) { - fail(ec, "set_option"); + fail(ec, "https set_option"); return; } @@ -384,7 +382,7 @@ public: acceptor_.bind(endpoint, ec); if(ec) { - fail(ec, "bind"); + fail(ec, "https bind"); return; } @@ -393,7 +391,7 @@ public: net::socket_base::max_listen_connections, ec); if(ec) { - fail(ec, "listen"); + fail(ec, "https listen"); return; } } @@ -439,7 +437,7 @@ private: { if(ec) { - fail(ec, "accept"); + fail(ec, "https accept"); } else { @@ -631,20 +629,8 @@ namespace HTTPS { Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins, Statistics& statistics) : ::Server(config, ioc, socket, plugins, statistics) - , m_certificates_timer(ioc, boost::asio::chrono::seconds(certificates_timer_seconds)) -#if 0 // problem: at this point, privileges are dropped and access to certbot keys is limited. File re-load fails with exception. - , m_certificates_timer_callback { - [&](const boost::system::error_code& error){ - reload_certificates(); - m_certificates_timer.expires_at(m_certificates_timer.expires_at() + boost::asio::chrono::seconds(certificates_timer_seconds)); - m_certificates_timer.async_wait(m_certificates_timer_callback); - }} -#endif { load_certificates(); // load initially - - // Reload certs once a day, maybe updated by certbot - m_certificates_timer.async_wait(m_certificates_timer_callback); } Server::~Server() @@ -679,30 +665,6 @@ void Server::load_certificates() } } -void Server::reload_certificates() -{ - for (const auto& serve_site: m_socket.serve_sites) { - for (const auto& site: m_config.Sites()) { - if (site.first == serve_site) { - - std::cout << "Updating SSL context/cert for site " << serve_site << " on port " << m_socket.port << std::endl; - - auto it_host {site.second.hosts.begin()}; - if (it_host == site.second.hosts.end()) { - std::cout << " Warning: No configured host found." << std::endl; - } else { - auto it_ctx {m_ctx.find(*it_host)}; - if (it_ctx == m_ctx.end()) { - std::cout << " Warning: No context found for configured host." << std::endl; - } else { - load_server_certificate(*it_ctx->second, site.second.cert_path, site.second.key_path); - } - } - } - } - } -} - int Server::start() { auto const address = net::ip::make_address(m_socket.address); diff --git a/https.h b/https.h index 8350c4d..8d4b426 100644 --- a/https.h +++ b/https.h @@ -39,15 +39,12 @@ public: private: ctx_type m_ctx; - boost::asio::steady_timer m_certificates_timer; - std::function m_certificates_timer_callback; public: Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins, Statistics& statistics); virtual ~Server(); void load_certificates(); - void reload_certificates(); int start() override; }; -- cgit v1.2.3