Also reload SSL context on bip reload, allowing for SSL cert updates

2024-02-04 14:49:35 +09:00 · 2024-02-04 14:49:35 +09:00 · 65fdde9e21
commit 65fdde9e21
parent ee9478e7ce
1 changed files with 16 additions and 0 deletions
--- a/src/bip_main.c
+++ b/src/bip_main.c
@ -340,6 +340,22 @@ int main(int argc, char **argv)

 		/* re-open to allow logfile rotate */
 		log_file_setup();
+
+#ifdef HAVE_LIBSSL
+		/* reload SSL context if server-side SSL is enabled and SSL files
+		 * seem accessible */
+		if (conf_css) {
+			if (check_ssl_files(SOFT_FAIL)) {
+				if (set_ssl_context(SSLCTX_FORCE_UPDATE) == 1)
+				    mylog(LOG_DEBUG, "SSL context has been updated");
+                else
+				    mylog(LOG_DEBUG, "SSL context has not been updated");
+            } else {
+				mylog(LOG_ERROR, "Unable to update SSL context, "
+								"file checks failed");
+            }
+		}
+#endif
 	}
 	return 1;
 }