amass/ZLMediaKit
1
0
Fork 0
mirror of https://github.com/ZLMediaKit/ZLMediaKit.git synced 2024-11-22 10:40:05 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Support hot-reload of SSL certificates (#2835)

Browse Source
This commit is contained in:
xia-chu 2024-09-21 18:15:32 +08:00 committed by 夏楚
parent 1753cbb81b
commit aca39bbfaa
2 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
3rdpart/ZLToolKit

@ -1 +1 @@
Subproject commit ac6ae2d76cb7463243ade44e6aa75a552e82e5c9 Subproject commit f8add834ea352bd8c9279486e48ae5070a84d4aa

31
server/main.cpp
View File

@ -215,6 +215,9 @@ public:
// Global variable, used in WebApi to save configuration files // Global variable, used in WebApi to save configuration files
string g_ini_file; string g_ini_file;
// 加载ssl证书函数对象
std::function<void()> g_reload_certificates;
int start_main(int argc,char *argv[]) { int start_main(int argc,char *argv[]) {
{ {
CMD_main cmd_main; CMD_main cmd_main;
@ -284,19 +287,24 @@ int start_main(int argc,char *argv[]) {
if (!File::is_dir(ssl_file)) { if (!File::is_dir(ssl_file)) {
// 不是文件夹,加载证书,证书包含公钥和私钥 [AUTO-TRANSLATED:5d3a5e49] // 不是文件夹,加载证书,证书包含公钥和私钥 [AUTO-TRANSLATED:5d3a5e49]
// Not a folder, load certificate, certificate contains public key and private key // Not a folder, load certificate, certificate contains public key and private key
SSL_Initor::Instance().loadCertificate(ssl_file.data()); g_reload_certificates = [ssl_file] () {
SSL_Initor::Instance().loadCertificate(ssl_file.data());
};
} else { } else {
// 加载文件夹下的所有证书 [AUTO-TRANSLATED:0e1f9b20] // 加载文件夹下的所有证书 [AUTO-TRANSLATED:0e1f9b20]
// Load all certificates under the folder // Load all certificates under the folder
File::scanDir(ssl_file,[](const string &path, bool isDir){ g_reload_certificates = [ssl_file]() {
if (!isDir) { File::scanDir(ssl_file, [](const string &path, bool isDir) {
// 最后的一个证书会当做默认证书(客户端ssl握手时未指定主机) [AUTO-TRANSLATED:b242685c] if (!isDir) {
// The last certificate will be used as the default certificate (client ssl handshake does not specify the host) // 最后的一个证书会当做默认证书(客户端ssl握手时未指定主机) [AUTO-TRANSLATED:b242685c]
SSL_Initor::Instance().loadCertificate(path.data()); // The last certificate will be used as the default certificate (client ssl handshake does not specify the host)
} SSL_Initor::Instance().loadCertificate(path.data());
return true; }
}); return true;
});
};
} }
g_reload_certificates();
std::string listen_ip = mINI::Instance()[General::kListenIP]; std::string listen_ip = mINI::Instance()[General::kListenIP];
uint16_t shellPort = mINI::Instance()[Shell::kPort]; uint16_t shellPort = mINI::Instance()[Shell::kPort];
@ -465,7 +473,10 @@ int start_main(int argc,char *argv[]) {
}); });
#if !defined(_WIN32) #if !defined(_WIN32)
signal(SIGHUP, [](int) { mediakit::loadIniConfig(g_ini_file.data()); }); signal(SIGHUP, [](int) {
mediakit::loadIniConfig(g_ini_file.data());
g_reload_certificates();
});
#endif #endif
sem.wait(); sem.wait();
} }