Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FIXED] Websocket: TLS configuration not updated on reload #2072

Merged
merged 1 commit into from
Apr 7, 2021
Merged

[FIXED] Websocket: TLS configuration not updated on reload #2072

merged 1 commit into from
Apr 7, 2021

Conversation

kozlovic
Copy link
Member

@kozlovic kozlovic commented Apr 6, 2021

Although we do not support websocket configuration changes, we usually
try to support changes to TLS certificates, etc..

The way websocket is handled (using an http server), the TLS config
was given on startup and updates following a configuration reload
would not be reflected.
Using a tls.Config function that allows passing the tls config
prior to handshake seem to workaround this issue.

I have added a test that demonstrate that the TLS configuration
is really updated after the reload.

Signed-off-by: Ivan Kozlovic ivan@synadia.com

derekcollison
derekcollison approved these changes Apr 6, 2021
View reviewed changes
Copy link
Member

@derekcollison derekcollison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

davidkemper
davidkemper approved these changes Apr 7, 2021
View reviewed changes
Copy link

@davidkemper davidkemper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kozlovic
[FIXED] Websocket: TLS configuration not updated on reload
f96f36c 
Although we do not support websocket configuration changes, we usually
try to support changes to TLS certificates, etc..

The way websocket is handled (using an http server), the TLS config
was given on startup and updates following a configuration reload
would not be reflected.
Using a tls.Config function that allows passing the tls config
prior to handshake seem to workaround this issue.

I have added a test that demonstrate that the TLS configuration
is really updated after the reload.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
@kozlovic kozlovic force-pushed the websocket_tls_reload branch from 95dc350 to f96f36c Compare April 7, 2021 19:58
@kozlovic
Copy link
Member Author

kozlovic commented Apr 7, 2021

I have rebased from master to use @variadico new helper to remove config file in the new test (since helper checks/report errors).

@kozlovic kozlovic merged commit 3000128 into master Apr 7, 2021
@kozlovic kozlovic deleted the websocket_tls_reload branch April 7, 2021 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derekcollison derekcollison derekcollison approved these changes

@davidkemper davidkemper davidkemper approved these changes

@philpennock philpennock Awaiting requested review from philpennock

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kozlovic @derekcollison @davidkemper