commit d1c7a12e46b97d25cd4a67f17c21ef597ec82235
parent a487cd4e18fcb0e6ece0fa5e9626ec45ecc41224
Author: Robert Russell <robertrussell.72001@gmail.com>
Date: Mon, 15 Jul 2024 23:40:17 -0700
Simplify signal usage
See previous commit.
Diffstat:
| M | tlsrp.go | | | 45 | +++++++++++++++++++-------------------------- |
1 file changed, 19 insertions(+), 26 deletions(-)
diff --git a/tlsrp.go b/tlsrp.go
@@ -19,6 +19,16 @@ import (
"time"
)
+// TODO: FS-based config
+// foo.rr3.xyz
+// | _cert
+// | _key
+// | _unix OR _tcp
+// Leading wildcards:
+// _.rr3.xyz
+// Explicit non-wildcard preferred.
+// Just "_" means default for clients with no SNI support.
+
// We only enforce a timeout on the handshake. After the handshake is complete,
// the sink is responsible for timing-out clients.
const handshakeTimeout = 10 * time.Second
@@ -249,35 +259,18 @@ func manageConfig(cfgPath string) {
// causing every client to be rejected.
}
- sigusr := make(chan os.Signal, 2)
- signal.Notify(sigusr, unix.SIGUSR1, unix.SIGUSR2)
+ sighup := make(chan os.Signal, 1)
+ signal.Notify(sighup, unix.SIGHUP)
for {
select {
- case sig := <-sigusr:
- switch sig {
- case unix.SIGUSR1:
- log.Println("received SIGUSR1; reloading certificates")
- certs := cfg.certs
- for i := range certs {
- crtPath := certs[i].crtPath
- keyPath := certs[i].keyPath
- tlsCert, err := loadCert(crtPath, keyPath)
- if err == nil {
- certs[i].cert = tlsCert
- } else {
- log.Printf("failed to reload certificate (%s, %s): %s\n", crtPath, keyPath, err)
- }
- }
-
- case unix.SIGUSR2:
- log.Println("received SIGUSR2; reloading configuration")
- newCfg, err := loadConfig(cfgPath)
- if err == nil {
- cfg = newCfg
- } else {
- log.Printf("failed to reload configuration: %s\n", err)
- }
+ case <-sighup:
+ log.Println("received SIGHUP; reloading configuration")
+ newCfg, err := loadConfig(cfgPath)
+ if err == nil {
+ cfg = newCfg
+ } else {
+ log.Printf("failed to reload configuration: %s\n", err)
}
case msg := <-lookupSinkChan:
