diff options
| author | michi <michi+ngircd@dataswamp.org> | 2020-02-14 12:44:10 +0000 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2020-02-15 14:47:20 +0100 |
| commit | e7cb9b1a001a97b1edf0e862808cbd0be5264a7a (patch) | |
| tree | 9d846d145e5c81a66f4ff5a455a9998ee5b0a895 /src | |
| parent | c411643d451ea9ca196c931bcdffced04ea42ad1 (diff) | |
| download | ngircd-e7cb9b1a001a97b1edf0e862808cbd0be5264a7a.tar.gz ngircd-e7cb9b1a001a97b1edf0e862808cbd0be5264a7a.zip | |
Reuse old SSL key if loading a new one failed
Diffstat (limited to 'src')
| -rw-r--r-- | src/ngircd/conn-ssl.c | 12 | ||||
| -rw-r--r-- | src/ngircd/sighandlers.c | 2 |
2 files changed, 12 insertions, 2 deletions
diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c index ba47e513..3f482dc7 100644 --- a/src/ngircd/conn-ssl.c +++ b/src/ngircd/conn-ssl.c @@ -311,8 +311,18 @@ ConnSSL_InitLibrary( void ) return false; } - if (!ConnSSL_LoadServerKey_openssl(newctx)) + if (!ConnSSL_LoadServerKey_openssl(newctx)) { + /* Failed to read new key but an old ssl context + * already exists -> reuse old context */ + if (ssl_ctx) { + SSL_CTX_free(newctx); + Log(LOG_WARNING, + "Re-Initializing of SSL failed, using old keys!"); + return true; + } + /* No preexisting old context -> error. */ goto out; + } if (SSL_CTX_set_cipher_list(newctx, Conf_SSLOptions.CipherList) == 0) { Log(LOG_ERR, "Failed to apply OpenSSL cipher list \"%s\"!", diff --git a/src/ngircd/sighandlers.c b/src/ngircd/sighandlers.c index f7ae4f45..8275123e 100644 --- a/src/ngircd/sighandlers.c +++ b/src/ngircd/sighandlers.c @@ -132,7 +132,7 @@ Rehash(void) if (!ConnSSL_InitLibrary()) Log(LOG_WARNING, - "Re-Initializing of SSL failed, using old keys!"); + "Re-Initializing of SSL failed!"); /* Start listening on sockets */ Conn_InitListeners( ); |