move logic to determine whether to reload tls configuration to tlsutil helper

This commit is contained in:
Chelsea Holland Komlo 2018-06-08 14:33:58 -04:00
parent 3b5d5c7be8
commit de03ce8070
2 changed files with 25 additions and 4 deletions

View file

@ -421,3 +421,25 @@ func ParseMinVersion(version string) (uint16, error) {
return vers, nil
}
func ShouldReloadRPCConnections(old, new *config.TLSConfig) (bool, error) {
var tlsInfoEqual bool
// If already configured with TLS, compare with the new TLS configuration
if new != nil {
var err error
tlsInfoEqual, err = new.CertificateInfoIsEqual(old)
if err != nil {
return false, err
}
} else {
// If not configured with TLS, compare with the new TLS configuration
tlsInfoEqual = new == nil && old == nil
}
if new != nil && old != nil {
tlsInfoEqual = new.EnableRPC == old.EnableRPC
}
return tlsInfoEqual, nil
}

View file

@ -678,13 +678,12 @@ func (s *Server) Reload(newConfig *Config) error {
}
}
tlsInfoEqual, err := newConfig.TLSConfig.CertificateInfoIsEqual(s.config.TLSConfig)
shouldReloadTLS, err := tlsutil.ShouldReloadRPCConnections(s.config.TLSConfig, newConfig.TLSConfig)
if err != nil {
s.logger.Printf("[ERR] nomad: error parsing server TLS configuration: %s", err)
return err
s.logger.Printf("[ERR] nomad: error checking whether to reload TLS configuration: %s", err)
}
if !tlsInfoEqual || newConfig.TLSConfig.EnableRPC != s.config.TLSConfig.EnableRPC {
if shouldReloadTLS {
if err := s.reloadTLSConnections(newConfig.TLSConfig); err != nil {
s.logger.Printf("[ERR] nomad: error reloading server TLS configuration: %s", err)
multierror.Append(&mErr, err)