move logic to determine whether to reload tls configuration to tlsutil helper
This commit is contained in:
parent
3b5d5c7be8
commit
de03ce8070
|
@ -421,3 +421,25 @@ func ParseMinVersion(version string) (uint16, error) {
|
|||
|
||||
return vers, nil
|
||||
}
|
||||
|
||||
func ShouldReloadRPCConnections(old, new *config.TLSConfig) (bool, error) {
|
||||
var tlsInfoEqual bool
|
||||
|
||||
// If already configured with TLS, compare with the new TLS configuration
|
||||
if new != nil {
|
||||
var err error
|
||||
tlsInfoEqual, err = new.CertificateInfoIsEqual(old)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
} else {
|
||||
// If not configured with TLS, compare with the new TLS configuration
|
||||
tlsInfoEqual = new == nil && old == nil
|
||||
}
|
||||
|
||||
if new != nil && old != nil {
|
||||
tlsInfoEqual = new.EnableRPC == old.EnableRPC
|
||||
}
|
||||
|
||||
return tlsInfoEqual, nil
|
||||
}
|
||||
|
|
|
@ -678,13 +678,12 @@ func (s *Server) Reload(newConfig *Config) error {
|
|||
}
|
||||
}
|
||||
|
||||
tlsInfoEqual, err := newConfig.TLSConfig.CertificateInfoIsEqual(s.config.TLSConfig)
|
||||
shouldReloadTLS, err := tlsutil.ShouldReloadRPCConnections(s.config.TLSConfig, newConfig.TLSConfig)
|
||||
if err != nil {
|
||||
s.logger.Printf("[ERR] nomad: error parsing server TLS configuration: %s", err)
|
||||
return err
|
||||
s.logger.Printf("[ERR] nomad: error checking whether to reload TLS configuration: %s", err)
|
||||
}
|
||||
|
||||
if !tlsInfoEqual || newConfig.TLSConfig.EnableRPC != s.config.TLSConfig.EnableRPC {
|
||||
if shouldReloadTLS {
|
||||
if err := s.reloadTLSConnections(newConfig.TLSConfig); err != nil {
|
||||
s.logger.Printf("[ERR] nomad: error reloading server TLS configuration: %s", err)
|
||||
multierror.Append(&mErr, err)
|
||||
|
|
Loading…
Reference in a new issue