Cert reload workaround

author: Roland Reichwein <mail@reichwein.it> 2020-05-17 14:32:29 +0200
committer: Roland Reichwein <mail@reichwein.it> 2020-05-17 14:32:29 +0200
commit: 7cf4d1d8fb174a95b149deded4d93c33d46409cb (patch)
tree: 167bf12c5c42b82917d4f5288301bf7fa2ef9e7b
parent: 1558710b711bf3fcbd5df752cd3d4054999c31d1 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index bfa16b1..9c13f87 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+webserver (1.7) UNRELEASED; urgency=medium
+
+  * Omit PEM file reload. Access to files is denied because of dropped privileges.
+
+ -- Roland Reichwein <rr@antcom.de>  Sun, 17 May 2020 14:31:36 +0200
+
 webserver (1.6) unstable; urgency=medium
 
   * Webbox: Improved UI
diff --git a/https.cpp b/https.cpp
index a5aa118..0cbce8e 100644
--- a/https.cpp
+++ b/https.cpp
@@ -632,12 +632,14 @@ namespace HTTPS {
 Server::Server(Config& config, boost::asio::io_context& ioc, const Socket& socket, plugins_container_type& plugins, Statistics& statistics)
  : ::Server(config, ioc, socket, plugins, statistics)
  , m_certificates_timer(ioc, boost::asio::chrono::seconds(certificates_timer_seconds))
+#if 0 // problem: at this point, privileges are dropped and access to certbot keys is limited. File re-load fails with exception.
  , m_certificates_timer_callback {
    [&](const boost::system::error_code& error){
          reload_certificates();
          m_certificates_timer.expires_at(m_certificates_timer.expires_at() + boost::asio::chrono::seconds(certificates_timer_seconds));
          m_certificates_timer.async_wait(m_certificates_timer_callback);
    }}
+#endif
 {
  load_certificates(); // load initially
author	Roland Reichwein <mail@reichwein.it>	2020-05-17 14:32:29 +0200
committer	Roland Reichwein <mail@reichwein.it>	2020-05-17 14:32:29 +0200
commit	7cf4d1d8fb174a95b149deded4d93c33d46409cb (patch)
tree	167bf12c5c42b82917d4f5288301bf7fa2ef9e7b
parent	1558710b711bf3fcbd5df752cd3d4054999c31d1 (diff)