diff options
| author | Fabian Mauchle <fabian.mauchle@switch.ch> | 2017-03-24 14:39:41 +0100 |
|---|---|---|
| committer | Fabian Mauchle <fabian.mauchle@switch.ch> | 2017-03-24 14:39:41 +0100 |
| commit | 05b832e03eb2a9dbf73bb672aa24d5dcad70c83b (patch) | |
| tree | 40efac14d02881e970fbc7b473cbf1fe0d8ec936 | |
| parent | 4f223d37143a1315cb756a17268c6af7673eed34 (diff) | |
Reset expiry timers when reloading CRLs on SIGHUPradsecproxy-50-sighup
| -rw-r--r-- | tlscommon.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/tlscommon.c b/tlscommon.c index d2453be..8ca67f0 100644 --- a/tlscommon.c +++ b/tlscommon.c @@ -338,16 +338,25 @@ SSL_CTX *tlsgetctx(uint8_t type, struct tls *t) { void tlsreloadcrls() { struct tls *conf; struct hash_entry *entry; + struct timeval now; + + gettimeofday(&now, NULL); - for(entry = hash_first(tlsconfs); entry; entry = hash_next(entry)) { + for (entry = hash_first(tlsconfs); entry; entry = hash_next(entry)) { conf = (struct tls *)entry->data; #ifdef RADPROT_TLS - if(conf->tlsctx) + if (conf->tlsctx) { + if (conf->tlsexpiry) + conf->tlsexpiry = now.tv_sec + conf->cacheexpiry; tlsaddcacrl(conf->tlsctx, conf); + } #endif #ifdef RADPROT_DTLS - if(conf->dtlsctx) + if (conf->dtlsctx) { + if (conf->dtlsexpiry) + conf->dtlsexpiry = now.tv_sec + conf->cacheexpiry; tlsaddcacrl(conf->dtlsctx, conf); + } #endif } } |