diff --git a/core/httpd.js b/core/httpd.js index ff1bedbfc..f5bd28dc5 100644 --- a/core/httpd.js +++ b/core/httpd.js @@ -445,7 +445,7 @@ function handleConnection(client) { var kBacklog = 8; var kHost = "0.0.0.0" var kHttpPort = gGlobalSettings.httpPort || 12345; -var kHttpsPort = gGlobalSettings.httpsPort || 12346; +var kHttpsPort = gGlobalSettings.httpsPort || null; var socket = new Socket(); socket.bind(kHost, kHttpPort).then(function() { @@ -458,26 +458,45 @@ socket.bind(kHost, kHttpPort).then(function() { logError("[" + new Date() + "] " + error); }); -var privateKey = new TextDecoder("ASCII").decode(File.readFile("data/httpd/privatekey.pem")); -var certificate = new TextDecoder("ASCII").decode(File.readFile("data/httpd/certificate.pem")); - -if (privateKey && certificate) { - var tls = new TlsContext(); - tls.setPrivateKey(privateKey); - tls.setCertificate(certificate); - +if (kHttpsPort) { + var tls = {}; var secureSocket = new Socket(); secureSocket.bind(kHost, kHttpsPort).then(function() { - secureSocket.listen(kBacklog, function() { - secureSocket.accept().then(function(client) { + return secureSocket.listen(kBacklog, function() { + return secureSocket.accept().then(function(client) { handleConnection(client); - client.startTls(tls).catch(function(error) { + + const kCertificatePath = "data/httpd/certificate.pem"; + const kPrivateKeyPath = "data/httpd/privatekey.pem"; + + return Promise.all([ + File.stat(kCertificatePath), + File.stat(kPrivateKeyPath), + ]).then(function(stat) { + if (!tls.context || + tls.certStat.mtime != stat[0].mtime || + tls.certStat.size != stat[0].size || + tls.keyStat.mtime != stat[1].mtime || + tls.keyStat.size != stat[1].size) { + print("Reloading " + kCertificatePath + " and " + kPrivateKeyPath); + var privateKey = new TextDecoder("ASCII").decode(File.readFile(kPrivateKeyPath)); + var certificate = new TextDecoder("ASCII").decode(File.readFile(kCertificatePath)); + + tls.context = new TlsContext(); + tls.context.setPrivateKey(privateKey); + tls.context.setCertificate(certificate); + tls.certStat = stat[0]; + tls.keyStat = stat[1]; + } + + return client.startTls(tls.context); + }).catch(function(error) { logError("[" + new Date() + "] [" + client.peerName + "] " + error); }); - }).catch(function(error) { - logError("[" + new Date() + "] " + error); }); }); + }).catch(function(error) { + logError("[" + new Date() + "] " + error); }); }