lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-18 10:35:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

(proxy) force restart when a cert change is detected in reconfigureAction

Browse Source
This commit is contained in:
Ad Schellevis 2016-03-21 21:01:04 +01:00
parent 373adce5ff
commit 0e553b0a08
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/opnsense/mvc/app/controllers/OPNsense/Proxy/Api/ServiceController.php
View File

@ -118,6 +118,7 @@ class ServiceController extends ApiControllerBase
public function reconfigureAction()
{
if ($this->request->isPost()) {
$force_restart = false;
// close session for long running action
$this->sessionClose();
@ -126,8 +127,20 @@ class ServiceController extends ApiControllerBase
$runStatus = $this->statusAction();
// some operations can not be performed by a squid -k reconfigure,
// try to determine if we need a stop/start here
if (is_file('/var/squid/ssl_crtd.id')) {
$prev_sslbump_cert = trim(file_get_contents('/var/squid/ssl_crtd.id'));
} else {
$prev_sslbump_cert = "";
}
if (((string)$mdlProxy->forward->sslcertificate) != $prev_sslbump_cert) {
$force_restart = true;
}
// stop squid when disabled
if ($runStatus['status'] == "running" && $mdlProxy->general->enabled->__toString() == 0) {
if ($runStatus['status'] == "running" &&
($mdlProxy->general->enabled->__toString() == 0 || $force_restart)) {
$this->stopAction();
}
@ -136,7 +149,7 @@ class ServiceController extends ApiControllerBase
// (res)start daemon
if ($mdlProxy->general->enabled->__toString() == 1) {
if ($runStatus['status'] == "running") {
if ($runStatus['status'] == "running" && !$force_restart) {
$backend->configdRun("proxy reconfigure");
} else {
$this->startAction();