-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[tls] Allow refreshing TLS configuration information at runtime #502
Conversation
How does the mutex on the acceptor work if there are no inbound connections being made? |
The acceptor exists independently of inbound connections. My addition of an Note that the So, basically, Does that answer your question? |
Yes that makes sense thanks. I had missed that we are not blocking at that point waiting on a connection, because of the select loop it's inside that actually deals directly with the system-level sockets. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ship it
CHANGELOG.adoc
Outdated
@@ -15,6 +15,7 @@ | |||
|
|||
https://github.com/oxidecomputer/dropshot/compare/v0.8.0\...HEAD[Full list of commits] | |||
|
|||
* https://github.com/oxidecomputer/dropshot/pull/502[#502] Dropshot exposes a `refresh_tls` method to update the TLS certificates being used by a running server. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I may be mistaken, but I think this is the first breaking change in this list. If that's the case, can you please create two sections as below?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, updated in 219ff7a
FYI @davepacheco , since this is a breaking change |
Adds a
refresh_tls
method toHttpServer
, which allows TLS information to be updated for a running server.Fixes #491