UNUSED(task);
isc_event_free(&event);
- ns_interfacemgr_scan(server->interfacemgr, false);
+ ns_interfacemgr_scan(server->interfacemgr, false, false);
}
static void
* to configure the query source, since the dispatcher we use might
* be shared with an interface.
*/
- result = ns_interfacemgr_scan(server->interfacemgr, true);
+ result = ns_interfacemgr_scan(server->interfacemgr, true, true);
/*
* Check that named is able to TCP listen on at least one
NAMED_LOGMODULE_SERVER, ISC_LOG_DEBUG(1),
"automatic interface rescan");
- ns_interfacemgr_scan(server->interfacemgr, true);
+ ns_interfacemgr_scan(server->interfacemgr, true, false);
}
/*
*/
isc_result_t
-ns_interfacemgr_scan(ns_interfacemgr_t *mgr, bool verbose);
+ns_interfacemgr_scan(ns_interfacemgr_t *mgr, bool verbose, bool config);
/*%<
* Scan the operatings system's list of network interfaces
* and create listeners when new interfaces are discovered.
* Shut down the sockets for interfaces that go away.
*
+ * When 'config' is true, also shut down and recreate any existing TLS and HTTPS
+ * interfaces in order to use their new configuration.
+ *
* This should be called once on server startup and then
* periodically according to the 'interface-interval' option
* in named.conf.
UNUSED(task);
- ns_interfacemgr_scan(mgr, false);
+ ns_interfacemgr_scan(mgr, false, false);
isc_event_free(&event);
}
}
static isc_result_t
-do_scan(ns_interfacemgr_t *mgr, bool verbose) {
+do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) {
isc_interfaceiter_t *iter = NULL;
bool scan_ipv4 = false;
bool scan_ipv6 = false;
if (ifp != NULL) {
/*
* We need to recreate the TLS/HTTPS listeners
- * because the certificates could have been
- * changed on reconfiguration.
+ * during reconfiguration because the
+ * certificates could have been changed.
*/
- if (le->sslctx != NULL) {
+ if (config && le->sslctx != NULL) {
INSIST(NS_INTERFACE_VALID(ifp));
LOCK(&mgr->lock);
ISC_LIST_UNLINK(ifp->mgr->interfaces,
if (ifp != NULL) {
/*
* We need to recreate the TLS/HTTPS listeners
- * because the certificates could have been
- * changed on reconfiguration.
+ * during a reconfiguration because the
+ * certificates could have been changed.
*/
- if (le->sslctx != NULL) {
+ if (config && le->sslctx != NULL) {
INSIST(NS_INTERFACE_VALID(ifp));
LOCK(&mgr->lock);
ISC_LIST_UNLINK(ifp->mgr->interfaces,
}
static isc_result_t
-ns_interfacemgr_scan0(ns_interfacemgr_t *mgr, bool verbose) {
+ns_interfacemgr_scan0(ns_interfacemgr_t *mgr, bool verbose, bool config) {
isc_result_t result;
bool purge = true;
mgr->generation++; /* Increment the generation count. */
- result = do_scan(mgr, verbose);
+ result = do_scan(mgr, verbose, config);
if ((result != ISC_R_SUCCESS) && (result != ISC_R_ADDRINUSE)) {
purge = false;
}
}
isc_result_t
-ns_interfacemgr_scan(ns_interfacemgr_t *mgr, bool verbose) {
+ns_interfacemgr_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) {
isc_result_t result;
bool unlock = false;
unlock = true;
}
- result = ns_interfacemgr_scan0(mgr, verbose);
+ result = ns_interfacemgr_scan0(mgr, verbose, config);
if (unlock) {
isc_task_endexclusive(mgr->excl);
projects / thirdparty / bind9.git / commitdiff
