/tls/configure -- check if https port is usable before accepting the new config

This commit is contained in:
Eugene Bujak 2019-02-19 15:19:11 +03:00
parent b8c0ed9335
commit 2748d4c889

View File

@ -1047,6 +1047,20 @@ func handleTLSValidate(w http.ResponseWriter, r *http.Request) {
return return
} }
// check if port is available
// BUT: if we are already using this port, no need
alreadyRunning := false
if httpsServer.server != nil {
alreadyRunning = true
}
if !alreadyRunning {
err = checkPortAvailable(config.BindHost, data.PortHTTPS)
if err != nil {
httpError(w, http.StatusBadRequest, "port %d is not available, cannot enable HTTPS on it", data.PortHTTPS)
return
}
}
data = validateCertificates(data) data = validateCertificates(data)
marshalTLS(w, data) marshalTLS(w, data)
} }
@ -1058,6 +1072,20 @@ func handleTLSConfigure(w http.ResponseWriter, r *http.Request) {
return return
} }
// check if port is available
// BUT: if we are already using this port, no need
alreadyRunning := false
if httpsServer.server != nil {
alreadyRunning = true
}
if !alreadyRunning {
err = checkPortAvailable(config.BindHost, data.PortHTTPS)
if err != nil {
httpError(w, http.StatusBadRequest, "port %d is not available, cannot enable HTTPS on it", data.PortHTTPS)
return
}
}
restartHTTPS := false restartHTTPS := false
data = validateCertificates(data) data = validateCertificates(data)
if data.WarningValidation == "" { if data.WarningValidation == "" {