Pi-Hole/FTL
1
0
Fork 0
mirror of https://github.com/pi-hole/FTL.git synced 2025-12-20 05:28:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

We should not attempt to renew the self-signed certificate when the user is not using it (no HTTPS ports defeined)

Browse Source 
Signed-off-by: Dominik <dl6er@dl6er.de>
This commit is contained in:
Dominik
2025-10-26 18:53:33 +01:00
parent 53b98ec62a
commit f6bc5c973f
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/enums.h
View File

@@ -335,6 +335,7 @@ enum cert_check {
CERT_NOT_YET_VALID, CERT_NOT_YET_VALID,
CERT_EXPIRES_SOON, CERT_EXPIRES_SOON,
CERT_OKAY, CERT_OKAY,
CERT_NOT_IN_USE
} __attribute__ ((packed)); } __attribute__ ((packed));
enum http_method { enum http_method {

5
src/webserver/webserver.c
View File

@@ -1042,7 +1042,10 @@ void *webserver_thread(void *val)
while(!killed) while(!killed)
{ {
// Check if the certificate is about to expire soon // Check if the certificate is about to expire soon
const enum cert_check status = cert_currently_valid(config.webserver.tls.cert.v.s, 2); // We check only if HTTPS is enabled (https_port > 0)
const enum cert_check status = https_port == 0 ?
CERT_NOT_IN_USE :
cert_currently_valid(config.webserver.tls.cert.v.s, 2);
if(status == CERT_EXPIRES_SOON && if(status == CERT_EXPIRES_SOON &&
config.webserver.tls.validity.v.ui > 0) config.webserver.tls.validity.v.ui > 0)