@@ -284,16 +284,29 @@ class MergedSystemTrustManger(private val otherTrustManager: X509TrustManager) :
284284class ReloadableX509TrustManager (
285285 private val caPath : String? ,
286286) : X509TrustManager {
287+ private var lastHash: String? = null
288+
287289 @Volatile
288290 private var delegate: X509TrustManager = loadTrustManager()
289291
290292 private fun loadTrustManager (): X509TrustManager {
293+ if (! caPath.isNullOrBlank()) {
294+ lastHash = sha1(FileInputStream (expand(caPath)))
295+ }
291296 val trustManagers = coderTrustManagers(caPath)
292297 return trustManagers.first { it is X509TrustManager } as X509TrustManager
293298 }
294299
295- fun reload () {
296- delegate = loadTrustManager()
300+ fun reload (): Boolean {
301+ if (caPath.isNullOrBlank()) {
302+ return false
303+ }
304+ val newHash = sha1(FileInputStream (expand(caPath)))
305+ if (lastHash != newHash) {
306+ delegate = loadTrustManager()
307+ return true
308+ }
309+ return false
297310 }
298311
299312 override fun checkClientTrusted (chain : Array <out X509Certificate >? , authType : String? ) {
@@ -312,15 +325,31 @@ class ReloadableX509TrustManager(
312325class ReloadableSSLSocketFactory (
313326 private val settings : ReadOnlyTLSSettings ,
314327) : SSLSocketFactory() {
328+ private var lastCertHash: String? = null
329+ private var lastKeyHash: String? = null
330+
315331 @Volatile
316332 private var delegate: SSLSocketFactory = loadSocketFactory()
317333
318334 private fun loadSocketFactory (): SSLSocketFactory {
335+ if (! settings.certPath.isNullOrBlank() && ! settings.keyPath.isNullOrBlank()) {
336+ lastCertHash = sha1(FileInputStream (expand(settings.certPath!! )))
337+ lastKeyHash = sha1(FileInputStream (expand(settings.keyPath!! )))
338+ }
319339 return coderSocketFactory(settings)
320340 }
321341
322- fun reload () {
323- delegate = loadSocketFactory()
342+ fun reload (): Boolean {
343+ if (settings.certPath.isNullOrBlank() || settings.keyPath.isNullOrBlank()) {
344+ return false
345+ }
346+ val newCertHash = sha1(FileInputStream (expand(settings.certPath!! )))
347+ val newKeyHash = sha1(FileInputStream (expand(settings.keyPath!! )))
348+ if (lastCertHash != newCertHash || lastKeyHash != newKeyHash) {
349+ delegate = loadSocketFactory()
350+ return true
351+ }
352+ return false
324353 }
325354
326355 override fun getDefaultCipherSuites (): Array <String > = delegate.defaultCipherSuites
@@ -349,8 +378,9 @@ class ReloadableTlsContext(
349378 val sslSocketFactory = ReloadableSSLSocketFactory (settings)
350379 val trustManager = ReloadableX509TrustManager (settings.caPath)
351380
352- fun reload () {
353- sslSocketFactory.reload()
354- trustManager.reload()
381+ fun reload (): Boolean {
382+ val socketFactoryReloaded = sslSocketFactory.reload()
383+ val trustManagerReloaded = trustManager.reload()
384+ return socketFactoryReloaded || trustManagerReloaded
355385 }
356386}
0 commit comments