From 7035a0b7894bcae8cb1131dbc0e847dcd8c76876 Mon Sep 17 00:00:00 2001 From: bartbutenaers Date: Sun, 26 Jun 2022 23:05:48 +0200 Subject: [PATCH 1/3] renew TLS options --- src/index.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/index.js b/src/index.js index 859540d..27d3a07 100644 --- a/src/index.js +++ b/src/index.js @@ -169,5 +169,9 @@ class FtpServer extends EventEmitter { }); } + renewTlsOptions(tlsOptions) { + this.server.setSecureContext(tlsOptions); + this.log.debug('Updating TLS options'); + } } module.exports = FtpServer; From 9e7ec6b900f6163c4e16fe1c1c1b1514059eb6be Mon Sep 17 00:00:00 2001 From: bartbutenaers Date: Mon, 27 Jun 2022 21:48:32 +0200 Subject: [PATCH 2/3] renewTlsOptions section --- README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.md b/README.md index 33279a3..4e50ae2 100644 --- a/README.md +++ b/README.md @@ -403,6 +403,23 @@ __Used in:__ `SITE CHMOD` Returns a unique file name to write to. Client requested filename available if you want to base your function on it. __Used in:__ `STOU` +#### [`renewTlsOptions(tlsOptions)`](src/fs.js#L172) +``` +let originalOptions = {}; +originalOptions.tls = { + key: fs.readFileSync("\path\to\old\key.pem"), + cert: fs.readFileSync("\path\to\old\cert.pem") +} +let ftpServer = new FtpServer(originalOptions); + +// Afterwards when the certificate is going to expire, it will need to be renewed +let newTlsOptions = { + key: fs.readFileSync("\path\to\new\key.pem"), + cert: fs.readFileSync("\path\to\new\cert.pem") +} +ftpServer.renewTlsOptions(newTlsOptions); +``` + ## Contributing See [CONTRIBUTING.md](CONTRIBUTING.md). From 2905231323de86269e155900ed93a4cfaf405fcc Mon Sep 17 00:00:00 2001 From: bartbutenaers Date: Tue, 28 Jun 2022 06:32:32 +0200 Subject: [PATCH 3/3] Separate TLS renew section --- README.md | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 4e50ae2..279321c 100644 --- a/README.md +++ b/README.md @@ -161,6 +161,25 @@ A [bunyan logger](https://github.com/trentm/node-bunyan) instance. Created by de Sets the timeout (in ms) after that an idle connection is closed by the server __Default:__ `0` +## Renew TLS options +[`renewTlsOptions(tlsOptions)`](src/index.js#L172) is used to read and use a new set of TLS certificates without restarting the server. +Receives the same options as the [tls parameter](#tls) parameter in the constructor. +```js +let originalOptions = {}; +originalOptions.tls = { + key: fs.readFileSync("\path\to\old\key.pem"), + cert: fs.readFileSync("\path\to\old\cert.pem") +} +let ftpServer = new FtpServer(originalOptions); + +// Afterwards when the certificate is going to expire, it will need to be renewed +let newTlsOptions = { + key: fs.readFileSync("\path\to\new\key.pem"), + cert: fs.readFileSync("\path\to\new\cert.pem") +} +ftpServer.renewTlsOptions(newTlsOptions); +``` + ## CLI `ftp-srv` also comes with a builtin CLI. @@ -403,23 +422,6 @@ __Used in:__ `SITE CHMOD` Returns a unique file name to write to. Client requested filename available if you want to base your function on it. __Used in:__ `STOU` -#### [`renewTlsOptions(tlsOptions)`](src/fs.js#L172) -``` -let originalOptions = {}; -originalOptions.tls = { - key: fs.readFileSync("\path\to\old\key.pem"), - cert: fs.readFileSync("\path\to\old\cert.pem") -} -let ftpServer = new FtpServer(originalOptions); - -// Afterwards when the certificate is going to expire, it will need to be renewed -let newTlsOptions = { - key: fs.readFileSync("\path\to\new\key.pem"), - cert: fs.readFileSync("\path\to\new\cert.pem") -} -ftpServer.renewTlsOptions(newTlsOptions); -``` - ## Contributing See [CONTRIBUTING.md](CONTRIBUTING.md).