Closed tegefaulkes closed 1 year ago
This requires adding 3 new features to the RPC system. As for timing, this is low priority since it doesn't fix anything that is strictly broken. It only allows us to update the TLS while running the PolykeyAgent
. A work around for now is to just restart the agent completely after changing the keys.
This can be addressed at any time.
I think this should be part of phase 2 too @tegefaulkes.
We don't want to kitchen-sink PRs, it can be done after the stage 2 agent migration.
As part of #540 it was simple to enable this feature.
Should be fixed by #535
So while removing UWS gives us the ability to switch the TLS configuration per connection. What about the actual reactive propagation of changes of the root key pair?
Until #444 is done, we have to rely on the current event bus to propagate changes. So this issue needs to address the reactive key pairs using just the event bus as per the tasks you written in OP.
This is done, I re-enabled updating the TLS for the webSocketServer when it's triggered via the event bus.
Specification
When the root key pair changes we need to update anything that depends on this. This change event is propagated through the events system. One of the changes is updating the TLS config the RPC servers are using. Previously this could be done dynamically but now with the
WebSocketServer
this can only be set when starting it.This means that the
WebSocketServer
needs to be restarted when this event happens. This means any active connections are potentially interrupted.To support this we need to make the following changes.
WebSocketServer
.WebSocketServer
we need to gracefully end any active connections.Additional context
Tasks
WebSocketServer
.WebSocketServer
we need to gracefully end any active connections.