From e7cb9b1a001a97b1edf0e862808cbd0be5264a7a Mon Sep 17 00:00:00 2001
From: michi <michi+ngircd@dataswamp.org>
Date: Fri, 14 Feb 2020 12:44:10 +0000
Subject: [PATCH] Reuse old SSL key if loading a new one failed

---
 src/ngircd/conn-ssl.c    | 12 +++++++++++-
 src/ngircd/sighandlers.c |  2 +-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
index ba47e513..3f482dc7 100644
--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -311,8 +311,18 @@ ConnSSL_InitLibrary( void )
 		return false;
 	}
 
-	if (!ConnSSL_LoadServerKey_openssl(newctx))
+	if (!ConnSSL_LoadServerKey_openssl(newctx)) {
+		/* Failed to read new key but an old ssl context
+		 * already exists -> reuse old context */
+		if (ssl_ctx) {
+		        SSL_CTX_free(newctx);
+	                Log(LOG_WARNING,
+			"Re-Initializing of SSL failed, using old keys!");
+			return true;
+		}
+		/* No preexisting old context -> error. */
 		goto out;
+	}
 
 	if (SSL_CTX_set_cipher_list(newctx, Conf_SSLOptions.CipherList) == 0) {
 		Log(LOG_ERR, "Failed to apply OpenSSL cipher list \"%s\"!",
diff --git a/src/ngircd/sighandlers.c b/src/ngircd/sighandlers.c
index f7ae4f45..8275123e 100644
--- a/src/ngircd/sighandlers.c
+++ b/src/ngircd/sighandlers.c
@@ -132,7 +132,7 @@ Rehash(void)
 
 	if (!ConnSSL_InitLibrary())
 		Log(LOG_WARNING,
-		    "Re-Initializing of SSL failed, using old keys!");
+		    "Re-Initializing of SSL failed!");
 
 	/* Start listening on sockets */
 	Conn_InitListeners( );
-- 
2.39.2