Skip to content

Commit 00aa5bf

Browse files
spacewanderspacewander
authored
feat: tlshandshake patch for stream subsystem (#4)
1 parent 19aad39 commit 00aa5bf

File tree

3 files changed

+771
-15
lines changed

3 files changed

+771
-15
lines changed

patch/1.19.3/lua-resty-core-tlshandshake.patch

Lines changed: 52 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -16,23 +16,23 @@ index 3caabe2..6361a23 100644
1616
$(INSTALL) lib/ngx/ssl/*.lua $(DESTDIR)$(LUA_LIB_DIR)/ngx/ssl/
1717

1818
diff --git lib/resty/core.lua lib/resty/core.lua
19-
index 5472230..d6e6869 100644
19+
index 5472230..7d3ab16 100644
2020
--- lib/resty/core.lua
2121
+++ lib/resty/core.lua
22-
@@ -20,6 +20,7 @@ if subsystem == 'http' then
23-
require "resty.core.phase"
24-
require "resty.core.ndk"
25-
require "resty.core.socket"
26-
+ require "resty.core.socket.tcp"
22+
@@ -23,6 +23,7 @@ if subsystem == 'http' then
2723
end
28-
29-
24+
25+
26+
+require "resty.core.socket.tcp"
27+
require "resty.core.misc"
28+
require "resty.core.ctx"
29+
3030
diff --git lib/resty/core/socket/tcp.lua lib/resty/core/socket/tcp.lua
3131
new file mode 100644
32-
index 0000000..30302f0
32+
index 0000000..4b59adb
3333
--- /dev/null
3434
+++ lib/resty/core/socket/tcp.lua
35-
@@ -0,0 +1,236 @@
35+
@@ -0,0 +1,273 @@
3636
+-- Copyright (C) by OpenResty Inc.
3737
+
3838
+
@@ -59,9 +59,15 @@ index 0000000..30302f0
5959
+local select = select
6060
+local co_yield = coroutine._yield
6161
+local io_open = io.open
62+
+local subsystem = ngx.config.subsystem
63+
+
6264
+
65+
+local ngx_lua_ffi_socket_tcp_tlshandshake
66+
+local ngx_lua_ffi_socket_tcp_get_tlshandshake_result
67+
+local ngx_lua_ffi_tls_free_session
6368
+
64-
+ffi.cdef[[
69+
+if subsystem == 'http' then
70+
+ ffi.cdef[[
6571
+typedef struct ngx_http_lua_socket_tcp_upstream_s
6672
+ ngx_http_lua_socket_tcp_upstream_t;
6773
+
@@ -77,6 +83,37 @@ index 0000000..30302f0
7783
+void ngx_http_lua_ffi_tls_free_session(void *sess);
7884
+]]
7985
+
86+
+ ngx_lua_ffi_socket_tcp_tlshandshake =
87+
+ C.ngx_http_lua_ffi_socket_tcp_tlshandshake
88+
+ ngx_lua_ffi_socket_tcp_get_tlshandshake_result =
89+
+ C.ngx_http_lua_ffi_socket_tcp_get_tlshandshake_result
90+
+ ngx_lua_ffi_tls_free_session = C.ngx_http_lua_ffi_tls_free_session
91+
+
92+
+elseif subsystem == 'stream' then
93+
+ ffi.cdef[[
94+
+typedef struct ngx_stream_lua_socket_tcp_upstream_s
95+
+ ngx_stream_lua_socket_tcp_upstream_t;
96+
+
97+
+int ngx_stream_lua_ffi_socket_tcp_tlshandshake(ngx_stream_lua_request_t *r,
98+
+ ngx_stream_lua_socket_tcp_upstream_t *u, void *sess,
99+
+ int enable_session_reuse, ngx_str_t *server_name, int verify,
100+
+ int ocsp_status_req, void *chain, void *pkey, char **errmsg);
101+
+
102+
+int ngx_stream_lua_ffi_socket_tcp_get_tlshandshake_result(
103+
+ ngx_stream_lua_request_t *r,
104+
+ ngx_stream_lua_socket_tcp_upstream_t *u, void **sess, char **errmsg,
105+
+ int *openssl_error_code);
106+
+
107+
+void ngx_stream_lua_ffi_tls_free_session(void *sess);
108+
+]]
109+
+
110+
+ ngx_lua_ffi_socket_tcp_tlshandshake =
111+
+ C.ngx_stream_lua_ffi_socket_tcp_tlshandshake
112+
+ ngx_lua_ffi_socket_tcp_get_tlshandshake_result =
113+
+ C.ngx_stream_lua_ffi_socket_tcp_get_tlshandshake_result
114+
+ ngx_lua_ffi_tls_free_session = C.ngx_stream_lua_ffi_tls_free_session
115+
+end
116+
+
80117
+
81118
+local SOCKET_CTX_INDEX = 1
82119
+
@@ -175,7 +212,7 @@ index 0000000..30302f0
175212
+
176213
+ local u = self[SOCKET_CTX_INDEX]
177214
+
178-
+ local rc = C.ngx_http_lua_ffi_socket_tcp_tlshandshake(r, u,
215+
+ local rc = ngx_lua_ffi_socket_tcp_tlshandshake(r, u,
179216
+ session_ptr[0],
180217
+ reused_session ~= false,
181218
+ server_name_str,
@@ -205,7 +242,7 @@ index 0000000..30302f0
205242
+ return true
206243
+ end
207244
+
208-
+ rc = C.ngx_http_lua_ffi_socket_tcp_get_tlshandshake_result(r, u,
245+
+ rc = ngx_lua_ffi_socket_tcp_get_tlshandshake_result(r, u,
209246
+ session_ptr, errmsg, openssl_error_code)
210247
+
211248
+ assert(rc == FFI_OK)
@@ -214,14 +251,14 @@ index 0000000..30302f0
214251
+ return nil
215252
+ end
216253
+
217-
+ return ffi_gc(session_ptr[0], C.ngx_http_lua_ffi_tls_free_session)
254+
+ return ffi_gc(session_ptr[0], ngx_lua_ffi_tls_free_session)
218255
+ end
219256
+
220257
+ assert(rc == FFI_AGAIN)
221258
+
222259
+ co_yield()
223260
+
224-
+ rc = C.ngx_http_lua_ffi_socket_tcp_get_tlshandshake_result(r, u,
261+
+ rc = ngx_lua_ffi_socket_tcp_get_tlshandshake_result(r, u,
225262
+ session_ptr, errmsg, openssl_error_code)
226263
+ end
227264
+end

0 commit comments

Comments
 (0)