Skip to content

Commit dbc6ba2

Browse files
catbro666pintsized
catbro666
authored and
pintsized
committed
use .. concat operation to keep the original style
1 parent 52f83bb commit dbc6ba2

File tree

1 file changed

+19
-20
lines changed

1 file changed

+19
-20
lines changed

lib/resty/http_connect.lua

Lines changed: 19 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@ local ngx_DEBUG = ngx.DEBUG
88
local to_hex = require("resty.string").to_hex
99
local ffi_gc = ffi.gc
1010
local ffi_cast = ffi.cast
11-
local string_format = string.format
1211
local type = type
1312

1413
local lib_chain, lib_x509, lib_pkey
@@ -19,7 +18,8 @@ local openssl_available, res = xpcall(function()
1918
end, debug.traceback)
2019

2120
if not openssl_available then
22-
ngx_log(ngx_WARN, "failed to load module `resty.openssl.*`, mTLS isn't supported without lua-resty-openssl:\n", res)
21+
ngx_log(ngx_WARN, "failed to load module `resty.openssl.*`, \z
22+
mTLS isn't supported without lua-resty-openssl:\n", res)
2323
end
2424

2525
--[[
@@ -184,11 +184,11 @@ local function connect(self, options)
184184
local key_type = type(ssl_client_priv_key)
185185

186186
if cert_type ~= "cdata" then
187-
return nil, string_format("bad ssl_client_cert: cdata expected, got %s", cert_type)
187+
return nil, "bad ssl_client_cert: cdata expected, got " .. cert_type
188188
end
189189

190190
if key_type ~= "cdata" then
191-
return nil, string_format("bad ssl_client_priv_key: cdata expected, got %s", key_type)
191+
return nil, "bad ssl_client_priv_key: cdata expected, got " .. key_type
192192
end
193193

194194
if not openssl_available then
@@ -198,7 +198,7 @@ local function connect(self, options)
198198
-- convert from `void*` to `OPENSSL_STACK*`
199199
local cert_chain, err = lib_chain.dup(ffi_cast("OPENSSL_STACK*", ssl_client_cert))
200200
if not cert_chain then
201-
return nil, string_format("failed to dup the ssl_client_cert: %s", err)
201+
return nil, "failed to dup the ssl_client_cert: " .. err
202202
end
203203

204204
if #cert_chain < 1 then
@@ -207,43 +207,42 @@ local function connect(self, options)
207207

208208
local cert, err = lib_x509.dup(cert_chain[1].ctx)
209209
if not cert then
210-
return nil, string_format("failed to dup the x509: %s", err)
210+
return nil, "failed to dup the x509: " .. err
211211
end
212212

213213
-- convert from `void*` to `EVP_PKEY*`
214214
local key, err = lib_pkey.new(ffi_cast("EVP_PKEY*", ssl_client_priv_key))
215215
if not key then
216-
return nil, string_format("failed to new the pkey: %s", err)
216+
return nil, "failed to new the pkey: " .. err
217217
end
218+
218219
-- should not free the cdata passed in
219220
ffi_gc(key.ctx, nil)
220221

221222
-- check the private key in order to make sure the caller is indeed the holder of the cert
222223
ok, err = cert:check_private_key(key)
223224
if not ok then
224-
return nil, string_format("the private key doesn't match the cert: %s", err)
225+
return nil, "the private key doesn't match the cert: " .. err
225226
end
226227

227228
cert_hash, err = cert:digest("sha256")
228229
if not cert_hash then
229-
return nil, string_format("failed to calculate the digest of the cert: %s", err)
230+
return nil, "failed to calculate the digest of the cert: " .. err
230231
end
231232

232233
cert_hash = to_hex(cert_hash) -- convert to hex so that it's printable
233234
end
234235

235236
-- construct a poolname unique within proxy and ssl info
236237
if not poolname then
237-
poolname = string_format("%s:%s:%s:%s:%s:%s:%s:%s:%s",
238-
request_scheme or "",
239-
request_host,
240-
request_port,
241-
ssl,
242-
ssl_server_name or "",
243-
ssl_verify,
244-
proxy_uri or "",
245-
request_scheme == "https" and proxy_authorization or "",
246-
cert_hash or "")
238+
poolname = (request_scheme or "")
239+
.. ":" .. request_host
240+
.. ":" .. tostring(request_port)
241+
.. ":" .. tostring(ssl)
242+
.. ":" .. (ssl_server_name or "")
243+
.. ":" .. tostring(ssl_verify)
244+
.. ":" .. (proxy_uri or "")
245+
.. ":" .. (request_scheme == "https" and proxy_authorization or "")
247246
-- in the above we only add the 'proxy_authorization' as part of the poolname
248247
-- when the request is https. Because in that case the CONNECT request (which
249248
-- carries the authorization header) is part of the connect procedure, whereas
@@ -315,7 +314,7 @@ local function connect(self, options)
315314
else
316315
ok, err = sock:setclientcert(ssl_client_cert, ssl_client_priv_key)
317316
if not ok then
318-
return nil, string_format("could not set client certificate: %s", err)
317+
return nil, "could not set client certificate: " .. err
319318
end
320319
end
321320
end

0 commit comments

Comments
 (0)