Skip to content

Bindings to ngx_http_lua_ffi_balancer_set_ssl_ctx #179

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Bindings to ngx_http_lua_ffi_balancer_set_ssl_ctx #179

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f1963a5
balancer: Add set_ssl_ctx as binding to ngx_lua_ffi_balancer_set_ssl_ctx
james-callahan Mar 21, 2018
4195769
balancer.set_ssl_ctx: Check that argument is ffi cdata
james-callahan Mar 21, 2018
190e1ed
Document balancer.set_ssl_ctx
james-callahan Mar 21, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions lib/ngx/balancer.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ local subsystem = ngx.config.subsystem
local ngx_lua_ffi_balancer_set_current_peer
local ngx_lua_ffi_balancer_set_more_tries
local ngx_lua_ffi_balancer_get_last_failure
local ngx_lua_ffi_balancer_set_ssl_ctx
local ngx_lua_ffi_balancer_set_timeouts -- used by both stream and http


Expand All @@ -35,6 +36,9 @@ if subsystem == 'http' then
int ngx_http_lua_ffi_balancer_get_last_failure(ngx_http_request_t *r,
int *status, char **err);

int ngx_http_lua_ffi_balancer_set_ssl_ctx(ngx_http_request_t *r,
void* ssl_ctx, char **err);

int ngx_http_lua_ffi_balancer_set_timeouts(ngx_http_request_t *r,
long connect_timeout, long send_timeout,
long read_timeout, char **err);
Expand All @@ -49,6 +53,9 @@ if subsystem == 'http' then
ngx_lua_ffi_balancer_get_last_failure =
C.ngx_http_lua_ffi_balancer_get_last_failure

ngx_lua_ffi_balancer_set_ssl_ctx =
C.ngx_http_lua_ffi_balancer_set_ssl_ctx

ngx_lua_ffi_balancer_set_timeouts =
C.ngx_http_lua_ffi_balancer_set_timeouts

Expand Down Expand Up @@ -163,6 +170,27 @@ function _M.get_last_failure()
end


if subsystem == 'http' then
function _M.set_ssl_ctx(ssl_ctx)
local r = getfenv(0).__ngx_req
if not r then
error("no request found")
end

if type(ssl_ctx) ~= "cdata" then
error("ssl context must be an ffi pointer")
end

local state = ngx_lua_ffi_balancer_set_ssl_ctx(r, ssl_ctx, errmsg)

if state == FFI_ERROR then
return false, ffi_str(errmsg[0])
end
return true
end
end


function _M.set_timeouts(connect_timeout, send_timeout, read_timeout)
local r = getfenv(0).__ngx_req
if not r then
Expand Down
12 changes: 12 additions & 0 deletions lib/ngx/balancer.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,18 @@ method always returns a single `nil` value.

[Back to TOC](#table-of-contents)

set_ssl_ctx
----------------
**syntax:** *ok, err = balancer.set_ssl_ctx(ssl_ctx)*

**context:** *balancer_by_lua**

Set the OpenSSL `SSL_CTX*` used to negotiate with the upstream. `ssl_ctx` should be an FFI pointer to a valid `SSL_CTX`. The reference count of the `SSL_CTX*` is incremented, so it is safe to free your reference to the object.

This function does not exist in the stream module.

[Back to TOC](#table-of-contents)

set_timeouts
------------
**syntax:** `ok, err = balancer.set_timeouts(connect_timeout, send_timeout, read_timeout)`
Expand Down