Skip to content

Commit

Permalink
feature: enabled the 'ngx.thread' and 'ngx.socket.udp' APIs in ssl_se…
Browse files Browse the repository at this point in the history 
…ssion_fetch_by_lua*.

Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
  • Loading branch information
@tmthrgd @thibaultcha
tmthrgd authored and thibaultcha committed Aug 12, 2019
1 parent 97431d8 commit 97f0101
Show file tree
Hide file tree
Showing 5 changed files with 303 additions and 6 deletions.
2 changes: 1 addition & 1 deletion README.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8045,7 +8045,7 @@ ngx.thread.kill

**syntax:** *ok, err = ngx.thread.kill(thread)*

**context:** *rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, ngx.timer.&#42;*
**context:** *rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, ngx.timer.&#42;, ssl_certificate_by_lua&#42;, ssl_session_fetch_by_lua&#42;*

Kills a running "light thread" created by [ngx.thread.spawn](#ngxthreadspawn). Returns a true value when successful or `nil` and a string describing the error otherwise.

Expand Down
2 changes: 1 addition & 1 deletion doc/HttpLuaModule.wiki
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6869,7 +6869,7 @@ This API was first enabled in the <code>v0.7.0</code> release.
'''syntax:''' ''ok, err = ngx.thread.kill(thread)''
'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, ngx.timer.*''
'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, ngx.timer.*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*''
Kills a running "light thread" created by [[#ngx.thread.spawn|ngx.thread.spawn]]. Returns a true value when successful or <code>nil</code> and a string describing the error otherwise.
Expand Down
6 changes: 4 additions & 2 deletions src/ngx_http_lua_socket_udp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,8 @@ ngx_http_lua_socket_udp(lua_State *L)
| NGX_HTTP_LUA_CONTEXT_ACCESS
| NGX_HTTP_LUA_CONTEXT_CONTENT
| NGX_HTTP_LUA_CONTEXT_TIMER
| NGX_HTTP_LUA_CONTEXT_SSL_CERT);
| NGX_HTTP_LUA_CONTEXT_SSL_CERT
| NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH);

lua_createtable(L, 3 /* narr */, 1 /* nrec */);
lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
Expand Down Expand Up @@ -205,7 +206,8 @@ ngx_http_lua_socket_udp_setpeername(lua_State *L)
| NGX_HTTP_LUA_CONTEXT_ACCESS
| NGX_HTTP_LUA_CONTEXT_CONTENT
| NGX_HTTP_LUA_CONTEXT_TIMER
| NGX_HTTP_LUA_CONTEXT_SSL_CERT);
| NGX_HTTP_LUA_CONTEXT_SSL_CERT
| NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH);

luaL_checktype(L, 1, LUA_TTABLE);

Expand Down
6 changes: 4 additions & 2 deletions src/ngx_http_lua_uthread.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,8 @@ ngx_http_lua_uthread_wait(lua_State *L)
| NGX_HTTP_LUA_CONTEXT_ACCESS
| NGX_HTTP_LUA_CONTEXT_CONTENT
| NGX_HTTP_LUA_CONTEXT_TIMER
| NGX_HTTP_LUA_CONTEXT_SSL_CERT);
| NGX_HTTP_LUA_CONTEXT_SSL_CERT
| NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH);

coctx = ctx->cur_co_ctx;

Expand Down Expand Up @@ -226,7 +227,8 @@ ngx_http_lua_uthread_kill(lua_State *L)
| NGX_HTTP_LUA_CONTEXT_ACCESS
| NGX_HTTP_LUA_CONTEXT_CONTENT
| NGX_HTTP_LUA_CONTEXT_TIMER
| NGX_HTTP_LUA_CONTEXT_SSL_CERT);
| NGX_HTTP_LUA_CONTEXT_SSL_CERT
| NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH);

coctx = ctx->cur_co_ctx;

Expand Down
293 changes: 293 additions & 0 deletions t/143-ssl-session-fetch.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1429,3 +1429,296 @@ qr/elapsed in ssl_session_fetch_by_lua\*: 0\.(?:09|1[01])\d+,/,
[error]
[alert]
[emerg]



=== TEST 18: cosocket (UDP)
--- http_config
ssl_session_fetch_by_lua_block {
local sock = ngx.socket.udp()

sock:settimeout(1000)

local ok, err = sock:setpeername("127.0.0.1", $TEST_NGINX_MEMCACHED_PORT)
if not ok then
ngx.log(ngx.ERR, "failed to connect to memc: ", err)
return
end

local req = "\0\1\0\0\0\1\0\0flush_all\r\n"
local ok, err = sock:send(req)
if not ok then
ngx.log(ngx.ERR, "failed to send flush_all to memc: ", err)
return
end

local res, err = sock:receive()
if not res then
ngx.log(ngx.ERR, "failed to receive memc reply: ", err)
return
end

ngx.log(ngx.INFO, "received memc reply of ", #res, " bytes")
}

server {
listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
server_name test.com;
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
ssl_session_tickets off;
server_tokens off;
}
--- config
server_tokens off;
lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;

location /t {
content_by_lua_block {
do
local sock = ngx.socket.tcp()

sock:settimeout(5000)

local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
if not ok then
ngx.say("failed to connect: ", err)
return
end

ngx.say("connected: ", ok)

local sess, err = sock:sslhandshake(package.loaded.session, "test.com", true)
if not sess then
ngx.say("failed to do SSL handshake: ", err)
return
end

ngx.say("ssl handshake: ", type(sess))

package.loaded.session = sess

local ok, err = sock:close()
ngx.say("close: ", ok, " ", err)
end -- do
-- collectgarbage()
}
}
--- request
GET /t
--- response_body
connected: 1
ssl handshake: userdata
close: 1 nil
--- grep_error_log eval: qr/received memc reply of \d+ bytes/
--- grep_error_log_out eval
[
'',
'received memc reply of 12 bytes
',
'received memc reply of 12 bytes
',
]
--- no_error_log
[alert]
[error]
[emerg]



=== TEST 19: uthread (kill)
--- http_config
ssl_session_fetch_by_lua_block {
local function f()
ngx.log(ngx.INFO, "uthread: hello from f()")
ngx.sleep(1)
end

local t, err = ngx.thread.spawn(f)
if not t then
ngx.log(ngx.ERR, "failed to spawn thread: ", err)
return
end

collectgarbage()

local ok, err = ngx.thread.kill(t)
if not ok then
ngx.log(ngx.ERR, "failed to kill thread: ", err)
return
end

ngx.log(ngx.INFO, "uthread: killed")

local ok, err = ngx.thread.kill(t)
if not ok then
ngx.log(ngx.INFO, "uthread: failed to kill: ", err)
end
}

server {
listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
server_name test.com;
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
ssl_session_tickets off;
server_tokens off;
}
--- config
server_tokens off;
lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;

location /t {
content_by_lua_block {
do
local sock = ngx.socket.tcp()

sock:settimeout(5000)

local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
if not ok then
ngx.say("failed to connect: ", err)
return
end

ngx.say("connected: ", ok)

local sess, err = sock:sslhandshake(package.loaded.session, "test.com", true)
if not sess then
ngx.say("failed to do SSL handshake: ", err)
return
end

ngx.say("ssl handshake: ", type(sess))

package.loaded.session = sess

local ok, err = sock:close()
ngx.say("close: ", ok, " ", err)
end -- do
-- collectgarbage()
}
}
--- request
GET /t
--- response_body
connected: 1
ssl handshake: userdata
close: 1 nil
--- grep_error_log eval: qr/uthread: [^.,]+/
--- grep_error_log_out eval
[
'',
'uthread: hello from f()
uthread: killed
uthread: failed to kill: already waited or killed
',
'uthread: hello from f()
uthread: killed
uthread: failed to kill: already waited or killed
'
]
--- no_error_log
[alert]
[error]
[emerg]



=== TEST 20: uthread (wait)
--- http_config
ssl_session_fetch_by_lua_block {
local function f()
ngx.log(ngx.INFO, "uthread: hello from f()")
ngx.sleep(0.001)
return 32
end

local t, err = ngx.thread.spawn(f)
if not t then
ngx.log(ngx.ERR, "failed to spawn thread: ", err)
return
end

collectgarbage()

local ok, res = ngx.thread.wait(t)
if not ok then
ngx.log(ngx.ERR, "failed to wait on thread: ", res)
return
end

ngx.log(ngx.INFO, "uthread: ", res)

local ok, err = ngx.thread.kill(t)
if not ok then
ngx.log(ngx.INFO, "uthread: failed to kill: ", err)
end
}

server {
listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
server_name test.com;
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
ssl_session_tickets off;
server_tokens off;
}
--- config
server_tokens off;
lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;

location /t {
content_by_lua_block {
do
local sock = ngx.socket.tcp()

sock:settimeout(5000)

local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
if not ok then
ngx.say("failed to connect: ", err)
return
end

ngx.say("connected: ", ok)

local sess, err = sock:sslhandshake(package.loaded.session, "test.com", true)
if not sess then
ngx.say("failed to do SSL handshake: ", err)
return
end

ngx.say("ssl handshake: ", type(sess))

package.loaded.session = sess

local ok, err = sock:close()
ngx.say("close: ", ok, " ", err)
end -- do
-- collectgarbage()
}
}
--- request
GET /t
--- response_body
connected: 1
ssl handshake: userdata
close: 1 nil
--- grep_error_log eval: qr/uthread: [^.,]+/
--- grep_error_log_out eval
[
'',
'uthread: hello from f()
uthread: 32
uthread: failed to kill: already waited or killed
',
'uthread: hello from f()
uthread: 32
uthread: failed to kill: already waited or killed
'
]
--- no_error_log
[alert]
[error]
[emerg]

0 comments on commit 97f0101

Please sign in to comment.