Skip to content

Commit 4f52f33

Browse files
chronolawdndx
chronolaw
authored and
dndx
committed
add code to sslhandshake
1 parent 834a85d commit 4f52f33

File tree

1 file changed

+36
-8
lines changed

1 file changed

+36
-8
lines changed

lib/resty/core/socket/tcp.lua

Lines changed: 36 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -52,11 +52,10 @@ local server_name_str = ffi.new("ngx_str_t[1]")
5252
local openssl_error_code = ffi.new("int[1]")
5353
local cached_options = new_tab(0, 4)
5454

55-
local function setclientcert(cosocket, cert, pkey)
55+
local function setclientcert(self, cert, pkey)
5656
if not cert or not pkey then
57-
cosocket[SOCKET_CLIENT_CERT_INDEX] = nil
58-
cosocket[SOCKET_CLIENT_PRIV_INDEX] = nil
59-
57+
self[SOCKET_CLIENT_CERT_INDEX] = nil
58+
self[SOCKET_CLIENT_PRIV_INDEX] = nil
6059
return
6160
end
6261

@@ -68,8 +67,8 @@ local function setclientcert(cosocket, cert, pkey)
6867
error("bad client pkey type", 2)
6968
end
7069

71-
cosocket[SOCKET_CLIENT_CERT_INDEX] = cert
72-
cosocket[SOCKET_CLIENT_PRIV_INDEX] = pkey
70+
self[SOCKET_CLIENT_CERT_INDEX] = cert
71+
self[SOCKET_CLIENT_PRIV_INDEX] = pkey
7372
end
7473

7574
local function tlshandshake(self, options)
@@ -183,9 +182,38 @@ local function sslhandshake(self, reused_session, server_name, ssl_verify,
183182
cached_options.verify = ssl_verify
184183
cached_options.ocsp_status_req = send_status_req
185184

186-
local res, err = tlshandshake(self, cached_options)
185+
local r = get_request()
186+
if not r then
187+
error("no request found", 2)
188+
end
189+
190+
session_ptr[0] = type(reused_session) == "cdata" and reused_session or nil
191+
192+
if server_name then
193+
server_name_str[0].data = options.server_name
194+
server_name_str[0].len = #options.server_name
195+
196+
else
197+
server_name_str[0].data = nil
198+
server_name_str[0].len = 0
199+
end
187200

188-
clear_tab(cached_options)
201+
local client_cert = options.client_cert
202+
local client_pkey = options.client_priv_key
203+
if client_cert then
204+
if not client_pkey then
205+
error("client certificate supplied without corresponding " ..
206+
"private key", 2)
207+
end
208+
209+
if type(client_cert) ~= "cdata" then
210+
error("bad client_cert option type", 2)
211+
end
212+
213+
if type(client_pkey) ~= "cdata" then
214+
error("bad client_priv_key option type", 2)
215+
end
216+
end
189217

190218
return res, err
191219
end

0 commit comments

Comments
 (0)