fix: correct the luasocket patch (#3819)

apache · Mar 14, 2021 · e957bc3 · e957bc3
1 parent e468fb9
commit e957bc3
Show file tree

Hide file tree

Showing 3 changed files with 114 additions and 10 deletions.
diff --git a/apisix/patch.lua b/apisix/patch.lua
@@ -15,12 +15,15 @@
 -- limitations under the License.
 --
 local socket = require("socket")
+local unix_socket = require("socket.unix")
 local ssl = require("ssl")
 local get_phase = ngx.get_phase
 local ngx_socket = ngx.socket
 local original_tcp = ngx.socket.tcp
 local concat_tab = table.concat
 local new_tab = require("table.new")
+local log = ngx.log
+local WARN = ngx.WARN
 local ipairs = ipairs
 local select = select
 local setmetatable = setmetatable
@@ -49,6 +52,21 @@ end
 
 
 local luasocket_wrapper = {
+    connect = function (self, host, port)
+        if not port then
+            -- unix socket
+            self.sock = unix_socket()
+            if self.timeout then
+                self.sock:settimeout(self.timeout)
+            end
+
+            local path = host:sub(#("unix:") + 1)
+            return self.sock:connect(path)
+        end
+
+        return self.sock:connect(host, port)
+    end,
+
     send = function(self, ...)
         if select('#', ...) == 1 and type(select(1, ...)) == "string" then
             -- fast path
@@ -62,14 +80,18 @@ local luasocket_wrapper = {
     getreusedtimes = function ()
         return 0
     end,
-    setkeepalive = function ()
-        return true
+    setkeepalive = function (self)
+        self.sock:close()
+        return 1
     end,
 
     settimeout = function (self, time)
         if time then
             time = time / 1000
         end
+
+        self.timeout = time
+
         return self.sock:settimeout(time)
     end,
     settimeouts = function (self, connect_time, read_time, write_time)
@@ -91,20 +113,24 @@ local luasocket_wrapper = {
         else
             time = nil
         end
+
+        self.timeout = time
+
         return self.sock:settimeout(time)
     end,
 
-    sslhandshake = function (self, verify, opts)
-        if opts == nil then
-            opts = {}
+    sslhandshake = function (self, reused_session, server_name, verify, send_status_req)
+        if reused_session then
+            log(WARN, "reused_session is not supported yet")
+        end
+
+        if send_status_req then
+            log(WARN, "send_status_req is not supported yet")
         end
 
         local params = {
             mode = "client",
-            protocol = opts.ssl_version or "any",
-            key = opts.key,
-            certificate = opts.cert,
-            cafile = opts.cafile,
+            protocol = "any",
             verify = verify and "peer" or "none",
             options = {
                 "all",
@@ -119,6 +145,10 @@ local luasocket_wrapper = {
             return false, err
         end
 
+        if server_name then
+            sec_sock:sni(server_name)
+        end
+
         local success
         success, err = sec_sock:dohandshake()
         if not success then

diff --git a/t/APISIX.pm b/t/APISIX.pm
@@ -367,6 +367,8 @@ _EOC_
     $extra_init_by_lua
 _EOC_
 
+    my $extra_init_worker_by_lua = $block->extra_init_worker_by_lua // "";
+
     my $http_config = $block->http_config // '';
     $http_config .= <<_EOC_;
     $lua_deps_path
@@ -417,6 +419,7 @@ _EOC_
 
     init_worker_by_lua_block {
         require("apisix").http_init_worker()
+        $extra_init_worker_by_lua
     }
 
     log_format main escape=default '\$remote_addr - \$remote_user [\$time_local] \$http_host "\$request" \$status \$body_bytes_sent \$request_time "\$http_referer" "\$http_user_agent" \$upstream_addr \$upstream_status \$upstream_response_time "\$upstream_scheme://\$upstream_host\$upstream_uri"';

diff --git a/t/misc/patch.t b/t/misc/patch.t
@@ -21,14 +21,16 @@ no_long_string();
 no_root_location();
 log_level("info");
 
+$ENV{TEST_NGINX_HTML_DIR} ||= html_dir();
+
 add_block_preprocessor(sub {
     my ($block) = @_;
 
     if (!$block->request) {
         $block->set_value("request", "GET /t");
     }
 
-    if (!defined $block->no_error_log) {
+    if (!defined $block->error_log && !defined $block->no_error_log) {
         $block->set_value("no_error_log", "[error]");
     }
 });
@@ -55,3 +57,72 @@ qr/send\(\): \S+/
 --- grep_error_log_out
 send(): 1a1btrue
 send(): 1a1bfalse
+
+
+
+=== TEST 2: sslhandshake options
+--- extra_init_by_lua
+local sock = ngx.socket.tcp()
+sock:settimeout(1)
+local ok, err = sock:connect("0.0.0.0", 12379)
+if not ok then
+    ngx.log(ngx.ERR, "failed to connect: ", err)
+    return
+end
+
+local sess, err = sock:sslhandshake(true, "test.com", true, true)
+if not sess then
+    ngx.log(ngx.ERR, "failed to do SSL handshake: ", err)
+end
+
+local sock = ngx.socket.tcp()
+local ok, err = sock:connect("0.0.0.0", 12379)
+if not ok then
+    ngx.log(ngx.ERR, "failed to connect: ", err)
+    return
+end
+local sess, err = sock:sslhandshake(true, "test.com", nil, true)
+if not sess then
+    ngx.log(ngx.ERR, "failed to do SSL handshake: ", err)
+end
+
+sock:setkeepalive()
+--- config
+    location /t {
+        return 200;
+    }
+--- grep_error_log eval
+qr/failed to do SSL handshake/
+--- grep_error_log_out
+failed to do SSL handshake
+--- error_log
+reused_session is not supported yet
+send_status_req is not supported yet
+
+
+
+=== TEST 3: unix socket
+--- http_config
+    server {
+        listen unix:$TEST_NGINX_HTML_DIR/nginx.sock;
+    }
+--- extra_init_worker_by_lua
+local sock = ngx.socket.tcp()
+sock:settimeout(1)
+local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
+if not ok then
+    ngx.log(ngx.ERR, "failed to connect: ", err)
+    return
+end
+
+local ok, err = sock:receive()
+if not ok then
+    ngx.log(ngx.ERR, "failed to read: ", err)
+    return
+end
+--- config
+    location /t {
+        return 200;
+    }
+--- error_log
+failed to read: timeout