Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(core) add kong.resty.getssl module #3681

Merged
merged 1 commit into from Aug 8, 2018

Conversation

Projects
None yet
2 participants
@james-callahan
Copy link
Contributor

james-callahan commented Aug 7, 2018

Summary

This allows fetching the SSL* object for the current client as a luaossl object

return pushssl(ptr)
end

return {

This comment has been minimized.

Copy link
@thibaultcha

thibaultcha Aug 7, 2018

Member

style: please respect the 2 lines jump between logical blocks in this codebase - thanks!

local get_ssl_pointer = require "ngx.ssl".get_ssl_pointer

if get_ssl_pointer == nil then
error("Openresty patch missing. See https://github.com/Kong/openresty-patches")

This comment has been minimized.

Copy link
@thibaultcha

thibaultcha Aug 7, 2018

Member

typo: OpenResty

More importantly: we should gracefully fail if the patch is not available, but not prevent the module from loading altogether, which would certainly prevent Kong from even starting; while in fact, this feature might not even be used.

This comment has been minimized.

Copy link
@james-callahan

james-callahan Aug 8, 2018

Author Contributor

I'm not sure how this should fail gracefully: if the patch is not applied and you're using this module, then you've likely got a security issue.

We could create a 'dummy' function that always returns nil, "OpenResty patch missing". But would it get checked correctly? I guess that will do for now....

feat(core) add kong.resty.getssl module
This allows fetching the SSL* object for the current client as a luaossl object

@james-callahan james-callahan force-pushed the james-callahan:feat/getssl branch from 445e953 to 1880641 Aug 8, 2018

@thibaultcha thibaultcha merged commit 23e0832 into Kong:next Aug 8, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@james-callahan james-callahan deleted the james-callahan:feat/getssl branch Aug 9, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.