From c263c529948d123b6b75dfb91d08d716a9a3fdcd Mon Sep 17 00:00:00 2001
From: gohai <gottfried.haider@gmail.com>
Date: Tue, 3 Dec 2019 22:14:55 -0800
Subject: [PATCH] Unlock the certificate renewal lock when allow_domain returns
 false

All other early returns in renew_check_cert drop this lock. Would warrant a comment if this is not needed here.
---
 lib/resty/auto-ssl/jobs/renewal.lua | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/resty/auto-ssl/jobs/renewal.lua b/lib/resty/auto-ssl/jobs/renewal.lua
index 4a74a6e..168898c 100644
--- a/lib/resty/auto-ssl/jobs/renewal.lua
+++ b/lib/resty/auto-ssl/jobs/renewal.lua
@@ -138,6 +138,7 @@ local function renew_check_cert(auto_ssl_instance, storage, domain)
   local allow_domain = auto_ssl_instance:get("allow_domain")
   if not allow_domain(domain, auto_ssl_instance, nil, true) then
     ngx.log(ngx.NOTICE, "auto-ssl: domain not allowed, not renewing: ", domain)
+    renew_check_cert_unlock(domain, storage, local_lock, distributed_lock_value)
     return
   end