feature: applied the ssl_pending_session.patch to the nginx core to support the ssl_session_fetch_by_lua* and ssl_session_store_by_lua* in ngx_lua.

also added an openssl patch to support yieldable callback set by SSL_CTX_sess_set_get_cb().
2024-10-13 00:29:41 +00:00 · 2016-07-19 19:26:08 -07:00
parent 09ca92f51f
commit 97901f3357
3 changed files with 253 additions and 0 deletions
--- a/patches/nginx-1.11.2-ssl_pending_session.patch
+++ b/patches/nginx-1.11.2-ssl_pending_session.patch
@ -0,0 +1,16 @@
+--- nginx-1.11.2/src/event/ngx_event_openssl.c	2016-07-17 19:20:30.411137606 -0700
+++ nginx-1.11.2-patched/src/event/ngx_event_openssl.c	2016-07-19 16:53:35.539768477 -0700
+@@ -1307,7 +1307,12 @@ ngx_ssl_handshake(ngx_connection_t *c)
+     }
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+-    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
+#   ifdef SSL_ERROR_PENDING_SESSION
+        || sslerr == SSL_ERROR_PENDING_SESSION
+#   endif
+       )
+    {
+         c->read->handler = ngx_ssl_handshake_handler;
+         c->write->handler = ngx_ssl_handshake_handler;
+