From baa38cb283ebf122a4469b6079a5d8cdcadbca2d Mon Sep 17 00:00:00 2001 From: lianglli Date: Wed, 29 Nov 2023 18:08:30 +0800 Subject: [PATCH] HTTP Lua: upgrade ngx_http_lua_module v0.10.26 for lua-resty-core v0.1.28 --- modules/ngx_http_lua_module/.travis.yml | 58 +- modules/ngx_http_lua_module/README.markdown | 76 ++- .../doc/HttpLuaModule.wiki | 46 +- .../src/api/ngx_http_lua_api.h | 2 +- .../src/ngx_http_lua_accessby.c | 26 + .../src/ngx_http_lua_clfactory.c | 4 +- .../src/ngx_http_lua_common.h | 14 +- .../src/ngx_http_lua_contentby.c | 26 + .../src/ngx_http_lua_control.c | 3 + .../src/ngx_http_lua_headers.c | 73 +++ .../src/ngx_http_lua_headers_in.c | 13 +- .../src/ngx_http_lua_headers_out.c | 3 + .../src/ngx_http_lua_module.c | 138 +++- .../src/ngx_http_lua_pcrefix.c | 88 ++- .../src/ngx_http_lua_pcrefix.h | 9 +- .../src/ngx_http_lua_regex.c | 539 +++++++++++++--- .../src/ngx_http_lua_req_body.c | 66 +- .../src/ngx_http_lua_rewriteby.c | 5 + .../src/ngx_http_lua_server_rewriteby.c | 7 +- .../src/ngx_http_lua_shdict.c | 2 +- .../src/ngx_http_lua_socket_tcp.c | 131 +++- .../src/ngx_http_lua_ssl_client_helloby.c | 2 +- .../src/ngx_http_lua_subrequest.c | 16 + .../src/ngx_http_lua_variable.c | 12 + .../src/ngx_http_lua_worker_thread.c | 11 +- modules/ngx_http_lua_module/t/000--init.t | 2 +- modules/ngx_http_lua_module/t/001-set.t | 16 +- modules/ngx_http_lua_module/t/005-exit.t | 9 +- .../ngx_http_lua_module/t/010-request_body.t | 19 + modules/ngx_http_lua_module/t/014-bugs.t | 38 +- modules/ngx_http_lua_module/t/015-status.t | 2 + .../ngx_http_lua_module/t/016-resp-header.t | 90 ++- .../ngx_http_lua_module/t/020-subrequest.t | 5 + modules/ngx_http_lua_module/t/022-redirect.t | 11 +- .../t/023-rewrite/client-abort.t | 8 +- .../ngx_http_lua_module/t/023-rewrite/exit.t | 3 + .../t/023-rewrite/on-abort.t | 8 +- .../t/023-rewrite/redirect.t | 11 +- .../t/023-rewrite/req-body.t | 1 + .../t/023-rewrite/req-socket.t | 10 +- .../t/023-rewrite/request_body.t | 23 + .../ngx_http_lua_module/t/023-rewrite/sleep.t | 3 + .../t/023-rewrite/socket-keepalive.t | 8 + .../t/023-rewrite/tcp-socket-timeout.t | 1 + .../t/023-rewrite/tcp-socket.t | 28 + .../t/023-rewrite/uthread-exit.t | 2 + .../t/023-rewrite/uthread-spawn.t | 1 + .../t/024-access/client-abort.t | 12 +- .../ngx_http_lua_module/t/024-access/exit.t | 3 + .../t/024-access/on-abort.t | 8 +- .../t/024-access/redirect.t | 11 +- .../t/024-access/req-body.t | 1 + .../t/024-access/request_body.t | 23 + .../ngx_http_lua_module/t/024-access/sleep.t | 3 + .../t/024-access/uthread-exit.t | 2 + .../t/024-access/uthread-spawn.t | 1 + modules/ngx_http_lua_module/t/025-codecache.t | 5 + modules/ngx_http_lua_module/t/026-mysql.t | 1 + .../ngx_http_lua_module/t/028-req-header.t | 344 ++++++++-- modules/ngx_http_lua_module/t/031-post-args.t | 1 + modules/ngx_http_lua_module/t/033-ctx.t | 2 + modules/ngx_http_lua_module/t/034-match.t | 32 +- modules/ngx_http_lua_module/t/035-gmatch.t | 24 +- modules/ngx_http_lua_module/t/036-sub.t | 24 +- modules/ngx_http_lua_module/t/037-gsub.t | 17 +- modules/ngx_http_lua_module/t/038-match-o.t | 7 +- .../ngx_http_lua_module/t/041-header-filter.t | 60 +- modules/ngx_http_lua_module/t/043-shdict.t | 8 +- modules/ngx_http_lua_module/t/044-req-body.t | 76 ++- modules/ngx_http_lua_module/t/045-ngx-var.t | 18 +- modules/ngx_http_lua_module/t/047-match-jit.t | 48 +- .../ngx_http_lua_module/t/049-gmatch-jit.t | 67 +- .../ngx_http_lua_module/t/050-gmatch-dfa.t | 7 +- modules/ngx_http_lua_module/t/051-sub-jit.t | 44 +- modules/ngx_http_lua_module/t/052-sub-dfa.t | 14 +- modules/ngx_http_lua_module/t/053-gsub-jit.t | 44 +- modules/ngx_http_lua_module/t/054-gsub-dfa.t | 14 +- modules/ngx_http_lua_module/t/056-flush.t | 14 +- .../ngx_http_lua_module/t/057-flush-timeout.t | 7 +- .../ngx_http_lua_module/t/058-tcp-socket.t | 61 ++ modules/ngx_http_lua_module/t/062-count.t | 4 + .../t/065-tcp-socket-timeout.t | 2 + .../t/066-socket-receiveuntil.t | 610 ++++++++++++++++++ .../ngx_http_lua_module/t/067-req-socket.t | 12 +- .../t/068-socket-keepalive.t | 13 + modules/ngx_http_lua_module/t/075-logby.t | 13 +- modules/ngx_http_lua_module/t/077-sleep.t | 3 + .../ngx_http_lua_module/t/082-body-filter-2.t | 160 +++++ .../ngx_http_lua_module/t/082-body-filter.t | 10 + .../ngx_http_lua_module/t/083-bad-sock-self.t | 2 + .../t/084-inclusive-receiveuntil.t | 14 + .../ngx_http_lua_module/t/087-udp-socket.t | 9 +- .../ngx_http_lua_module/t/088-req-method.t | 7 + modules/ngx_http_lua_module/t/091-coroutine.t | 6 + .../ngx_http_lua_module/t/093-uthread-spawn.t | 2 + .../ngx_http_lua_module/t/094-uthread-exit.t | 10 + .../ngx_http_lua_module/t/095-uthread-exec.t | 2 + .../t/096-uthread-redirect.t | 2 + .../ngx_http_lua_module/t/100-client-abort.t | 10 +- modules/ngx_http_lua_module/t/101-on-abort.t | 10 +- .../t/102-req-start-time.t | 4 +- .../ngx_http_lua_module/t/103-req-http-ver.t | 13 +- .../t/104-req-raw-header.t | 11 +- modules/ngx_http_lua_module/t/105-pressure.t | 4 +- modules/ngx_http_lua_module/t/106-timer.t | 2 + .../ngx_http_lua_module/t/108-timer-safe.t | 1 + modules/ngx_http_lua_module/t/109-timer-hup.t | 4 + .../t/116-raw-req-socket.t | 10 +- modules/ngx_http_lua_module/t/120-re-find.t | 25 +- .../ngx_http_lua_module/t/124-init-worker.t | 1 + .../ngx_http_lua_module/t/129-ssl-socket.t | 36 +- .../t/131-duplex-req-socket.t | 8 +- .../ngx_http_lua_module/t/132-lua-blocks.t | 1 + .../t/138-balancer-upstream-bind.t | 142 ++++ modules/ngx_http_lua_module/t/138-balancer.t | 1 + .../ngx_http_lua_module/t/139-ssl-cert-by.t | 10 +- .../t/142-ssl-session-store.t | 13 + .../t/143-ssl-session-fetch.t | 36 ++ .../t/147-tcp-socket-timeouts.t | 1 + .../ngx_http_lua_module/t/151-initby-hup.t | 4 +- .../ngx_http_lua_module/t/152-timer-every.t | 1 + .../ngx_http_lua_module/t/153-semaphore-hup.t | 2 + .../ngx_http_lua_module/t/156-slow-network.t | 1 + .../t/157-socket-keepalive-hup.t | 4 + .../t/162-socket-tls-handshake.t | 8 +- .../t/162-static-module-location.t | 16 +- .../t/163-exit-worker-hup.t | 3 + modules/ngx_http_lua_module/t/163-signal.t | 2 + .../t/166-ssl-client-hello.t | 98 ++- .../ngx_http_lua_module/t/166-worker-thread.t | 218 +------ .../t/167-server-rewrite.t | 4 +- .../t/186-cosocket-busy-bufs.t | 12 +- .../t/187-ssl-two-verification.t | 145 +++++ .../t/cert/http3/http3.crt | 29 + .../t/cert/http3/http3.key | 52 ++ modules/ngx_http_lua_module/t/cert/test.crl | 21 +- modules/ngx_http_lua_module/t/cert/test.crt | 35 +- modules/ngx_http_lua_module/t/cert/test.key | 43 +- .../ngx_http_lua_module/util/build-with-dd.sh | 18 + .../util/build-without-ssl.sh | 11 + modules/ngx_http_lua_module/util/build.sh | 18 + modules/ngx_http_lua_module/util/ver-ge | 41 ++ modules/ngx_http_lua_module/valgrind.suppress | 70 ++ 143 files changed, 4096 insertions(+), 656 deletions(-) create mode 100644 modules/ngx_http_lua_module/t/138-balancer-upstream-bind.t create mode 100644 modules/ngx_http_lua_module/t/187-ssl-two-verification.t create mode 100644 modules/ngx_http_lua_module/t/cert/http3/http3.crt create mode 100644 modules/ngx_http_lua_module/t/cert/http3/http3.key create mode 100755 modules/ngx_http_lua_module/util/ver-ge diff --git a/modules/ngx_http_lua_module/.travis.yml b/modules/ngx_http_lua_module/.travis.yml index a547a1d60e..60e1a053d9 100644 --- a/modules/ngx_http_lua_module/.travis.yml +++ b/modules/ngx_http_lua_module/.travis.yml @@ -1,4 +1,4 @@ -dist: bionic +dist: focal branches: only: @@ -24,6 +24,11 @@ addons: - libtest-longstring-perl - liblist-moreutils-perl - libgd-dev + - time + - cmake + - libunwind-dev + - wget + - libbrotli1 cache: directories: @@ -38,9 +43,13 @@ env: - LUAJIT_INC=$LUAJIT_PREFIX/include/luajit-2.1 - LUA_INCLUDE_DIR=$LUAJIT_INC - PCRE_VER=8.45 + - PCRE2_VER=10.37 - PCRE_PREFIX=/opt/pcre + - PCRE2_PREFIX=/opt/pcre2 - PCRE_LIB=$PCRE_PREFIX/lib + - PCRE2_LIB=$PCRE2_PREFIX/lib - PCRE_INC=$PCRE_PREFIX/include + - PCRE2_INC=$PCRE2_PREFIX/include - OPENSSL_PREFIX=/opt/ssl - OPENSSL_LIB=$OPENSSL_PREFIX/lib - OPENSSL_INC=$OPENSSL_PREFIX/include @@ -50,9 +59,14 @@ env: - LD_LIBRARY_PATH=$LUAJIT_LIB:$LD_LIBRARY_PATH - DRIZZLE_VER=2011.07.21 - TEST_NGINX_SLEEP=0.006 + - MALLOC_PERTURB_=9 jobs: - - NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.0l OPENSSL_PATCH_VER=1.1.0d + #- NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.0l OPENSSL_PATCH_VER=1.1.0d - NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.1s OPENSSL_PATCH_VER=1.1.1f + #- NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.0l OPENSSL_PATCH_VER=1.1.0d + - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1s OPENSSL_PATCH_VER=1.1.1f USE_PCRE2=Y + - NGINX_VERSION=1.25.1 BORINGSSL=1 TEST_NGINX_USE_HTTP3=1 USE_PCRE2=Y + #- NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1s TEST_NGINX_USE_HTTP2=1 services: - memcached @@ -60,16 +74,18 @@ services: - mysql before_install: - - sudo apt update - - sudo apt install --only-upgrade ca-certificates - '! grep -n -P ''(?<=.{80}).+'' --color `find src -name ''*.c''` `find . -name ''*.h''` || (echo "ERROR: Found C source lines exceeding 80 columns." > /dev/stderr; exit 1)' - '! grep -n -P ''\t+'' --color `find src -name ''*.c''` `find . -name ''*.h''` || (echo "ERROR: Cannot use tabs." > /dev/stderr; exit 1)' - /usr/bin/env perl $(command -v cpanm) --sudo --notest Test::Nginx IPC::Run > build.log 2>&1 || (cat build.log && exit 1) - - pyenv global 2.7 + install: - - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -P download-cache http://openresty.org/download/drizzle7-$DRIZZLE_VER.tar.gz; fi - - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre/${PCRE_VER}/pcre-${PCRE_VER}.tar.gz; fi - - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi + - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -P download-cache https://github.com/openresty/openresty-deps-prebuild/releases/download/v20230902/drizzle7-$DRIZZLE_VER.tar.gz; fi + - if [ "$USE_PCRE2" != "Y" ] && [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre/${PCRE_VER}/pcre-${PCRE_VER}.tar.gz; fi + - if [ "$USE_PCRE2" = "Y" ] && [ ! -f download-cache/pcre2-$PCRE2_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre2/${PCRE2_VER}/pcre2-${PCRE2_VER}.tar.gz; fi + - if [ -n "$OPENSSL_VER" ] && [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi + - if [ -n "$OPENSSL_VER" ] && [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi + - wget https://github.com/openresty/openresty-deps-prebuild/releases/download/v20230902/boringssl-20230902-x64-focal.tar.gz + - wget https://github.com/openresty/openresty-deps-prebuild/releases/download/v20230902/curl-h3-x64-focal.tar.gz - git clone https://github.com/openresty/test-nginx.git - git clone https://github.com/openresty/openresty.git ../openresty - git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx @@ -91,21 +107,24 @@ install: - git clone https://github.com/openresty/lua-resty-core.git ../lua-resty-core - git clone https://github.com/openresty/lua-resty-lrucache.git ../lua-resty-lrucache - git clone https://github.com/openresty/lua-resty-mysql.git ../lua-resty-mysql + - git clone https://github.com/spacewander/lua-resty-rsa.git ../lua-resty-rsa - git clone https://github.com/openresty/lua-resty-string.git ../lua-resty-string - git clone https://github.com/openresty/stream-lua-nginx-module.git ../stream-lua-nginx-module - git clone -b v2.1-agentzh https://github.com/openresty/luajit2.git luajit2 before_script: - - mysql -uroot -e 'create database ngx_test; grant all on ngx_test.* to "ngx_test"@"%" identified by "ngx_test"; flush privileges;' + - mysql -uroot -e "create database ngx_test; CREATE USER 'ngx_test'@'%' IDENTIFIED WITH mysql_native_password BY 'ngx_test'; grant all on ngx_test.* to 'ngx_test'@'%'; flush privileges;" script: - - export PATH=$PWD/work/nginx/sbin:$PWD/openresty-devel-utils:$PATH + - sudo tar -C / -xf curl-h3-x64-focal.tar.gz + - export PATH=$PWD/work/nginx/sbin:$PWD/openresty-devel-utils:/opt/curl-h3/bin:$PATH - ngx-releng > check.txt || true - lines=`wc -l check.txt | awk '{print $1}'`; if [ $lines -gt 5 ]; then cat check.txt; exit 1; fi - sudo iptables -I OUTPUT 1 -p udp --dport 10086 -j REJECT - sudo iptables -I OUTPUT -p tcp --dst 127.0.0.2 --dport 12345 -j DROP - sudo iptables -I OUTPUT -p udp --dst 127.0.0.2 --dport 12345 -j DROP - sudo ip route add prohibit 0.0.0.1/32 + - sudo sysctl -w kernel.pid_max=10000 - cd luajit2/ - make -j$JOBS CCDEBUG=-g Q= PREFIX=$LUAJIT_PREFIX CC=$CC XCFLAGS='-DLUA_USE_APICHECK -DLUA_USE_ASSERT -msse4.2' > build.log 2>&1 || (cat build.log && exit 1) - sudo make install PREFIX=$LUAJIT_PREFIX > build.log 2>&1 || (cat build.log && exit 1) @@ -116,19 +135,10 @@ script: - sudo make install-libdrizzle-1.0 > build.log 2>&1 || (cat build.log && exit 1) - cd ../mockeagain/ && make CC=$CC -j$JOBS && cd .. - cd lua-cjson/ && make -j$JOBS && sudo make install && cd .. - - tar zxf download-cache/pcre-$PCRE_VER.tar.gz - - cd pcre-$PCRE_VER/ - - ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1) - - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - - sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1) - - cd .. - - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz - - cd openssl-$OPENSSL_VER/ - - patch -p1 < ../../openresty/patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch - - ./config shared enable-ssl3 enable-ssl3-method -g --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) - - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1) - - cd .. + - if [ "$USE_PCRE2" != "Y" ]; then tar zxf download-cache/pcre-$PCRE_VER.tar.gz; cd pcre-$PCRE_VER/; ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi + - if [ "$USE_PCRE2" = "Y" ]; then tar zxf download-cache/pcre2-$PCRE2_VER.tar.gz; cd pcre2-$PCRE2_VER/; ./configure --prefix=$PCRE2_PREFIX --enable-jit --enable-utf > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi + - if [ -n "$OPENSSL_VER" ]; then tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz; cd openssl-$OPENSSL_VER/; patch -p1 < ../../openresty/patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch; ./config shared enable-ssl3 enable-ssl3-method -g --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi + - if [ -n "$BORINGSSL" ]; then sudo mkdir -p /opt/ssl && sudo tar -C /opt/ssl -xf boringssl-20230902-x64-focal.tar.gz --strip-components=1; fi - export NGX_BUILD_CC=$CC - sh util/build-without-ssl.sh $NGINX_VERSION > build.log 2>&1 || (cat build.log && exit 1) - sh util/build-with-dd.sh $NGINX_VERSION > build.log 2>&1 || (cat build.log && exit 1) @@ -139,6 +149,8 @@ script: - ldd `which nginx`|grep -E 'luajit|ssl|pcre' - export LD_PRELOAD=$PWD/mockeagain/mockeagain.so - export LD_LIBRARY_PATH=$PWD/mockeagain:$LD_LIBRARY_PATH + - export TEST_NGINX_HTTP3_CRT=$PWD/t/cert/http3/http3.crt + - export TEST_NGINX_HTTP3_KEY=$PWD/t/cert/http3/http3.key - export TEST_NGINX_RESOLVER=8.8.4.4 - dig +short myip.opendns.com @resolver1.opendns.com || exit 0 - dig +short @$TEST_NGINX_RESOLVER openresty.org || exit 0 diff --git a/modules/ngx_http_lua_module/README.markdown b/modules/ngx_http_lua_module/README.markdown index c0d0c079d4..d6ec8c94be 100644 --- a/modules/ngx_http_lua_module/README.markdown +++ b/modules/ngx_http_lua_module/README.markdown @@ -4,13 +4,11 @@ Name ngx_http_lua_module - Embed the power of Lua into Nginx HTTP Servers. This module is a core component of [OpenResty](https://openresty.org). If you are using this module, -then you are essentially using OpenResty. +then you are essentially using OpenResty :) *This module is not distributed with the Nginx source.* See [the installation instructions](#installation). -This is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty :) - Table of Contents ================= @@ -65,8 +63,8 @@ Version ======= This document describes ngx_lua -[v0.10.19](https://github.com/openresty/lua-nginx-module/tags), which was released -on 3 Nov, 2020. +[v0.10.25](https://github.com/openresty/lua-nginx-module/tags), which was released +on 19 June 2023. Videos ====== @@ -309,6 +307,8 @@ Nginx Compatibility The latest version of this module is compatible with the following versions of Nginx: +* 1.25.x (last tested: 1.25.1) +* 1.21.x (last tested: 1.21.4) * 1.19.x (last tested: 1.19.3) * 1.17.x (last tested: 1.17.8) * 1.15.x (last tested: 1.15.8) @@ -964,7 +964,6 @@ TODO * cosocket: implement LuaSocket's unconnected UDP API. * cosocket: add support in the context of [init_by_lua*](#init_by_lua). -* cosocket: implement the `bind()` method for stream-typed cosockets. * cosocket: review and merge aviramc's [patch](https://github.com/openresty/lua-nginx-module/pull/290) for adding the `bsdrecv` method. * cosocket: add configure options for different strategies of handling the cosocket connection exceeding in the pools. * review and apply vadim-pavlov's patch for [ngx.location.capture](#ngxlocationcapture)'s `extra_headers` option @@ -1166,6 +1165,8 @@ Directives * [lua_ssl_ciphers](#lua_ssl_ciphers) * [lua_ssl_crl](#lua_ssl_crl) * [lua_ssl_protocols](#lua_ssl_protocols) +* [lua_ssl_certificate](#lua_ssl_certificate) +* [lua_ssl_certificate_key](#lua_ssl_certificate_key) * [lua_ssl_trusted_certificate](#lua_ssl_trusted_certificate) * [lua_ssl_verify_depth](#lua_ssl_verify_depth) * [lua_ssl_conf_command](#lua_ssl_conf_command) @@ -2721,6 +2722,8 @@ lua_need_request_body **phase:** *depends on usage* +Due to the stream processing feature of HTTP/2 or HTTP/3, this configuration could potentially block the entire request. Therefore, this configuration is effective only when HTTP/2 or HTTP/3 requests send content-length header. For requests with versions lower than HTTP/2, this configuration can still be used without any problems. + Determines whether to force the request body data to be read before running rewrite/access/content_by_lua* or not. The Nginx core does not read the client request body by default and if request body data is required, then this directive should be turned `on` or the [ngx.req.read_body](#ngxreqread_body) function should be called within the Lua code. To read the request body data within the [$request_body](http://nginx.org/en/docs/http/ngx_http_core_module.html#var_request_body) variable, @@ -3321,24 +3324,63 @@ lua_ssl_protocols **syntax:** *lua_ssl_protocols \[SSLv2\] \[SSLv3\] \[TLSv1\] [TLSv1.1] [TLSv1.2] [TLSv1.3]* -**default:** *lua_ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2* +**default:** *lua_ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3* **context:** *http, server, location* Enables the specified protocols for requests to a SSL/TLS server in the [tcpsock:sslhandshake](#tcpsocksslhandshake) method. The support for the `TLSv1.3` parameter requires version `v0.10.12` *and* OpenSSL 1.1.1. +From version v0.10.25, the default value change from `SSLV3 TLSv1 TLSv1.1 TLSv1.2` to `TLSv1 TLSv1.1 TLSv1.2 TLSv1.3`. This directive was first introduced in the `v0.9.11` release. [Back to TOC](#directives) +lua_ssl_certificate +------------------- + +**syntax:** *lua_ssl_certificate <file>* + +**default:** *none* + +**context:** *http, server, location* + +Specifies the file path to the SSL/TLS certificate in PEM format used for the [tcpsock:sslhandshake](#tcpsocksslhandshake) method. + +This directive allows you to specify the SSL/TLS certificate that will be presented to server during the SSL/TLS handshake process. + +This directive was first introduced in the `v0.10.26` release. + +See also [lua_ssl_certificate_key](#lua_ssl_certificate_key) and [lua_ssl_verify_depth](#lua_ssl_verify_depth). + +[Back to TOC](#directives) + +lua_ssl_certificate_key +----------------------- + +**syntax:** *lua_ssl_certificate_key <file>* + +**default:** *none* + +**context:** *http, server, location* + +Specifies the file path to the private key associated with the SSL/TLS certificate used in the [tcpsock:sslhandshake](#tcpsocksslhandshake) method. + +This directive allows you to specify the private key file corresponding to the SSL/TLS certificate specified by lua_ssl_certificate. The private key should be in PEM format and must match the certificate. + +This directive was first introduced in the `v0.10.26` release. + +See also [lua_ssl_certificate](#lua_ssl_certificate) and [lua_ssl_verify_depth](#lua_ssl_verify_depth). + +[Back to TOC](#directives) + lua_ssl_trusted_certificate --------------------------- **syntax:** *lua_ssl_trusted_certificate <file>* -**default:** *no* +**default:** *none* **context:** *http, server, location* @@ -3363,7 +3405,7 @@ Sets the verification depth in the server certificates chain. This directive was first introduced in the `v0.9.11` release. -See also [lua_ssl_trusted_certificate](#lua_ssl_trusted_certificate). +See also [lua_ssl_certificate](#lua_ssl_certificate), [lua_ssl_certificate_key](#lua_ssl_certificate_key) and [lua_ssl_trusted_certificate](#lua_ssl_trusted_certificate). [Back to TOC](#directives) @@ -5384,6 +5426,8 @@ Reads the client request body synchronously without blocking the Nginx event loo local args = ngx.req.get_post_args() ``` +Due to the stream processing feature of HTTP/2 or HTTP/3, this api could potentially block the entire request. Therefore, this api is effective only when HTTP/2 or HTTP/3 requests send content-length header. For requests with versions lower than HTTP/2, this api can still be used without any problems. + If the request body is already read previously by turning on [lua_need_request_body](#lua_need_request_body) or by using other modules, then this function does not run and returns immediately. If the request body has already been explicitly discarded, either by the [ngx.req.discard_body](#ngxreqdiscard_body) function or other modules, this function does not run and returns immediately. @@ -5423,12 +5467,14 @@ See also [ngx.req.read_body](#ngxreqread_body). ngx.req.get_body_data --------------------- -**syntax:** *data = ngx.req.get_body_data()* +**syntax:** *data = ngx.req.get_body_data(max_bytes?)* **context:** *rewrite_by_lua*, access_by_lua*, content_by_lua*, log_by_lua** Retrieves in-memory request body data. It returns a Lua string rather than a Lua table holding all the parsed query arguments. Use the [ngx.req.get_post_args](#ngxreqget_post_args) function instead if a Lua table is required. +The optional `max_bytes` argument can be used when you don't need the entire body. + This function returns `nil` if 1. the request body has not been read, @@ -5597,6 +5643,8 @@ Returns a read-only cosocket object that wraps the downstream connection. Only [ In case of error, `nil` will be returned as well as a string describing the error. +Due to the streaming nature of HTTP2 and HTTP3, this API cannot be used when the downstream connection is HTTP2 and HTTP3. + The socket object returned by this method is usually used to read the current request's body in a streaming fashion. Do not turn on the [lua_need_request_body](#lua_need_request_body) directive, and do not mix this call with [ngx.req.read_body](#ngxreqread_body) and [ngx.req.discard_body](#ngxreqdiscard_body). If any request body data has been pre-read into the Nginx core request header buffer, the resulting cosocket object will take care of this to avoid potential data loss resulting from such pre-reading. @@ -9321,12 +9369,6 @@ Only the following ngx_lua APIs could be used in `function_name` function of the * `ngx.decode_args` * `ngx.quote_sql_str` -* `ngx.re.match` -* `ngx.re.find` -* `ngx.re.gmatch` -* `ngx.re.sub` -* `ngx.re.gsub` - * `ngx.crc32_short` * `ngx.crc32_long` * `ngx.hmac_sha1` @@ -9353,7 +9395,7 @@ The second argument `module_name` specifies the lua module name to execute in th The third argument `func_name` specifies the function field in the module table as the second argument. -The type of `arg`s must be one of type below: +The type of `args` must be one of type below: * boolean * number diff --git a/modules/ngx_http_lua_module/doc/HttpLuaModule.wiki b/modules/ngx_http_lua_module/doc/HttpLuaModule.wiki index 34751144bd..305626c767 100644 --- a/modules/ngx_http_lua_module/doc/HttpLuaModule.wiki +++ b/modules/ngx_http_lua_module/doc/HttpLuaModule.wiki @@ -17,8 +17,8 @@ Production ready. = Version = This document describes ngx_lua -[https://github.com/openresty/lua-nginx-module/tags v0.10.19], which was released -on 3 Nov, 2020. +[https://github.com/openresty/lua-nginx-module/tags v0.10.25], which was released +on 19 June 2023. = Videos = @@ -2845,11 +2845,43 @@ The support for the TLSv1.3 parameter requires version v0.10. This directive was first introduced in the v0.9.11 release. +== lua_ssl_certificate == + +'''syntax:''' ''lua_ssl_certificate '' + +'''default:''' ''none'' + +'''context:''' ''http, server, location'' + +Specifies the file path to the SSL/TLS certificate in PEM format used for the [[#tcpsock:sslhandshake|tcpsock:sslhandshake]] method. + +This directive allows you to specify the SSL/TLS certificate that will be presented to server during the SSL/TLS handshake process. + +This directive was first introduced in the v0.10.26 release. + +See also [[#lua_ssl_certificate_key|lua_ssl_certificate_key]] and [[#lua_ssl_verify_depth|lua_ssl_verify_depth]]. + +== lua_ssl_certificate_key == + +'''syntax:''' ''lua_ssl_certificate_key '' + +'''default:''' ''none'' + +'''context:''' ''http, server, location'' + +Specifies the file path to the private key associated with the SSL/TLS certificate used in the [[#tcpsock:sslhandshake|tcpsock:sslhandshake]] method. + +This directive allows you to specify the private key file corresponding to the SSL/TLS certificate specified by lua_ssl_certificate. The private key should be in PEM format and must match the certificate. + +This directive was first introduced in the v0.10.26 release. + +See also [[#lua_ssl_certificate|lua_ssl_certificate]] and [[#lua_ssl_verify_depth|lua_ssl_verify_depth]]. + == lua_ssl_trusted_certificate == '''syntax:''' ''lua_ssl_trusted_certificate '' -'''default:''' ''no'' +'''default:''' ''none'' '''context:''' ''http, server, location'' @@ -2871,7 +2903,7 @@ Sets the verification depth in the server certificates chain. This directive was first introduced in the v0.9.11 release. -See also [[#lua_ssl_trusted_certificate|lua_ssl_trusted_certificate]]. +See also [[#lua_ssl_certificate|lua_ssl_certificate]], [[#lua_ssl_certificate_key|lua_ssl_certificate_key]] and [[#lua_ssl_trusted_certificate|lua_ssl_trusted_certificate]]. == lua_ssl_conf_command == @@ -4555,12 +4587,14 @@ See also [[#ngx.req.read_body|ngx.req.read_body]]. == ngx.req.get_body_data == -'''syntax:''' ''data = ngx.req.get_body_data()'' +'''syntax:''' ''data = ngx.req.get_body_data(max_bytes?)'' '''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, log_by_lua*'' Retrieves in-memory request body data. It returns a Lua string rather than a Lua table holding all the parsed query arguments. Use the [[#ngx.req.get_post_args|ngx.req.get_post_args]] function instead if a Lua table is required. +The optional max_bytes function argument can be used when you don't need the entire body. + This function returns nil if # the request body has not been read, @@ -4707,6 +4741,8 @@ Returns a read-only cosocket object that wraps the downstream connection. Only [ In case of error, nil will be returned as well as a string describing the error. +Due to the streaming nature of HTTP2 and HTTP3, this API cannot be used when the downstream connection is HTTP2 and HTTP3. + The socket object returned by this method is usually used to read the current request's body in a streaming fashion. Do not turn on the [[#lua_need_request_body|lua_need_request_body]] directive, and do not mix this call with [[#ngx.req.read_body|ngx.req.read_body]] and [[#ngx.req.discard_body|ngx.req.discard_body]]. If any request body data has been pre-read into the Nginx core request header buffer, the resulting cosocket object will take care of this to avoid potential data loss resulting from such pre-reading. diff --git a/modules/ngx_http_lua_module/src/api/ngx_http_lua_api.h b/modules/ngx_http_lua_module/src/api/ngx_http_lua_api.h index 640e0c396b..193c44e3a8 100644 --- a/modules/ngx_http_lua_module/src/api/ngx_http_lua_api.h +++ b/modules/ngx_http_lua_module/src/api/ngx_http_lua_api.h @@ -19,7 +19,7 @@ /* Public API for other Nginx modules */ -#define ngx_http_lua_version 10025 +#define ngx_http_lua_version 10026 typedef struct ngx_http_lua_co_ctx_s ngx_http_lua_co_ctx_t; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_accessby.c b/modules/ngx_http_lua_module/src/ngx_http_lua_accessby.c index ef0e4e3a43..3c08993b4d 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_accessby.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_accessby.c @@ -137,6 +137,26 @@ ngx_http_lua_access_handler(ngx_http_request_t *r) } if (llcf->force_read_body && !ctx->read_body_done) { + +#if (NGX_HTTP_V2) + if (r->main->stream && r->headers_in.content_length_n < 0) { + ngx_log_error(NGX_LOG_WARN, r->connection->log, 0, + "disable lua_need_request_body, since " + "http2 read_body may break http2 stream process"); + goto done; + } +#endif + +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.content_length_n < 0) + { + ngx_log_error(NGX_LOG_WARN, r->connection->log, 0, + "disable lua_need_request_body, since " + "http2 read_body may break http2 stream process"); + goto done; + } +#endif r->request_body_in_single_buf = 1; r->request_body_in_persistent_file = 1; r->request_body_in_clean_file = 1; @@ -154,6 +174,12 @@ ngx_http_lua_access_handler(ngx_http_request_t *r) } } +#if defined(NGX_HTTP_V3) || defined(NGX_HTTP_V2) + +done: + +#endif + dd("calling access handler"); return llcf->access_handler(r); } diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_clfactory.c b/modules/ngx_http_lua_module/src/ngx_http_lua_clfactory.c index c13fd14dc1..9eab164661 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_clfactory.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_clfactory.c @@ -91,7 +91,7 @@ * | Int | At which line this function is defined * | [linedefined] | * --------------------- - * | Int | At while line this function definition ended + * | Int | At which line this function definition ended * | [lastlinedefined] | * --------------------- * | Char | Number of upvalues referenced by this function @@ -128,7 +128,7 @@ * | Vector | Debug lineinfo vector * | [lineinfo] | Empty vector here if debug info is stripped * --------------------- - * | Int | Number of local variable in this function + * | Int | Number of local variables in this function * | [sizelocvars] | 0 if debug info is stripped * --------------------- * | String | ------------------------------------ diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_common.h b/modules/ngx_http_lua_module/src/ngx_http_lua_common.h index 843504549a..4bbfd8c780 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_common.h +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_common.h @@ -54,7 +54,7 @@ typedef struct { #endif -#if (NGX_PCRE) +#if defined(NGX_PCRE) && !defined(NGX_PCRE2) #include # if (PCRE_MAJOR > 8) || (PCRE_MAJOR == 8 && PCRE_MINOR >= 21) # define LUA_HAVE_PCRE_JIT 1 @@ -63,6 +63,10 @@ typedef struct { # endif #endif +#if (NGX_PCRE2) +# define LUA_HAVE_PCRE_JIT 1 +#endif + #if (nginx_version < 1006000) # error at least nginx 1.6.0 is required but found an older version @@ -217,11 +221,13 @@ struct ngx_http_lua_main_conf_s { ngx_hash_t builtin_headers_out; -#if (NGX_PCRE) +#if (NGX_PCRE || NGX_PCRE2) ngx_int_t regex_cache_entries; ngx_int_t regex_cache_max_entries; ngx_int_t regex_match_limit; -# if (LUA_HAVE_PCRE_JIT) +#if (NGX_PCRE2) + pcre2_jit_stack *jit_stack; +#elif (LUA_HAVE_PCRE_JIT) pcre_jit_stack *jit_stack; # endif #endif @@ -360,6 +366,8 @@ union ngx_http_lua_srv_conf_u { typedef struct { #if (NGX_HTTP_SSL) ngx_ssl_t *ssl; /* shared by SSL cosockets */ + ngx_array_t *ssl_certificates; + ngx_array_t *ssl_certificate_keys; ngx_uint_t ssl_protocols; ngx_str_t ssl_ciphers; ngx_uint_t ssl_verify_depth; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_contentby.c b/modules/ngx_http_lua_module/src/ngx_http_lua_contentby.c index f46830c41e..a4bd33ca33 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_contentby.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_contentby.c @@ -203,6 +203,26 @@ ngx_http_lua_content_handler(ngx_http_request_t *r) } if (llcf->force_read_body && !ctx->read_body_done) { + +#if (NGX_HTTP_V2) + if (r->main->stream && r->headers_in.content_length_n < 0) { + ngx_log_error(NGX_LOG_WARN, r->connection->log, 0, + "disable lua_need_request_body, since " + "http2 read_body may break http2 stream process"); + goto done; + } +#endif + +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.content_length_n < 0) + { + ngx_log_error(NGX_LOG_WARN, r->connection->log, 0, + "disable lua_need_request_body, since " + "http2 read_body may break http2 stream process"); + goto done; + } +#endif r->request_body_in_single_buf = 1; r->request_body_in_persistent_file = 1; r->request_body_in_clean_file = 1; @@ -221,6 +241,12 @@ ngx_http_lua_content_handler(ngx_http_request_t *r) } } +#if defined(NGX_HTTP_V3) || defined(NGX_HTTP_V2) + +done: + +#endif + dd("setting entered"); ctx->entered_content_phase = 1; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_control.c b/modules/ngx_http_lua_module/src/ngx_http_lua_control.c index 99460456c1..d7e427385d 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_control.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_control.c @@ -280,6 +280,9 @@ ngx_http_lua_ngx_redirect(lua_State *L) h->value.len = len; h->value.data = uri; +#if defined(nginx_version) && nginx_version >= 1023000 + h->next = NULL; +#endif ngx_str_set(&h->key, "Location"); r->headers_out.status = rc; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_headers.c b/modules/ngx_http_lua_module/src/ngx_http_lua_headers.c index e62141b82d..55bc109076 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_headers.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_headers.c @@ -788,6 +788,11 @@ ngx_http_lua_ffi_req_get_headers_count(ngx_http_request_t *r, int max, { int count; ngx_list_part_t *part; +#if (NGX_HTTP_V3) + int has_host = 0; + ngx_uint_t i; + ngx_table_elt_t *header; +#endif if (r->connection->fd == (ngx_socket_t) -1) { return NGX_HTTP_LUA_FFI_BAD_CONTEXT; @@ -800,11 +805,54 @@ ngx_http_lua_ffi_req_get_headers_count(ngx_http_request_t *r, int max, } part = &r->headers_in.headers.part; + +#if (NGX_HTTP_V3) + count = 0; + header = part->elts; + + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.server.data != NULL) + { + has_host = 1; + count++; + } + + if (has_host == 1) { + for (i = 0; /* void */; i++) { + if (i >= part->nelts) { + if (part->next == NULL) { + break; + } + + part = part->next; + header = part->elts; + i = 0; + } + + if (header[i].key.len == 4 + && ngx_strncasecmp(header[i].key.data, + (u_char *) "host", 4) == 0) + { + continue; + } + + count++; + } + + } else { + count = part->nelts; + while (part->next != NULL) { + part = part->next; + count += part->nelts; + } + } +#else count = part->nelts; while (part->next != NULL) { part = part->next; count += part->nelts; } +#endif if (max > 0 && count > max) { *truncated = 1; @@ -827,12 +875,29 @@ ngx_http_lua_ffi_req_get_headers(ngx_http_request_t *r, ngx_uint_t i; ngx_list_part_t *part; ngx_table_elt_t *header; +#if (NGX_HTTP_V3) + int has_host = 0; +#endif if (count <= 0) { return NGX_OK; } n = 0; + +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.server.data != NULL) + { + out[n].key.data = (u_char *) "host"; + out[n].key.len = sizeof("host") - 1; + out[n].value.len = r->headers_in.server.len; + out[n].value.data = r->headers_in.server.data; + has_host = 1; + ++n; + } +#endif + part = &r->headers_in.headers.part; header = part->elts; @@ -848,6 +913,14 @@ ngx_http_lua_ffi_req_get_headers(ngx_http_request_t *r, i = 0; } +#if (NGX_HTTP_V3) + if (has_host == 1 && header[i].key.len == 4 + && ngx_strncasecmp(header[i].key.data, (u_char *) "host", 4) == 0) + { + continue; + } +#endif + if (raw) { out[n].key.data = header[i].key.data; out[n].key.len = (int) header[i].key.len; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_headers_in.c b/modules/ngx_http_lua_module/src/ngx_http_lua_headers_in.c index 4405481408..e756700b06 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_headers_in.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_headers_in.c @@ -280,6 +280,9 @@ ngx_http_set_header_helper(ngx_http_request_t *r, ngx_http_lua_header_val_t *hv, h->key = hv->key; h->value = *value; +#if defined(nginx_version) && nginx_version >= 1023000 + h->next = NULL; +#endif h->lowcase_key = ngx_pnalloc(r->pool, h->key.len); if (h->lowcase_key == NULL) { @@ -588,19 +591,21 @@ ngx_http_set_builtin_multi_header(ngx_http_request_t *r, { #if defined(nginx_version) && nginx_version >= 1023000 ngx_table_elt_t **headers, **ph, *h; - int nelts; headers = (ngx_table_elt_t **) ((char *) &r->headers_in + hv->offset); if (!hv->no_override && *headers != NULL) { - nelts = 0; +#if defined(DDEBUG) && (DDEBUG) + int nelts = 0; + for (h = *headers; h; h = h->next) { nelts++; } - *headers = NULL; - dd("clear multi-value headers: %d", nelts); +#endif + + *headers = NULL; } if (ngx_http_set_header_helper(r, hv, value, &h) == NGX_ERROR) { diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_headers_out.c b/modules/ngx_http_lua_module/src/ngx_http_lua_headers_out.c index 571723d9a6..c51146a3fc 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_headers_out.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_headers_out.c @@ -229,6 +229,9 @@ ngx_http_set_header_helper(ngx_http_request_t *r, ngx_http_lua_header_val_t *hv, h->key = hv->key; h->value = *value; +#if defined(nginx_version) && nginx_version >= 1023000 + h->next = NULL; +#endif h->lowcase_key = ngx_pnalloc(r->pool, h->key.len); if (h->lowcase_key == NULL) { diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_module.c b/modules/ngx_http_lua_module/src/ngx_http_lua_module.c index 16f442464c..fb10bf933e 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_module.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_module.c @@ -48,6 +48,8 @@ static char *ngx_http_lua_merge_loc_conf(ngx_conf_t *cf, void *parent, static ngx_int_t ngx_http_lua_init(ngx_conf_t *cf); static char *ngx_http_lua_lowat_check(ngx_conf_t *cf, void *post, void *data); #if (NGX_HTTP_SSL) +static ngx_int_t ngx_http_lua_merge_ssl(ngx_conf_t *cf, + ngx_http_lua_loc_conf_t *conf, ngx_http_lua_loc_conf_t *prev); static ngx_int_t ngx_http_lua_set_ssl(ngx_conf_t *cf, ngx_http_lua_loc_conf_t *llcf); #if (nginx_version >= 1019004) @@ -57,6 +59,9 @@ static char *ngx_http_lua_ssl_conf_command_check(ngx_conf_t *cf, void *post, #endif static char *ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +#if (NGX_PCRE2) +extern void ngx_http_lua_regex_cleanup(void *data); +#endif static ngx_conf_post_t ngx_http_lua_lowat_post = @@ -648,6 +653,20 @@ static ngx_command_t ngx_http_lua_cmds[] = { offsetof(ngx_http_lua_loc_conf_t, ssl_verify_depth), NULL }, + { ngx_string("lua_ssl_certificate"), + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, + ngx_conf_set_str_array_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_lua_loc_conf_t, ssl_certificates), + NULL }, + + { ngx_string("lua_ssl_certificate_key"), + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, + ngx_conf_set_str_array_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_lua_loc_conf_t, ssl_certificate_keys), + NULL }, + { ngx_string("lua_ssl_trusted_certificate"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, @@ -839,6 +858,17 @@ ngx_http_lua_init(ngx_conf_t *cf) cln->data = lmcf; cln->handler = ngx_http_lua_sema_mm_cleanup; +#if (NGX_PCRE2) + /* add the cleanup of pcre2 regex */ + cln = ngx_pool_cleanup_add(cf->pool, 0); + if (cln == NULL) { + return NGX_ERROR; + } + + cln->data = lmcf; + cln->handler = ngx_http_lua_regex_cleanup; +#endif + #ifdef HAVE_NGX_LUA_PIPE ngx_http_lua_pipe_init(); #endif @@ -1148,15 +1178,15 @@ ngx_http_lua_create_srv_conf(ngx_conf_t *cf) * lscf->srv.ssl_cert_chunkname = NULL; * lscf->srv.ssl_cert_src_key = NULL; * - * lscf->srv.ssl_session_store_handler = NULL; - * lscf->srv.ssl_session_store_src = { 0, NULL }; - * lscf->srv.ssl_session_store_chunkname = NULL; - * lscf->srv.ssl_session_store_src_key = NULL; + * lscf->srv.ssl_sess_store_handler = NULL; + * lscf->srv.ssl_sess_store_src = { 0, NULL }; + * lscf->srv.ssl_sess_store_chunkname = NULL; + * lscf->srv.ssl_sess_store_src_key = NULL; * - * lscf->srv.ssl_session_fetch_handler = NULL; - * lscf->srv.ssl_session_fetch_src = { 0, NULL }; - * lscf->srv.ssl_session_fetch_chunkname = NULL; - * lscf->srv.ssl_session_fetch_src_key = NULL; + * lscf->srv.ssl_sess_fetch_handler = NULL; + * lscf->srv.ssl_sess_fetch_src = { 0, NULL }; + * lscf->srv.ssl_sess_fetch_chunkname = NULL; + * lscf->srv.ssl_sess_fetch_src_key = NULL; * * lscf->balancer.handler = NULL; * lscf->balancer.src = { 0, NULL }; @@ -1399,6 +1429,8 @@ ngx_http_lua_create_loc_conf(ngx_conf_t *cf) #if (NGX_HTTP_SSL) conf->ssl_verify_depth = NGX_CONF_UNSET_UINT; + conf->ssl_certificates = NGX_CONF_UNSET_PTR; + conf->ssl_certificate_keys = NGX_CONF_UNSET_PTR; #if (nginx_version >= 1019004) conf->ssl_conf_commands = NGX_CONF_UNSET_PTR; #endif @@ -1464,16 +1496,24 @@ ngx_http_lua_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child) #if (NGX_HTTP_SSL) + if (ngx_http_lua_merge_ssl(cf, conf, prev) != NGX_OK) { + return NGX_CONF_ERROR; + } + ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, - (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3 + (NGX_CONF_BITMASK_SET |NGX_SSL_TLSv1|NGX_SSL_TLSv1_1 - |NGX_SSL_TLSv1_2)); + |NGX_SSL_TLSv1_2|NGX_SSL_TLSv1_3)); ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT"); ngx_conf_merge_uint_value(conf->ssl_verify_depth, prev->ssl_verify_depth, 1); + ngx_conf_merge_ptr_value(conf->ssl_certificates, + prev->ssl_certificates, NULL); + ngx_conf_merge_ptr_value(conf->ssl_certificate_keys, + prev->ssl_certificate_keys, NULL); ngx_conf_merge_str_value(conf->ssl_trusted_certificate, prev->ssl_trusted_certificate, ""); ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, ""); @@ -1527,17 +1567,77 @@ ngx_http_lua_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child) #if (NGX_HTTP_SSL) +static ngx_int_t +ngx_http_lua_merge_ssl(ngx_conf_t *cf, + ngx_http_lua_loc_conf_t *conf, ngx_http_lua_loc_conf_t *prev) +{ + ngx_uint_t preserve; + + if (conf->ssl_protocols == 0 + && conf->ssl_ciphers.data == NULL + && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT + && conf->ssl_certificates == NGX_CONF_UNSET_PTR + && conf->ssl_certificate_keys == NGX_CONF_UNSET_PTR + && conf->ssl_trusted_certificate.data == NULL + && conf->ssl_crl.data == NULL +#if (nginx_version >= 1019004) + && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR +#endif + ) + { + if (prev->ssl) { + conf->ssl = prev->ssl; + return NGX_OK; + } + + preserve = 1; + + } else { + preserve = 0; + } + + conf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (conf->ssl == NULL) { + return NGX_ERROR; + } + + conf->ssl->log = cf->log; + + /* + * special handling to preserve conf->ssl_* in the "http" section + * to inherit it to all servers + */ + + if (preserve) { + prev->ssl = conf->ssl; + } + + return NGX_OK; +} + + static ngx_int_t ngx_http_lua_set_ssl(ngx_conf_t *cf, ngx_http_lua_loc_conf_t *llcf) { ngx_pool_cleanup_t *cln; - llcf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (llcf->ssl == NULL) { - return NGX_ERROR; + if (llcf->ssl->ctx) { + return NGX_OK; } - llcf->ssl->log = cf->log; + if (llcf->ssl_certificates) { + if (llcf->ssl_certificate_keys == NULL + || llcf->ssl_certificate_keys->nelts + < llcf->ssl_certificates->nelts) + { + ngx_log_error(NGX_LOG_EMERG, cf->log, 0, + "no \"lua_ssl_certificate_key\" is defined " + "for certificate \"%V\"", + ((ngx_str_t *) llcf->ssl_certificates->elts) + + llcf->ssl_certificates->nelts - 1); + return NGX_ERROR; + } + } if (ngx_ssl_create(llcf->ssl, llcf->ssl_protocols, NULL) != NGX_OK) { return NGX_ERROR; @@ -1562,6 +1662,16 @@ ngx_http_lua_set_ssl(ngx_conf_t *cf, ngx_http_lua_loc_conf_t *llcf) return NGX_ERROR; } + if (llcf->ssl_certificates + && ngx_ssl_certificates(cf, llcf->ssl, + llcf->ssl_certificates, + llcf->ssl_certificate_keys, + NULL) + != NGX_OK) + { + return NGX_ERROR; + } + if (llcf->ssl_trusted_certificate.len && ngx_ssl_trusted_certificate(cf, llcf->ssl, &llcf->ssl_trusted_certificate, diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.c b/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.c index 562847a639..76e745e6db 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.c @@ -14,19 +14,65 @@ #include "ngx_http_lua_pcrefix.h" #include "stdio.h" -#if (NGX_PCRE) +#if (NGX_PCRE || NGX_PCRE2) static ngx_pool_t *ngx_http_lua_pcre_pool = NULL; + +#if (NGX_PCRE2) +static ngx_uint_t ngx_regex_direct_alloc; +#else static void *(*old_pcre_malloc)(size_t); static void (*old_pcre_free)(void *ptr); +#endif /* XXX: work-around to nginx regex subsystem, must init a memory pool * to use PCRE functions. As PCRE still has memory-leaking problems, * and nginx overwrote pcre_malloc/free hooks with its own static * functions, so nobody else can reuse nginx regex subsystem... */ -static void * +#if (NGX_PCRE2) + +void * +ngx_http_lua_pcre_malloc(size_t size, void *data) +{ + dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); + + if (ngx_http_lua_pcre_pool) { + return ngx_palloc(ngx_http_lua_pcre_pool, size); + } + + if (ngx_regex_direct_alloc) { + return ngx_alloc(size, ngx_cycle->log); + } + + fprintf(stderr, "error: lua pcre malloc failed due to empty pcre pool"); + + return NULL; +} + + +void +ngx_http_lua_pcre_free(void *ptr, void *data) +{ + dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); + + if (ngx_http_lua_pcre_pool) { + ngx_pfree(ngx_http_lua_pcre_pool, ptr); + return; + } + + if (ngx_regex_direct_alloc) { + ngx_free(ptr); + return; + } + + fprintf(stderr, "error: lua pcre free failed due to empty pcre pool"); +} + +#else + +void * ngx_http_lua_pcre_malloc(size_t size) { dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); @@ -54,6 +100,41 @@ ngx_http_lua_pcre_free(void *ptr) fprintf(stderr, "error: lua pcre free failed due to empty pcre pool"); } +#endif + + +#if (NGX_PCRE2) + +ngx_pool_t * +ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool) +{ + ngx_pool_t *old_pool; + + dd("lua pcre pool was %p", ngx_http_lua_pcre_pool); + + ngx_regex_direct_alloc = (pool == NULL) ? 1 : 0; + + old_pool = ngx_http_lua_pcre_pool; + ngx_http_lua_pcre_pool = pool; + + dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); + + return old_pool; +} + + +void +ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool) +{ + dd("lua pcre pool was %p", ngx_http_lua_pcre_pool); + + ngx_http_lua_pcre_pool = old_pool; + ngx_regex_direct_alloc = 0; + + dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); +} + +#else ngx_pool_t * ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool) @@ -101,6 +182,7 @@ ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool) } } -#endif /* NGX_PCRE */ +#endif +#endif /* NGX_PCRE || NGX_PCRE2 */ /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.h b/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.h index 80f29f9e75..ef09636313 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.h +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_pcrefix.h @@ -12,9 +12,16 @@ #include "ngx_http_lua_common.h" -#if (NGX_PCRE) +#if (NGX_PCRE || NGX_PCRE2) + ngx_pool_t *ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool); void ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool); + +#if NGX_PCRE2 +void *ngx_http_lua_pcre_malloc(size_t size, void *data); +void ngx_http_lua_pcre_free(void *ptr, void *data); +#endif + #endif diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_regex.c b/modules/ngx_http_lua_module/src/ngx_http_lua_regex.c index 5c17cfe09c..7317451f65 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_regex.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_regex.c @@ -9,21 +9,31 @@ #endif #include "ddebug.h" - -#if (NGX_PCRE) +#if (NGX_PCRE || NGX_PCRE2) #include "ngx_http_lua_pcrefix.h" #include "ngx_http_lua_script.h" #include "ngx_http_lua_util.h" -#if (PCRE_MAJOR >= 6) +#if (PCRE_MAJOR >= 6 || NGX_PCRE2) # define LUA_HAVE_PCRE_DFA 1 #else # define LUA_HAVE_PCRE_DFA 0 #endif +#if (NGX_PCRE2) +static pcre2_compile_context *ngx_regex_compile_context; +static pcre2_match_context *ngx_regex_match_context; +static pcre2_match_data *ngx_regex_match_data; +static ngx_uint_t ngx_regex_match_data_size = 0; + +#define PCRE2_VERSION_SIZE 64 +static char ngx_pcre2_version[PCRE2_VERSION_SIZE]; +#endif + + #define NGX_LUA_RE_MODE_DFA (1<<1) #define NGX_LUA_RE_MODE_JIT (1<<2) #define NGX_LUA_RE_NO_UTF8_CHECK (1<<4) @@ -42,8 +52,17 @@ typedef struct { int ncaptures; int *captures; +#if (NGX_PCRE2) + pcre2_code *regex; + /* + * pcre2 doesn't use pcre_extra any more, + * just for keeping same memory layout in the lua ffi cdef + */ + void *regex_sd; +#else pcre *regex; pcre_extra *regex_sd; +#endif ngx_http_lua_complex_value_t *replace; @@ -57,7 +76,11 @@ typedef struct { ngx_pool_t *pool; ngx_int_t options; +#if (NGX_PCRE2) + pcre2_code *regex; +#else pcre *regex; +#endif int captures; ngx_str_t err; } ngx_http_lua_regex_compile_t; @@ -65,8 +88,12 @@ typedef struct { typedef struct { ngx_http_request_t *request; +#if (NGX_PCRE2) + pcre2_code *regex; +#else pcre *regex; pcre_extra *regex_sd; +#endif int ncaptures; int *captures; int captures_len; @@ -74,8 +101,6 @@ typedef struct { } ngx_http_lua_regex_ctx_t; -static void ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, - pcre_extra *sd); static ngx_int_t ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc); @@ -91,21 +116,155 @@ static ngx_int_t ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc); static void -ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, pcre_extra *sd) +ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, ngx_http_lua_regex_t *re) { - ngx_pool_t *old_pool; + ngx_pool_t *old_pool; - old_pool = ngx_http_lua_pcre_malloc_init(pool); +#if (NGX_PCRE2) + if (re && re->regex) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + + pcre2_code_free(re->regex); + + ngx_http_lua_pcre_malloc_done(old_pool); + re->regex = NULL; + } +#else + if (re && re->regex_sd) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); #if LUA_HAVE_PCRE_JIT - pcre_free_study(sd); + pcre_free_study(re->regex_sd); #else - pcre_free(sd); + pcre_free(re->regex_sd); #endif + ngx_http_lua_pcre_malloc_done(old_pool); + + re->regex_sd = NULL; + } +#endif +} + + +#if (NGX_PCRE2) +static ngx_int_t +ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc) +{ + int n, errcode; + char *p; + size_t erroff; + u_char errstr[128]; + pcre2_code *re; + ngx_pool_t *old_pool; + pcre2_general_context *gctx; + pcre2_compile_context *cctx; + + ngx_http_lua_main_conf_t *lmcf; + + if (ngx_regex_compile_context == NULL) { + /* + * Allocate a compile context if not yet allocated. This uses + * direct allocations from heap, so the result can be cached + * even at runtime. + */ + + old_pool = ngx_http_lua_pcre_malloc_init(NULL); + + gctx = pcre2_general_context_create(ngx_http_lua_pcre_malloc, + ngx_http_lua_pcre_free, + NULL); + if (gctx == NULL) { + ngx_http_lua_pcre_malloc_done(old_pool); + goto nomem; + } + + cctx = pcre2_compile_context_create(gctx); + if (cctx == NULL) { + pcre2_general_context_free(gctx); + ngx_http_lua_pcre_malloc_done(old_pool); + goto nomem; + } + + ngx_regex_compile_context = cctx; + + ngx_regex_match_context = pcre2_match_context_create(gctx); + if (ngx_regex_match_context == NULL) { + pcre2_general_context_free(gctx); + ngx_http_lua_pcre_malloc_done(old_pool); + goto nomem; + } + + lmcf = ngx_http_cycle_get_module_main_conf(ngx_cycle, + ngx_http_lua_module); + if (lmcf && lmcf->regex_match_limit > 0) { + pcre2_set_match_limit(ngx_regex_match_context, + lmcf->regex_match_limit); + } + + pcre2_general_context_free(gctx); + ngx_http_lua_pcre_malloc_done(old_pool); + } + + old_pool = ngx_http_lua_pcre_malloc_init(rc->pool); + + re = pcre2_compile(rc->pattern.data, + rc->pattern.len, rc->options, + &errcode, &erroff, ngx_regex_compile_context); ngx_http_lua_pcre_malloc_done(old_pool); + + if (re == NULL) { + pcre2_get_error_message(errcode, errstr, 128); + + if ((size_t) erroff == rc->pattern.len) { + rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, + "pcre2_compile() failed: %s in \"%V\"", + errstr, &rc->pattern) + - rc->err.data; + + } else { + rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, + "pcre2_compile() failed: %s in " + "\"%V\" at \"%s\"", errstr, &rc->pattern, + rc->pattern.data + erroff) + - rc->err.data; + } + + return NGX_ERROR; + } + + rc->regex = re; + + n = pcre2_pattern_info(re, PCRE2_INFO_CAPTURECOUNT, &rc->captures); + if (n < 0) { + p = "pcre2_pattern_info(\"%V\", PCRE_INFO_CAPTURECOUNT) failed: %d"; + goto failed; + } + +#if (NGX_DEBUG) + ngx_log_debug3(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre2_compile: pattern[%V], options 0x%08Xd, ncaptures %d", + &rc->pattern, rc->options, rc->captures); +#endif + + return NGX_OK; + +failed: + + rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, p, &rc->pattern, n) + - rc->err.data; + return NGX_ERROR; + +nomem: + + rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, + "regex \"%V\" compilation failed: no memory", + &rc->pattern) + - rc->err.data; + return NGX_ERROR; } +#else static ngx_int_t ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc) @@ -159,13 +318,14 @@ ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc) - rc->err.data; return NGX_OK; } +#endif ngx_int_t ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, size_t *errstr_size) { -#if LUA_HAVE_PCRE_JIT +#if (NGX_PCRE2 || LUA_HAVE_PCRE_JIT) ngx_http_lua_main_conf_t *lmcf; ngx_pool_t *pool, *old_pool; @@ -186,15 +346,24 @@ ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, if (lmcf->jit_stack) { old_pool = ngx_http_lua_pcre_malloc_init(pool); +#if (NGX_PCRE2) + pcre2_jit_stack_free(lmcf->jit_stack); +#else pcre_jit_stack_free(lmcf->jit_stack); +#endif ngx_http_lua_pcre_malloc_done(old_pool); } old_pool = ngx_http_lua_pcre_malloc_init(pool); +#if (NGX_PCRE2) + lmcf->jit_stack = pcre2_jit_stack_create(NGX_LUA_RE_MIN_JIT_STACK_SIZE, + size, NULL); +#else lmcf->jit_stack = pcre_jit_stack_alloc(NGX_LUA_RE_MIN_JIT_STACK_SIZE, size); +#endif ngx_http_lua_pcre_malloc_done(old_pool); @@ -214,8 +383,148 @@ ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, - errstr; return NGX_ERROR; +#endif +} + + +#if (NGX_PCRE2) +static void +ngx_http_lua_regex_jit_compile(ngx_http_lua_regex_t *re, int flags, + ngx_pool_t *pool, ngx_http_lua_main_conf_t *lmcf, + ngx_http_lua_regex_compile_t *re_comp) +{ + ngx_int_t ret; + ngx_pool_t *old_pool; + + if (flags & NGX_LUA_RE_MODE_JIT) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + ret = pcre2_jit_compile(re_comp->regex, PCRE2_JIT_COMPLETE); + + if (ret != 0) { + ngx_log_error(NGX_LOG_INFO, ngx_cycle->log, 0, + "pcre2_jit_compile() failed: %d in \"%V\", " + "ignored", + ret, &re_comp->pattern); + +#if (NGX_DEBUG) + + } else { + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre2 JIT compiled successfully"); +# endif /* !(NGX_DEBUG) */ + } + + ngx_http_lua_pcre_malloc_done(old_pool); + + } + + if (lmcf && lmcf->jit_stack) { + pcre2_jit_stack_assign(ngx_regex_match_context, NULL, + lmcf->jit_stack); + } + + return; +} + +#else + +static void +ngx_http_lua_regex_jit_compile(ngx_http_lua_regex_t *re, int flags, + ngx_pool_t *pool, ngx_http_lua_main_conf_t *lmcf, + ngx_http_lua_regex_compile_t *re_comp) +{ + const char *msg; + pcre_extra *sd = NULL; + ngx_pool_t *old_pool; + + +#if (LUA_HAVE_PCRE_JIT) + if (flags & NGX_LUA_RE_MODE_JIT) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + sd = pcre_study(re_comp->regex, PCRE_STUDY_JIT_COMPILE, &msg); + ngx_http_lua_pcre_malloc_done(old_pool); + +# if (NGX_DEBUG) + if (msg != NULL) { + ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre study failed with PCRE_STUDY_JIT_COMPILE: " + "%s (%p)", msg, sd); + } + + if (sd != NULL) { + int jitted; + + old_pool = ngx_http_lua_pcre_malloc_init(pool); + + pcre_fullinfo(re_comp->regex, sd, PCRE_INFO_JIT, &jitted); + + ngx_http_lua_pcre_malloc_done(old_pool); + + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre JIT compiling result: %d", jitted); + } +# endif /* !(NGX_DEBUG) */ + + } else { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + sd = pcre_study(re_comp->regex, 0, &msg); + ngx_http_lua_pcre_malloc_done(old_pool); + } + + if (sd && lmcf && lmcf->jit_stack) { + pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); + } + + if (sd + && lmcf && lmcf->regex_match_limit > 0 + && !(flags & NGX_LUA_RE_MODE_DFA)) + { + sd->flags |= PCRE_EXTRA_MATCH_LIMIT; + sd->match_limit = lmcf->regex_match_limit; + } + #endif /* LUA_HAVE_PCRE_JIT */ + + re->regex_sd = sd; } +#endif + + +#if (NGX_PCRE2) +void +ngx_http_lua_regex_cleanup(void *data) +{ + ngx_pool_t *old_pool; + ngx_http_lua_main_conf_t *lmcf; + + lmcf = data; + + if (ngx_regex_compile_context) { + old_pool = ngx_http_lua_pcre_malloc_init(NULL); + pcre2_compile_context_free(ngx_regex_compile_context); + ngx_regex_compile_context = NULL; + ngx_http_lua_pcre_malloc_done(old_pool); + } + + if (lmcf && lmcf->jit_stack) { + old_pool = ngx_http_lua_pcre_malloc_init(NULL); + + pcre2_jit_stack_free(lmcf->jit_stack); + lmcf->jit_stack = NULL; + + ngx_http_lua_pcre_malloc_done(old_pool); + } + + if (ngx_regex_match_data) { + old_pool = ngx_http_lua_pcre_malloc_init(NULL); + pcre2_match_data_free(ngx_regex_match_data); + ngx_regex_match_data = NULL; + ngx_regex_match_data_size = 0; + ngx_http_lua_pcre_malloc_done(old_pool); + } + +} +#endif ngx_http_lua_regex_t * @@ -228,8 +537,7 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, ngx_int_t rc; const char *msg; ngx_pool_t *pool, *old_pool; - pcre_extra *sd = NULL; - ngx_http_lua_regex_t *re; + ngx_http_lua_regex_t *re = NULL; ngx_http_lua_main_conf_t *lmcf; ngx_http_lua_regex_compile_t re_comp; @@ -251,6 +559,8 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, } re->pool = pool; + re->regex = NULL; + re->regex_sd = NULL; re_comp.options = pcre_opts; re_comp.pattern.data = (u_char *) pat; @@ -274,54 +584,7 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, ngx_http_lua_assert(lmcf != NULL); -#if (LUA_HAVE_PCRE_JIT) - - if (flags & NGX_LUA_RE_MODE_JIT) { - - old_pool = ngx_http_lua_pcre_malloc_init(pool); - sd = pcre_study(re_comp.regex, PCRE_STUDY_JIT_COMPILE, &msg); - ngx_http_lua_pcre_malloc_done(old_pool); - -# if (NGX_DEBUG) - if (msg != NULL) { - ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, - "pcre study failed with PCRE_STUDY_JIT_COMPILE: " - "%s (%p)", msg, sd); - } - - if (sd != NULL) { - int jitted; - - old_pool = ngx_http_lua_pcre_malloc_init(pool); - - pcre_fullinfo(re_comp.regex, sd, PCRE_INFO_JIT, &jitted); - - ngx_http_lua_pcre_malloc_done(old_pool); - - ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, - "pcre JIT compiling result: %d", jitted); - } -# endif /* !(NGX_DEBUG) */ - - } else { - old_pool = ngx_http_lua_pcre_malloc_init(pool); - sd = pcre_study(re_comp.regex, 0, &msg); - ngx_http_lua_pcre_malloc_done(old_pool); - } - - if (sd && lmcf->jit_stack) { - pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); - } - -#endif /* LUA_HAVE_PCRE_JIT */ - - if (sd - && lmcf && lmcf->regex_match_limit > 0 - && !(flags & NGX_LUA_RE_MODE_DFA)) - { - sd->flags |= PCRE_EXTRA_MATCH_LIMIT; - sd->match_limit = lmcf->regex_match_limit; - } + ngx_http_lua_regex_jit_compile(re, flags, pool, lmcf, &re_comp); if (flags & NGX_LUA_RE_MODE_DFA) { ovecsize = 2; @@ -339,6 +602,31 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, goto error; } +#if (NGX_PCRE2) + if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMECOUNT, + &re->name_count) < 0) + { + msg = "cannot acquire named subpattern count"; + goto error; + } + + if (re->name_count > 0) { + if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMEENTRYSIZE, + &re->name_entry_size) != 0) + { + msg = "cannot acquire named subpattern entry size"; + goto error; + } + + if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMETABLE, + &re->name_table) != 0) + { + msg = "cannot acquire named subpattern table"; + goto error; + } + } + +#else if (pcre_fullinfo(re_comp.regex, NULL, PCRE_INFO_NAMECOUNT, &re->name_count) != 0) { @@ -361,9 +649,9 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, goto error; } } +#endif re->regex = re_comp.regex; - re->regex_sd = sd; re->ncaptures = re_comp.captures; re->captures = cap; re->replace = NULL; @@ -379,9 +667,7 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, p = ngx_snprintf(errstr, errstr_size - 1, "%s", msg); *p = '\0'; - if (sd) { - ngx_http_lua_regex_free_study_data(pool, sd); - } + ngx_http_lua_regex_free_study_data(pool, re); if (pool) { ngx_destroy_pool(pool); @@ -391,6 +677,103 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, } +#if (NGX_PCRE2) +int +ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, + const u_char *s, size_t len, int pos) +{ + int rc, exec_opts = 0; + size_t *ov; + ngx_uint_t ovecsize, n, i; + ngx_pool_t *old_pool; + + if (flags & NGX_LUA_RE_MODE_DFA) { + ovecsize = 2; + re->ncaptures = 0; + + } else { + ovecsize = (re->ncaptures + 1) * 3; + } + + old_pool = ngx_http_lua_pcre_malloc_init(NULL); + + if (ngx_regex_match_data == NULL + || ovecsize > ngx_regex_match_data_size) + { + /* + * Allocate a match data if not yet allocated or smaller than + * needed. + */ + + if (ngx_regex_match_data) { + pcre2_match_data_free(ngx_regex_match_data); + } + + ngx_regex_match_data_size = ovecsize; + ngx_regex_match_data = pcre2_match_data_create(ovecsize / 3, NULL); + + if (ngx_regex_match_data == NULL) { + rc = PCRE2_ERROR_NOMEMORY; + goto failed; + } + } + + if (flags & NGX_LUA_RE_NO_UTF8_CHECK) { + exec_opts = PCRE2_NO_UTF_CHECK; + + } else { + exec_opts = 0; + } + + if (flags & NGX_LUA_RE_MODE_DFA) { + int ws[NGX_LUA_RE_DFA_MODE_WORKSPACE_COUNT]; + rc = pcre2_dfa_match(re->regex, s, len, pos, exec_opts, + ngx_regex_match_data, ngx_regex_match_context, + ws, sizeof(ws) / sizeof(ws[0])); + + + } else { + rc = pcre2_match(re->regex, s, len, pos, exec_opts, + ngx_regex_match_data, ngx_regex_match_context); + } + + if (rc < 0) { +#if (NGX_DEBUG) + ngx_log_debug4(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre2_match failed: flags 0x%05Xd, options 0x%08Xd, " + "rc %d, ovecsize %ui", flags, exec_opts, rc, ovecsize); +#endif + + goto failed; + } + + n = pcre2_get_ovector_count(ngx_regex_match_data); + ov = pcre2_get_ovector_pointer(ngx_regex_match_data); + +#if (NGX_DEBUG) + ngx_log_debug5(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "pcre2_match: flags 0x%05Xd, options 0x%08Xd, rc %d, " + "n %ui, ovecsize %ui", flags, exec_opts, rc, n, ovecsize); +#endif + + if (!(flags & NGX_LUA_RE_MODE_DFA) && n > ovecsize / 3) { + n = ovecsize / 3; + } + + for (i = 0; i < n; i++) { + re->captures[i * 2] = ov[i * 2]; + re->captures[i * 2 + 1] = ov[i * 2 + 1]; + } + +failed: + + ngx_http_lua_pcre_malloc_done(old_pool); + + return rc; +} + +#else + int ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, const u_char *s, size_t len, int pos) @@ -427,7 +810,8 @@ ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, int ws[NGX_LUA_RE_DFA_MODE_WORKSPACE_COUNT]; rc = ngx_http_lua_regex_dfa_exec(re->regex, sd, &subj, (int) pos, cap, ovecsize, ws, - sizeof(ws)/sizeof(ws[0]), exec_opts); + sizeof(ws) / sizeof(ws[0]), + exec_opts); #else @@ -443,28 +827,19 @@ ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, return rc; } +#endif + void ngx_http_lua_ffi_destroy_regex(ngx_http_lua_regex_t *re) { - ngx_pool_t *old_pool; - dd("destroy regex called"); if (re == NULL || re->pool == NULL) { return; } - if (re->regex_sd) { - old_pool = ngx_http_lua_pcre_malloc_init(re->pool); -#if LUA_HAVE_PCRE_JIT - pcre_free_study(re->regex_sd); -#else - pcre_free(re->regex_sd); -#endif - ngx_http_lua_pcre_malloc_done(old_pool); - re->regex_sd = NULL; - } + ngx_http_lua_regex_free_study_data(re->pool, re); ngx_destroy_pool(re->pool); } @@ -592,11 +967,17 @@ ngx_http_lua_ffi_max_regex_cache_size(void) const char * ngx_http_lua_ffi_pcre_version(void) { +#if (NGX_PCRE2) + pcre2_config(PCRE2_CONFIG_VERSION, ngx_pcre2_version); + + return ngx_pcre2_version; +#else return pcre_version(); +#endif } -#endif /* NGX_PCRE */ +#endif /* NGX_PCRE || NGX_PCRE2 */ /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_req_body.c b/modules/ngx_http_lua_module/src/ngx_http_lua_req_body.c index 935fafc8a4..61ab999045 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_req_body.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_req_body.c @@ -85,6 +85,23 @@ ngx_http_lua_ngx_req_read_body(lua_State *L) return luaL_error(L, "request object not found"); } +/* http2 read body may break http2 stream process */ +#if (NGX_HTTP_V2) + if (r->main->stream && r->headers_in.content_length_n < 0) { + return luaL_error(L, "http2 requests are not supported" + " without content-length header"); + } +#endif + +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.content_length_n < 0) + { + return luaL_error(L, "http3 requests are not supported" + " without content-length header"); + } +#endif + r->request_body_in_single_buf = 1; r->request_body_in_persistent_file = 1; r->request_body_in_clean_file = 1; @@ -229,15 +246,21 @@ ngx_http_lua_ngx_req_get_body_data(lua_State *L) { ngx_http_request_t *r; int n; - size_t len; + size_t len, max; + size_t size, rest; ngx_chain_t *cl; u_char *p; u_char *buf; n = lua_gettop(L); - if (n != 0) { - return luaL_error(L, "expecting 0 arguments but seen %d", n); + if (n != 0 && n != 1) { + return luaL_error(L, "expecting 0 or 1 arguments but seen %d", n); + } + + max = 0; + if (n == 1) { + max = (size_t) luaL_checknumber(L, 1); } r = ngx_http_lua_get_req(L); @@ -265,6 +288,7 @@ ngx_http_lua_ngx_req_get_body_data(lua_State *L) return 1; } + len = (max > 0 && len > max) ? max : len; lua_pushlstring(L, (char *) cl->buf->pos, len); return 1; } @@ -275,7 +299,13 @@ ngx_http_lua_ngx_req_get_body_data(lua_State *L) for (; cl; cl = cl->next) { dd("body chunk len: %d", (int) ngx_buf_size(cl->buf)); - len += cl->buf->last - cl->buf->pos; + size = cl->buf->last - cl->buf->pos; + if (max > 0 && (len + size > max)) { + len = max; + break; + } + + len += size; } if (len == 0) { @@ -286,8 +316,15 @@ ngx_http_lua_ngx_req_get_body_data(lua_State *L) buf = (u_char *) lua_newuserdata(L, len); p = buf; - for (cl = r->request_body->bufs; cl; cl = cl->next) { - p = ngx_copy(p, cl->buf->pos, cl->buf->last - cl->buf->pos); + rest = len; + for (cl = r->request_body->bufs; cl != NULL && rest > 0; cl = cl->next) { + size = ngx_buf_size(cl->buf); + if (size > rest) { /* reach limit*/ + size = rest; + } + + p = ngx_copy(p, cl->buf->pos, size); + rest -= size; } lua_pushlstring(L, (char *) buf, len); @@ -312,6 +349,23 @@ ngx_http_lua_ngx_req_get_body_file(lua_State *L) return luaL_error(L, "request object not found"); } +/* http2 read body may break http2 stream process */ +#if (NGX_HTTP_V2) + if (r->main->stream && r->headers_in.content_length_n < 0) { + return luaL_error(L, "http2 requests are not supported" + " without content-length header"); + } +#endif + +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30 + && r->headers_in.content_length_n < 0) + { + return luaL_error(L, "http3 requests are not supported" + " without content-length header"); + } +#endif + ngx_http_lua_check_fake_request(L, r); if (r->request_body == NULL || r->request_body->temp_file == NULL) { diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_rewriteby.c b/modules/ngx_http_lua_module/src/ngx_http_lua_rewriteby.c index 37a9593d05..e1179ce4c6 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_rewriteby.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_rewriteby.c @@ -140,7 +140,12 @@ ngx_http_lua_rewrite_handler(ngx_http_request_t *r) return NGX_DONE; } +/* http2 read body may break http2 stream process */ +#if (NGX_HTTP_V2) + if (llcf->force_read_body && !ctx->read_body_done && !r->main->stream) { +#else if (llcf->force_read_body && !ctx->read_body_done) { +#endif r->request_body_in_single_buf = 1; r->request_body_in_persistent_file = 1; r->request_body_in_clean_file = 1; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_server_rewriteby.c b/modules/ngx_http_lua_module/src/ngx_http_lua_server_rewriteby.c index be860693f4..997262eeb7 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_server_rewriteby.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_server_rewriteby.c @@ -102,8 +102,13 @@ ngx_http_lua_server_rewrite_handler(ngx_http_request_t *r) return NGX_DONE; } - /* TODO: lscf do not have force_read_body */ +/* TODO: lscf do not have force_read_body + * http2 read body may break http2 stream process */ +#if (NGX_HTTP_V2) + if (llcf->force_read_body && !ctx->read_body_done && !r->main->stream) { +#else if (llcf->force_read_body && !ctx->read_body_done) { +#endif r->request_body_in_single_buf = 1; r->request_body_in_persistent_file = 1; r->request_body_in_clean_file = 1; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_shdict.c b/modules/ngx_http_lua_module/src/ngx_http_lua_shdict.c index 2e0b044065..31bdcdb6a5 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_shdict.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_shdict.c @@ -654,7 +654,7 @@ ngx_http_lua_shared_dict_get(ngx_shm_zone_t *zone, u_char *key_data, return NGX_ERROR; } - ngx_memcpy(&value->value.b, data, len); + ngx_memcpy(&value->value.n, data, len); break; case SHDICT_TBOOLEAN: diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_socket_tcp.c b/modules/ngx_http_lua_module/src/ngx_http_lua_socket_tcp.c index 2e21cae432..689b1aa5b2 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_socket_tcp.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_socket_tcp.c @@ -75,6 +75,8 @@ static void ngx_http_lua_socket_dummy_handler(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u); static int ngx_http_lua_socket_tcp_receive_helper(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u, lua_State *L); +static void ngx_http_lua_socket_tcp_read_prepare(ngx_http_request_t *r, + ngx_http_lua_socket_tcp_upstream_t *u, void *data, lua_State *L); static ngx_int_t ngx_http_lua_socket_tcp_read(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u); static int ngx_http_lua_socket_tcp_receive_retval_handler(ngx_http_request_t *r, @@ -863,7 +865,9 @@ ngx_http_lua_socket_tcp_bind(lua_State *L) | NGX_HTTP_LUA_CONTEXT_ACCESS | NGX_HTTP_LUA_CONTEXT_CONTENT | NGX_HTTP_LUA_CONTEXT_TIMER - | NGX_HTTP_LUA_CONTEXT_SSL_CERT); + | NGX_HTTP_LUA_CONTEXT_SSL_CERT + | NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH + | NGX_HTTP_LUA_CONTEXT_SSL_CLIENT_HELLO); luaL_checktype(L, 1, LUA_TTABLE); @@ -2163,8 +2167,6 @@ ngx_http_lua_socket_tcp_receive_helper(ngx_http_request_t *r, ngx_http_lua_ctx_t *ctx; ngx_http_lua_co_ctx_t *coctx; - u->input_filter_ctx = u; - ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); if (u->bufs_in == NULL) { @@ -2193,6 +2195,8 @@ ngx_http_lua_socket_tcp_receive_helper(ngx_http_request_t *r, u->read_waiting = 0; u->read_co_ctx = NULL; + ngx_http_lua_socket_tcp_read_prepare(r, u, u, L); + rc = ngx_http_lua_socket_tcp_read(r, u); if (rc == NGX_ERROR) { @@ -2409,7 +2413,7 @@ ngx_http_lua_socket_tcp_receive(lua_State *L) case LUA_TNUMBER: bytes = lua_tointeger(L, 2); if (bytes < 0) { - return luaL_argerror(L, 2, "bad pattern argument"); + return luaL_argerror(L, 2, "bad number argument"); } #if 1 @@ -2426,7 +2430,7 @@ ngx_http_lua_socket_tcp_receive(lua_State *L) break; default: - return luaL_argerror(L, 2, "bad pattern argument"); + return luaL_argerror(L, 2, "bad argument"); break; } @@ -2514,6 +2518,87 @@ ngx_http_lua_socket_read_any(void *data, ssize_t bytes) } +static void +ngx_http_lua_socket_tcp_read_prepare(ngx_http_request_t *r, + ngx_http_lua_socket_tcp_upstream_t *u, void *data, lua_State *L) +{ + ngx_http_lua_ctx_t *ctx; + ngx_chain_t *new_cl; + ngx_buf_t *b; + off_t size; + + ngx_http_lua_socket_compiled_pattern_t *cp; + + /* input_filter_ctx doesn't change, no need recovering */ + if (u->input_filter_ctx == data) { + return; + } + + /* last input_filter_ctx is null or upstream, no data pending */ + if (u->input_filter_ctx == NULL || u->input_filter_ctx == u) { + u->input_filter_ctx = data; + return; + } + + /* compiled pattern may be with data pending */ + + cp = u->input_filter_ctx; + u->input_filter_ctx = data; + + cp->upstream = NULL; + + /* no data pending */ + if (cp->state <= 0) { + return; + } + + b = &u->buffer; + + if (b->pos - b->start >= cp->state) { + dd("pending data in one buffer"); + + b->pos -= cp->state; + + u->buf_in->buf->pos = b->pos; + u->buf_in->buf->last = b->pos; + + /* reset dfa state for future matching */ + cp->state = 0; + return; + } + + dd("pending data in multiple buffers"); + + ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); + + size = ngx_buf_size(b); + + new_cl = + ngx_http_lua_chain_get_free_buf(r->connection->log, r->pool, + &ctx->free_recv_bufs, + cp->state + size); + + if (new_cl == NULL) { + luaL_error(L, "no memory"); + return; + } + + ngx_memcpy(b, new_cl->buf, sizeof(ngx_buf_t)); + + b->last = ngx_copy(b->last, cp->pattern.data, cp->state); + b->last = ngx_copy(b->last, u->buf_in->buf->pos, size); + + u->buf_in->next = ctx->free_recv_bufs; + ctx->free_recv_bufs = u->buf_in; + + u->bufs_in = new_cl; + u->buf_in = new_cl; + + /* reset dfa state for future matching */ + cp->state = 0; +} + + static ngx_int_t ngx_http_lua_socket_tcp_read(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u) @@ -3261,7 +3346,7 @@ ngx_http_lua_socket_tcp_settimeouts(lua_State *L) n = lua_gettop(L); if (n != 4) { - return luaL_error(L, "ngx.socket settimeout: expecting 4 arguments " + return luaL_error(L, "ngx.socket settimeouts: expecting 4 arguments " "(including the object) but seen %d", lua_gettop(L)); } @@ -4243,6 +4328,11 @@ ngx_http_lua_socket_tcp_finalize(ngx_http_request_t *r, ngx_http_lua_socket_tcp_finalize_read_part(r, u); ngx_http_lua_socket_tcp_finalize_write_part(r, u); + if (u->input_filter_ctx != NULL && u->input_filter_ctx != u) { + ((ngx_http_lua_socket_compiled_pattern_t *) + u->input_filter_ctx)->upstream = NULL; + } + if (u->raw_downstream || u->body_downstream) { u->peer.connection = NULL; return; @@ -4496,7 +4586,7 @@ ngx_http_lua_socket_receiveuntil_iterator(lua_State *L) n = lua_gettop(L); if (n > 1) { - return luaL_error(L, "expecting 0 or 1 arguments, " + return luaL_error(L, "expecting 0 or 1 argument, " "but seen %d", n); } @@ -4559,8 +4649,6 @@ ngx_http_lua_socket_receiveuntil_iterator(lua_State *L) (u_char *) lua_tolstring(L, lua_upvalueindex(2), &cp->pattern.len); - u->input_filter_ctx = cp; - ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); if (u->bufs_in == NULL) { @@ -4587,6 +4675,8 @@ ngx_http_lua_socket_receiveuntil_iterator(lua_State *L) u->read_waiting = 0; u->read_co_ctx = NULL; + ngx_http_lua_socket_tcp_read_prepare(r, u, cp, L); + rc = ngx_http_lua_socket_tcp_read(r, u); if (rc == NGX_ERROR) { @@ -4915,13 +5005,24 @@ ngx_http_lua_socket_cleanup_compiled_pattern(lua_State *L) { ngx_http_lua_socket_compiled_pattern_t *cp; - ngx_http_lua_dfa_edge_t *edge, *p; - unsigned i; + ngx_http_lua_socket_tcp_upstream_t *u; + ngx_http_lua_dfa_edge_t *edge, *p; + unsigned i; dd("cleanup compiled pattern"); cp = lua_touserdata(L, 1); - if (cp == NULL || cp->recovering == NULL) { + if (cp == NULL) { + return 0; + } + + u = cp->upstream; + if (u != NULL) { + ngx_http_lua_socket_tcp_read_prepare(u->request, u, NULL, L); + u->input_filter_ctx = NULL; + } + + if (cp->recovering == NULL) { return 0; } @@ -5004,6 +5105,12 @@ ngx_http_lua_req_socket(lua_State *L) } #endif +#if (NGX_HTTP_V3) + if (r->http_version == NGX_HTTP_VERSION_30) { + return luaL_error(L, "http v3 not supported yet"); + } +#endif + if (!raw && r->headers_in.chunked) { lua_pushnil(L); lua_pushliteral(L, "chunked request bodies not supported yet"); diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_ssl_client_helloby.c b/modules/ngx_http_lua_module/src/ngx_http_lua_ssl_client_helloby.c index a1dac61887..03ac430ef2 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_ssl_client_helloby.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_ssl_client_helloby.c @@ -390,7 +390,7 @@ ngx_http_lua_ssl_client_hello_aborted(void *data) { ngx_http_lua_ssl_ctx_t *cctx = data; - dd("lua ssl client hello done"); + dd("lua ssl client hello aborted"); if (cctx->done) { /* completed successfully already */ diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_subrequest.c b/modules/ngx_http_lua_module/src/ngx_http_lua_subrequest.c index 643385afe5..12b1184c66 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_subrequest.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_subrequest.c @@ -52,6 +52,8 @@ ngx_str_t ngx_http_lua_patch_method = ngx_str_t ngx_http_lua_trace_method = ngx_http_lua_method_name("TRACE"); +ngx_str_t host_header = ngx_string("host"); + static ngx_str_t ngx_http_lua_content_length_header_key = ngx_string("Content-Length"); @@ -1681,6 +1683,9 @@ ngx_http_lua_copy_request_headers(ngx_http_request_t *sr, clh->hash = ngx_http_lua_content_length_hash; clh->key = ngx_http_lua_content_length_header_key; +#if defined(nginx_version) && nginx_version >= 1023000 + clh->next = NULL; +#endif clh->lowcase_key = ngx_pnalloc(sr->pool, clh->key.len); if (clh->lowcase_key == NULL) { return NGX_ERROR; @@ -1710,6 +1715,17 @@ ngx_http_lua_copy_request_headers(ngx_http_request_t *sr, part = &pr->headers_in.headers.part; header = part->elts; +#if (NGX_HTTP_V3) + if (pr->headers_in.server.data != NULL) { + if (ngx_http_lua_set_input_header(sr, host_header, + pr->headers_in.server, 0) + == NGX_ERROR) + { + return NGX_ERROR; + } + } +#endif + for (i = 0; /* void */; i++) { if (i >= part->nelts) { diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_variable.c b/modules/ngx_http_lua_module/src/ngx_http_lua_variable.c index 573629ad21..2c6c6233bd 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_variable.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_variable.c @@ -70,6 +70,18 @@ ngx_http_lua_ffi_var_get(ngx_http_request_t *r, u_char *name_data, } #endif +#if (NGX_HTTP_V3) + if (name_len == 9 + && r->http_version == NGX_HTTP_VERSION_30 + && ngx_strncasecmp(name_data, (u_char *) "http_host", 9) == 0 + && r->headers_in.server.data != NULL) + { + *value = r->headers_in.server.data; + *value_len = r->headers_in.server.len; + return NGX_OK; + } +#endif + hash = ngx_hash_strlow(lowcase_buf, name_data, name_len); name.data = lowcase_buf; diff --git a/modules/ngx_http_lua_module/src/ngx_http_lua_worker_thread.c b/modules/ngx_http_lua_module/src/ngx_http_lua_worker_thread.c index ed7b089295..3820d6377c 100644 --- a/modules/ngx_http_lua_module/src/ngx_http_lua_worker_thread.c +++ b/modules/ngx_http_lua_module/src/ngx_http_lua_worker_thread.c @@ -42,7 +42,7 @@ typedef struct { ngx_http_lua_co_ctx_t *wait_co_ctx; int n_args; int rc; - int is_abort:1; + ngx_uint_t is_abort:1; } ngx_http_lua_worker_thread_ctx_t; @@ -157,15 +157,6 @@ ngx_http_lua_get_task_ctx(lua_State *L, ngx_http_request_t *r) ngx_http_lua_inject_shdict_api(lmcf, vm); lua_setglobal(vm, "ngx"); - /* inject API via ffi */ - lua_getglobal(vm, "require"); - lua_pushstring(vm, "resty.core.regex"); - if (lua_pcall(vm, 1, 0, 0) != 0) { - lua_close(vm); - ngx_free(ctx); - return NULL; - } - lua_getglobal(vm, "require"); lua_pushstring(vm, "resty.core.hash"); if (lua_pcall(vm, 1, 0, 0) != 0) { diff --git a/modules/ngx_http_lua_module/t/000--init.t b/modules/ngx_http_lua_module/t/000--init.t index 0dd08fe188..0016e14486 100644 --- a/modules/ngx_http_lua_module/t/000--init.t +++ b/modules/ngx_http_lua_module/t/000--init.t @@ -11,7 +11,7 @@ $ENV{TEST_NGINX_MYSQL_PORT} ||= 3306; our $http_config = <<'_EOC_'; # lua-resty-string is required for lua-resty-mysql - lua_package_path "../lua-resty-mysql/lib/?.lua;../lua-resty-string/lib/?.lua;;"; + lua_package_path "../lua-resty-rsa/lib/?.lua;../lua-resty-mysql/lib/?.lua;../lua-resty-string/lib/?.lua;;"; _EOC_ no_shuffle(); diff --git a/modules/ngx_http_lua_module/t/001-set.t b/modules/ngx_http_lua_module/t/001-set.t index db18f0258c..009159e484 100644 --- a/modules/ngx_http_lua_module/t/001-set.t +++ b/modules/ngx_http_lua_module/t/001-set.t @@ -389,8 +389,8 @@ GET /lua GET /lua --- response_body_like: 500 Internal Server Error --- error_code: 500 ---- error_log -API disabled in the context of set_by_lua* +--- error_log eval +qr/(?:API disabled in the context of set_by_lua\*|http3 requests are not supported without content-length header)/ms @@ -404,8 +404,16 @@ API disabled in the context of set_by_lua* GET /lua --- response_body_like: 500 Internal Server Error --- error_code: 500 ---- error_log -API disabled in the context of set_by_lua* +--- error_log eval +my $err_log; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $err_log = "http v3 not supported yet"; +} else { + $err_log = "API disabled in the context of set_by_lua*"; +} + +$err_log; diff --git a/modules/ngx_http_lua_module/t/005-exit.t b/modules/ngx_http_lua_module/t/005-exit.t index eb123bd179..0783c69295 100644 --- a/modules/ngx_http_lua_module/t/005-exit.t +++ b/modules/ngx_http_lua_module/t/005-exit.t @@ -65,7 +65,7 @@ GET /lua --- error_log attempt to set status 404 via ngx.exit after sending out the response status 200 --- no_error_log -alert +[alert] --- response_body hi @@ -123,6 +123,7 @@ GET /api?user=agentz === TEST 6: working with ngx_auth_request (simplest form, w/o ngx_memc) +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} --- http_config eval " lua_package_cpath '$::LuaCpath'; @@ -195,6 +196,7 @@ Logged in 56 === TEST 7: working with ngx_auth_request (simplest form) +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} --- http_config eval " lua_package_cpath '$::LuaCpath'; @@ -267,6 +269,7 @@ Logged in 56 === TEST 8: working with ngx_auth_request +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} --- http_config eval " lua_package_cpath '$::LuaCpath'; @@ -771,6 +774,8 @@ GET /t --- response_body --- no_error_log [error] +--- curl_error +curl: (95) HTTP/3 stream 0 reset by server @@ -787,6 +792,8 @@ GET /t --- response_body --- no_error_log [error] +--- curl_error +curl: (95) HTTP/3 stream 0 reset by server diff --git a/modules/ngx_http_lua_module/t/010-request_body.t b/modules/ngx_http_lua_module/t/010-request_body.t index e669d9480e..c47f9fc13d 100644 --- a/modules/ngx_http_lua_module/t/010-request_body.t +++ b/modules/ngx_http_lua_module/t/010-request_body.t @@ -270,3 +270,22 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} + + + +=== TEST 13: test reading the first n bytes of request body +--- config + location /echo_body { + lua_need_request_body on; + content_by_lua_block { + local data = ngx.req.get_body_data(1) + ngx.say(data) + } + } +--- request +POST /echo_body +hello +--- response_body +h +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/014-bugs.t b/modules/ngx_http_lua_module/t/014-bugs.t index 877aecfdb5..ff85ca3558 100644 --- a/modules/ngx_http_lua_module/t/014-bugs.t +++ b/modules/ngx_http_lua_module/t/014-bugs.t @@ -194,6 +194,14 @@ Hi" === TEST 8: github issue 37: header bug https://github.com/chaoslawful/lua-nginx-module/issues/37 + +https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2 + Just as in HTTP/1.x, header field names are strings of ASCII + characters that are compared in a case-insensitive fashion. However, + header field names MUST be converted to lowercase prior to their + encoding in HTTP/2. A request or response containing uppercase + header field names MUST be treated as malformed + --- config location /sub { content_by_lua ' @@ -220,8 +228,17 @@ https://github.com/chaoslawful/lua-nginx-module/issues/37 --- request GET /lua --- raw_response_headers_like eval -".*Set-Cookie: TestCookie1=foo\r +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = ".*set-cookie: TestCookie1=foo\r +set-cookie: TestCookie2=bar.*" +} else { + $headers = ".*Set-Cookie: TestCookie1=foo\r Set-Cookie: TestCookie2=bar.*" +} + +$headers; @@ -714,6 +731,7 @@ Content-Type: application/json; charset=utf-8 === TEST 32: hang on upstream_next (from kindy) +--- no_http2 --- no_check_leak --- http_config upstream xx { @@ -770,6 +788,10 @@ eof found in body stream === TEST 34: testing a segfault when using ngx_poll_module + ngx_resolver See more details here: http://mailman.nginx.org/pipermail/nginx-devel/2013-January/003275.html + +http3 may cache the dns result. +so need to skip for http3 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} --- config location /t { set $myserver nginx.org; @@ -786,6 +808,8 @@ See more details here: http://mailman.nginx.org/pipermail/nginx-devel/2013-Janua [alert] --- error_log eval qr/(?:send|recv)\(\) failed \(\d+: Connection refused\) while resolving/ +--- curl_error eval +qr/curl: \(28\) Operation timed out after \d+ milliseconds with 0 bytes received/ @@ -861,6 +885,7 @@ GET /t --- no_error_log [error] --- timeout: 10 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -1281,8 +1306,17 @@ location /t { --- response_body Hello world --- shutdown_error_log eval -qr|failed to read a line: closed| +my $expr; + +if ($ENV{TEST_NGINX_USE_HTTP3}) { + $expr = qr|lua close the global Lua VM| +} else { + $expr = qr|failed to read a line: closed| +} + +$expr; --- timeout: 1.2 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/015-status.t b/modules/ngx_http_lua_module/t/015-status.t index a69c59377b..aa816c08d6 100644 --- a/modules/ngx_http_lua_module/t/015-status.t +++ b/modules/ngx_http_lua_module/t/015-status.t @@ -233,6 +233,8 @@ GET /t --- error_code: 101 --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 diff --git a/modules/ngx_http_lua_module/t/016-resp-header.t b/modules/ngx_http_lua_module/t/016-resp-header.t index 65c5d75a8e..6cf699d88e 100644 --- a/modules/ngx_http_lua_module/t/016-resp-header.t +++ b/modules/ngx_http_lua_module/t/016-resp-header.t @@ -65,6 +65,7 @@ GET /read Content-Length: 3 --- response_body chop Hel +--- skip_eval: 3:defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2}) @@ -113,8 +114,16 @@ Hello } --- request GET /read ---- raw_response_headers_like chomp -X-Foo: a\r\n.*?X-Foo: bc\r\n +--- raw_response_headers_like eval +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = qr/x-foo: a\r\n.*?x-foo: bc\r\n/ +} else { + $headers = qr/X-Foo: a\r\n.*?X-Foo: bc\r\n/ +} + +$headers; --- response_body Hello @@ -184,8 +193,16 @@ Hello } --- request GET /read ---- raw_response_headers_like chomp -X-Foo: a\r\n.*?X-Foo: abc\r\n +--- raw_response_headers_like eval +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = "x-foo: a\r\n.*?x-foo: abc\r\n" +} else { + $headers = "X-Foo: a\r\n.*?X-Foo: abc\r\n" +} + +$headers; --- response_body Hello @@ -203,8 +220,17 @@ Hello --- request GET /lua --- raw_response_headers_like eval -".*Foo: a\r -Foo: b.*" +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = ".*foo: a\r +foo: b.*"; +} else { + $headers = ".*Foo: a\r +Foo: b.*"; +} + +$headers; --- response_body @@ -222,8 +248,17 @@ Foo: b.*" --- request GET /lua --- raw_response_headers_like eval -".*Foo: a\r -Foo: b.*" +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = ".*foo: a\r +foo: b.*"; +} else { + $headers = ".*Foo: a\r +Foo: b.*"; +} + +$headers; --- response_body @@ -278,7 +313,7 @@ hello --- error_log attempt to set ngx.header.HEADER after sending out response headers --- no_error_log eval -["alert", "warn"] +["[alert]", "[warn]"] @@ -1071,8 +1106,8 @@ GET /t --- more_headers Foo: bar Bah: baz ---- response_headers -Location: http://localhost:$ServerPort/t/ +--- response_headers_like +Location: https?://localhost:\d+/t/ --- response_body_like: 301 Moved Permanently --- error_code: 301 --- no_error_log @@ -1094,8 +1129,8 @@ GET /t Foo: bar Bah: baz --- response_body_like: 301 Moved Permanently ---- response_headers -Location: http://localhost:$ServerPort/t/ +--- response_headers_like +Location: https?://localhost:\d+/t/ --- error_code: 301 --- no_error_log [error] @@ -1115,8 +1150,8 @@ GET /t --- more_headers Foo: bar Bah: baz ---- response_headers -Location: http://localhost:$ServerPort/t/ +--- response_headers_like +Location: https?://localhost:\d+/t/ Foo: /t/ --- response_body_like: 301 Moved Permanently --- error_code: 301 @@ -1139,8 +1174,8 @@ GET /t --- more_headers Foo: bar Bah: baz ---- response_headers -Location: http://localhost:$ServerPort/t/ +--- response_headers_like +Location: https?://localhost:\d+/t/ Foo: /t/ --- response_body_like: 301 Moved Permanently --- error_code: 301 @@ -1159,8 +1194,16 @@ Foo: /t/ } --- request GET /lua ---- raw_response_headers_like chop -cache-Control: private +--- raw_response_headers_like eval +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = "cache-control: private" +} else { + $headers = "cache-Control: private" +} + +$headers; --- response_body Cache-Control: private @@ -1509,6 +1552,7 @@ hi --- error_log my Transfer-Encoding: chunked my transfer-encoding: chunked +--- skip_eval: 6:defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2}) @@ -2165,8 +2209,8 @@ upstream prematurely closed connection while sending to client Foo --- request GET /a.txt ---- raw_response_headers_like chomp -Age: \d\r\n +--- raw_response_headers_like eval +qr/^(a|A)ge: \d\r\n/ms --- no_error_log [error] @@ -2196,8 +2240,8 @@ Age: \d\r\n Foo --- request GET /test/a.txt ---- raw_response_headers_like chomp -Age: \d\r\n +--- raw_response_headers_like eval +qr/^(a|A)ge: \d\r\n/ms --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/020-subrequest.t b/modules/ngx_http_lua_module/t/020-subrequest.t index 844b64794f..d8aa34d7e8 100644 --- a/modules/ngx_http_lua_module/t/020-subrequest.t +++ b/modules/ngx_http_lua_module/t/020-subrequest.t @@ -1227,6 +1227,8 @@ F(ngx_http_finalize_request) { --- error_code --- no_error_log [error] +--- curl_error eval +qr{(\Qcurl: (52) Empty reply from server\E|\Qcurl: (95) HTTP/3 stream 0 reset by server\E)}ms @@ -2338,6 +2340,7 @@ hello world nil --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -2622,6 +2625,7 @@ pr: Host: localhost --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -2655,6 +2659,7 @@ pr: Host: localhost --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/022-redirect.t b/modules/ngx_http_lua_module/t/022-redirect.t index ef80174ca5..197c76e1d7 100644 --- a/modules/ngx_http_lua_module/t/022-redirect.t +++ b/modules/ngx_http_lua_module/t/022-redirect.t @@ -122,7 +122,16 @@ GET /read } --- request GET /read ---- raw_response_headers_like: Location: /echo\r\n +--- raw_response_headers_like eval +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = "location: /echo\r\n" +} else { + $headers = "Location: /echo\r\n" +} + +$headers; --- response_body_like: 302 Found --- error_code: 302 diff --git a/modules/ngx_http_lua_module/t/023-rewrite/client-abort.t b/modules/ngx_http_lua_module/t/023-rewrite/client-abort.t index 0d6f2b39b3..61ada3a1b0 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/client-abort.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/client-abort.t @@ -19,7 +19,13 @@ our $StapScript = $t::StapThread::StapScript; repeat_each(2); -plan tests => repeat_each() * (blocks() * 3 - 1); +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + plan(skip_all => "HTTP3 does not support client abort"); +} elsif (defined $ENV{TEST_NGINX_USE_HTTP2}) { + plan(skip_all => "HTTP2 does not support client abort"); +} else { + plan tests => repeat_each() * (blocks() * 3 - 1); +} $ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8'; $ENV{TEST_NGINX_MEMCACHED_PORT} ||= '11211'; diff --git a/modules/ngx_http_lua_module/t/023-rewrite/exit.t b/modules/ngx_http_lua_module/t/023-rewrite/exit.t index 39ea5cbd62..9add80441c 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/exit.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/exit.t @@ -187,6 +187,7 @@ ngx.var.uid = res[1].uid; GET /api?uid=32 --- response_body Logged in 56 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} @@ -258,6 +259,7 @@ ngx.var.uid = res[1].uid; GET /api?uid=32 --- response_body Logged in 56 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} @@ -342,6 +344,7 @@ GET /api?uid=32 Logged in 56 --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/023-rewrite/on-abort.t b/modules/ngx_http_lua_module/t/023-rewrite/on-abort.t index 59c5df1167..0535732a0b 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/on-abort.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/on-abort.t @@ -19,7 +19,13 @@ our $StapScript = $t::StapThread::StapScript; repeat_each(2); -plan tests => repeat_each() * (blocks() * 4 + 15); +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + plan(skip_all => "HTTP3 does not support on_abort"); +} elsif (defined $ENV{TEST_NGINX_USE_HTTP2}) { + plan(skip_all => "HTTP2 does not support on_abort"); +} else { + plan tests => repeat_each() * (blocks() * 4 + 15); +} $ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8'; $ENV{TEST_NGINX_MEMCACHED_PORT} ||= '11211'; diff --git a/modules/ngx_http_lua_module/t/023-rewrite/redirect.t b/modules/ngx_http_lua_module/t/023-rewrite/redirect.t index 8fa9aa2e79..2b3dccb0c0 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/redirect.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/redirect.t @@ -119,7 +119,16 @@ GET /read } --- request GET /read ---- raw_response_headers_like: Location: /foo\r\n +--- raw_response_headers_like eval +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = "location: /foo\r\n" +} else { + $headers = "Location: /foo\r\n" +} + +$headers; --- response_body_like: 302 Found --- error_code: 302 diff --git a/modules/ngx_http_lua_module/t/023-rewrite/req-body.t b/modules/ngx_http_lua_module/t/023-rewrite/req-body.t index 13bdcb2511..0c1857384e 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/req-body.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/req-body.t @@ -125,6 +125,7 @@ Expect: 100-Continue [alert] [error] http finalize request: 500, "/test?" a:1, c:0 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/023-rewrite/req-socket.t b/modules/ngx_http_lua_module/t/023-rewrite/req-socket.t index 9292385265..f4dd6f4e18 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/req-socket.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/req-socket.t @@ -1,6 +1,14 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.socket"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); repeat_each(2); diff --git a/modules/ngx_http_lua_module/t/023-rewrite/request_body.t b/modules/ngx_http_lua_module/t/023-rewrite/request_body.t index b867d3a82c..32c02e151f 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/request_body.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/request_body.t @@ -170,3 +170,26 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} + + + +=== TEST 9: test HTTP2 reading request body was disabled +--- config + location /echo_body { + lua_need_request_body on; + rewrite_by_lua_block { + ngx.print(ngx.var.request_body or "nil") + } + content_by_lua 'ngx.exit(ngx.OK)'; + } +--- http2 +--- request eval +"POST /echo_body +hello\x00\x01\x02 +world\x03\x04\xff" +--- more_headers +Content-Length: +--- response_body eval +"nil" +--- no_error_log diff --git a/modules/ngx_http_lua_module/t/023-rewrite/sleep.t b/modules/ngx_http_lua_module/t/023-rewrite/sleep.t index 8d4c2da2ea..0135d5e440 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/sleep.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/sleep.t @@ -110,6 +110,7 @@ bad argument #1 to 'sleep' === TEST 5: sleep 0.5 - multi-times +--- quic_max_idle_timeout: 1.0 --- config location /test { rewrite_by_lua ' @@ -135,6 +136,7 @@ lua sleep timer expired: "/test?" === TEST 6: sleep 0.5 - interleaved by ngx.say() - ended by ngx.sleep +--- quic_max_idle_timeout: 2.05 --- config location /test { rewrite_by_lua ' @@ -163,6 +165,7 @@ lua sleep timer expired: "/test?" === TEST 7: sleep 0.5 - interleaved by ngx.say() - not ended by ngx.sleep +--- quic_max_idle_timeout: 0.85 --- config location /test { rewrite_by_lua ' diff --git a/modules/ngx_http_lua_module/t/023-rewrite/socket-keepalive.t b/modules/ngx_http_lua_module/t/023-rewrite/socket-keepalive.t index c943e44616..9ce8d5e290 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/socket-keepalive.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/socket-keepalive.t @@ -176,6 +176,7 @@ received: OK === TEST 3: upstream sockets close prematurely +--- no_http3 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -253,6 +254,7 @@ done === TEST 4: http keepalive +--- no_http3 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -330,6 +332,7 @@ done === TEST 5: lua_socket_keepalive_timeout +--- quic_max_idle_timeout: 1.1 --- config server_tokens off; location /t { @@ -409,6 +412,7 @@ qr/lua tcp socket connection pool size: 30\b/] === TEST 6: lua_socket_pool_size +--- quic_max_idle_timeout: 1.1 --- config server_tokens off; location /t { @@ -489,6 +493,7 @@ qr/lua tcp socket connection pool size: 1\b/] === TEST 7: "lua_socket_keepalive_timeout 0" means unlimited +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -571,6 +576,7 @@ lua tcp socket keepalive timeout: unlimited === TEST 8: setkeepalive(timeout) overrides lua_socket_keepalive_timeout +--- quic_max_idle_timeout: 1.1 --- config server_tokens off; location /t { @@ -650,6 +656,7 @@ qr/lua tcp socket connection pool size: 30\b/] === TEST 9: sock:setkeepalive(timeout, size) overrides lua_socket_pool_size +--- quic_max_idle_timeout: 1.1 --- config server_tokens off; location /t { @@ -730,6 +737,7 @@ qr/lua tcp socket connection pool size: 25\b/] === TEST 10: sock:keepalive_timeout(0) means unlimited +--- quic_max_idle_timeout: 1.1 --- config server_tokens off; location /t { diff --git a/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket-timeout.t b/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket-timeout.t index e713bb5755..9be8081321 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket-timeout.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket-timeout.t @@ -16,6 +16,7 @@ BEGIN { $ENV{MOCKEAGAIN} = 'w'; } + delete($ENV{TEST_NGINX_USE_HTTP2}); $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; $ENV{MOCKEAGAIN_WRITE_TIMEOUT_PATTERN} = 'get helloworld'; } diff --git a/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket.t b/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket.t index 5258487eba..966365f906 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/tcp-socket.t @@ -86,6 +86,7 @@ failed to receive a line: closed [] close: 1 nil --- no_error_log [error] +--- no_http2 @@ -155,6 +156,7 @@ failed to receive a line: closed [foo] closed --- no_error_log [error] +--- no_http2 @@ -197,6 +199,7 @@ connected: nil failed to send request: closed --- error_log attempt to send data on a closed socket: +--- no_http2 @@ -521,6 +524,7 @@ failed to receive a line: closed close: 1 nil --- no_error_log [error] +--- no_http2 @@ -591,6 +595,7 @@ close: 1 nil " --- no_error_log [error] +--- no_http2 @@ -672,6 +677,7 @@ close: 1 nil " --- no_error_log [error] +--- no_http2 @@ -749,6 +755,7 @@ close: 1 nil " --- no_error_log [error] +--- no_http2 @@ -827,6 +834,7 @@ close: 1 nil " --- no_error_log [error] +--- no_http2 @@ -898,6 +906,7 @@ failed to receive a line: closed [] close: 1 nil --- no_error_log [error] +--- no_http2 @@ -967,6 +976,7 @@ failed to receive a line: closed [] close: 1 nil --- no_error_log [error] +--- no_http2 @@ -1077,6 +1087,7 @@ close: 1 nil " --- no_error_log [error] +--- no_http2 @@ -1521,6 +1532,7 @@ GET /t 2: close: 1 nil --- no_error_log [error] +--- no_http2 @@ -1593,6 +1605,7 @@ failed to receive a line: closed [] close: 1 nil --- no_error_log [error] +--- no_http2 @@ -1654,6 +1667,9 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type nil found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# +--- no_http2 @@ -1715,6 +1731,9 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type boolean found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# +--- no_http2 @@ -1776,6 +1795,9 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type userdata found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# +--- no_http2 @@ -1845,6 +1867,7 @@ subrequest: 200, OK\r " --- no_error_log [error] +--- no_http2 @@ -1916,6 +1939,7 @@ close: 1 nil --- no_error_log [error] --- SKIP +--- no_http2 @@ -1976,6 +2000,7 @@ receive(0): [] close: 1 nil --- no_error_log [error] +--- no_http2 @@ -2036,6 +2061,7 @@ send(""): 0 close: 1 nil --- no_error_log [error] +--- no_http2 @@ -2092,6 +2118,7 @@ qr/runtime error: rewrite_by_lua\(nginx\.conf:\d+\):7: bad request/ --- no_error_log [alert] +--- no_http2 @@ -2151,6 +2178,7 @@ qr/runtime error: rewrite_by_lua\(nginx\.conf:\d+\):14: bad request/ --- no_error_log [alert] +--- no_http2 diff --git a/modules/ngx_http_lua_module/t/023-rewrite/uthread-exit.t b/modules/ngx_http_lua_module/t/023-rewrite/uthread-exit.t index e25f7f8b0c..87f850ce8b 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/uthread-exit.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/uthread-exit.t @@ -987,6 +987,7 @@ hello in thread after --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} @@ -1072,6 +1073,7 @@ hello in thread after --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/023-rewrite/uthread-spawn.t b/modules/ngx_http_lua_module/t/023-rewrite/uthread-spawn.t index dccef87dac..62d837cff7 100644 --- a/modules/ngx_http_lua_module/t/023-rewrite/uthread-spawn.t +++ b/modules/ngx_http_lua_module/t/023-rewrite/uthread-spawn.t @@ -1120,6 +1120,7 @@ body: hello world)$ --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/024-access/client-abort.t b/modules/ngx_http_lua_module/t/024-access/client-abort.t index 83bf0a4df1..e4abb4ebd9 100644 --- a/modules/ngx_http_lua_module/t/024-access/client-abort.t +++ b/modules/ngx_http_lua_module/t/024-access/client-abort.t @@ -1,6 +1,16 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.socket and lua_check_client_abort"; + } elsif ($ENV{TEST_NGINX_USE_HTTP2}) { + $SkipReason = "http2 does not support ngx.req.socket and lua_check_client_abort"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); use t::StapThread; our $GCScript = <<_EOC_; diff --git a/modules/ngx_http_lua_module/t/024-access/exit.t b/modules/ngx_http_lua_module/t/024-access/exit.t index d6d66b8cfe..b77778213a 100644 --- a/modules/ngx_http_lua_module/t/024-access/exit.t +++ b/modules/ngx_http_lua_module/t/024-access/exit.t @@ -177,6 +177,7 @@ GET /api?uid=32 --- response_body Logged in 56 --- timeout: 3 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} @@ -243,6 +244,7 @@ ngx.var.uid = res[1].uid; GET /api?uid=32 --- response_body Logged in 56 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} @@ -320,6 +322,7 @@ ngx.var.uid = res[1].uid; GET /api?uid=32 --- response_body Logged in 56 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/024-access/on-abort.t b/modules/ngx_http_lua_module/t/024-access/on-abort.t index b9532aea3f..70637ba862 100644 --- a/modules/ngx_http_lua_module/t/024-access/on-abort.t +++ b/modules/ngx_http_lua_module/t/024-access/on-abort.t @@ -19,7 +19,13 @@ our $StapScript = $t::StapThread::StapScript; repeat_each(2); -plan tests => repeat_each() * (blocks() * 4 + 15); +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + plan(skip_all => "HTTP3 does not support on_abort"); +} elsif (defined $ENV{TEST_NGINX_USE_HTTP2}) { + plan(skip_all => "HTTP2 does not support on_abort"); +} else { + plan tests => repeat_each() * (blocks() * 4 + 15); +} $ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8'; $ENV{TEST_NGINX_MEMCACHED_PORT} ||= '11211'; diff --git a/modules/ngx_http_lua_module/t/024-access/redirect.t b/modules/ngx_http_lua_module/t/024-access/redirect.t index b45fac718b..e8609af060 100644 --- a/modules/ngx_http_lua_module/t/024-access/redirect.t +++ b/modules/ngx_http_lua_module/t/024-access/redirect.t @@ -119,6 +119,15 @@ GET /read } --- request GET /read ---- raw_response_headers_like: Location: /foo\r\n +--- raw_response_headers_like eval +my $headers; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + $headers = "location: /foo\r\n" +} else { + $headers = "Location: /foo\r\n" +} + +$headers; --- response_body_like: 302 Found --- error_code: 302 diff --git a/modules/ngx_http_lua_module/t/024-access/req-body.t b/modules/ngx_http_lua_module/t/024-access/req-body.t index 70db85c1c2..48caeb9001 100644 --- a/modules/ngx_http_lua_module/t/024-access/req-body.t +++ b/modules/ngx_http_lua_module/t/024-access/req-body.t @@ -122,6 +122,7 @@ Expect: 100-Continue [alert] [error] http finalize request: 500, "/test?" a:1, c:0 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/024-access/request_body.t b/modules/ngx_http_lua_module/t/024-access/request_body.t index fa03195272..0aa12c8b55 100644 --- a/modules/ngx_http_lua_module/t/024-access/request_body.t +++ b/modules/ngx_http_lua_module/t/024-access/request_body.t @@ -170,3 +170,26 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} + + + +=== TEST 9: test HTTP2 reading request body was disabled +--- config + location /echo_body { + lua_need_request_body on; + access_by_lua_block { + ngx.print(ngx.var.request_body or "nil") + } + content_by_lua 'ngx.exit(ngx.OK)'; + } +--- http2 +--- request eval +"POST /echo_body +hello\x00\x01\x02 +world\x03\x04\xff" +--- more_headers +Content-Length: +--- response_body eval +"nil" +--- no_error_log diff --git a/modules/ngx_http_lua_module/t/024-access/sleep.t b/modules/ngx_http_lua_module/t/024-access/sleep.t index fc1fc024b5..c7aa0b65a4 100644 --- a/modules/ngx_http_lua_module/t/024-access/sleep.t +++ b/modules/ngx_http_lua_module/t/024-access/sleep.t @@ -110,6 +110,7 @@ bad argument #1 to 'sleep' === TEST 5: sleep 0.5 - multi-times +--- quic_max_idle_timeout: 1.0 --- config location /test { access_by_lua ' @@ -135,6 +136,7 @@ lua sleep timer expired: "/test?" === TEST 6: sleep 0.5 - interleaved by ngx.say() - ended by ngx.sleep +--- quic_max_idle_timeout: 2.2 --- config location /test { access_by_lua ' @@ -163,6 +165,7 @@ lua sleep timer expired: "/test?" === TEST 7: sleep 0.5 - interleaved by ngx.say() - not ended by ngx.sleep +--- quic_max_idle_timeout: 0.85 --- config location /test { access_by_lua ' diff --git a/modules/ngx_http_lua_module/t/024-access/uthread-exit.t b/modules/ngx_http_lua_module/t/024-access/uthread-exit.t index 27572370d5..bd165ae708 100644 --- a/modules/ngx_http_lua_module/t/024-access/uthread-exit.t +++ b/modules/ngx_http_lua_module/t/024-access/uthread-exit.t @@ -880,6 +880,7 @@ after === TEST 11: exit in user thread (entry thread is still pending on reqsock:receive) +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} --- config location /lua { access_by_lua ' @@ -973,6 +974,7 @@ after === TEST 12: exit in user thread (entry thread is still pending on ngx.req.read_body) +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} --- config location /lua { client_body_timeout 12000ms; diff --git a/modules/ngx_http_lua_module/t/024-access/uthread-spawn.t b/modules/ngx_http_lua_module/t/024-access/uthread-spawn.t index bc92ccd32c..b31edbcb1e 100644 --- a/modules/ngx_http_lua_module/t/024-access/uthread-spawn.t +++ b/modules/ngx_http_lua_module/t/024-access/uthread-spawn.t @@ -1120,3 +1120,4 @@ body: hello world)$ --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/025-codecache.t b/modules/ngx_http_lua_module/t/025-codecache.t index ebe4f61b7b..cd56cf57aa 100644 --- a/modules/ngx_http_lua_module/t/025-codecache.t +++ b/modules/ngx_http_lua_module/t/025-codecache.t @@ -966,6 +966,7 @@ qr/\[alert\] \S+ lua_code_cache is off; this will hurt performance/, === TEST 27: GC issue with the on_abort thread object +curl: (52) Empty reply from server --- config lua_code_cache off; location = /t { @@ -991,6 +992,8 @@ decrementing the reference count for Lua VM: 3 qr/\[alert\] \S+ lua_code_cache is off; this will hurt performance/, "lua close the global Lua VM", ] +--- curl_error eval +qr/curl: \(\d+\) Empty reply from server|curl: \(28\) Operation timed out after \d+ milliseconds with 0 bytes received/ @@ -1720,6 +1723,7 @@ grep me: b } --- config lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location = /proxy { proxy_pass http://backend; @@ -1877,3 +1881,4 @@ qr/log_by_lua\(nginx.conf:\d+\):\d+: hello/, --- log_level: debug --- no_error_log [error] +--- skip_eval: 14:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/026-mysql.t b/modules/ngx_http_lua_module/t/026-mysql.t index 569f96fbc9..02e14b9382 100644 --- a/modules/ngx_http_lua_module/t/026-mysql.t +++ b/modules/ngx_http_lua_module/t/026-mysql.t @@ -69,6 +69,7 @@ kill status = 200 kill body = \{"errcode":0\}$ --- error_log eval qr{upstream timed out \(\d+: Connection timed out\) while sending query to drizzle upstream} +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/028-req-header.t b/modules/ngx_http_lua_module/t/028-req-header.t index 8c8ff83fd8..21da3fc1ad 100644 --- a/modules/ngx_http_lua_module/t/028-req-header.t +++ b/modules/ngx_http_lua_module/t/028-req-header.t @@ -59,8 +59,13 @@ lua exceeding request header limit for k, v in pairs(headers) do h[k] = v end - ngx.say("Foo: ", h["Foo"] or "nil") - ngx.say("Bar: ", h["Bar"] or "nil") + if (ngx.req.http_version() == 3 or ngx.req.http_version() == 2) then + ngx.say("Foo: ", h["foo"] or "nil") + ngx.say("Bar: ", h["bar"] or "nil") + else + ngx.say("Foo: ", h["Foo"] or "nil") + ngx.say("Bar: ", h["Bar"] or "nil") + end '; } --- request @@ -127,6 +132,8 @@ Foo: --- response_body eval "a" x 2048 --- timeout: 15 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -145,6 +152,8 @@ Foo: --- response_body eval "a" x 2048 --- timeout: 15 +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -273,8 +282,13 @@ Content-Type: } --- request GET /bar ---- response_body -Foo: a +--- response_body eval +# Since nginx version 1.23.0, nginx combines same $http_* variable together +$Test::Nginx::Util::NginxVersion >= 1.023000 ? + +"Foo: a, b\n" +: +"Foo: a\n" @@ -480,6 +494,8 @@ for my $k (@k) { --- timeout: 4 --- error_log lua exceeding request header limit 101 > 100 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -518,20 +534,30 @@ while ($i <= 98) { $s --- response_body eval my @k; + +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "host: localhost\n"; +} my $i = 1; while ($i <= 98) { push @k, "x-$i"; $i++; } -push @k, "connection: close\n"; -push @k, "host: localhost\n"; + +my $found_headers = "found 99 headers\n"; +if (!defined($ENV{TEST_NGINX_USE_HTTP3}) && !defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "connection: close\n"; + push @k, "host: localhost\n"; + $found_headers = "found 100 headers\n"; +} @k = sort @k; for my $k (@k) { if ($k =~ /\d+/) { $k .= ": $&\n"; } } -CORE::join("", @k) . "found 100 headers\n"; + +CORE::join("", @k) . $found_headers; --- timeout: 4 --- no_error_log [error] @@ -571,6 +597,9 @@ while ($i <= 101) { $s --- response_body eval my @k; +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + push @k, "host: localhost\n"; +} my $i = 1; while ($i <= 100) { push @k, "x-$i"; @@ -588,6 +617,8 @@ for my $k (@k) { --- timeout: 4 --- error_log lua exceeding request header limit 103 > 102 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -623,13 +654,20 @@ while ($i <= 100) { $s --- response_body eval my @k; +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "host: localhost\n"; +} my $i = 1; while ($i <= 100) { push @k, "x-$i"; $i++; } -push @k, "connection: close\n"; -push @k, "host: localhost\n"; + +if (!defined($ENV{TEST_NGINX_USE_HTTP3}) && !defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "connection: close\n"; + push @k, "host: localhost\n"; +} + @k = sort @k; for my $k (@k) { if ($k =~ /\d+/) { @@ -676,13 +714,18 @@ while ($i <= 105) { $s --- response_body eval my @k; +if (defined($ENV{TEST_NGINX_USE_HTTP3}) || defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "host: localhost\n"; +} my $i = 1; while ($i <= 105) { push @k, "x-$i"; $i++; } -push @k, "connection: close\n"; -push @k, "host: localhost\n"; +if (!defined($ENV{TEST_NGINX_USE_HTTP3}) && !defined($ENV{TEST_NGINX_USE_HTTP2})) { + push @k, "connection: close\n"; + push @k, "host: localhost\n"; +} @k = sort @k; for my $k (@k) { if ($k =~ /\d+/) { @@ -825,10 +868,21 @@ hello world Content-Type: application/ocsp-request Test-Header: 1 --- response_body_like eval -qr/Connection: close\r +my $body; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $body = qr/Connection: close\r +test-header: 1\r +\r +$/; +} else { + $body = qr/Connection: close\r Test-Header: 1\r \r -$/ +$/; +} + +$body; --- no_error_log [error] @@ -876,7 +930,36 @@ Foo20: foo20 Foo21: foo21 Foo22: foo22 --- response_body_like eval -qr/Bah: bah\r +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = qr/bah: bah\r +test-header: 1\r +foo1: foo1\r +foo2: foo2\r +foo3: foo3\r +foo4: foo4\r +foo5: foo5\r +foo6: foo6\r +foo7: foo7\r +foo8: foo8\r +foo9: foo9\r +foo10: foo10\r +foo11: foo11\r +foo12: foo12\r +foo13: foo13\r +foo14: foo14\r +foo15: foo15\r +foo16: foo16\r +foo17: foo17\r +foo18: foo18\r +foo19: foo19\r +foo20: foo20\r +foo21: foo21\r +foo22: foo22\r +/; +} else { + $headers = qr/Bah: bah\r Test-Header: 1\r Foo1: foo1\r Foo2: foo2\r @@ -900,7 +983,10 @@ Foo19: foo19\r Foo20: foo20\r Foo21: foo21\r Foo22: foo22\r -/ +/; +} + +$headers; @@ -931,11 +1017,21 @@ GET /t --- more_headers My-Foo: bar Bar: baz ---- response_body -Bar: baz +--- response_body eval +my $body; +if ($ENV{TEST_NGINX_USE_HTTP3} || $ENV{TEST_NGINX_USE_HTTP2}) { + $body = "bar: baz +host: localhost +my-foo: bar +"; +} else { + $body = "Bar: baz Connection: close Host: localhost My-Foo: bar +"; +} +$body; @@ -1005,29 +1101,23 @@ for my $i ('a' .. 'r') { } $s --- response_body eval -"GET /back HTTP/1.0\r +my $s = "GET /back HTTP/1.0\r Host: foo\r -Connection: close\r -User-Agent: curl\r -A: a\r -B: b\r -C: c\r -D: d\r -E: e\r -F: f\r -G: g\r -H: h\r -I: i\r -J: j\r -K: k\r -L: l\r -M: m\r -N: n\r -O: o\r -P: p\r -Q: q\r -\r -" +Connection: close\r\n"; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $s .= "user-agent: curl\r\n"; + for my $i ('a' .. 'q') { + $s .= $i . ": " . "$i\r\n" + } +} else { + $s .= "User-Agent: curl\r\n"; + for my $i ('a' .. 'q') { + $s .= uc($i) . ": " . "$i\r\n" + } +} + +$s . "\r\n"; @@ -1058,7 +1148,55 @@ for my $i ('a' .. 'r') { } $s --- response_body eval -"GET /back HTTP/1.0\r +my $body; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $body = "GET /back HTTP/1.0\r +Host: foo\r +Connection: close\r +user-agent: curl\r +a: a\r +b: b\r +c: c\r +d: d\r +e: e\r +f: f\r +g: g\r +h: h\r +i: i\r +j: j\r +k: k\r +l: l\r +m: m\r +n: n\r +o: o\r +p: p\r +q: q\r +foo-1: 1\r +foo-2: 2\r +foo-3: 3\r +foo-4: 4\r +foo-5: 5\r +foo-6: 6\r +foo-7: 7\r +foo-8: 8\r +foo-9: 9\r +foo-10: 10\r +foo-11: 11\r +foo-12: 12\r +foo-13: 13\r +foo-14: 14\r +foo-15: 15\r +foo-16: 16\r +foo-17: 17\r +foo-18: 18\r +foo-19: 19\r +foo-20: 20\r +foo-21: 21\r +\r +"; +} else { + $body = "GET /back HTTP/1.0\r Host: foo\r Connection: close\r User-Agent: curl\r @@ -1101,7 +1239,10 @@ foo-19: 19\r foo-20: 20\r foo-21: 21\r \r -" +"; +} + +$body; @@ -1130,7 +1271,34 @@ for my $i ('a' .. 'r') { } $s --- response_body eval -"GET /back HTTP/1.0\r +my $body; + +if ($ENV{TEST_NGINX_USE_HTTP3}) { + $body = "GET /back HTTP/1.0\r +Host: foo\r +Connection: close\r +user-agent: curl\r +bah: bah\r +a: a\r +b: b\r +c: c\r +d: d\r +e: e\r +f: f\r +g: g\r +h: h\r +i: i\r +j: j\r +k: k\r +l: l\r +m: m\r +n: n\r +o: o\r +p: p\r +\r +" +} else { +$body = "GET /back HTTP/1.0\r Host: foo\r Connection: close\r User-Agent: curl\r @@ -1153,6 +1321,9 @@ O: o\r P: p\r \r " +} + +$body; @@ -1184,7 +1355,55 @@ for my $i ('a' .. 'r') { } $s --- response_body eval -"GET /back HTTP/1.0\r +my $body; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $body = "GET /back HTTP/1.0\r +Host: foo\r +Connection: close\r +user-agent: curl\r +bah: bah\r +a: a\r +b: b\r +c: c\r +d: d\r +e: e\r +f: f\r +g: g\r +h: h\r +i: i\r +j: j\r +k: k\r +l: l\r +m: m\r +n: n\r +o: o\r +p: p\r +foo-1: 1\r +foo-2: 2\r +foo-3: 3\r +foo-4: 4\r +foo-5: 5\r +foo-6: 6\r +foo-7: 7\r +foo-8: 8\r +foo-9: 9\r +foo-10: 10\r +foo-11: 11\r +foo-12: 12\r +foo-13: 13\r +foo-14: 14\r +foo-15: 15\r +foo-16: 16\r +foo-17: 17\r +foo-18: 18\r +foo-19: 19\r +foo-20: 20\r +foo-21: 21\r +\r +"; +} else { + $body = "GET /back HTTP/1.0\r Host: foo\r Connection: close\r User-Agent: curl\r @@ -1228,6 +1447,9 @@ foo-20: 20\r foo-21: 21\r \r " +} + +$body; @@ -1259,11 +1481,23 @@ GET /t --- more_headers My-Foo: bar Bar: baz ---- response_body -Bar: baz +--- response_body eval +my $body; + +if (defined($ENV{TEST_NGINX_USE_HTTP3})|| defined($ENV{TEST_NGINX_USE_HTTP2})) { + $body="bar: baz +host: localhost +my-foo: bar +"; +} else { + $body="Bar: baz Connection: close Host: localhost My-Foo: bar +"; +} + +$body; --- no_error_log [error] @@ -1898,6 +2132,8 @@ found 3 headers. lua exceeding request header limit 4 > 3 --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -1934,6 +2170,8 @@ found 3 headers. --- no_error_log lua exceeding request header limit [error] +--- skip_eval: 4: $ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -1972,6 +2210,8 @@ found 3 headers. lua exceeding request header limit 4 > 3 --- no_error_log [error] +--- skip_eval: 4: $ENV{TEST_NGINX_USE_HTTP3} +--- no_http2 @@ -2002,12 +2242,22 @@ while ($i <= 1) { $i++; } $s ---- response_body -found 3 headers. +--- response_body eval +my $body; +if (!defined $ENV{TEST_NGINX_USE_HTTP2}) { + $body = "found 3 headers. +"; +} else { + $body = "found 2 headers. +"; +} + +$body; --- timeout: 4 --- no_error_log lua exceeding request header limit [error] +--- skip_eval: 4: $ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/031-post-args.t b/modules/ngx_http_lua_module/t/031-post-args.t index 4659f059fc..78805d3723 100644 --- a/modules/ngx_http_lua_module/t/031-post-args.t +++ b/modules/ngx_http_lua_module/t/031-post-args.t @@ -108,6 +108,7 @@ a=3&b=4&c --- request POST /lua --- response_body +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/033-ctx.t b/modules/ngx_http_lua_module/t/033-ctx.t index 8fc50aa7a0..782a0fab6e 100644 --- a/modules/ngx_http_lua_module/t/033-ctx.t +++ b/modules/ngx_http_lua_module/t/033-ctx.t @@ -278,6 +278,8 @@ GET /t [error] --- error_log ngx.ctx = 32 +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ diff --git a/modules/ngx_http_lua_module/t/034-match.t b/modules/ngx_http_lua_module/t/034-match.t index 1bf45bce1a..fd4d9439e2 100644 --- a/modules/ngx_http_lua_module/t/034-match.t +++ b/modules/ngx_http_lua_module/t/034-match.t @@ -361,8 +361,11 @@ he } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -648,8 +651,12 @@ regex: (?:>[\w\s]*) } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "([0-9]+" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile\(\) failed: missing closing parenthesis in \"\([0-9]+\"\n" +: +"error: pcre_compile\(\) failed: missing \) in \"\([0-9]+\"\n" + --- no_error_log [error] @@ -939,8 +946,11 @@ nil } --- request GET /t ---- response_body_like chop -^error: pcre_exec\(\) failed: -10$ +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre_exec\(\) failed: -4\n" +: +"error: pcre_exec\(\) failed: -10\n" --- no_error_log [error] @@ -1050,8 +1060,14 @@ end --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +"failed to match\n" +: +"error: pcre_exec() failed: -8\n" diff --git a/modules/ngx_http_lua_module/t/035-gmatch.t b/modules/ngx_http_lua_module/t/035-gmatch.t index 0dfeaeaf39..0a4efd2b25 100644 --- a/modules/ngx_http_lua_module/t/035-gmatch.t +++ b/modules/ngx_http_lua_module/t/035-gmatch.t @@ -698,8 +698,11 @@ not matched! } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -735,8 +738,11 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /t ---- response_body_like chop -error: pcre_exec\(\) failed: -10 +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre_exec\(\) failed: -4\n" +: +"error: pcre_exec\(\) failed: -10\n" --- no_error_log [error] @@ -854,8 +860,14 @@ end --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +"failed to match\n" +: +"error: pcre_exec() failed: -8\n" diff --git a/modules/ngx_http_lua_module/t/036-sub.t b/modules/ngx_http_lua_module/t/036-sub.t index 3e88eba5a0..0657ebb2ca 100644 --- a/modules/ngx_http_lua_module/t/036-sub.t +++ b/modules/ngx_http_lua_module/t/036-sub.t @@ -480,8 +480,11 @@ a [b c] [b] [c] [] [] d } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -506,8 +509,11 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /t ---- response_body_like chop -error: pcre_exec\(\) failed: -10 +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre_exec\(\) failed: -4\n" +: +"error: pcre_exec\(\) failed: -10\n" --- no_error_log [error] @@ -610,8 +616,14 @@ ngx.say("sub: ", cnt) --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +"sub: 0\n" +: +"error: pcre_exec() failed: -8\n" diff --git a/modules/ngx_http_lua_module/t/037-gsub.t b/modules/ngx_http_lua_module/t/037-gsub.t index 41f86ac013..a6fe579bd4 100644 --- a/modules/ngx_http_lua_module/t/037-gsub.t +++ b/modules/ngx_http_lua_module/t/037-gsub.t @@ -423,8 +423,11 @@ n: 1 } --- request GET /t ---- response_body_like chop -error: pcre_exec\(\) failed: -10 +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre_exec\(\) failed: -4\n" +: +"error: pcre_exec\(\) failed: -10\n" --- no_error_log [error] @@ -531,8 +534,14 @@ ngx.say("gsub: ", cnt) --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +"gsub: 0\n" +: +"error: pcre_exec() failed: -8\n" diff --git a/modules/ngx_http_lua_module/t/038-match-o.t b/modules/ngx_http_lua_module/t/038-match-o.t index f6ae0103fe..cc80244e82 100644 --- a/modules/ngx_http_lua_module/t/038-match-o.t +++ b/modules/ngx_http_lua_module/t/038-match-o.t @@ -336,8 +336,11 @@ he } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/041-header-filter.t b/modules/ngx_http_lua_module/t/041-header-filter.t index be390b3259..23fdac02cd 100644 --- a/modules/ngx_http_lua_module/t/041-header-filter.t +++ b/modules/ngx_http_lua_module/t/041-header-filter.t @@ -124,6 +124,8 @@ Hi GET /read --- error_code --- response_body +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -465,6 +467,8 @@ GET /lua failed to run header_filter_by_lua*: header_filter_by_lua(nginx.conf:47):2: Something bad --- no_error_log [alert] +--- curl_error eval +qr/curl: \(56\) Failure when receiving data from the peer|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -487,6 +491,8 @@ GET /lua failed to run header_filter_by_lua*: unknown reason --- no_error_log [alert] +--- curl_error eval +qr/curl: \(56\) Failure when receiving data from the peer|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -501,6 +507,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -515,6 +523,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -529,6 +539,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -543,6 +555,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -557,6 +571,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -575,6 +591,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -593,6 +611,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -607,6 +627,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -621,6 +643,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -635,6 +659,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -665,8 +691,10 @@ uri: /blah --- request GET /lua --- ignore_response ---- error_log -API disabled in the context of header_filter_by_lua* +--- error_log eval +qr/API disabled in the context of header_filter_by_lua\*|http3 requests are not supported without content-length header/ms +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -679,8 +707,18 @@ API disabled in the context of header_filter_by_lua* --- request GET /lua --- ignore_response ---- error_log -API disabled in the context of header_filter_by_lua* +--- error_log eval +my $err_log; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $err_log = "http v3 not supported yet"; +} else { + $err_log = "API disabled in the context of header_filter_by_lua*"; +} + +$err_log; +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -695,6 +733,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -709,6 +749,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -756,6 +798,8 @@ stack traceback: in function 'error' in function 'bar' in function 'foo' +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -774,6 +818,8 @@ GET /lua?a=1&b=2 --- ignore_response --- error_log eval qr/failed to load external Lua file ".*?test2\.lua": cannot open .*? No such file or directory/ +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -820,6 +866,8 @@ GET /lua failed to load inlined Lua code: header_filter_by_lua(nginx.conf:41):2: unexpected symbol near ''for end'' --- no_error_log no_such_error +--- curl_error eval +qr/curl: \(56\) Failure when receiving data from the peer/ @@ -849,6 +897,8 @@ GET /lua failed to load inlined Lua code: header_filter_by_lua(nginx.conf:49):2: unexpected symbol near ''for end'' --- no_error_log no_such_error +--- curl_error eval +qr/curl: \(56\) Failure when receiving data from the peer/ @@ -873,3 +923,5 @@ GET /lua failed to load inlined Lua code: header_filter_by_lua(...901234567890123456789012345.conf:1):2: unexpected symbol near ''for end'' --- no_error_log [alert] +--- curl_error eval +qr/curl: \(56\) Failure when receiving data from the peer/ diff --git a/modules/ngx_http_lua_module/t/043-shdict.t b/modules/ngx_http_lua_module/t/043-shdict.t index b0528e5cc7..649683b9fe 100644 --- a/modules/ngx_http_lua_module/t/043-shdict.t +++ b/modules/ngx_http_lua_module/t/043-shdict.t @@ -768,7 +768,7 @@ foo = 10502 dogs:set("bar", 32, 0.001) dogs:set("baz", 32, 0.001) dogs:set("foo", 32, 0.001) - ngx.location.capture("/sleep/0.002") + ngx.location.capture("/sleep/0.003") local res, err, forcible = dogs:add("foo", 10502) ngx.say("add: ", res, " ", err, " ", forcible) ngx.say("foo = ", dogs:get("foo")) @@ -797,7 +797,7 @@ foo = 10502 dogs:set("bar", 32, 0.001) dogs:set("baz", 32, 0.001) dogs:set("foo", "hi", 0.001) - ngx.location.capture("/sleep/0.002") + ngx.location.capture("/sleep/0.003") local res, err, forcible = dogs:add("foo", "hello") ngx.say("add: ", res, " ", err, " ", forcible) ngx.say("foo = ", dogs:get("foo")) @@ -1184,6 +1184,7 @@ nil nil === TEST 45: flush_expires +--- quic_max_idle_timeout: 1.6 --- http_config lua_shared_dict dogs 1m; --- config @@ -1210,6 +1211,7 @@ GET /t === TEST 46: flush_expires with number +--- quic_max_idle_timeout: 1.6 --- http_config lua_shared_dict dogs 1m; --- config @@ -1337,6 +1339,7 @@ GET /t === TEST 51: list all keys in a shdict with expires +--- quic_max_idle_timeout: 1.6 --- http_config lua_shared_dict dogs 1m; --- config @@ -1426,6 +1429,7 @@ GET /t === TEST 55: list all keys in a shdict with all keys expired +--- quic_max_idle_timeout: 1.6 --- http_config lua_shared_dict dogs 1m; --- config diff --git a/modules/ngx_http_lua_module/t/044-req-body.t b/modules/ngx_http_lua_module/t/044-req-body.t index 2ef7e1d29e..f4509e1497 100644 --- a/modules/ngx_http_lua_module/t/044-req-body.t +++ b/modules/ngx_http_lua_module/t/044-req-body.t @@ -7,7 +7,7 @@ log_level('warn'); repeat_each(2); -plan tests => repeat_each() * (blocks() * 4 + 52 ); +plan tests => repeat_each() * (blocks() * 4 + 56); #no_diff(); no_long_string(); @@ -351,9 +351,18 @@ hello, world --- user_files >>> a.txt Will you change this world? ---- raw_response_headers_like -X-Old: \S+/client_body_temp/\d+\r -.*?X-New: \S+/html/a\.txt\r +--- raw_response_headers_like eval +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = qr#x-old: \S+/client_body_temp/\d+\r +.*?x-new: \S+/html/a\.txt\r#; +} else { + $headers = qr#X-Old: \S+/client_body_temp/\d+\r +.*?X-New: \S+/html/a\.txt\r#; +} + +$headers; --- response_body Will you change this world? --- no_error_log @@ -390,9 +399,18 @@ hello, world! --- user_files >>> a.txt Will you change this world? ---- raw_response_headers_like -X-Old: \S+/client_body_temp/\d+\r -.*?X-New: \S+/html/a\.txt\r +--- raw_response_headers_like eval +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = qr#x-old: \S+/client_body_temp/\d+\r +.*?x-new: \S+/html/a\.txt\r#; +} else { + $headers = qr#X-Old: \S+/client_body_temp/\d+\r +.*?X-New: \S+/html/a\.txt\r#; +} + +$headers; --- response_body Will you change this world? --- no_error_log @@ -898,6 +916,7 @@ body: hell --- no_error_log [error] [alert] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} @@ -959,6 +978,7 @@ body file: hello [alert] --- error_log a client request body is buffered to a temporary file +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -985,9 +1005,9 @@ a client request body is buffered to a temporary file --- error_code: 500 --- error_log eval qr/lua entry thread aborted: runtime error: content_by_lua\(nginx\.conf:\d+\):2: request body not read yet/ - --- no_error_log [alert] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} @@ -1017,8 +1037,8 @@ body: hell --- no_error_log [error] [alert] ---- no_error_log a client request body is buffered to a temporary file +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -1241,8 +1261,8 @@ body: hello, my dear friend! --- no_error_log [error] [alert] ---- no_error_log a client request body is buffered to a temporary file +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -1382,8 +1402,8 @@ failed to get req socket: request body already exists --- no_error_log [error] [alert] ---- no_error_log a client request body is buffered to a temporary file +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -1405,6 +1425,7 @@ Expect: 100-Continue [alert] [error] http finalize request: 500, "/test?" a:1, c:0 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -1480,13 +1501,22 @@ probe syscall.fcntl { --- stap_out_unlike fcntl\(O_DIRECT\) ---- raw_response_headers_like -.*?X-New: \S+/html/a\.txt\r +--- raw_response_headers_like eval +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = qr#.*?x-new: \S+/html/a\.txt\r#; +} else { + $headers = qr#.*?X-New: \S+/html/a\.txt\r#; +} + +$headers; --- response_body Will you change this world? --- no_error_log [error] [alert] +--- skip_eval: 6:$ENV{TEST_NGINX_USE_HTTP3} @@ -1744,3 +1774,23 @@ content length: 5 --- no_error_log [error] [alert] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} + + + +=== TEST 53: HTTP2 read buffered body was discarded +--- config + location = /test { + content_by_lua_block { + local err = pcall(ngx.req.read_body()) + ngx.say(err) + } + } +--- http2 +--- request +POST /test +hello, world +--- more_headers +Content-Length: +--- error_code: 500 +--- error_log: http2 requests are not supported without content-length header diff --git a/modules/ngx_http_lua_module/t/045-ngx-var.t b/modules/ngx_http_lua_module/t/045-ngx-var.t index 81fcef6458..f0f9f415c6 100644 --- a/modules/ngx_http_lua_module/t/045-ngx-var.t +++ b/modules/ngx_http_lua_module/t/045-ngx-var.t @@ -170,10 +170,22 @@ invalid referer: 1 } --- request GET /t ---- raw_response_headers_like -Proxy-Host: 127.0.0.1\:\d+\r +--- raw_response_headers_like eval +my $headers; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $headers = +qr/proxy-host: 127.0.0.1\:\d+\r +proxy-port: \d+\r +proxy-add-x-forwarded-for: 127.0.0.1\r/; +} else { + $headers = +qr/Proxy-Host: 127.0.0.1\:\d+\r Proxy-Port: \d+\r -Proxy-Add-X-Forwarded-For: 127.0.0.1\r +Proxy-Add-X-Forwarded-For: 127.0.0.1\r/; +} + +$headers; --- response_body hello --- no_error_log diff --git a/modules/ngx_http_lua_module/t/047-match-jit.t b/modules/ngx_http_lua_module/t/047-match-jit.t index f53a4083a2..9b40a889dc 100644 --- a/modules/ngx_http_lua_module/t/047-match-jit.t +++ b/modules/ngx_http_lua_module/t/047-match-jit.t @@ -32,8 +32,11 @@ __DATA__ GET /re --- response_body 1234 ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -53,8 +56,11 @@ pcre JIT compiling result: 1 GET /re --- response_body not matched! ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -76,9 +82,15 @@ pcre JIT compiling result: 1 1234 --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ not matched! --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -128,8 +146,11 @@ qr/pcre JIT compiling result: \d+/ } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -170,8 +191,15 @@ end --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +# PCRE2_ERROR_MATCHLIMIT (-47) +"error: pcre_exec() failed: -47\n" +: +"error: pcre_exec() failed: -8\n" diff --git a/modules/ngx_http_lua_module/t/049-gmatch-jit.t b/modules/ngx_http_lua_module/t/049-gmatch-jit.t index 5134d526b5..b76df35e98 100644 --- a/modules/ngx_http_lua_module/t/049-gmatch-jit.t +++ b/modules/ngx_http_lua_module/t/049-gmatch-jit.t @@ -34,8 +34,11 @@ __DATA__ --- response_body hello world ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -60,8 +63,11 @@ pcre JIT compiling result: 1 nil nil nil ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -77,8 +83,11 @@ pcre JIT compiling result: 1 GET /re --- response_body done ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -99,8 +108,11 @@ pcre JIT compiling result: 1 GET /re --- response_body hello ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -124,9 +136,15 @@ hello world --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -154,9 +172,15 @@ nil nil --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -175,9 +199,15 @@ qr/pcre JIT compiling result: \d+/ done --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -201,9 +231,15 @@ qr/pcre JIT compiling result: \d+/ hello --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -222,7 +258,10 @@ qr/pcre JIT compiling result: \d+/ } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/050-gmatch-dfa.t b/modules/ngx_http_lua_module/t/050-gmatch-dfa.t index d2ac2bc666..4c5f820e49 100644 --- a/modules/ngx_http_lua_module/t/050-gmatch-dfa.t +++ b/modules/ngx_http_lua_module/t/050-gmatch-dfa.t @@ -214,8 +214,11 @@ hello } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/051-sub-jit.t b/modules/ngx_http_lua_module/t/051-sub-jit.t index c8a49c0516..7aec7ccb79 100644 --- a/modules/ngx_http_lua_module/t/051-sub-jit.t +++ b/modules/ngx_http_lua_module/t/051-sub-jit.t @@ -32,8 +32,11 @@ __DATA__ GET /re --- response_body hello, world 5678: 1 ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -53,8 +56,11 @@ pcre JIT compiling result: 1 GET /re --- response_body hello, world: 0 ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -76,9 +82,15 @@ pcre JIT compiling result: 1 hello, world 5678: 1 --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ hello, world: 0 --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -122,8 +140,11 @@ qr/pcre JIT compiling result: \d+/ } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -143,7 +164,10 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/052-sub-dfa.t b/modules/ngx_http_lua_module/t/052-sub-dfa.t index 254913b3e0..2329c77aa3 100644 --- a/modules/ngx_http_lua_module/t/052-sub-dfa.t +++ b/modules/ngx_http_lua_module/t/052-sub-dfa.t @@ -107,8 +107,11 @@ hello, world: 0 } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -129,8 +132,11 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/053-gsub-jit.t b/modules/ngx_http_lua_module/t/053-gsub-jit.t index 3efc0a24a5..c7c87ee29c 100644 --- a/modules/ngx_http_lua_module/t/053-gsub-jit.t +++ b/modules/ngx_http_lua_module/t/053-gsub-jit.t @@ -32,8 +32,11 @@ __DATA__ GET /re --- response_body hello, world world: 2 ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -53,8 +56,11 @@ pcre JIT compiling result: 1 GET /re --- response_body hello, world: 0 ---- error_log -pcre JIT compiling result: 1 +--- error_log eval +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully\n" +: +"pcre JIT compiling result: 1\n" @@ -76,9 +82,15 @@ pcre JIT compiling result: 1 hello, world world: 2 --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ hello, world: 0 --- grep_error_log eval -qr/pcre JIT compiling result: \d+/ +$Test::Nginx::Util::PcreVersion == 2 ? +"pcre2 JIT compiled successfully" +: +"pcre JIT compiling result: 1" --- grep_error_log_out eval +$Test::Nginx::Util::PcreVersion == 2 ? +["pcre2 JIT compiled successfully\n", ""] +: ["pcre JIT compiling result: 1\n", ""] @@ -122,8 +140,11 @@ qr/pcre JIT compiling result: \d+/ } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -143,7 +164,10 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/054-gsub-dfa.t b/modules/ngx_http_lua_module/t/054-gsub-dfa.t index 937aa1c421..bd0825d4ba 100644 --- a/modules/ngx_http_lua_module/t/054-gsub-dfa.t +++ b/modules/ngx_http_lua_module/t/054-gsub-dfa.t @@ -107,8 +107,11 @@ hello, world: 0 } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" @@ -126,8 +129,11 @@ error: pcre_compile() failed: missing ) in "(abc" } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/056-flush.t b/modules/ngx_http_lua_module/t/056-flush.t index bdd33d4f9a..4376b18930 100644 --- a/modules/ngx_http_lua_module/t/056-flush.t +++ b/modules/ngx_http_lua_module/t/056-flush.t @@ -491,6 +491,7 @@ GET /test === TEST 17: limit_rate +--- quic_max_idle_timeout: 2 --- config location /test { limit_rate 150; @@ -512,10 +513,19 @@ GET /test --- response_body eval "a" x 200 --- error_log eval -[ +my @errlog; +if (defined $ENV{TEST_NGINX_USE_HTTP2}) { + @errlog = [ +qr/lua writes elapsed 0\.[7-9]\d+ sec/, +qr/lua flush requires waiting: buffered 0x[0-9a-f]+, delayed:1/, +]; +} else { + @errlog = [ qr/lua writes elapsed [12](?:\.\d+)? sec/, qr/lua flush requires waiting: buffered 0x[0-9a-f]+, delayed:1/, -] +]; +} +@errlog; --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/057-flush-timeout.t b/modules/ngx_http_lua_module/t/057-flush-timeout.t index 1f8cfaadf9..8f0b7790a0 100644 --- a/modules/ngx_http_lua_module/t/057-flush-timeout.t +++ b/modules/ngx_http_lua_module/t/057-flush-timeout.t @@ -19,9 +19,14 @@ BEGIN { $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; $ENV{MOCKEAGAIN_WRITE_TIMEOUT_PATTERN} = 'hello, world'; $ENV{TEST_NGINX_POSTPONE_OUTPUT} = 1; + delete($ENV{TEST_NGINX_USE_HTTP2}); + + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "HTTP3 does not support mockeagain"; + } } -use Test::Nginx::Socket::Lua; +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); use t::StapThread; our $GCScript = $t::StapThread::GCScript; diff --git a/modules/ngx_http_lua_module/t/058-tcp-socket.t b/modules/ngx_http_lua_module/t/058-tcp-socket.t index 6ffb32f584..b5cf58ec5b 100644 --- a/modules/ngx_http_lua_module/t/058-tcp-socket.t +++ b/modules/ngx_http_lua_module/t/058-tcp-socket.t @@ -21,6 +21,7 @@ run_tests(); __DATA__ === TEST 1: sanity +--- no_http2 --- config server_tokens off; location /t { @@ -90,6 +91,7 @@ close: 1 nil === TEST 2: no trailing newline +--- no_http2 --- config server_tokens off; location /t { @@ -253,10 +255,12 @@ second line received: (?:Date|Server): .*? --- no_error_log [error] --- timeout: 10 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} === TEST 5: connection refused (tcp) +--- no_http2 --- config location /test { content_by_lua ' @@ -327,6 +331,7 @@ lua tcp socket connect timed out, when connecting to 127.0.0.2:12345 === TEST 7: not closed manually +--- no_http2 --- config server_tokens off; location /t { @@ -441,6 +446,7 @@ attempt to send data on a closed socket === TEST 10: explicit *l pattern for receive +--- no_http2 --- config server_tokens off; location /t { @@ -509,6 +515,7 @@ close: 1 nil === TEST 11: *a pattern for receive +--- no_http2 --- config server_tokens off; location /t { @@ -577,6 +584,7 @@ close: 1 nil === TEST 12: mixing *a and *l patterns for receive +--- no_http2 --- config server_tokens off; location /t { @@ -656,6 +664,7 @@ close: 1 nil === TEST 13: receive by chunks +--- no_http2 --- timeout: 5 --- config server_tokens off; @@ -731,6 +740,7 @@ close: 1 nil === TEST 14: receive by chunks (very small buffer) +--- no_http2 --- timeout: 5 --- config server_tokens off; @@ -807,6 +817,7 @@ close: 1 nil === TEST 15: line reading (very small buffer) +--- no_http2 --- config server_tokens off; lua_socket_buffer_size 1; @@ -876,6 +887,7 @@ close: 1 nil === TEST 16: ngx.socket.connect (working) +--- no_http2 --- config server_tokens off; location /t { @@ -982,6 +994,7 @@ qr/connect\(\) failed \(\d+: Connection refused\)/ === TEST 18: receive by chunks (stringified size) +--- no_http2 --- config server_tokens off; location /t { @@ -1056,6 +1069,7 @@ close: 1 nil === TEST 19: cannot survive across request boundary (send) +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -1115,6 +1129,7 @@ received: OK|failed to send request: closed)\$" === TEST 20: cannot survive across request boundary (receive) +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -1190,6 +1205,7 @@ received: OK|failed to receive a line: closed \[nil\])$/ === TEST 21: cannot survive across request boundary (close) +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -1259,6 +1275,7 @@ received: OK|failed to close: closed)$/ === TEST 22: cannot survive across request boundary (connect) +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -1335,6 +1352,7 @@ lua reuse socket upstream ctx === TEST 23: connect again immediately +--- no_http2 --- config server_tokens off; location /t { @@ -1403,6 +1421,7 @@ close: 1 nil === TEST 24: two sockets mix together +--- no_http2 --- config server_tokens off; location /t { @@ -1494,6 +1513,7 @@ GET /t === TEST 25: send tables of string fragments (with integers too) +--- no_http2 --- config server_tokens off; location /t { @@ -1564,6 +1584,7 @@ close: 1 nil === TEST 26: send tables of string fragments (bad type "nil") +--- no_http2 --- config server_tokens off; location /t { @@ -1619,10 +1640,13 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type nil found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# === TEST 27: send tables of string fragments (bad type "boolean") +--- no_http2 --- config server_tokens off; location /t { @@ -1678,10 +1702,13 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type boolean found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# === TEST 28: send tables of string fragments (bad type ngx.null) +--- no_http2 --- config server_tokens off; location /t { @@ -1737,10 +1764,13 @@ GET /t --- ignore_response --- error_log bad argument #1 to 'send' (bad data type userdata found) +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# === TEST 29: cosocket before location capture (tcpsock:send did not clear u->waiting) +--- no_http2 --- config server_tokens off; location /t { @@ -1808,6 +1838,7 @@ subrequest: 200, OK\r === TEST 30: CR in a line +--- no_http2 --- config server_tokens off; location /t { @@ -1877,6 +1908,7 @@ close: nil closed === TEST 31: receive(0) +--- no_http2 --- config server_tokens off; location /t { @@ -1935,6 +1967,7 @@ close: 1 nil === TEST 32: send("") +--- no_http2 --- config server_tokens off; location /t { @@ -2176,6 +2209,7 @@ lua tcp socket read timed out === TEST 37: successful reread after a read time out happen (receive -> receive) +--- no_http2 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -2253,6 +2287,7 @@ lua tcp socket read timed out === TEST 38: successful reread after a read time out happen (receive -> receiveuntil) +--- no_http2 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -2333,6 +2368,7 @@ lua tcp socket read timed out === TEST 39: successful reread after a read time out happen (receiveuntil -> receiveuntil) +--- no_http2 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -2415,6 +2451,7 @@ lua tcp socket read timed out === TEST 40: successful reread after a read time out happen (receiveuntil -> receive) +--- no_http2 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -2495,6 +2532,7 @@ lua tcp socket read timed out === TEST 41: receive(0) +--- no_http2 --- config server_tokens off; location /t { @@ -2542,6 +2580,7 @@ close: 1 nil === TEST 42: empty options table +--- no_http2 --- config server_tokens off; location /t { @@ -2580,6 +2619,7 @@ close: 1 nil === TEST 43: u->coctx left over bug +--- no_http2 --- config server_tokens off; location = /t { @@ -2671,6 +2711,7 @@ lua clean up the timer for pending ngx.sleep === TEST 44: bad request tries to connect +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -2725,6 +2766,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):7: bad request/ === TEST 45: bad request tries to receive +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -2782,6 +2824,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):14: bad request/ === TEST 46: bad request tries to send +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -2839,6 +2882,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):14: bad request/ === TEST 47: bad request tries to close +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -2896,6 +2940,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):14: bad request/ === TEST 48: bad request tries to set keepalive +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -2953,6 +2998,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):14: bad request/ === TEST 49: bad request tries to receiveuntil +--- no_http2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -3084,6 +3130,7 @@ could not cancel === TEST 52: tcp_nodelay on +--- no_http2 --- config tcp_nodelay on; server_tokens off; @@ -3157,6 +3204,7 @@ lua socket tcp_nodelay === TEST 53: tcp_nodelay off +--- no_http2 --- config tcp_nodelay off; server_tokens off; @@ -3348,6 +3396,7 @@ lua tcp socket connect timeout: 100 === TEST 56: reuse cleanup +--- no_http2 --- config server_tokens off; location /t { @@ -3412,6 +3461,7 @@ lua http cleanup reuse === TEST 57: reuse cleanup in ngx.timer (fake_request) +--- no_http2 --- config server_tokens off; location /t { @@ -3495,6 +3545,7 @@ lua http cleanup reuse === TEST 58: free cleanup in ngx.timer (without sock:close) +--- no_http2 --- config server_tokens off; location /t { @@ -3576,6 +3627,7 @@ total_send_bytes: 114 === TEST 59: reuse cleanup in subrequest +--- no_http2 --- config server_tokens off; location /t { @@ -3644,6 +3696,7 @@ lua http cleanup reuse === TEST 60: setkeepalive on socket already shutdown +--- no_http2 --- config location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -3682,6 +3735,7 @@ failed to setkeepalive: closed === TEST 61: options_table is nil +--- no_http2 --- config location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -3788,6 +3842,7 @@ failed to connect: bad port number: 65536 === TEST 64: send boolean and nil +--- no_http2 --- config location /t { set $port $TEST_NGINX_SERVER_PORT; @@ -3850,6 +3905,7 @@ received: truefalsenil === TEST 65: receiveany method in cosocket +--- no_http2 --- config server_tokens off; location = /t { @@ -3983,6 +4039,7 @@ GET /t === TEST 67: receiveany with limited, max <= 0 +--- no_http2 --- config location = /t { set $port $TEST_NGINX_SERVER_PORT; @@ -4019,6 +4076,7 @@ GET /t === TEST 68: receiveany with limited, max is larger than data +--- no_http2 --- config server_tokens off; location = /t { @@ -4088,6 +4146,7 @@ lua tcp socket calling receiveany() method to read at most 128 bytes === TEST 69: receiveany with limited, max is smaller than data +--- no_http2 --- config server_tokens off; location = /t { @@ -4162,6 +4221,7 @@ lua tcp socket calling receiveany() method to read at most 7 bytes === TEST 70: send tables of string fragments (with floating point number too) +--- no_http2 --- config server_tokens off; location /t { @@ -4236,6 +4296,7 @@ close: 1 nil === TEST 71: send numbers the maximum number of significant digits is 14 in lua +--- no_http2 --- config server_tokens off; location /t { diff --git a/modules/ngx_http_lua_module/t/062-count.t b/modules/ngx_http_lua_module/t/062-count.t index ad464ba2de..07605f95b9 100644 --- a/modules/ngx_http_lua_module/t/062-count.t +++ b/modules/ngx_http_lua_module/t/062-count.t @@ -262,6 +262,7 @@ hello world n = 6 --- no_error_log [error] +--- skip_eval: 3: $ENV{TEST_NGINX_USE_HTTP3} @@ -515,6 +516,7 @@ GET /test n = 7 --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -554,6 +556,7 @@ narr = 2 nrec = 3 --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -589,3 +592,4 @@ narr = 2 nrec = 3 --- no_error_log [error] +--- skip_eval: 3: $ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/065-tcp-socket-timeout.t b/modules/ngx_http_lua_module/t/065-tcp-socket-timeout.t index 092094a3c9..14563f70c6 100644 --- a/modules/ngx_http_lua_module/t/065-tcp-socket-timeout.t +++ b/modules/ngx_http_lua_module/t/065-tcp-socket-timeout.t @@ -16,6 +16,7 @@ BEGIN { $ENV{MOCKEAGAIN} = 'w'; } + delete($ENV{TEST_NGINX_USE_HTTP2}); $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; $ENV{MOCKEAGAIN_WRITE_TIMEOUT_PATTERN} = 'get helloworld'; } @@ -873,6 +874,7 @@ quitting request now --- no_error_log lua tcp socket write timed out [alert] +--- skip_eval: 4: $ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/066-socket-receiveuntil.t b/modules/ngx_http_lua_module/t/066-socket-receiveuntil.t index 1182a536c1..43744a3721 100644 --- a/modules/ngx_http_lua_module/t/066-socket-receiveuntil.t +++ b/modules/ngx_http_lua_module/t/066-socket-receiveuntil.t @@ -71,6 +71,7 @@ close: 1 nil === TEST 2: http read lines +--- no_http2 --- config server_tokens off; location /t { @@ -140,6 +141,7 @@ close: 1 nil === TEST 3: http read all the headers in a single run +--- no_http2 --- config server_tokens off; location /t { @@ -208,6 +210,7 @@ close: 1 nil === TEST 4: ambiguous boundary patterns (abcabd) +--- no_http2 --- config server_tokens off; location /t { @@ -279,6 +282,7 @@ close: 1 nil === TEST 5: ambiguous boundary patterns (aa) +--- no_http2 --- config server_tokens off; location /t { @@ -350,6 +354,7 @@ close: 1 nil === TEST 6: ambiguous boundary patterns (aaa) +--- no_http2 --- config server_tokens off; location /t { @@ -421,6 +426,7 @@ close: 1 nil === TEST 7: ambiguous boundary patterns (aaaaad) +--- no_http2 --- config server_tokens off; location /t { @@ -492,6 +498,7 @@ close: 1 nil === TEST 8: ambiguous boundary patterns (aaaaad), small buffer, 2 bytes +--- no_http2 --- config server_tokens off; lua_socket_buffer_size 2; @@ -564,6 +571,7 @@ close: 1 nil === TEST 9: ambiguous boundary patterns (aaaaad), small buffer, 1 byte +--- no_http2 --- config server_tokens off; lua_socket_buffer_size 1; @@ -636,6 +644,7 @@ close: 1 nil === TEST 10: ambiguous boundary patterns (abcabdabcabe) +--- no_http2 --- config server_tokens off; location /t { @@ -707,6 +716,7 @@ close: 1 nil === TEST 11: ambiguous boundary patterns (abcabdabcabe 2) +--- no_http2 --- config server_tokens off; location /t { @@ -778,6 +788,7 @@ close: 1 nil === TEST 12: ambiguous boundary patterns (abcabdabcabe 3) +--- no_http2 --- config server_tokens off; location /t { @@ -849,6 +860,7 @@ close: 1 nil === TEST 13: ambiguous boundary patterns (abcabdabcabe 4) +--- no_http2 --- config server_tokens off; location /t { @@ -920,6 +932,7 @@ close: 1 nil === TEST 14: ambiguous boundary patterns (--abc) +--- no_http2 --- config server_tokens off; location /t { @@ -991,6 +1004,7 @@ close: 1 nil === TEST 15: ambiguous boundary patterns (--abc) +--- no_http2 --- config server_tokens off; location /t { @@ -1066,6 +1080,7 @@ close: 1 nil === TEST 16: ambiguous boundary patterns (--abc), small buffer +--- no_http2 --- config server_tokens off; location /t { @@ -1142,6 +1157,7 @@ close: 1 nil === TEST 17: ambiguous boundary patterns (--abc), small buffer, mixed by other reading calls +--- no_http2 --- config server_tokens off; location /t { @@ -1230,6 +1246,7 @@ close: 1 nil === TEST 18: ambiguous boundary patterns (abcabd), small buffer +--- no_http2 --- config server_tokens off; lua_socket_buffer_size 3; @@ -1327,6 +1344,7 @@ this exposed a memory leak in receiveuntil ok --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -1402,3 +1420,595 @@ close: 1 nil } --- no_error_log [error] + + + +=== TEST 21: ambiguous boundary patterns (--abc), mixed by other reading calls consume boundary +--- config + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + local reader = sock:receiveuntil("--abc") + + for i = 1, 5 do + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + break + + else + ngx.say("read: ", line) + end + + local data, err, part = sock:receive(1) + if not data then + ngx.say("failed to read a byte: ", err, " [", part, "]") + break + + else + ngx.say("read one byte: ", data) + end + end + + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ----abc----abc-; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: -- +read one byte: - +read: -a +read one byte: b +read: c- +read one byte: - +read: +read one byte: - +failed to read a line: nil [nil] +failed to read a line: closed [ +] +close: 1 nil +} +--- no_error_log +[error] + + + +=== TEST 22: ambiguous boundary patterns (--abc), mixed by other reading calls (including receiveuntil) consume boundary +--- config + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + local reader1 = sock:receiveuntil("--abc") + local reader2 = sock:receiveuntil("-ab") + + local line, err, part = reader1(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local data, err, part = sock:receive(1) + if not data then + ngx.say("failed to read a byte: ", err, " [", part, "]") + + else + ngx.say("read one byte: ", data) + end + + local line, err, part = reader1(1) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader2(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader1() + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader1() + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ------abd----abc; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: -- +read one byte: - +read: - +read: - +read: d-- +failed to read a line: closed [ +] +close: 1 nil +} +--- no_error_log +[error] + + + +=== TEST 23: ambiguous boundary patterns (--abc), mixed by other reading calls consume boundary, small buffer +--- config + lua_socket_buffer_size 3; + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + local reader = sock:receiveuntil("--abc") + + for i = 1, 5 do + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + break + + else + ngx.say("read: ", line) + end + + local data, err, part = sock:receive(1) + if not data then + ngx.say("failed to read a byte: ", err, " [", part, "]") + break + + else + ngx.say("read one byte: ", data) + end + end + + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ----abc----abc-; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: -- +read one byte: - +read: -a +read one byte: b +read: c- +read one byte: - +read: +read one byte: - +failed to read a line: nil [nil] +failed to read a line: closed [ +] +close: 1 nil +} +--- no_error_log +[error] + + + +=== TEST 24: ambiguous boundary patterns (--abc), mixed by other reading calls (including receiveuntil) consume boundary, small buffer +--- config + lua_socket_buffer_size 3; + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + local reader1 = sock:receiveuntil("--abc") + local reader2 = sock:receiveuntil("-ab") + + local line, err, part = reader1(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local data, err, part = sock:receive(1) + if not data then + ngx.say("failed to read a byte: ", err, " [", part, "]") + + else + ngx.say("read one byte: ", data) + end + + local line, err, part = reader1(1) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader2(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader1() + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + local line, err, part = reader1() + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ------abd----abc; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: -- +read one byte: - +read: - +read: - +read: d-- +failed to read a line: closed [ +] +close: 1 nil +} +--- no_error_log +[error] + + + +=== TEST 25: ambiguous boundary patterns (ab1ab2), ends half way +--- config + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + if true then + local reader = sock:receiveuntil("ab1ab2") + + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + end + + collectgarbage("collect") + + local data, err, part = sock:receive(3) + if not data then + ngx.say("failed to read three bytes: ", err, " [", part, "]") + + else + ngx.say("read three bytes: ", data) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ab1ab1; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: ab1 +read three bytes: ab1 +close: 1 nil +} +--- no_error_log +[error] + + + +=== TEST 26: ambiguous boundary patterns (ab1ab2), ends half way, small buffer +--- config + lua_socket_buffer_size 3; + server_tokens off; + location /t { + set $port $TEST_NGINX_SERVER_PORT; + + content_by_lua_block { + -- collectgarbage("collect") + + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "GET /foo HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local read_headers = sock:receiveuntil("\r\n\r\n") + local headers, err, part = read_headers() + if not headers then + ngx.say("failed to read headers: ", err, " [", part, "]") + end + + if true then + local reader = sock:receiveuntil("ab1ab2") + + local line, err, part = reader(2) + if not line then + ngx.say("failed to read a line: ", err, " [", part, "]") + + else + ngx.say("read: ", line) + end + end + + collectgarbage("collect") + + local data, err, part = sock:receive(3) + if not data then + ngx.say("failed to read three bytes: ", err, " [", part, "]") + + else + ngx.say("read three bytes: ", data) + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } + + location /foo { + echo -- ab1ab1; + more_clear_headers Date; + } +--- request +GET /t + +--- response_body eval +qq{connected: 1 +request sent: 57 +read: ab1 +read three bytes: ab1 +close: 1 nil +} +--- no_error_log +[error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/067-req-socket.t b/modules/ngx_http_lua_module/t/067-req-socket.t index c5b2631e5e..9aff58b647 100644 --- a/modules/ngx_http_lua_module/t/067-req-socket.t +++ b/modules/ngx_http_lua_module/t/067-req-socket.t @@ -1,6 +1,16 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.socket"; + } elsif ($ENV{TEST_NGINX_USE_HTTP2}) { + $SkipReason = "http2 does not support ngx.req.socket"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); repeat_each(2); diff --git a/modules/ngx_http_lua_module/t/068-socket-keepalive.t b/modules/ngx_http_lua_module/t/068-socket-keepalive.t index cf8bc25acb..5ca94e4b72 100644 --- a/modules/ngx_http_lua_module/t/068-socket-keepalive.t +++ b/modules/ngx_http_lua_module/t/068-socket-keepalive.t @@ -168,6 +168,7 @@ received: OK === TEST 3: upstream sockets close prematurely +--- no_http3 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -243,6 +244,7 @@ done === TEST 4: http keepalive +--- quic_max_idle_timeout: 1.2 --- http_config eval "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" --- config @@ -318,6 +320,7 @@ done === TEST 5: lua_socket_keepalive_timeout +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -395,6 +398,7 @@ qr/lua tcp socket connection pool size: 30\b/] === TEST 6: lua_socket_pool_size +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -473,6 +477,7 @@ qr/lua tcp socket connection pool size: 1\b/] === TEST 7: "lua_socket_keepalive_timeout 0" means unlimited +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -548,6 +553,7 @@ qr/lua tcp socket connection pool size: 30\b/] === TEST 8: setkeepalive(timeout) overrides lua_socket_keepalive_timeout +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -625,6 +631,7 @@ qr/lua tcp socket connection pool size: 30\b/] === TEST 9: sock:setkeepalive(timeout, size) overrides lua_socket_pool_size +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -731,6 +738,7 @@ bad argument #3 to '?' (bad "pool_size" option value: 0) === TEST 11: sock:keepalive_timeout(0) means unlimited +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -1508,6 +1516,7 @@ done === TEST 25: setkeepalive() with explicit nil args +--- quic_max_idle_timeout: 1.2 --- config server_tokens off; location /t { @@ -1919,6 +1928,7 @@ too many waiting connect operations === TEST 32: conn queuing: once 'pool_size' is reached and pool has 'backlog' +--- quic_max_idle_timeout: 1.2 --- config location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2536,6 +2546,8 @@ GET /t --- abort --- no_error_log [error] +--- curl_error eval +qr/curl: \(28\) Operation timed out after \d+ milliseconds with 0 bytes received/ @@ -2643,6 +2655,7 @@ lua tcp socket connect timed out, when connecting to === TEST 46: conn queuing: resume connect operation if resumed connect failed (could not be resolved) +--- quic_max_idle_timeout: 1.2 --- config resolver 127.0.0.2:12345 ipv6=off; resolver_timeout 1s; diff --git a/modules/ngx_http_lua_module/t/075-logby.t b/modules/ngx_http_lua_module/t/075-logby.t index 8eece698ec..3e9743584a 100644 --- a/modules/ngx_http_lua_module/t/075-logby.t +++ b/modules/ngx_http_lua_module/t/075-logby.t @@ -444,6 +444,7 @@ GET /lua ok --- error_log API disabled in the context of log_by_lua* +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -457,8 +458,16 @@ API disabled in the context of log_by_lua* GET /lua --- response_body ok ---- error_log -API disabled in the context of log_by_lua* +--- error_log eval +my $err_log; + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $err_log = "http v3 not supported yet"; +} else { + $err_log = "API disabled in the context of log_by_lua*"; +} + +$err_log; diff --git a/modules/ngx_http_lua_module/t/077-sleep.t b/modules/ngx_http_lua_module/t/077-sleep.t index 96f04bd98e..4867b9ca7f 100644 --- a/modules/ngx_http_lua_module/t/077-sleep.t +++ b/modules/ngx_http_lua_module/t/077-sleep.t @@ -105,6 +105,7 @@ bad argument #1 to 'sleep' === TEST 5: sleep 0.33 - multi-times in content +--- quic_max_idle_timeout: 1.1 --- config location /test { content_by_lua ' @@ -129,6 +130,7 @@ lua sleep timer expired: "/test?" === TEST 6: sleep 0.5 - interleaved by ngx.say() - ended by ngx.sleep +--- quic_max_idle_timeout: 2.2 --- config location /test { content_by_lua ' @@ -156,6 +158,7 @@ lua sleep timer expired: "/test?" === TEST 7: sleep 0.5 - interleaved by ngx.say() - not ended by ngx.sleep +--- quic_max_idle_timeout: 0.9 --- config location /test { content_by_lua ' diff --git a/modules/ngx_http_lua_module/t/082-body-filter-2.t b/modules/ngx_http_lua_module/t/082-body-filter-2.t index eafe7cf26a..ee4fe56ece 100644 --- a/modules/ngx_http_lua_module/t/082-body-filter-2.t +++ b/modules/ngx_http_lua_module/t/082-body-filter-2.t @@ -6,6 +6,12 @@ BEGIN { if ($ENV{TEST_NGINX_EVENT_TYPE} && $ENV{TEST_NGINX_EVENT_TYPE} ne 'poll') { $SkipReason = "unavailable for the event type '$ENV{TEST_NGINX_EVENT_TYPE}'"; + } elsif ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support mockeagain"; + + } elsif ($ENV{TEST_NGINX_USE_HTTP2}) { + $SkipReason = "http2 does not support mockeagain"; + } else { $ENV{TEST_NGINX_POSTPONE_OUTPUT} = 1; $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; @@ -60,3 +66,157 @@ waiting body filter busy buffer to be sent lua say response has busy bufs --- no_error_log [error] + + + +=== TEST 2: arg[1] not change and say long string +--- config + location /t { + header_filter_by_lua_block {ngx.header.content_length = nil} + body_filter_by_lua_block { + local function anyting_not_change_arg1() + return + end + anyting_not_change_arg1() + } + content_by_lua_block { + for i = 1, 100 do + ngx.say("12345678901234567890") + end + } + } +--- request +GET /t +--- response_body eval +("12345678901234567890\n" x 100) +--- no_error_log +[error] +[alert] +[crit] + + + +=== TEST 3: arg[1] not change and chunked_transfer_encoding off +--- config + location /t { + header_filter_by_lua_block {ngx.header.content_length = nil} + body_filter_by_lua_block { + local function anyting_not_change_arg1() + return + end + anyting_not_change_arg1() + } + chunked_transfer_encoding off; + content_by_lua_block { + for i = 1, 100 do + ngx.say("12345678901234567890123456789012345678901234567890".."_"..tostring(i/3)) + end + } + } +--- request +GET /t +--- response_body +12345678901234567890123456789012345678901234567890_0.33333333333333 +12345678901234567890123456789012345678901234567890_0.66666666666667 +12345678901234567890123456789012345678901234567890_1 +12345678901234567890123456789012345678901234567890_1.3333333333333 +12345678901234567890123456789012345678901234567890_1.6666666666667 +12345678901234567890123456789012345678901234567890_2 +12345678901234567890123456789012345678901234567890_2.3333333333333 +12345678901234567890123456789012345678901234567890_2.6666666666667 +12345678901234567890123456789012345678901234567890_3 +12345678901234567890123456789012345678901234567890_3.3333333333333 +12345678901234567890123456789012345678901234567890_3.6666666666667 +12345678901234567890123456789012345678901234567890_4 +12345678901234567890123456789012345678901234567890_4.3333333333333 +12345678901234567890123456789012345678901234567890_4.6666666666667 +12345678901234567890123456789012345678901234567890_5 +12345678901234567890123456789012345678901234567890_5.3333333333333 +12345678901234567890123456789012345678901234567890_5.6666666666667 +12345678901234567890123456789012345678901234567890_6 +12345678901234567890123456789012345678901234567890_6.3333333333333 +12345678901234567890123456789012345678901234567890_6.6666666666667 +12345678901234567890123456789012345678901234567890_7 +12345678901234567890123456789012345678901234567890_7.3333333333333 +12345678901234567890123456789012345678901234567890_7.6666666666667 +12345678901234567890123456789012345678901234567890_8 +12345678901234567890123456789012345678901234567890_8.3333333333333 +12345678901234567890123456789012345678901234567890_8.6666666666667 +12345678901234567890123456789012345678901234567890_9 +12345678901234567890123456789012345678901234567890_9.3333333333333 +12345678901234567890123456789012345678901234567890_9.6666666666667 +12345678901234567890123456789012345678901234567890_10 +12345678901234567890123456789012345678901234567890_10.333333333333 +12345678901234567890123456789012345678901234567890_10.666666666667 +12345678901234567890123456789012345678901234567890_11 +12345678901234567890123456789012345678901234567890_11.333333333333 +12345678901234567890123456789012345678901234567890_11.666666666667 +12345678901234567890123456789012345678901234567890_12 +12345678901234567890123456789012345678901234567890_12.333333333333 +12345678901234567890123456789012345678901234567890_12.666666666667 +12345678901234567890123456789012345678901234567890_13 +12345678901234567890123456789012345678901234567890_13.333333333333 +12345678901234567890123456789012345678901234567890_13.666666666667 +12345678901234567890123456789012345678901234567890_14 +12345678901234567890123456789012345678901234567890_14.333333333333 +12345678901234567890123456789012345678901234567890_14.666666666667 +12345678901234567890123456789012345678901234567890_15 +12345678901234567890123456789012345678901234567890_15.333333333333 +12345678901234567890123456789012345678901234567890_15.666666666667 +12345678901234567890123456789012345678901234567890_16 +12345678901234567890123456789012345678901234567890_16.333333333333 +12345678901234567890123456789012345678901234567890_16.666666666667 +12345678901234567890123456789012345678901234567890_17 +12345678901234567890123456789012345678901234567890_17.333333333333 +12345678901234567890123456789012345678901234567890_17.666666666667 +12345678901234567890123456789012345678901234567890_18 +12345678901234567890123456789012345678901234567890_18.333333333333 +12345678901234567890123456789012345678901234567890_18.666666666667 +12345678901234567890123456789012345678901234567890_19 +12345678901234567890123456789012345678901234567890_19.333333333333 +12345678901234567890123456789012345678901234567890_19.666666666667 +12345678901234567890123456789012345678901234567890_20 +12345678901234567890123456789012345678901234567890_20.333333333333 +12345678901234567890123456789012345678901234567890_20.666666666667 +12345678901234567890123456789012345678901234567890_21 +12345678901234567890123456789012345678901234567890_21.333333333333 +12345678901234567890123456789012345678901234567890_21.666666666667 +12345678901234567890123456789012345678901234567890_22 +12345678901234567890123456789012345678901234567890_22.333333333333 +12345678901234567890123456789012345678901234567890_22.666666666667 +12345678901234567890123456789012345678901234567890_23 +12345678901234567890123456789012345678901234567890_23.333333333333 +12345678901234567890123456789012345678901234567890_23.666666666667 +12345678901234567890123456789012345678901234567890_24 +12345678901234567890123456789012345678901234567890_24.333333333333 +12345678901234567890123456789012345678901234567890_24.666666666667 +12345678901234567890123456789012345678901234567890_25 +12345678901234567890123456789012345678901234567890_25.333333333333 +12345678901234567890123456789012345678901234567890_25.666666666667 +12345678901234567890123456789012345678901234567890_26 +12345678901234567890123456789012345678901234567890_26.333333333333 +12345678901234567890123456789012345678901234567890_26.666666666667 +12345678901234567890123456789012345678901234567890_27 +12345678901234567890123456789012345678901234567890_27.333333333333 +12345678901234567890123456789012345678901234567890_27.666666666667 +12345678901234567890123456789012345678901234567890_28 +12345678901234567890123456789012345678901234567890_28.333333333333 +12345678901234567890123456789012345678901234567890_28.666666666667 +12345678901234567890123456789012345678901234567890_29 +12345678901234567890123456789012345678901234567890_29.333333333333 +12345678901234567890123456789012345678901234567890_29.666666666667 +12345678901234567890123456789012345678901234567890_30 +12345678901234567890123456789012345678901234567890_30.333333333333 +12345678901234567890123456789012345678901234567890_30.666666666667 +12345678901234567890123456789012345678901234567890_31 +12345678901234567890123456789012345678901234567890_31.333333333333 +12345678901234567890123456789012345678901234567890_31.666666666667 +12345678901234567890123456789012345678901234567890_32 +12345678901234567890123456789012345678901234567890_32.333333333333 +12345678901234567890123456789012345678901234567890_32.666666666667 +12345678901234567890123456789012345678901234567890_33 +12345678901234567890123456789012345678901234567890_33.333333333333 +--- no_error_log +[error] +[alert] +[crit] diff --git a/modules/ngx_http_lua_module/t/082-body-filter.t b/modules/ngx_http_lua_module/t/082-body-filter.t index a69c78fa70..4033bac8ce 100644 --- a/modules/ngx_http_lua_module/t/082-body-filter.t +++ b/modules/ngx_http_lua_module/t/082-body-filter.t @@ -482,6 +482,8 @@ stack traceback: in function 'error' in function 'bar' in function 'foo' +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# @@ -524,6 +526,8 @@ GET /lua?a=1&b=2 --- ignore_response --- error_log eval qr/failed to load external Lua file ".*?test2\.lua": cannot open .*? No such file or directory/ +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# @@ -838,6 +842,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of body_filter_by_lua* +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# @@ -860,6 +866,8 @@ failed to load inlined Lua code: body_filter_by_lua(nginx.conf:41):2: unexpected --- no_error_log no_such_error1 no_such_error2 +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# @@ -890,3 +898,5 @@ failed to load inlined Lua code: body_filter_by_lua(nginx.conf:49):2: unexpected --- no_error_log no_such_error1 no_such_error2 +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# diff --git a/modules/ngx_http_lua_module/t/083-bad-sock-self.t b/modules/ngx_http_lua_module/t/083-bad-sock-self.t index 7a76752d9f..206de8b990 100644 --- a/modules/ngx_http_lua_module/t/083-bad-sock-self.t +++ b/modules/ngx_http_lua_module/t/083-bad-sock-self.t @@ -33,6 +33,7 @@ __DATA__ --- error_code: 500 --- error_log bad argument #1 to 'receive' (table expected, got string) +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} @@ -51,6 +52,7 @@ bad argument #1 to 'receive' (table expected, got string) --- error_code: 500 --- error_log bad argument #1 to 'receiveuntil' (table expected, got number) +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/084-inclusive-receiveuntil.t b/modules/ngx_http_lua_module/t/084-inclusive-receiveuntil.t index eb5aa1ecdf..60f8363f92 100644 --- a/modules/ngx_http_lua_module/t/084-inclusive-receiveuntil.t +++ b/modules/ngx_http_lua_module/t/084-inclusive-receiveuntil.t @@ -19,6 +19,7 @@ run_tests(); __DATA__ === TEST 1: ambiguous boundary patterns (abcabd) - inclusive mode +--- no_http2 --- config server_tokens off; location /t { @@ -91,6 +92,7 @@ close: 1 nil === TEST 2: ambiguous boundary patterns (abcabdabcabe 4) - inclusive mode +--- no_http2 --- config server_tokens off; location /t { @@ -162,6 +164,7 @@ close: 1 nil === TEST 3: ambiguous boundary patterns (abcabd) - inclusive mode - small buffers +--- no_http2 --- config server_tokens off; lua_socket_buffer_size 1; @@ -235,6 +238,7 @@ close: 1 nil === TEST 4: inclusive option value nil +--- no_http2 --- config server_tokens off; location /t { @@ -306,6 +310,7 @@ close: 1 nil === TEST 5: inclusive option value false +--- no_http2 --- config server_tokens off; location /t { @@ -377,6 +382,7 @@ close: 1 nil === TEST 6: inclusive option value true (aa) +--- no_http2 --- config server_tokens off; location /t { @@ -448,6 +454,7 @@ close: 1 nil === TEST 7: bad inclusive option value type +--- no_http2 --- config server_tokens off; location /t { @@ -511,10 +518,13 @@ bad "inclusive" option value type: string --- no_error_log [alert] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# === TEST 8: bad option table +--- no_http2 --- config server_tokens off; location /t { @@ -578,10 +588,13 @@ bad "inclusive" option value type: string --- no_error_log [alert] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP\/3 stream 0 reset by server# === TEST 9: ambiguous boundary patterns (--abc), small buffer +--- no_http2 --- config server_tokens off; location /t { @@ -658,6 +671,7 @@ close: 1 nil === TEST 10: ambiguous boundary patterns (--abc), small buffer, mixed by other reading calls +--- no_http2 --- config server_tokens off; location /t { diff --git a/modules/ngx_http_lua_module/t/087-udp-socket.t b/modules/ngx_http_lua_module/t/087-udp-socket.t index 6c26b93876..ffe6b13e92 100644 --- a/modules/ngx_http_lua_module/t/087-udp-socket.t +++ b/modules/ngx_http_lua_module/t/087-udp-socket.t @@ -143,12 +143,15 @@ GET /t === TEST 3: access a TCP interface +test-nginx use the same port for tcp(http) and udp(http3) +so need to change to a port that is not listen by any app. +default port range: +net.ipv4.ip_local_port_range = 32768 60999 +choose a port greater than 61000 should be less race. --- config server_tokens off; location /t { - #set $port 5000; - set $port $TEST_NGINX_SERVER_PORT; - #set $port 1234; + set $port 65432; content_by_lua ' local socket = ngx.socket diff --git a/modules/ngx_http_lua_module/t/088-req-method.t b/modules/ngx_http_lua_module/t/088-req-method.t index 198b3b3492..9e1499fb86 100644 --- a/modules/ngx_http_lua_module/t/088-req-method.t +++ b/modules/ngx_http_lua_module/t/088-req-method.t @@ -164,6 +164,7 @@ PUT === TEST 8: set GET to HEAD +--- no_http2 --- config location /t { rewrite_by_lua ' @@ -209,6 +210,8 @@ main: GET === TEST 10: set HEAD to GET +XXX: does http3 do not support set HEAD to GET?? +--- no_http2 --- config location /t { rewrite_by_lua ' @@ -223,10 +226,13 @@ main: GET method: GET --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} === TEST 11: set GET to WebDAV methods +XXX: does http3 do not support change HEAD method? +--- no_http2 --- config location /t { content_by_lua ' @@ -262,3 +268,4 @@ method: PATCH method: TRACE --- no_error_log [error] +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/091-coroutine.t b/modules/ngx_http_lua_module/t/091-coroutine.t index fafc5a45cc..bfbdb38937 100644 --- a/modules/ngx_http_lua_module/t/091-coroutine.t +++ b/modules/ngx_http_lua_module/t/091-coroutine.t @@ -159,6 +159,8 @@ cc3: 2 === TEST 3: basic coroutine and cosocket +access the public network is unstable, need a bigger timeout +--- quic_max_idle_timeout: 4 --- config resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { @@ -760,6 +762,8 @@ GET /lua --- ignore_response --- error_log API disabled in the context of header_filter_by_lua* +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ @@ -1695,6 +1699,8 @@ GET /t "stack traceback:", "in function 'co'" ] +--- curl_error eval +qr/curl: \(52\) Empty reply from server|curl: \(92\) HTTP\/2 stream 0 was not closed cleanly|curl: \(95\) HTTP\/3 stream 0 reset by server/ diff --git a/modules/ngx_http_lua_module/t/093-uthread-spawn.t b/modules/ngx_http_lua_module/t/093-uthread-spawn.t index ab6db2ff26..d905c100c5 100644 --- a/modules/ngx_http_lua_module/t/093-uthread-spawn.t +++ b/modules/ngx_http_lua_module/t/093-uthread-spawn.t @@ -1064,6 +1064,8 @@ body: hello world)$ === TEST 23: simple user thread with ngx.req.socket() +ngx.req.socket() does not support in http3 +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} --- config location /lua { content_by_lua ' diff --git a/modules/ngx_http_lua_module/t/094-uthread-exit.t b/modules/ngx_http_lua_module/t/094-uthread-exit.t index 58d8d0b7db..0194e44b31 100644 --- a/modules/ngx_http_lua_module/t/094-uthread-exit.t +++ b/modules/ngx_http_lua_module/t/094-uthread-exit.t @@ -966,6 +966,7 @@ hello in thread after --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} @@ -1051,6 +1052,7 @@ hello in thread after --- no_error_log [error] +--- skip_eval: 4:$ENV{TEST_NGINX_USE_HTTP3} @@ -1399,6 +1401,8 @@ attempt to abort with pending subrequests --- no_error_log [alert] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# @@ -1482,6 +1486,8 @@ free request [alert] [error] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# @@ -1565,6 +1571,8 @@ free request [alert] [error] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# @@ -1648,3 +1656,5 @@ free request [alert] [error] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# diff --git a/modules/ngx_http_lua_module/t/095-uthread-exec.t b/modules/ngx_http_lua_module/t/095-uthread-exec.t index 7bf37c0e8d..4cd121da1e 100644 --- a/modules/ngx_http_lua_module/t/095-uthread-exec.t +++ b/modules/ngx_http_lua_module/t/095-uthread-exec.t @@ -423,3 +423,5 @@ attempt to abort with pending subrequests --- no_error_log [alert] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# diff --git a/modules/ngx_http_lua_module/t/096-uthread-redirect.t b/modules/ngx_http_lua_module/t/096-uthread-redirect.t index 95bff01f3a..62909b944c 100644 --- a/modules/ngx_http_lua_module/t/096-uthread-redirect.t +++ b/modules/ngx_http_lua_module/t/096-uthread-redirect.t @@ -277,3 +277,5 @@ attempt to abort with pending subrequests --- no_error_log [alert] [warn] +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# diff --git a/modules/ngx_http_lua_module/t/100-client-abort.t b/modules/ngx_http_lua_module/t/100-client-abort.t index f5713874e7..39d3244b16 100644 --- a/modules/ngx_http_lua_module/t/100-client-abort.t +++ b/modules/ngx_http_lua_module/t/100-client-abort.t @@ -1,6 +1,14 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "client abort detect does not support in http3"; + } elsif ($ENV{TEST_NGINX_USE_HTTP2}) { + $SkipReason = "client abort detect does not support in http2"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); use t::StapThread; our $GCScript = <<_EOC_; diff --git a/modules/ngx_http_lua_module/t/101-on-abort.t b/modules/ngx_http_lua_module/t/101-on-abort.t index ee1e41e3a8..784f244e04 100644 --- a/modules/ngx_http_lua_module/t/101-on-abort.t +++ b/modules/ngx_http_lua_module/t/101-on-abort.t @@ -1,6 +1,14 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "client abort detect does not support in http3"; + } elsif ($ENV{TEST_NGINX_USE_HTTP2}) { + $SkipReason = "client abort detect does not support in http2"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); use t::StapThread; our $GCScript = <<_EOC_; diff --git a/modules/ngx_http_lua_module/t/102-req-start-time.t b/modules/ngx_http_lua_module/t/102-req-start-time.t index 3b041afda7..d54b19941d 100644 --- a/modules/ngx_http_lua_module/t/102-req-start-time.t +++ b/modules/ngx_http_lua_module/t/102-req-start-time.t @@ -59,7 +59,7 @@ GET /start --- request GET /req_time --- response_body_like chop -^(?:0\.[12]|0\.099)\d* +^(?:0\.[12]|0\.099|0\.098)\d* true$ --- no_error_log [error] @@ -88,7 +88,7 @@ true$ --- request GET /req_time --- response_body_like chomp -^(?:0\.[12]|0\.099)\d* +^(?:0\.[12]|0\.099|0\.098)\d* 0\.\d+ true$ --- no_error_log diff --git a/modules/ngx_http_lua_module/t/103-req-http-ver.t b/modules/ngx_http_lua_module/t/103-req-http-ver.t index e6de2388c5..73ecccae28 100644 --- a/modules/ngx_http_lua_module/t/103-req-http-ver.t +++ b/modules/ngx_http_lua_module/t/103-req-http-ver.t @@ -26,8 +26,17 @@ __DATA__ } --- request GET /t ---- response_body -1.1 +--- response_body eval +my $body; +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + $body="3\n"; +} elsif (defined $ENV{TEST_NGINX_USE_HTTP2}) { + $body="2\n"; +} else { + $body="1.1\n"; +} + +$body; --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/104-req-raw-header.t b/modules/ngx_http_lua_module/t/104-req-raw-header.t index aa66630485..459d190ac7 100644 --- a/modules/ngx_http_lua_module/t/104-req-raw-header.t +++ b/modules/ngx_http_lua_module/t/104-req-raw-header.t @@ -1,5 +1,14 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; + +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.raw_header()"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); #worker_connections(1014); #master_on(); diff --git a/modules/ngx_http_lua_module/t/105-pressure.t b/modules/ngx_http_lua_module/t/105-pressure.t index 9d1ba1ff1a..2fc130d09b 100644 --- a/modules/ngx_http_lua_module/t/105-pressure.t +++ b/modules/ngx_http_lua_module/t/105-pressure.t @@ -2,7 +2,7 @@ use Test::Nginx::Socket::Lua; -#worker_connections(1014); +worker_connections(1014); #master_on(); #log_level('debug'); @@ -28,6 +28,8 @@ run_tests(); __DATA__ === TEST 1: memory issue in the "args" string option for ngx.location.capture +the default worker_connections is 64, HTTP3 will keep the connection when curl +request finished. So need to change the worker_connection. --- config location /test1 { content_by_lua ' diff --git a/modules/ngx_http_lua_module/t/106-timer.t b/modules/ngx_http_lua_module/t/106-timer.t index acd6e4c800..a9b4aed7bd 100644 --- a/modules/ngx_http_lua_module/t/106-timer.t +++ b/modules/ngx_http_lua_module/t/106-timer.t @@ -228,6 +228,7 @@ qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: elapsed: 0\.(?:1[4-9]|2[0-6]?) === TEST 5: tcp cosocket in timer handler (short connections) +--- no_http2 --- config server_tokens off; @@ -1332,6 +1333,7 @@ API disabled === TEST 19: exit in user thread (entry thread is still pending on ngx.sleep) +--- quic_max_idle_timeout: 1.3 --- config location /t { content_by_lua ' diff --git a/modules/ngx_http_lua_module/t/108-timer-safe.t b/modules/ngx_http_lua_module/t/108-timer-safe.t index 387f203c3d..a23634cd3b 100644 --- a/modules/ngx_http_lua_module/t/108-timer-safe.t +++ b/modules/ngx_http_lua_module/t/108-timer-safe.t @@ -124,6 +124,7 @@ qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: elapsed: 0\.(?:6[4-9]|7[0-6])/ === TEST 3: tcp cosocket in timer handler (short connections) +--- no_http2 --- config server_tokens off; location = /t { diff --git a/modules/ngx_http_lua_module/t/109-timer-hup.t b/modules/ngx_http_lua_module/t/109-timer-hup.t index bff1b33466..551dd486c7 100644 --- a/modules/ngx_http_lua_module/t/109-timer-hup.t +++ b/modules/ngx_http_lua_module/t/109-timer-hup.t @@ -6,6 +6,10 @@ BEGIN { if ($ENV{TEST_NGINX_CHECK_LEAK}) { $SkipReason = "unavailable for the hup tests"; + } elsif (defined $ENV{TEST_NGINX_USE_HTTP3}) { + #os.execute("kill -HUP " .. pid) + $SkipReason = "send HUP relaod signal by self make two workers with same id"; + } else { $ENV{TEST_NGINX_USE_HUP} = 1; undef $ENV{TEST_NGINX_USE_STAP}; diff --git a/modules/ngx_http_lua_module/t/116-raw-req-socket.t b/modules/ngx_http_lua_module/t/116-raw-req-socket.t index 4dfb92664e..6704a92084 100644 --- a/modules/ngx_http_lua_module/t/116-raw-req-socket.t +++ b/modules/ngx_http_lua_module/t/116-raw-req-socket.t @@ -1,6 +1,14 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.socket(true)"; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); repeat_each(2); diff --git a/modules/ngx_http_lua_module/t/120-re-find.t b/modules/ngx_http_lua_module/t/120-re-find.t index ddf24a98e7..43ccece1ab 100644 --- a/modules/ngx_http_lua_module/t/120-re-find.t +++ b/modules/ngx_http_lua_module/t/120-re-find.t @@ -354,8 +354,11 @@ matched: he } --- request GET /re ---- response_body -error: pcre_compile() failed: missing ) in "(abc" +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" +: +"error: pcre_compile() failed: missing ) in \"(abc\"\n" --- no_error_log [error] @@ -562,8 +565,11 @@ matched: hello, 1234 } --- request GET /t ---- response_body_like chop -^error: pcre_exec\(\) failed: -10$ +--- response_body eval +$Test::Nginx::Util::PcreVersion == 2 ? +"error: pcre_exec\(\) failed: -4\n" +: +"error: pcre_exec\(\) failed: -10\n" --- no_error_log [error] @@ -587,6 +593,7 @@ GET /t '; } --- stap +# TODO: PCRE2 use different option values from PCRE probe process("$LIBPCRE_PATH").function("pcre_compile") { printf("compile opts: %x\n", $options) } @@ -645,8 +652,14 @@ end --- request GET /re ---- response_body -error: pcre_exec() failed: -8 +--- response_body eval +# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, +# but PCRE2 replaces this with pcre2_set_match_limit interface, +# which has different effects. +$Test::Nginx::Util::PcreVersion == 2 ? +"failed to match.\n" +: +"error: pcre_exec() failed: -8\n" --- no_error_log [error] diff --git a/modules/ngx_http_lua_module/t/124-init-worker.t b/modules/ngx_http_lua_module/t/124-init-worker.t index 57df4a5b3b..07c2658f06 100644 --- a/modules/ngx_http_lua_module/t/124-init-worker.t +++ b/modules/ngx_http_lua_module/t/124-init-worker.t @@ -529,6 +529,7 @@ second line received: (?:Date|Server): .*? --- no_error_log [error] --- timeout: 10 +--- skip_eval: 3:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/129-ssl-socket.t b/modules/ngx_http_lua_module/t/129-ssl-socket.t index 81ca51ca41..3aea20bc08 100644 --- a/modules/ngx_http_lua_module/t/129-ssl-socket.t +++ b/modules/ngx_http_lua_module/t/129-ssl-socket.t @@ -1,6 +1,15 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +our $SkipReason; +BEGIN { + if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + # FIXME: we still need to enable this test file for HTTP3. + $SkipReason = "the test cases are very unstable, skip for now."; + } +} + +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); + use Cwd qw(abs_path realpath); use File::Basename; @@ -14,6 +23,12 @@ $ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8'; $ENV{TEST_NGINX_SERVER_SSL_PORT} ||= 12345; $ENV{TEST_NGINX_CERT_DIR} ||= dirname(realpath(abs_path(__FILE__))); +my $NginxBinary = $ENV{'TEST_NGINX_BINARY'} || 'nginx'; +my $openssl_version = eval { `$NginxBinary -V 2>&1` }; +if ($openssl_version =~ m/BoringSSL/) { + $ENV{TEST_NGINX_USE_BORINGSSL} = 1; +} + #log_level 'warn'; log_level 'debug'; @@ -39,7 +54,9 @@ run_tests(); __DATA__ -=== TEST 1: www.bing.com +=== TEST 1: www.google.com +access the public network is unstable, need a bigger timeout value. +--- quic_max_idle_timeout: 3 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -62,7 +79,7 @@ __DATA__ do local sock = ngx.socket.tcp() sock:settimeout(2000) - local ok, err = sock:connect("www.bing.com", 443) + local ok, err = sock:connect("www.google.com", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -78,7 +95,7 @@ __DATA__ ngx.say("ssl handshake: ", type(sess)) - local req = "GET / HTTP/1.1\\r\\nHost: www.bing.com\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: www.google.com\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -107,7 +124,7 @@ GET /t --- response_body_like chop \Aconnected: 1 ssl handshake: cdata -sent http request: 57 bytes. +sent http request: 59 bytes. received: HTTP/1.1 (?:200 OK|302 Found) close: 1 nil \z @@ -293,6 +310,8 @@ SSL reused session === TEST 4: ssl session reuse +access the public network is unstable, need a bigger timeout value. +--- quic_max_idle_timeout: 3 --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -1034,6 +1053,8 @@ SSL reused session --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; + location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1562,6 +1583,7 @@ attempt to call method 'sslhandshake' (a nil value) --- no_error_log [alert] --- timeout: 3 +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -2561,6 +2583,8 @@ qr/\[error\] .* ngx.socket sslhandshake: expecting 1 ~ 5 arguments \(including t --- no_error_log [alert] --- timeout: 10 +--- curl_error eval +qr#curl: \(52\) Empty reply from server|curl: \(95\) HTTP/3 stream 0 reset by server# @@ -2658,6 +2682,7 @@ SSL reused session === TEST 33: explicit cipher configuration - TLSv1.3 --- skip_openssl: 8: < 1.1.1 --- skip_nginx: 8: < 1.19.4 +--- skip_eval: 8:$ENV{TEST_NGINX_USE_BORINGSSL} --- http_config server { listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; @@ -2751,6 +2776,7 @@ SSL reused session === TEST 34: explicit cipher configuration not in the default list - TLSv1.3 --- skip_openssl: 8: < 1.1.1 --- skip_nginx: 8: < 1.19.4 +--- skip_eval: 8:$ENV{TEST_NGINX_USE_BORINGSSL} --- http_config server { listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; diff --git a/modules/ngx_http_lua_module/t/131-duplex-req-socket.t b/modules/ngx_http_lua_module/t/131-duplex-req-socket.t index 5d698b9344..f88649b8d8 100644 --- a/modules/ngx_http_lua_module/t/131-duplex-req-socket.t +++ b/modules/ngx_http_lua_module/t/131-duplex-req-socket.t @@ -1,5 +1,7 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: +our $SkipReason; + BEGIN { if (!defined $ENV{LD_PRELOAD}) { $ENV{LD_PRELOAD} = ''; @@ -18,9 +20,13 @@ BEGIN { $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; $ENV{MOCKEAGAIN_WRITE_TIMEOUT_PATTERN} = 'slow'; + + if ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support ngx.req.socket()"; + } } -use Test::Nginx::Socket::Lua; +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); log_level('debug'); diff --git a/modules/ngx_http_lua_module/t/132-lua-blocks.t b/modules/ngx_http_lua_module/t/132-lua-blocks.t index 2a1644e532..35638a8489 100644 --- a/modules/ngx_http_lua_module/t/132-lua-blocks.t +++ b/modules/ngx_http_lua_module/t/132-lua-blocks.t @@ -166,6 +166,7 @@ ok === TEST 8: content_by_lua_block (cosockets) +--- no_http2 --- config server_tokens off; location = /t { diff --git a/modules/ngx_http_lua_module/t/138-balancer-upstream-bind.t b/modules/ngx_http_lua_module/t/138-balancer-upstream-bind.t new file mode 100644 index 0000000000..442f37c8f3 --- /dev/null +++ b/modules/ngx_http_lua_module/t/138-balancer-upstream-bind.t @@ -0,0 +1,142 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: + +use Test::Nginx::Socket::Lua; + +#worker_connections(1014); +#master_on(); +#workers(2); +#log_level('warn'); + +repeat_each(2); + +plan tests => repeat_each() * (blocks() * 3); + +#no_diff(); +no_long_string(); +run_tests(); + +__DATA__ + +=== TEST 1: bind to empty +--- no_http2 +--- http_config + lua_package_path "$TEST_NGINX_SERVER_ROOT/html/?.lua;;"; + + upstream backend { + server 127.0.0.1:$TEST_NGINX_SERVER_PORT; + } +--- config + set $proxy_local_addr ""; + proxy_bind $proxy_local_addr; + + location = /t { + proxy_pass http://backend/back; + } + + location = /back { + echo ok; + } + +--- request + GET /t +--- response_body +ok +--- no_error_log +[cirt] + + + +=== TEST 2: bind to 127.0.0.1 +--- no_http2 +--- http_config + lua_package_path "$TEST_NGINX_SERVER_ROOT/html/?.lua;;"; + + upstream backend { + server 127.0.0.1:$TEST_NGINX_SERVER_PORT; + } +--- config + set $proxy_local_addr ""; + proxy_bind $proxy_local_addr; + + location = /t { + access_by_lua_block { + ngx.var.proxy_local_addr="127.0.0.1" + } + proxy_pass http://backend/back; + } + + location = /back { + echo ok; + } + +--- request + GET /t +--- response_body +ok +--- no_error_log +[cirt] + + + +=== TEST 3: bind to 127.0.0.10 +--- no_http2 +--- http_config + lua_package_path "$TEST_NGINX_SERVER_ROOT/html/?.lua;;"; + + upstream backend { + server 127.0.0.1:$TEST_NGINX_SERVER_PORT; + } +--- config + set $proxy_local_addr ""; + proxy_bind $proxy_local_addr; + + location = /t { + access_by_lua_block { + ngx.var.proxy_local_addr="127.0.0.10" + } + proxy_pass http://backend/back; + } + + location = /back { + echo ok; + } + +--- request + GET /t +--- response_body +ok +--- no_error_log +[cirt] + + + +=== TEST 4: bind to not exist addr 100.100.100.100 +--- no_http2 +--- http_config + lua_package_path "$TEST_NGINX_SERVER_ROOT/html/?.lua;;"; + + upstream backend { + server 127.0.0.1:$TEST_NGINX_SERVER_PORT; + } +--- config + set $proxy_local_addr ""; + proxy_bind $proxy_local_addr; + + location = /t { + access_by_lua_block { + ngx.var.proxy_local_addr="100.100.100.100" + } + proxy_pass http://backend/back; + } + + location = /back { + echo ok; + } + +--- request + GET /t +--- response_body_like chomp +500 Internal Server Error +--- error_code: 500 +--- error_log +bind(100.100.100.100) failed (99: Cannot assign requested address) diff --git a/modules/ngx_http_lua_module/t/138-balancer.t b/modules/ngx_http_lua_module/t/138-balancer.t index d9c943388e..8ccdee76c4 100644 --- a/modules/ngx_http_lua_module/t/138-balancer.t +++ b/modules/ngx_http_lua_module/t/138-balancer.t @@ -309,6 +309,7 @@ qr{\[crit\] .*? connect\(\) to 0\.0\.0\.1:80 failed .*?, upstream: "http://0\.0\ === TEST 12: code cache off +--- no_http2 --- http_config lua_package_path "$TEST_NGINX_SERVER_ROOT/html/?.lua;;"; diff --git a/modules/ngx_http_lua_module/t/139-ssl-cert-by.t b/modules/ngx_http_lua_module/t/139-ssl-cert-by.t index 2180466907..3fd6413307 100644 --- a/modules/ngx_http_lua_module/t/139-ssl-cert-by.t +++ b/modules/ngx_http_lua_module/t/139-ssl-cert-by.t @@ -579,7 +579,7 @@ failed to do SSL handshake: handshake failed --- error_log eval [ 'lua_certificate_by_lua: handler return value: -1, cert cb exit code: 0', -qr/\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error/, +qr/(\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error|routines:OPENSSL_internal:CERT_CB_ERROR)/, 'lua exit with code -1', ] @@ -720,7 +720,7 @@ failed to do SSL handshake: handshake failed --- error_log eval [ 'lua_certificate_by_lua: cert cb exit code: 0', -qr/\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error/, +qr/(\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error|routines:OPENSSL_internal:CERT_CB_ERROR)/, 'lua exit with code -1', ] @@ -791,7 +791,7 @@ failed to do SSL handshake: handshake failed [ 'runtime error: ssl_certificate_by_lua(nginx.conf:28):2: bad bad bad', 'lua_certificate_by_lua: handler return value: 500, cert cb exit code: 0', -qr/\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error/, +qr/(\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error|routines:OPENSSL_internal:CERT_CB_ERROR)/, qr/context: ssl_certificate_by_lua\*, client: \d+\.\d+\.\d+\.\d+, server: \d+\.\d+\.\d+\.\d+:\d+/, ] @@ -863,7 +863,7 @@ failed to do SSL handshake: handshake failed [ 'runtime error: ssl_certificate_by_lua(nginx.conf:28):3: bad bad bad', 'lua_certificate_by_lua: cert cb exit code: 0', -qr/\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error/, +qr/(\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error|routines:OPENSSL_internal:CERT_CB_ERROR)/, ] --- no_error_log @@ -1051,7 +1051,7 @@ failed to do SSL handshake: handshake failed [ 'lua ssl server name: "test.com"', 'ssl_certificate_by_lua(nginx.conf:28):1: API disabled in the context of ssl_certificate_by_lua*', -qr/\[info\] .*?cert cb error/, +qr/(\[info\] .*? SSL_do_handshake\(\) failed .*?cert cb error|routines:OPENSSL_internal:CERT_CB_ERROR)/, ] --- no_error_log diff --git a/modules/ngx_http_lua_module/t/142-ssl-session-store.t b/modules/ngx_http_lua_module/t/142-ssl-session-store.t index 61598732be..11deb83207 100644 --- a/modules/ngx_http_lua_module/t/142-ssl-session-store.t +++ b/modules/ngx_http_lua_module/t/142-ssl-session-store.t @@ -40,6 +40,7 @@ __DATA__ server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -115,6 +116,7 @@ ssl_session_store_by_lua\(nginx\.conf:25\):1: ssl session store by lua is runnin server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -190,6 +192,7 @@ API disabled in the context of ssl_session_store_by_lua* server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -282,6 +285,7 @@ my timer run! server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -351,6 +355,7 @@ API disabled in the context of ssl_session_store_by_lua* resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -423,6 +428,7 @@ ngx.exit does not yield and the error code is eaten. resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -496,6 +502,7 @@ ssl_session_store_by_lua*: handler return value: 0, sess new cb exit code: 0 resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -564,6 +571,7 @@ should never reached here resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -634,6 +642,7 @@ get_phase: ssl_session_store server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -703,6 +712,7 @@ qr/elapsed in ssl cert by lua: 0.(?:09|1[01])\d+,/, server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -784,6 +794,7 @@ a.lua:1: ssl store session by lua is running! resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -854,6 +865,7 @@ qr/\[emerg\] .*? "ssl_session_store_by_lua_block" directive is not allowed here server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -963,3 +975,4 @@ qr/ssl_session_store_by_lua\*: skipped since TLS version >= 1\.3 \(\d+\)/ [error] [alert] [emerg] +--- skip_eval: 6:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/143-ssl-session-fetch.t b/modules/ngx_http_lua_module/t/143-ssl-session-fetch.t index 8c5174dd94..2f988ded9c 100644 --- a/modules/ngx_http_lua_module/t/143-ssl-session-fetch.t +++ b/modules/ngx_http_lua_module/t/143-ssl-session-fetch.t @@ -41,6 +41,7 @@ __DATA__ server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -141,6 +142,7 @@ ssl_session_fetch_by_lua\(nginx\.conf:25\):1: ssl fetch sess by lua is running!, server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -225,6 +227,7 @@ qr/elapsed in ssl fetch session by lua: 0.(?:09|1[01])\d+,/, server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -326,6 +329,7 @@ qr/my timer run!/s server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -407,6 +411,7 @@ qr/received memc reply: OK/s resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -488,6 +493,7 @@ should never reached here resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -570,6 +576,7 @@ should never reached here resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -650,6 +657,7 @@ should never reached here server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; lua_ssl_verify_depth 3; location /t { @@ -733,6 +741,7 @@ should never reached here server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; lua_ssl_verify_depth 3; location /t { @@ -814,6 +823,7 @@ should never reached here server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -900,6 +910,7 @@ qr/get_phase: ssl_session_fetch/s server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -946,6 +957,21 @@ close: 1 nil qr/ssl ((fetch|store) session|cert) by lua is running!/s --- grep_error_log_out eval +if ($ENV{TEST_NGINX_USE_HTTP3}) { +[ +'ssl cert by lua is running! +ssl store session by lua is running! +', +'ssl cert by lua is running! +ssl fetch session by lua is running! +ssl store session by lua is running! +', +'ssl cert by lua is running! +ssl fetch session by lua is running! +ssl store session by lua is running! +', +] +} else { [ 'ssl cert by lua is running! ssl store session by lua is running! @@ -959,6 +985,7 @@ ssl cert by lua is running! ssl store session by lua is running! ', ] +} --- no_error_log [error] @@ -982,6 +1009,7 @@ ssl store session by lua is running! --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1070,6 +1098,7 @@ qr/\S+:\d+: ssl fetch sess by lua is running!/s server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1170,6 +1199,7 @@ qr/ssl_session_fetch_by_lua\(nginx.conf:\d+\):1: ssl fetch sess by lua is runnin --- config server_tokens off; lua_ssl_trusted_certificate ../../cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { content_by_lua_block { @@ -1249,6 +1279,7 @@ GET /t --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { content_by_lua_block { @@ -1382,6 +1413,7 @@ ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is run [error] [alert] [emerg] +--- skip_eval: 6:$ENV{TEST_NGINX_USE_HTTP3} @@ -1406,6 +1438,7 @@ ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is run --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1501,6 +1534,7 @@ qr/elapsed in ssl_session_fetch_by_lua\*: 0\.(?:09|1[01])\d+,/, --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { content_by_lua_block { @@ -1596,6 +1630,7 @@ close: 1 nil --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { content_by_lua_block { @@ -1696,6 +1731,7 @@ uthread: failed to kill: already waited or killed --- config server_tokens off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; + lua_ssl_protocols TLSv1 TLSv1.1 TLSV1.2; location /t { content_by_lua_block { diff --git a/modules/ngx_http_lua_module/t/147-tcp-socket-timeouts.t b/modules/ngx_http_lua_module/t/147-tcp-socket-timeouts.t index 8566c0ba6f..ceddb61dcc 100644 --- a/modules/ngx_http_lua_module/t/147-tcp-socket-timeouts.t +++ b/modules/ngx_http_lua_module/t/147-tcp-socket-timeouts.t @@ -17,6 +17,7 @@ BEGIN { } $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; + delete($ENV{TEST_NGINX_USE_HTTP2}); $ENV{MOCKEAGAIN_WRITE_TIMEOUT_PATTERN} = 'slowdata'; } diff --git a/modules/ngx_http_lua_module/t/151-initby-hup.t b/modules/ngx_http_lua_module/t/151-initby-hup.t index f2788670db..a37db9fe43 100644 --- a/modules/ngx_http_lua_module/t/151-initby-hup.t +++ b/modules/ngx_http_lua_module/t/151-initby-hup.t @@ -12,7 +12,7 @@ BEGIN { } } -use Test::Nginx::Socket::Lua 'no_plan'; +use Test::Nginx::Socket::Lua $SkipReason ? (skip_all => $SkipReason) : (); #worker_connections(1014); #master_on(); @@ -21,7 +21,7 @@ use Test::Nginx::Socket::Lua 'no_plan'; repeat_each(1); -#plan tests => repeat_each() * (blocks() * 3 + 3); +plan tests => repeat_each() * (blocks() * 3); #no_diff(); #no_long_string(); diff --git a/modules/ngx_http_lua_module/t/152-timer-every.t b/modules/ngx_http_lua_module/t/152-timer-every.t index 7b42d2d724..374e80e04b 100644 --- a/modules/ngx_http_lua_module/t/152-timer-every.t +++ b/modules/ngx_http_lua_module/t/152-timer-every.t @@ -224,6 +224,7 @@ registered timer === TEST 6: memory leak check +--- quic_max_idle_timeout: 8 --- config location /t { content_by_lua_block { diff --git a/modules/ngx_http_lua_module/t/153-semaphore-hup.t b/modules/ngx_http_lua_module/t/153-semaphore-hup.t index 5c271a48e7..496db6862e 100644 --- a/modules/ngx_http_lua_module/t/153-semaphore-hup.t +++ b/modules/ngx_http_lua_module/t/153-semaphore-hup.t @@ -104,6 +104,7 @@ run_tests(); __DATA__ === TEST 1: timer + reload +--- quic_max_idle_timeout: 1.1 --- config location /test { content_by_lua_block { @@ -129,6 +130,7 @@ created semaphore object === TEST 2: timer + reload (lua code cache off) +--- quic_max_idle_timeout: 1.1 --- http_config lua_code_cache off; --- config diff --git a/modules/ngx_http_lua_module/t/156-slow-network.t b/modules/ngx_http_lua_module/t/156-slow-network.t index 2d80506085..d5897fb33e 100644 --- a/modules/ngx_http_lua_module/t/156-slow-network.t +++ b/modules/ngx_http_lua_module/t/156-slow-network.t @@ -15,6 +15,7 @@ BEGIN { } $ENV{TEST_NGINX_EVENT_TYPE} = 'poll'; + delete($ENV{TEST_NGINX_USE_HTTP2}); } use Test::Nginx::Socket::Lua; diff --git a/modules/ngx_http_lua_module/t/157-socket-keepalive-hup.t b/modules/ngx_http_lua_module/t/157-socket-keepalive-hup.t index d9436b3b73..4ebf637a33 100644 --- a/modules/ngx_http_lua_module/t/157-socket-keepalive-hup.t +++ b/modules/ngx_http_lua_module/t/157-socket-keepalive-hup.t @@ -6,6 +6,10 @@ BEGIN { if ($ENV{TEST_NGINX_CHECK_LEAK}) { $SkipReason = "unavailable for the hup tests"; + } elsif (defined $ENV{TEST_NGINX_USE_HTTP3}) { + #os.execute("kill -HUP " .. pid) + $SkipReason = "send HUP relaod signal by self make two workers with same id"; + } else { $ENV{TEST_NGINX_USE_HUP} = 1; undef $ENV{TEST_NGINX_USE_STAP}; diff --git a/modules/ngx_http_lua_module/t/162-socket-tls-handshake.t b/modules/ngx_http_lua_module/t/162-socket-tls-handshake.t index 80fb2f9825..19ad67a749 100644 --- a/modules/ngx_http_lua_module/t/162-socket-tls-handshake.t +++ b/modules/ngx_http_lua_module/t/162-socket-tls-handshake.t @@ -63,7 +63,7 @@ run_tests(); __DATA__ -=== TEST 1: sanity: www.bing.com +=== TEST 1: sanity: www.google.com --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -86,7 +86,7 @@ __DATA__ local sock = ngx.socket.tcp() sock:settimeout(2000) - local ok, err = sock:connect("www.bing.com", 443) + local ok, err = sock:connect("www.google.com", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -102,7 +102,7 @@ __DATA__ ngx.say("ssl handshake: ", type(sess)) - local req = "GET / HTTP/1.1\r\nHost: www.bing.com\r\nConnection: close\r\n\r\n" + local req = "GET / HTTP/1.1\r\nHost: www.google.com\r\nConnection: close\r\n\r\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -131,7 +131,7 @@ GET /t --- response_body_like chop \Aconnected: 1 ssl handshake: cdata -sent http request: 57 bytes. +sent http request: 59 bytes. received: HTTP/1.1 (?:200 OK|302 Found) close: 1 nil \z diff --git a/modules/ngx_http_lua_module/t/162-static-module-location.t b/modules/ngx_http_lua_module/t/162-static-module-location.t index fde93c71ba..9f09dbe631 100644 --- a/modules/ngx_http_lua_module/t/162-static-module-location.t +++ b/modules/ngx_http_lua_module/t/162-static-module-location.t @@ -40,9 +40,11 @@ Location: %00%0A%0Dset-cookie:1234567/ Hello, world --- request GET /t/中文 +--- more_headers +host: localhost --- error_code: 301 --- response_headers_like -Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ +Location: https?:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ --- response_body_like .*301 Moved Permanently.* @@ -56,9 +58,11 @@ Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ Hello, world --- request GET /t/中文?q=name +--- more_headers +host: localhost --- error_code: 301 --- response_headers_like -Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/\?q=name +Location: https?:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/\?q=name --- response_body_like .*301 Moved Permanently.* @@ -72,9 +76,11 @@ Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/\?q=name Hello, world --- request GET /t/%E4%B8%AD%E6%96%87 +--- more_headers +host: localhost --- error_code: 301 --- response_headers_like -Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ +Location: https?:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ --- response_body_like .*301 Moved Permanently.* @@ -88,8 +94,10 @@ Location: http:\/\/localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/ Hello, world --- request GET /t/%E4%B8%AD%E6%96%87?q=name +--- more_headers +host: localhost --- error_code: 301 --- response_headers_like -Location: http://localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/\?q=name +Location: https?://localhost:\d+\/t\/%E4%B8%AD%E6%96%87\/\?q=name --- response_body_like .*301 Moved Permanently.* diff --git a/modules/ngx_http_lua_module/t/163-exit-worker-hup.t b/modules/ngx_http_lua_module/t/163-exit-worker-hup.t index a54d81db14..cd2e5ce649 100644 --- a/modules/ngx_http_lua_module/t/163-exit-worker-hup.t +++ b/modules/ngx_http_lua_module/t/163-exit-worker-hup.t @@ -6,6 +6,9 @@ BEGIN { if ($ENV{TEST_NGINX_CHECK_LEAK}) { $SkipReason = "unavailable for the hup tests"; + } elsif ($ENV{TEST_NGINX_USE_HTTP3}) { + $SkipReason = "http3 does not support hub reload"; + } else { $ENV{TEST_NGINX_USE_HUP} = 1; undef $ENV{TEST_NGINX_USE_STAP}; diff --git a/modules/ngx_http_lua_module/t/163-signal.t b/modules/ngx_http_lua_module/t/163-signal.t index 5a6b880b09..15f41e2200 100644 --- a/modules/ngx_http_lua_module/t/163-signal.t +++ b/modules/ngx_http_lua_module/t/163-signal.t @@ -38,6 +38,8 @@ GET /t qr/\[notice\] \d+#\d+: exit$/ --- no_error_log eval qr/\[notice\] \d+#\d+: reconfiguring/ +--- curl_error eval +qr/curl: \(28\) Operation timed out after \d+ milliseconds with 0 bytes received|curl: \(56\) Recv failure: Connection reset by peer|curl: \(55\) sendmsg\(\) returned -1 \(errno 111\)/ diff --git a/modules/ngx_http_lua_module/t/166-ssl-client-hello.t b/modules/ngx_http_lua_module/t/166-ssl-client-hello.t index 850a0d6550..a9d8ac8d2a 100644 --- a/modules/ngx_http_lua_module/t/166-ssl-client-hello.t +++ b/modules/ngx_http_lua_module/t/166-ssl-client-hello.t @@ -10,8 +10,10 @@ my $openssl_version = eval { `$NginxBinary -V 2>&1` }; if ($openssl_version =~ m/built with OpenSSL (0\S*|1\.0\S*|1\.1\.0\S*)/) { plan(skip_all => "too old OpenSSL, need 1.1.1, was $1"); +} elsif ($openssl_version =~ m/running with BoringSSL/) { + plan(skip_all => "does not support BoringSSL"); } else { - plan tests => repeat_each() * (blocks() * 6 + 6); + plan tests => repeat_each() * (blocks() * 6 + 8); } $ENV{TEST_NGINX_HTML_DIR} ||= html_dir(); @@ -456,7 +458,7 @@ received memc reply: OK === TEST 5: ngx.exit(0) - no yield --- http_config server { - listen 127.0.0.2:8080 ssl; + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; server_name test.com; ssl_client_hello_by_lua_block { ngx.exit(0) @@ -484,7 +486,7 @@ received memc reply: OK sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.2", 8080) + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") if not ok then ngx.say("failed to connect: ", err) return @@ -523,7 +525,7 @@ should never reached here === TEST 6: ngx.exit(ngx.ERROR) - no yield --- http_config server { - listen 127.0.0.2:8080 ssl; + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; server_name test.com; ssl_client_hello_by_lua_block { ngx.exit(ngx.ERROR) @@ -551,7 +553,7 @@ should never reached here sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.2", 8080) + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") if not ok then ngx.say("failed to connect: ", err) return @@ -593,7 +595,7 @@ should never reached here === TEST 7: ngx.exit(0) - yield --- http_config server { - listen 127.0.0.2:8080 ssl; + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; server_name test.com; ssl_client_hello_by_lua_block { ngx.sleep(0.001) @@ -623,7 +625,7 @@ should never reached here sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.2", 8080) + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") if not ok then ngx.say("failed to connect: ", err) return @@ -662,7 +664,7 @@ should never reached here === TEST 8: ngx.exit(ngx.ERROR) - yield --- http_config server { - listen 127.0.0.2:8080 ssl; + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; server_name test.com; ssl_client_hello_by_lua_block { ngx.sleep(0.001) @@ -692,7 +694,7 @@ should never reached here sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.2", 8080) + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") if not ok then ngx.say("failed to connect: ", err) return @@ -805,7 +807,7 @@ should never reached here === TEST 10: lua exception - yield --- http_config server { - listen 127.0.0.2:8080 ssl; + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; server_name test.com; ssl_client_hello_by_lua_block { ngx.sleep(0.001) @@ -834,7 +836,7 @@ should never reached here sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.2", 8080) + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") if not ok then ngx.say("failed to connect: ", err) return @@ -1741,6 +1743,7 @@ close: 1 nil ssl client hello by lua is running! [error] [alert] +--- skip_eval: 5:$ENV{TEST_NGINX_USE_HTTP3} @@ -2130,7 +2133,7 @@ ssl client hello by lua is running! lua_package_path "../lua-resty-core/lib/?.lua;;"; server { - listen 127.0.0.1:12345 ssl; + listen 127.0.0.1:12346 ssl; server_name test.com; ssl_client_hello_by_lua_block { @@ -2162,7 +2165,7 @@ ssl client hello by lua is running! sock:settimeout(2000) - local ok, err = sock:connect("127.0.0.1", 12345) + local ok, err = sock:connect("127.0.0.1", 12346) if not ok then ngx.say("failed to connect: ", err) return @@ -2565,3 +2568,72 @@ ssl handshake: cdata uthread: hello from f() uthread: killed uthread: failed to kill: already waited or killed + + + +=== TEST 30: ngx.exit(ngx.OK) - no yield +--- http_config + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name test.com; + ssl_client_hello_by_lua_block { + ngx.exit(ngx.OK) + ngx.log(ngx.ERR, "should never reached here...") + } + ssl_certificate ../../cert/test.crt; + ssl_certificate_key ../../cert/test.key; + + server_tokens off; + location /foo { + default_type 'text/plain'; + content_by_lua_block {ngx.status = 201 ngx.say("foo") ngx.exit(201)} + more_clear_headers Date; + } + } +--- config + server_tokens off; + lua_ssl_trusted_certificate ../../cert/test.crt; + lua_ssl_verify_depth 3; + + location /t { + content_by_lua_block { + do + local sock = ngx.socket.tcp() + + sock:settimeout(2000) + + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local sess, err = sock:sslhandshake(false, nil, true, false) + if not sess then + ngx.say("failed to do SSL handshake: ", err) + return + end + + ngx.say("ssl handshake: ", type(sess)) + end -- do + } + } + +--- request +GET /t +--- response_body +connected: 1 +ssl handshake: boolean + +--- error_log eval +[ +'lua_client_hello_by_lua: handler return value: 0, client hello cb exit code: 1', +qr/\[debug\] .*? SSL_do_handshake: 1/, +'lua exit with code 0', +] +--- no_error_log +should never reached here +[alert] +[emerg] diff --git a/modules/ngx_http_lua_module/t/166-worker-thread.t b/modules/ngx_http_lua_module/t/166-worker-thread.t index fd7fdd756e..925a060949 100644 --- a/modules/ngx_http_lua_module/t/166-worker-thread.t +++ b/modules/ngx_http_lua_module/t/166-worker-thread.t @@ -282,6 +282,8 @@ false : module 'hello' not found.* === TEST 10: the number of Lua VM exceeds the pool size +--- no_http2 +--- quic_max_idle_timeout: 5 --- main_config thread_pool testpool threads=100; --- http_config eval: $::HttpConfig @@ -359,6 +361,8 @@ GET /t === TEST 11: kill uthread before worker thread callback +--- no_http2 +--- quic_max_idle_timeout: 10 --- main_config thread_pool testpool threads=100; --- http_config eval: $::HttpConfig @@ -777,167 +781,7 @@ true : 'a\Zb\Z' -=== TEST 24: ngx.re.match ---- main_config - thread_pool testpool threads=100; ---- http_config eval - "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" ---- config -location /hello { - default_type 'text/plain'; - - content_by_lua_block { - local ok, a, b = ngx.run_worker_thread("testpool", "hello", "hello") - ngx.say(ok, " : ", a, " : ", b) - } -} ---- user_files ->>> hello.lua -local function hello() - local m, err = ngx.re.match("hello, 1234", "([0-9])[0-9]+") - return m[0], m[1] -end -return {hello=hello} ---- request -GET /hello ---- response_body -true : 1234 : 1 - - - -=== TEST 25: ngx.re.find ---- main_config - thread_pool testpool threads=100; ---- http_config eval - "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" ---- config -location /hello { - default_type 'text/plain'; - - content_by_lua_block { - local ok, a = ngx.run_worker_thread("testpool", "hello", "hello") - ngx.say(ok, " : ", a) - } -} ---- user_files ->>> hello.lua -local function hello() - local str = "hello, 1234" - local from, to = ngx.re.find(str, "([0-9])([0-9]+)", "jo", nil, 2) - if from then - return string.sub(str, from, to) - end -end -return {hello=hello} ---- request -GET /hello ---- response_body -true : 234 - - - -=== TEST 26: ngx.re.gmatch ---- main_config - thread_pool testpool threads=100; ---- http_config eval - "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" ---- config -location /hello { - default_type 'text/plain'; - - content_by_lua_block { - local ok, ret = ngx.run_worker_thread("testpool", "hello", "hello") - ngx.say(ok) - ngx.say(ret[1]) - ngx.say(ret[2]) - } -} ---- user_files ->>> hello.lua -local function hello() - local ret = {} - for m in ngx.re.gmatch("hello, world", "[a-z]+", "j") do - if m then - table.insert(ret, m[0]) - end - end - return ret -end -return {hello=hello} ---- request -GET /hello ---- response_body -true -hello -world - - - -=== TEST 27: ngx.re.sub ---- main_config - thread_pool testpool threads=100; ---- http_config eval - "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" ---- config -location /hello { - default_type 'text/plain'; - - content_by_lua_block { - local ok, a, b = ngx.run_worker_thread("testpool", "hello", "hello") - ngx.say(ok) - ngx.say(a) - ngx.say(b) - } -} ---- user_files ->>> hello.lua -local function hello() - local newstr, n = ngx.re.sub("hello, 1234", "[0-9]", "$$") - return newstr, n -end -return {hello=hello} ---- request -GET /hello ---- response_body -true -hello, $234 -1 - - - -=== TEST 28: ngx.re.gsub ---- main_config - thread_pool testpool threads=100; ---- http_config eval - "lua_package_path '$::HtmlDir/?.lua;./?.lua;;';" ---- config -location /hello { - default_type 'text/plain'; - - content_by_lua_block { - local ok, a, b = ngx.run_worker_thread("testpool", "hello", "hello") - ngx.say(ok) - ngx.say(a) - ngx.say(b) - } -} ---- user_files ->>> hello.lua -local function hello() - local newstr, n, err = ngx.re.gsub("hello, world", "([a-z])[a-z]+", "[$0,$1]", "i") - return newstr, n -end -return {hello=hello} ---- request -GET /hello ---- response_body -true -[hello,h], [world,w] -2 - - - -=== TEST 29: ngx.decode_base64 +=== TEST 24: ngx.decode_base64 --- main_config thread_pool testpool threads=100; --- http_config eval @@ -964,7 +808,7 @@ true : hello -=== TEST 30: ngx.crc32_short +=== TEST 25: ngx.crc32_short --- main_config thread_pool testpool threads=100; --- http_config eval @@ -991,7 +835,7 @@ true : 4289425978 -=== TEST 31: ngx.crc32_long +=== TEST 26: ngx.crc32_long --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1018,7 +862,7 @@ true : 4289425978 -=== TEST 32: ngx.md5_bin +=== TEST 27: ngx.md5_bin --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1049,7 +893,7 @@ true : 6c8349cc7260ae62e3b1396831a8398f -=== TEST 33: ngx.md5 +=== TEST 28: ngx.md5 --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1076,7 +920,7 @@ true : 5d41402abc4b2a76b9719d911017c592 -=== TEST 34: ngx.config.debug +=== TEST 29: ngx.config.debug --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1103,7 +947,7 @@ GET /hello -=== TEST 35: ngx.config.prefix +=== TEST 30: ngx.config.prefix --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1130,7 +974,7 @@ GET /hello -=== TEST 36: ngx.config.nginx_version +=== TEST 31: ngx.config.nginx_version --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1157,7 +1001,7 @@ GET /hello -=== TEST 37: ngx.config.nginx_configure +=== TEST 32: ngx.config.nginx_configure --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1184,7 +1028,7 @@ GET /hello -=== TEST 38: ngx.config.ngx_lua_version +=== TEST 33: ngx.config.ngx_lua_version --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1211,7 +1055,7 @@ GET /hello -=== TEST 39: write_log_file +=== TEST 34: write_log_file --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1249,7 +1093,7 @@ true -=== TEST 40: shdict get, int value +=== TEST 35: shdict get, int value --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1282,7 +1126,7 @@ true,8 -=== TEST 41: shdict set nil in main thread +=== TEST 36: shdict set nil in main thread --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1319,7 +1163,7 @@ true,nil -=== TEST 42: shdict set nil in worker thread +=== TEST 37: shdict set nil in worker thread --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1354,7 +1198,9 @@ true,nil -=== TEST 43: shdict get_stale +=== TEST 38: shdict get_stale +For http3: curl: (55) ngtcp2_conn_handle_expiry returned error: ERR_IDLE_CLOSE +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1388,7 +1234,7 @@ true,8 -=== TEST 44: shdict add failed +=== TEST 39: shdict add failed --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1422,7 +1268,7 @@ true,false,exists -=== TEST 45: shdict force add +=== TEST 40: shdict force add --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1458,7 +1304,7 @@ true,true,true,nil -=== TEST 46: shdict replace +=== TEST 41: shdict replace --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1493,7 +1339,7 @@ true,true,nil,8 -=== TEST 47: shdict replace not found +=== TEST 42: shdict replace not found --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1526,7 +1372,7 @@ true,false,not found -=== TEST 48: shdict incr +=== TEST 43: shdict incr --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1560,7 +1406,7 @@ true,9,nil,9 -=== TEST 49: shdict lpush lpop +=== TEST 44: shdict lpush lpop --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1596,7 +1442,7 @@ true,9,2,nil,7 -=== TEST 50: shdict expire ttl +=== TEST 45: shdict expire ttl --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1630,7 +1476,7 @@ true,true,nil,true -=== TEST 51: shdict flush_all +=== TEST 46: shdict flush_all --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1664,7 +1510,7 @@ true,nil,nil -=== TEST 52: shdict get_keys +=== TEST 47: shdict get_keys --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1698,7 +1544,7 @@ true,Jim:King -=== TEST 53: unsupported argument type in self-reference table +=== TEST 48: unsupported argument type in self-reference table --- main_config thread_pool testpool threads=100; --- http_config eval @@ -1727,7 +1573,7 @@ false , suspicious circular references, table depth exceed max depth: 100 in the -=== TEST 54: unsupported argument type in circular-reference table +=== TEST 49: unsupported argument type in circular-reference table --- main_config thread_pool testpool threads=100; --- http_config eval diff --git a/modules/ngx_http_lua_module/t/167-server-rewrite.t b/modules/ngx_http_lua_module/t/167-server-rewrite.t index 152c5ce35d..6aea288ef8 100644 --- a/modules/ngx_http_lua_module/t/167-server-rewrite.t +++ b/modules/ngx_http_lua_module/t/167-server-rewrite.t @@ -79,7 +79,8 @@ server_rewrite_by_lua_block in server } --- request GET /lua ---- raw_response_headers_like: Location: /foo\r\n +--- raw_response_headers_like eval +qr{[Ll]ocation: /foo\r\n} --- response_body_like: 302 Found --- error_code: 302 --- no_error_log @@ -198,6 +199,7 @@ delete thread 1 --- ignore_response --- no_error_log [error] +--- skip_eval: 2:$ENV{TEST_NGINX_USE_HTTP3} diff --git a/modules/ngx_http_lua_module/t/186-cosocket-busy-bufs.t b/modules/ngx_http_lua_module/t/186-cosocket-busy-bufs.t index e50f62d9ee..7439443761 100644 --- a/modules/ngx_http_lua_module/t/186-cosocket-busy-bufs.t +++ b/modules/ngx_http_lua_module/t/186-cosocket-busy-bufs.t @@ -1,10 +1,20 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket 'no_plan'; + +use Test::Nginx::Socket; use Test::Nginx::Socket::Lua::Stream; log_level('warn'); repeat_each(2); + +if (defined $ENV{TEST_NGINX_USE_HTTP3}) { + plan(skip_all => "HTTP3 does not support client abort"); +} elsif (defined $ENV{TEST_NGINX_USE_HTTP2}) { + plan(skip_all => "HTTP2 does not support client abort"); +} else { + plan tests => repeat_each() * (blocks() * 2); +} + run_tests(); __DATA__ diff --git a/modules/ngx_http_lua_module/t/187-ssl-two-verification.t b/modules/ngx_http_lua_module/t/187-ssl-two-verification.t new file mode 100644 index 0000000000..312847252c --- /dev/null +++ b/modules/ngx_http_lua_module/t/187-ssl-two-verification.t @@ -0,0 +1,145 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: + +use Test::Nginx::Socket::Lua; + +repeat_each(3); + +# All these tests need to have new openssl +my $NginxBinary = $ENV{'TEST_NGINX_BINARY'} || 'nginx'; +my $openssl_version = eval { `$NginxBinary -V 2>&1` }; + +if ($openssl_version =~ m/built with OpenSSL (0\S*|1\.0\S*|1\.1\.0\S*)/) { + plan(skip_all => "too old OpenSSL, need 1.1.1, was $1"); +} elsif ($openssl_version =~ m/running with BoringSSL/) { + plan(skip_all => "does not support BoringSSL"); +} else { + plan tests => repeat_each() * (blocks() * 7); +} + +$ENV{TEST_NGINX_HTML_DIR} ||= html_dir(); +$ENV{TEST_NGINX_MEMCACHED_PORT} ||= 11211; + +#log_level 'warn'; +log_level 'debug'; + +no_long_string(); +#no_diff(); + +run_tests(); + +__DATA__ + +=== TEST 1: simple logging +--- http_config + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + #listen 127.0.0.1:4433 ssl; + server_name test.com; + ssl_client_hello_by_lua_block { print("ssl client hello by lua is running!") } + ssl_certificate ../../cert/test.crt; + ssl_certificate_key ../../cert/test.key; + #ssl_trusted_certificate ../../cert/test.crt; + ssl_client_certificate ../../cert/test.crt; + ssl_verify_client on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + + server_tokens off; + location /foo { + default_type 'text/plain'; + content_by_lua_block { ngx.status = 201 ngx.say("foo") ngx.exit(201) } + log_by_lua_block { + ngx.log(ngx.INFO, "ssl_client_s_dn: ", ngx.var.ssl_client_s_dn) + } + more_clear_headers Date; + } + } +--- config + server_tokens off; + lua_ssl_certificate ../../cert/test.crt; + lua_ssl_certificate_key ../../cert/test.key; + lua_ssl_trusted_certificate ../../cert/test.crt; + + location /t { + content_by_lua_block { + do + local sock = ngx.socket.tcp() + + sock:settimeout(2000) + + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") + -- local ok, err = sock:connect("127.0.0.1", 4433) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local sess, err = sock:sslhandshake(nil, "test.com", true) + if not sess then + ngx.say("failed to do SSL handshake: ", err) + return + end + + ngx.say("ssl handshake: ", type(sess)) + + local req = "GET /foo HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n" + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send http request: ", err) + return + end + + ngx.say("sent http request: ", bytes, " bytes.") + + while true do + local line, err = sock:receive() + if not line then + -- ngx.say("failed to receive response status line: ", err) + break + end + + ngx.say("received: ", line) + end + + local ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + end -- do + -- collectgarbage() + } + } + +--- request +GET /t +--- response_body +connected: 1 +ssl handshake: cdata +sent http request: 56 bytes. +received: HTTP/1.1 201 Created +received: Server: nginx +received: Content-Type: text/plain +received: Content-Length: 4 +received: Connection: close +received: +received: foo +close: 1 nil + +--- error_log +lua ssl server name: "test.com" +ssl_client_s_dn: emailAddress=agentzh@gmail.com,CN=test.com,OU=OpenResty,O=OpenResty,L=San Francisco,ST=California,C=US + +--- no_error_log +[error] +[alert] +--- grep_error_log eval: qr/ssl_client_hello_by_lua\(.*?,|\bssl client hello: connection reusable: \d+|\breusable connection: \d+/ +--- grep_error_log_out eval +# Since nginx version 1.17.9, nginx call ngx_reusable_connection(c, 0) +# before call ssl callback function +$Test::Nginx::Util::NginxVersion >= 1.017009 ? +qr/reusable connection: 0 +ssl client hello: connection reusable: 0 +ssl_client_hello_by_lua\(nginx.conf:\d+\):1: ssl client hello by lua is running!,/ +: qr /reusable connection: 1 +ssl client hello: connection reusable: 1 +reusable connection: 0 +ssl_client_hello_by_lua\(nginx.conf:\d+\):1: ssl client hello by lua is running!,/ diff --git a/modules/ngx_http_lua_module/t/cert/http3/http3.crt b/modules/ngx_http_lua_module/t/cert/http3/http3.crt new file mode 100644 index 0000000000..8683f41adf --- /dev/null +++ b/modules/ngx_http_lua_module/t/cert/http3/http3.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFCTCCAvGgAwIBAgIUHLeNm7JwH368JWXBYJ1Dv+xcL6kwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMTEwNTA2NTQxNVoXDTQxMDEw +NDA2NTQxNVowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEAx5/M18tKWKfacgldf9gBguTdLA3JWiblRWM/38fSZGKL +Mcb1vLErY/qQyLYxoLKBht0FUZAEZ08y/iheYFZT7H082b8bNvwY+v6bScOQOvcX +hkTWNlSQORDH4qIFxVXq0soXga+0ukSZ2RQRcCUWeKUaZwhGCYNIj04/FB9Lef95 +Ku7LkNauTBmRGIwXgQWhfnoPM21o9D9i54R9L2RHU7fGeTGhiS0nCe1nPPB7KBgO +s9rBHMXV9qHxCNMWWiVNsMX049S7aD9yvRrV7NAHssVQdaRR234IPJxb7BYSUPi8 +5U+8l43Ornd+cY/R/sXDQluFidlnZvHT+akdy0ObWDK0lMUweDWvFVLY3ZvMvsGR +rQE8RR5/fy83y7w//0734EBk4ttEzlilmjA8UvnumOpK0UYaW8LkikvxB+48e89s +NOEKZf3Mfw/fDRz0tO+cr4cIgUPQ4ru6KNVnGH/ZiD97AVMPXJO9nPOUIRVH9aXM +wC74CSt5idWOwpTKy+sLg7anM235NvZ9bTiS+V5CTzBlqL/wKzEI0Injds3kBc1a +Y8Lk/cIdNhuwlN01fYluA8XyB3DWoeQYbySEoHC5ksvaFLBM3yPomWrmyM5lJrj5 +QbWa46b0bONJQ2qmrQa5KREVvDthHQvKELsabHX1qbCShSxoG45aclqpmKy2AjcC +AwEAAaNTMFEwHQYDVR0OBBYEFA2T9Sgv31hCl3INL5MB++NrMu0iMB8GA1UdIwQY +MBaAFA2T9Sgv31hCl3INL5MB++NrMu0iMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggIBAJdxtUq4T/sh5Ww7pMOB4+JF5zsxEBpZiFMzT2hYZ+6a2mYh +UTy7ff1lNfNl0BfslaOD404Qt0SSgI2TByLs838/sKpVk+QePcw6kl6IFIPERUBO +uxq/+QXqsDHOXb6m4qpEBmrknUa65dThdUw5r4sHo0XD2l/y2/zEZtd4e3ZGAWts +spdjPBk4UHPtG3p29eY/8ehw+zDXuWG4nlJYjn+6PRnLhvpgt2/E/Wr9PeYcv3IC +UgavxXVtk9fnclg8BuKlnZYki7txn8+F9Rh03CVVZ9R16Q/aVALI2iTs8T4gCt7Z +eexfLGfBkLBkLvpL7wpzxNsvOC2b5bJZCDUTprLVmdpmMQu75qLg1mOfubMo983H +8G91V4XOokRoCRub/SLKA16/gpEwnE2aDsVMUVSxwpRu2Rjw4GpzbCNAHUzmblrh +zYMSAsEuTcsZEAdZQrzmhGc1Yg5Q88V4o+qyywzkgd86O65QUozhnkCs+eS9ikMV +cPLXoW5SDIsrrcoTR6bH5MdDjS7ILKUUC5+x0qo6EhK94Fx49TkRBNIYk3o0fG7j +o/0YvozXjqTRnodYegL4LKoGZyfL4qbuh3t8ZGQ/Z0ECmvjcmJzPyObIiMe2InT3 +GRY+ypPTyeiumjHFFVO0zx+DAv+HFPtq1XaygWvxKY1DTP6FNN0BzQdzAgKm +-----END CERTIFICATE----- diff --git a/modules/ngx_http_lua_module/t/cert/http3/http3.key b/modules/ngx_http_lua_module/t/cert/http3/http3.key new file mode 100644 index 0000000000..5825540f58 --- /dev/null +++ b/modules/ngx_http_lua_module/t/cert/http3/http3.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDHn8zXy0pYp9py +CV1/2AGC5N0sDclaJuVFYz/fx9JkYosxxvW8sStj+pDItjGgsoGG3QVRkARnTzL+ +KF5gVlPsfTzZvxs2/Bj6/ptJw5A69xeGRNY2VJA5EMfiogXFVerSyheBr7S6RJnZ +FBFwJRZ4pRpnCEYJg0iPTj8UH0t5/3kq7suQ1q5MGZEYjBeBBaF+eg8zbWj0P2Ln +hH0vZEdTt8Z5MaGJLScJ7Wc88HsoGA6z2sEcxdX2ofEI0xZaJU2wxfTj1LtoP3K9 +GtXs0AeyxVB1pFHbfgg8nFvsFhJQ+LzlT7yXjc6ud35xj9H+xcNCW4WJ2Wdm8dP5 +qR3LQ5tYMrSUxTB4Na8VUtjdm8y+wZGtATxFHn9/LzfLvD//TvfgQGTi20TOWKWa +MDxS+e6Y6krRRhpbwuSKS/EH7jx7z2w04Qpl/cx/D98NHPS075yvhwiBQ9Diu7oo +1WcYf9mIP3sBUw9ck72c85QhFUf1pczALvgJK3mJ1Y7ClMrL6wuDtqczbfk29n1t +OJL5XkJPMGWov/ArMQjQieN2zeQFzVpjwuT9wh02G7CU3TV9iW4DxfIHcNah5Bhv +JISgcLmSy9oUsEzfI+iZaubIzmUmuPlBtZrjpvRs40lDaqatBrkpERW8O2EdC8oQ +uxpsdfWpsJKFLGgbjlpyWqmYrLYCNwIDAQABAoICAENb1qESRbn4matVIamb15a1 +ZzQQStsSuNZbERiPspyQ6+sV+aF8HuoTiHtRjxlsYmyBc+P7tqCthsVgFchoGNV5 +xOispaA+HKfE9d1EEgzzh4qU+7tFeYzn7qq4hT37KcuKybfG9DLOJyOqs9+lhBmd +jHUrw4Y+OGOywXImxS8bV2V3QlVTO2kOT3l6/AtbPQ0SXsK5rmqMYPFCMYOmULMd +FembJ6jEBaJB604Sz1vOElf5/qOY1gPszQpvP+GXKMn3YhTmmX4puqu4vGq2H4Lh +Na8cjUqFEn5xPEtDf1a3N/Ygm8B/5zfTtmTXZMKVNLfVbg//vfZsr1xVBmqqG2Zk +PUxZ9pyRn25zAYIgIC6DBgmM32S5Zl0axeoWIHdgOTAOwqLLF/ZFozdVSN+skJhl +q1ndTw+MmVHi19HDUt8YfIICn8g+Dw9NRdX+VjXrRMBweCL41JzHzP6YKo73VJty +WIVt/LwH2sxdGH0QeP6+Dajel3/ouXAcS31ZpeWZ0QUfa5I0DOn50mvZSuaC0m7Z +baHBGqawq9EKdjbU5WN6popOCWCx23BZDorKmPGBQ4x54LxfUeet0HAYjsvzUZ0q +a/AC6pMMHUjG4i5dPhOAhjxkpwfhLjIBTC8VrelGfap50Mlst5InCjClUsSKg43w +tsRg0HQflxYsPXUGtBqxAoIBAQD29Q6gPNsd7JMzmVzK7fy5YaKq7aI/vOU/tp7U +LQqhBfsy70U3UNsclsQQ/1RG2cgpFVctlpE8ITpFqSlUDRtlvrK9NaIPEYBV84Xn +bWPqFjGiRowuXiCR8axbPnsEquO2+VHNuVD/PsCocvbpqtpbfEGmcuyWiO4uFMyW +beOcRxEsn3U7ABZGDIhxYjpmkiVMu1pRjj+ddqtNMia398K86c3ETRg+zrHnpzio +kuhxv6TjtnXT1ibI0yKzdQ5sKpa3DYUN/wJgeFVHsSuCZjCzufcMdjCjG3kTTljT +FrMbweISSTJNs6KsbCqzmc6dmpwuU1ySX07F9sgdJ/7lBCXTAoIBAQDO7wy9Zr8C +Ridte1EaMP04OSfqc2Jha/U2te47R1VDyHKzpFHvHwWHqFng6J181M9iubUsh/63 +d12uyjZoToMgT7AJ7PMwbEKJbMxpIjqF7Dp1aM11TjRq0mQbZ3wkeuYdK7jYc92j +X4hF+tJpCYo/0lMA0UFYhMyUPbi33xqlJKLghVncBYmKHluf3k0g73eRg4MGlYHG +tZ5qVdgwFTztpBb4ySJMOYmjb/OoYPdfoLC8P4ZoHiax4MU30R8b/oGCmYzwOsMC +dNz9dZgeCFo3+lrzMUnIh3y+YcGo2JJ9ZW1LxGvEIU0aEQ7mSPV8k7m3QiH2MiPQ +P0t17w1hQP+NAoIBAHJch1pi9CGGZaB2e8cpsGf0s8yt4P3dLthzbFfbR9nLmEk9 +DnOQSPeTRdaNNuzce1mzHTzqRfVvebm6nX3j1/Uk+0atqI+Lzj9/V1oViThk8LUy +MEZkpnaPUP6sD3HY5TzddilrkPuyhqs7GeaZjSbigtBe1frcDFhgn2FmIApFysk8 +SqB46NelhCXllB/du9ItzKSJ2CHGS4ujFtUIsjCjoPsvrHOhajdZc950sZnDYstk +umnP+QP06lPqeDRVAJhidWRG3EXqU6uwevKW+iSwkJw/u0Q9O7NaC74s++J1xYgs +R1Q+RK3OJXQoXMsVRxAY4HyUEDmSj5cY52wMoKsCggEAQMXu9PJOY8XV3Z02G76t +5IVviyGm79u9G+0Cryd69watcLHEu9a4AmieCZqGgWaTq9F5doDzKDaC6o19TlUV +Em4fKlwzGzsn8KBPs7D1JKp2+f1eIpPiMHW+xB02bKzTjtn6uDY8cEEdBNqoNhy4 +W5XYSW82xyB6cQSI53U8f+jh2umi4Q4SqVsrTvVkqySKBtBlmQ//WVXMSniofRSI +x9IPJry+saFpBfGrEU+Y3yQLbkFsLvcRIai70ubwl/CoVVr/FMsv83rlGalPfkcb +Bl6lTW5mLBDM6ULsPY/c+sde2NKY8QGDgt9IDKlVvjL3dPeMbeXv8+V8F2RGieSw +mQKCAQEA1n4t4CLKZMWZ4oonBEp8u9rjK23ObCSxANsfoIw94v2zHTFqLraFg9aH +s+DIc6M/XWX+Ie55v1QuYt8LrMtc9/rtOJdISybAtnheSqjQ+IkTEvBab/8pqhYg +Jhv/RxmBnCLwiIzRGVpxv9/5bbKXq1JKgdQKO3RBG53lcFFMO1O5srhKqj2KgAHv +XCQxBmtj83e6gp6hvUOU4YC2aKyL9QqNVndGzPJikEguyvJPUFw6RoB0StVQnzLY +UOgIH+8VTjzL90nQ/JitVT8uGdw1Ge5xJfCXDe/PEYpDsY65DKPrIMWFeQs6T/Mb +nvNeBReQOuYYpcCc2GM96RMUz3iyoA== +-----END PRIVATE KEY----- diff --git a/modules/ngx_http_lua_module/t/cert/test.crl b/modules/ngx_http_lua_module/t/cert/test.crl index 098fd54bf9..0abfa77ac2 100644 --- a/modules/ngx_http_lua_module/t/cert/test.crl +++ b/modules/ngx_http_lua_module/t/cert/test.crl @@ -1,11 +1,14 @@ -----BEGIN X509 CRL----- -MIIBjzCB+QIBATANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMCVVMxEzARBgNV -BAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEjAQBgNVBAoM -CU9wZW5SZXN0eTESMBAGA1UECwwJT3BlblJlc3R5MREwDwYDVQQDDAh0ZXN0LmNv -bTEgMB4GCSqGSIb3DQEJARYRYWdlbnR6aEBnbWFpbC5jb20XDTE0MDcyMTIxNDEy -MloXDTE0MDgyMDIxNDEyMlowHDAaAgkApQ5tVpK3luIXDTE0MDcyMTIxNDEwMlqg -DzANMAsGA1UdFAQEAgIQATANBgkqhkiG9w0BAQUFAAOBgQBDZ6UY0Qg7qDoLrXXl -gJElFilZ7LiKPqjE3+Rfx7XkgdbPxjGCr77TfMm+smdvawk7WHv1AOvRH7kGrgGT -kGJZwqJ4vKa/NpEWJIMAZ1Gq9BIH/Ig6ffmPk+S9ozcVHKJDW7x4nMuotyj1hILN -EePv78DZCYMZgf8WwMElNgz6Hw== +MIICGzCCAQMCAQEwDQYJKoZIhvcNAQELBQAwgZcxCzAJBgNVBAYTAlVTMRMwEQYD +VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRIwEAYDVQQK +DAlPcGVuUmVzdHkxEjAQBgNVBAsMCU9wZW5SZXN0eTERMA8GA1UEAwwIdGVzdC5j +b20xIDAeBgkqhkiG9w0BCQEWEWFnZW50emhAZ21haWwuY29tFw0yMzEwMDYwNjM4 +MzlaFw0zMTEyMjMwNjM4MzlaMCcwJQIUImcuJ8MJpeNhvYBEoEGGz5oCBg4XDTIz +MTAwNjA2MjkyNVqgDjAMMAoGA1UdFAQDAgEEMA0GCSqGSIb3DQEBCwUAA4IBAQBj +FciorrAuXxn1ULW0XJ7PElwTxZtBrb838EHYvkZ5OdT5tZcucYR6XTZpfT1Up/Px +rC9EZ1/aZ0wSQfYEQuctafyVCJoPN71IV9IWpPTWm8JyEvnE1W3SgHJujItanyZ3 +aMDihljxV9eKyEQnZPQZkaOjAKhj8d2/XZLQ3uIrjWy+/OxcaBQK4a8bDoSM3GZT +J6YCD2UBVYKSiROMZZAj3m1thLAGm1RM7A6vjEcH7rPyoxhok5SdxXH5ERY94/ro +McjNCv6zV8/Ue5/+ajz5pu/48T901mlIicHry8uImJvlnqAXlH8ReJ+hiSfGhbZ5 +WYNf0wN81NXwTxPIb+v2 -----END X509 CRL----- diff --git a/modules/ngx_http_lua_module/t/cert/test.crt b/modules/ngx_http_lua_module/t/cert/test.crt index a69a01141a..9fed1bc3b4 100644 --- a/modules/ngx_http_lua_module/t/cert/test.crt +++ b/modules/ngx_http_lua_module/t/cert/test.crt @@ -1,17 +1,22 @@ -----BEGIN CERTIFICATE----- -MIICqTCCAhICCQClDm1WkreW4jANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMC -VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x -EjAQBgNVBAoMCU9wZW5SZXN0eTESMBAGA1UECwwJT3BlblJlc3R5MREwDwYDVQQD -DAh0ZXN0LmNvbTEgMB4GCSqGSIb3DQEJARYRYWdlbnR6aEBnbWFpbC5jb20wIBcN -MTQwNzIxMDMyMzQ3WhgPMjE1MTA2MTMwMzIzNDdaMIGXMQswCQYDVQQGEwJVUzET -MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzESMBAG -A1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVzdHkxETAPBgNVBAMMCHRl -c3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdtYWlsLmNvbTCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEA6P18zUvtmaKQK2xePy8ZbFwSyTLw+jW6t9eZ -aiTec8X3ibN9WemrxHzkTRikxP3cAQoITRuZiQvF4Q7DO6wMkz/b0zwfgX5uedGq -047AJP6n/mwlDOjGSNomBLoXQzo7tVe60ikEm3ZyDUqnJPJMt3hImO5XSop4MPMu -Za9WhFcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQA4OBb9bOyWB1//93nSXX1mdENZ -IQeyTK0Dd6My76lnZxnZ4hTWrvvd0b17KLDU6JnS2N5ee3ATVkojPidRLWLIhnh5 -0eXrcKalbO2Ce6nShoFvQCQKXN2Txmq2vO/Mud2bHAWwJALg+qi1Iih/gVYB9sct -FLg8zFOzRlYiU+6Mmw== +MIIDtzCCAp8CFCJnLifDCaXjYb2ARKBBhs+aAgYOMA0GCSqGSIb3DQEBCwUAMIGX +MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu +IEZyYW5jaXNjbzESMBAGA1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVz +dHkxETAPBgNVBAMMCHRlc3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdt +YWlsLmNvbTAeFw0yMzA5MDUwNDE5MjhaFw0zMzA5MDIwNDE5MjhaMIGXMQswCQYD +VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j +aXNjbzESMBAGA1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVzdHkxETAP +BgNVBAMMCHRlc3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdtYWlsLmNv +bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzRMFoLDuYOwJ8szrS4 +nOibtiimiXZJGx3I/RcFZxaH4nL/WcEb1fwftMQxx73IBJnqnDYkDOzUmzItPMn0 +t2WrNYesC5GqLNRm87m6PVt010tZvq/WxTn6+9qruiGm1PhFxzLQfrClpEeOshlG +UeoQjPOMrhCmofDM2NQo3D4wIQT0kCJxIPq6wCZt22/Yqz1EmR0UnF/R3ZtiB8O+ +SQGcsUKy4se3919xq+ZkzBdMxLneO5sofUiDC9MgRfiU960tbHPGX9I9P+kLK89S +yajPEYaRUkSBFjV5kdDK3+L6XckdMbY2pvwhAnVXSmd13Bf2V9XisUrX2Mr4YlnS +sy0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVPY/z6Mvjg5EGHzU8bXyuXqxrx8Q +GBwf3PY25aDF6ofRrTCzMdIhthv8eRtGwHinkpgaK34D7hI/dPB7aswQTzED5c+l +S2au5OzzCj454oXdhSRA5Rt0mu/+pxmQ+iNk+7XJxgTN0mk1dYQqodyZ+vC4NIYb +javMlU4zDm4JPtwDs0Mz/d7gf14MU60jppF2vl6AYFHKYBLMHBmqxjy6H9YHjRjQ +oe4TNpn0zxJAPu5LqMkfB2+eLOe6ced7DcLLbbeVJ4Xtqj6Y5KsAyVojWQxrk4vW +3WO/953pHofO5F2ricS/rsf+5ivTmfiP8mQYTtp7k3T11sIZ4DOmtNwO4A== -----END CERTIFICATE----- diff --git a/modules/ngx_http_lua_module/t/cert/test.key b/modules/ngx_http_lua_module/t/cert/test.key index 6c13527117..4c8c905b2f 100644 --- a/modules/ngx_http_lua_module/t/cert/test.key +++ b/modules/ngx_http_lua_module/t/cert/test.key @@ -1,15 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDo/XzNS+2ZopArbF4/LxlsXBLJMvD6Nbq315lqJN5zxfeJs31Z -6avEfORNGKTE/dwBCghNG5mJC8XhDsM7rAyTP9vTPB+Bfm550arTjsAk/qf+bCUM -6MZI2iYEuhdDOju1V7rSKQSbdnINSqck8ky3eEiY7ldKingw8y5lr1aEVwIDAQAB -AoGBANgB66sKMga2SKN5nQdHS3LDCkevCutu1OWM5ZcbB4Kej5kC57xsf+tzPtab -emeIVGhCPOAALqB4YcT+QtMX967oM1MjcFbtH7si5oq6UYyp3i0G9Si6jIoVHz3+ -8yOUaqwKbK+bRX8VS0YsHZmBsPK5ryN50iUwsU08nemoA94BAkEA9GS9Q5OPeFkM -tFxsIQ1f2FSsZAuN/1cpZgJqY+YaAN7MSPGTWyfd7nWG/Zgk3GO9/2ihh4gww+7B -To09GkmW4QJBAPQOHC2V+t2TA98+6Lj6+TYwcGEkhOENfVpH25mQ+kXgF/1Bd6rA -nosT1bdAY+SnmWXbSw6Kv5C20Em+bEX8WjcCQCSRRjhsRdVODbaW9Z7kb2jhEoJN -sEt6cTlQNzcHYPCsZYisjM3g4zYg47fiIfHQAsfKkhDDcfh/KvFj9LaQOEECQQCH -eBWYEDpSJ7rsfqT7mQQgWj7nDThdG/nK1TxGP71McBmg0Gg2dfkLRhVJRQqt74Is -kc9V4Rp4n6F6baL4Lh19AkEA6pZZer0kg3Kv9hjhaITIKUYdfIp9vYnDRWbQlBmR -atV8V9u9q2ETZvqfHpN+9Lu6NYR4yXIEIRf1bnIZ/mr9eQ== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCc0TBaCw7mDsCf +LM60uJzom7Yopol2SRsdyP0XBWcWh+Jy/1nBG9X8H7TEMce9yASZ6pw2JAzs1Jsy +LTzJ9LdlqzWHrAuRqizUZvO5uj1bdNdLWb6v1sU5+vvaq7ohptT4Rccy0H6wpaRH +jrIZRlHqEIzzjK4QpqHwzNjUKNw+MCEE9JAicSD6usAmbdtv2Ks9RJkdFJxf0d2b +YgfDvkkBnLFCsuLHt/dfcavmZMwXTMS53jubKH1IgwvTIEX4lPetLWxzxl/SPT/p +CyvPUsmozxGGkVJEgRY1eZHQyt/i+l3JHTG2Nqb8IQJ1V0pnddwX9lfV4rFK19jK ++GJZ0rMtAgMBAAECggEABjaOkcllis1o/yrVZMPPabLpAHV6tZ5MuKfNiUOMSPr+ +HfF1OFQL7MxCdfyFQ1prqOp/9nAut+puMgp99wAfDQ7qanNGq7vgQKkfPSD+dy4V +rUquELBJH6nh9SZqfpSqKaJgHlNe6vehHuRYikJRkrJwVzegGjuekm3B+y6Zl/gc +e0p5Ha3MTLTFjocwYzgTjJlxD40wlbjpuVnmzKjo8AKNv1F1azMaqBmt1VfPiDn0 +Xyq4SPEsWKnEAl2kZdaIBR6zIx7Z3zNUwkfb32QwNoSyo8wS7lCgf2GVS7r1Eul6 +iiCE/Gd7w10alW4Pu96shVqkvKn7ROF2nBP9xOSPwQKBgQDCuD6mlNpA07iOX364 +aAzIAYookceVA0I9L/fbOQW7RgpvYpM8lxr31TQ3fBDkXSgjzMMYjnk4kz+xN+BB +WFdjb4raUBtrvip8Q8QZ53DVQK/LodHh0XhipbOxZrDm+6o5nQD0fTqHCBIHSVFF +tXX2Y90t1cxWMMleRhfNEuzkQQKBgQDOK0rs7mf04Xhc4ZIRIxOtNFnthGp4Kqp7 +SD8VQpbPOLV8iqZEtXIy/hvoTpfQW30c1931KgDQ3Pv5MZYpI7PLqrqkj4tGCQ91 +DJ03GWkSXcMwlPmJRbvgWIeCLgShU5PLxmQu3mH2DP+uGFUBq5/6miDDVjF9z6vb +BwYlG66j7QKBgA0n/bOrowN2SqXz9c/n19U7pWYQU3fR/Iu9zfVV6Pk6RkI4WtJh +M0VDdn+5Njr3wFqK3zOtjKsx57/FkrVXjq/9PVh6yR+CfcRfn8RQSuNdt4L+r/ud +95BSuc1mrtUsc9for8PVIjs1ZGJxpbgcBphbLvqF04SPT0u7WKhWewMBAoGAcJO/ +RAUiitsbaExcADORKQDvIf0uThOuJ8dZevhzdQ/YOftTsy0JAMM05fMUfteWR8uw +DZE0BNjGVlo3TpuKL+o4JGele0azRAzxRAcCEt9UGBEg+U40utpclD8glB8ZEypv +xg/0mfCbJKtwr4rRvnuu7DsCp1pg0ybQui6VfDkCgYBXHwcrZwmv7kgr4pUG6oZj +fzjFenQFqibvb2h7QESyCW13O885GxU13DKv4zg1yi6EqPIopz16qCiUNCvWr5Us +6sI74wEVI3MzmzG0Htgl29q5yWpeY+7libC/fbZYG8GFgdINq58ko9be1u/8644S +t2hoKM9/vrVFh9p9qGzckg== +-----END PRIVATE KEY----- diff --git a/modules/ngx_http_lua_module/util/build-with-dd.sh b/modules/ngx_http_lua_module/util/build-with-dd.sh index 41ecc72685..a56a89119b 100755 --- a/modules/ngx_http_lua_module/util/build-with-dd.sh +++ b/modules/ngx_http_lua_module/util/build-with-dd.sh @@ -12,12 +12,30 @@ force=$2 add_fake_shm_module="--add-module=$root/t/data/fake-shm-module" +add_http3_module=--with-http_v3_module +answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +if [ "$OPENSSL_VER" = "1.1.0l" ] || [ "$answer" = "N" ]; then + add_http3_module="" +fi + +disable_pcre2=--without-pcre2 +answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" +fi +if [ "$USE_PCRE2" = "Y" ]; then + PCRE_INC=$PCRE2_INC + PCRE_LIB=$PCRE2_LIB +fi + time ngx-build $force $version \ --with-threads \ --with-pcre-jit \ + $disable_pcre2 \ --with-ipv6 \ --with-cc-opt="-DNGX_LUA_USE_ASSERT -I$PCRE_INC -I$OPENSSL_INC -DDDEBUG=1" \ --with-http_v2_module \ + $add_http3_module \ --with-http_realip_module \ --with-http_ssl_module \ --add-module=$root/../ndk-nginx-module \ diff --git a/modules/ngx_http_lua_module/util/build-without-ssl.sh b/modules/ngx_http_lua_module/util/build-without-ssl.sh index 906be75706..c52d5873f6 100755 --- a/modules/ngx_http_lua_module/util/build-without-ssl.sh +++ b/modules/ngx_http_lua_module/util/build-without-ssl.sh @@ -24,9 +24,20 @@ force=$2 add_fake_shm_module="--add-module=$root/t/data/fake-shm-module" +disable_pcre2=--without-pcre2 +answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" +fi +if [ "$USE_PCRE2" = "Y" ]; then + PCRE_INC=$PCRE2_INC + PCRE_LIB=$PCRE2_LIB +fi + time ngx-build $force $version \ --with-threads \ --with-pcre-jit \ + $disable_pcre2 \ --with-ipv6 \ --with-cc-opt="-DNGX_LUA_USE_ASSERT -I$PCRE_INC" \ --with-http_v2_module \ diff --git a/modules/ngx_http_lua_module/util/build.sh b/modules/ngx_http_lua_module/util/build.sh index 713b8482d3..41896f2c7e 100755 --- a/modules/ngx_http_lua_module/util/build.sh +++ b/modules/ngx_http_lua_module/util/build.sh @@ -24,12 +24,30 @@ force=$2 add_fake_shm_module="--add-module=$root/t/data/fake-shm-module" +add_http3_module=--with-http_v3_module +answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +if [ "$OPENSSL_VER" = "1.1.0l" ] || [ "$answer" = "N" ]; then + add_http3_module="" +fi + +disable_pcre2=--without-pcre2 +answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" +fi +if [ "$USE_PCRE2" = "Y" ]; then + PCRE_INC=$PCRE2_INC + PCRE_LIB=$PCRE2_LIB +fi + time ngx-build $force $version \ --with-threads \ --with-pcre-jit \ + $disable_pcre2 \ --with-ipv6 \ --with-cc-opt="-DNGX_LUA_USE_ASSERT -I$PCRE_INC -I$OPENSSL_INC" \ --with-http_v2_module \ + $add_http3_module \ --with-http_realip_module \ --with-http_ssl_module \ --add-module=$root/../ndk-nginx-module \ diff --git a/modules/ngx_http_lua_module/util/ver-ge b/modules/ngx_http_lua_module/util/ver-ge new file mode 100755 index 0000000000..8d7a401e94 --- /dev/null +++ b/modules/ngx_http_lua_module/util/ver-ge @@ -0,0 +1,41 @@ +#!/usr/bin/env perl + +use strict; +use warnings; + +sub usage { + die "Usage: $0 \n"; +} + +my $a = shift or usage(); +my $b = shift or usage(); + +my @as = split /\./, $a; +my @bs = split /\./, $b; + +my $n = @as > @bs ? scalar(@as) : scalar(@bs); + +for (my $i = 0; $i < $n; $i++) { + my $x = $as[$i]; + my $y = $bs[$i]; + + if (!defined $x) { + $x = 0; + } + + if (!defined $y) { + $y = 0; + } + + if ($x > $y) { + print "Y\n"; + exit; + + } elsif ($x < $y) { + print "N\n"; + exit; + } +} + +print "Y\n"; + diff --git a/modules/ngx_http_lua_module/valgrind.suppress b/modules/ngx_http_lua_module/valgrind.suppress index 8761fb350e..743fb67d77 100644 --- a/modules/ngx_http_lua_module/valgrind.suppress +++ b/modules/ngx_http_lua_module/valgrind.suppress @@ -234,3 +234,73 @@ fun:ngx_pass_open_channel fun:ngx_start_privileged_agent_processes } +{ + + Memcheck:Leak + match-leak-kinds: definite + fun:malloc + fun:ngx_alloc + fun:ngx_regex_malloc + fun:pcre2_compile_context_create_8 + fun:ngx_regex_compile + fun:ngx_http_regex_compile + fun:ngx_http_core_regex_location + fun:ngx_http_core_location + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_core_server + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_block + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_init_cycle + fun:main +} +{ + + Memcheck:Leak + match-leak-kinds: definite + fun:malloc + fun:ngx_alloc + fun:ngx_regex_malloc + fun:pcre2_compile_context_create_8 + fun:ngx_regex_compile + fun:ngx_http_regex_compile + fun:ngx_http_rewrite + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_core_location + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_core_server + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_block + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_init_cycle + fun:main +} +{ + + Memcheck:Leak + match-leak-kinds: definite + fun:malloc + fun:ngx_alloc + fun:ngx_regex_malloc + fun:pcre2_compile_context_create_8 + fun:ngx_regex_compile + fun:ngx_http_regex_compile + fun:ngx_http_rewrite + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_core_server + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_http_block + fun:ngx_conf_handler + fun:ngx_conf_parse + fun:ngx_init_cycle + fun:main +}