From d595fa9d8127813e8dc94f6c16efb5766a4439da Mon Sep 17 00:00:00 2001 From: lijunlong Date: Thu, 15 Jan 2026 15:03:38 +0800 Subject: [PATCH 1/2] feature: add new ffi ngx_stream_lua_ffi_socket_tcp_get_ssl_pointer(). --- src/ngx_stream_lua_socket_tcp.c | 45 +++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/src/ngx_stream_lua_socket_tcp.c b/src/ngx_stream_lua_socket_tcp.c index 9c82648e..00275d63 100644 --- a/src/ngx_stream_lua_socket_tcp.c +++ b/src/ngx_stream_lua_socket_tcp.c @@ -374,9 +374,8 @@ ngx_stream_lua_inject_socket_tcp_api(ngx_log_t *log, lua_State *L) lua_pushcfunction(L, ngx_stream_lua_socket_tcp_sslhandshake); lua_setfield(L, -2, "sslhandshake"); - lua_pushcfunction(L, ngx_stream_lua_socket_tcp_get_ssl_session); + lua_pushcfunction(L, ngx_stream_lua_socket_tcp_get_ssl_session); lua_setfield(L, -2, "getsslsession"); - #endif lua_pushcfunction(L, ngx_stream_lua_socket_tcp_receive); @@ -1663,6 +1662,48 @@ ngx_stream_lua_socket_conn_error_retval_handler(ngx_stream_lua_request_t *r, #if (NGX_STREAM_SSL) +int +ngx_stream_lua_ffi_socket_tcp_get_ssl_pointer( + ngx_stream_lua_request_t *r, + ngx_stream_lua_socket_tcp_upstream_t *u, + void **sslp, char **errmsg) +{ + ngx_connection_t *c; + + if (r == NULL) { + *errmsg = "no request"; + return NGX_ERROR; + } + + ngx_log_debug0(NGX_LOG_DEBUG_STREAM, r->connection->log, 0, + "stream lua tcp socket getsslpointer"); + + if (u == NULL + || u->peer.connection == NULL + || u->read_closed + || u->write_closed) + { + *errmsg = "closed"; + return NGX_ERROR; + } + + if (u->request != r) { + *errmsg = "bad request"; + return NGX_ERROR; + } + + c = u->peer.connection; + if (c == NULL || c->ssl == NULL || c->ssl->connection == NULL) { + *errmsg = "no ssl connection"; + return NGX_ERROR; + } + + *sslp = c->ssl->connection; + + return NGX_OK; +} + + static int ngx_stream_lua_socket_tcp_get_ssl_session(lua_State *L) { From 560d88e8aaef37c2af962948b9afdfcc970b4164 Mon Sep 17 00:00:00 2001 From: lijunlong Date: Thu, 15 Jan 2026 15:49:16 +0800 Subject: [PATCH 2/2] feature: add ffi ngx_http_lua_ffi_socket_tcp_get_ssl_pointer() and ffi ngx_http_lua_ffi_socket_tcp_get_ssl_ctx(). --- src/ngx_stream_lua_socket_tcp.c | 50 +++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/src/ngx_stream_lua_socket_tcp.c b/src/ngx_stream_lua_socket_tcp.c index 00275d63..3a300480 100644 --- a/src/ngx_stream_lua_socket_tcp.c +++ b/src/ngx_stream_lua_socket_tcp.c @@ -1666,10 +1666,11 @@ int ngx_stream_lua_ffi_socket_tcp_get_ssl_pointer( ngx_stream_lua_request_t *r, ngx_stream_lua_socket_tcp_upstream_t *u, - void **sslp, char **errmsg) + void **pssl, char **errmsg) { ngx_connection_t *c; + *pssl = NULL; if (r == NULL) { *errmsg = "no request"; return NGX_ERROR; @@ -1698,12 +1699,57 @@ ngx_stream_lua_ffi_socket_tcp_get_ssl_pointer( return NGX_ERROR; } - *sslp = c->ssl->connection; + *pssl = c->ssl->connection; return NGX_OK; } +int +ngx_stream_lua_ffi_socket_tcp_get_ssl_ctx( + ngx_stream_lua_request_t *r, + ngx_stream_lua_socket_tcp_upstream_t *u, + void **pctx, char **errmsg) +{ + ngx_connection_t *c; + + *pctx = NULL; + if (r == NULL) { + *errmsg = "no request"; + return NGX_ERROR; + } + + ngx_log_debug0(NGX_LOG_DEBUG_STREAM, r->connection->log, 0, + "stream lua tcp socket getsslpointer"); + + if (u == NULL + || u->peer.connection == NULL + || u->read_closed + || u->write_closed) + { + *errmsg = "closed"; + return NGX_ERROR; + } + + if (u->request != r) { + *errmsg = "bad request"; + return NGX_ERROR; + } + + c = u->peer.connection; + if (c == NULL || c->ssl == NULL || c->ssl->session_ctx == NULL) { + *errmsg = "no ssl connection"; + return NGX_ERROR; + } + + *pctx = c->ssl->session_ctx; + + return NGX_OK; +} + + + + static int ngx_stream_lua_socket_tcp_get_ssl_session(lua_State *L) {