summarylogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.SRCINFO16
-rw-r--r--PKGBUILD16
-rw-r--r--openssl-1.1.patch819
3 files changed, 835 insertions, 16 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 13a96d97abe7..8748d4d85b5b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,8 +1,8 @@
# Generated by mksrcinfo v8
-# Mon Jun 26 07:39:44 UTC 2017
+# Sat Sep 16 12:34:32 UTC 2017
pkgbase = nginx-mainline-mod-lua
pkgdesc = Lua script engine module for mainline nginx
- pkgver = 0.10.8
+ pkgver = 0.10.10
pkgrel = 1
url = https://github.com/openresty/lua-nginx-module
arch = i686
@@ -11,12 +11,12 @@ pkgbase = nginx-mainline-mod-lua
depends = nginx-mainline
depends = nginx-mainline-mod-ndk
depends = luajit
- source = https://nginx.org/download/nginx-1.13.0.tar.gz
- source = https://github.com/openresty/lua-nginx-module/archive/v0.10.8/lua-0.10.8.tar.gz
- source = nginx-mainline-mod-lua-nginx-1.11.11.patch::https://github.com/openresty/lua-nginx-module/commit/0459a285ca0159d45e73da8bd1164edb5c57cde3.patch
- sha256sums = 79f52ab6550f854e14439369808105b5780079769d7b8db3856be03c683605d7
- sha256sums = d67449c71051b3cc2d6dd60df0ae0d21fca08aa19c9b30c5b95ee21ff38ef8dd
- sha256sums = 57867eda9eeee7fe5b55d8916047c8e5ffd156cfed4ca2d64470ae4132784261
+ source = https://nginx.org/download/nginx-1.13.4.tar.gz
+ source = https://github.com/openresty/lua-nginx-module/archive/v0.10.10/lua-0.10.10.tar.gz
+ source = openssl-1.1.patch
+ sha256sums = de21f3c49ba65c611329d8759a63d72e5fcf719bc6f2a3270e2541348ef1fbba
+ sha256sums = b4acb84e2d631035a516d61830c910ef6e6485aba86096221ec745e0dbb3fbc9
+ sha256sums = 60aed346397e06f870c7e17798f6e3ce11f078c5ae6e573098d53132c1afdb58
pkgname = nginx-mainline-mod-lua
diff --git a/PKGBUILD b/PKGBUILD
index e09abb877ed4..b0e1c68a4009 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,11 +1,11 @@
# Maintainer: Massimiliano Torromeo <massimiliano.torromeo@gmail.com>
pkgname=nginx-mainline-mod-lua
-pkgver=0.10.8
+pkgver=0.10.10
pkgrel=1
_modname="${pkgname#nginx-mainline-mod-}"
-_nginxver=1.13.0
+_nginxver=1.13.4
pkgdesc='Lua script engine module for mainline nginx'
arch=('i686' 'x86_64')
@@ -16,20 +16,20 @@ license=('BSD')
source=(
https://nginx.org/download/nginx-$_nginxver.tar.gz
https://github.com/openresty/$_modname-nginx-module/archive/v$pkgver/$_modname-$pkgver.tar.gz
- $pkgname-nginx-1.11.11.patch::https://github.com/openresty/lua-nginx-module/commit/0459a285ca0159d45e73da8bd1164edb5c57cde3.patch
+ openssl-1.1.patch
)
-sha256sums=('79f52ab6550f854e14439369808105b5780079769d7b8db3856be03c683605d7'
- 'd67449c71051b3cc2d6dd60df0ae0d21fca08aa19c9b30c5b95ee21ff38ef8dd'
- '57867eda9eeee7fe5b55d8916047c8e5ffd156cfed4ca2d64470ae4132784261')
+sha256sums=('de21f3c49ba65c611329d8759a63d72e5fcf719bc6f2a3270e2541348ef1fbba'
+ 'b4acb84e2d631035a516d61830c910ef6e6485aba86096221ec745e0dbb3fbc9'
+ '60aed346397e06f870c7e17798f6e3ce11f078c5ae6e573098d53132c1afdb58')
prepare() {
cd "$srcdir"/$_modname-nginx-module-$pkgver
- patch -p1 -i "$srcdir"/$pkgname-nginx-1.11.11.patch
+ patch -p1 -i "$srcdir"/openssl-1.1.patch
}
build() {
cd "$srcdir"/nginx-$_nginxver
- ./configure $(nginx -V 2>&1 | grep 'configure arguments' | sed -r 's@^[^:]+: @@') --add-dynamic-module=../$_modname-nginx-module-$pkgver
+ ./configure --with-compat --add-dynamic-module=../$_modname-nginx-module-$pkgver
make modules
}
diff --git a/openssl-1.1.patch b/openssl-1.1.patch
new file mode 100644
index 000000000000..bda407c95065
--- /dev/null
+++ b/openssl-1.1.patch
@@ -0,0 +1,819 @@
+diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c
+index 382a94de..07164746 100644
+--- a/src/ngx_http_lua_socket_tcp.c
++++ b/src/ngx_http_lua_socket_tcp.c
+@@ -1316,9 +1316,8 @@ ngx_http_lua_socket_tcp_sslhandshake(lua_State *L)
+ return 2;
+ }
+
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
+- "lua ssl set session: %p:%d",
+- *psession, (*psession)->references);
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
++ "lua ssl set session: %p", *psession);
+ }
+ }
+
+@@ -1583,9 +1582,8 @@ ngx_http_lua_ssl_handshake_retval_handler(ngx_http_request_t *r,
+ } else {
+ *ud = ssl_session;
+
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
+- "lua ssl save session: %p:%d", ssl_session,
+- ssl_session->references);
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
++ "lua ssl save session: %p", ssl_session);
+
+ /* set up the __gc metamethod */
+ lua_pushlightuserdata(L, &ngx_http_lua_ssl_session_metatable_key);
+@@ -5365,9 +5363,8 @@ ngx_http_lua_ssl_free_session(lua_State *L)
+
+ psession = lua_touserdata(L, 1);
+ if (psession && *psession != NULL) {
+- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
+- "lua ssl free session: %p:%d", *psession,
+- (*psession)->references);
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++ "lua ssl free session: %p", *psession);
+
+ ngx_ssl_free_session(*psession);
+ }
+diff --git a/src/ngx_http_lua_ssl_ocsp.c b/src/ngx_http_lua_ssl_ocsp.c
+index 31b4f243..9ec8b509 100644
+--- a/src/ngx_http_lua_ssl_ocsp.c
++++ b/src/ngx_http_lua_ssl_ocsp.c
+@@ -468,7 +468,11 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_request_t *r,
+ return NGX_ERROR;
+ }
+
++#ifdef SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE
++ if (SSL_get_tlsext_status_type(ssl_conn) == -1) {
++#else
+ if (ssl_conn->tlsext_status_type == -1) {
++#endif
+ dd("no ocsp status req from client");
+ return NGX_DECLINED;
+ }
+diff --git a/src/ngx_http_lua_ssl_session_fetchby.c b/src/ngx_http_lua_ssl_session_fetchby.c
+index 556b7320..5289cb92 100644
+--- a/src/ngx_http_lua_ssl_session_fetchby.c
++++ b/src/ngx_http_lua_ssl_session_fetchby.c
+@@ -171,8 +171,11 @@ ngx_http_lua_ssl_sess_fetch_by_lua(ngx_conf_t *cf, ngx_command_t *cmd,
+
+ /* cached session fetching callback to be set with SSL_CTX_sess_set_get_cb */
+ ngx_ssl_session_t *
+-ngx_http_lua_ssl_sess_fetch_handler(ngx_ssl_conn_t *ssl_conn, u_char *id,
+- int len, int *copy)
++ngx_http_lua_ssl_sess_fetch_handler(ngx_ssl_conn_t *ssl_conn,
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L
++ const
++#endif
++ u_char *id, int len, int *copy)
+ {
+ lua_State *L;
+ ngx_int_t rc;
+@@ -284,7 +287,7 @@ ngx_http_lua_ssl_sess_fetch_handler(ngx_ssl_conn_t *ssl_conn, u_char *id,
+ cctx->exit_code = 1; /* successful by default */
+ cctx->connection = c;
+ cctx->request = r;
+- cctx->session_id.data = id;
++ cctx->session_id.data = (u_char *) id;
+ cctx->session_id.len = len;
+ cctx->entered_sess_fetch_handler = 1;
+ cctx->done = 0;
+diff --git a/src/ngx_http_lua_ssl_session_fetchby.h b/src/ngx_http_lua_ssl_session_fetchby.h
+index 5a6f96f5..50c6616d 100644
+--- a/src/ngx_http_lua_ssl_session_fetchby.h
++++ b/src/ngx_http_lua_ssl_session_fetchby.h
+@@ -25,7 +25,11 @@ char *ngx_http_lua_ssl_sess_fetch_by_lua_block(ngx_conf_t *cf,
+ ngx_command_t *cmd, void *conf);
+
+ ngx_ssl_session_t *ngx_http_lua_ssl_sess_fetch_handler(
+- ngx_ssl_conn_t *ssl_conn, u_char *id, int len, int *copy);
++ ngx_ssl_conn_t *ssl_conn,
++#if OPENSSL_VERSION_NUMBER >= 0x10100003L
++ const
++#endif
++ u_char *id, int len, int *copy);
+ #endif
+
+
+diff --git a/src/ngx_http_lua_ssl_session_storeby.c b/src/ngx_http_lua_ssl_session_storeby.c
+index bae8273d..dc1fad9b 100644
+--- a/src/ngx_http_lua_ssl_session_storeby.c
++++ b/src/ngx_http_lua_ssl_session_storeby.c
+@@ -172,6 +172,8 @@ int
+ ngx_http_lua_ssl_sess_store_handler(ngx_ssl_conn_t *ssl_conn,
+ ngx_ssl_session_t *sess)
+ {
++ const u_char *sess_id;
++ unsigned int sess_id_len;
+ lua_State *L;
+ ngx_int_t rc;
+ ngx_connection_t *c, *fc = NULL;
+@@ -246,11 +248,13 @@ ngx_http_lua_ssl_sess_store_handler(ngx_ssl_conn_t *ssl_conn,
+ }
+ }
+
++ sess_id = SSL_SESSION_get_id(sess, &sess_id_len);
++
+ cctx->connection = c;
+ cctx->request = r;
+ cctx->session = sess;
+- cctx->session_id.data = sess->session_id;
+- cctx->session_id.len = sess->session_id_length;
++ cctx->session_id.data = (u_char *) sess_id;
++ cctx->session_id.len = sess_id_len;
+ cctx->done = 0;
+
+ dd("setting cctx");
+diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t
+index 1c3f7cd0..daa95005 100644
+--- a/t/129-ssl-socket.t
++++ b/t/129-ssl-socket.t
+@@ -108,10 +108,10 @@ sent http request: 59 bytes.
+ received: HTTP/1.1 (?:200 OK|302 Found)
+ close: 1 nil
+ \z
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- no_error_log
+ lua ssl server name:
+@@ -182,8 +182,11 @@ connected: 1
+ failed to do SSL handshake: handshake failed
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
+---- grep_error_log_out
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
++--- grep_error_log_out eval
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
++$/
+ --- no_error_log
+ lua ssl server name:
+ SSL reused session
+@@ -255,10 +258,10 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -343,13 +346,13 @@ sent http request: 56 bytes.
+ received: HTTP/1.1 200 OK
+ close: 1 nil
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl set session: \1:2
+-lua ssl save session: \1:3
+-lua ssl free session: \1:2
+-lua ssl free session: \1:1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl set session: \1
++lua ssl save session: \1
++lua ssl free session: \1
++lua ssl free session: \1
+ $/
+
+ --- error_log
+@@ -432,7 +435,7 @@ failed to send http request: closed
+ \z
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "blah.openresty.org"
+@@ -512,7 +515,7 @@ failed to send http request: closed
+ \z
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "blah.openresty.org"
+@@ -587,10 +590,10 @@ received: HTTP/1.1 404 Not Found
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+
+ --- error_log
+@@ -672,10 +675,10 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]++/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+
+ --- error_log
+@@ -754,7 +757,7 @@ failed to do SSL handshake: 20: unable to get local issuer certificate
+ failed to send http request: closed
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -833,7 +836,7 @@ failed to do SSL handshake: 20: unable to get local issuer certificate
+ failed to send http request: closed
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -923,10 +926,10 @@ sent http request: 59 bytes.
+ received: HTTP/1.1 (?:200 OK|302 Found)
+ close: 1 nil
+ \z
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "www.google.com"
+@@ -1013,7 +1016,7 @@ GET /t
+ connected: 1
+ failed to do SSL handshake: 20: unable to get local issuer certificate
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "www.google.com"
+@@ -1095,10 +1098,10 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+
+ --- error_log
+@@ -1174,10 +1177,10 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -1254,14 +1257,14 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "openresty.org"
+-SSL: TLSv1.2, cipher: "ECDHE-RSA-AES256-SHA
++SSL: TLSv1.2, cipher: "ECDHE-RSA-AES256-SHA
+ --- no_error_log
+ SSL reused session
+ [error]
+@@ -1334,14 +1337,14 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "openresty.org"
+-SSL: TLSv1, cipher: "ECDHE-RSA-AES256-SHA
++SSL: TLSv1, cipher: "ECDHE-RSA-AES256-SHA
+ --- no_error_log
+ SSL reused session
+ [error]
+@@ -1412,7 +1415,7 @@ failed to do SSL handshake: handshake failed
+ failed to send http request: closed
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log eval
+ [
+@@ -1488,10 +1491,10 @@ ssl handshake: userdata
+ set keepalive: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: \1:2
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: \1
+ $/
+
+ --- error_log
+@@ -1564,14 +1567,14 @@ ssl handshake: userdata
+ set keepalive: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl save session: \1:3
+-lua ssl save session: \1:4
+-lua ssl free session: \1:4
+-lua ssl free session: \1:3
+-lua ssl free session: \1:2
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl save session: \1
++lua ssl save session: \1
++lua ssl free session: \1
++lua ssl free session: \1
++lua ssl free session: \1
+ $/
+
+ --- error_log
+@@ -1615,7 +1618,7 @@ hello world
+ --- response_body_like: 500 Internal Server Error
+ --- error_code: 500
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ attempt to call method 'sslhandshake' (a nil value)
+@@ -1704,7 +1707,7 @@ received: Server: nginx
+ received: Content-Type: text/plain
+ received: Content-Length: 4
+ received: Connection: close
+-received:
++received:
+ received: foo
+ close: 1 nil
+
+@@ -1714,10 +1717,10 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- no_error_log
+ lua ssl server name:
+@@ -1809,7 +1812,7 @@ received: Server: nginx
+ received: Content-Type: text/plain
+ received: Content-Length: 4
+ received: Connection: close
+-received:
++received:
+ received: foo
+ close: 1 nil
+
+@@ -1819,10 +1822,10 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "test.com"
+@@ -1912,7 +1915,7 @@ failed to do SSL handshake: handshake failed
+ ">>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log eval
+ qr/SSL_do_handshake\(\) failed .*?unknown protocol/
+@@ -2011,7 +2014,7 @@ $::TestCertificate
+ >>> test.crl
+ $::TestCRL"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "test.com"
+@@ -2090,12 +2093,12 @@ received: HTTP/1.1 302 Moved Temporarily
+ close: 1 nil
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl save session: ([0-9A-F]+):3
+-lua ssl free session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -2149,7 +2152,7 @@ connected: 1
+ failed to do SSL handshake: timeout
+
+ --- log_level: debug
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl server name: "openresty.org"
+@@ -2221,7 +2224,7 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- no_error_log
+ lua ssl server name:
+@@ -2292,10 +2295,10 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- no_error_log
+ lua ssl server name:
+@@ -2372,7 +2375,7 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- no_error_log
+ lua ssl server name:
+@@ -2464,7 +2467,7 @@ received: Server: nginx
+ received: Content-Type: text/plain
+ received: Content-Length: 4
+ received: Connection: close
+-received:
++received:
+ received: foo
+ close: 1 nil
+
+@@ -2474,10 +2477,10 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out eval
+-qr/^lua ssl save session: ([0-9A-F]+):2
+-lua ssl free session: ([0-9A-F]+):1
++qr/^lua ssl save session: ([0-9A-F]+)
++lua ssl free session: ([0-9A-F]+)
+ $/
+ --- error_log
+ --- no_error_log
+@@ -2570,7 +2573,7 @@ $::TestCertificateKey
+ >>> test.crt
+ $::TestCertificate"
+
+---- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/
++--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
+ --- grep_error_log_out
+ --- error_log
+ lua ssl certificate verify error: (18: self signed certificate)
+diff --git a/t/142-ssl-session-store.t b/t/142-ssl-session-store.t
+index 73b6e197..260fe490 100644
+--- a/t/142-ssl-session-store.t
++++ b/t/142-ssl-session-store.t
+@@ -32,7 +32,7 @@ __DATA__
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -102,7 +102,7 @@ ssl_session_store_by_lua_block:1: ssl session store by lua is running!
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -177,7 +177,7 @@ API disabled in the context of ssl_session_store_by_lua*
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -267,9 +267,9 @@ my timer run!
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -335,9 +335,9 @@ API disabled in the context of ssl_session_store_by_lua*
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -407,9 +407,9 @@ ngx.exit does not yield and the error code is eaten.
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -480,9 +480,9 @@ ssl_session_store_by_lua*: handler return value: 0, sess new cb exit code: 0
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -548,9 +548,9 @@ should never reached here
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -621,7 +621,7 @@ get_phase: ssl_session_store
+ }
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -690,7 +690,7 @@ qr/elapsed in ssl cert by lua: 0.(?:09|1[01])\d+,/,
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -760,7 +760,6 @@ a.lua:1: ssl store session by lua is running!
+ ssl_session_store_by_lua_block {
+ print("handler in test.com")
+ }
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+
+@@ -770,7 +769,6 @@ a.lua:1: ssl store session by lua is running!
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+
+@@ -836,7 +834,7 @@ qr/\[emerg\] .*? "ssl_session_store_by_lua_block" directive is not allowed here
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+diff --git a/t/143-ssl-session-fetch.t b/t/143-ssl-session-fetch.t
+index 701ead72..3626f0fb 100644
+--- a/t/143-ssl-session-fetch.t
++++ b/t/143-ssl-session-fetch.t
+@@ -33,7 +33,7 @@ __DATA__
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -114,7 +114,7 @@ qr/ssl_session_fetch_by_lua_block:1: ssl fetch sess by lua is running!/s
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -198,7 +198,7 @@ qr/elapsed in ssl fetch session by lua: 0.(?:09|1[01])\d+,/,
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -297,9 +297,9 @@ qr/my timer run!/s
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -377,9 +377,9 @@ qr/received memc reply: OK/s
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -458,9 +458,9 @@ should never reached here
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -540,9 +540,9 @@ should never reached here
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -621,9 +621,9 @@ should never reached here
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -704,9 +704,9 @@ should never reached here
+ server {
+ listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+ server_name test.com;
+- ssl_protocols SSLv3;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -787,7 +787,7 @@ should never reached here
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -872,7 +872,7 @@ qr/get_phase: ssl_session_fetch/s
+ }
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -956,7 +956,7 @@ ssl store session by lua is running!
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }
+@@ -1036,7 +1036,7 @@ qr/\S+:\d+: ssl fetch sess by lua is running!/s
+ server_name test.com;
+ ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
+ ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
+- ssl_protocols SSLv3;
++ ssl_session_tickets off;
+
+ server_tokens off;
+ }