feature: implemented the new ngx.ssl.server_port() API to get server port.

Author: halfcrazy

lib/ngx/ssl.lua

@@ -24,6 +24,7 @@ local ngx_lua_ffi_ssl_set_der_certificate
 local ngx_lua_ffi_ssl_clear_certs
 local ngx_lua_ffi_ssl_set_der_private_key
 local ngx_lua_ffi_ssl_raw_server_addr
+local ngx_lua_ffi_ssl_server_port
 local ngx_lua_ffi_ssl_server_name
 local ngx_lua_ffi_ssl_raw_client_addr
 local ngx_lua_ffi_cert_pem_to_der
@@ -51,6 +52,9 @@ if subsystem == 'http' then
     int ngx_http_lua_ffi_ssl_raw_server_addr(ngx_http_request_t *r, char **addr,
         size_t *addrlen, int *addrtype, char **err);
 
+    int ngx_http_lua_ffi_ssl_server_port(ngx_http_request_t *r,
+        unsigned short *server_port, char **err);
+
     int ngx_http_lua_ffi_ssl_server_name(ngx_http_request_t *r, char **name,
         size_t *namelen, char **err);
 
@@ -90,6 +94,7 @@ if subsystem == 'http' then
     ngx_lua_ffi_ssl_set_der_private_key =
         C.ngx_http_lua_ffi_ssl_set_der_private_key
     ngx_lua_ffi_ssl_raw_server_addr = C.ngx_http_lua_ffi_ssl_raw_server_addr
+    ngx_lua_ffi_ssl_server_port = C.ngx_http_lua_ffi_ssl_server_port
     ngx_lua_ffi_ssl_server_name = C.ngx_http_lua_ffi_ssl_server_name
     ngx_lua_ffi_ssl_raw_client_addr = C.ngx_http_lua_ffi_ssl_raw_client_addr
     ngx_lua_ffi_cert_pem_to_der = C.ngx_http_lua_ffi_cert_pem_to_der
@@ -117,6 +122,9 @@ elseif subsystem == 'stream' then
     int ngx_stream_lua_ffi_ssl_raw_server_addr(ngx_stream_lua_request_t *r,
         char **addr, size_t *addrlen, int *addrtype, char **err);
 
+    int ngx_stream_lua_ffi_ssl_server_port(ngx_stream_lua_request_t *r,
+        unsigned short *server_port, char **err);
+
     int ngx_stream_lua_ffi_ssl_server_name(ngx_stream_lua_request_t *r,
         char **name, size_t *namelen, char **err);
 
@@ -156,6 +164,7 @@ elseif subsystem == 'stream' then
     ngx_lua_ffi_ssl_set_der_private_key =
         C.ngx_stream_lua_ffi_ssl_set_der_private_key
     ngx_lua_ffi_ssl_raw_server_addr = C.ngx_stream_lua_ffi_ssl_raw_server_addr
+    ngx_lua_ffi_ssl_server_port = C.ngx_stream_lua_ffi_ssl_server_port
     ngx_lua_ffi_ssl_server_name = C.ngx_stream_lua_ffi_ssl_server_name
     ngx_lua_ffi_ssl_raw_client_addr = C.ngx_stream_lua_ffi_ssl_raw_client_addr
     ngx_lua_ffi_cert_pem_to_der = C.ngx_stream_lua_ffi_cert_pem_to_der
@@ -176,6 +185,7 @@ local _M = { version = base.version }
 
 local charpp = ffi.new("char*[1]")
 local intp = ffi.new("int[1]")
+local ushortp = ffi.new("unsigned short[1]")
 
 
 function _M.clear_certs()
@@ -251,6 +261,21 @@ function _M.raw_server_addr()
 end
 
 
+function _M.server_port()
+    local r = get_request()
+    if not r then
+        error("no request found")
+    end
+
+    local rc = ngx_lua_ffi_ssl_server_port(r, ushortp, errmsg)
+    if rc == FFI_OK then
+        return ushortp[0]
+    end
+
+    return nil, ffi_str(errmsg[0])
+end
+
+
 function _M.server_name()
     local r = get_request()
     if not r then

lib/ngx/ssl.md

@@ -17,6 +17,7 @@ Table of Contents
     * [priv_key_pem_to_der](#priv_key_pem_to_der)
     * [set_der_priv_key](#set_der_priv_key)
     * [server_name](#server_name)
+    * [server_port](#server_port)
     * [raw_server_addr](#raw_server_addr)
     * [raw_client_addr](#raw_client_addr)
     * [get_tls1_version](#get_tls1_version)
@@ -251,6 +252,21 @@ This function can be called in any context where downstream https is used.
 
 [Back to TOC](#table-of-contents)
 
+server_port
+-----------
+**syntax:** port, err = ssl.server_port()
+
+**context:** *any*
+
+Returns the server port. Returns `nil`
+when server dont have a port.
+
+In case of failures, it returns `nil` *and* a string describing the error.
+
+This function can be called in any context where downstream https is used.
+
+[Back to TOC](#table-of-contents)
+
 raw_server_addr
 ---------------
 **syntax:** *addr_data, addr_type, err = ssl.raw_server_addr()*

t/ssl.t

@@ -2504,3 +2504,203 @@ client certificate subject: nil
 [error]
 [alert]
 [emerg]
+
+
+
+=== TEST 26: read server port via ssl.server_port() with ipv4
+--- http_config
+    lua_package_path "$TEST_NGINX_LUA_PACKAGE_PATH";
+
+    server {
+        listen 127.0.0.1:12345 ssl;
+        server_name   test.com;
+        ssl_certificate_by_lua_block {
+            local ssl = require "ngx.ssl"
+            local port, err = ssl.server_port()
+            print("read server port from Lua: ", port)
+        }
+        ssl_certificate ../../cert/test.crt;
+        ssl_certificate_key ../../cert/test.key;
+
+        server_tokens off;
+        location /foo {
+            default_type 'text/plain';
+            content_by_lua_block {ngx.status = 201 ngx.say("foo") ngx.exit(201)}
+            more_clear_headers Date;
+        }
+    }
+--- config
+    server_tokens off;
+    lua_ssl_trusted_certificate ../../cert/test.crt;
+
+    location /t {
+        content_by_lua_block {
+            do
+                local sock = ngx.socket.tcp()
+
+                sock:settimeout(3000)
+
+                local ok, err = sock:connect("127.0.0.1", 12345)
+                if not ok then
+                    ngx.say("failed to connect: ", err)
+                    return
+                end
+
+                ngx.say("connected: ", ok)
+
+                local sess, err = sock:sslhandshake(nil, "test.com", true)
+                if not sess then
+                    ngx.say("failed to do SSL handshake: ", err)
+                    return
+                end
+
+                ngx.say("ssl handshake: ", type(sess))
+
+                local req = "GET /foo HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n"
+                local bytes, err = sock:send(req)
+                if not bytes then
+                    ngx.say("failed to send http request: ", err)
+                    return
+                end
+
+                ngx.say("sent http request: ", bytes, " bytes.")
+
+                while true do
+                    local line, err = sock:receive()
+                    if not line then
+                        -- ngx.say("failed to receive response status line: ", err)
+                        break
+                    end
+
+                    ngx.say("received: ", line)
+                end
+
+                local ok, err = sock:close()
+                ngx.say("close: ", ok, " ", err)
+            end  -- do
+            -- collectgarbage()
+        }
+    }
+
+--- request
+GET /t
+--- response_body
+connected: 1
+ssl handshake: userdata
+sent http request: 56 bytes.
+received: HTTP/1.1 201 Created
+received: Server: nginx
+received: Content-Type: text/plain
+received: Content-Length: 4
+received: Connection: close
+received: 
+received: foo
+close: 1 nil
+
+--- error_log
+read server port from Lua: 12345
+
+--- no_error_log
+[error]
+[alert]
+[emerg]
+
+
+
+=== TEST 27: read server port via ssl.server_port() with unix domain socket
+--- http_config
+    lua_package_path "$TEST_NGINX_LUA_PACKAGE_PATH";
+
+    server {
+        listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
+        server_name   test.com;
+        ssl_certificate_by_lua_block {
+            local ssl = require "ngx.ssl"
+            local port, err = ssl.server_port()
+            print("read server port from Lua: ", port, err)
+        }
+        ssl_certificate ../../cert/test.crt;
+        ssl_certificate_key ../../cert/test.key;
+
+        server_tokens off;
+        location /foo {
+            default_type 'text/plain';
+            content_by_lua_block {ngx.status = 201 ngx.say("foo") ngx.exit(201)}
+            more_clear_headers Date;
+        }
+    }
+--- config
+    server_tokens off;
+    lua_ssl_trusted_certificate ../../cert/test.crt;
+
+    location /t {
+        content_by_lua_block {
+            do
+                local sock = ngx.socket.tcp()
+
+                sock:settimeout(3000)
+
+                local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
+                if not ok then
+                    ngx.say("failed to connect: ", err)
+                    return
+                end
+
+                ngx.say("connected: ", ok)
+
+                local sess, err = sock:sslhandshake(nil, "test.com", true)
+                if not sess then
+                    ngx.say("failed to do SSL handshake: ", err)
+                    return
+                end
+
+                ngx.say("ssl handshake: ", type(sess))
+
+                local req = "GET /foo HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n"
+                local bytes, err = sock:send(req)
+                if not bytes then
+                    ngx.say("failed to send http request: ", err)
+                    return
+                end
+
+                ngx.say("sent http request: ", bytes, " bytes.")
+
+                while true do
+                    local line, err = sock:receive()
+                    if not line then
+                        -- ngx.say("failed to receive response status line: ", err)
+                        break
+                    end
+
+                    ngx.say("received: ", line)
+                end
+
+                local ok, err = sock:close()
+                ngx.say("close: ", ok, " ", err)
+            end  -- do
+            -- collectgarbage()
+        }
+    }
+
+--- request
+GET /t
+--- response_body
+connected: 1
+ssl handshake: userdata
+sent http request: 56 bytes.
+received: HTTP/1.1 201 Created
+received: Server: nginx
+received: Content-Type: text/plain
+received: Content-Length: 4
+received: Connection: close
+received: 
+received: foo
+close: 1 nil
+
+--- error_log
+read server port from Lua: nilunix domain has no port
+
+--- no_error_log
+[error]
+[alert]
+[emerg]