feature: add ssl.set_http_version API#147
Conversation
|
|
||
| ssl_certificate_by_lua_block { | ||
| local ssl = require "ngx.ssl"; | ||
| ssl.set_http_version(2); |
There was a problem hiding this comment.
I think it's better to use the ssl.use_http2(true) and ssl.use_http2(false) here instead. We cannot really set other HTTP version numbers like 0.9, 1.0, and 1.1 here anyway.
|
|
||
| --- config | ||
| ssl_certificate ../../cert/test.crt; | ||
| ssl_certificate_key ../../cert/test.key; |
There was a problem hiding this comment.
Better let the test scaffold automatically generate these under the hood. It's too much a burden for us test writers to write these in every HTTP/2 over TLS test cases ;)
|
@vislee I wonder if the protocol selection result in the TLS handshake can be remembered by subsequent new connections doing TLS session resumption (session ID or session ticket). I doubt it though. Have you tested the TLS session resumption case? |
|
I feel we need to really test session resumption, because in case of session resumption, the certificate callback will be skipped entirely. So I am a little skeptical about this PR right now. |
|
@lziest Agreed. We need test cases for different kinds of session resumptions, SSL session IDs and TLS session tickets. |
|
@vislee You can close it yourself, BTW :) Closing this. |
3 participants
I hereby granted the copyright of the changes in this pull request
to the authors of this lua-resty-core project.
Note: the unit test relying on the test-nginx/pull/68