feat: add server random and master key fetch api

mengxiangwei · mengxiangwei · commit 193f629d4070 · 2026-03-23T10:21:49.000+08:00
diff --git a/dist.ini b/dist.ini
@@ -7,4 +7,4 @@ lib_dir=lib
 doc_dir=lib
 repo_link=https://github.com/openresty/lua-resty-core
 main_module=lib/resty/core/base.lua
-requires = luajit >= 2.1.0, nginx >= 1.29.2, ngx_http_lua = 0.10.29, openresty/lua-resty-lrucache >= 0.08
+requires = luajit >= 2.1.0, nginx >= 1.29.2, ngx_http_lua = 0.10.30, openresty/lua-resty-lrucache >= 0.15
diff --git a/lib/resty/core/base.lua b/lib/resty/core/base.lua
@@ -19,22 +19,24 @@ local FREE_LIST_REF = 0
 if subsystem == 'http' then
     if not ngx.config
        or not ngx.config.ngx_lua_version
-       or ngx.config.ngx_lua_version ~= 10029
+       or ngx.config.ngx_lua_version ~= 10030
     then
-        error("ngx_http_lua_module 0.10.29 required")
+        local ver = ngx.config and tostring(ngx.config.ngx_lua_version) or 'nil'
+        error("ngx_http_lua_module 0.10.30 required but got " .. ver)
     end
 
 elseif subsystem == 'stream' then
     if not ngx.config
        or not ngx.config.ngx_lua_version
-       or ngx.config.ngx_lua_version ~= 17
+       or ngx.config.ngx_lua_version ~= 18
     then
-        error("ngx_stream_lua_module 0.0.17 required")
+        local ver = ngx.config and tostring(ngx.config.ngx_lua_version) or 'nil'
+        error("ngx_stream_lua_module 0.0.18 required but got " .. ver)
     end
 
 else
-    error("ngx_http_lua_module 0.10.29 or "
-          .. "ngx_stream_lua_module 0.0.17 required")
+    error("ngx_http_lua_module 0.10.30 or "
+          .. "ngx_stream_lua_module 0.0.18 required")
 end
 
 
@@ -141,7 +143,7 @@ local c_buf_type = ffi.typeof("char[?]")
 local _M = new_tab(0, 18)
 
 
-_M.version = "0.1.32"
+_M.version = "0.1.33"
 _M.new_tab = new_tab
 _M.clear_tab = clear_tab
 
diff --git a/t/ssl.t b/t/ssl.t
@@ -3737,7 +3737,7 @@ received: Server: nginx
 received: Content-Type: text/plain
 received: Content-Length: 4
 received: Connection: close
-received:
+received: 
 received: foo
 close: 1 nil
 
@@ -3761,21 +3761,30 @@ server-random length: 32
         ssl_protocols TLSv1.2;
         ssl_certificate_by_lua_block {
             local ssl = require "ngx.ssl"
-            local master_key_len = ssl.get_session_master_key(0)
-            print("master-key length: ", master_key_len)
-
-            local master_key = ssl.get_session_master_key()
-            if master_key and #master_key > 0 then
-                print("got master key of length: ", #master_key)
-            end
+            ssl.clear_certs()
+            ssl.set_der_cert(ssl.cert_pem_to_der(
+                assert(io.open("t/cert/test.crt")):read("*a")))
+            ssl.set_der_priv_key(ssl.priv_key_pem_to_der(
+                assert(io.open("t/cert/test.key")):read("*a")))
         }
+
         ssl_certificate ../../cert/test.crt;
         ssl_certificate_key ../../cert/test.key;
 
         server_tokens off;
         location /foo {
             default_type 'text/plain';
-            content_by_lua_block {ngx.status = 201 ngx.say("foo") ngx.exit(201)}
+            content_by_lua_block {
+                local ssl = require "ngx.ssl"
+                local mk_len = ssl.get_session_master_key(0)
+                ngx.say("master-key length: ", mk_len)
+
+                local mk = ssl.get_session_master_key()
+                if mk and #mk > 0 then
+                    ngx.say("got master key of length: ",
+                            #mk)
+                end
+            }
             more_clear_headers Date;
         }
     }
@@ -3818,7 +3827,6 @@ server-random length: 32
                 while true do
                     local line, err = sock:receive()
                     if not line then
-                        -- ngx.say("failed to receive response status line: ", err)
                         break
                     end
 
@@ -3828,7 +3836,6 @@ server-random length: 32
                 local ok, err = sock:close()
                 ngx.say("close: ", ok, " ", err)
             end  -- do
-            -- collectgarbage()
         }
     }
 
@@ -3838,19 +3845,16 @@ GET /t
 connected: 1
 ssl handshake: cdata
 sent http request: 56 bytes.
-received: HTTP/1.1 201 Created
+received: HTTP/1.1 200 OK
 received: Server: nginx
 received: Content-Type: text/plain
-received: Content-Length: 4
+received: Transfer-Encoding: chunked
 received: Connection: close
 received:
-received: foo
+received: master-key length: 48
+received: got master key of length: 48
 close: 1 nil
 
---- error_log
-master-key length: 48
-got master key of length: 48
-
 --- no_error_log
 [error]
 [alert]
