Skip to content

Commit 70ab746

Browse files
agentzhagentzh
committed
docs: documented the nginx core patch and openssl core patch needed by ssl_session_fetch_by_lua*.
1 parent b7c59f1 commit 70ab746

File tree

2 files changed

+26
-0
lines changed

2 files changed

+26
-0
lines changed

README.markdown

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2484,6 +2484,19 @@ SSL session resumption will happen and thus bypass the [ssl_certificate_by_lua*]
24842484
hook completely. In this case, NGINX also bypasses the [ssl_session_store_by_lua_block](#ssl_session_store_by_lua)
24852485
hook, for obvious reasons.
24862486

2487+
If you are using pre-built packages for OpenResty 1.11.2.1 or later, then everything should work
2488+
out of the box.
2489+
2490+
If you are using OpenSSL libraries not provided by OpenResty, then you need to apply the following patch for
2491+
OpenSSL 1.0.2h or later:
2492+
2493+
<https://github.com/openresty/openresty/blob/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch>
2494+
2495+
If you are not using the NGINX core shipped with OpenResty 1.11.2.1, then you need to
2496+
apply the following patch to the standard NGINX core 1.11.2 or later:
2497+
2498+
<http://openresty.org/download/nginx-1.11.2-nonblocking_ssl_handshake_hooks.patch>
2499+
24872500
This directive was first introduced in the `v0.10.6` release.
24882501

24892502
[Back to TOC](#directives)

doc/HttpLuaModule.wiki

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2091,6 +2091,19 @@ SSL session resumption will happen and thus bypass the [[#ssl_certificate_by_lua
20912091
hook completely. In this case, NGINX also bypasses the [[#ssl_session_store_by_lua*|ssl_session_store_by_lua_block]]
20922092
hook, for obvious reasons.
20932093
2094+
If you are using pre-built packages for [OpenResty](https://openresty.org) 1.11.2.1 or later, then everything should work
2095+
out of the box.
2096+
2097+
If you are using OpenSSL libraries not provided by [OpenResty](https://openresty.org),
2098+
then you need to apply the following patch for OpenSSL 1.0.2h or later:
2099+
2100+
https://github.com/openresty/openresty/blob/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch
2101+
2102+
If you are not using the NGINX core shipped with [OpenResty](https://openresty.org) 1.11.2.1 or later, then you need to
2103+
apply the following patch to the standard NGINX core 1.11.2 or later:
2104+
2105+
http://openresty.org/download/nginx-1.11.2-nonblocking_ssl_handshake_hooks.patch
2106+
20942107
This directive was first introduced in the <code>v0.10.6</code> release.
20952108
20962109
== ssl_session_fetch_by_lua_file ==

0 commit comments

Comments
 (0)