You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by me...@apache.org on 2020/05/12 07:51:19 UTC
[incubator-apisix] branch master updated: feature: support new
field `exptime` for SSL object. (#1575)
This is an automated email from the ASF dual-hosted git repository.
membphis pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-apisix.git
The following commit(s) were added to refs/heads/master by this push:
new cafbfe1 feature: support new field `exptime` for SSL object. (#1575)
cafbfe1 is described below
commit cafbfe160a2fcefb0294db51afac693f1767bea5
Author: YuanSheng Wang <me...@gmail.com>
AuthorDate: Tue May 12 15:50:52 2020 +0800
feature: support new field `exptime` for SSL object. (#1575)
fix #1571.
---
apisix/schema_def.lua | 18 +++++++++--
t/admin/schema.t | 18 +++++++++--
t/admin/ssl.t | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++-
t/lib/test_admin.lua | 4 ++-
4 files changed, 120 insertions(+), 6 deletions(-)
diff --git a/apisix/schema_def.lua b/apisix/schema_def.lua
index e261c98..d4b63eb 100644
--- a/apisix/schema_def.lua
+++ b/apisix/schema_def.lua
@@ -454,9 +454,23 @@ _M.ssl = {
sni = {
type = "string",
pattern = [[^\*?[0-9a-zA-Z-.]+$]],
- }
+ },
+ snis = {
+ type = "array",
+ items = {
+ type = "string",
+ pattern = [[^\*?[0-9a-zA-Z-.]+$]],
+ }
+ },
+ exptime = {
+ type = "integer",
+ minimum = 1588262400, -- 2020/5/1 0:0:0
+ },
+ },
+ oneOf = {
+ {required = {"sni", "key", "cert"}},
+ {required = {"snis", "key", "cert"}}
},
- required = {"sni", "key", "cert"},
additionalProperties = false,
}
diff --git a/t/admin/schema.t b/t/admin/schema.t
index 54ef58e..d266f2a 100644
--- a/t/admin/schema.t
+++ b/t/admin/schema.t
@@ -93,9 +93,23 @@ location /t {
sni = {
type = "string",
pattern = [[^\*?[0-9a-zA-Z-.]+$]],
- }
+ },
+ snis = {
+ type = "array",
+ items = {
+ type = "string",
+ pattern = [[^\*?[0-9a-zA-Z-.]+$]],
+ }
+ },
+ exptime = {
+ type = "integer",
+ minimum = 1588262400, -- 2020/5/1 0:0:0
+ },
+ },
+ oneOf = {
+ {required = {"sni", "key", "cert"}},
+ {required = {"snis", "key", "cert"}}
},
- required = {"sni", "key", "cert"},
additionalProperties = false,
}
)
diff --git a/t/admin/ssl.t b/t/admin/ssl.t
index 15bfb0a..57eb69e 100644
--- a/t/admin/ssl.t
+++ b/t/admin/ssl.t
@@ -228,7 +228,7 @@ GET /t
GET /t
--- error_code: 400
--- response_body
-{"error_msg":"invalid configuration: property \"cert\" is required"}
+{"error_msg":"invalid configuration: value should match only one schema, but matches none"}
--- no_error_log
[error]
@@ -269,3 +269,87 @@ GET /t
passed
--- no_error_log
[error]
+
+
+
+=== TEST 8: store sni in `snis`
+--- config
+ location /t {
+ content_by_lua_block {
+ local core = require("apisix.core")
+ local t = require("lib.test_admin")
+
+ local ssl_cert = t.read_file("conf/cert/apisix.crt")
+ local ssl_key = t.read_file("conf/cert/apisix.key")
+ local data = {
+ cert = ssl_cert, key = ssl_key,
+ snis = {"*.foo.com", "bar.com"},
+ }
+
+ local code, body = t.test('/apisix/admin/ssl/1',
+ ngx.HTTP_PUT,
+ core.json.encode(data),
+ [[{
+ "node": {
+ "value": {
+ "snis": ["*.foo.com", "bar.com"]
+ },
+ "key": "/apisix/ssl/1"
+ },
+ "action": "set"
+ }]]
+ )
+
+ ngx.status = code
+ ngx.say(body)
+ }
+ }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 9: store exptime
+--- config
+ location /t {
+ content_by_lua_block {
+ local core = require("apisix.core")
+ local t = require("lib.test_admin")
+
+ local ssl_cert = t.read_file("conf/cert/apisix.crt")
+ local ssl_key = t.read_file("conf/cert/apisix.key")
+ local data = {
+ cert = ssl_cert, key = ssl_key,
+ sni = "bar.com",
+ exptime = 1588262400 + 60 * 60 * 24 * 365,
+ }
+
+ local code, body = t.test('/apisix/admin/ssl/1',
+ ngx.HTTP_PUT,
+ core.json.encode(data),
+ [[{
+ "node": {
+ "value": {
+ "sni": "bar.com",
+ "exptime": 1619798400
+ },
+ "key": "/apisix/ssl/1"
+ },
+ "action": "set"
+ }]]
+ )
+
+ ngx.status = code
+ ngx.say(body)
+ }
+ }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
diff --git a/t/lib/test_admin.lua b/t/lib/test_admin.lua
index 8b4d6c5..cda7514 100644
--- a/t/lib/test_admin.lua
+++ b/t/lib/test_admin.lua
@@ -101,6 +101,8 @@ end
function _M.comp_tab(left_tab, right_tab)
+ dir_names = {}
+
if type(left_tab) == "string" then
left_tab = json.decode(left_tab)
end
@@ -110,7 +112,7 @@ function _M.comp_tab(left_tab, right_tab)
local ok, err = com_tab(left_tab, right_tab)
if not ok then
- return 500, "failed, " .. err
+ return false, err
end
return true