You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/12/21 03:05:39 UTC
[GitHub] [apisix] unbeatablekb opened a new pull request #3084: feature: add proxy_ssl_server_name to support carry SNI while doing SSL handshaking with upstream
unbeatablekb opened a new pull request #3084:
URL: https://github.com/apache/apisix/pull/3084
### What this PR does / why we need it:
fix: #2988
### Pre-submission checklist:
* [ ] Did you explain what problem does this PR solve? Or what new features have been added?
* [ ] Have you added corresponding test cases?
* [ ] Have you modified the corresponding document?
* [ ] Is this PR backward compatible? **If it is not backward compatible, please discuss on the [mailing list](https://github.com/apache/apisix/tree/master#community) first**
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb edited a comment on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb edited a comment on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-767305666
@tokers @spacewander
I need your help. I run my test locally but failed.
The `TEST2`'s output all failed. But I don't know what's wrong wit it.
I already pushed the code and details of the output of running test are show blow.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r564233878
##########
File path: t/core/proxy_ssl.t
##########
@@ -0,0 +1,76 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_long_string();
+no_root_location();
+log_level("info");
+
+run_tests;
+
+__DATA__
+
+=== TEST 1: add route
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "methods": ["GET"],
+ "plugins": {
+ "proxy-rewrite": {
+ "scheme": "https"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1983": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/hello"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 2: get upstream carrying host
+--- http_config
+proxy_ssl_server_name on;
+--- more_headers
+host: wrong.com
+--- request
+GET /hello
+--- error_code: 502
+--- error_log
+ssl
Review comment:
Got it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r564226007
##########
File path: t/core/proxy_ssl.t
##########
@@ -0,0 +1,76 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_long_string();
+no_root_location();
+log_level("info");
+
+run_tests;
+
+__DATA__
+
+=== TEST 1: add route
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "methods": ["GET"],
+ "plugins": {
+ "proxy-rewrite": {
+ "scheme": "https"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1983": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/hello"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 2: get upstream carrying host
+--- http_config
+proxy_ssl_server_name on;
+--- more_headers
+host: wrong.com
+--- request
+GET /hello
+--- error_code: 502
+--- error_log
+ssl
Review comment:
I don't know how you assert the 502 is due to SSL handshaking failure.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r556989362
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: true # disable passing of the server name through tls
Review comment:
I will fix it later.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r551131483
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: true # disable passing of the server name through tls
Review comment:
Testing this feature means we test the behavior of the tls which returned ca. I havn't found a good way to deal with it, because I thought it was hard to deep into tls.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-764242549
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb closed pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb closed pull request #3084:
URL: https://github.com/apache/apisix/pull/3084
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb removed a comment on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb removed a comment on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-764242549
@spacewander
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] membphis commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
membphis commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r550408464
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: true # disable passing of the server name through tls
Review comment:
missing test cases
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb removed a comment on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb removed a comment on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-764242549
@spacewander
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-764242549
@spacewander
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r546517965
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: false # disable passing of the server name through tls
Review comment:
This should be enabled by default.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-764244848
@spacewander Thanks for your advice. I will do it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-766839069
@tokers @spacewander
The deadline took effect. I try to learn the test architecture about apisix at last weekends.
Finally I add test cases in `t/core`. I'm willing to hear your advice and I will modify it in the day.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-767305666
I need your help. I run my test locally but failed.
The `TEST2`'s output all failed. But I don't know what's wrong wit it.
I already pushed the code and details of the output of running test are show blow.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r549917599
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: false # disable passing of the server name through tls
Review comment:
I will fix it later.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r557064216
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: true # disable passing of the server name through tls
Review comment:
Already replace it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-766839069
@tokers @spacewander
The deadline took effect. I try to learn the test architecture about apisix at last weekends.
Finally I add test cases in `t/core`. I'm willing to hear your advice and I will modify it in the day.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r549918075
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: false # disable passing of the server name through tls
Review comment:
Done.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
spacewander commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r564211342
##########
File path: t/APISIX.pm
##########
@@ -384,6 +384,24 @@ _EOC_
}
}
+ server {
+ listen 1985 ssl;
Review comment:
We don't need this. We already have a HTTPS backend:
https://github.com/apache/apisix/blob/3db8ebec269b22394c21e29d1507353bdc9ed52b/t/APISIX.pm#L444
You just need to pass a wrong host header.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] membphis commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
membphis commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-766908149
> @tokers @spacewander
> The deadline took effect. I try to learn the test architecture about apisix at last weekends.
>
> Finally I add test cases in `t/core`. I'm willing to hear your advice and I will modify it in the day.
if you need any help, please let us know
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r564216971
##########
File path: t/APISIX.pm
##########
@@ -384,6 +384,24 @@ _EOC_
}
}
+ server {
+ listen 1985 ssl;
Review comment:
Thanks.
But you said I could write a new one in APISIX.pm. What does that means?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r549938026
##########
File path: conf/config-default.yaml
##########
@@ -174,6 +174,8 @@ nginx_config: # config for render the template to generate n
# lua_shared_dicts: # add custom shared cache to nginx.conf
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
+ proxy_ssl_server_name: true # disable passing of the server name through tls
Review comment:
The comment is not right. Just reference the Nginx doc:
> Enables or disables passing of the server name through TLS Server Name Indication extension (SNI, RFC 6066) when establishing a connection with the proxied HTTPS server.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on a change in pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on a change in pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#discussion_r564216971
##########
File path: t/APISIX.pm
##########
@@ -384,6 +384,24 @@ _EOC_
}
}
+ server {
+ listen 1985 ssl;
Review comment:
Thanks. I used to create a new server block because I want to add `server_name` to new block. Now I think this make no sense after thinking about it.
But you said I could write a new one in APISIX.pm. What does that means?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-763314013
@tokers Thanks for giving help. I will add test for it after learning nginx test which would be done within this weeks.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-763264689
@unbeatablekb Should have test cases for it, you can prepare a keypair that the SNI is not matched with the backend server and assert the proxy is aborted.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] unbeatablekb closed pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
unbeatablekb closed pull request #3084:
URL: https://github.com/apache/apisix/pull/3084
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-767223273
@unbeatablekb CI failed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] membphis commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
membphis commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-766908149
> @tokers @spacewander
> The deadline took effect. I try to learn the test architecture about apisix at last weekends.
>
> Finally I add test cases in `t/core`. I'm willing to hear your advice and I will modify it in the day.
if you need any help, please let us know
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander closed pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
spacewander closed pull request #3084:
URL: https://github.com/apache/apisix/pull/3084
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
spacewander commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-763317564
@unbeatablekb
You need to add `proxy_ssl_server_name` in t/APISIX.pm.
You can take a look at https://github.com/apache/apisix/blob/b78c87a158b1eb5926dc70b462f1ae4c4eab8ec5/t/plugin/proxy-rewrite.t#L258-L308 and write your own one.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
spacewander commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-767311267
Only enable proxy_ssl_server_name doesn't pass the correct SNI to the backend.
See https://github.com/apache/apisix/issues/2988#issuecomment-767305416.
I have submitted a new one to surpass this PR: https://github.com/apache/apisix/pull/3420
@unbeatablekb
Your contribution is still counted.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on pull request #3084: feat: add proxy_ssl_server_name
Posted by GitBox <gi...@apache.org>.
tokers commented on pull request #3084:
URL: https://github.com/apache/apisix/pull/3084#issuecomment-767223273
@unbeatablekb CI failed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org