diff options
Diffstat (limited to 'meta/3rd/OpenResty/library/ngx')
| m--------- | meta/3rd/OpenResty | 0 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/balancer.lua | 118 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/base64.lua | 21 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/errlog.lua | 122 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/ocsp.lua | 61 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/pipe.lua | 312 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/process.lua | 52 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/re.lua | 102 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/req.lua | 16 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/resp.lua | 23 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/semaphore.lua | 66 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/ssl.lua | 286 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/ssl/clienthello.lua | 102 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/ssl/session.lua | 52 | ||||
| -rw-r--r-- | meta/3rd/OpenResty/library/ngx/upstream.lua | 9 |
15 files changed, 0 insertions, 1342 deletions
diff --git a/meta/3rd/OpenResty b/meta/3rd/OpenResty new file mode 160000 +Subproject 3bec36f0f645bb38b3c8208990d5c36feb66ce3 diff --git a/meta/3rd/OpenResty/library/ngx/balancer.lua b/meta/3rd/OpenResty/library/ngx/balancer.lua deleted file mode 100644 index 6a103a26..00000000 --- a/meta/3rd/OpenResty/library/ngx/balancer.lua +++ /dev/null @@ -1,118 +0,0 @@ ----@meta -local balancer = { - version = require("resty.core.base").version, -} - ---- Sets the peer address (host and port) for the current backend query (which ---- may be a retry). ---- ---- Domain names in host do not make sense. You need to use OpenResty libraries ---- like lua-resty-dns to obtain IP address(es) from all the domain names before ---- entering the `balancer_by_lua*` handler (for example, you can perform DNS ---- lookups in an earlier phase like `access_by_lua*` and pass the results to the ---- `balancer_by_lua*` handler via `ngx.ctx`. ---- ----@param addr string ----@param port integer ----@return boolean ok ----@return string? error -function balancer.set_current_peer(addr, port) end - - ---- Sets the upstream timeout (connect, send and read) in seconds for the ---- current and any subsequent backend requests (which might be a retry). ---- ---- If you want to inherit the timeout value of the global nginx.conf ---- configuration (like `proxy_connect_timeout`), then just specify the nil value ---- for the corresponding argument (like the `connect_timeout` argument). ---- ---- Zero and negative timeout values are not allowed. ---- ---- You can specify millisecond precision in the timeout values by using floating ---- point numbers like 0.001 (which means 1ms). ---- ---- Note: `send_timeout` and `read_timeout` are controlled by the same config ---- `proxy_timeout` for `ngx_stream_proxy_module`. To keep API compatibility, this ---- function will use `max(send_timeout, read_timeout)` as the value for setting ---- proxy_timeout. ---- ---- Returns `true` when the operation is successful; returns `nil` and a string ---- describing the error otherwise. ---- ---- This only affects the current downstream request. It is not a global change. ---- ---- For the best performance, you should use the OpenResty bundle. ---- ----@param connect_timeout? number ----@param send_timeout? number ----@param read_timeout? number ----@return boolean ok ----@return string? error -function balancer.set_timeouts(connect_timeout, send_timeout, read_timeout) end - ----@alias ngx.balancer.failure ----| '"next"' # Failures due to bad status codes sent from the backend server. The origin's response is same though, which means the backend connection can still be reused for future requests. ----| '"failed"' Fatal errors while communicating to the backend server (like connection timeouts, connection resets, and etc). In this case, the backend connection must be aborted and cannot get reused. - ---- Retrieves the failure details about the previous failed attempt (if any) when ---- the next_upstream retrying mechanism is in action. When there was indeed a ---- failed previous attempt, it returned a string describing that attempt's state ---- name, as well as an integer describing the status code of that attempt. ---- ---- Possible status codes are those HTTP error status codes like 502 and 504. ---- ---- For stream module, `status_code` will always be 0 (`ngx.OK`) and is provided ---- for compatibility reasons. ---- ---- When the current attempt is the first attempt for the current downstream ---- request (which means there is no previous attempts at all), this method ---- always returns a single `nil` value. ---- ----@return ngx.balancer.failure? state_name ----@return integer? status_code -function balancer.get_last_failure() end - ---- Sets the tries performed when the current attempt (which may be a retry) ---- fails (as determined by directives like proxy_next_upstream, depending on ---- what particular nginx uptream module you are currently using). --- ---- Note that the current attempt is excluded in the count number set here. ---- ---- Please note that, the total number of tries in a single downstream request ---- cannot exceed the hard limit configured by directives like ---- `proxy_next_upstream_tries`, depending on what concrete NGINX upstream ---- module you are using. When exceeding this limit, the count value will get ---- reduced to meet the limit and the second return value will be the string ---- "reduced tries due to limit", which is a warning, while the first return ---- value is still a `true` value. ---- ----@param count integer ----@return boolean ok ----@return string? error -function balancer.set_more_tries(count) end - ---- Recreates the request buffer for sending to the upstream server. ---- ---- This is useful, for example if you want to change a request header field ---- to the new upstream server on balancer retries. ---- ---- Normally this does not work because the request buffer is created once ---- during upstream module initialization and won't be regenerated for subsequent ---- retries. However you can use `proxy_set_header My-Header $my_header` and ---- set the `ngx.var.my_header` variable inside the balancer phase. Calling ---- `recreate_request()` after updating a header field will cause the request ---- buffer to be re-generated and the `My-Header` header will thus contain the ---- new value. ---- ---- Warning: because the request buffer has to be recreated and such allocation ---- occurs on the request memory pool, the old buffer has to be thrown away and ---- will only be freed after the request finishes. Do not call this function too ---- often or memory leaks may be noticeable. Even so, a call to this function ---- should be made only if you know the request buffer must be regenerated, ---- instead of unconditionally in each balancer retries. ---- ----@return boolean ok ----@return string? error -function balancer.recreate_request() end - -return balancer
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/base64.lua b/meta/3rd/OpenResty/library/ngx/base64.lua deleted file mode 100644 index 5f8184d5..00000000 --- a/meta/3rd/OpenResty/library/ngx/base64.lua +++ /dev/null @@ -1,21 +0,0 @@ ----@meta -local base64 = { - version = require("resty.core.base").version, -} - ----Encode input using base64url rules. Returns the encoded string. ----@param s string ----@return string -function base64.encode_base64url(s) end - ----Decode input using base64url rules. Returns the decoded string. ---- ----If the input is not a valid base64url encoded string, decoded will be `nil` ----and err will be a string describing the error. ---- ----@param s string ----@return string? decoded ----@return string? err -function base64.decode_base64url(s) end - -return base64
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/errlog.lua b/meta/3rd/OpenResty/library/ngx/errlog.lua deleted file mode 100644 index ace384a0..00000000 --- a/meta/3rd/OpenResty/library/ngx/errlog.lua +++ /dev/null @@ -1,122 +0,0 @@ ----@meta -local errlog = { - version = require("resty.core.base").version, -} - ---- Return the nginx core's error log filter level (defined via the `error_log` configuration directive in nginx.conf) as an integer value. ----@return ngx.log.level -function errlog.get_sys_filter_level() end - - ---- Specifies the filter log level, only to capture and buffer the error logs with a log level no lower than the specified level. ---- ---- If we don't call this API, all of the error logs will be captured by default. ---- ---- In case of error, `nil` will be returned as well as a string describing the error. ---- ---- This API should always work with directive `lua_capture_error_log`. ---- ----@param level ngx.log.level ----@return boolean ok ----@return string? err -function errlog.set_filter_level(level) end - - ---- Fetches the captured nginx error log messages if any in the global data buffer specified by ngx_lua's `lua_capture_error_log` directive. Upon return, this Lua function also removes those messages from that global capturing buffer to make room for future new error log data. ---- ---- In case of error, nil will be returned as well as a string describing the error. ---- ---- The optional max argument is a number that when specified, will prevent `get_logs()` from adding more than max messages to the res array. ---- ----```lua ---- for i = 1, 20 do ---- ngx.log(ngx.ERR, "test") ---- end ---- ---- local errlog = require "ngx.errlog" ---- local res = errlog.get_logs(10) ---- -- the number of messages in the `res` table is 10 and the `res` table ---- -- has 30 elements. ----``` ---- ---- The resulting table has the following structure: ---- ----``` ---- { level1, time1, msg1, level2, time2, msg2, ... } ----``` ---- ---- The levelX values are constants defined below: ---- ---- https://github.com/openresty/lua-nginx-module/#nginx-log-level-constants ---- ---- The timeX values are UNIX timestamps in seconds with millisecond precision. The sub-second part is presented as the decimal part. The time format is exactly the same as the value returned by ngx.now. It is also subject to NGINX core's time caching. ---- ---- The msgX values are the error log message texts. ---- ---- So to traverse this array, the user can use a loop like this: ---- ----```lua ---- ---- for i = 1, #res, 3 do ---- local level = res[i] ---- if not level then ---- break ---- end ---- ---- local time = res[i + 1] ---- local msg = res[i + 2] ---- ---- -- handle the current message with log level in `level`, ---- -- log time in `time`, and log message body in `msg`. ---- end ----``` ---- ---- Specifying max <= 0 disables this behavior, meaning that the number of results won't be limited. ---- ---- The optional 2th argument res can be a user-supplied Lua table to hold the result instead of creating a brand new table. This can avoid unnecessary table dynamic allocations on hot Lua code paths. It is used like this: ---- ----```lua ---- local errlog = require "ngx.errlog" ---- local new_tab = require "table.new" ---- ---- local buffer = new_tab(100 * 3, 0) -- for 100 messages ---- ---- local errlog = require "ngx.errlog" ---- local res, err = errlog.get_logs(0, buffer) ---- if res then ---- -- res is the same table as `buffer` ---- for i = 1, #res, 3 do ---- local level = res[i] ---- if not level then ---- break ---- end ---- local time = res[i + 1] ---- local msg = res[i + 2] ---- ... ---- end ---- end ----``` ---- ---- When provided with a res table, `get_logs()` won't clear the table for performance reasons, but will rather insert a trailing nil value after the last table element. ---- ---- When the trailing nil is not enough for your purpose, you should clear the table yourself before feeding it into the `get_logs()` function. ---- ----@param max number ----@param res? table ----@return table? res ----@return string? err -function errlog.get_logs(max, res) end - ---- Log msg to the error logs with the given logging level. ---- ---- Just like the ngx.log API, the log_level argument can take constants like ngx.ERR and ngx.WARN. Check out Nginx log level constants for details. ---- ---- However, unlike the ngx.log API which accepts variadic arguments, this function only accepts a single string as its second argument msg. ---- ---- This function differs from ngx.log in the way that it will not prefix the written logs with any sort of debug information (such as the caller's file and line number). ----@param level ngx.log.level ----@param msg string -function errlog.raw_log(level, msg) end - - -return errlog
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/ocsp.lua b/meta/3rd/OpenResty/library/ngx/ocsp.lua deleted file mode 100644 index 79e001f1..00000000 --- a/meta/3rd/OpenResty/library/ngx/ocsp.lua +++ /dev/null @@ -1,61 +0,0 @@ ----@meta -local ocsp = { - version = require("resty.core.base").version, -} - ---- Extracts the OCSP responder URL (like "http://test.com/ocsp/") from the SSL server certificate chain in the DER format. ---- ---- Usually the SSL server certificate chain is originally formatted in PEM. You can use the Lua API provided by the ngx.ssl module to do the PEM to DER conversion. ---- ---- The optional max_len argument specifies the maximum length of OCSP URL allowed. This determines the buffer size; so do not specify an unnecessarily large value here. It defaults to the internal string buffer size used throughout this lua-resty-core library (usually default to 4KB). ---- ---- In case of failures, returns `nil` and a string describing the error. ---- ----@param der_cert_chain string ----@param max_len? number ----@return string? ocsp_url ----@return string? error -function ocsp.get_ocsp_responder_from_der_chain(der_cert_chain, max_len) end - ---- Validates the raw OCSP response data specified by the `ocsp_resp` argument using the SSL server certificate chain in DER format as specified in the `der_cert_chain` argument. ---- ---- Returns true when the validation is successful. ---- ---- In case of failures, returns `nil` and a string describing the failure. The maximum length of the error string is controlled by the optional `max_err_msg` argument (which defaults to the default internal string buffer size used throughout this lua-resty-core library, usually being 4KB). ---- ----@param ocsp_resp string ----@param der_cert_chain string ----@param max_err_msg_len? number ----@return boolean ok ----@return string? error -function ocsp.validate_ocsp_response(ocsp_resp, der_cert_chain, max_err_msg_len) end - ---- Builds an OCSP request from the SSL server certificate chain in the DER format, which can be used to send to the OCSP server for validation. ---- ---- The optional `max_len` argument specifies the maximum length of the OCSP request allowed. This value determines the size of the internal buffer allocated, so do not specify an unnecessarily large value here. It defaults to the internal string buffer size used throughout this lua-resty-core library (usually defaults to 4KB). ---- ---- In case of failures, returns `nil` and a string describing the error. ---- ---- The raw OCSP response data can be used as the request body directly if the POST method is used for the OCSP request. But for GET requests, you need to do base64 encoding and then URL encoding on the data yourself before appending it to the OCSP URL obtained by the `get_ocsp_responder_from_der_chain()` function. ---- ----@param der_cert_chain string ----@param max_len? number ----@return string? ocsp_req ----@return string? error -function ocsp.create_ocsp_request(der_cert_chain, max_len) end - - ---- Sets the OCSP response as the OCSP stapling for the current SSL connection. ---- ---- Returns `true` in case of successes. If the SSL client does not send a "status request" at all, then this method still returns true but also with a string as the warning "no status req". ---- ---- In case of failures, returns `nil` and a string describing the error. ---- ---- The OCSP response is returned from CA's OCSP server. See the `create_ocsp_request()` function for how to create an OCSP request and also validate_ocsp_response for how to validate the OCSP response. ---- ----@param ocsp_resp string ----@return boolean ok ----@return string? error -function ocsp.set_ocsp_status_resp(ocsp_resp) end - -return ocsp
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/pipe.lua b/meta/3rd/OpenResty/library/ngx/pipe.lua deleted file mode 100644 index c0190e3a..00000000 --- a/meta/3rd/OpenResty/library/ngx/pipe.lua +++ /dev/null @@ -1,312 +0,0 @@ ----@meta -local pipe={} -pipe._gc_ref_c_opt="-c" - -pipe.version = require("resty.core.base").version - ---- Creates and returns a new sub-process instance we can communicate with later. ---- ---- For example: ---- ----```lua ---- local ngx_pipe = require "ngx.pipe" ---- local proc, err = ngx_pipe.spawn({"sh", "-c", "sleep 0.1 && exit 2"}) ---- if not proc then ---- ngx.say(err) ---- return ---- end ----``` ---- ---- In case of failure, this function returns nil and a string describing the error. ---- ---- The sub-process will be killed via SIGKILL if it is still alive when the instance is collected by the garbage collector. ---- ---- Note that args should either be a single level array-like Lua table with string values, or just a single string. ---- ---- Some more examples: ---- ----```lua ---- local proc, err = ngx_pipe.spawn({"ls", "-l"}) ---- ---- local proc, err = ngx_pipe.spawn({"perl", "-e", "print 'hello, wolrd'"}) ---- ----``` ---- ---- If args is specified as a string, it will be executed by the operating system shell, just like os.execute. The above example could thus be rewritten as: ---- ----```lua ---- local ngx_pipe = require "ngx.pipe" ---- local proc, err = ngx_pipe.spawn("sleep 0.1 && exit 2") ---- if not proc then ---- ngx.say(err) ---- return ---- end ----``` ---- ---- In the shell mode, you should be very careful about shell injection attacks when interpolating variables into command string, especially variables from untrusted sources. Please make sure that you escape those variables while assembling the command string. For this reason, it is highly recommended to use the multi-arguments form (args as a table) to specify each command-line argument explicitly. ---- ---- Since by default, Nginx does not pass along the PATH system environment variable, you will need to configure the env PATH directive if you wish for it to be respected during the searching of sub-processes: ---- ----```nginx ---- env PATH; ---- ... ---- content_by_lua_block { ---- local ngx_pipe = require "ngx.pipe" ---- ---- local proc = ngx_pipe.spawn({'ls'}) ---- } ----``` ---- ---- The optional table argument opts can be used to control the behavior of spawned processes. For instance: ---- ----```lua ---- local opts = { ---- merge_stderr = true, ---- buffer_size = 256, ---- environ = {"PATH=/tmp/bin", "CWD=/tmp/work"} ---- } ---- local proc, err = ngx_pipe.spawn({"sh", "-c", ">&2 echo data"}, opts) ---- if not proc then ---- ngx.say(err) ---- return ---- end ----``` ---- ---- ----@param args string[]|string ----@param opts? ngx.pipe.spawn.opts ----@return ngx.pipe.proc? proc ----@return string? error -function pipe.spawn(args, opts) end - - ---- Options for ngx.pipe.spawn() ---- ----@class ngx.pipe.spawn.opts : table ---- ---- when set to true, the output to stderr will be redirected to stdout in the spawned process. This is similar to doing 2>&1 in a shell. ----@field merge_stderr boolean ---- ---- specifies the buffer size used by reading operations, in bytes. The default buffer size is 4096. ----@field buffer_size number ---- ---- specifies environment variables for the spawned process. The value must be a single-level, array-like Lua table with string values. ----@field environ string[] ---- ---- specifies the write timeout threshold, in milliseconds. The default threshold is 10000. If the threshold is 0, the write operation will never time out. ----@field write_timeout number ---- ---- specifies the stdout read timeout threshold, in milliseconds. The default threshold is 10000. If the threshold is 0, the stdout read operation will never time out. ----@field stdout_read_timeout number ---- ---- specifies the stderr read timeout threshold, in milliseconds. The default threshold is 10000. If the threshold is 0, the stderr read operation will never time out. ----@field stderr_read_timeout number ---- ---- specifies the wait timeout threshold, in milliseconds. The default threshold is 10000. If the threshold is 0, the wait operation will never time out. ----@field wait_timeout number - - ----@class ngx.pipe.proc : table -local proc = {} - ---- Respectively sets: the write timeout threshold, stdout read timeout threshold, stderr read timeout threshold, and wait timeout threshold. All timeouts are in milliseconds. ---- ---- The default threshold for each timeout is 10 seconds. ---- ---- If the specified timeout argument is `nil`, the corresponding timeout threshold will not be changed. For example: ---- ----```lua ---- local proc, err = ngx_pipe.spawn({"sleep", "10s"}) ---- ---- -- only change the wait_timeout to 0.1 second. ---- proc:set_timeouts(nil, nil, nil, 100) ---- ---- -- only change the send_timeout to 0.1 second. ---- proc:set_timeouts(100) ----``` ---- ---- If the specified timeout argument is 0, the corresponding operation will never time out. ---- ----@param write_timeout? number ----@param stdout_read_timeout? number ----@param stderr_read_timeout? number ----@param wait_timeout? number -function proc:set_timeouts(write_timeout, stdout_read_timeout, stderr_read_timeout, wait_timeout) end - ---- Waits until the current sub-process exits. ---- ---- It is possible to control how long to wait via set_timeouts. The default timeout is 10 seconds. ---- ---- If process exited with status code zero, the ok return value will be true. ---- ---- If process exited abnormally, the ok return value will be false. ---- ---- The second return value, reason, will be a string. Its values may be: ---- ---- exit: the process exited by calling exit(3), _exit(2), or by returning from main(). In this case, status will be the exit code. ---- signal: the process was terminated by a signal. In this case, status will be the signal number. ---- ---- Note that only one light thread can wait on a process at a time. If another light thread tries to wait on a process, the return values will be `nil` and the error string "pipe busy waiting". ---- ---- If a thread tries to wait an exited process, the return values will be `nil` and the error string "exited". ---- ----@return boolean ok ----@return '"exit"'|'"signal"' reason ----@return number status -function proc:wait() end - - ---- Returns the pid number of the sub-process. ----@return number pid -function proc:pid() end - - ---- Sends a signal to the sub-process. ---- ---- Note that the signum argument should be signal's numerical value. If the specified signum is not a number, an error will be thrown. ---- ---- You should use lua-resty-signal's `signum()` function to convert signal names to signal numbers in order to ensure portability of your application. ---- ---- In case of success, this method returns true. Otherwise, it returns `nil` and a string describing the error. ---- ---- Killing an exited sub-process will return `nil` and the error string "exited". ---- ---- Sending an invalid signal to the process will return `nil` and the error string "invalid signal". ---- ----@param signum integer ----@return boolean ok ----@return string? error -function proc:kill(signum) end - ----Closes the specified direction of the current sub-process. ---- ----The direction argument should be one of these three values: stdin, stdout and stderr. ---- ----In case of success, this method returns true. Otherwise, it returns `nil` and a string describing the error. ---- ----If the `merge_stderr` option is specified in spawn, closing the stderr direction will return `nil` and the error string "merged to stdout". ---- ----Shutting down a direction when a light thread is waiting on it (such as during reading or writing) will abort the light thread and return true. ---- ----Shutting down directions of an exited process will return `nil` and the error string "closed". ---- ----It is fine to shut down the same direction of the same stream multiple times; no side effects are to be expected. ---- ----@param direction '"stdin"'|'"stdout"'|'"stderr"' ----@return boolean ok ----@return string? error -function proc:shutdown(direction) end - ---- Writes data to the current sub-process's stdin stream. ---- ---- The data argument can be a string or a single level array-like Lua table with string values. ---- ---- This method is a synchronous and non-blocking operation that will not return until all the data has been flushed to the sub-process's stdin buffer, or an error occurs. ---- ---- In case of success, it returns the total number of bytes that have been sent. Otherwise, it returns `nil` and a string describing the error. ---- ---- The timeout threshold of this write operation can be controlled by the `set_timeouts` method. The default timeout threshold is 10 seconds. ---- ---- When a timeout occurs, the data may be partially written into the sub-process's stdin buffer and read by the sub-process. ---- ---- Only one light thread is allowed to write to the sub-process at a time. If another light thread tries to write to it, this method will return `nil` and the error string "pipe busy writing". ---- ---- If the write operation is aborted by the shutdown method, it will return `nil` and the error string "aborted". ---- ---- Writing to an exited sub-process will return `nil` and the error string "closed". ---- ----@param data string ----@return integer? nbytes ----@return string? error -function proc:write(data) end - ---- Reads all data from the current sub-process's stderr stream until it is closed. ---- ---- This method is a synchronous and non-blocking operation, just like the write method. ---- ---- The timeout threshold of this reading operation can be controlled by `set_timeouts`. The default timeout is 10 seconds. ---- ---- In case of success, it returns the data received. Otherwise, it returns three values: `nil`, a string describing the error, and, optionally, the partial data received so far. ---- ---- When `merge_stderr` is specified in spawn, calling `stderr_read_all` will return `nil` and the error string "merged to stdout". ---- ---- Only one light thread is allowed to read from a sub-process's stderr or stdout stream at a time. If another thread tries to read from the same stream, this method will return `nil` and the error string "pipe busy reading". ---- ---- If the reading operation is aborted by the shutdown method, it will return `nil` and the error string "aborted". ---- ---- Streams for stdout and stderr are separated, so at most two light threads may be reading from a sub-process at a time (one for each stream). ---- ---- The same way, a light thread may read from a stream while another light thread is writing to the sub-process stdin stream. ---- ---- Reading from an exited process's stream will return `nil` and the error string "closed". ---- ----@return string? data ----@return string? error ----@return string? partial -function proc:stderr_read_all() end - ---- Similar to the `stderr_read_all` method, but reading from the stdout stream of the sub-process. ----@return string? data ----@return string? error ----@return string? partial -function proc:stdout_read_all() end - ---- Reads from stderr like `stderr_read_all`, but only reads a single line of data. ---- ---- When `merge_stderr` is specified in spawn, calling `stderr_read_line` will return `nil` plus the error string "merged to stdout". ---- ---- When the data stream is truncated without a new-line character, it returns 3 values: `nil`, the error string "closed", and the partial data received so far. ---- ---- The line should be terminated by a Line Feed (LF) character (ASCII 10), optionally preceded by a Carriage Return (CR) character (ASCII 13). The CR and LF characters are not included in the returned line data. ----@return string? data ----@return string? error ----@return string? partial -function proc:stderr_read_line() end - ---- Similar to `stderr_read_line`, but reading from the stdout stream of the sub-process. ----@return string? data ----@return string? error ----@return string? partial -function proc:stdout_read_line() end - ---- Reads from stderr like `stderr_read_all`, but only reads the specified number of bytes. ---- ---- If `merge_stderr` is specified in spawn, calling `stderr_read_bytes` will return `nil` plus the error string "merged to stdout". ---- ---- If the data stream is truncated (fewer bytes of data available than requested), this method returns 3 values: `nil`, the error string "closed", and the partial data string received so far. ---- ----@param len number ----@return string? data ----@return string? error ----@return string? partial -function proc:stderr_read_bytes(len) end - ---- Similar to `stderr_read_bytes`, but reading from the stdout stream of the sub-process. ---- ----@param len number ----@return string? data ----@return string? error ----@return string? partial -function proc:stdout_read_bytes(len) end - - ---- Reads from stderr like `stderr_read_all`, but returns immediately when any amount of data is received. ---- ---- At most max bytes are received. ---- ---- If `merge_stderr` is specified in spawn, calling `stderr_read_any` will return `nil` plus the error string "merged to stdout". ---- ---- If the received data is more than `max` bytes, this method will return with exactly `max` bytes of data. The remaining data in the underlying receive buffer can be fetched with a subsequent reading operation. ----@param max number ----@return string? data ----@return string? error -function proc:stderr_read_any(max) end - ---- Similar to `stderr_read_any`, but reading from the stdout stream of the sub-process. ---- ----@param max number ----@return string? data ----@return string? error -function proc:stdout_read_any(max) end - -return pipe
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/process.lua b/meta/3rd/OpenResty/library/ngx/process.lua deleted file mode 100644 index 3a2e424e..00000000 --- a/meta/3rd/OpenResty/library/ngx/process.lua +++ /dev/null @@ -1,52 +0,0 @@ ----@meta -local process = { - version = require("resty.core.base").version, -} - ---- Returns a number value for the nginx master process's process ID (or PID). ---- ----@return integer? pid -function process.get_master_pid() end - - ---- Enables the privileged agent process in Nginx. ---- ---- The privileged agent process does not listen on any virtual server ports ---- like those worker processes. And it uses the same system account as the ---- nginx master process, which is usually a privileged account like root. ---- ---- The `init_worker_by_lua*` directive handler still runs in the privileged ---- agent process. And one can use the `type()` function provided by this module ---- to check if the current process is a privileged agent. ---- ---- In case of failures, returns `nil` and a string describing the error. ---- ----@param connections integer sets the maximum number of simultaneous connections that can be opened by the privileged agent process. ----@return boolean ok ----@return string? error -function process.enable_privileged_agent(connections) end - - ----@alias ngx.process.type ----| '"master"' # the NGINX master process ----| '"worker"' # an NGINX worker process ----| '"privileged agent"' # the NGINX privileged agent process ----| '"single"' # returned when Nginx is running in the single process mode ----| '"signaller"' # returned when Nginx is running as a signaller process - ---- Returns the type of the current NGINX process. ---- ----@return ngx.process.type type -function process.type() end - - ---- Signals the current NGINX worker process to quit gracefully, after all the ---- timers have expired (in time or expired prematurely). ---- ---- Note that this API function simply sets the nginx global C variable ---- `ngx_quit` to signal the nginx event loop directly. No UNIX signals or IPC ---- are involved here. -function process.signal_graceful_exit() end - - -return process
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/re.lua b/meta/3rd/OpenResty/library/ngx/re.lua deleted file mode 100644 index 826d9b3d..00000000 --- a/meta/3rd/OpenResty/library/ngx/re.lua +++ /dev/null @@ -1,102 +0,0 @@ ----@meta -local re={} - -re.version = require("resty.core.base").version - ---- Allows changing of regex settings. Currently, it can only change the `jit_stack_size` of the PCRE engine, like so: ---- ----```nginx ---- init_by_lua_block { require "ngx.re".opt("jit_stack_size", 200 * 1024) } ---- ---- server { ---- location /re { ---- content_by_lua_block { ---- -- full regex and string are taken from https://github.com/JuliaLang/julia/issues/8278 ---- local very_long_string = [[71.163.72.113 - - [30/Jul/2014:16:40:55 -0700] ...]] ---- local very_complicated_regex = [[([\d\.]+) ([\w.-]+) ([\w.-]+) (\[.+\]) ...]] ---- local from, to, err = ngx.re.find(very_long_string, very_complicated_regex, "jo") ---- ---- -- with the regular jit_stack_size, we would get the error 'pcre_exec() failed: -27' ---- -- instead, we get a match ---- ngx.print(from .. "-" .. to) -- prints '1-1563' ---- } ---- } ---- } ----``` ---- ---- The `jit_stack_size` cannot be set to a value lower than PCRE's default of 32K. ---- ----@param option string '"jit_stack_size"' ----@param value any -function re.opt(option, value) end - ---- Splits the subject string using the Perl compatible regular expression regex with the optional options. ---- ---- This function returns a Lua (array) table (with integer keys) containing the split values. ---- ---- In case of error, `nil` will be returned as well as a string describing the error. ---- ---- When regex contains a sub-match capturing group, and when such a match is found, the first submatch capture will be inserted in between each split value, like so: ---- ----```lua ---- local ngx_re = require "ngx.re" ---- ---- local res, err = ngx_re.split("a,b,c,d", "(,)") ---- -- res is now {"a", ",", "b", ",", "c", ",", "d"} ----``` ---- ---- When regex is empty string "", the subject will be split into chars, like so: ---- ----```lua ---- local ngx_re = require "ngx.re" ---- ---- local res, err = ngx_re.split("abcd", "") ---- -- res is now {"a", "b", "c", "d"} ----``` ---- ---- The optional max argument is a number that when specified, will prevent `split()` from adding more than max matches to the res array: ---- ----```lua ---- local ngx_re = require "ngx.re" ---- ---- local res, err = ngx_re.split("a,b,c,d", ",", nil, nil, 3) ---- -- res is now {"a", "b", "c,d"} ----``` ---- ---- Specifying max <= 0 disables this behavior, meaning that the number of results won't be limited. ---- ---- The optional 6th argument res can be a table that `split()` will re-use to hold the results instead of creating a new one, which can improve performance in hot code paths. It is used like so: ---- ----```lua ---- local ngx_re = require "ngx.re" ---- ---- local my_table = {"hello world"} ---- ---- local res, err = ngx_re.split("a,b,c,d", ",", nil, nil, nil, my_table) ---- -- res/my_table is now {"a", "b", "c", "d"} ----``` ---- ---- When provided with a res table, `split()` won't clear the table for performance reasons, but will rather insert a trailing `nil` value when the split is completed: ---- ----```lua ---- local ngx_re = require "ngx.re" ---- ---- local my_table = {"W", "X", "Y", "Z"} ---- ---- local res, err = ngx_re.split("a,b", ",", nil, nil, nil, my_table) ---- -- res/my_table is now {"a", "b", nil, "Z"} ----``` ---- ---- When the trailing `nil` is not enough for your purpose, you should clear the table yourself before feeding it into the split function. ---- ----@param subj string ----@param regex string ----@param opts? ngx.re.options ----@param ctx? ngx.re.ctx ----@param max? number ----@param res? string[] ----@return string[]? res ----@return string? error -function re.split(subj, regex, opts, ctx, max, res) end - -return re
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/req.lua b/meta/3rd/OpenResty/library/ngx/req.lua deleted file mode 100644 index 7bf14494..00000000 --- a/meta/3rd/OpenResty/library/ngx/req.lua +++ /dev/null @@ -1,16 +0,0 @@ ----@meta -local req = {} - -req.version = require("resty.core.base").version - ----This method adds the specified header and its value to the current request. It works similarly as ngx.req.set_header, with the exception that when the header already exists, the specified value(s) will be appended instead of overriden. ---- ----When the specified `header_name` is a builtin header (e.g. User-Agent), this method will override its values. ---- ----The `header_value` argument can either be a string or a non-empty, array-like table. A nil or empty table value will cause this function to throw an error. ---- ----@param header_name string must be a non-empty string. ----@param header_value string|string[] -function req.add_header(header_name, header_value) end - -return req diff --git a/meta/3rd/OpenResty/library/ngx/resp.lua b/meta/3rd/OpenResty/library/ngx/resp.lua deleted file mode 100644 index c2de299a..00000000 --- a/meta/3rd/OpenResty/library/ngx/resp.lua +++ /dev/null @@ -1,23 +0,0 @@ ----@meta -local resp={} - -resp.version = require("resty.core.base").version - ---- This function adds specified header with corresponding value to the response of current request. ---- ---- The `header_value` could be either a string or a table. ---- ---- The ngx.resp.add_header works mostly like: ---- ---- `ngx.header.HEADER` ---- Nginx's `add_header` directive. ---- ---- However, unlike `ngx.header.HEADER`, this method appends new header to the old one instead of overriding it. ---- ---- Unlike `add_header` directive, this method will override the builtin header instead of appending it. ---- ----@param key string ----@param value string|string[] -function resp.add_header(key, value) end - -return resp
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/semaphore.lua b/meta/3rd/OpenResty/library/ngx/semaphore.lua deleted file mode 100644 index cd5c7586..00000000 --- a/meta/3rd/OpenResty/library/ngx/semaphore.lua +++ /dev/null @@ -1,66 +0,0 @@ ----@meta - ----@class ngx.semaphore ---- sem is the internal c handler ----@field sem userdata -local semaphore = { - version = require("resty.core.base").version, -} - ----Creates and returns a new semaphore instance. ---- ----@param n? integer the number of resources the semaphore will begin with (default 0) ----@return ngx.semaphore? semaphore ----@return string? error -function semaphore.new(n) end - - ---- Returns the number of resources readily available in the sema semaphore ---- instance (if any). ---- ---- When the returned number is negative, it means the number of "light threads" ---- waiting on this semaphore. ---- ----@return integer count -function semaphore:count() end - - ---- Requests a resource from the semaphore instance. ---- ---- Returns `true` immediately when there is resources available for the current ---- running "light thread". Otherwise the current "light thread" will enter the ---- waiting queue and yield execution. The current "light thread" will be ---- automatically waken up and the wait function call will return true when there ---- is resources available for it, or return nil and a string describing the error ---- in case of failure (like "timeout"). ---- ---- The timeout argument specifies the maximum time this function call should ---- wait for (in seconds). ---- ---- When the timeout argument is 0, it means "no wait", that is, when there is ---- no readily available "resources" for the current running "light thread", ---- this wait function call returns immediately nil and the error string "timeout". ---- ---- You can specify millisecond precision in the timeout value by using floating ---- point numbers like 0.001 (which means 1ms). ---- ---- "Light threads" created by different contexts (like request handlers) can ---- wait on the same semaphore instance without problem. ---- ----@param timeout? number ----@return boolean ok ----@return string|'"timeout"' error -function semaphore:wait(timeout) end - - ---- Releases n (default to 1) "resources" to the semaphore instance. ---- ---- This will not yield the current running "light thread". ---- ---- At most n "light threads" will be waken up when the current running "light thread" later yields (or terminates). ---- ----@param n? integer -function semaphore:post(n) end - - -return semaphore
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/ssl.lua b/meta/3rd/OpenResty/library/ngx/ssl.lua deleted file mode 100644 index 42da031b..00000000 --- a/meta/3rd/OpenResty/library/ngx/ssl.lua +++ /dev/null @@ -1,286 +0,0 @@ ----@meta -local ssl={} - ---- Sets the DER-formatted prviate key for the current SSL connection. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ---- ---- Usually, the private keys are encoded in the PEM format. You can either use the priv_key_pem_to_der function to do the PEM to DER conversion or just use the openssl command-line utility offline, like below ---- ---- openssl rsa -in key.pem -outform DER -out key.der ---- ----@param der_priv_key string ----@return boolean ok ----@return string? error -function ssl.set_der_priv_key(der_priv_key) end - - ---- Converts the PEM-formatted SSL private key data into an opaque cdata pointer (for later uses in the set_priv_key function, for example). ---- ---- In case of failures, returns nil and a string describing the error. ---- ---- This function can be called in any context. ---- ----@param pem_priv_key string ----@return ffi.cdata*? priv_key ----@return string? error -function ssl.parse_pem_priv_key(pem_priv_key) end - - ---- Returns the TLS 1.x version number used by the current SSL connection. Returns nil and a string describing the error otherwise. ---- ---- Typical return values are: ---- ---- 0x0300(SSLv3) ---- 0x0301(TLSv1) ---- 0x0302(TLSv1.1) ---- 0x0303(TLSv1.2) ---- 0x0304(TLSv1.3) ---- ---- This function can be called in any context where downstream https is used. ----@return number? version ----@return string? error -function ssl.get_tls1_version() end - - ---- Sets the SSL certificate chain opaque pointer returned by the parse_pem_cert function for the current SSL connection. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ---- ---- Note that this set_cert function will run slightly faster, in terms of CPU cycles wasted, than the set_der_cert variant, since the first function uses opaque cdata pointers which do not require any additional conversion needed to be performed by the SSL library during the SSL handshake. ---- ----@param cert_chain ffi.cdata* ----@return boolean ok ----@return string? error -function ssl.set_cert(cert_chain) end - - -ssl.TLS1_VERSION=769 - ---- Sets the SSL private key opaque pointer returned by the parse_pem_priv_key function for the current SSL connection. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ---- ---- Note that this set_priv_key function will run slightly faster, in terms of CPU cycles wasted, than the set_der_priv_key variant, since the first function uses opaque cdata pointers which do not require any additional conversion needed to be performed by the SSL library during the SSL handshake. ---- ----@param priv_key ffi.cdata* ----@return boolean ok ----@return string? error -function ssl.set_priv_key(priv_key) end - ---- Returns the raw server address actually accessed by the client in the current SSL connection. ---- ---- The first two return values are strings representing the address data and the address type, respectively. The address values are interpreted differently according to the address type values: ---- ---- unix : The address data is a file path for the UNIX domain socket. ---- inet : The address data is a binary IPv4 address of 4 bytes long. ---- inet6 : The address data is a binary IPv6 address of 16 bytes long. ---- ---- Returns two nil values and a Lua string describing the error. ---- ---- The following code snippet shows how to print out the UNIX domain socket address and the IPv4 address as human-readable strings: ---- ----```lua ---- local ssl = require "ngx.ssl" ---- local byte = string.byte ---- ---- local addr, addrtyp, err = ssl.raw_server_addr() ---- if not addr then ---- ngx.log(ngx.ERR, "failed to fetch raw server addr: ", err) ---- return ---- end ---- ---- if addrtyp == "inet" then -- IPv4 ---- ip = string.format("%d.%d.%d.%d", byte(addr, 1), byte(addr, 2), ---- byte(addr, 3), byte(addr, 4)) ---- print("Using IPv4 address: ", ip) ---- ---- elseif addrtyp == "unix" then -- UNIX ---- print("Using unix socket file ", addr) ---- ---- else -- IPv6 ---- -- leave as an exercise for the readers ---- end ----``` ---- ---- This function can be called in any context where downstream https is used. ---- ----@return string? addr_data ----@return ngx.ssl.addr_type? addr_type ----@return string? error -function ssl.raw_server_addr() end - ----@alias ngx.ssl.addr_type ----| '"unix"' # a file path for the UNIX domain socket. ----| '"inet"' # a binary IPv4 address of 4 bytes long. ----| '"inet6"' # a binary IPv6 address of 16 bytes long. - - ---- Clears any existing SSL certificates and/or private keys set on the current SSL connection. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ----@return boolean ok ----@return string? error -function ssl.clear_certs() end - ---- Returns the raw client address of the current SSL connection. ---- ---- The first two return values are strings representing the address data and the address type, respectively. The address values are interpreted differently according to the address type values: ---- ---- unix : The address data is a file path for the UNIX domain socket. ---- inet : The address data is a binary IPv4 address of 4 bytes long. ---- inet6 : The address data is a binary IPv6 address of 16 bytes long. ---- ---- Returns two nil values and a Lua string describing the error. ---- ---- The following code snippet shows how to print out the UNIX domain socket address and the IPv4 address as human-readable strings: ---- ----```lua ---- local ssl = require "ngx.ssl" ---- local byte = string.byte ---- ---- local addr, addrtyp, err = ssl.raw_client_addr() ---- if not addr then ---- ngx.log(ngx.ERR, "failed to fetch raw client addr: ", err) ---- return ---- end ---- ---- if addrtyp == "inet" then -- IPv4 ---- ip = string.format("%d.%d.%d.%d", byte(addr, 1), byte(addr, 2), ---- byte(addr, 3), byte(addr, 4)) ---- print("Client IPv4 address: ", ip) ---- ---- elseif addrtyp == "unix" then -- UNIX ---- print("Client unix socket file ", addr) ---- ---- else -- IPv6 ---- -- leave as an exercise for the readers ---- end ----``` ---- ---- This function can be called in any context where downstream https is used. ---- ----@return string? addr_data ----@return ngx.ssl.addr_type? addr_type ----@return string? error -function ssl.raw_client_addr() end - - ---- Converts the PEM-formated SSL certificate chain data into an opaque cdata pointer (for later uses in the set_cert function, for example). ---- ---- In case of failures, returns nil and a string describing the error. ---- ---- You can always use libraries like lua-resty-lrucache to cache the cdata result. ---- ---- This function can be called in any context. ---- ----@param pem_cert_chain string ----@return ffi.cdata*? cert_chain ----@return string? error -function ssl.parse_pem_cert(pem_cert_chain) end - -ssl.version = require("resty.core.base").version -ssl.TLS1_2_VERSION=771 - ---- Returns the TLS SNI (Server Name Indication) name set by the client. Returns nil when the client does not set it. ---- ---- In case of failures, it returns nil and a string describing the error. ---- ---- Usually we use this SNI name as the domain name (like www.openresty.org) to identify the current web site while loading the corresponding SSL certificate chain and private key for the site. ---- ---- Please note that not all https clients set the SNI name, so when the SNI name is missing from the client handshake request, we use the server IP address accessed by the client to identify the site. See the raw_server_addr method for more details. ---- ---- This function can be called in any context where downstream https is used. ---- ----@return string? server_name ----@return string? error -function ssl.server_name() end - ---- Returns the server port. Returns nil when server dont have a port. ---- ---- In case of failures, it returns nil and a string describing the error. ---- ---- This function can be called in any context where downstream https is used. ---- ----@return number? server_port ----@return string? error -function ssl.server_port() end - - - -ssl.TLS1_1_VERSION=770 -ssl.SSL3_VERSION=768 - ---- Sets the DER-formatted SSL certificate chain data for the current SSL connection. Note that the DER data is directly in the Lua string argument. No external file names are supported here. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ---- ---- Note that, the SSL certificate chain is usually encoded in the PEM format. So you need to use the cert_pem_to_der function to do the conversion first. ----@param der_cert_chain string ----@return boolean ok ----@return string? error -function ssl.set_der_cert(der_cert_chain) end - - ---- Returns the TLS 1.x version string used by the current SSL connection. Returns nil and a string describing the error otherwise. ---- ---- If the TLS 1.x version number used by the current SSL connection is not recognized, the return values will be nil and the string "unknown version". ---- ---- Typical return values are: ---- ---- SSLv3 ---- TLSv1 ---- TLSv1.1 ---- TLSv1.2 ---- TLSv1.3 ---- ---- This function can be called in any context where downstream https is used. ---- ----@return string? version ----@return string? error -function ssl.get_tls1_version_str() end - ---- Converts the PEM-formatted SSL private key data into the DER format (for later uses in the set_der_priv_key function, for example). ---- ---- In case of failures, returns nil and a string describing the error. ---- ---- Alternatively, you can do the PEM to DER conversion offline with the openssl command-line utility, like below ---- ---- openssl rsa -in key.pem -outform DER -out key.der ---- ---- This function can be called in any context. ---- ----@param pem_priv_key string ----@return string? der_priv_key ----@return string? error -function ssl.priv_key_pem_to_der(pem_priv_key) end - ---- Converts the PEM-formatted SSL certificate chain data into the DER format (for later uses in the set_der_cert function, for example). ---- ---- In case of failures, returns nil and a string describing the error. ---- ---- It is known that the openssl command-line utility may not convert the whole SSL certificate chain from PEM to DER correctly. So always use this Lua function to do the conversion. You can always use libraries like lua-resty-lrucache and/or ngx_lua APIs like lua_shared_dict to do the caching of the DER-formatted results, for example. ---- ---- This function can be called in any context. ---- ----@param pem_cert_chain string ----@return string? der_cert_chain ----@return string? error -function ssl.cert_pem_to_der(pem_cert_chain) end - - ---- Requires a client certificate during TLS handshake. ---- ---- Returns true on success, or a nil value and a string describing the error otherwise. ---- ---- Note that TLS is not terminated when verification fails. You need to examine Nginx variable $ssl_client_verify later to determine next steps. ---- ---- This function was first added in version 0.1.20. ---- ----@param ca_certs? ffi.cdata* # the CA certificate chain opaque pointer returned by the parse_pem_cert function for the current SSL connection. The list of certificates will be sent to clients. Also, they will be added to trusted store. If omitted, will not send any CA certificate to clients. ----@param depth? number verification depth in the client certificates chain. If omitted, will use the value specified by ssl_verify_depth. ----@return boolean ok ----@return string? error -function ssl.verify_client(ca_certs, depth) end - -return ssl
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/ssl/clienthello.lua b/meta/3rd/OpenResty/library/ngx/ssl/clienthello.lua deleted file mode 100644 index d2e40665..00000000 --- a/meta/3rd/OpenResty/library/ngx/ssl/clienthello.lua +++ /dev/null @@ -1,102 +0,0 @@ ----@meta -local clienthello = {} - -clienthello.version = require("resty.core.base").version - ----Returns the TLS SNI (Server Name Indication) name set by the client. ---- ----Return `nil` when then the extension does not exist. ---- ----In case of errors, it returns `nil` and a string describing the error. ---- ----Note that the SNI name is gotten from the raw extensions of the client hello message associated with the current downstream SSL connection. ---- ----So this function can only be called in the context of `ssl_client_hello_by_lua*`. ----@return string? host ----@return string? error -function clienthello.get_client_hello_server_name() end - - ---- Returns raw data of arbitrary SSL client hello extension including custom extensions. ---- ---- Returns `nil` if the specified extension type does not exist. ---- ---- In case of errors, it returns `nil` and a string describing the error. ---- ---- Note that the ext is gotten from the raw extensions of the client hello message associated with the current downstream SSL connection. ---- ---- So this function can only be called in the context of `ssl_client_hello_by_lua*`. ---- ---- Example: ---- ---- Gets server name from raw extension data. The `0` in `ssl_clt.get_client_hello_ext(0)` denotes `TLSEXT_TYPE_server_name`, and the `0` in `byte(ext, 3) ~= 0` denotes `TLSEXT_NAMETYPE_host_name`. ---- ---- ```nginx ---- # nginx.conf ---- server { ---- listen 443 ssl; ---- server_name test.com; ---- ssl_client_hello_by_lua_block { ---- local ssl_clt = require "ngx.ssl.clienthello" ---- local byte = string.byte ---- local ext = ssl_clt.get_client_hello_ext(0) ---- if not ext then ---- print("failed to get_client_hello_ext(0)") ---- ngx.exit(ngx.ERROR) ---- end ---- local total_len = string.len(ext) ---- if total_len <= 2 then ---- print("bad SSL Client Hello Extension") ---- ngx.exit(ngx.ERROR) ---- end ---- local len = byte(ext, 1) * 256 + byte(ext, 2) ---- if len + 2 ~= total_len then ---- print("bad SSL Client Hello Extension") ---- ngx.exit(ngx.ERROR) ---- end ---- if byte(ext, 3) ~= 0 then ---- print("bad SSL Client Hello Extension") ---- ngx.exit(ngx.ERROR) ---- end ---- if total_len <= 5 then ---- print("bad SSL Client Hello Extension") ---- ngx.exit(ngx.ERROR) ---- end ---- len = byte(ext, 4) * 256 + byte(ext, 5) ---- if len + 5 > total_len then ---- print("bad SSL Client Hello Extension") ---- ngx.exit(ngx.ERROR) ---- end ---- local name = string.sub(ext, 6, 6 + len -1) ---- ---- print("read SNI name from Lua: ", name) ---- } ---- ssl_certificate test.crt; ---- ssl_certificate_key test.key; ---- } ---- ``` ---- ----@param ext_type number ----@return string? ext -function clienthello.get_client_hello_ext(ext_type) end - - ---- Sets the SSL protocols supported by the current downstream SSL connection. ---- ---- Returns `true` on success, or a `nil` value and a string describing the error otherwise. ---- ---- Considering it is meaningless to set ssl protocols after the protocol is determined, ---- so this function may only be called in the context of `ssl_client_hello_by_lua*`. ---- ---- Example: ---- ```lua ---- ssl_clt.set_protocols({"TLSv1.1", "TLSv1.2", "TLSv1.3"})` ---- ``` ---- ----@param protocols string[] ----@return boolean ok ----@return string? error -function clienthello.set_protocols(protocols) end - - -return clienthello diff --git a/meta/3rd/OpenResty/library/ngx/ssl/session.lua b/meta/3rd/OpenResty/library/ngx/ssl/session.lua deleted file mode 100644 index 7307b00c..00000000 --- a/meta/3rd/OpenResty/library/ngx/ssl/session.lua +++ /dev/null @@ -1,52 +0,0 @@ ----@meta -local session={} - -session.version = require("resty.core.base").version - - ---- Sets the serialized SSL session provided as the argument to the current SSL connection. ---- If the SSL session is successfully set, the current SSL connection can resume the session ---- directly without going through the full SSL handshake process (which is very expensive in terms of CPU time). ---- ---- This API is usually used in the context of `ssl_session_fetch_by_lua*` ---- when a cache hit is found with the current SSL session ID. ---- ---- The serialized SSL session used as the argument should be originally returned by the ---- `get_serialized_session` function. ---- ----@param session string ----@return boolean ok ----@return string? error -function session.set_serialized_session(session) end - ---- Returns the serialized form of the SSL session data of the current SSL connection, in a Lua string. ---- ---- This session can be cached in `lua-resty-lrucache`, `lua_shared_dict`, ---- and/or external data storage services like `memcached` and `redis`. The SSL session ID returned ---- by the `get_session_id` function is usually used as the cache key. ---- ---- The returned SSL session data can later be loaded into other SSL connections using the same ---- session ID via the `set_serialized_session` function. ---- ---- In case of errors, it returns `nil` and a string describing the error. ---- ---- This API function is usually called in the context of `ssl_session_store_by_lua*` ---- where the SSL handshake has just completed. ---- ----@return string? session ----@return string? error -function session.get_serialized_session() end - ---- Fetches the SSL session ID associated with the current downstream SSL connection. ---- The ID is returned as a Lua string. ---- ---- In case of errors, it returns `nil` and a string describing the error. ---- ---- This API function is usually called in the contexts of ---- `ssl_session_store_by_lua*` and `ssl_session_fetch_by_lua*`. ---- ----@return string? id ----@return string? error -function session.get_session_id() end - -return session
\ No newline at end of file diff --git a/meta/3rd/OpenResty/library/ngx/upstream.lua b/meta/3rd/OpenResty/library/ngx/upstream.lua deleted file mode 100644 index 7313481c..00000000 --- a/meta/3rd/OpenResty/library/ngx/upstream.lua +++ /dev/null @@ -1,9 +0,0 @@ ----@meta -local upstream={} -function upstream.get_backup_peers() end -function upstream.get_servers() end -function upstream.current_upstream_name() end -function upstream.get_primary_peers() end -function upstream.set_peer_down() end -function upstream.get_upstreams() end -return upstream
\ No newline at end of file |