[Pkg-nginx-maintainers] Bug#884434: nginx: Please include ssl_cert_cb_yield patch for lua-resty-auto-ssl

Jérémy Lal kapouer at melix.org
Sun Aug 7 11:06:39 BST 2022


Source: nginx
Version: 1.22.0-1
Followup-For: Bug #884434
X-Debbugs-Cc: Jan Mojzis <jan.mojzis at gmail.com>

Now that lua-resty-core and probably lua-nginx-module,
the need for ssl_certificate_by_lua to be working will make more sense,
as it allows modules like
https://github.com/fffonion/lua-resty-acme
to use ACME to setup a ssl certificate.

I've been using that patch on many versions of nginx: it is quite easy
to maintain, it touches a part of the code doesn't change much over the years.

On the other hand, ssl_session_fetch_by_lua is doomed, because it also requires
to patch openssl. It's less problematic though, since its use case is much less common
(lua-nginx-module documentation mentions setup of distributed ssl sessions).



-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.18.0-3-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled



More information about the Pkg-nginx-maintainers mailing list