diff --git a/apisix/schema_def.lua b/apisix/schema_def.lua index e261c98c1ec4..d4b63eb27441 100644 --- a/apisix/schema_def.lua +++ b/apisix/schema_def.lua @@ -454,9 +454,23 @@ _M.ssl = { sni = { type = "string", pattern = [[^\*?[0-9a-zA-Z-.]+$]], - } + }, + snis = { + type = "array", + items = { + type = "string", + pattern = [[^\*?[0-9a-zA-Z-.]+$]], + } + }, + exptime = { + type = "integer", + minimum = 1588262400, -- 2020/5/1 0:0:0 + }, + }, + oneOf = { + {required = {"sni", "key", "cert"}}, + {required = {"snis", "key", "cert"}} }, - required = {"sni", "key", "cert"}, additionalProperties = false, } diff --git a/t/admin/schema.t b/t/admin/schema.t index 54ef58ee7ee7..d266f2afce72 100644 --- a/t/admin/schema.t +++ b/t/admin/schema.t @@ -93,9 +93,23 @@ location /t { sni = { type = "string", pattern = [[^\*?[0-9a-zA-Z-.]+$]], - } + }, + snis = { + type = "array", + items = { + type = "string", + pattern = [[^\*?[0-9a-zA-Z-.]+$]], + } + }, + exptime = { + type = "integer", + minimum = 1588262400, -- 2020/5/1 0:0:0 + }, + }, + oneOf = { + {required = {"sni", "key", "cert"}}, + {required = {"snis", "key", "cert"}} }, - required = {"sni", "key", "cert"}, additionalProperties = false, } ) diff --git a/t/admin/ssl.t b/t/admin/ssl.t index 15bfb0ae4301..57eb69e8f13d 100644 --- a/t/admin/ssl.t +++ b/t/admin/ssl.t @@ -228,7 +228,7 @@ GET /t GET /t --- error_code: 400 --- response_body -{"error_msg":"invalid configuration: property \"cert\" is required"} +{"error_msg":"invalid configuration: value should match only one schema, but matches none"} --- no_error_log [error] @@ -269,3 +269,87 @@ GET /t passed --- no_error_log [error] + + + +=== TEST 8: store sni in `snis` +--- config + location /t { + content_by_lua_block { + local core = require("apisix.core") + local t = require("lib.test_admin") + + local ssl_cert = t.read_file("conf/cert/apisix.crt") + local ssl_key = t.read_file("conf/cert/apisix.key") + local data = { + cert = ssl_cert, key = ssl_key, + snis = {"*.foo.com", "bar.com"}, + } + + local code, body = t.test('/apisix/admin/ssl/1', + ngx.HTTP_PUT, + core.json.encode(data), + [[{ + "node": { + "value": { + "snis": ["*.foo.com", "bar.com"] + }, + "key": "/apisix/ssl/1" + }, + "action": "set" + }]] + ) + + ngx.status = code + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed +--- no_error_log +[error] + + + +=== TEST 9: store exptime +--- config + location /t { + content_by_lua_block { + local core = require("apisix.core") + local t = require("lib.test_admin") + + local ssl_cert = t.read_file("conf/cert/apisix.crt") + local ssl_key = t.read_file("conf/cert/apisix.key") + local data = { + cert = ssl_cert, key = ssl_key, + sni = "bar.com", + exptime = 1588262400 + 60 * 60 * 24 * 365, + } + + local code, body = t.test('/apisix/admin/ssl/1', + ngx.HTTP_PUT, + core.json.encode(data), + [[{ + "node": { + "value": { + "sni": "bar.com", + "exptime": 1619798400 + }, + "key": "/apisix/ssl/1" + }, + "action": "set" + }]] + ) + + ngx.status = code + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed +--- no_error_log +[error] diff --git a/t/lib/test_admin.lua b/t/lib/test_admin.lua index 8b4d6c53f5fb..cda7514d09da 100644 --- a/t/lib/test_admin.lua +++ b/t/lib/test_admin.lua @@ -101,6 +101,8 @@ end function _M.comp_tab(left_tab, right_tab) + dir_names = {} + if type(left_tab) == "string" then left_tab = json.decode(left_tab) end @@ -110,7 +112,7 @@ function _M.comp_tab(left_tab, right_tab) local ok, err = com_tab(left_tab, right_tab) if not ok then - return 500, "failed, " .. err + return false, err end return true