httpc:request_uri does not set ssl_server_name, breaking SNI

[hackedd]

In lua-resty-http 0.15.0, request_uri would call ssl_handshake with the hostname from the request. In 0.16.0 this is no longer the case, and to get SNI to work, you have to manually pass ssl_server_name.

[hackedd]

I believe this could be fixed by letting ssl_server_name default to the parsed host, similar to path and query.

[pintsized]

Yeah, makes sense to me. Good catch! @Tieske any reason why we shouldn't default to host in the absence of ssl_server_name?

[Tieske]

should it only look at the host from the parsed url, or also at the host header if provided?

[Tieske]

old implementation did not take the host header into account

[pintsized]

Yeah, I think host from the parsed uri makes sense, if not only for backwards compatibility. The point of request_uri is to be a "simple" interface ultimately. And if you need to be specific, then we have ssl_server_name.

[Tieske]

this comment is wrong:

Note also that fields in params will override relevant components of the uri if specified.

considering the 0.15 code: https://github.com/ledgetech/lua-resty-http/blob/v0.15/lib/resty/http.lua#L843-L845
(behaviour in 0.16 is same as 0.15)

Should be

Note also that fields path, and query, in params will override relevant components of the uri if specified (scheme, host, and port will always be taken from the uri).

[pintsized]

Yeah right. Ok, I'll put a PR together to fix this up, unless you're already on the case?

[Tieske]

hold on ...

[Tieske]

there ^^

[pintsized]

Merged and uploaded to luarocks. Thanks all.

Note opm releases are waiting on this opm fix to be merged and deployed before I can upload again :/