doc: updated the documentation to contain a better example of using ssl_psk_by_lua_block.

Tuure Vartiainen · Tuure Vartiainen · commit 99691c598293 · 2017-10-05T21:04:17.000+03:00
diff --git a/README.markdown b/README.markdown
@@ -2581,7 +2581,7 @@ ssl_psk_by_lua_block
 This directive runs user Lua code when NGINX is about to start the SSL handshake for the downstream
 SSL (https) connections using TLS-PSK and is meant for setting the TLS pre-shared key on a per-request basis.
 
-The [ngx.ssl](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/ssl.md)
+The [ngx.ssl](https://github.com/vartiait/lua-resty-core/blob/ssl-psk/lib/ngx/ssl.md)
  Lua module provided by the [lua-resty-core](https://github.com/openresty/lua-resty-core/#readme)
 library is particularly useful in this context. You can use the Lua API offered by this Lua module
 to set the TLS pre-shared key for the current SSL connection being initiated.
@@ -2603,7 +2603,25 @@ at the same time:
      ssl_psk_identity_hint Test_TLS-PSK_Identity_Hint;
 
      ssl_psk_by_lua_block {
-         print("About to initiate a new TLS-PSK handshake!")
+         local ssl = require "ngx.ssl"
+
+         local psk_identity, err = ssl.get_psk_identity()
+         if not psk_identity then
+             ngx.log(ngx.ERR, "Failed to get TLS-PSK Identity: ", err)
+             return ngx.ERROR
+         end
+
+         print("Client TLS-PSK Identity: ", psk_identity)
+
+         local psk_key = "psk_test_key"
+
+         local ok, err = ssl.set_psk_key(psk_key)
+         if not ok then
+             ngx.log(ngx.ERR, "Failed to set TLS-PSK key: ", err)
+             return ngx.ERROR
+         end
+
+         return ngx.OK
      }
 
      location / {
diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki
@@ -2170,7 +2170,7 @@ This directive was first introduced in the <code>v0.10.0</code> release.
 This directive runs user Lua code when NGINX is about to start the SSL handshake for the downstream
 SSL (https) connections using TLS-PSK and is meant for setting the TLS pre-shared key on a per-request basis.
 
-The [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/ssl.md ngx.ssl]
+The [https://github.com/vartiait/lua-resty-core/blob/ssl-psk/lib/ngx/ssl.md ngx.ssl]
  Lua module provided by the [https://github.com/openresty/lua-resty-core/#readme lua-resty-core]
 library is particularly useful in this context. You can use the Lua API offered by this Lua module
 to set the TLS pre-shared key for the current SSL connection being initiated.
@@ -2191,7 +2191,25 @@ at the same time:
         ssl_psk_identity_hint Test_TLS-PSK_Identity_Hint;
 
         ssl_psk_by_lua_block {
-            print("About to initiate a new TLS-PSK handshake!")
+            local ssl = require "ngx.ssl"
+
+            local psk_identity, err = ssl.get_psk_identity()
+            if not psk_identity then
+                ngx.log(ngx.ERR, "Failed to get TLS-PSK Identity: ", err)
+                return ngx.ERROR
+            end
+
+            print("Client TLS-PSK Identity: ", psk_identity)
+
+            local psk_key = "psk_test_key"
+
+            local ok, err = ssl.set_psk_key(psk_key)
+            if not ok then
+                ngx.log(ngx.ERR, "Failed to set TLS-PSK key: ", err)
+                return ngx.ERROR
+            end
+
+            return ngx.OK
         }
 
         location / {
