search

openresty / lua-resty-limit-traffic

Lua library for limiting and controlling traffic in OpenResty/ngx_lua
821 stars 153 forks source link

ngx.ctx with ssl_certificate_by_lua #57

Open phillipp opened 4 years ago

phillipp commented 4 years ago

Hi, thanks for the great work! One example of the use of ssl_certificate_bylua{file,block} is request limiting with this library.

But in the ssl_certificate_bylua* code there is no ngx.ctx available, which is used in the examples.

That would be the recommended way to store the limiter, key and delay in the ssl routine?

spacewander commented 4 years ago

@phillipp A SSL handshake (happened with connection level) may be related with multiple HTTP requests. Therefore you can't simply leave the limit in log_by_lua even ngx.ctx is available.

spacewander commented 3 years ago

It is possible to limit the request number in ssl_certificate_by_lua, but it is not possible to limit the connection number as there is no way to decrease the counter when the connection is gone.