HAProxy community

Lua fetcher broken in HAproxy 2.2

Hi,

I’m upgrading my HAproxy setup from 2.1 right now and I noticed that a Lua function that works fine in 2.1 is now broken. Inside a sample fetcher, I’m trying to access the common name of the TLS server certificate that was used in this connection:

local cn = txn.sf:ssl_f_s_dn(“CN”)

We have a setup where one out of multiple wildcard certificates is chosen based on the client’s SNI info.

The error I get is:

[ALERT] 243/121119 (14836) : Lua sample-fetch ‘cncheck’: runtime error: cncheck.lua:9: attempt to call a nil value (method ‘ssl_f_s_dn’) from tiserv.lua:9 C function line 3.

I have seen that TLS support was significantly extended in 2.2, but I have no idea why this fetcher is now broken. Does anyone have an idea?

Chris

I suggest you file a bug directly: