Commit 770d410d authored by Nils Goroll's avatar Nils Goroll

update to varnish-cache master -- use the new in-tree vmod_blob

most of the editing has been done using the following shell commands,
but some tests were edited manually

sed -i 's:HEXLC:HEX, LOWER:g' $(git grep -l HEXLC)
sed -i 's:HEXUC:HEX, UPPER:g' $(git grep -l HEXUC)

sed -i '/VMOD blobcode must be installed/ d' $(git grep -l blobcode)
sed -i 's:blobcode:blob:g' $(git grep -l blobcode)

sed -i 's:\.decode(IDENTITY, *$:\.decode(encoded=:' $(git grep -l '\.decode(IDENTITY, *$')
sed -i 's:\.decode(IDENTITY, ":\.decode(encoded=":' $(git grep -l '\.decode(IDENTITY, "')

sed -i 's:\.decode(BASE64, ":\.decode(decoding=BASE64, encoded=":' $(git grep -l '\.decode(BASE64, "')
sed -i 's:\.decode(BASE64, *$:\.decode(decoding=BASE64, encoded=:' $(git grep -l '\.decode(BASE64, *$')

sed -i 's:\.decode(HEX, ":\.decode(decoding=HEX, encoded=":' $(git grep -l '\.decode(HEX, "')
sed -i 's:\.decode(HEX, *$:\.decode(decoding=HEX, encoded=:' $(git grep -l '\.decode(HEX, *$')
parent b9f366c2
...@@ -46,7 +46,7 @@ type BLOB, which may contain arbitrary data of any length. ...@@ -46,7 +46,7 @@ type BLOB, which may contain arbitrary data of any length.
Currently (in Varnish versions through 5.0), BLOBs may only be used in Currently (in Varnish versions through 5.0), BLOBs may only be used in
VCL as arguments of VMOD functions, so this VMOD must be used in VCL as arguments of VMOD functions, so this VMOD must be used in
combination with other VMODs. For example, the blobcode VMOD (see `SEE combination with other VMODs. For example, the blob VMOD (see `SEE
ALSO`_) may be used to convert BLOBs using binary-to-text encodings, ALSO`_) may be used to convert BLOBs using binary-to-text encodings,
to initialize data for this VMOD and to save its results. The to initialize data for this VMOD and to save its results. The
advantage of using BLOBs is that operations on the data are separated advantage of using BLOBs is that operations on the data are separated
...@@ -98,12 +98,12 @@ affect the state of the object in any other transaction. ...@@ -98,12 +98,12 @@ affect the state of the object in any other transaction.
Here are some examples:: Here are some examples::
import blobdigest; import blobdigest;
import blobcode; import blob;
import blob; import blob;
sub vcl_init { sub vcl_init {
# Create a BLOB consisting of the string "foo" # Create a BLOB consisting of the string "foo"
new foo = blobcode.blob(IDENTITY, "foo"); new foo = blob.blob(IDENTITY, "foo");
# Create a SHA256 context for messages with the prefix "foo" # Create a SHA256 context for messages with the prefix "foo"
new fooprefix = blobdigest.digest(SHA256, foo.get()); new fooprefix = blobdigest.digest(SHA256, foo.get());
...@@ -125,10 +125,10 @@ Here are some examples:: ...@@ -125,10 +125,10 @@ Here are some examples::
sub vcl_recv { sub vcl_recv {
# Use the fooprefix object to get the hash of "foobar" # Use the fooprefix object to get the hash of "foobar"
if (!fooprefix.update(blobcode.decode(IDENTITY, "bar"))) { if (!fooprefix.update(blob.decode(IDENTITY, "bar"))) {
call do_error; call do_error;
} }
set req.http.Foobar-Hash = blobcode.encode(BASE64, set req.http.Foobar-Hash = blob.encode(BASE64,
fooprefix.final()); fooprefix.final());
} }
...@@ -137,16 +137,16 @@ Here are some examples:: ...@@ -137,16 +137,16 @@ Here are some examples::
# The uses of the object in client and backend contexts have # The uses of the object in client and backend contexts have
# no effect on each other, or on subsequent client or # no effect on each other, or on subsequent client or
# backend transactions. # backend transactions.
if (!fooprefix.update(blobcode.decode(IDENTITY, "baz"))) { if (!fooprefix.update(blob.decode(IDENTITY, "baz"))) {
call do_error; call do_error;
} }
set req.http.Foobaz-Hash = blobcode.encode(BASE64, set req.http.Foobaz-Hash = blob.encode(BASE64,
fooprefix.final()); fooprefix.final());
} }
sub vcl_deliver { sub vcl_deliver {
# Retrieve the SHA256 hash of "foo" computed in the constructor # Retrieve the SHA256 hash of "foo" computed in the constructor
set req.http.Foo-Hash = blobcode.encode(BASE64, foohash.final()); set req.http.Foo-Hash = blob.encode(BASE64, foohash.final());
} }
The ``hash()`` function computes the message digest for its argument The ``hash()`` function computes the message digest for its argument
...@@ -154,7 +154,7 @@ and returns the result. It is functionally equivalent to using a ...@@ -154,7 +154,7 @@ and returns the result. It is functionally equivalent to using a
``digest`` object:: ``digest`` object::
import blobdigest; import blobdigest;
import blobcode; import blob;
sub vcl_init { sub vcl_init {
# Create a SHA256 context # Create a SHA256 context
...@@ -164,16 +164,16 @@ and returns the result. It is functionally equivalent to using a ...@@ -164,16 +164,16 @@ and returns the result. It is functionally equivalent to using a
sub vcl_recv { sub vcl_recv {
# Get the SHA256 hash of "foo" # Get the SHA256 hash of "foo"
set req.http.Foo-Hash-Functional set req.http.Foo-Hash-Functional
= blobcode.encode(BASE64, = blob.encode(BASE64,
blobdigest.hash(blobcode.decode(IDENTITY, blobdigest.hash(blob.decode(IDENTITY,
"foo"))); "foo")));
# Same result using the object interface # Same result using the object interface
if (!sha256.update(blobcode.decode(IDENTITY, "foo"))) { if (!sha256.update(blob.decode(IDENTITY, "foo"))) {
call do_error; call do_error;
} }
set req.http.Foo-Hash-Object set req.http.Foo-Hash-Object
= blobcode.encode(BASE64, sha256.final()); = blob.encode(BASE64, sha256.final());
} }
The ``hash()`` function makes for a somewhat less verbose interface, The ``hash()`` function makes for a somewhat less verbose interface,
...@@ -231,7 +231,7 @@ by the ``.update()`` method. ...@@ -231,7 +231,7 @@ by the ``.update()`` method.
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
sub vcl_init { sub vcl_init {
# Create an empty digest context for SHA3_256 # Create an empty digest context for SHA3_256
...@@ -239,7 +239,7 @@ Example:: ...@@ -239,7 +239,7 @@ Example::
# Create a digest context for SHA512, and add "foo" # Create a digest context for SHA512, and add "foo"
# as a "prefix" for all other messages to be hashed. # as a "prefix" for all other messages to be hashed.
new foo = blobcode.blob(IDENTITY, "foo") new foo = blob.blob(IDENTITY, "foo")
new sha512 = blobdigest.digest(SHA512, foo.get()); new sha512 = blobdigest.digest(SHA512, foo.get());
} }
...@@ -272,13 +272,13 @@ subroutine, an error message is emitted to the Varnish log with the ...@@ -272,13 +272,13 @@ subroutine, an error message is emitted to the Varnish log with the
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
sub vcl_init { sub vcl_init {
# Create a digest context for SHA512, and add "foo" # Create a digest context for SHA512, and add "foo"
# as a "prefix" for all other messages to be hashed. # as a "prefix" for all other messages to be hashed.
new f = blobcode.blob(IDENTITY, "f") new f = blob.blob(IDENTITY, "f")
new oo = blobcode.blob(IDENTITY, "oo") new oo = blob.blob(IDENTITY, "oo")
new sha512 = blobdigest.digest(SHA512); new sha512 = blobdigest.digest(SHA512);
if (!sha512.update(f.get())) { if (!sha512.update(f.get())) {
return(fail); return(fail);
...@@ -293,13 +293,13 @@ Example:: ...@@ -293,13 +293,13 @@ Example::
sub vcl_recv { sub vcl_recv {
# Update the SHA3_256 digest in the current client transaction # Update the SHA3_256 digest in the current client transaction
if (!sha3_256.update(blobcode.blob(IDENTITY, "bar"))) { if (!sha3_256.update(blob.blob(IDENTITY, "bar"))) {
call do_client_error; call do_client_error;
} }
sub vcl_backend_fetch { sub vcl_backend_fetch {
# Update the SHA3_256 digest in the current backend transaction # Update the SHA3_256 digest in the current backend transaction
if (!sha3_256.update(blobcode.blob(IDENTITY, "baz"))) { if (!sha3_256.update(blob.blob(IDENTITY, "baz"))) {
call do_backend_error; call do_backend_error;
} }
...@@ -328,12 +328,12 @@ transaction. ...@@ -328,12 +328,12 @@ transaction.
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
import blob; import blob;
sub vcl_init { sub vcl_init {
# Compute and save the SHA512 hash for "foo" # Compute and save the SHA512 hash for "foo"
new foo = blobcode.blob(IDENTITY, "foo") new foo = blob.blob(IDENTITY, "foo")
new foohash = blobdigest.digest(SHA512, foo.get()); new foohash = blobdigest.digest(SHA512, foo.get());
if (!blob.same(foohash.final(), foo.get())) { if (!blob.same(foohash.final(), foo.get())) {
# As above, this is a workaround to call final(), # As above, this is a workaround to call final(),
...@@ -347,10 +347,10 @@ Example:: ...@@ -347,10 +347,10 @@ Example::
sub vcl_recv { sub vcl_recv {
# Retrieve the hash for "foo" computed in vcl_init # Retrieve the hash for "foo" computed in vcl_init
set req.http.Foo-Hash set req.http.Foo-Hash
= blobcode.encode(BASE64, foohash.final()); = blob.encode(BASE64, foohash.final());
# Compute the base64-encoded SHA3_256 hash for "bar" # Compute the base64-encoded SHA3_256 hash for "bar"
if (!sha3_256.update(blobcode.decode(IDENTITY, "bar"))) { if (!sha3_256.update(blob.decode(IDENTITY, "bar"))) {
call do_client_error; call do_client_error;
} }
set req.http.Bar-Hash-Base64 set req.http.Bar-Hash-Base64
...@@ -359,7 +359,7 @@ Example:: ...@@ -359,7 +359,7 @@ Example::
sub vcl_backend_fetch { sub vcl_backend_fetch {
# Compute the base64-encoded SHA3_256 hash for "baz" # Compute the base64-encoded SHA3_256 hash for "baz"
if (!sha3_256.update(blobcode.decode(IDENTITY, "baz"))) { if (!sha3_256.update(blob.decode(IDENTITY, "baz"))) {
call do_client_error; call do_client_error;
} }
set bereq.http.Baz-Hash-Base64 set bereq.http.Baz-Hash-Base64
...@@ -370,7 +370,7 @@ Example:: ...@@ -370,7 +370,7 @@ Example::
# Retrieve the message digest computed in vcl_backend_fetch # Retrieve the message digest computed in vcl_backend_fetch
# and get its hex encoding # and get its hex encoding
set beresp.http.Baz-Hash-Hex set beresp.http.Baz-Hash-Hex
= blocbcode.encode(HEXLC, sha3_256.final()); = blocbcode.encode(HEX, LOWER, sha3_256.final());
set beresp.http.Baz-Hash-Base64 = bereq.http.Baz-Hash-Base64 set beresp.http.Baz-Hash-Base64 = bereq.http.Baz-Hash-Base64
} }
...@@ -378,7 +378,7 @@ Example:: ...@@ -378,7 +378,7 @@ Example::
# Retrieve the message digest computed in vcl_recv and get # Retrieve the message digest computed in vcl_recv and get
# its hex encoding # its hex encoding
set resp.http.Bar-Hash-Hex set resp.http.Bar-Hash-Hex
= blocbcode.encode(HEXLC, sha3_256.final()); = blocbcode.encode(HEX, LOWER, sha3_256.final());
set resp.http.Bar-Hash-Base64 = req.http.Bar-Hash-Base64; set resp.http.Bar-Hash-Base64 = req.http.Bar-Hash-Base64;
set resp.http.Foo-Hash = req.http.Foo-Hash; set resp.http.Foo-Hash = req.http.Foo-Hash;
} }
...@@ -406,14 +406,14 @@ Returns the message digest for ``msg`` as specified by ``hash``. ...@@ -406,14 +406,14 @@ Returns the message digest for ``msg`` as specified by ``hash``.
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
# Decode the base64-encoded string, generate its SHA256 hash, # Decode the base64-encoded string, generate its SHA256 hash,
# and save the hex-encoded result in a header. # and save the hex-encoded result in a header.
set req.http.SHA256 set req.http.SHA256
= blobcode.encode(HEXUC, = blob.encode(HEX, UPPER,
blobdigest.hash(SHA256, blobdigest.hash(SHA256,
blobcode.decode(BASE64, "Zm9v")); blob.decode(BASE64, "Zm9v"));
.. _obj_hmac: .. _obj_hmac:
...@@ -430,12 +430,12 @@ Creates an object that generates HMACs based on the digest algorithm ...@@ -430,12 +430,12 @@ Creates an object that generates HMACs based on the digest algorithm
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
# Create a key from the base64-encoded string, and use # Create a key from the base64-encoded string, and use
# the result to initialize an hmac object. # the result to initialize an hmac object.
sub vcl_init { sub vcl_init {
new key = blobcode.blob(BASE64, "a2V5"); new key = blob.blob(BASE64, "a2V5");
new hmac = blobdigest.hmac(SHA256, key.get()); new hmac = blobdigest.hmac(SHA256, key.get());
} }
...@@ -460,8 +460,8 @@ Example:: ...@@ -460,8 +460,8 @@ Example::
# the hex-encoded data in request header Msg. # the hex-encoded data in request header Msg.
# Respond with 401 Not Authorized if the HMAC doesn't check. # Respond with 401 Not Authorized if the HMAC doesn't check.
sub vcl_recv { sub vcl_recv {
if (!blob.equal(blobcode.decode(HEX, req.http.HMAC), if (!blob.equal(blob.decode(HEX, req.http.HMAC),
hmac.hmac(blobcode.decode(HEX, req.http.Msg)))) { hmac.hmac(blob.decode(HEX, req.http.Msg)))) {
return(synth(401)); return(synth(401));
} }
...@@ -488,16 +488,16 @@ requiring a VCL reload. ...@@ -488,16 +488,16 @@ requiring a VCL reload.
Example:: Example::
import blobdigest; import blobdigest;
import blobcode; import blob;
# Decode the base64-encoded string as a HMAC key, compute the # Decode the base64-encoded string as a HMAC key, compute the
# SHA512 HMAC of the Msg header, and save the hex-encoded # SHA512 HMAC of the Msg header, and save the hex-encoded
# result in a header. # result in a header.
set req.http.HMAC set req.http.HMAC
= blobcode.encode(HEXUC, = blob.encode(HEX, UPPER,
blobdigest.hmacf(SHA512, blobdigest.hmacf(SHA512,
blobcode.decode(BASE64, "Zm9v"), blob.decode(BASE64, "Zm9v"),
blobcode.decode(IDENTITY, blob.decode(IDENTITY,
req.http.Msg))); req.http.Msg)));
.. _func_version: .. _func_version:
...@@ -523,7 +523,7 @@ source repository for versions that are compatible with other versions ...@@ -523,7 +523,7 @@ source repository for versions that are compatible with other versions
of Varnish. of Varnish.
The gcc compiler and Perl 5 are required for the build. For the The gcc compiler and Perl 5 are required for the build. For the
self-tests invoked by ``make check``, the VMODs ``blobcode`` and self-tests invoked by ``make check``, the VMODs ``blob`` and
``blob`` must be installed (see `SEE ALSO`_). ``blob`` must be installed (see `SEE ALSO`_).
LIMITATIONS LIMITATIONS
...@@ -567,7 +567,7 @@ SEE ALSO ...@@ -567,7 +567,7 @@ SEE ALSO
* varnishd(1) * varnishd(1)
* vcl(7) * vcl(7)
* source repository: https://code.uplex.de/uplex-varnish/libvmod-blobdigest * source repository: https://code.uplex.de/uplex-varnish/libvmod-blobdigest
* VMOD blobcode: https://code.uplex.de/uplex-varnish/libvmod-blobcode * VMOD blob: https://code.uplex.de/uplex-varnish/libvmod-blob
* VMOD blob: https://code.uplex.de/uplex-varnish/libvmod-blob * VMOD blob: https://code.uplex.de/uplex-varnish/libvmod-blob
* RHash: * RHash:
......
...@@ -2,34 +2,33 @@ ...@@ -2,34 +2,33 @@
varnishtest "CRC32 checksum" varnishtest "CRC32 checksum"
# VMOD blobcode must be installed
varnish v1 -vcl { varnish v1 -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode; import blob;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new a = blobcode.blob(IDENTITY, "a"); new a = blob.blob(IDENTITY, "a");
new msg = blobcode.blob(IDENTITY, "message"); new msg = blob.blob(IDENTITY, "message");
new alphalc = blobcode.blob(IDENTITY, new alphalc = blob.blob(IDENTITY,
"abcdefghijklmnopqrstuvwxyz"); "abcdefghijklmnopqrstuvwxyz");
new empty = blobcode.blob(IDENTITY, ""); new empty = blob.blob(IDENTITY, "");
new alphauc = blobcode.blob(IDENTITY, new alphauc = blob.blob(IDENTITY,
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"); "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
new digits = blobcode.blob(IDENTITY, "1234567890"); new digits = blob.blob(IDENTITY, "1234567890");
new pangram = new pangram =
blobcode.blob(IDENTITY, blob.blob(IDENTITY,
"The quick brown fox jumps over the lazy dog"); "The quick brown fox jumps over the lazy dog");
# Byte values 0 to 63, 64 to 127, etc up to 255 # Byte values 0 to 63, 64 to 127, etc up to 255
new b0to63 = blobcode.blob(BASE64, new b0to63 = blob.blob(BASE64,
"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw=="); "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+Pw==");
new b64to127 = blobcode.blob(BASE64, new b64to127 = blob.blob(BASE64,
"QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+fw=="); "QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+fw==");
new b128to191 = blobcode.blob(BASE64, new b128to191 = blob.blob(BASE64,
"gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+vw=="); "gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+vw==");
new b192to255 = blobcode.blob(BASE64, new b192to255 = blob.blob(BASE64,
"wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w=="); "wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==");
new d1 = blobdigest.digest(CRC32); new d1 = blobdigest.digest(CRC32);
...@@ -52,49 +51,49 @@ varnish v1 -vcl { ...@@ -52,49 +51,49 @@ varnish v1 -vcl {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.empty = blobcode.encode(HEXUC, d1.final()); set resp.http.empty = blob.encode(HEX, UPPER, d1.final());
if (!d2.update(a.get())) { if (!d2.update(a.get())) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.a = blobcode.encode(HEXUC, d2.final()); set resp.http.a = blob.encode(HEX, UPPER, d2.final());
if (!d3.update(blobcode.decode(IDENTITY, "b"))) { if (!d3.update(blob.decode(encoded="b"))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
if (!d3.update(blobcode.decode(IDENTITY, "c"))) { if (!d3.update(blob.decode(encoded="c"))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.abc = blobcode.encode(HEXUC, d3.final()); set resp.http.abc = blob.encode(HEX, UPPER, d3.final());
if (!d4.update(blobcode.decode(IDENTITY, " "))) { if (!d4.update(blob.decode(encoded=" "))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
if (!d4.update(blobcode.decode(IDENTITY, "digest"))) { if (!d4.update(blob.decode(encoded="digest"))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.msgdigest = blobcode.encode(HEXUC, d4.final()); set resp.http.msgdigest = blob.encode(HEX, UPPER, d4.final());
if (!d5.update(blobcode.decode(IDENTITY, ""))) { if (!d5.update(blob.decode(encoded=""))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.alphalc = blobcode.encode(HEXUC, d5.final()); set resp.http.alphalc = blob.encode(HEX, UPPER, d5.final());
if (!d7.update(alphalc.get())) { if (!d7.update(alphalc.get())) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
if (!d7.update(blobcode.decode(IDENTITY, "0123456789"))) { if (!d7.update(blob.decode(encoded="0123456789"))) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.alphanum = blobcode.encode(HEXUC, d7.final()); set resp.http.alphanum = blob.encode(HEX, UPPER, d7.final());
if (!d8.update(digits.get())) { if (!d8.update(digits.get())) {
set resp.status = 500; set resp.status = 500;
...@@ -124,9 +123,9 @@ varnish v1 -vcl { ...@@ -124,9 +123,9 @@ varnish v1 -vcl {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.digits = blobcode.encode(HEXUC, d8.final()); set resp.http.digits = blob.encode(HEX, UPPER, d8.final());
set resp.http.pangram = blobcode.encode(HEXUC, d9.final()); set resp.http.pangram = blob.encode(HEX, UPPER, d9.final());
if (!d11.update(b64to127.get())) { if (!d11.update(b64to127.get())) {
set resp.status = 500; set resp.status = 500;
...@@ -140,49 +139,49 @@ varnish v1 -vcl { ...@@ -140,49 +139,49 @@ varnish v1 -vcl {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.allbytes = blobcode.encode(HEXUC, d11.final()); set resp.http.allbytes = blob.encode(HEX, UPPER, d11.final());
# Tests for the hash() function # Tests for the hash() function
set resp.http.emptyf set resp.http.emptyf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, empty.get())); = blob.encode(HEX, UPPER, blobdigest.hash(CRC32, empty.get()));
set resp.http.af set resp.http.af
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, "a"))); blob.decode(encoded="a")));
set resp.http.abcf set resp.http.abcf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, "abc"))); blob.decode(encoded="abc")));
set resp.http.msgdigestf set resp.http.msgdigestf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, blob.decode(encoded=
"message digest"))); "message digest")));
set resp.http.alphalcf set resp.http.alphalcf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, blob.decode(encoded=
"abcdefghijklmnopqrstuvwxyz"))); "abcdefghijklmnopqrstuvwxyz")));
set resp.http.alphanumf set resp.http.alphanumf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, blob.decode(encoded=
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"))); "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")));
set resp.http.digitsf set resp.http.digitsf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, blob.decode(encoded=
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"))); "12345678901234567890123456789012345678901234567890123456789012345678901234567890")));
set resp.http.pangramf set resp.http.pangramf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(IDENTITY, blob.decode(encoded=
"The quick brown fox jumps over the lazy dog"))); "The quick brown fox jumps over the lazy dog")));
# all 256 byte values in ascending order # all 256 byte values in ascending order
set resp.http.allbytesf set resp.http.allbytesf
= blobcode.encode(HEXUC, blobdigest.hash(CRC32, = blob.encode(HEX, UPPER, blobdigest.hash(CRC32,
blobcode.decode(BASE64, blob.decode(decoding=BASE64, encoded=
"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w=="))); "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==")));
} }
} -start } -start
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
...@@ -2,26 +2,25 @@ ...@@ -2,26 +2,25 @@
varnishtest "usage restrictions" varnishtest "usage restrictions"
# VMODs blobcode and blob must be installed # VMODs blob and blob must be installed
# Test use of digest object methods in vcl_init and _fini # Test use of digest object methods in vcl_init and _fini
varnish v1 -vcl { varnish v1 -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode;
import blob; import blob;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new msg = blobcode.blob(IDENTITY, "message"); new msg = blob.blob(IDENTITY, "message");
new space = blobcode.blob(IDENTITY, " "); new space = blob.blob(IDENTITY, " ");
new digest = blobcode.blob(IDENTITY, "digest"); new digest = blob.blob(IDENTITY, "digest");
new msgdigest new msgdigest
= blobcode.blob(HEX, "F96B697D7CB7938D525A2F31AAF161D0"); = blob.blob(HEX, "F96B697D7CB7938D525A2F31AAF161D0");
new a = blobcode.blob(IDENTITY, "a"); new a = blob.blob(IDENTITY, "a");
new bc = blobcode.blob(IDENTITY, "bc"); new bc = blob.blob(IDENTITY, "bc");
new abc new abc
= blobcode.blob(HEX, "900150983CD24FB0D6963F7D28E17F72"); = blob.blob(HEX, "900150983CD24FB0D6963F7D28E17F72");
new d1 = blobdigest.digest(MD5, msg.get()); new d1 = blobdigest.digest(MD5, msg.get());
if (!d1.update(space.get())) { if (!d1.update(space.get())) {
...@@ -63,14 +62,13 @@ server s1 { ...@@ -63,14 +62,13 @@ server s1 {
varnish v1 -vcl+backend { varnish v1 -vcl+backend {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode;
import blob; import blob;
sub vcl_init { sub vcl_init {
new a = blobcode.blob(IDENTITY, "a"); new a = blob.blob(IDENTITY, "a");
new bc = blobcode.blob(IDENTITY, "bc"); new bc = blob.blob(IDENTITY, "bc");
new abc new abc
= blobcode.blob(HEX, "900150983CD24FB0D6963F7D28E17F72"); = blob.blob(HEX, "900150983CD24FB0D6963F7D28E17F72");
new d1 = blobdigest.digest(MD5, a.get()); new d1 = blobdigest.digest(MD5, a.get());
if (!d1.update(bc.get())) { if (!d1.update(bc.get())) {
...@@ -87,25 +85,25 @@ varnish v1 -vcl+backend { ...@@ -87,25 +85,25 @@ varnish v1 -vcl+backend {
} }
sub vcl_backend_response { sub vcl_backend_response {
set beresp.http.d1_b1 = blobcode.encode(HEXUC, d1.final()); set beresp.http.d1_b1 = blob.encode(HEX, UPPER, d1.final());
set beresp.http.d1_b2 = blobcode.encode(HEXUC, d1.final()); set beresp.http.d1_b2 = blob.encode(HEX, UPPER, d1.final());
if (!d2.update(blobcode.decode(IDENTITY, "message digest"))) { if (!d2.update(blob.decode(encoded="message digest"))) {
return(abandon); return(abandon);
} }
set beresp.http.d2_b1 = blobcode.encode(HEXUC, d2.final()); set beresp.http.d2_b1 = blob.encode(HEX, UPPER, d2.final());
set beresp.http.d2_b2 = blobcode.encode(HEXUC, d2.final()); set beresp.http.d2_b2 = blob.encode(HEX, UPPER, d2.final());
} }
sub vcl_deliver { sub vcl_deliver {
set resp.http.d1_c1 = blobcode.encode(HEXUC, d1.final()); set resp.http.d1_c1 = blob.encode(HEX, UPPER, d1.final());
set resp.http.d1_c2 = blobcode.encode(HEXUC, d1.final()); set resp.http.d1_c2 = blob.encode(HEX, UPPER, d1.final());
if (!d2.update(blobcode.decode(IDENTITY, "a"))) { if (!d2.update(blob.decode(encoded="a"))) {
return(synth(500)); return(synth(500));
} }
set resp.http.d2_c1 = blobcode.encode(HEXUC, d2.final()); set resp.http.d2_c1 = blob.encode(HEX, UPPER, d2.final());
set resp.http.d2_c2 = blobcode.encode(HEXUC, d2.final()); set resp.http.d2_c2 = blob.encode(HEX, UPPER, d2.final());
} }
} }
...@@ -127,13 +125,12 @@ client c1 { ...@@ -127,13 +125,12 @@ client c1 {
# digest.update() may not be called after digest.final() # digest.update() may not be called after digest.final()
varnish v1 -errvcl {vmod blobdigest error: already finalized in d1.update()} { varnish v1 -errvcl {vmod blobdigest error: already finalized in d1.update()} {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode;
import blob; import blob;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new empty = blobcode.blob(IDENTITY, ""); new empty = blob.blob(IDENTITY, "");
new hash = blobcode.blob(HEX, new hash = blob.blob(HEX,
"D41D8CD98F00B204E9800998ECF8427E"); "D41D8CD98F00B204E9800998ECF8427E");
new d1 = blobdigest.digest(MD5); new d1 = blobdigest.digest(MD5);
...@@ -151,11 +148,11 @@ varnish v1 -errvcl {vmod blobdigest error: already finalized in d1.update()} { ...@@ -151,11 +148,11 @@ varnish v1 -errvcl {vmod blobdigest error: already finalized in d1.update()} {
varnish v1 -vcl { varnish v1 -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode; import blob;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new empty = blobcode.blob(IDENTITY, ""); new empty = blob.blob(IDENTITY, "");
new d1 = blobdigest.digest(MD5); new d1 = blobdigest.digest(MD5);
} }
...@@ -168,7 +165,7 @@ varnish v1 -vcl { ...@@ -168,7 +165,7 @@ varnish v1 -vcl {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
} }
set resp.http.empty = blobcode.encode(HEXUC, d1.final()); set resp.http.empty = blob.encode(HEX, UPPER, d1.final());
if (!d1.update(empty.get())) { if (!d1.update(empty.get())) {
set resp.status = 500; set resp.status = 500;
return(deliver); return(deliver);
...@@ -192,14 +189,13 @@ logexpect l1 -v v1 -d 1 -g vxid -q "VCL_Error" { ...@@ -192,14 +189,13 @@ logexpect l1 -v v1 -d 1 -g vxid -q "VCL_Error" {
# hash() is legal in vcl_init and vcl_fini (as of Varnish 5.0) # hash() is legal in vcl_init and vcl_fini (as of Varnish 5.0)
varnish v2 -arg "-p debug=+vclrel" -vcl { varnish v2 -arg "-p debug=+vclrel" -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode;
import blob; import blob;
import std; import std;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new empty = blobcode.blob(IDENTITY, ""); new empty = blob.blob(IDENTITY, "");
new md5 = blobcode.blob(HEX, new md5 = blob.blob(HEX,
"D41D8CD98F00B204E9800998ECF8427E"); "D41D8CD98F00B204E9800998ECF8427E");
if (!blob.equal(blobdigest.hash(MD5, empty.get()), md5.get())) { if (!blob.equal(blobdigest.hash(MD5, empty.get()), md5.get())) {
return(fail); return(fail);
...@@ -229,26 +225,28 @@ varnish v2 -cliok "vcl.discard vcl1" ...@@ -229,26 +225,28 @@ varnish v2 -cliok "vcl.discard vcl1"
logexpect l2 -wait logexpect l2 -wait
varnish v2 -stop
# hmac constructor fails if the key is NULL # hmac constructor fails if the key is NULL
varnish v1 -errvcl {vmod blobcode error: cannot decode, illegal encoding beginning with "x"vmod blobdigest error: key is NULL in fail constructor} { varnish v1 -errvcl {vmod blobdigest error: key is NULL in fail constructor} {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode; import blob;
backend b { .host = "${bad_ip}"; } backend b { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new fail = blobdigest.hmac(MD5, blobcode.decode(HEX, "x")); new fail = blobdigest.hmac(MD5, blob.decode(decoding=HEX, encoded="x"));
} }
} }
# hmac method and hmacf function fail if msg or key is NULL # hmac method and hmacf function fail if msg or key is NULL
varnish v1 -vcl { varnish v1 -vcl {
import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so"; import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
import blobcode; import blob;
backend bk { .host = "${bad_ip}"; } backend bk { .host = "${bad_ip}"; }
sub vcl_init { sub vcl_init {
new h = blobdigest.hmac(MD5, blobcode.decode(HEX, "ff")); new h = blobdigest.hmac(MD5, blob.decode(decoding=HEX, encoded="ff"));
new b = blobcode.blob(HEX, "ff"); new b = blob.blob(HEX, "ff");
} }
sub vcl_recv { sub vcl_recv {
...@@ -256,28 +254,60 @@ varnish v1 -vcl { ...@@ -256,28 +254,60 @@ varnish v1 -vcl {
} }
sub vcl_synth { sub vcl_synth {
set resp.http.obj = blobcode.encode(HEXLC, if (req.url == "/1") {
h.hmac(blobcode.decode(HEX, "x"))); set resp.http.obj = blob.encode(HEX, LOWER,
set resp.http.key = blobcode.encode(HEXLC, h.hmac(blob.decode(decoding=HEX, encoded="x")));
blobdigest.hmacf(MD5, key=blobcode.decode(HEX, "x"), } else if (req.url == "/2") {
msg=b.get())); set resp.http.key = blob.encode(
set resp.http.msg = blobcode.encode(HEXLC, encoding=HEX,
blobdigest.hmacf(MD5, msg=blobcode.decode(HEX, "x"), blob=blobdigest.hmacf(
key=b.get())); MD5,
key=blob.decode(decoding=HEX, encoded="x"),
msg=b.get()));
} else if (req.url == "/3") {
set resp.http.msg = blob.encode(
encoding=HEX,
blob=blobdigest.hmacf(
MD5,
msg=blob.decode(decoding=HEX, encoded="x"),
key=b.get()));
}
} }
} }
logexpect l3 -v v1 -d 0 -g vxid -q "VCL_Error" { logexpect l3 -v v1 -d 0 -g vxid -q {ReqURL ~ "^/1"} {
expect 0 * Begin req expect 0 * Begin req
expect * = VCL_Error "^vmod blobdigest error: msg is NULL in h.hmac..$" expect * = VCL_Error "^vmod blobdigest error: msg is NULL in h.hmac..$"
expect * = VCL_Error "^vmod blobdigest error: key is NULL in blobdigest.hmacf..$" expect * = End
expect * = VCL_Error "^vmod blobdigest error: msg is NULL in blobdigest.hmacf..$" } -start
logexpect l4 -v v1 -d 0 -g vxid -q {ReqURL ~ "^/2"} {
expect 0 * Begin req
expect * = VCL_Error "^vmod blobdigest error: key is NULL in blobdigest.hmacf..$"
expect * = End
} -start
logexpect l5 -v v1 -d 0 -g vxid -q {ReqURL ~ "^/3"} {
expect 0 * Begin req
expect * = VCL_Error "^vmod blobdigest error: msg is NULL in blobdigest.hmacf..$"
expect * = End expect * = End
} -start } -start
client c1 { client c1 {
txreq txreq -url "/1"
rxresp expect_close
} -run
client c2 {
txreq -url "/2"
expect_close
} -run
client c3 {
txreq -url "/3"
expect_close
} -run } -run
logexpect l3 -wait logexpect l3 -wait
logexpect l4 -wait
logexpect l5 -wait
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment