Commit c977e2b6 authored by Geoff Simmons's avatar Geoff Simmons

Make the decryption VTCs more robust.

parent 1c7af995
Pipeline #461 canceled with stages
......@@ -371,7 +371,20 @@ varnish v1 -expect ECE.vfp.ece_decrypt.calls >= 11
varnish v1 -expect ECE.vfp.ece_decrypt.errs == 8
server s1 -wait
server s1 -start
# Set to non_fatal because Varnish may reset the connection after
# the key not found error, before the full response is sent.
server s1 {
non_fatal
rxreq
txresp -nolen -hdr "Content-Encoding: aes128gcm" \
-hdr "Content-Length: 53"
sendhex "23 50 6c c6 d1 6d b6 5b f7 bb f3 a8 f7 8c 67 9b"
sendhex "00 00 10 00 00 f8 d0 15 b9 bd aa 16 00 44 b9 02"
sendhex "91 6a 9a 19 bb e2 31 90 8b da dc c1 01 d4 f0 fe"
sendhex "97 2f 13 86 38"
} -start
# Delete the key, so as to provoke a key not found error.
varnish v1 -vcl+backend {
......
......@@ -174,7 +174,11 @@ varnish v1 -expect ECE.vfp.vcl3.maxrs0.in == 126
varnish v1 -expect ECE.vfp.vcl3.maxrs0.out == 30
server s1 -wait
# Set to non_fatal because Varnish may rest the connection after
# rejecting the record size, before the full response is set.
server s1 {
non_fatal
rxreq
txresp -nolen -hdr "Content-Encoding: aes128gcm" \
-hdr "Content-Length: 53"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment