Commit ed1332ef authored by Geoff Simmons's avatar Geoff Simmons

Test some error conditions for custom encryption VFPs.

And improve an error message.
parent 06669fb5
# looks like -*- vcl -*-
varnishtest "errors and corner cases for the encryption VFP"
varnishtest "errors and corner cases for encryption VFPs"
server s1 {
# Empty body
......@@ -112,3 +112,113 @@ client c1 {
} -run
varnish v1 -expect ECE.vfp.ece_encrypt.ops == 2
# Errors for custom VFPs
varnish v1 -errvcl {vmod ece failure: new vfp: filter name must be non-empty} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: key header name may not be empty} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("enc", key_hdr="");
}
}
varnish v1 -errvcl {too long} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("enc", key_hdr="1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: rs 17 too small (must be >= 18)} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("enc", rs=17B);
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: rs 4294967296 too large} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("enc", rs=4GB);
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name ece_encrypt already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("ece_encrypt");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name ece_decrypt already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("ece_decrypt");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name esi already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("esi");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name esi_gzip already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("esi_gzip");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name gunzip already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("gunzip");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name gzip already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("gzip");
}
}
varnish v1 -errvcl {vmod ece failure: new vfp: filter name testgunzip already in use by another VFP} {
import ${vmod_ece};
backend b { .host = "${bad_ip}"; }
sub vcl_init {
new vfp = ece.encrypter("testgunzip");
}
}
......@@ -293,7 +293,7 @@ vmod_encrypter__init(VRT_CTX, struct VPFX(ece_encrypter) **encp,
/* Catches rs < 0. */
if (rs < MIN_RS) {
VFAIL(ctx, "new %s: rs %jd too small (must >= %d)", vcl_name,
VFAIL(ctx, "new %s: rs %jd too small (must be >= %d)", vcl_name,
(intmax_t)rs, MIN_RS);
return;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment