Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-file
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-file
Commits
0013bb4e
Commit
0013bb4e
authored
Feb 28, 2021
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add the .sha256() method.
parent
f488a1d9
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
141 additions
and
6 deletions
+141
-6
README.rst
README.rst
+11
-3
info.vtc
src/tests/info.vtc
+68
-0
vmod_file.c
src/vmod_file.c
+56
-2
vmod_file.vcc
src/vmod_file.vcc
+6
-1
No files found.
README.rst
View file @
0013bb4e
...
...
@@ -173,8 +173,8 @@ is followed.
.. _file.reader():
new xreader = file.reader(STRING name, STRING path, DURATION ttl, BOOL log_checks)
----------------------------------------------------------------------------------
new xreader = file.reader(STRING name, STRING path, DURATION ttl, BOOL log_checks
, BOOL enable_sha256
)
----------------------------------------------------------------------------------
--------------------
::
...
...
@@ -182,7 +182,8 @@ new xreader = file.reader(STRING name, STRING path, DURATION ttl, BOOL log_check
STRING name,
STRING path="/usr/local/etc/varnish:/usr/local/share/varnish/vcl:/etc/varnish:/usr/share/varnish/vcl",
DURATION ttl=120,
BOOL log_checks=0
BOOL log_checks=0,
BOOL enable_sha256=0
)
Create an object to read and cache the contents of the file named
...
...
@@ -472,6 +473,13 @@ The contents of the BLOB returned by ``.id()`` are intentionally not
documented, and should not be relied on to extract information about
the file.
.. _xreader.sha256():
BLOB xreader.sha256()
---------------------
XXX ...
.. _file.version():
STRING version()
...
...
src/tests/info.vtc
View file @
0013bb4e
...
...
@@ -212,3 +212,71 @@ delay .1
# Check the log to verify that ETag changes.
client c1 -run
shell {echo -n "foo bar baz quux" > ${tmpdir}/sha}
varnish v1 -vcl {
import ${vmod_file};
import blob;
backend b None;
sub vcl_init {
new rdr = file.reader("${tmpdir}/sha", ttl=0.1s,
enable_sha256=true);
}
sub vcl_recv {
return (synth(200));
}
sub vcl_synth {
set resp.http.ETag = blob.encode(BASE64, blob=rdr.sha256());
return (deliver);
}
}
client c1 {
txreq
rxresp
expect resp.status == 200
expect resp.http.ETag ~ {^[[:alnum:]+/]+=*$}
} -run
shell {echo -n "quux baz bar foo" > ${tmpdir}/sha}
delay .1
# Check the log to verify that ETag changes.
client c1 -run
varnish v1 -vcl {
import ${vmod_file};
import blob;
backend b None;
sub vcl_init {
new rdr = file.reader("${tmpdir}/sha", ttl=0.1s);
}
sub vcl_recv {
set req.http.SHA256 = blob.encode(BASE64, blob=rdr.sha256());
return (synth(200));
}
}
logexpect l1 -v v1 -d 0 -g vxid -q "VCL_Error" {
expect 0 * Begin req
expect * = VCL_Error {^vmod file failure: rdr\.sha256\(\): sha256 not enabled$}
expect 0 = ReqHeader {^SHA256: $}
expect 0 = VCL_return fail
expect * = End
} -start
client c1 {
txreq
rxresp
expect resp.status == 503
expect resp.reason == "VCL failed"
} -run
logexpect l1 -wait
src/vmod_file.c
View file @
0013bb4e
...
...
@@ -45,6 +45,7 @@
#include "vcl.h"
#include "vtim.h"
#include "vsb.h"
#include "vsha256.h"
#include "vcc_if.h"
...
...
@@ -61,6 +62,9 @@
/* For the result of .id() */
#define VMOD_FILE_ID_MAGIC 0x001122d7
/* For the result of .sha256() */
#define VMOD_FILE_SHA256_MAGIC 0xd2130e92
#define INIT_SLEEP_INTERVAL 0.001
#define ERRMSG_LEN 128
#define NO_ERR ("No error")
...
...
@@ -70,6 +74,7 @@ struct file_info {
#define FILE_INFO_MAGIC 0x46ebec3d
struct
timespec
mtime
;
char
*
path
;
unsigned
char
*
sha256
;
size_t
len
;
dev_t
dev
;
ino_t
ino
;
...
...
@@ -115,6 +120,7 @@ check(union sigval val)
void
*
addr
;
char
timbuf
[
VTIM_FORMAT_SIZE
];
int
err
;
VSHA256_CTX
sha_ctx
;
CAST_OBJ_NOTNULL
(
rdr
,
val
.
sival_ptr
,
FILE_READER_MAGIC
);
CHECK_OBJ_NOTNULL
(
rdr
->
info
,
FILE_INFO_MAGIC
);
...
...
@@ -231,6 +237,13 @@ check(union sigval val)
goto
out
;
}
if
(
info
->
sha256
!=
NULL
)
{
AN
(
info
->
sha256
);
VSHA256_Init
(
&
sha_ctx
);
VSHA256_Update
(
&
sha_ctx
,
addr
,
st
.
st_size
);
VSHA256_Final
(
info
->
sha256
,
&
sha_ctx
);
}
info
->
mtime
.
tv_sec
=
st
.
st_mtim
.
tv_sec
;
info
->
mtime
.
tv_nsec
=
st
.
st_mtim
.
tv_nsec
;
info
->
dev
=
st
.
st_dev
;
...
...
@@ -278,7 +291,7 @@ VCL_VOID
vmod_reader__init
(
VRT_CTX
,
struct
VPFX
(
file_reader
)
**
rdrp
,
const
char
*
vcl_name
,
struct
vmod_priv
*
priv
,
VCL_STRING
name
,
VCL_STRING
path
,
VCL_DURATION
ttl
,
VCL_BOOL
log_checks
)
VCL_BOOL
log_checks
,
VCL_BOOL
enable_sha256
)
{
struct
VPFX
(
file_reader
)
*
rdr
;
struct
file_info
*
info
;
...
...
@@ -318,6 +331,16 @@ vmod_reader__init(VRT_CTX, struct VPFX(file_reader) **rdrp,
vcl_name
,
vstrerror
(
errno
));
return
;
}
AZ
(
info
->
sha256
);
if
(
enable_sha256
)
{
errno
=
0
;
info
->
sha256
=
calloc
(
1
,
VSHA256_DIGEST_LENGTH
);
if
(
info
->
sha256
==
NULL
)
{
VFAIL
(
ctx
,
"new %s: allocating space for SHA256: %s"
,
vcl_name
,
vstrerror
(
errno
));
return
;
}
}
rdr
->
info
=
info
;
rdr
->
obj_name
=
strdup
(
vcl_name
);
...
...
@@ -487,6 +510,8 @@ vmod_reader__fini(struct VPFX(file_reader) **rdrp)
CHECK_OBJ
(
rdr
->
info
,
FILE_INFO_MAGIC
);
if
(
rdr
->
info
->
path
!=
NULL
)
free
(
rdr
->
info
->
path
);
if
(
rdr
->
info
->
sha256
!=
NULL
)
free
(
rdr
->
info
->
sha256
);
FREE_OBJ
(
rdr
->
info
);
}
if
(
rdr
->
vcl_name
!=
NULL
)
...
...
@@ -687,7 +712,7 @@ vmod_reader_id(VRT_CTX, struct VPFX(file_reader) *rdr)
CHECK_OBJ_NOTNULL
(
rdr
->
info
,
FILE_INFO_MAGIC
);
AZ
(
pthread_rwlock_rdlock
(
&
rdr
->
lock
));
ERRCHK
(
ctx
,
rdr
,
"
rdr
"
,
NULL
);
ERRCHK
(
ctx
,
rdr
,
"
id
"
,
NULL
);
secs
=
rdr
->
info
->
mtime
.
tv_sec
;
nsecs
=
rdr
->
info
->
mtime
.
tv_nsec
;
dev
=
rdr
->
info
->
dev
;
...
...
@@ -719,6 +744,35 @@ vmod_reader_id(VRT_CTX, struct VPFX(file_reader) *rdr)
return
(
blob
);
}
VCL_BLOB
vmod_reader_sha256
(
VRT_CTX
,
struct
VPFX
(
file_reader
)
*
rdr
)
{
unsigned
char
*
digest
;
CHECK_OBJ_NOTNULL
(
ctx
,
VRT_CTX_MAGIC
);
CHECK_OBJ_NOTNULL
(
ctx
->
ws
,
WS_MAGIC
);
CHECK_OBJ_NOTNULL
(
rdr
,
FILE_READER_MAGIC
);
CHECK_OBJ_NOTNULL
(
rdr
->
info
,
FILE_INFO_MAGIC
);
if
(
rdr
->
info
->
sha256
==
NULL
)
{
VFAIL
(
ctx
,
"%s.sha256(): sha256 not enabled"
,
rdr
->
obj_name
);
return
NULL
;
}
AZ
(
pthread_rwlock_rdlock
(
&
rdr
->
lock
));
ERRCHK
(
ctx
,
rdr
,
"sha256"
,
NULL
);
digest
=
WS_Copy
(
ctx
->
ws
,
rdr
->
info
->
sha256
,
VSHA256_DIGEST_LENGTH
);
AZ
(
pthread_rwlock_unlock
(
&
rdr
->
lock
));
if
(
digest
==
NULL
)
{
VFAIL
(
ctx
,
"%s.sha256(): insufficient workspace for digest"
,
rdr
->
obj_name
);
return
NULL
;
}
return
VRT_blob
(
ctx
,
"VMOD file sha256()"
,
digest
,
VSHA256_DIGEST_LENGTH
,
VMOD_FILE_SHA256_MAGIC
);
}
VCL_STRING
vmod_version
(
VRT_CTX
)
{
...
...
src/vmod_file.vcc
View file @
0013bb4e
...
...
@@ -169,7 +169,8 @@ is followed.
$Object reader(PRIV_VCL, STRING name,
STRING path="/usr/local/etc/varnish:/usr/local/share/varnish/vcl:/etc/varnish:/usr/share/varnish/vcl",
DURATION ttl=120, BOOL log_checks=0)
DURATION ttl=120, BOOL log_checks=0,
BOOL enable_sha256=0)
Create an object to read and cache the contents of the file named
``name``, and optionally check the file for changes at the interval
...
...
@@ -428,6 +429,10 @@ The contents of the BLOB returned by ``.id()`` are intentionally not
documented, and should not be relied on to extract information about
the file.
$Method BLOB .sha256()
XXX ...
$Function STRING version()
Return the version string for this VMOD.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment