Break up the tests for the init() function, since they take so long

due to having to restart many varnishd instances.

Break up the tests for the init() function, since they take so long
due to having to restart many varnishd instances.
3bd10f59 · Geoff Simmons · b30ed0a8 · 3bd10f59 · 3bd10f59 · 3bd10f59
Commit 3bd10f59 authored Apr 17, 2017 by Geoff Simmons
Hide whitespace changes
Inline Side-by-side

Showing with 296 additions and 0 deletions

disable_secmem.vtc src/tests/disable_secmem.vtc +97 -0

init_secmem.vtc src/tests/init_secmem.vtc +84 -0

init_usage.vtc src/tests/init_usage.vtc +115 -0

No files found.
--- a/src/tests/disable_secmem.vtc
+++ b/src/tests/disable_secmem.vtc
+# looks like -*- vcl -*-
+
+varnishtest "disable secmem in the init function"
+
+# DISABLE_SECMEM
+varnish v1 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(DISABLE_SECMEM);
+		gcrypt.init(FINISH);
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
+	}
+} -start
+
+varnish v1 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+}
+
+# If secure memory is enabled and then disabled, or vice versa, then
+# the the last setting is valid.
+varnish v1 -stop
+varnish v2 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM);
+		gcrypt.init(DISABLE_SECMEM);
+		gcrypt.init(FINISH);
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
+	}
+} -start
+
+varnish v2 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+}
+
+varnish v2 -stop
+varnish v3 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM);
+		gcrypt.init(INIT_SECMEM, 0);
+		gcrypt.init(FINISH);
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
+	}
+} -start
+
+varnish v3 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+}
+
+varnish v3 -stop
+varnish v4 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(DISABLE_SECMEM);
+		gcrypt.init(INIT_SECMEM);
+		gcrypt.init(FINISH);
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+} -start
--- a/src/tests/init_secmem.vtc
+++ b/src/tests/init_secmem.vtc
+# looks like -*- vcl -*-
+
+varnishtest "init secmem in the init function"
+
+# Default initialization of secure memory
+varnish v1 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM);
+		gcrypt.init(FINISH);
+	}
+} -start
+
+# Start new Varnish instances for further tests.
+varnish v1 -stop
+
+# Initializing secure memory twice causes libgcrypt to log an error,
+# but the VMOD can proceed.
+varnish v2 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM);
+		gcrypt.init(INIT_SECMEM, 32768);
+		gcrypt.init(FINISH);
+	}
+} -start
+
+logexpect l2 -v v2 -d 1 -g raw -q "Error" {
+	expect * 0 Error "^libgcrypt log message follows .ERROR.:"
+	expect * = Error ".+"
+} -run
+
+# Initializing secure memory to 0 bytes is the same as disabling it.
+varnish v2 -stop
+varnish v3 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM, 0);
+		gcrypt.init(FINISH);
+	}
+} -start
+
+varnish v3 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+}
+
+# INIT_SECMEM is illegal with bytes < 0.
+varnish v3 -stop
+varnish v4 -vcl {backend b { .host = "${bad_ip}"; } } -start
+varnish v4 -errvcl {INIT_SECMEM number of bytes -1 out of range in gcrypt.init()} {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(INIT_SECMEM, -1);
+	}
+}
+
+# Secure memory is enabled by default
+varnish v4 -stop
+varnish v5 -vcl {
+	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		gcrypt.init(FINISH);
+		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
+		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
+	}
+} -start
--- a/src/tests/init.vtc
+++ b/src/tests/init.vtc
 # looks like -*- vcl -*-

-varnishtest "init function"
+varnishtest "init function usage"

 # init() is illegal in every VCL sub except vcl_init
 varnish v1 -vcl {
@@ -25,13 +25,12 @@ logexpect l1 -v v1 -d 1 -g vxid -q "VCL_Error" {
 	expect * = End
 } -run

-# Default initialization of secure memory
+# Finish default initialization
 varnish v1 -vcl {
 	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
 	backend b { .host = "${bad_ip}"; }

 	sub vcl_init {
-		gcrypt.init(INIT_SECMEM);
 		gcrypt.init(FINISH);
 	}
 }
@@ -44,14 +43,12 @@ varnish v1 -vcl {
 	backend b { .host = "${bad_ip}"; }

 	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, 32768);
 		gcrypt.init(FINISH);
 	}
 }

 logexpect l1 -v v1 -d 1 -g raw -q "Debug" {
 	expect * 0 Debug "^libgcrypt initialization already finished$"
-	expect * = Debug "^libgcrypt initialization already finished$"
 } -run

 # The same is true even if we discard all VCL instances that used the
@@ -79,28 +76,9 @@ logexpect l1 -v v1 -d 1 -g raw -q "Debug" {
 # tests.
 varnish v1 -stop

-# Initializing secure memory twice cause libgcrypt to log an error,
-# but the VMOD can proceed.
-varnish v2 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(INIT_SECMEM, 32768);
-		gcrypt.init(FINISH);
-	}
-} -start
-
-logexpect l2 -v v2 -d 1 -g raw -q "Error" {
-	expect * 0 Error "^libgcrypt log message follows .ERROR.:"
-	expect * = Error ".+"
-} -run
-
 # Objects cannot be constructed unless initialization is finished.
-varnish v2 -stop
-varnish v3 -vcl {backend b { .host = "${bad_ip}"; } } -start
-varnish v3 -errvcl {libgcrypt initialization not finished in aes constructor} {
+varnish v2 -vcl {backend b { .host = "${bad_ip}"; } } -start
+varnish v2 -errvcl {libgcrypt initialization not finished in aes constructor} {
 	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
 	import blobcode;
 	backend b { .host = "${bad_ip}"; }
@@ -111,7 +89,7 @@ varnish v3 -errvcl {libgcrypt initialization not finished in aes constructor} {
 	}
 }

-varnish v3 -vcl {
+varnish v2 -vcl {
 	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
 	import blobcode;
 	backend b { .host = "${bad_ip}"; }
@@ -125,7 +103,7 @@ varnish v3 -vcl {

 # After initialization but before a restart, a new VCL can construct
 # object instances without having to call init(FINISH) again.
-varnish v3 -vcl {
+varnish v2 -vcl {
 	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
 	import blobcode;
 	backend b { .host = "${bad_ip}"; }
@@ -135,146 +113,3 @@ varnish v3 -vcl {
 		new aes = gcrypt.symmetric(AES, ECB, key=k.get());
 	}
 }
-
-# Initializing secure memory to 0 bytes is the same as disabling it.
-varnish v3 -stop
-varnish v4 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, 0);
-		gcrypt.init(FINISH);
-	}
-} -start
-
-varnish v4 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-}
-
-# INIT_SECMEM is illegal with bytes < 0.
-varnish v4 -stop
-varnish v5 -vcl {backend b { .host = "${bad_ip}"; } } -start
-varnish v5 -errvcl {INIT_SECMEM number of bytes -1 out of range in gcrypt.init()} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, -1);
-	}
-}
-
-# DISABLE_SECMEM
-varnish v5 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(DISABLE_SECMEM);
-		gcrypt.init(FINISH);
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
-	}
-}
-
-varnish v5 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-}
-
-# Secure memory is enabled by default
-varnish v5 -stop
-varnish v6 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(FINISH);
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-} -start
-
-# If secure memory is enabled and then disabled, or vice versa, then
-# the the last setting is valid.
-varnish v6 -stop
-varnish v7 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(DISABLE_SECMEM);
-		gcrypt.init(FINISH);
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
-	}
-} -start
-
-varnish v7 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-}
-
-varnish v7 -stop
-varnish v8 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(INIT_SECMEM, 0);
-		gcrypt.init(FINISH);
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);
-	}
-} -start
-
-varnish v8 -errvcl {vmod gcrypt error: secure memory not enabled in aes constructor} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-}
-
-varnish v8 -stop
-varnish v9 -vcl {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	import blobcode;
-	backend b { .host = "${bad_ip}"; }
-
-	sub vcl_init {
-		gcrypt.init(DISABLE_SECMEM);
-		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(FINISH);
-		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
-		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=true);
-	}
-} -start