Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-gcrypt
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-gcrypt
Commits
480eb7a3
Unverified
Commit
480eb7a3
authored
Jun 13, 2023
by
Nils Goroll
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use $Restrict
parent
9ad60040
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
8 additions
and
28 deletions
+8
-28
README.rst
README.rst
+2
-4
init_usage.vtc
src/tests/init_usage.vtc
+3
-16
vmod_gcrypt.c
src/vmod_gcrypt.c
+1
-4
vmod_gcrypt.vcc
src/vmod_gcrypt.vcc
+2
-4
No files found.
README.rst
View file @
480eb7a3
...
@@ -196,6 +196,8 @@ VOID init(ENUM, BYTES n)
...
@@ -196,6 +196,8 @@ VOID init(ENUM, BYTES n)
Initialize the libgcrypt library, currently to manage the use of
Initialize the libgcrypt library, currently to manage the use of
secure memory. The ENUM specifies an operation for initialization.
secure memory. The ENUM specifies an operation for initialization.
Restricted to: ``vcl_init``
Initialization takes place *exactly once* during the lifetime of the
Initialization takes place *exactly once* during the lifetime of the
Varnish child process, and must be performed before any objects are
Varnish child process, and must be performed before any objects are
created; details below.
created; details below.
...
@@ -234,10 +236,6 @@ initialization is simply to call ``init(FINISH)``, which results in
...
@@ -234,10 +236,6 @@ initialization is simply to call ``init(FINISH)``, which results in
the default configuration for the libgcrypt library -- secure memory
the default configuration for the libgcrypt library -- secure memory
is enabled with the default pool size.
is enabled with the default pool size.
The ``init()`` function may only be called in ``vcl_init``; if it is
called in any other VCL subroutine, then an error message is logged
with the tag ``VCL_Error``, and the call is ignored.
Initialization is evaluated only once during the lifetime of the
Initialization is evaluated only once during the lifetime of the
Varnish child process. If a new instance of VCL is loaded with calls
Varnish child process. If a new instance of VCL is loaded with calls
to ``init()`` in ``vcl_init`` after initialization was already
to ``init()`` in ``vcl_init`` after initialization was already
...
...
src/tests/init_usage.vtc
View file @
480eb7a3
...
@@ -2,8 +2,7 @@
...
@@ -2,8 +2,7 @@
varnishtest "init function usage"
varnishtest "init function usage"
# init() is illegal in every VCL sub except vcl_init
varnish v1 -errvcl {Not available in subroutine 'vcl_recv'} {
varnish v1 -vcl {
import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
backend b { .host = "${bad_ip}"; }
backend b { .host = "${bad_ip}"; }
...
@@ -11,19 +10,7 @@ varnish v1 -vcl {
...
@@ -11,19 +10,7 @@ varnish v1 -vcl {
gcrypt.init(FINISH);
gcrypt.init(FINISH);
return(synth(200));
return(synth(200));
}
}
} -start
}
client c1 {
txreq
rxresp
expect resp.status == 200
} -run
logexpect l1 -v v1 -d 1 -g vxid -q "VCL_Error" {
expect 0 * Begin req
expect * = VCL_Error "^vmod gcrypt error: gcrypt.init.. is only legal in vcl_init$"
expect * = End
} -run
# Finish default initialization
# Finish default initialization
varnish v1 -vcl {
varnish v1 -vcl {
...
@@ -33,7 +20,7 @@ varnish v1 -vcl {
...
@@ -33,7 +20,7 @@ varnish v1 -vcl {
sub vcl_init {
sub vcl_init {
gcrypt.init(FINISH);
gcrypt.init(FINISH);
}
}
}
}
-start
# Calling init again without restarting Varnish, even after reloading
# Calling init again without restarting Varnish, even after reloading
# VCL, has no effect except to log the fact that initialization is
# VCL, has no effect except to log the fact that initialization is
...
...
src/vmod_gcrypt.c
View file @
480eb7a3
...
@@ -213,10 +213,7 @@ vmod_init(VRT_CTX, VCL_ENUM cmd, VCL_BYTES n)
...
@@ -213,10 +213,7 @@ vmod_init(VRT_CTX, VCL_ENUM cmd, VCL_BYTES n)
CHECK_OBJ_NOTNULL
(
ctx
,
VRT_CTX_MAGIC
);
CHECK_OBJ_NOTNULL
(
ctx
,
VRT_CTX_MAGIC
);
AN
(
cmd
);
AN
(
cmd
);
if
(
ctx
->
method
!=
VCL_MET_INIT
)
{
assert
(
ctx
->
method
==
VCL_MET_INIT
);
ERR
(
ctx
,
"gcrypt.init() is only legal in vcl_init"
);
return
;
}
if
(
gcry_control
(
GCRYCTL_INITIALIZATION_FINISHED_P
))
{
if
(
gcry_control
(
GCRYCTL_INITIALIZATION_FINISHED_P
))
{
VSL
(
SLT_Debug
,
NO_VXID
,
"libgcrypt initialization already finished"
);
VSL
(
SLT_Debug
,
NO_VXID
,
"libgcrypt initialization already finished"
);
return
;
return
;
...
...
src/vmod_gcrypt.vcc
View file @
480eb7a3
...
@@ -149,6 +149,8 @@ $Function VOID init(ENUM {INIT_SECMEM, DISABLE_SECMEM, FINISH}, BYTES n=1)
...
@@ -149,6 +149,8 @@ $Function VOID init(ENUM {INIT_SECMEM, DISABLE_SECMEM, FINISH}, BYTES n=1)
Initialize the libgcrypt library, currently to manage the use of
Initialize the libgcrypt library, currently to manage the use of
secure memory. The ENUM specifies an operation for initialization.
secure memory. The ENUM specifies an operation for initialization.
$Restrict vcl_init
Initialization takes place *exactly once* during the lifetime of the
Initialization takes place *exactly once* during the lifetime of the
Varnish child process, and must be performed before any objects are
Varnish child process, and must be performed before any objects are
created; details below.
created; details below.
...
@@ -187,10 +189,6 @@ initialization is simply to call ``init(FINISH)``, which results in
...
@@ -187,10 +189,6 @@ initialization is simply to call ``init(FINISH)``, which results in
the default configuration for the libgcrypt library -- secure memory
the default configuration for the libgcrypt library -- secure memory
is enabled with the default pool size.
is enabled with the default pool size.
The ``init()`` function may only be called in ``vcl_init``; if it is
called in any other VCL subroutine, then an error message is logged
with the tag ``VCL_Error``, and the call is ignored.
Initialization is evaluated only once during the lifetime of the
Initialization is evaluated only once during the lifetime of the
Varnish child process. If a new instance of VCL is loaded with calls
Varnish child process. If a new instance of VCL is loaded with calls
to ``init()`` in ``vcl_init`` after initialization was already
to ``init()`` in ``vcl_init`` after initialization was already
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment