Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
varnish-cache
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Commits
Open sidebar
varnishcache
varnish-cache
Commits
6d49b18f
Commit
6d49b18f
authored
Jan 19, 2021
by
Dridi Boukelmoune
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
vcc: Restrict PRIV_TOP arguments to client tasks
Refs #3498
parent
5bf609bd
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
23 additions
and
28 deletions
+23
-28
v00043.vtc
bin/varnishtest/tests/v00043.vtc
+19
-25
vcc_compile.h
lib/libvcc/vcc_compile.h
+1
-1
vcc_expr.c
lib/libvcc/vcc_expr.c
+3
-2
No files found.
bin/varnishtest/tests/v00043.vtc
View file @
6d49b18f
...
...
@@ -55,6 +55,22 @@ server s1 {
txresp
} -start
varnish v1 -errvcl "Not available in subroutine 'vcl_backend_fetch'" {
import debug;
backend be none;
sub vcl_backend_fetch {
debug.test_priv_top("only works on client side");
}
}
varnish v1 -errvcl "Not available in subroutine 'vcl_init'" {
import debug;
backend be none;
sub vcl_init {
debug.test_priv_top("only works on client side");
}
}
varnish v1 -cliok "param.set debug +syncvsl" -vcl+backend {
import debug;
...
...
@@ -81,22 +97,9 @@ varnish v1 -cliok "param.set debug +syncvsl" -vcl+backend {
set req.http.o2 = o2.test_priv_top("");
}
# XXX because PRIV_TOP arguments get initialized in the
# function preamble, the mere presence of a vmod call with a
# PRIV_TOP argument in a SUB will trigger the failure if that
# sub is called at all.
#
# So to test #3498, we need to fence test_priv_top into its
# own sub
sub callingmewill503 {
debug.test_priv_top("only works on client side");
}
sub vcl_backend_fetch {
if (bereq.url == "/fail") {
call callingmewill503;
}
if (bereq.url == "/failo") {
# dynamic priv not checked at compile time
o2.test_priv_top("only works on client side");
}
}
...
...
@@ -123,17 +126,8 @@ client c1 {
varnish v1 -expect client_req == 2
client c1 {
txreq -url /fail
rxresp
expect resp.status == 503
} -start
client c2 {
txreq -url /fail
o
txreq -url /fail
rxresp
expect resp.status == 503
} -start
client c1 -wait
client c2 -wait
} -run
lib/libvcc/vcc_compile.h
View file @
6d49b18f
...
...
@@ -341,7 +341,7 @@ sym_expr_t vcc_Eval_Handle;
sym_expr_t
vcc_Eval_SymFunc
;
sym_expr_t
vcc_Eval_TypeMethod
;
void
vcc_Eval_Func
(
struct
vcc
*
,
const
struct
vjsn_val
*
,
const
char
*
,
const
struct
symbol
*
);
const
char
*
,
struct
symbol
*
);
void
VCC_GlobalSymbol
(
struct
symbol
*
,
vcc_type_t
fmt
,
const
char
*
pfx
);
struct
symbol
*
VCC_HandleSymbol
(
struct
vcc
*
,
vcc_type_t
,
const
char
*
);
void
VCC_SymName
(
struct
vsb
*
,
const
struct
symbol
*
);
...
...
lib/libvcc/vcc_expr.c
View file @
6d49b18f
...
...
@@ -351,7 +351,7 @@ vcc_Eval_Var(struct vcc *tl, struct expr **e, struct token *t,
*/
static
struct
expr
*
vcc_priv_arg
(
struct
vcc
*
tl
,
const
char
*
p
,
const
struct
symbol
*
sym
)
vcc_priv_arg
(
struct
vcc
*
tl
,
const
char
*
p
,
struct
symbol
*
sym
)
{
char
buf
[
64
];
struct
inifin
*
ifp
;
...
...
@@ -377,6 +377,7 @@ vcc_priv_arg(struct vcc *tl, const char *p, const struct symbol *sym)
marklist
=
&
tl
->
curproc
->
priv_tasks
;
}
else
if
(
!
strcmp
(
p
,
"PRIV_TOP"
))
{
f
=
"top"
;
sym
->
r_methods
&=
VCL_MET_TASK_C
;
marklist
=
&
tl
->
curproc
->
priv_tops
;
}
else
{
WRONG
(
"Wrong PRIV_ type"
);
...
...
@@ -641,7 +642,7 @@ vcc_func(struct vcc *tl, struct expr **e, const void *priv,
void
vcc_Eval_Func
(
struct
vcc
*
tl
,
const
struct
vjsn_val
*
spec
,
const
char
*
extra
,
const
struct
symbol
*
sym
)
const
char
*
extra
,
struct
symbol
*
sym
)
{
struct
expr
*
e
=
NULL
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment