[master] 33eac64 Rename {vcl,vmod}_dir to {vcl,vmod}_path
Federico G. Schwindt
fgsch at lodoss.net
Fri Feb 19 20:06:41 CET 2016
commit 33eac64fc32f7b884057ee13ec4470ebe432cc6a
Author: Federico G. Schwindt <fgsch at lodoss.net>
Date: Fri Feb 19 10:39:27 2016 +0000
Rename {vcl,vmod}_dir to {vcl,vmod}_path
The former are kept for backward compatibility as aliases for now.
While here update some related doc and remove dead code.
diff --git a/bin/varnishd/mgt/mgt.h b/bin/varnishd/mgt/mgt.h
index fe96360..3cd8ddd 100644
--- a/bin/varnishd/mgt/mgt.h
+++ b/bin/varnishd/mgt/mgt.h
@@ -170,8 +170,8 @@ void mgt_vcc_startup(struct cli *, const char *b_arg, const char *f_arg,
int mgt_push_vcls_and_start(struct cli *, unsigned *status, char **p);
int mgt_has_vcl(void);
extern char *mgt_cc_cmd;
-extern const char *mgt_vcl_dir;
-extern const char *mgt_vmod_dir;
+extern const char *mgt_vcl_path;
+extern const char *mgt_vmod_path;
extern unsigned mgt_vcc_err_unref;
extern unsigned mgt_vcc_allow_inline_c;
extern unsigned mgt_vcc_unsafe_path;
diff --git a/bin/varnishd/mgt/mgt_param_tbl.c b/bin/varnishd/mgt/mgt_param_tbl.c
index 59fcfed..6ca1aeb 100644
--- a/bin/varnishd/mgt/mgt_param_tbl.c
+++ b/bin/varnishd/mgt/mgt_param_tbl.c
@@ -56,7 +56,13 @@ struct parspec mgt_parspec[] = {
"and %o will be replaced with the output file name.",
MUST_RELOAD,
VCC_CC , NULL },
- { "vcl_dir", tweak_string, &mgt_vcl_dir,
+ { "vcl_dir", tweak_string, &mgt_vcl_path,
+ NULL, NULL,
+ "Old name for vcl_path, use that instead.",
+ 0,
+ VARNISH_VCL_DIR,
+ NULL },
+ { "vcl_path", tweak_string, &mgt_vcl_path,
NULL, NULL,
"Directory (or colon separated list of directories) "
"from which relative VCL filenames (vcl.load and "
@@ -64,7 +70,13 @@ struct parspec mgt_parspec[] = {
0,
VARNISH_VCL_DIR,
NULL },
- { "vmod_dir", tweak_string, &mgt_vmod_dir,
+ { "vmod_dir", tweak_string, &mgt_vmod_path,
+ NULL, NULL,
+ "Old name for vmod_path, use that instead.",
+ 0,
+ VARNISH_VMOD_DIR,
+ NULL },
+ { "vmod_path", tweak_string, &mgt_vmod_path,
NULL, NULL,
"Directory (or colon separated list of directories) "
"where VMODs are to be found.",
diff --git a/bin/varnishd/mgt/mgt_vcc.c b/bin/varnishd/mgt/mgt_vcc.c
index 77f67c0..ac2c5f6 100644
--- a/bin/varnishd/mgt/mgt_vcc.c
+++ b/bin/varnishd/mgt/mgt_vcc.c
@@ -59,8 +59,8 @@ struct vcc_priv {
};
char *mgt_cc_cmd;
-const char *mgt_vcl_dir;
-const char *mgt_vmod_dir;
+const char *mgt_vcl_path;
+const char *mgt_vmod_path;
unsigned mgt_vcc_err_unref;
unsigned mgt_vcc_allow_inline_c;
unsigned mgt_vcc_unsafe_path;
@@ -95,8 +95,8 @@ run_vcc(void *priv)
sb = VSB_new_auto();
XXXAN(sb);
- VCP_VCL_dir(vcp, mgt_vcl_dir);
- VCP_VMOD_dir(vcp, mgt_vmod_dir);
+ VCP_VCL_path(vcp, mgt_vcl_path);
+ VCP_VMOD_path(vcp, mgt_vmod_path);
VCP_Err_Unref(vcp, mgt_vcc_err_unref);
VCP_Allow_InlineC(vcp, mgt_vcc_allow_inline_c);
VCP_Unsafe_Path(vcp, mgt_vcc_unsafe_path);
diff --git a/bin/varnishtest/tests/c00053.vtc b/bin/varnishtest/tests/c00053.vtc
index 6a34045..6a8e50b 100644
--- a/bin/varnishtest/tests/c00053.vtc
+++ b/bin/varnishtest/tests/c00053.vtc
@@ -2,7 +2,7 @@ varnishtest "Test include vs. unsafe_path"
server s1 {
rxreq
- txresp -hdr "foo: bAr" -hdr "bar: fOo" -bodylen 4
+ txresp
} -start
shell "echo > ${tmpdir}/_.c00053"
@@ -14,13 +14,11 @@ varnish v1 -vcl+backend {
varnish v1 -cliok "param.set vcc_unsafe_path off"
varnish v1 -errvcl {' is unsafe} {
- backend default {
- .host = "${s1_sock}";
- }
+ backend default { .host = "${s1_sock}"; }
include "${tmpdir}/_.c00053";
}
-varnish v1 -cliok "param.set vcl_dir ${tmpdir}"
+varnish v1 -cliok "param.set vcl_path ${tmpdir}"
varnish v1 -vcl+backend {
include "_.c00053";
diff --git a/bin/varnishtest/tests/m00003.vtc b/bin/varnishtest/tests/m00003.vtc
index 85970dd..f0b3120 100644
--- a/bin/varnishtest/tests/m00003.vtc
+++ b/bin/varnishtest/tests/m00003.vtc
@@ -1,4 +1,4 @@
-varnishtest "Test vmod_dir param"
+varnishtest "Test vmod_path param"
feature topbuild
@@ -7,17 +7,19 @@ server s1 {
txresp
} -start
-varnish v1 -arg "-pvmod_dir=${topbuild}/lib/libvmod_std/.libs/" \
+varnish v1 -arg "-pvmod_path=${topbuild}/lib/libvmod_std/.libs/" \
-vcl+backend {
import std;
} -start
-varnish v1 -cliok "param.set vmod_dir /nonexistent"
+varnish v1 -cliok "param.set vmod_path /nonexistent"
varnish v1 -errvcl {Could not load VMOD std} {
import std;
}
-varnish v1 -errvcl {Expected 'from path ...'} {
- import std to;
+varnish v1 -cliok "param.set vmod_dir ${topbuild}/lib/libvmod_std/.libs/"
+
+varnish v1 -vcl+backend {
+ import std;
}
diff --git a/bin/varnishtest/tests/m00008.vtc b/bin/varnishtest/tests/m00008.vtc
index 10cb23d..9386ae9 100644
--- a/bin/varnishtest/tests/m00008.vtc
+++ b/bin/varnishtest/tests/m00008.vtc
@@ -1,10 +1,10 @@
-varnishtest "Test std vmod vs. unsafe_path"
+varnishtest "Test import vs. unsafe_path"
feature topbuild
server s1 {
rxreq
- txresp -hdr "foo: bAr" -hdr "bar: fOo" -bodylen 4
+ txresp
} -start
varnish v1 -vcl+backend {
@@ -18,7 +18,8 @@ varnish v1 -errvcl {'import ... from path ...' is unsafe.} {
import ${vmod_std};
}
-varnish v1 -cliok "param.set vmod_dir /nowhere:${topbuild}/lib/libvmod_std/.libs/:/else"
+varnish v1 \
+ -cliok "param.set vmod_path /nowhere:${topbuild}/lib/libvmod_std/.libs/"
varnish v1 -vcl+backend {
import std;
@@ -26,7 +27,7 @@ varnish v1 -vcl+backend {
varnish v1 -cliok "param.set vcc_unsafe_path on"
-varnish v1 -cliok "param.set vmod_dir /nowhere:/else"
+varnish v1 -cliok "param.set vmod_path /nowhere:/else"
varnish v1 -vcl+backend {
import std from "${topbuild}/lib/libvmod_std/.libs/";
diff --git a/bin/varnishtest/tests/v00020.vtc b/bin/varnishtest/tests/v00020.vtc
index 263b883..ff178f6 100644
--- a/bin/varnishtest/tests/v00020.vtc
+++ b/bin/varnishtest/tests/v00020.vtc
@@ -284,3 +284,7 @@ varnish v1 -errvcl {Names of VCL acl's cannot contain '-'} {
}
}
}
+
+varnish v1 -errvcl {Expected 'from path ...'} {
+ import std to;
+}
diff --git a/bin/varnishtest/tests/v00046.vtc b/bin/varnishtest/tests/v00046.vtc
index f87cd21..2bbe9d4 100644
--- a/bin/varnishtest/tests/v00046.vtc
+++ b/bin/varnishtest/tests/v00046.vtc
@@ -1,8 +1,8 @@
-varnishtest "Test relative to vcl_dir, dot-include and absolute includes"
+varnishtest "Test relative to vcl_path, dot-include and absolute includes"
# relative plain
shell "true > ${tmpdir}/_start.vcl"
-varnish v1 -arg "-p vcl_dir=${tmpdir}" -vcl {
+varnish v1 -arg "-p vcl_path=${tmpdir}" -vcl {
backend b { .host = "127.0.0.1"; }
include "_start.vcl" ;
}
@@ -22,7 +22,7 @@ varnish v1 -vcl {
include "${tmpdir}/1/a.vcl" ;
}
-# same but relative to vcl_dir
+# same but relative to vcl_path
shell "echo 'include \"1/2/b.vcl\";' > ${tmpdir}/1/ab.vcl"
varnish v1 -vcl {
backend b { .host = "127.0.0.1"; }
@@ -70,4 +70,3 @@ shell "rm -f ${tmpdir}/_start.vcl"
varnish v1 -errvcl {needs absolute filename of including file.} {
include "./foobar";
}
-
diff --git a/doc/sphinx/reference/varnishd.rst b/doc/sphinx/reference/varnishd.rst
index 3372939..535b403 100644
--- a/doc/sphinx/reference/varnishd.rst
+++ b/doc/sphinx/reference/varnishd.rst
@@ -120,7 +120,7 @@ OPTIONS
Make the listed parameters read only. This gives the system
administrator a way to limit what the Varnish CLI can do. Consider
making parameters such as *cc_command*, *vcc_allow_inline_c* and
- *vmod_dir* read only as these can potentially be used to escalate
+ *vmod_path* read only as these can potentially be used to escalate
privileges from the CLI.
-S file
diff --git a/doc/sphinx/users-guide/run_security.rst b/doc/sphinx/users-guide/run_security.rst
index 2beb4aa..5340e6c 100644
--- a/doc/sphinx/users-guide/run_security.rst
+++ b/doc/sphinx/users-guide/run_security.rst
@@ -158,12 +158,12 @@ Furthermore you may want to look at and lock down:
Log all CLI commands to `syslog(8)`, so you know what goes on.
:ref:`ref_param_vcc_unsafe_path`
- Restrict VCL/VMODS to :ref:`ref_param_vcl_dir` and :ref:`ref_param_vmod_dir`
+ Restrict VCL/VMODs to :ref:`ref_param_vcl_path` and :ref:`ref_param_vmod_path`
-:ref:`ref_param_vmod_dir`
- The directory where Varnish will will look
- for modules. This could potentially be used to load rouge
- modules into Varnish.
+:ref:`ref_param_vmod_path`
+ The directory (or colon separated list of directories) where
+ Varnish will will look for modules. This could potentially be
+ used to load rogue modules into Varnish.
The CLI interface
-----------------
diff --git a/include/libvcc.h b/include/libvcc.h
index fbd7bd1..0d3bb53 100644
--- a/include/libvcc.h
+++ b/include/libvcc.h
@@ -32,8 +32,8 @@ struct vcc;
struct vcp *VCP_New(void);
void VCP_Builtin_VCL(struct vcp *, const char *str);
-void VCP_VCL_dir(struct vcp *, const char *str);
-void VCP_VMOD_dir(struct vcp *, const char *str);
+void VCP_VCL_path(struct vcp *, const char *str);
+void VCP_VMOD_path(struct vcp *, const char *str);
void VCP_Err_Unref(struct vcp *tl, unsigned u);
void VCP_Allow_InlineC(struct vcp *tl, unsigned u);
void VCP_Unsafe_Path(struct vcp *tl, unsigned u);
diff --git a/lib/libvcc/vcc_compile.c b/lib/libvcc/vcc_compile.c
index 5db516f..0f94b21 100644
--- a/lib/libvcc/vcc_compile.c
+++ b/lib/libvcc/vcc_compile.c
@@ -898,28 +898,26 @@ VCP_Builtin_VCL(struct vcp *vcp, const char *str)
}
/*--------------------------------------------------------------------
- * Configure default VCL source directory
+ * Configure default VCL source path
*/
void
-VCP_VCL_dir(struct vcp *vcp, const char *str)
+VCP_VCL_path(struct vcp *vcp, const char *str)
{
CHECK_OBJ_NOTNULL(vcp, VCP_MAGIC);
- REPLACE(vcp->vcl_dir, str);
VFIL_setpath(&vcp->vcl_path, str);
}
/*--------------------------------------------------------------------
- * Configure default VMOD directory
+ * Configure default VMOD path
*/
void
-VCP_VMOD_dir(struct vcp *vcp, const char *str)
+VCP_VMOD_path(struct vcp *vcp, const char *str)
{
CHECK_OBJ_NOTNULL(vcp, VCP_MAGIC);
- REPLACE(vcp->vmod_dir, str);
VFIL_setpath(&vcp->vmod_path, str);
}
diff --git a/lib/libvcc/vcc_compile.h b/lib/libvcc/vcc_compile.h
index 3feecd3..7816a3e 100644
--- a/lib/libvcc/vcc_compile.h
+++ b/lib/libvcc/vcc_compile.h
@@ -160,9 +160,7 @@ struct vcp {
#define VCP_MAGIC 0xd90acfbc
char *builtin_vcl;
- char *vcl_dir;
struct vfil_path *vcl_path;
- char *vmod_dir;
struct vfil_path *vmod_path;
unsigned err_unref;
unsigned allow_inline_c;
More information about the varnish-commit
mailing list