[master] 0d2fe019f vmod_unix: restrict all $Functions to client and backend
Nils Goroll
nils.goroll at uplex.de
Mon Apr 24 13:46:08 UTC 2023
commit 0d2fe019f9bf65a3283325425539d46d4466f8e0
Author: Walid Boudebouda <walid.boudebouda at gmail.com>
Date: Thu Mar 9 09:48:23 2023 +0100
vmod_unix: restrict all $Functions to client and backend
diff --git a/vmod/tests/unix_c00000.vtc b/vmod/tests/unix_c00000.vtc
index 9298f9d7a..723ee99e1 100644
--- a/vmod/tests/unix_c00000.vtc
+++ b/vmod/tests/unix_c00000.vtc
@@ -58,7 +58,7 @@ logexpect l1 -v v1 -d 1 -c {
} -run
-varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini} {
+varnish v1 -errvcl {Not available in subroutine 'vcl_init'} {
import unix;
import std;
backend b None;
@@ -68,7 +68,7 @@ varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini
}
}
-varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini} {
+varnish v1 -errvcl {Not available in subroutine 'vcl_init'} {
import unix;
import std;
backend b None;
@@ -78,7 +78,7 @@ varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini
}
}
-varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini} {
+varnish v1 -errvcl {Not available in subroutine 'vcl_init'} {
import unix;
import std;
backend b None;
@@ -88,7 +88,7 @@ varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini
}
}
-varnish v1 -errvcl {vmod unix failure: may not be called in vcl_init or vcl_fini} {
+varnish v1 -errvcl {Not available in subroutine 'vcl_init'} {
import unix;
import std;
backend b None;
diff --git a/vmod/vmod_unix.c b/vmod/vmod_unix.c
index 1edfca9d5..18b1d70ce 100644
--- a/vmod/vmod_unix.c
+++ b/vmod/vmod_unix.c
@@ -49,9 +49,6 @@
#define VERR(ctx, fmt, ...) \
VSLb((ctx)->vsl, SLT_VCL_Error, "vmod unix error: " fmt, __VA_ARGS__)
-#define FAILNOINIT(ctx) \
- FAIL((ctx), "may not be called in vcl_init or vcl_fini")
-
#define ERRNOTUDS(ctx) \
ERR((ctx), "not listening on a Unix domain socket")
@@ -93,10 +90,7 @@ vmod_##func(VRT_CTX) \
int ret; \
\
CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC); \
- if ((ctx->method & VCL_MET_TASK_H) != 0) { \
- FAILNOINIT(ctx); \
- return (-1); \
- } \
+ AZ(ctx->method & VCL_MET_TASK_H); \
\
sp = get_sp(ctx); \
if (!sp->listen_sock->uds) { \
diff --git a/vmod/vmod_unix.vcc b/vmod/vmod_unix.vcc
index a7e6de913..b88c2326e 100644
--- a/vmod/vmod_unix.vcc
+++ b/vmod/vmod_unix.vcc
@@ -67,18 +67,26 @@ $Function STRING user()
Return the user name of the peer process owner.
+$Restrict client backend
+
$Function STRING group()
Return the group name of the peer process owner.
+$Restrict client backend
+
$Function INT uid()
Return the numeric user id of the peer process owner.
+$Restrict client backend
+
$Function INT gid()
Return the numeric group id of the peer process owner.
+$Restrict client backend
+
ERRORS
======
More information about the varnish-commit
mailing list