On 14 October 2011 09:42, Kristian Lyngstol <[email protected]> wrote: > Hi Laurence, > > On Thu, Oct 13, 2011 at 11:24:25PM +0100, Laurence Rowe wrote: >> On 13 October 2011 18:45, Laurence Rowe <[email protected]> wrote: >> > How do you handle null bytes in the strings returned by digest.hash* / >> > digest.hmac* / digest.base64*decode ? I was under the impression >> > varnish used null terminated strings internally. >> >> From reading the source I see that the hash and hmac functions return >> hexdigests. Presumably it's assumed any base64 data you would be >> interested in reading in Varnish would not contain null characters. > > A valid point... > > I could provide base64 functions that accept a length-argument too. > However, since there is no simple way to deal with NULL in VCL itself, > I'm curious if you have a use case for it? The only real use case I see > is if you combine it with other vmods.
My particular use case is to validate Plone's signed authentication cookies within VCL. To save space I included a binary version of the hmac sha256 digest in the base64 encoded cookie. I think I'll just change Plone's algorithm to use a hexdigest instead, it's only another 45 characters once base64 encoded. With the binary version I would need comparison tests which were also length aware. Laurence _______________________________________________ varnish-dev mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
