https://metacpan.org/source/RCL/Varnish-CLI-0.03/lib%2FVarnish%2FCLI.pm
I don't know if I'm doing something wrong. I'm trying to use this CLI
against an upgraded Varnish server and it seems the new version is built
with a secret being required to connect remotely.
I think the relevant sections are below.
For #1, I couldn't find any examples online, but my guess is I can just
modify my like this:
my $varnish = Varnish::CLI->new( secret => 'ENTER_LONG_STRING_HERE' );
It asks for the contents of my secret (/etc/varnish/secret) file which is
GUID-like and I entered that directly in the line above. I tried with both
single quotes and none.
If I have #1 right, I think I've confirmed a "107" is being returned with a
telnet session, but it doesn't appear that #2 is working right as this
comes directly on the screen:
"Connection failed: authentication required, but no secret given\n"
I don't understand this syntax:
if( not $self->secret() ){
My guess is it evaluates if my secret variable is empty?
My next steps might be:
-Setup a network sniffer
-Try to figure out if this 0.03 version doesn't deal with the challenge
properly with the latest Varnish
#1
--------------
If you have started your Varnish CLI with a secret, you must will have to
pass the contents
of your secret file, otherwise authentication will fail... Makes sense!! :)
Remember - complete contents of the secret file (including a newline if it
exists!)
my $varnish = Varnish::CLI->new( secret => $secret );
--------------
#2
--------------
# A 107 response on connection means the Varnish CLI expects
authentication
if( $self->last_status() == 107 ){
if( not $self->secret() ){
croak( "Connection failed: authentication required, but no
secret given\n" );
}
my $challenge = substr( $self->last_lines()->[0], 0, 32 );
my $auth = sha256_hex( $challenge . "\n" . $self->secret() .
$challenge . "\n" );
$self->send( "auth $auth" );
if( $self->last_status != 200 ){
croak( "Authentication failed!\n" );
}
}
--------------
...
