#!/bin/bash
# This file is part of Cachewall.
# Licensed under Cachewall License Agreement. See: http://cachewall.com/LICENSE
#
# Test Varnish Cache administrative port connection and authentication.

{ type systemctl &>/dev/null \
    && source /etc/varnish/varnish.params \
    || source /etc/sysconfig/varnish
} || exit 1

ADMIN_HOST=${VARNISH_ADMIN_LISTEN_ADDRESS:-127.0.0.1}
ADMIN_PORT=${VARNISH_ADMIN_LISTEN_PORT:-6082}
SECRET_FILE=${VARNISH_SECRET_FILE:-/usr/local/xvarnish/var/.secret}


exec 3<>/dev/tcp/$ADMIN_HOST/$ADMIN_PORT || exit 1

while true
do
    read -r -u 3 -d ' ' status
    read -r -u 3 len
    read -r -u 3 -N $len data

    echo -ne "$status $len${data:+\n$data}" | sed 's/^/< /'

    if [ "$status" -eq 107 ]
    then
        read -r -N 33 challenge <<< "$data"
        secret=$(cat "$SECRET_FILE"; echo x)  # preserve eol

        read -r auth < <(printf "$challenge${secret%x}$challenge" | openssl dgst -sha256)

        printf "auth ${auth##* }\n" | tee >(sed 's/^/> /') >&3
    else
        break
    fi
done

exec 3>&-