Mercurial > hg > nginx-tests
annotate h2_ssl_proxy_protocol.t @ 1902:c560f5da581e
Tests: http2 directive tests.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 31 May 2023 13:29:34 +0400 |
parents | a0ee073760c5 |
children | 6b3b31149551 |
rev | line source |
---|---|
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
2 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
5 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
6 # Tests for HTTP/2 protocol with proxy_protocol. |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
7 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
9 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
11 use strict; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
12 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
14 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
15 use Socket qw/ CRLF /; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
16 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
18 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
20 use Test::Nginx; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
21 use Test::Nginx::HTTP2; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
22 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
23 ############################################################################### |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
24 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
25 select STDERR; $| = 1; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
26 select STDOUT; $| = 1; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
27 |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
28 my $t = Test::Nginx->new() |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
29 ->has(qw/http http_ssl http_v2 realip socket_ssl_alpn/) |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
30 ->has_daemon('openssl')->plan(3); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
31 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
32 $t->write_file_expand('nginx.conf', <<'EOF'); |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
33 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
34 %%TEST_GLOBALS%% |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
35 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
36 daemon off; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
37 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
38 events { |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
39 } |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
40 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
41 http { |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
42 %%TEST_GLOBALS_HTTP%% |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
43 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
44 server { |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
45 listen 127.0.0.1:8080 proxy_protocol http2 ssl; |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
46 server_name localhost; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
47 |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
48 ssl_certificate_key localhost.key; |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
49 ssl_certificate localhost.crt; |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
50 |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
51 location /pp { |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
52 set_real_ip_from 127.0.0.1/32; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
53 real_ip_header proxy_protocol; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
54 alias %%TESTDIR%%/t.html; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
55 add_header X-PP $remote_addr; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
56 } |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
57 } |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
58 } |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
59 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
60 EOF |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
61 |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
62 $t->write_file('openssl.conf', <<EOF); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
63 [ req ] |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
64 default_bits = 2048 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
65 encrypt_key = no |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
66 distinguished_name = req_distinguished_name |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
67 [ req_distinguished_name ] |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
68 EOF |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
69 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
70 my $d = $t->testdir(); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
71 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
72 foreach my $name ('localhost') { |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
73 system('openssl req -x509 -new ' |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
74 . "-config $d/openssl.conf -subj /CN=$name/ " |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
75 . "-out $d/$name.crt -keyout $d/$name.key " |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
76 . ">>$d/openssl.out 2>&1") == 0 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
77 or die "Can't create certificate for $name: $!\n"; |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
78 } |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
79 |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
80 $t->write_file('t.html', 'SEE-THIS'); |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
81 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
82 open OLDERR, ">&", \*STDERR; close STDERR; |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
83 $t->run(); |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
84 open STDERR, ">&", \*OLDERR; |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
85 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
86 ############################################################################### |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
87 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
88 my $proxy = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
89 my $sock = http($proxy, start => 1); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
90 http('', start => 1, socket => $sock, SSL => 1, SSL_alpn_protocols => ['h2']); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
91 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
92 SKIP: { |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
93 skip 'no ALPN negotiation', 2 unless $sock->alpn_selected(); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
94 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
95 my $s = Test::Nginx::HTTP2->new(undef, socket => $sock); |
948
4dc302d8e04f
Tests: changed HTTP2 package to act as a class.
Sergey Kandaurov <pluknet@nginx.com>
parents:
946
diff
changeset
|
96 my $sid = $s->new_stream({ path => '/pp' }); |
4dc302d8e04f
Tests: changed HTTP2 package to act as a class.
Sergey Kandaurov <pluknet@nginx.com>
parents:
946
diff
changeset
|
97 my $frames = $s->read(all => [{ sid => $sid, fin => 1 }]); |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
98 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
99 my ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
100 ok($frame, 'PROXY HEADERS frame'); |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
101 is($frame->{headers}->{'x-pp'}, '192.0.2.1', 'PROXY remote addr'); |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
102 |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
103 } |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
104 |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
105 $sock->close(); |
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
106 |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
107 # invalid PROXY protocol string |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
108 |
946
e3df9c2100de
Tests: fixed HTTP/2 test with invalid PROXY protocol string.
Sergey Kandaurov <pluknet@nginx.com>
parents:
882
diff
changeset
|
109 $proxy = 'BOGUS TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; |
1899
a0ee073760c5
Tests: updated HTTP/2 tests with invalid PROXY protocol.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
110 ok(!http($proxy), 'PROXY invalid protocol'); |
876
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
111 |
a6abbfed42c0
Tests: split HTTP/2 tests, HTTP2 package introduced.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
112 ############################################################################### |