Mercurial > hg > nginx-tests

annotate stream_proxy_protocol_ssl.t @ 1851:0351dee227a8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: unbreak tests with dynamic certificates on stable. In 74cffa9d4c43, ticket based session reuse is enabled in addition to using a shared SSL session cache. This changed how a session can be resumed in a different server: - for a session ID based resumption, it is resumed in the same context - when using session tickets, a key name is also checked for matching - with a ticket callback, this is skipped in favor of callback's logic This makes 'session id context match' tests fail with session tickets on stable since ticket key names are unique in distinct SSL contexts. On the other hand, tests pass on 1.23.2+ due to automatic ticket keys rotation that installs ticket callback, and using a common shared SSL session cache.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 28 Mar 2023 01:36:32 +0400
parents f3ba4c74de31
children cdcd75657e52
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for stream proxy module with haproxy protocol to ssl backend.
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 use Socket qw/ CR LF CRLF /;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 BEGIN { use FindBin; chdir($FindBin::Bin); }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19 use lib 'lib';
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 use Test::Nginx qw/ :DEFAULT http_end /;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22 ###############################################################################
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 select STDERR; $| = 1;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 select STDOUT; $| = 1;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27 eval { require IO::Socket::SSL; };
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28 plan(skip_all => 'IO::Socket::SSL not installed') if $@;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29
1020
196d33c2bb45 Tests: removed TODO and try_run() checks for legacy versions.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 974
diff changeset
30 my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl')
196d33c2bb45 Tests: removed TODO and try_run() checks for legacy versions.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 974
diff changeset
31 ->plan(2);
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33 $t->write_file_expand('nginx.conf', <<'EOF');
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35 %%TEST_GLOBALS%%
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 daemon off;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39 events {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 stream {
1609
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
43 %%TEST_GLOBALS_STREAM%%
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
44
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45 proxy_ssl on;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 proxy_protocol on;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
49 listen 127.0.0.1:8080;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
50 proxy_pass 127.0.0.1:8081;
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
54 listen 127.0.0.1:8082;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
55 proxy_pass 127.0.0.1:8083;
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 proxy_protocol off;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60 EOF
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
61
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 $t->write_file('openssl.conf', <<EOF);
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
64 default_bits = 2048
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 encrypt_key = no
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66 distinguished_name = req_distinguished_name
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 [ req_distinguished_name ]
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68 EOF
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 my $d = $t->testdir();
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 foreach my $name ('localhost') {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
74 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
75 . "-out $d/$name.crt -keyout $d/$name.key "
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 . ">>$d/openssl.out 2>&1") == 0
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77 or die "Can't create certificate for $name: $!\n";
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
80 $t->run_daemon(\&stream_daemon_ssl, port(8081), path => $d, pp => 1);
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
81 $t->run_daemon(\&stream_daemon_ssl, port(8083), path => $d, pp => 0);
1020
196d33c2bb45 Tests: removed TODO and try_run() checks for legacy versions.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 974
diff changeset
82 $t->run();
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
84 $t->waitforsocket('127.0.0.1:' . port(8081));
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
85 $t->waitforsocket('127.0.0.1:' . port(8083));
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 ###############################################################################
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
89 my $dp = port(8080);
952
e9064d691790 Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 808
diff changeset
90
e9064d691790 Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 808
diff changeset
91 my %r = pp_get('test', '127.0.0.1:' . $dp);
e9064d691790 Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 808
diff changeset
92 is($r{'data'}, "PROXY TCP4 127.0.0.1 127.0.0.1 $r{'sp'} $dp" . CRLF . 'test',
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
93 'protocol on');
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
95 %r = pp_get('test', '127.0.0.1:' . port(8082));
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96 is($r{'data'}, 'test', 'protocol off');
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98 ###############################################################################
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100 sub pp_get {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 my ($data, $peer) = @_;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
102
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
103 my $s = http($data, socket => getconn($peer), start => 1);
633
cf89559cd558 Tests: style.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 615
diff changeset
104 my $sockport = $s->sockport();
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 $data = http_end($s);
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 return ('data' => $data, 'sp' => $sockport);
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109 sub getconn {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110 my $peer = shift;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 my $s = IO::Socket::INET->new(
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112 Proto => 'tcp',
952
e9064d691790 Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 808
diff changeset
113 PeerAddr => $peer
615
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114 )
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 or die "Can't connect to nginx: $!\n";
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117 return $s;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120 ###############################################################################
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 sub stream_daemon_ssl {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123 my ($port, %extra) = @_;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 my $d = $extra{path};
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 my $pp = $extra{pp};
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126 my $server = IO::Socket::INET->new(
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127 Proto => 'tcp',
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128 LocalHost => "127.0.0.1:$port",
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129 Listen => 5,
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 Reuse => 1
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
131 )
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132 or die "Can't create listening socket: $!\n";
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134 local $SIG{PIPE} = 'IGNORE';
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
135
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136 while (my $client = $server->accept()) {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137 my ($buffer, $data) = ('', '');
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138 $client->autoflush(1);
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
140 log2c("(new connection $client on $port)");
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
141
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
142 # read no more than haproxy header of variable length
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
143
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
144 while ($pp) {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
145 my $prev = $buffer;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146 $client->sysread($buffer, 1) or last;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 $data .= $buffer;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148 last if $prev eq CR && $buffer eq LF;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
149 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
150
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
151 log2i("$client $data");
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153 # would fail on waitforsocket
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
154
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155 eval {
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156 IO::Socket::SSL->start_SSL($client,
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
157 SSL_server => 1,
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
158 SSL_cert_file => "$d/localhost.crt",
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
159 SSL_key_file => "$d/localhost.key",
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160 SSL_error_trap => sub { die $_[1] }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161 );
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
162 };
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
163 next if $@;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
164
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
165 $client->sysread($buffer, 65536) or next;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
167 log2i("$client $buffer");
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
168
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
169 $data .= $buffer;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
170
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
171 log2o("$client $data");
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
172
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
173 $client->syswrite($data);
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
174
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
175 close $client;
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
176 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
177 }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
178
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
179 sub log2i { Test::Nginx::log_core('|| <<', @_); }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
180 sub log2o { Test::Nginx::log_core('|| >>', @_); }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
181 sub log2c { Test::Nginx::log_core('||', @_); }
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
182
f27fb891503c Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
183 ###############################################################################