Mercurial > hg > nginx-tests
annotate ssl_proxy_protocol.t @ 1215:26884729e06b
Tests: cope with resolver resend in mail resolver tests.
Currently, if resolver didn't find PTR type in the answer section of PTR
response, it keeps the node in the resend queue until the next timer event.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 31 Aug 2017 19:09:04 +0300 |
parents | cf14cfe9ec8c |
children | 0af58b78df35 |
rev | line source |
---|---|
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http ssl module with haproxy protocol. |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 use Socket qw/ CRLF /; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 use Test::Nginx; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 eval { require IO::Socket::SSL; }; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 plan(skip_all => 'IO::Socket::SSL not installed') if $@; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 plan(skip_all => 'IO::Socket::SSL too old') if $@; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
1170
cf14cfe9ec8c
Tests: dropped obsolete ipv6 prerequisite.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1168
diff
changeset
|
32 my $t = Test::Nginx->new()->has(qw/http http_ssl access realip/) |
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 ->has_daemon('openssl'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 $t->write_file_expand('nginx.conf', <<'EOF')->plan(18); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 %%TEST_GLOBALS%% |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 daemon off; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 events { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 http { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 %%TEST_GLOBALS_HTTP%% |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 log_format pp '$remote_addr $request'; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 server { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
50 listen 127.0.0.1:8080 proxy_protocol ssl; |
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 server_name localhost; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 ssl_certificate_key localhost.key; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 ssl_certificate localhost.crt; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 set_real_ip_from 127.0.0.1/32; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 add_header X-IP $remote_addr; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 add_header X-PP $proxy_protocol_addr; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 location /pp { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 real_ip_header proxy_protocol; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 error_page 404 =200 /t1; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 access_log %%TESTDIR%%/pp.log pp; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 location /pp_4 { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 deny 192.0.2.1/32; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 location /pp_6 { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 deny 2001:DB8::1/128; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 EOF |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 $t->write_file('openssl.conf', <<EOF); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 [ req ] |
1116
8ef51dbb5d69
Tests: reduced OpenSSL default key length to 1024.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
79 default_bits = 1024 |
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 encrypt_key = no |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 distinguished_name = req_distinguished_name |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 [ req_distinguished_name ] |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 EOF |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 my $d = $t->testdir(); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 foreach my $name ('localhost') { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 system('openssl req -x509 -new ' |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 . "-config '$d/openssl.conf' -subj '/CN=$name/' " |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 . "-out '$d/$name.crt' -keyout '$d/$name.key' " |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 . ">>$d/openssl.out 2>&1") == 0 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 or die "Can't create certificate for $name: $!\n"; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 $t->write_file('t1', 'SEE-THIS'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 $t->run(); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 ############################################################################### |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 my $unk1 = 'PROXY UNKNOWN' . CRLF; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 my $r; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 # no realip, just PROXY header parsing |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 $r = pp_get('/t1', $tcp4); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 like($r, qr/SEE-THIS/, 'tcp4 request'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 $r = pp_get('/t1', $tcp6); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 like($r, qr/SEE-THIS/, 'tcp6 request'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 # realip |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 $r = pp_get('/pp', $tcp4); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 like($r, qr/SEE-THIS/, 'tcp4 request realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 $r = pp_get('/pp', $tcp6); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 like($r, qr/SEE-THIS/, 'tcp6 request realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 # access |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
135 $r = pp_get('/pp_4', $tcp4); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 like($r, qr/403 Forbidden/, 'tcp4 access'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 $r = pp_get('/pp_6', $tcp6); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
139 like($r, qr/403 Forbidden/, 'tcp6 access'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 # client address in access.log |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 $t->stop(); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 |
908
adf5671391ac
Tests: use read_file subroutine in several tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
603
diff
changeset
|
145 my $log = $t->read_file('pp.log'); |
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 ############################################################################### |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
151 sub pp_get { |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
152 my ($url, $proxy) = @_; |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
154 my $s = http($proxy, start => 1); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
155 |
1168
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
156 eval { |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
157 local $SIG{ALRM} = sub { die "timeout\n" }; |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
158 local $SIG{PIPE} = sub { die "sigpipe\n" }; |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
159 alarm(2); |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
160 IO::Socket::SSL->start_SSL($s, |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
161 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
162 SSL_error_trap => sub { die $_[1] } |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
163 ); |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
164 alarm(0); |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
165 }; |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
166 alarm(0); |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
167 |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
168 if ($@) { |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
169 log_in("died: $@"); |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
170 return undef; |
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
171 } |
603
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
172 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
173 return http(<<EOF, socket => $s); |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
174 GET $url HTTP/1.0 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
175 Host: localhost |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
176 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
177 EOF |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
178 } |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
179 |
cc722d0c557d
Tests: proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
180 ############################################################################### |