Mercurial > hg > nginx-tests
annotate http_include.t @ 1938:e1059682aeef
Tests: fixed ClientHello with resending Initial QUIC packets.
Previously it was rebuilt each time using distinct ClientHello.random
resulting in different CRYPTO payload. As such, it led to TLS digest
hash and derived secrets mismatch when resending Initial packet. Now
ClientHello is built once and reused when resending Initial packets.
Additionally, this required to preserve a generated secret value used
in shared secret calculation as part of TLS key schedule. Previously
it was regenerated when receiving a Retry packet, but this won't work
with reused ClientHello as the resulting shared secrets won't match.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 30 Aug 2023 02:22:58 +0400 |
parents | 5ac6efbe5552 |
children |
rev | line source |
---|---|
1470
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for include directive. |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 ############################################################################### |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 select STDERR; $| = 1; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDOUT; $| = 1; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 my $t = Test::Nginx->new()->has(qw/http rewrite proxy access/) |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 ->write_file_expand('nginx.conf', <<'EOF'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 %%TEST_GLOBALS%% |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 daemon off; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 events { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 http { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 %%TEST_GLOBALS_HTTP%% |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 upstream u { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 include ups.conf; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 server { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 listen 127.0.0.1:8080; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 server_name localhost; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 if ($arg_s) { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 include sif.conf; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 location / { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 if ($arg_l) { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 include lif.conf; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 location /lmt { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 limit_except GET { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 include lmt.conf; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 location /proxy { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 add_header X-IP $upstream_addr always; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 proxy_pass http://u/backend; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 location /backend { } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 EOF |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 my $p = port(8080); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 $t->write_file('sif.conf', 'return 200 SIF;'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 $t->write_file('lif.conf', 'return 200 LIF;'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 $t->write_file('lmt.conf', 'deny all;'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 $t->write_file('ups.conf', "server 127.0.0.1:$p;"); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 |
1693
5ac6efbe5552
Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1470
diff
changeset
|
80 $t->run()->plan(5); |
1470
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 ############################################################################### |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 like(http_get('/?s=1'), qr/SIF/, 'include in server if'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 like(http_get('/?l=1'), qr/LIF/, 'include in location if'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 like(http_post('/lmt'), qr/ 403 /, 'include in limit_except'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 like(http_get('/proxy'), qr/X-IP: 127.0.0.1:$p/, 'include in upstream'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 unlike(http_get('/'), qr/ 200 /, 'no include'); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 ############################################################################### |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 sub http_post { |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 my ($uri) = @_; |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 http(<<EOF); |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 POST $uri HTTP/1.0 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 Host: localhost |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 EOF |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 } |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 |
ed2be714a3af
Tests: http include tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 ############################################################################### |