Mercurial > hg > nginx-tests
annotate stream_proxy_protocol_ssl.t @ 1961:fe6f22da53ec default tip
Tests: tests for usage of discarded body.
The client_max_body_size limit should be ignored when the request body
is already discarded. In HTTP/1.x, this is done by checking the
r->discard_body flag when the body is being discarded, and because
r->headers_in.content_length_n is 0 when it's already discarded. This,
however, does not happen with HTTP/2 and HTTP/3, and therefore
"error_page 413" does not work without relaxing the limit.
Further, with proxy_pass, r->headers_in.content_length_n is used to determine
length of the request body, and therefore is not correct if discarding of
the request body isn't yet complete. While discarding the request body,
r->headers_in.content_length_n contains the rest of the body to discard
(or, in case of chunked request body, the rest of the current chunk to
discard).
Similarly, the $content_length variable uses r->headers_in.content_length
if available, and also incorrect. The $content_length variable is used
when proxying with fastcgi_pass, grpc_pass, and uwsgi_pass (scgi_pass uses
the value calculated based on the actual request body buffers, and therefore
works correctly).
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Sat, 27 Apr 2024 18:55:50 +0300 |
| parents | cdcd75657e52 |
| children |
| rev | line source |
|---|---|
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for stream proxy module with haproxy protocol to ssl backend. |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 use Socket qw/ CR LF CRLF /; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 use Test::Nginx qw/ :DEFAULT http_end /; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
|
1858
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/stream stream_ssl socket_ssl/) |
|
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
28 ->has_daemon('openssl')->plan(2); |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 %%TEST_GLOBALS%% |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 daemon off; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 events { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 stream { |
|
1609
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
40 %%TEST_GLOBALS_STREAM%% |
|
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
41 |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 proxy_ssl on; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 proxy_protocol on; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
46 listen 127.0.0.1:8080; |
|
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
47 proxy_pass 127.0.0.1:8081; |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
51 listen 127.0.0.1:8082; |
|
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
52 proxy_pass 127.0.0.1:8083; |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 proxy_protocol off; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 EOF |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 $t->write_file('openssl.conf', <<EOF); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
61 default_bits = 2048 |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 encrypt_key = no |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 distinguished_name = req_distinguished_name |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 [ req_distinguished_name ] |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 EOF |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 my $d = $t->testdir(); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 foreach my $name ('localhost') { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
71 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
72 . "-out $d/$name.crt -keyout $d/$name.key " |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 . ">>$d/openssl.out 2>&1") == 0 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 or die "Can't create certificate for $name: $!\n"; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
77 $t->run_daemon(\&stream_daemon_ssl, port(8081), path => $d, pp => 1); |
|
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
78 $t->run_daemon(\&stream_daemon_ssl, port(8083), path => $d, pp => 0); |
|
1020
196d33c2bb45
Tests: removed TODO and try_run() checks for legacy versions.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
974
diff
changeset
|
79 $t->run(); |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
81 $t->waitforsocket('127.0.0.1:' . port(8081)); |
|
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
82 $t->waitforsocket('127.0.0.1:' . port(8083)); |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 ############################################################################### |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
86 my $dp = port(8080); |
|
952
e9064d691790
Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
808
diff
changeset
|
87 |
|
e9064d691790
Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
808
diff
changeset
|
88 my %r = pp_get('test', '127.0.0.1:' . $dp); |
|
e9064d691790
Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
808
diff
changeset
|
89 is($r{'data'}, "PROXY TCP4 127.0.0.1 127.0.0.1 $r{'sp'} $dp" . CRLF . 'test', |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 'protocol on'); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
92 %r = pp_get('test', '127.0.0.1:' . port(8082)); |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 is($r{'data'}, 'test', 'protocol off'); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 ############################################################################### |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 sub pp_get { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 my ($data, $peer) = @_; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 my $s = http($data, socket => getconn($peer), start => 1); |
| 633 | 101 my $sockport = $s->sockport(); |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 $data = http_end($s); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 return ('data' => $data, 'sp' => $sockport); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 sub getconn { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 my $peer = shift; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 my $s = IO::Socket::INET->new( |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 Proto => 'tcp', |
|
952
e9064d691790
Tests: converted tests to run in parallel.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
808
diff
changeset
|
110 PeerAddr => $peer |
|
615
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 ) |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 or die "Can't connect to nginx: $!\n"; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 return $s; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 ############################################################################### |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 sub stream_daemon_ssl { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 my ($port, %extra) = @_; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 my $d = $extra{path}; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 my $pp = $extra{pp}; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 my $server = IO::Socket::INET->new( |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 Proto => 'tcp', |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 LocalHost => "127.0.0.1:$port", |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 Listen => 5, |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 Reuse => 1 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 ) |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 or die "Can't create listening socket: $!\n"; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 local $SIG{PIPE} = 'IGNORE'; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 while (my $client = $server->accept()) { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 my ($buffer, $data) = ('', ''); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
135 $client->autoflush(1); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 log2c("(new connection $client on $port)"); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
139 # read no more than haproxy header of variable length |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 while ($pp) { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 my $prev = $buffer; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 $client->sysread($buffer, 1) or last; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 $data .= $buffer; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 last if $prev eq CR && $buffer eq LF; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 log2i("$client $data"); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 # would fail on waitforsocket |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
151 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
152 eval { |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 IO::Socket::SSL->start_SSL($client, |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
154 SSL_server => 1, |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
155 SSL_cert_file => "$d/localhost.crt", |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
156 SSL_key_file => "$d/localhost.key", |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
157 SSL_error_trap => sub { die $_[1] } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
158 ); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
159 }; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
160 next if $@; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
161 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
162 $client->sysread($buffer, 65536) or next; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
163 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
164 log2i("$client $buffer"); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
165 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
166 $data .= $buffer; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
167 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
168 log2o("$client $data"); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
169 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
170 $client->syswrite($data); |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
171 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
172 close $client; |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
173 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
174 } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
175 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
176 sub log2i { Test::Nginx::log_core('|| <<', @_); } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
177 sub log2o { Test::Nginx::log_core('|| >>', @_); } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
178 sub log2c { Test::Nginx::log_core('||', @_); } |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
179 |
|
f27fb891503c
Tests: stream proxy protocol tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
180 ############################################################################### |