Mercurial > hg > nginx-tests
annotate stream_ssl_realip.t @ 1961:fe6f22da53ec default tip
Tests: tests for usage of discarded body.
The client_max_body_size limit should be ignored when the request body
is already discarded. In HTTP/1.x, this is done by checking the
r->discard_body flag when the body is being discarded, and because
r->headers_in.content_length_n is 0 when it's already discarded. This,
however, does not happen with HTTP/2 and HTTP/3, and therefore
"error_page 413" does not work without relaxing the limit.
Further, with proxy_pass, r->headers_in.content_length_n is used to determine
length of the request body, and therefore is not correct if discarding of
the request body isn't yet complete. While discarding the request body,
r->headers_in.content_length_n contains the rest of the body to discard
(or, in case of chunked request body, the rest of the current chunk to
discard).
Similarly, the $content_length variable uses r->headers_in.content_length
if available, and also incorrect. The $content_length variable is used
when proxying with fastcgi_pass, grpc_pass, and uwsgi_pass (scgi_pass uses
the value calculated based on the actual request body buffers, and therefore
works correctly).
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Sat, 27 Apr 2024 18:55:50 +0300 |
| parents | cdcd75657e52 |
| children |
| rev | line source |
|---|---|
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for stream realip module, server side proxy protocol with ssl. |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 use Socket qw/ $CRLF /; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
|
1458
e95133e85798
Tests: unbreak stream_ssl_realip.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
20 use Test::Nginx qw/ :DEFAULT http_end /; |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
|
1170
cf14cfe9ec8c
Tests: dropped obsolete ipv6 prerequisite.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1168
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/stream stream_return stream_realip/) |
|
1858
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
28 ->has(qw/stream_ssl socket_ssl/) |
|
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
29 ->has_daemon('openssl') |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 ->write_file_expand('nginx.conf', <<'EOF'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 %%TEST_GLOBALS%% |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 daemon off; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 events { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 stream { |
|
1609
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
40 %%TEST_GLOBALS_STREAM%% |
|
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
41 |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 ssl_certificate_key localhost.key; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 ssl_certificate localhost.crt; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 server { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 listen 127.0.0.1:8083 proxy_protocol ssl; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 return $proxy_protocol_addr:$proxy_protocol_port; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 server { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 listen 127.0.0.1:8086 proxy_protocol ssl; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 listen [::1]:%%PORT_8086%% proxy_protocol ssl; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 return "$remote_addr:$remote_port: |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 $realip_remote_addr:$realip_remote_port"; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 set_real_ip_from ::1; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 set_real_ip_from 127.0.0.2; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 server { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 listen 127.0.0.1:8087; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 proxy_pass [::1]:%%PORT_8086%%; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 server { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 listen 127.0.0.1:8088 proxy_protocol ssl; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 listen [::1]:%%PORT_8088%% proxy_protocol ssl; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 return "$remote_addr:$remote_port: |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 $realip_remote_addr:$realip_remote_port"; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 set_real_ip_from 127.0.0.1; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 set_real_ip_from ::2; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 server { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 listen 127.0.0.1:8089; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 proxy_pass [::1]:%%PORT_8088%%; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 EOF |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 $t->write_file('openssl.conf', <<EOF); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1458
diff
changeset
|
85 default_bits = 2048 |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 encrypt_key = no |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 distinguished_name = req_distinguished_name |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 [ req_distinguished_name ] |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 EOF |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 my $d = $t->testdir(); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 foreach my $name ('localhost') { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1190
diff
changeset
|
95 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1190
diff
changeset
|
96 . "-out $d/$name.crt -keyout $d/$name.key " |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 . ">>$d/openssl.out 2>&1") == 0 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 or die "Can't create certificate for $name: $!\n"; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
|
1251
766bcbb632ee
Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
101 $t->try_run('no inet6 support')->plan(6); |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 ############################################################################### |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 is(pp_get(8083, "PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 '192.0.2.1:1234', 'server'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 like(pp_get(8086, "PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 qr/^(\Q127.0.0.1:\E\d+):\s+\1$/, 'server ipv6 realip - no match'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 like(pp_get(8087, "PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 qr/\Q192.0.2.1:1234:\E\s+\Q::1:\E\d+/, 'server ipv6 realip'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 like(pp_get(8088, "PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 qr/\Q192.0.2.1:1234:\E\s+\Q127.0.0.1:\E\d+/, 'server ipv4 realip'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 like(pp_get(8089, "PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 qr/^(::1:\d+):\s+\1$/, 'server ipv4 realip - no match'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 like(pp_get(8088, "PROXY UNKNOWN TCP4 192.0.2.1 192.0.2.2 1234 5678${CRLF}"), |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 qr/^(\Q127.0.0.1:\E\d+):\s+\1$/, 'server unknown'); |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 ############################################################################### |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 sub pp_get { |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 my ($port, $proxy) = @_; |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 |
|
1458
e95133e85798
Tests: unbreak stream_ssl_realip.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
128 my $s = IO::Socket::INET->new('127.0.0.1:' . port($port)) or return; |
|
e95133e85798
Tests: unbreak stream_ssl_realip.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
129 http($proxy, start => 1, socket => $s); |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 |
|
1168
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
131 eval { |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
132 local $SIG{ALRM} = sub { die "timeout\n" }; |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
133 local $SIG{PIPE} = sub { die "sigpipe\n" }; |
|
1421
4e48bf51714f
Tests: aligned various generic read timeouts to http_end().
Sergey Kandaurov <pluknet@nginx.com>
parents:
1407
diff
changeset
|
134 alarm(8); |
|
1458
e95133e85798
Tests: unbreak stream_ssl_realip.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
135 IO::Socket::SSL->start_SSL($s, |
|
1168
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
136 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
137 SSL_error_trap => sub { die $_[1] } |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
138 ); |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
139 alarm(0); |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
140 }; |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
141 alarm(0); |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
142 |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
143 if ($@) { |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
144 log_in("died: $@"); |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
145 return undef; |
|
8821e405b91e
Tests: handled SSL negotiation errors.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
146 } |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 |
|
1458
e95133e85798
Tests: unbreak stream_ssl_realip.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
148 http_end($s); |
|
1029
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 } |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 |
|
21602616d8ee
Tests: stream realip tests, listen proxy_protocol ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
151 ############################################################################### |