Mercurial > hg > nginx-tests

comparison proxy_protocol.t @ 381:056d0ad0ef03

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: proxy protocol tests added.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 17 Mar 2014 17:57:17 +0400
parents
children 847ea345becb
comparison
equal deleted inserted replaced
380:74a015aad352 381:056d0ad0ef03
1 #!/usr/bin/perl
2
3 # (C) Sergey Kandaurov
4 # (C) Nginx, Inc.
5
6 # Tests for haproxy protocol.
7
8 ###############################################################################
9
10 use warnings;
11 use strict;
12
13 use Test::More;
14
15 use Socket qw/ CRLF /;
16
17 BEGIN { use FindBin; chdir($FindBin::Bin); }
18
19 use lib 'lib';
20 use Test::Nginx;
21
22 ###############################################################################
23
24 select STDERR; $| = 1;
25 select STDOUT; $| = 1;
26
27 my $t = Test::Nginx->new()->has(qw/http access ipv6 realip/);
28
29 plan(skip_all => 'no PROXY support') unless $t->has_version('1.5.12');
30
31 $t->write_file_expand('nginx.conf', <<'EOF')->plan(18);
32
33 %%TEST_GLOBALS%%
34
35 daemon off;
36
37 events {
38 }
39
40 http {
41 %%TEST_GLOBALS_HTTP%%
42
43 log_format pp '$remote_addr $request';
44
45 server {
46 listen 127.0.0.1:8080 proxy_protocol;
47 server_name localhost;
48
49 set_real_ip_from 127.0.0.1/32;
50 add_header X-IP $remote_addr;
51 add_header X-PP $proxy_protocol_addr;
52
53 location /pp {
54 real_ip_header proxy_protocol;
55 error_page 404 =200 /t1;
56 access_log %%TESTDIR%%/pp.log pp;
57
58 location /pp_4 {
59 deny 192.0.2.1/32;
60 }
61 location /pp_6 {
62 deny 2001:DB8::1/128;
63 }
64 }
65 }
66 }
67
68 EOF
69
70 $t->write_file('t1', 'SEE-THIS');
71 $t->run();
72
73 ###############################################################################
74
75 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF;
76 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF;
77 my $unk1 = 'PROXY UNKNOWN' . CRLF;
78 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF;
79 my $r;
80
81 # no realip, just PROXY header parsing
82
83 $r = pp_get('/t1', $tcp4);
84 like($r, qr/SEE-THIS/, 'tcp4 request');
85 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy');
86 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client');
87
88 $r = pp_get('/t1', $tcp6);
89 like($r, qr/SEE-THIS/, 'tcp6 request');
90 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy');
91 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client');
92
93 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1');
94 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2');
95
96 # realip
97
98 $r = pp_get('/pp', $tcp4);
99 like($r, qr/SEE-THIS/, 'tcp4 request realip');
100 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip');
101 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip');
102
103 $r = pp_get('/pp', $tcp6);
104 like($r, qr/SEE-THIS/, 'tcp6 request realip');
105 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip');
106 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip');
107
108 # access
109
110 $r = pp_get('/pp_4', $tcp4);
111 like($r, qr/403 Forbidden/, 'tcp4 access');
112
113 $r = pp_get('/pp_6', $tcp6);
114 like($r, qr/403 Forbidden/, 'tcp6 access');
115
116 # client address in access.log
117
118 $t->stop();
119
120 my $log;
121
122 {
123 open LOG, $t->testdir() . '/pp.log'
124 or die("Can't open nginx access log file.\n");
125 local $/;
126 $log = <LOG>;
127 close LOG;
128 }
129
130 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log');
131 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log');
132
133 ###############################################################################
134
135 sub pp_get {
136 my ($url, $proxy) = @_;
137 return http($proxy . <<EOF);
138 GET $url HTTP/1.0
139 Host: localhost
140
141 EOF
142 }
143 ###############################################################################