Mercurial > hg > nginx-tests
comparison proxy_protocol.t @ 381:056d0ad0ef03
Tests: proxy protocol tests added.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 17 Mar 2014 17:57:17 +0400 |
parents | |
children | 847ea345becb |
comparison
equal
deleted
inserted
replaced
380:74a015aad352 | 381:056d0ad0ef03 |
---|---|
1 #!/usr/bin/perl | |
2 | |
3 # (C) Sergey Kandaurov | |
4 # (C) Nginx, Inc. | |
5 | |
6 # Tests for haproxy protocol. | |
7 | |
8 ############################################################################### | |
9 | |
10 use warnings; | |
11 use strict; | |
12 | |
13 use Test::More; | |
14 | |
15 use Socket qw/ CRLF /; | |
16 | |
17 BEGIN { use FindBin; chdir($FindBin::Bin); } | |
18 | |
19 use lib 'lib'; | |
20 use Test::Nginx; | |
21 | |
22 ############################################################################### | |
23 | |
24 select STDERR; $| = 1; | |
25 select STDOUT; $| = 1; | |
26 | |
27 my $t = Test::Nginx->new()->has(qw/http access ipv6 realip/); | |
28 | |
29 plan(skip_all => 'no PROXY support') unless $t->has_version('1.5.12'); | |
30 | |
31 $t->write_file_expand('nginx.conf', <<'EOF')->plan(18); | |
32 | |
33 %%TEST_GLOBALS%% | |
34 | |
35 daemon off; | |
36 | |
37 events { | |
38 } | |
39 | |
40 http { | |
41 %%TEST_GLOBALS_HTTP%% | |
42 | |
43 log_format pp '$remote_addr $request'; | |
44 | |
45 server { | |
46 listen 127.0.0.1:8080 proxy_protocol; | |
47 server_name localhost; | |
48 | |
49 set_real_ip_from 127.0.0.1/32; | |
50 add_header X-IP $remote_addr; | |
51 add_header X-PP $proxy_protocol_addr; | |
52 | |
53 location /pp { | |
54 real_ip_header proxy_protocol; | |
55 error_page 404 =200 /t1; | |
56 access_log %%TESTDIR%%/pp.log pp; | |
57 | |
58 location /pp_4 { | |
59 deny 192.0.2.1/32; | |
60 } | |
61 location /pp_6 { | |
62 deny 2001:DB8::1/128; | |
63 } | |
64 } | |
65 } | |
66 } | |
67 | |
68 EOF | |
69 | |
70 $t->write_file('t1', 'SEE-THIS'); | |
71 $t->run(); | |
72 | |
73 ############################################################################### | |
74 | |
75 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; | |
76 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF; | |
77 my $unk1 = 'PROXY UNKNOWN' . CRLF; | |
78 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; | |
79 my $r; | |
80 | |
81 # no realip, just PROXY header parsing | |
82 | |
83 $r = pp_get('/t1', $tcp4); | |
84 like($r, qr/SEE-THIS/, 'tcp4 request'); | |
85 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); | |
86 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); | |
87 | |
88 $r = pp_get('/t1', $tcp6); | |
89 like($r, qr/SEE-THIS/, 'tcp6 request'); | |
90 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); | |
91 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); | |
92 | |
93 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); | |
94 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); | |
95 | |
96 # realip | |
97 | |
98 $r = pp_get('/pp', $tcp4); | |
99 like($r, qr/SEE-THIS/, 'tcp4 request realip'); | |
100 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); | |
101 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); | |
102 | |
103 $r = pp_get('/pp', $tcp6); | |
104 like($r, qr/SEE-THIS/, 'tcp6 request realip'); | |
105 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); | |
106 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); | |
107 | |
108 # access | |
109 | |
110 $r = pp_get('/pp_4', $tcp4); | |
111 like($r, qr/403 Forbidden/, 'tcp4 access'); | |
112 | |
113 $r = pp_get('/pp_6', $tcp6); | |
114 like($r, qr/403 Forbidden/, 'tcp6 access'); | |
115 | |
116 # client address in access.log | |
117 | |
118 $t->stop(); | |
119 | |
120 my $log; | |
121 | |
122 { | |
123 open LOG, $t->testdir() . '/pp.log' | |
124 or die("Can't open nginx access log file.\n"); | |
125 local $/; | |
126 $log = <LOG>; | |
127 close LOG; | |
128 } | |
129 | |
130 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); | |
131 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); | |
132 | |
133 ############################################################################### | |
134 | |
135 sub pp_get { | |
136 my ($url, $proxy) = @_; | |
137 return http($proxy . <<EOF); | |
138 GET $url HTTP/1.0 | |
139 Host: localhost | |
140 | |
141 EOF | |
142 } | |
143 ############################################################################### |