Mercurial > hg > nginx-tests
comparison quic_migration.t @ 1893:6dcf5a1df790
Tests: basic QUIC connection migration tests.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 23 May 2023 18:55:06 +0400 |
parents | |
children | 8b74936ff2ac |
comparison
equal
deleted
inserted
replaced
1892:a8fc2f1f6f6f | 1893:6dcf5a1df790 |
---|---|
1 #!/usr/bin/perl | |
2 | |
3 # (C) Sergey Kandaurov | |
4 # (C) Nginx, Inc. | |
5 | |
6 # Tests for quic connection migration. | |
7 | |
8 ############################################################################### | |
9 | |
10 use warnings; | |
11 use strict; | |
12 | |
13 use Test::More; | |
14 | |
15 BEGIN { use FindBin; chdir($FindBin::Bin); } | |
16 | |
17 use lib 'lib'; | |
18 use Test::Nginx; | |
19 use Test::Nginx::HTTP3; | |
20 | |
21 ############################################################################### | |
22 | |
23 select STDERR; $| = 1; | |
24 select STDOUT; $| = 1; | |
25 | |
26 eval { require Crypt::Misc; die if $Crypt::Misc::VERSION < 0.067; }; | |
27 plan(skip_all => 'CryptX version >= 0.067 required') if $@; | |
28 | |
29 plan(skip_all => '127.0.0.20 local address required') | |
30 unless defined IO::Socket::INET->new( LocalAddr => '127.0.0.20' ); | |
31 | |
32 my $t = Test::Nginx->new()->has(qw/http http_v3/) | |
33 ->has_daemon('openssl')->plan(2); | |
34 | |
35 $t->write_file_expand('nginx.conf', <<'EOF'); | |
36 | |
37 %%TEST_GLOBALS%% | |
38 | |
39 daemon off; | |
40 | |
41 events { | |
42 } | |
43 | |
44 http { | |
45 %%TEST_GLOBALS_HTTP%% | |
46 | |
47 ssl_certificate_key localhost.key; | |
48 ssl_certificate localhost.crt; | |
49 | |
50 server { | |
51 listen 127.0.0.1:%%PORT_8980_UDP%% quic; | |
52 server_name localhost; | |
53 | |
54 location / { | |
55 add_header X-IP $remote_addr; | |
56 } | |
57 } | |
58 } | |
59 | |
60 EOF | |
61 | |
62 $t->write_file('openssl.conf', <<EOF); | |
63 [ req ] | |
64 default_bits = 2048 | |
65 encrypt_key = no | |
66 distinguished_name = req_distinguished_name | |
67 [ req_distinguished_name ] | |
68 EOF | |
69 | |
70 my $d = $t->testdir(); | |
71 | |
72 foreach my $name ('localhost') { | |
73 system('openssl req -x509 -new ' | |
74 . "-config $d/openssl.conf -subj /CN=$name/ " | |
75 . "-out $d/$name.crt -keyout $d/$name.key " | |
76 . ">>$d/openssl.out 2>&1") == 0 | |
77 or die "Can't create certificate for $name: $!\n"; | |
78 } | |
79 | |
80 $t->write_file('index.html', ''); | |
81 $t->run(); | |
82 | |
83 ############################################################################### | |
84 | |
85 # test that $remote_addr is not truncated after migration (ticket #2488), | |
86 # to test, we migrate to another address large enough in text representation, | |
87 # then send a request on the new path | |
88 | |
89 my $s = Test::Nginx::HTTP3->new(); | |
90 $s->new_connection_id(1, 0, "connection_id_1", "reset_token_0001"); | |
91 | |
92 my $frames = $s->read(all => [{ type => 'NCID' }]); | |
93 my ($frame) = grep { $_->{type} eq "NCID" } @$frames; | |
94 | |
95 $s->{socket} = IO::Socket::INET->new( | |
96 Proto => "udp", | |
97 LocalAddr => '127.0.0.20', | |
98 PeerAddr => '127.0.0.1:' . port(8980), | |
99 ); | |
100 $s->{scid} = "connection_id_1"; | |
101 $s->{dcid} = $frame->{cid}; | |
102 $s->ping(); | |
103 | |
104 $frames = $s->read(all => [{ type => 'PATH_CHALLENGE' }]); | |
105 ($frame) = grep { $_->{type} eq "PATH_CHALLENGE" } @$frames; | |
106 $s->path_response($frame->{data}); | |
107 | |
108 $frames = $s->read(all => [{ sid => $s->new_stream(), fin => 1 }]); | |
109 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; | |
110 is($frame->{headers}{'x-ip'}, '127.0.0.20', 'remote addr after migration'); | |
111 | |
112 # test that $remote_addr is not truncated while in the process of migration; | |
113 # the same but migration occurs on receiving a request stream itself, | |
114 # which is the first non-probing frame on the new path; | |
115 # this might lead to $remote_addr truncation in the following order: | |
116 # - stream held original sockaddr/addr_text references on stream creation | |
117 # - values were rewritten as part of handling connection migration | |
118 # - stream was handled referencing rewritten values, with old local lengths | |
119 # sockaddr and addr_text are expected to keep copies on stream creation | |
120 | |
121 $s = Test::Nginx::HTTP3->new(); | |
122 $s->new_connection_id(1, 0, "connection_id_1", "reset_token_0001"); | |
123 | |
124 $frames = $s->read(all => [{ type => 'NCID' }]); | |
125 ($frame) = grep { $_->{type} eq "NCID" } @$frames; | |
126 | |
127 $s->{socket} = IO::Socket::INET->new( | |
128 Proto => "udp", | |
129 LocalAddr => '127.0.0.20', | |
130 PeerAddr => '127.0.0.1:' . port(8980), | |
131 ); | |
132 $s->{scid} = "connection_id_1"; | |
133 $s->{dcid} = $frame->{cid}; | |
134 | |
135 $frames = $s->read(all => [{ sid => $s->new_stream(), fin => 1 }]); | |
136 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; | |
137 is($frame->{headers}{'x-ip'}, '127.0.0.1', 'remote addr on migration'); | |
138 | |
139 ############################################################################### |