Mercurial > hg > nginx-tests

comparison proxy_protocol.t @ 1526:b3bbb59dc324

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: merged $proxy_protocol_port tests with the rest for brevity.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 24 Oct 2019 15:00:27 +0300
parents cf14cfe9ec8c
children 64f19063adfe
comparison
equal deleted inserted replaced
1525:ca0858ef7d3d 1526:b3bbb59dc324
24 select STDERR; $| = 1; 24 select STDERR; $| = 1;
25 select STDOUT; $| = 1; 25 select STDOUT; $| = 1;
26 26
27 my $t = Test::Nginx->new()->has(qw/http access realip/); 27 my $t = Test::Nginx->new()->has(qw/http access realip/);
28 28
29 $t->write_file_expand('nginx.conf', <<'EOF')->plan(18); 29 $t->write_file_expand('nginx.conf', <<'EOF')->plan(20);
30 30
31 %%TEST_GLOBALS%% 31 %%TEST_GLOBALS%%
32 32
33 daemon off; 33 daemon off;
34 34
36 } 36 }
37 37
38 http { 38 http {
39 %%TEST_GLOBALS_HTTP%% 39 %%TEST_GLOBALS_HTTP%%
40 40
41 log_format pp '$remote_addr $request'; 41 log_format pp $remote_addr:$remote_port;
42 42
43 server { 43 server {
44 listen 127.0.0.1:8080 proxy_protocol; 44 listen 127.0.0.1:8080 proxy_protocol;
45 server_name localhost; 45 server_name localhost;
46 46
47 set_real_ip_from 127.0.0.1/32; 47 set_real_ip_from 127.0.0.1/32;
48 add_header X-IP $remote_addr; 48 add_header X-IP $remote_addr!$remote_port;
49 add_header X-PP $proxy_protocol_addr; 49 add_header X-PP $proxy_protocol_addr!$proxy_protocol_port;
50 50
51 location /pp { 51 location /pp {
52 real_ip_header proxy_protocol; 52 real_ip_header proxy_protocol;
53 error_page 404 =200 /t1; 53 error_page 404 =200 /t1;
54 access_log %%TESTDIR%%/pp.log pp;
55 54
56 location /pp_4 { 55 location /pp_4 {
57 deny 192.0.2.1/32; 56 deny 192.0.2.1/32;
57 access_log %%TESTDIR%%/pp4.log pp;
58 } 58 }
59
59 location /pp_6 { 60 location /pp_6 {
60 deny 2001:DB8::1/128; 61 deny 2001:DB8::1/128;
62 access_log %%TESTDIR%%/pp6.log pp;
61 } 63 }
62 } 64 }
65
66 location / { }
63 } 67 }
64 } 68 }
65 69
66 EOF 70 EOF
67 71
68 $t->write_file('t1', 'SEE-THIS'); 72 $t->write_file('t1', 'SEE-THIS');
69 $t->run(); 73 $t->run();
70 74
71 ############################################################################### 75 ###############################################################################
72 76
73 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; 77 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 123 5678' . CRLF;
74 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF; 78 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 123 5678' . CRLF;
75 my $unk1 = 'PROXY UNKNOWN' . CRLF; 79 my $unk1 = 'PROXY UNKNOWN' . CRLF;
76 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; 80 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF;
77 my $r; 81 my $r;
78 82
79 # no realip, just PROXY header parsing 83 # no realip, just PROXY header parsing
80 84
81 $r = pp_get('/t1', $tcp4); 85 $r = pp_get('/t1', $tcp4);
82 like($r, qr/SEE-THIS/, 'tcp4 request'); 86 like($r, qr/SEE-THIS/, 'tcp4 request');
83 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); 87 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy');
84 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); 88 unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tcp4 client');
85 89
86 $r = pp_get('/t1', $tcp6); 90 $r = pp_get('/t1', $tcp6);
87 like($r, qr/SEE-THIS/, 'tcp6 request'); 91 like($r, qr/SEE-THIS/, 'tcp6 request');
88 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); 92 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy');
89 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); 93 unlike($r, qr/X-IP: (2001:DB8::1|[^!]+!123\x0d)/i, 'tcp6 client');
90 94
91 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); 95 $r = pp_get('/t1', $unk1);
92 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); 96 like($r, qr/SEE-THIS/, 'unknown request 1');
97 like($r, qr/X-PP: !\x0d/, 'unknown proxy 1');
98
99 $r = pp_get('/t1', $unk2);
100 like($r, qr/SEE-THIS/, 'unknown request 2');
101 like($r, qr/X-PP: !\x0d/, 'unknown proxy 2');
93 102
94 # realip 103 # realip
95 104
96 $r = pp_get('/pp', $tcp4); 105 $r = pp_get('/pp', $tcp4);
97 like($r, qr/SEE-THIS/, 'tcp4 request realip'); 106 like($r, qr/SEE-THIS/, 'tcp4 request realip');
98 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); 107 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy realip');
99 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); 108 like($r, qr/X-IP: 192.0.2.1!123\x0d/, 'tcp4 client realip');
100 109
101 $r = pp_get('/pp', $tcp6); 110 $r = pp_get('/pp', $tcp6);
102 like($r, qr/SEE-THIS/, 'tcp6 request realip'); 111 like($r, qr/SEE-THIS/, 'tcp6 request realip');
103 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); 112 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy realip');
104 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); 113 like($r, qr/X-IP: 2001:DB8::1!123\x0d/i, 'tcp6 client realip');
105 114
106 # access 115 # access
107 116
108 $r = pp_get('/pp_4', $tcp4); 117 $r = pp_get('/pp_4', $tcp4);
109 like($r, qr/403 Forbidden/, 'tcp4 access'); 118 like($r, qr/403 Forbidden/, 'tcp4 access');
113 122
114 # client address in access.log 123 # client address in access.log
115 124
116 $t->stop(); 125 $t->stop();
117 126
118 my $log = $t->read_file('pp.log'); 127 is($t->read_file('pp4.log'), "192.0.2.1:123\n", 'tcp4 log');
119 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); 128 is($t->read_file('pp6.log'), "2001:db8::1:123\n", 'tcp6 log');
120 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log');
121 129
122 ############################################################################### 130 ###############################################################################
123 131
124 sub pp_get { 132 sub pp_get {
125 my ($url, $proxy) = @_; 133 my ($url, $proxy) = @_;