Mercurial > hg > nginx-tests
comparison proxy_protocol.t @ 1526:b3bbb59dc324
Tests: merged $proxy_protocol_port tests with the rest for brevity.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 24 Oct 2019 15:00:27 +0300 |
parents | cf14cfe9ec8c |
children | 64f19063adfe |
comparison
equal
deleted
inserted
replaced
1525:ca0858ef7d3d | 1526:b3bbb59dc324 |
---|---|
24 select STDERR; $| = 1; | 24 select STDERR; $| = 1; |
25 select STDOUT; $| = 1; | 25 select STDOUT; $| = 1; |
26 | 26 |
27 my $t = Test::Nginx->new()->has(qw/http access realip/); | 27 my $t = Test::Nginx->new()->has(qw/http access realip/); |
28 | 28 |
29 $t->write_file_expand('nginx.conf', <<'EOF')->plan(18); | 29 $t->write_file_expand('nginx.conf', <<'EOF')->plan(20); |
30 | 30 |
31 %%TEST_GLOBALS%% | 31 %%TEST_GLOBALS%% |
32 | 32 |
33 daemon off; | 33 daemon off; |
34 | 34 |
36 } | 36 } |
37 | 37 |
38 http { | 38 http { |
39 %%TEST_GLOBALS_HTTP%% | 39 %%TEST_GLOBALS_HTTP%% |
40 | 40 |
41 log_format pp '$remote_addr $request'; | 41 log_format pp $remote_addr:$remote_port; |
42 | 42 |
43 server { | 43 server { |
44 listen 127.0.0.1:8080 proxy_protocol; | 44 listen 127.0.0.1:8080 proxy_protocol; |
45 server_name localhost; | 45 server_name localhost; |
46 | 46 |
47 set_real_ip_from 127.0.0.1/32; | 47 set_real_ip_from 127.0.0.1/32; |
48 add_header X-IP $remote_addr; | 48 add_header X-IP $remote_addr!$remote_port; |
49 add_header X-PP $proxy_protocol_addr; | 49 add_header X-PP $proxy_protocol_addr!$proxy_protocol_port; |
50 | 50 |
51 location /pp { | 51 location /pp { |
52 real_ip_header proxy_protocol; | 52 real_ip_header proxy_protocol; |
53 error_page 404 =200 /t1; | 53 error_page 404 =200 /t1; |
54 access_log %%TESTDIR%%/pp.log pp; | |
55 | 54 |
56 location /pp_4 { | 55 location /pp_4 { |
57 deny 192.0.2.1/32; | 56 deny 192.0.2.1/32; |
57 access_log %%TESTDIR%%/pp4.log pp; | |
58 } | 58 } |
59 | |
59 location /pp_6 { | 60 location /pp_6 { |
60 deny 2001:DB8::1/128; | 61 deny 2001:DB8::1/128; |
62 access_log %%TESTDIR%%/pp6.log pp; | |
61 } | 63 } |
62 } | 64 } |
65 | |
66 location / { } | |
63 } | 67 } |
64 } | 68 } |
65 | 69 |
66 EOF | 70 EOF |
67 | 71 |
68 $t->write_file('t1', 'SEE-THIS'); | 72 $t->write_file('t1', 'SEE-THIS'); |
69 $t->run(); | 73 $t->run(); |
70 | 74 |
71 ############################################################################### | 75 ############################################################################### |
72 | 76 |
73 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; | 77 my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 123 5678' . CRLF; |
74 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF; | 78 my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 123 5678' . CRLF; |
75 my $unk1 = 'PROXY UNKNOWN' . CRLF; | 79 my $unk1 = 'PROXY UNKNOWN' . CRLF; |
76 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; | 80 my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; |
77 my $r; | 81 my $r; |
78 | 82 |
79 # no realip, just PROXY header parsing | 83 # no realip, just PROXY header parsing |
80 | 84 |
81 $r = pp_get('/t1', $tcp4); | 85 $r = pp_get('/t1', $tcp4); |
82 like($r, qr/SEE-THIS/, 'tcp4 request'); | 86 like($r, qr/SEE-THIS/, 'tcp4 request'); |
83 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); | 87 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy'); |
84 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); | 88 unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tcp4 client'); |
85 | 89 |
86 $r = pp_get('/t1', $tcp6); | 90 $r = pp_get('/t1', $tcp6); |
87 like($r, qr/SEE-THIS/, 'tcp6 request'); | 91 like($r, qr/SEE-THIS/, 'tcp6 request'); |
88 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); | 92 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy'); |
89 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); | 93 unlike($r, qr/X-IP: (2001:DB8::1|[^!]+!123\x0d)/i, 'tcp6 client'); |
90 | 94 |
91 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); | 95 $r = pp_get('/t1', $unk1); |
92 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); | 96 like($r, qr/SEE-THIS/, 'unknown request 1'); |
97 like($r, qr/X-PP: !\x0d/, 'unknown proxy 1'); | |
98 | |
99 $r = pp_get('/t1', $unk2); | |
100 like($r, qr/SEE-THIS/, 'unknown request 2'); | |
101 like($r, qr/X-PP: !\x0d/, 'unknown proxy 2'); | |
93 | 102 |
94 # realip | 103 # realip |
95 | 104 |
96 $r = pp_get('/pp', $tcp4); | 105 $r = pp_get('/pp', $tcp4); |
97 like($r, qr/SEE-THIS/, 'tcp4 request realip'); | 106 like($r, qr/SEE-THIS/, 'tcp4 request realip'); |
98 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); | 107 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy realip'); |
99 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); | 108 like($r, qr/X-IP: 192.0.2.1!123\x0d/, 'tcp4 client realip'); |
100 | 109 |
101 $r = pp_get('/pp', $tcp6); | 110 $r = pp_get('/pp', $tcp6); |
102 like($r, qr/SEE-THIS/, 'tcp6 request realip'); | 111 like($r, qr/SEE-THIS/, 'tcp6 request realip'); |
103 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); | 112 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy realip'); |
104 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); | 113 like($r, qr/X-IP: 2001:DB8::1!123\x0d/i, 'tcp6 client realip'); |
105 | 114 |
106 # access | 115 # access |
107 | 116 |
108 $r = pp_get('/pp_4', $tcp4); | 117 $r = pp_get('/pp_4', $tcp4); |
109 like($r, qr/403 Forbidden/, 'tcp4 access'); | 118 like($r, qr/403 Forbidden/, 'tcp4 access'); |
113 | 122 |
114 # client address in access.log | 123 # client address in access.log |
115 | 124 |
116 $t->stop(); | 125 $t->stop(); |
117 | 126 |
118 my $log = $t->read_file('pp.log'); | 127 is($t->read_file('pp4.log'), "192.0.2.1:123\n", 'tcp4 log'); |
119 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); | 128 is($t->read_file('pp6.log'), "2001:db8::1:123\n", 'tcp6 log'); |
120 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); | |
121 | 129 |
122 ############################################################################### | 130 ############################################################################### |
123 | 131 |
124 sub pp_get { | 132 sub pp_get { |
125 my ($url, $proxy) = @_; | 133 my ($url, $proxy) = @_; |