Mercurial > hg > nginx-tests
comparison proxy_protocol2.t @ 1526:b3bbb59dc324
Tests: merged $proxy_protocol_port tests with the rest for brevity.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 24 Oct 2019 15:00:27 +0300 |
parents | 97c8280de681 |
children | 64f19063adfe |
comparison
equal
deleted
inserted
replaced
1525:ca0858ef7d3d | 1526:b3bbb59dc324 |
---|---|
22 select STDERR; $| = 1; | 22 select STDERR; $| = 1; |
23 select STDOUT; $| = 1; | 23 select STDOUT; $| = 1; |
24 | 24 |
25 my $t = Test::Nginx->new()->has(qw/http access realip/); | 25 my $t = Test::Nginx->new()->has(qw/http access realip/); |
26 | 26 |
27 $t->write_file_expand('nginx.conf', <<'EOF')->plan(21); | 27 $t->write_file_expand('nginx.conf', <<'EOF')->plan(23); |
28 | 28 |
29 %%TEST_GLOBALS%% | 29 %%TEST_GLOBALS%% |
30 | 30 |
31 daemon off; | 31 daemon off; |
32 | 32 |
34 } | 34 } |
35 | 35 |
36 http { | 36 http { |
37 %%TEST_GLOBALS_HTTP%% | 37 %%TEST_GLOBALS_HTTP%% |
38 | 38 |
39 log_format pp '$remote_addr $request'; | 39 log_format pp $remote_addr:$remote_port; |
40 | 40 |
41 server { | 41 server { |
42 listen 127.0.0.1:8080 proxy_protocol; | 42 listen 127.0.0.1:8080 proxy_protocol; |
43 server_name localhost; | 43 server_name localhost; |
44 | 44 |
45 set_real_ip_from 127.0.0.1/32; | 45 set_real_ip_from 127.0.0.1/32; |
46 add_header X-IP $remote_addr; | 46 add_header X-IP $remote_addr!$remote_port; |
47 add_header X-PP $proxy_protocol_addr; | 47 add_header X-PP $proxy_protocol_addr!$proxy_protocol_port; |
48 | 48 |
49 location /pp { | 49 location /pp { |
50 real_ip_header proxy_protocol; | 50 real_ip_header proxy_protocol; |
51 error_page 404 =200 /t1; | 51 error_page 404 =200 /t1; |
52 access_log %%TESTDIR%%/pp.log pp; | |
53 | 52 |
54 location /pp_4 { | 53 location /pp_4 { |
55 deny 192.0.2.1/32; | 54 deny 192.0.2.1/32; |
55 access_log %%TESTDIR%%/pp4.log pp; | |
56 } | 56 } |
57 | |
57 location /pp_6 { | 58 location /pp_6 { |
58 deny 2001:DB8::1/128; | 59 deny 2001:DB8::1/128; |
60 access_log %%TESTDIR%%/pp6.log pp; | |
59 } | 61 } |
60 } | 62 } |
63 | |
64 location / { } | |
61 } | 65 } |
62 } | 66 } |
63 | 67 |
64 EOF | 68 EOF |
65 | 69 |
67 $t->run(); | 71 $t->run(); |
68 | 72 |
69 ############################################################################### | 73 ############################################################################### |
70 | 74 |
71 my $p = pack("N3C", 0x0D0A0D0A, 0x000D0A51, 0x5549540A, 0x21); | 75 my $p = pack("N3C", 0x0D0A0D0A, 0x000D0A51, 0x5549540A, 0x21); |
72 my $tcp4 = $p . pack("CnN2n2", 0x11, 12, 0xc0000201, 0xc0000202, 1234, 5678); | 76 my $tcp4 = $p . pack("CnN2n2", 0x11, 12, 0xc0000201, 0xc0000202, 123, 5678); |
73 my $tcp6 = $p . pack("CnNx8NNx8Nn2", 0x21, 36, | 77 my $tcp6 = $p . pack("CnNx8NNx8Nn2", 0x21, 36, |
74 0x20010db8, 0x00000001, 0x20010db8, 0x00000002, 1234, 5678); | 78 0x20010db8, 0x00000001, 0x20010db8, 0x00000002, 123, 5678); |
75 my $tlv = $p . pack("CnN2n2x9", 0x11, 21, 0xc0000201, 0xc0000202, 1234, 5678); | 79 my $tlv = $p . pack("CnN2n2x9", 0x11, 21, 0xc0000201, 0xc0000202, 123, 5678); |
76 my $unk1 = $p . pack("Cxx", 0x01); | 80 my $unk1 = $p . pack("Cxx", 0x01); |
77 my $unk2 = $p . pack("CnC4", 0x41, 4, 1, 2, 3, 4); | 81 my $unk2 = $p . pack("CnC4", 0x41, 4, 1, 2, 3, 4); |
78 my $r; | 82 my $r; |
79 | 83 |
80 # no realip, just PROXY header parsing | 84 # no realip, just PROXY header parsing |
81 | 85 |
82 $r = pp_get('/t1', $tcp4); | 86 $r = pp_get('/t1', $tcp4); |
83 like($r, qr/SEE-THIS/, 'tcp4 request'); | 87 like($r, qr/SEE-THIS/, 'tcp4 request'); |
84 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); | 88 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy'); |
85 unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); | 89 unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tcp4 client'); |
86 | 90 |
87 $r = pp_get('/t1', $tcp6); | 91 $r = pp_get('/t1', $tcp6); |
88 like($r, qr/SEE-THIS/, 'tcp6 request'); | 92 like($r, qr/SEE-THIS/, 'tcp6 request'); |
89 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); | 93 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy'); |
90 unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); | 94 unlike($r, qr/X-IP: (2001:DB8::1|[^!]+!123\x0d)/i, 'tcp6 client'); |
91 | 95 |
92 $r = pp_get('/t1', $tlv); | 96 $r = pp_get('/t1', $tlv); |
93 like($r, qr/SEE-THIS/, 'tlv request'); | 97 like($r, qr/SEE-THIS/, 'tlv request'); |
94 like($r, qr/X-PP: 192.0.2.1/, 'tlv proxy'); | 98 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tlv proxy'); |
95 unlike($r, qr/X-IP: 192.0.2.1/, 'tlv client'); | 99 unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tlv client'); |
96 | 100 |
97 like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); | 101 $r = pp_get('/t1', $unk1); |
98 like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); | 102 like($r, qr/SEE-THIS/, 'unknown request 1'); |
103 like($r, qr/X-PP: !\x0d/, 'unknown proxy 1'); | |
104 | |
105 $r = pp_get('/t1', $unk2); | |
106 like($r, qr/SEE-THIS/, 'unknown request 2'); | |
107 like($r, qr/X-PP: !\x0d/, 'unknown proxy 2'); | |
99 | 108 |
100 # realip | 109 # realip |
101 | 110 |
102 $r = pp_get('/pp', $tcp4); | 111 $r = pp_get('/pp', $tcp4); |
103 like($r, qr/SEE-THIS/, 'tcp4 request realip'); | 112 like($r, qr/SEE-THIS/, 'tcp4 request realip'); |
104 like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); | 113 like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy realip'); |
105 like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); | 114 like($r, qr/X-IP: 192.0.2.1!123\x0d/, 'tcp4 client realip'); |
106 | 115 |
107 $r = pp_get('/pp', $tcp6); | 116 $r = pp_get('/pp', $tcp6); |
108 like($r, qr/SEE-THIS/, 'tcp6 request realip'); | 117 like($r, qr/SEE-THIS/, 'tcp6 request realip'); |
109 like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); | 118 like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy realip'); |
110 like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); | 119 like($r, qr/X-IP: 2001:DB8::1!123\x0d/i, 'tcp6 client realip'); |
111 | 120 |
112 # access | 121 # access |
113 | 122 |
114 $r = pp_get('/pp_4', $tcp4); | 123 $r = pp_get('/pp_4', $tcp4); |
115 like($r, qr/403 Forbidden/, 'tcp4 access'); | 124 like($r, qr/403 Forbidden/, 'tcp4 access'); |
119 | 128 |
120 # client address in access.log | 129 # client address in access.log |
121 | 130 |
122 $t->stop(); | 131 $t->stop(); |
123 | 132 |
124 my $log = $t->read_file('pp.log'); | 133 is($t->read_file('pp4.log'), "192.0.2.1:123\n", 'tcp4 log'); |
125 like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); | 134 is($t->read_file('pp6.log'), "2001:db8::1:123\n", 'tcp6 log'); |
126 like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); | |
127 | 135 |
128 ############################################################################### | 136 ############################################################################### |
129 | 137 |
130 sub pp_get { | 138 sub pp_get { |
131 my ($url, $proxy) = @_; | 139 my ($url, $proxy) = @_; |