Mercurial > hg > nginx-tests

view http_resolver_ipv4.t @ 1847:a9704b9ed7a2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: removed multiple server certificates from ssl_ocsp.t. Multiple server certificates are not needed to test OCSP verification of client certificates (in contrast to OCSP stapling, where server certificates are verified, and different staples should be correctly returned with different server certificates). And using multiple server certificates causes issues when testing with LibreSSL due to broken sigalgs-based server certificate selection in LibreSSL with TLSv1.3. Accordingly, the test is simplified to do not use multiple server certificates.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 23 Mar 2023 19:50:26 +0300
parents 0b06942f0b8b
children 1786f49cca17
line wrap: on
line source

#!/usr/bin/perl

# (C) Sergey Kandaurov
# (C) Eugene Grebenschikov
# (C) Nginx, Inc.

# Tests for http resolver with ipv4/ipv6 parameters.

###############################################################################

use warnings;
use strict;

use Test::More;

BEGIN { use FindBin; chdir($FindBin::Bin); }

use lib 'lib';
use Test::Nginx;

###############################################################################

select STDERR; $| = 1;
select STDOUT; $| = 1;

my $t = Test::Nginx->new()->has(qw/http proxy rewrite/);

$t->write_file_expand('nginx.conf', <<'EOF');

%%TEST_GLOBALS%%

daemon off;

events {
}

http {
    %%TEST_GLOBALS_HTTP%%

    server {
        listen       127.0.0.1:8080;
        server_name  localhost;

        location / {
            proxy_pass  http://$arg_h:%%PORT_8081%%/;
            resolver  127.0.0.1:%%PORT_8980_UDP%% ipv4=on ipv6=on;
        }

        location /ipv4 {
            proxy_pass  http://$arg_h:%%PORT_8081%%/;
            resolver  127.0.0.1:%%PORT_8980_UDP%% ipv4=on ipv6=off;
        }

        location /ipv6 {
            proxy_pass  http://$arg_h:%%PORT_8081%%/;
            resolver  127.0.0.1:%%PORT_8980_UDP%% ipv4=off ipv6=on;
        }
    }

    server {
        listen       127.0.0.1:8081;
        server_name  localhost;

        location / {
            return  200 "ipv4";
        }
    }

    server {
        listen       [::1]:%%PORT_8081%%;
        server_name  localhost;

        location / {
            return  200 "ipv6";
        }
    }
}

EOF

$t->try_run('no resolver ipv4')->plan(3);

$t->run_daemon(\&dns_daemon, port(8980), $t);
$t->waitforfile($t->testdir . '/' . port(8980));

###############################################################################

like(many('/', 10), qr/ipv4: \d+, ipv6: \d+/, 'ipv4 ipv6');
is(many('/ipv4', 10), 'ipv4: 10', 'ipv4 only');
is(many('/ipv6', 10), 'ipv6: 10', 'ipv6 only');

###############################################################################

sub many {
	my ($uri, $count) = @_;
	my %hits;

	for (1 .. $count) {
		if (http_get("$uri?h=example.com") =~ /(ipv(4|6))/) {;
			$hits{$1} = 0 unless defined $hits{$1};
			$hits{$1}++;
		}
	}

	return join ', ', map { $_ . ": " . $hits{$_} } sort keys %hits;
}

###############################################################################

sub reply_handler {
	my ($recv_data, $port) = @_;

	my (@name, @rdata);

	use constant NOERROR	=> 0;

	use constant A		=> 1;
	use constant AAAA	=> 28;

	use constant IN		=> 1;

	# default values

	my ($hdr, $rcode, $ttl) = (0x8180, NOERROR, 3600);

	# decode name

	my ($len, $offset) = (undef, 12);
	while (1) {
		$len = unpack("\@$offset C", $recv_data);
		last if $len == 0;
		$offset++;
		push @name, unpack("\@$offset A$len", $recv_data);
		$offset += $len;
	}

	$offset -= 1;
	my ($id, $type, $class) = unpack("n x$offset n2", $recv_data);

	my $name = join('.', @name);
	if ($name eq 'example.com') {
		if ($type == A) {
			push @rdata, rd_addr($ttl, '127.0.0.1');
		}
		if ($type == AAAA) {
			push @rdata, rd_addr6($ttl, "::1");
		}
	}

	$len = @name;
	pack("n6 (C/a*)$len x n2", $id, $hdr | $rcode, 1, scalar @rdata,
		0, 0, @name, $type, $class) . join('', @rdata);
}

sub rd_addr {
	my ($ttl, $addr) = @_;

	my $code = 'split(/\./, $addr)';

	pack 'n3N nC4', 0xc00c, A, IN, $ttl, eval "scalar $code", eval($code);
}

sub expand_ip6 {
	my ($addr) = @_;

	substr ($addr, index($addr, "::"), 2) =
		join "0", map { ":" } (0 .. 8 - (split /:/, $addr) + 1);
	map { hex "0" x (4 - length $_) . "$_" } split /:/, $addr;
}

sub rd_addr6 {
	my ($ttl, $addr) = @_;

	pack 'n3N nn8', 0xc00c, AAAA, IN, $ttl, 16, expand_ip6($addr);
}

sub dns_daemon {
	my ($port, $t) = @_;

	my ($data, $recv_data);
	my $socket = IO::Socket::INET->new(
		LocalAddr => '127.0.0.1',
		LocalPort => $port,
		Proto => 'udp',
	)
		or die "Can't create listening socket: $!\n";

	# signal we are ready

	open my $fh, '>', $t->testdir() . '/' . $port;
	close $fh;

	while (1) {
		$socket->recv($recv_data, 65536);
		$data = reply_handler($recv_data, $port);
		$socket->send($data);
	}
}

###############################################################################