view fastcgi_header_params.t @ 1974:b5036a0f9ae0

Tests: improved compatibility when using recent "openssl" app. Starting with OpenSSL 3.0, "openssl genrsa" generates encrypted keys in PKCS#8 format instead of previously used PKCS#1 format. Further, since OpenSSL 1.1.0 such keys are using PBKDF2 hmacWithSHA256. Such keys are not supported by old SSL libraries, notably by OpenSSL before 1.0.0 (OpenSSL 0.9.8 only supports hmacWithSHA1) and by BoringSSL before May 21, 2019 (support for hmacWithSHA256 was added in 302a4dee6c), and trying to load such keys into nginx compiled with an old SSL library results in "unsupported prf" errors. To facilitate testing with old SSL libraries, keys are now generated with "openssl genrsa -traditional" if the flag is available.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 06 May 2024 00:04:26 +0300
parents b7d0e595e927
children a095b971fbcc
line wrap: on
line source

#!/usr/bin/perl

# (C) Maxim Dounin

# Test for fastcgi header params.

###############################################################################

use warnings;
use strict;

use Test::More;

BEGIN { use FindBin; chdir($FindBin::Bin); }

use lib 'lib';
use Test::Nginx;

###############################################################################

select STDERR; $| = 1;
select STDOUT; $| = 1;

eval { require FCGI; };
plan(skip_all => 'FCGI not installed') if $@;
plan(skip_all => 'win32') if $^O eq 'MSWin32';

my $t = Test::Nginx->new()->has(qw/http fastcgi/)->plan(4)
	->write_file_expand('nginx.conf', <<'EOF');

%%TEST_GLOBALS%%

daemon off;

events {
}

http {
    %%TEST_GLOBALS_HTTP%%

    server {
        listen       127.0.0.1:8080;
        server_name  localhost;

        location / {
            fastcgi_pass 127.0.0.1:8081;
            fastcgi_param HTTP_X_BLAH "blah";
        }
    }
}

EOF

$t->run_daemon(\&fastcgi_daemon);
$t->run()->waitforsocket('127.0.0.1:' . port(8081));

###############################################################################

like(http_get_headers('/'), qr/SEE-THIS/,
	'fastcgi request with many ignored headers');

TODO: {
local $TODO = 'not yet' unless $t->has_version('1.23.0');

my $r;

$r = http(<<EOF);
GET / HTTP/1.0
Host: localhost
X-Forwarded-For: foo
X-Forwarded-For: bar
X-Forwarded-For: bazz
Cookie: foo
Cookie: bar
Cookie: bazz
Foo: foo
Foo: bar
Foo: bazz

EOF

like($r, qr/X-Forwarded-For: foo, bar, bazz/,
	'fastcgi with multiple X-Forwarded-For headers');

like($r, qr/X-Cookie: foo; bar; bazz/,
	'fastcgi with multiple Cookie headers');

like($r, qr/X-Foo: foo, bar, bazz/,
	'fastcgi with multiple unknown headers');

}

###############################################################################

sub http_get_headers {
	my ($url, %extra) = @_;
	return http(<<EOF, %extra);
GET $url HTTP/1.0
Host: localhost
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header
X-Blah: ignored header

EOF
}

###############################################################################

sub fastcgi_daemon {
	my $socket = FCGI::OpenSocket('127.0.0.1:' . port(8081), 5);
	my $request = FCGI::Request(\*STDIN, \*STDOUT, \*STDERR, \%ENV,
		$socket);

	my $count;
	while( $request->Accept() >= 0 ) {
		$count++;

		my $xfwd = $ENV{HTTP_X_FORWARDED_FOR} || '';
		my $cookie = $ENV{HTTP_COOKIE} || '';
		my $foo = $ENV{HTTP_FOO} || '';

		print <<EOF;
Location: http://localhost/redirect
Content-Type: text/html
X-Forwarded-For: $xfwd
X-Cookie: $cookie
X-Foo: $foo

SEE-THIS
$count
EOF
	}

	FCGI::CloseSocket($socket);
}

###############################################################################