Mercurial > hg > nginx-tests

view limit_req.t @ 1858:cdcd75657e52

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added has_feature() tests for IO::Socket::SSL. The following distinct features supported: - "socket_ssl", which requires IO::Socket::SSL and also implies existance of the IO::Socket::SSL::SSL_VERIFY_NONE() symbol. It is used by most of the tests. - "socket_ssl_sni", which requires IO::Socket::SSL with the can_client_sni() function (1.84), and SNI support available in Net::SSLeay and the OpenSSL library being used. Used by ssl_sni.t, ssl_sni_sessions.t, stream_ssl_preread.t. Additional Net::SSLeay testing is believed to be unneeded and was removed. - "socket_ssl_alpn", which requires IO::Socket::SSL with ALPN support (2.009), and ALPN support in Net::SSLeay and the OpenSSL library being used. Used by h2_ssl.t, h2_ssl_verify_client.t, stream_ssl_alpn.t, stream_ssl_preread_alpn.t. - "socket_ssl_sslversion", which requires IO::Socket::SSL with the get_sslversion() and get_sslversion_int() methods (1.964). Used by mail_imap_ssl.t. - "socket_ssl_reused", which requires IO::Socket::SSL with the get_session_reused() method (2.057). To be used in the following patches. This makes it possible to simplify and unify various SSL tests.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 18 May 2023 18:07:02 +0300
parents 62e2baa3bc60
children
line wrap: on
line source

#!/usr/bin/perl

# (C) Maxim Dounin

# Tests for nginx limit_req module.

###############################################################################

use warnings;
use strict;

use Test::More;

BEGIN { use FindBin; chdir($FindBin::Bin); }

use lib 'lib';
use Test::Nginx;

###############################################################################

select STDERR; $| = 1;
select STDOUT; $| = 1;

my $t = Test::Nginx->new()->has(qw/http limit_req/)->plan(6);

$t->write_file_expand('nginx.conf', <<'EOF');

%%TEST_GLOBALS%%

daemon off;

events {
}

http {
    %%TEST_GLOBALS_HTTP%%

    limit_req_zone  $binary_remote_addr  zone=one:1m   rate=2r/s;
    limit_req_zone  $binary_remote_addr  zone=long:1m  rate=2r/s;
    limit_req_zone  $binary_remote_addr  zone=fast:1m  rate=1000r/s;

    server {
        listen       127.0.0.1:8080;
        server_name  localhost;
        location / {
            limit_req    zone=one  burst=1  nodelay;
        }
        location /status {
            limit_req    zone=one  burst=1  nodelay;

            limit_req_status  501;
        }
        location /long {
            limit_req    zone=long  burst=5;
        }
        location /fast {
            limit_req    zone=fast  burst=1;
        }
    }
}

EOF

$t->write_file('test1.html', 'XtestX');
$t->write_file('long.html', "1234567890\n" x (1 << 16));
$t->write_file('fast.html', 'XtestX');
$t->run();

###############################################################################

like(http_get('/test1.html'), qr/^HTTP\/1.. 200 /m, 'request');
http_get('/test1.html');
like(http_get('/test1.html'), qr/^HTTP\/1.. 503 /m, 'request rejected');
like(http_get('/status.html'), qr/^HTTP\/1.. 501 /m, 'request rejected status');
http_get('/test1.html');
http_get('/test1.html');

# Second request will be delayed by limit_req, make sure it isn't truncated.
# The bug only manifests itself if buffer will be filled, so sleep for a while
# before reading response.

my $l1 = length(http_get('/long.html'));
my $l2 = length(http_get('/long.html', sleep => 0.6));
is($l2, $l1, 'delayed big request not truncated');

# make sure rejected requests are not counted, and access is again allowed
# after 1/rate seconds

like(http_get('/test1.html'), qr/^HTTP\/1.. 200 /m, 'rejects not counted');

# make sure negative excess values are handled properly

http_get('/fast.html');
select undef, undef, undef, 0.1;
like(http_get('/fast.html'), qr/^HTTP\/1.. 200 /m, 'negative excess');

###############################################################################