# HG changeset patch # User Sergey Kandaurov # Date 1571918427 -10800 # Node ID b3bbb59dc324d46c8fd9de032154d0c55412bb76 # Parent ca0858ef7d3de35137ab1c4d16cccd02b40396bd Tests: merged $proxy_protocol_port tests with the rest for brevity. diff --git a/proxy_protocol.t b/proxy_protocol.t --- a/proxy_protocol.t +++ b/proxy_protocol.t @@ -26,7 +26,7 @@ select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/http access realip/); -$t->write_file_expand('nginx.conf', <<'EOF')->plan(18); +$t->write_file_expand('nginx.conf', <<'EOF')->plan(20); %%TEST_GLOBALS%% @@ -38,28 +38,32 @@ events { http { %%TEST_GLOBALS_HTTP%% - log_format pp '$remote_addr $request'; + log_format pp $remote_addr:$remote_port; server { listen 127.0.0.1:8080 proxy_protocol; server_name localhost; set_real_ip_from 127.0.0.1/32; - add_header X-IP $remote_addr; - add_header X-PP $proxy_protocol_addr; + add_header X-IP $remote_addr!$remote_port; + add_header X-PP $proxy_protocol_addr!$proxy_protocol_port; location /pp { real_ip_header proxy_protocol; error_page 404 =200 /t1; - access_log %%TESTDIR%%/pp.log pp; location /pp_4 { deny 192.0.2.1/32; + access_log %%TESTDIR%%/pp4.log pp; } + location /pp_6 { deny 2001:DB8::1/128; + access_log %%TESTDIR%%/pp6.log pp; } } + + location / { } } } @@ -70,8 +74,8 @@ EOF ############################################################################### -my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 1234 5678' . CRLF; -my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 1234 5678' . CRLF; +my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 123 5678' . CRLF; +my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 123 5678' . CRLF; my $unk1 = 'PROXY UNKNOWN' . CRLF; my $unk2 = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; my $r; @@ -80,28 +84,33 @@ my $r; $r = pp_get('/t1', $tcp4); like($r, qr/SEE-THIS/, 'tcp4 request'); -like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); -unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); +like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy'); +unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tcp4 client'); $r = pp_get('/t1', $tcp6); like($r, qr/SEE-THIS/, 'tcp6 request'); -like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); -unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); +like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy'); +unlike($r, qr/X-IP: (2001:DB8::1|[^!]+!123\x0d)/i, 'tcp6 client'); -like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); -like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); +$r = pp_get('/t1', $unk1); +like($r, qr/SEE-THIS/, 'unknown request 1'); +like($r, qr/X-PP: !\x0d/, 'unknown proxy 1'); + +$r = pp_get('/t1', $unk2); +like($r, qr/SEE-THIS/, 'unknown request 2'); +like($r, qr/X-PP: !\x0d/, 'unknown proxy 2'); # realip $r = pp_get('/pp', $tcp4); like($r, qr/SEE-THIS/, 'tcp4 request realip'); -like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); -like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); +like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy realip'); +like($r, qr/X-IP: 192.0.2.1!123\x0d/, 'tcp4 client realip'); $r = pp_get('/pp', $tcp6); like($r, qr/SEE-THIS/, 'tcp6 request realip'); -like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); -like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); +like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy realip'); +like($r, qr/X-IP: 2001:DB8::1!123\x0d/i, 'tcp6 client realip'); # access @@ -115,9 +124,8 @@ like($r, qr/403 Forbidden/, 'tcp6 access $t->stop(); -my $log = $t->read_file('pp.log'); -like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); -like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); +is($t->read_file('pp4.log'), "192.0.2.1:123\n", 'tcp4 log'); +is($t->read_file('pp6.log'), "2001:db8::1:123\n", 'tcp6 log'); ############################################################################### diff --git a/proxy_protocol2.t b/proxy_protocol2.t --- a/proxy_protocol2.t +++ b/proxy_protocol2.t @@ -24,7 +24,7 @@ select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/http access realip/); -$t->write_file_expand('nginx.conf', <<'EOF')->plan(21); +$t->write_file_expand('nginx.conf', <<'EOF')->plan(23); %%TEST_GLOBALS%% @@ -36,28 +36,32 @@ events { http { %%TEST_GLOBALS_HTTP%% - log_format pp '$remote_addr $request'; + log_format pp $remote_addr:$remote_port; server { listen 127.0.0.1:8080 proxy_protocol; server_name localhost; set_real_ip_from 127.0.0.1/32; - add_header X-IP $remote_addr; - add_header X-PP $proxy_protocol_addr; + add_header X-IP $remote_addr!$remote_port; + add_header X-PP $proxy_protocol_addr!$proxy_protocol_port; location /pp { real_ip_header proxy_protocol; error_page 404 =200 /t1; - access_log %%TESTDIR%%/pp.log pp; location /pp_4 { deny 192.0.2.1/32; + access_log %%TESTDIR%%/pp4.log pp; } + location /pp_6 { deny 2001:DB8::1/128; + access_log %%TESTDIR%%/pp6.log pp; } } + + location / { } } } @@ -69,10 +73,10 @@ EOF ############################################################################### my $p = pack("N3C", 0x0D0A0D0A, 0x000D0A51, 0x5549540A, 0x21); -my $tcp4 = $p . pack("CnN2n2", 0x11, 12, 0xc0000201, 0xc0000202, 1234, 5678); +my $tcp4 = $p . pack("CnN2n2", 0x11, 12, 0xc0000201, 0xc0000202, 123, 5678); my $tcp6 = $p . pack("CnNx8NNx8Nn2", 0x21, 36, - 0x20010db8, 0x00000001, 0x20010db8, 0x00000002, 1234, 5678); -my $tlv = $p . pack("CnN2n2x9", 0x11, 21, 0xc0000201, 0xc0000202, 1234, 5678); + 0x20010db8, 0x00000001, 0x20010db8, 0x00000002, 123, 5678); +my $tlv = $p . pack("CnN2n2x9", 0x11, 21, 0xc0000201, 0xc0000202, 123, 5678); my $unk1 = $p . pack("Cxx", 0x01); my $unk2 = $p . pack("CnC4", 0x41, 4, 1, 2, 3, 4); my $r; @@ -81,33 +85,38 @@ my $r; $r = pp_get('/t1', $tcp4); like($r, qr/SEE-THIS/, 'tcp4 request'); -like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy'); -unlike($r, qr/X-IP: 192.0.2.1/, 'tcp4 client'); +like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy'); +unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tcp4 client'); $r = pp_get('/t1', $tcp6); like($r, qr/SEE-THIS/, 'tcp6 request'); -like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy'); -unlike($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client'); +like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy'); +unlike($r, qr/X-IP: (2001:DB8::1|[^!]+!123\x0d)/i, 'tcp6 client'); $r = pp_get('/t1', $tlv); like($r, qr/SEE-THIS/, 'tlv request'); -like($r, qr/X-PP: 192.0.2.1/, 'tlv proxy'); -unlike($r, qr/X-IP: 192.0.2.1/, 'tlv client'); +like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tlv proxy'); +unlike($r, qr/X-IP: (192.0.2.1|[^!]+!123\x0d)/, 'tlv client'); -like(pp_get('/t1', $unk1), qr/SEE-THIS/, 'unknown request 1'); -like(pp_get('/t1', $unk2), qr/SEE-THIS/, 'unknown request 2'); +$r = pp_get('/t1', $unk1); +like($r, qr/SEE-THIS/, 'unknown request 1'); +like($r, qr/X-PP: !\x0d/, 'unknown proxy 1'); + +$r = pp_get('/t1', $unk2); +like($r, qr/SEE-THIS/, 'unknown request 2'); +like($r, qr/X-PP: !\x0d/, 'unknown proxy 2'); # realip $r = pp_get('/pp', $tcp4); like($r, qr/SEE-THIS/, 'tcp4 request realip'); -like($r, qr/X-PP: 192.0.2.1/, 'tcp4 proxy realip'); -like($r, qr/X-IP: 192.0.2.1/, 'tcp4 client realip'); +like($r, qr/X-PP: 192.0.2.1!123\x0d/, 'tcp4 proxy realip'); +like($r, qr/X-IP: 192.0.2.1!123\x0d/, 'tcp4 client realip'); $r = pp_get('/pp', $tcp6); like($r, qr/SEE-THIS/, 'tcp6 request realip'); -like($r, qr/X-PP: 2001:DB8::1/i, 'tcp6 proxy realip'); -like($r, qr/X-IP: 2001:DB8::1/i, 'tcp6 client realip'); +like($r, qr/X-PP: 2001:DB8::1!123\x0d/i, 'tcp6 proxy realip'); +like($r, qr/X-IP: 2001:DB8::1!123\x0d/i, 'tcp6 client realip'); # access @@ -121,9 +130,8 @@ like($r, qr/403 Forbidden/, 'tcp6 access $t->stop(); -my $log = $t->read_file('pp.log'); -like($log, qr!^192\.0\.2\.1 GET /pp_4!m, 'tcp4 access log'); -like($log, qr!^2001:DB8::1 GET /pp_6!mi, 'tcp6 access log'); +is($t->read_file('pp4.log'), "192.0.2.1:123\n", 'tcp4 log'); +is($t->read_file('pp6.log'), "2001:db8::1:123\n", 'tcp6 log'); ############################################################################### diff --git a/proxy_protocol2_port.t b/proxy_protocol2_port.t deleted file mode 100644 --- a/proxy_protocol2_port.t +++ /dev/null @@ -1,111 +0,0 @@ -#!/usr/bin/perl - -# (C) Andrey Zelenkov -# (C) Nginx, Inc. - -# Tests for proxy_protocol_port variable. - -############################################################################### - -use warnings; -use strict; - -use Test::More; - -BEGIN { use FindBin; chdir($FindBin::Bin); } - -use lib 'lib'; -use Test::Nginx; - -############################################################################### - -select STDERR; $| = 1; -select STDOUT; $| = 1; - -my $t = Test::Nginx->new()->has(qw/http realip/); - -$t->write_file_expand('nginx.conf', <<'EOF')->plan(8); - -%%TEST_GLOBALS%% - -daemon off; - -events { -} - -http { - %%TEST_GLOBALS_HTTP%% - - log_format port $proxy_protocol_port; - - server { - listen 127.0.0.1:8080 proxy_protocol; - server_name localhost; - - add_header X-PP-Port $proxy_protocol_port; - add_header X-Remote-Port $remote_port; - - location /pp { - real_ip_header proxy_protocol; - error_page 404 =200 /t; - - location /pp/real { - set_real_ip_from 127.0.0.1/32; - } - } - - location /log { - access_log %%TESTDIR%%/port.log port; - } - } -} - -EOF - -$t->write_file('t', 'SEE-THIS'); -$t->run(); - -############################################################################### - -my $p = pack("N3C", 0x0D0A0D0A, 0x000D0A51, 0x5549540A, 0x21); -my $tcp4 = $p . pack("CnN2n2", 0x11, 12, 0xc0000201, 0xc0000202, 123, 5678); -my $tcp6 = $p . pack("CnNx8NNx8Nn2", 0x21, 36, - 0x20010db8, 0x00000001, 0x20010db8, 0x00000002, 123, 5678); -my $unk = $p . pack("CnC4", 0x44, 4, 1, 2, 3, 4); - -# realip - -like(pp_get('/pp', $tcp4), qr/X-PP-Port: 123\x0d/, 'pp port tcp4'); -like(pp_get('/pp', $tcp6), qr/X-PP-Port: 123\x0d/, 'pp port tcp6'); -unlike(pp_get('/pp', $unk), qr/X-PP-Port/, 'pp port unknown'); - -# remote_port - -like(pp_get('/pp/real', $tcp4), qr/X-Remote-Port: 123\x0d/, 'remote port tcp4'); -unlike(pp_get('/pp', $tcp4), qr/X-Remote-Port: 123\x0d/, 'no remote port tcp4'); -like(pp_get('/pp/real', $tcp6), qr/X-Remote-Port: 123\x0d/, 'remote port tcp6'); -unlike(pp_get('/pp', $tcp6), qr/X-Remote-Port: 123\x0d/, 'no remote port tcp6'); - -# log - -pp_get('/log', $tcp4); - -$t->stop(); - -my $log = $t->read_file('/port.log'); -chomp $log; - -is($log, 123, 'pp port log'); - -############################################################################### - -sub pp_get { - my ($url, $proxy) = @_; - return http($proxy . <new()->has(qw/http realip/) - ->write_file_expand('nginx.conf', <<'EOF'); - -%%TEST_GLOBALS%% - -daemon off; - -events { -} - -http { - %%TEST_GLOBALS_HTTP%% - - log_format port $proxy_protocol_port; - - server { - listen 127.0.0.1:8080 proxy_protocol; - server_name localhost; - - add_header X-PP-Port $proxy_protocol_port; - add_header X-Remote-Port $remote_port; - - location /pp { - real_ip_header proxy_protocol; - error_page 404 =200 /t; - - location /pp/real { - set_real_ip_from 127.0.0.1/32; - } - } - - location /log { - access_log %%TESTDIR%%/port.log port; - } - } -} - -EOF - -$t->write_file('t', 'SEE-THIS'); -$t->run()->plan(8); - -############################################################################### - -my $tcp4 = 'PROXY TCP4 192.0.2.1 192.0.2.2 123 5678' . CRLF; -my $tcp6 = 'PROXY TCP6 2001:Db8::1 2001:Db8::2 123 5678' . CRLF; -my $unk = 'PROXY UNKNOWN 1 2 3 4 5 6' . CRLF; - -# realip - -like(pp_get('/pp', $tcp4), qr/X-PP-Port: 123\x0d/, 'pp port tcp4'); -like(pp_get('/pp', $tcp6), qr/X-PP-Port: 123\x0d/, 'pp port tcp6'); -unlike(pp_get('/pp', $unk), qr/X-PP-Port/, 'pp port unknown'); - -# remote_port - -like(pp_get('/pp/real', $tcp4), qr/X-Remote-Port: 123\x0d/, 'remote port tcp4'); -unlike(pp_get('/pp', $tcp4), qr/X-Remote-Port: 123\x0d/, 'no remote port tcp4'); -like(pp_get('/pp/real', $tcp6), qr/X-Remote-Port: 123\x0d/, 'remote port tcp6'); -unlike(pp_get('/pp', $tcp6), qr/X-Remote-Port: 123\x0d/, 'no remote port tcp6'); - -# log - -pp_get('/log', $tcp4); - -$t->stop(); - -my $log = $t->read_file('/port.log'); -chomp $log; - -is($log, 123, 'pp port log'); - -############################################################################### - -sub pp_get { - my ($url, $proxy) = @_; - return http($proxy . <