flyskype
/
openresty
mirror of https://github.com/openresty/openresty
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
stream-ppv2
1.19.9.x
1.21.4.x
1.25.3.x
cve
ngx-http-redis
v24.2
bump-1.21.4.2
rel
close_fd
1.19.3.x
1.17.8.x
1.15.8.x
nginx-1.13.8
v1.15.8.2
v0.8.54.3
v0.8.54.4
v0.8.54.5
v0.8.54.6
v0.8.54.8
v0.8.54.9
v1.0.10.1
v1.0.10.11
v1.0.10.13
v1.0.10.15
v1.0.10.17
v1.0.10.19
v1.0.10.21
v1.0.10.23
v1.0.10.24
v1.0.10.25
v1.0.10.27
v1.0.10.29
v1.0.10.3
v1.0.10.31
v1.0.10.33
v1.0.10.35
v1.0.10.41
v1.0.10.43
v1.0.10.44
v1.0.10.45
v1.0.10.47
v1.0.10.48
v1.0.10.5
v1.0.10.7
v1.0.10.9
v1.0.11.11
v1.0.11.15
v1.0.11.17
v1.0.11.19
v1.0.11.21
v1.0.11.23
v1.0.11.25
v1.0.11.27
v1.0.11.28
v1.0.11.3
v1.0.11.7
v1.0.11.9
v1.0.15.1
v1.0.15.10
v1.0.15.11
v1.0.15.3
v1.0.15.5
v1.0.15.7
v1.0.15.9
v1.0.4.0
v1.0.4.1
v1.0.4.2
v1.0.5.0
v1.0.5.1
v1.0.6.22
v1.0.6.3
v1.0.6.5
v1.0.8.1
v1.0.8.11
v1.0.8.13
v1.0.8.15
v1.0.8.17
v1.0.8.19
v1.0.8.21
v1.0.8.26
v1.0.8.3
v1.0.8.5
v1.0.8.7
v1.0.8.9
v1.0.9.1
v1.0.9.10
v1.0.9.3
v1.0.9.5
v1.0.9.7
v1.0.9.9
v1.1.12.3
v1.1.12.4
v1.1.12.5
v1.1.13.1
v1.11.2.1
v1.11.2.2
v1.11.2.3
v1.11.2.4
v1.11.2.5
v1.13.6.1
v1.13.6.2
v1.15.8.1
v1.15.8.1rc1
v1.15.8.1rc2
v1.15.8.3
v1.17.8.1
v1.17.8.1rc1
v1.17.8.2
v1.19.3.1
v1.19.3.1rc0
v1.19.3.1rc1
v1.19.3.2
v1.19.9.1
v1.19.9.1rc1
v1.19.9.2
v1.2.1.1
v1.2.1.11
v1.2.1.13
v1.2.1.14
v1.2.1.3
v1.2.1.5
v1.2.1.7
v1.2.1.9
v1.2.3.1
v1.2.3.3
v1.2.3.5
v1.2.3.7
v1.2.3.8
v1.2.4.1
v1.2.4.11
v1.2.4.13
v1.2.4.14
v1.2.4.3
v1.2.4.5
v1.2.4.7
v1.2.4.9
v1.2.6.1
v1.2.6.3
v1.2.6.5
v1.2.6.6
v1.2.7.1
v1.2.7.3
v1.2.7.5
v1.2.7.6
v1.2.7.8
v1.2.8.1
v1.2.8.3
v1.2.8.5
v1.2.8.6
v1.21.4.1
v1.21.4.1rc1
v1.21.4.1rc2
v1.21.4.1rc3
v1.21.4.2
v1.21.4.2rc1
v1.21.4.3
v1.21.4.4
v1.25.3.1
v1.25.3.2
v1.27.1.1
v1.27.1.2
v1.4.1.1
v1.4.1.3
v1.4.2.1
v1.4.2.3
v1.4.2.5
v1.4.2.7
v1.4.2.8
v1.4.2.9
v1.4.3.1
v1.4.3.3
v1.4.3.4
v1.4.3.6
v1.4.3.7
v1.4.3.9
v1.5.11.1
v1.5.12.1
v1.5.8.1
v1.7.0.1
v1.7.10.1
v1.7.10.2
v1.7.2.1
v1.7.4.1
v1.7.7.1
v1.7.7.2
v1.9.15.1
v1.9.3.1
v1.9.3.1rc1
v1.9.3.2
v1.9.7.1
v1.9.7.2
v1.9.7.3
v1.9.7.4
v1.9.7.5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ef772235d1'
${ noResults }
openresty/t/003-stream-proxy-protocol.t

157 lines
4.1 KiB
C
Raw Blame History

# vim:set ft= ts=4 sw=4 et fdm=marker:
use Test::Nginx::Socket::Lua::Stream;
master_on();
workers(2);
log_level('debug');
repeat_each(2);
plan tests => 14 * repeat_each();
#no_diff();
no_long_string();
run_tests();
__DATA__
=== TEST 1: Stream to HTTP proxy with Proxy Protocol v2
--- stream_config
upstream backend {
server 127.0.0.1:$TEST_NGINX_RAND_PORT_2 max_fails=3 fail_timeout=5s;
}
--- stream_server_config
proxy_pass backend;
proxy_protocol v2;
--- http_config
server {
listen 127.0.0.1:$TEST_NGINX_RAND_PORT_2 proxy_protocol;
location /t1 {
echo "hello world";
}
}
--- stream_request eval
"GET /t1 HTTP/1.0\r\nHost: localhost\r\n\r\n";
--- stream_response_like
hello world
--- no_error_log
[error]
--- grep_error_log eval: qr/PROXY protocol v2 src:.*/
--- grep_error_log_out eval
qr/PROXY protocol v2 src: 127\.0\.0\.1 \d+, dst: 127\.0\.0\.1 \d+/
=== TEST 2: Stream with Proxy Protocol tunnel (IPV4)
--- stream_config
upstream backend {
server 127.0.0.1:$TEST_NGINX_RAND_PORT_2 max_fails=3 fail_timeout=5s;
}
--- stream_server_config
proxy_pass backend;
set_real_ip_from 127.0.0.1/32;
proxy_protocol v2;
--- steam_listen_option
proxy_protocol
--- http_config
server {
set_real_ip_from 127.0.0.1/32;
listen 127.0.0.1:$TEST_NGINX_RAND_PORT_2 proxy_protocol;
location /t2 {
echo "$proxy_protocol_addr via proxy protocol v2";
}
}
--- stream_request eval
"PROXY TCP4 1.1.1.1 127.0.0.1 48078 1985\r\nGET /t2 HTTP/1.0\r\nHost: localhost\r\n\r\n";
--- stream_response_like
1.1.1.1 via proxy protocol v2
--- grep_error_log eval: qr/PROXY protocol v2 src:.*/
--- grep_error_log_out eval
qr/PROXY protocol v2 src: 1\.1\.1\.1 \d+, dst: 127\.0\.0\.1 \d+/
--- no_error_log
[error]
=== TEST 3: Stream with Proxy Protocol tunnel (IPV6)
--- stream_config
upstream backend {
server [::1]:$TEST_NGINX_RAND_PORT_2 max_fails=3 fail_timeout=5s;
}
--- stream_server_config
proxy_pass backend;
set_real_ip_from 127.0.0.1/32;
proxy_protocol v2;
--- steam_listen_option
proxy_protocol
--- http_config
server {
listen [::1]:$TEST_NGINX_RAND_PORT_2 proxy_protocol;
location /t3 {
echo "$proxy_protocol_addr via proxy protocol v2 IPv6";
}
}
--- stream_request eval
"PROXY TCP6 2001:0db8:85a3:0000:0000:8a2e:0370:7334 ::1 48078 1985\r\nGET /t3 HTTP/1.0\r\nHost: localhost\r\n\r\n";
--- stream_response_like
2001:db8:85a3::8a2e:370:7334 via proxy protocol v2 IPv6
--- no_error_log
[error]
=== TEST 4: Stream with TLS Extended Property Validation
--- stream_config
upstream backend {
server 127.0.0.1:$TEST_NGINX_RAND_PORT_2 max_fails=3 fail_timeout=5s;
}
server {
listen 12344 ssl;
proxy_pass backend;
proxy_protocol v2;
ssl_certificate test.crt;
ssl_certificate_key test.key;
}
--- stream_server_config
proxy_pass 127.0.0.1:12344;
proxy_ssl on;
--- http_config
server {
listen 127.0.0.1:$TEST_NGINX_RAND_PORT_2 proxy_protocol;
location /t4 {
echo "$proxy_protocol_addr $proxy_protocol_tlv_ssl_version $proxy_protocol_tlv_ssl_cipher $proxy_protocol_tlv_ssl_sig_alg $proxy_protocol_tlv_ssl_key_alg $proxy_protocol_tlv_ssl_verify via proxy protocol v2 IPv4";
}
}
--- post_setup_server_root
my $d = "t/servroot/conf";
open my $fh, '>', "$d/openssl.conf" or die "can`t open $d/openssl.conf: $!";
print $fh <<'END';
[ req ]
default_bits = 2048
encrypt_key = no
distinguished_name = req_distinguished_name
x509_extensions = myca_extensions
[ req_distinguished_name ]
[ myca_extensions ]
basicConstraints = critical,CA:TRUE
END
close $fh;
foreach my $name ('test') {
system('openssl req -x509 -new '
. "-config $d/openssl.conf -subj /CN=$name/ "
. "-out $d/$name.crt -keyout $d/$name.key "
. ">>$d/openssl.out 2>&1") == 0
or die "Can't create certificate for $name: $!\n";
}
--- stream_request eval
"GET /t4 HTTP/1.0\r\nHost: localhost\r\n\r\n";
--- stream_response_like
127.0.0.1 TLSv1.3 TLS_AES_256_GCM_SHA384 RSA-SHA256 RSA2048 0 via proxy protocol v2 IPv4
--- no_error_log
[error]
Reference in New Issue View Git Blame Copy Permalink