2017-09-23 08:56:58 +03:00
|
|
|
// Copyright 2015 Light Code Labs, LLC
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
package proxy
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"bytes"
|
2017-01-24 04:03:42 +03:00
|
|
|
"context"
|
2016-12-21 22:44:07 +03:00
|
|
|
"crypto/tls"
|
2016-06-06 06:51:56 +03:00
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
|
|
|
"log"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"net/url"
|
|
|
|
"os"
|
2017-09-12 04:49:02 +03:00
|
|
|
"path"
|
2016-06-06 06:51:56 +03:00
|
|
|
"path/filepath"
|
2016-09-17 02:40:30 +03:00
|
|
|
"reflect"
|
2016-06-06 06:51:56 +03:00
|
|
|
"runtime"
|
|
|
|
"strings"
|
2017-02-15 18:09:42 +03:00
|
|
|
"sync"
|
2016-08-02 22:39:15 +03:00
|
|
|
"sync/atomic"
|
2016-06-06 06:51:56 +03:00
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
2017-09-12 04:49:02 +03:00
|
|
|
"github.com/lucas-clemente/quic-go/h2quic"
|
2016-11-01 07:34:39 +03:00
|
|
|
"github.com/mholt/caddy/caddyfile"
|
2016-06-06 06:51:56 +03:00
|
|
|
"github.com/mholt/caddy/caddyhttp/httpserver"
|
|
|
|
|
|
|
|
"golang.org/x/net/websocket"
|
|
|
|
)
|
|
|
|
|
2016-12-21 22:44:07 +03:00
|
|
|
// This is a simple wrapper around httptest.NewTLSServer()
|
|
|
|
// which forcefully enables (among others) HTTP/2 support.
|
|
|
|
// The httptest package only supports HTTP/1.1 by default.
|
|
|
|
func newTLSServer(handler http.Handler) *httptest.Server {
|
|
|
|
ts := httptest.NewUnstartedServer(handler)
|
|
|
|
ts.TLS = new(tls.Config)
|
|
|
|
ts.TLS.NextProtos = []string{"h2"}
|
|
|
|
ts.StartTLS()
|
|
|
|
return ts
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
func TestReverseProxy(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
testHeaderValue := []string{"header-value"}
|
|
|
|
testHeaders := http.Header{
|
|
|
|
"X-Header-1": testHeaderValue,
|
|
|
|
"X-Header-2": testHeaderValue,
|
|
|
|
"X-Header-3": testHeaderValue,
|
|
|
|
}
|
|
|
|
testTrailerValue := []string{"trailer-value"}
|
|
|
|
testTrailers := http.Header{
|
|
|
|
"X-Trailer-1": testTrailerValue,
|
|
|
|
"X-Trailer-2": testTrailerValue,
|
|
|
|
"X-Trailer-3": testTrailerValue,
|
|
|
|
}
|
|
|
|
verifyHeaderValues := func(actual http.Header, expected http.Header) bool {
|
|
|
|
if actual == nil {
|
|
|
|
t.Error("Expected headers")
|
|
|
|
return true
|
2016-12-30 20:13:14 +03:00
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
for k := range expected {
|
|
|
|
if expected.Get(k) != actual.Get(k) {
|
|
|
|
t.Errorf("Expected header '%s' to be proxied properly", k)
|
|
|
|
return true
|
|
|
|
}
|
2016-12-30 20:13:14 +03:00
|
|
|
}
|
2017-05-13 19:08:33 +03:00
|
|
|
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
verifyHeadersTrailers := func(headers http.Header, trailers http.Header) {
|
|
|
|
if verifyHeaderValues(headers, testHeaders) || verifyHeaderValues(trailers, testTrailers) {
|
|
|
|
t.FailNow()
|
2016-12-30 20:13:14 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
requestReceived := false
|
2016-06-06 06:51:56 +03:00
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2016-12-30 20:13:14 +03:00
|
|
|
// read the body (even if it's empty) to make Go parse trailers
|
|
|
|
io.Copy(ioutil.Discard, r.Body)
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
verifyHeadersTrailers(r.Header, r.Trailer)
|
2016-06-06 06:51:56 +03:00
|
|
|
requestReceived = true
|
2016-12-30 20:13:14 +03:00
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
// Set headers.
|
|
|
|
copyHeader(w.Header(), testHeaders)
|
|
|
|
|
|
|
|
// Only announce one of the trailers to test wether
|
|
|
|
// unannounced trailers are proxied correctly.
|
|
|
|
for k := range testTrailers {
|
|
|
|
w.Header().Set("Trailer", k)
|
|
|
|
break
|
|
|
|
}
|
|
|
|
|
2016-12-30 20:13:14 +03:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2016-06-06 06:51:56 +03:00
|
|
|
w.Write([]byte("Hello, client"))
|
2017-05-13 19:08:33 +03:00
|
|
|
|
|
|
|
// Set trailers.
|
|
|
|
shallowCopyTrailers(w.Header(), testTrailers, true)
|
2016-06-06 06:51:56 +03:00
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
2015-06-07 20:07:23 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
2016-06-06 06:51:56 +03:00
|
|
|
Upstreams: []Upstream{newFakeUpstream(backend.URL, false)},
|
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
// Create the fake request body.
|
|
|
|
// This will copy "trailersToSet" to r.Trailer right before it is closed and
|
|
|
|
// thus test for us wether unannounced client trailers are proxied correctly.
|
|
|
|
body := &trailerTestStringReader{
|
|
|
|
Reader: *strings.NewReader("test"),
|
|
|
|
trailersToSet: testTrailers,
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create the fake request with the above body.
|
|
|
|
r := httptest.NewRequest("GET", "/", body)
|
|
|
|
r.Trailer = make(http.Header)
|
|
|
|
body.request = r
|
|
|
|
|
|
|
|
copyHeader(r.Header, testHeaders)
|
2016-06-06 06:51:56 +03:00
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
// Only announce one of the trailers to test wether
|
|
|
|
// unannounced trailers are proxied correctly.
|
|
|
|
for k, v := range testTrailers {
|
|
|
|
r.Trailer[k] = v
|
|
|
|
break
|
2016-12-30 20:13:14 +03:00
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
w := httptest.NewRecorder()
|
2016-06-06 06:51:56 +03:00
|
|
|
p.ServeHTTP(w, r)
|
2017-05-13 19:08:33 +03:00
|
|
|
res := w.Result()
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
if !requestReceived {
|
|
|
|
t.Error("Expected backend to receive request, but it didn't")
|
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
verifyHeadersTrailers(res.Header, res.Trailer)
|
2016-12-30 20:13:14 +03:00
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
// Make sure {upstream} placeholder is set
|
2017-01-19 01:34:25 +03:00
|
|
|
r.Body = ioutil.NopCloser(strings.NewReader("test"))
|
2017-05-05 18:42:06 +03:00
|
|
|
rr := httpserver.NewResponseRecorder(testResponseRecorder{
|
|
|
|
ResponseWriterWrapper: &httpserver.ResponseWriterWrapper{ResponseWriter: httptest.NewRecorder()},
|
|
|
|
})
|
2016-06-06 06:51:56 +03:00
|
|
|
rr.Replacer = httpserver.NewReplacer(r, rr, "-")
|
|
|
|
|
|
|
|
p.ServeHTTP(rr, r)
|
|
|
|
|
|
|
|
if got, want := rr.Replacer.Replace("{upstream}"), backend.URL; got != want {
|
|
|
|
t.Errorf("Expected custom placeholder {upstream} to be set (%s), but it wasn't; got: %s", want, got)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-13 19:08:33 +03:00
|
|
|
// trailerTestStringReader is used to test unannounced trailers coming
|
|
|
|
// from a client which should properly be proxied to the upstream.
|
|
|
|
type trailerTestStringReader struct {
|
|
|
|
strings.Reader
|
|
|
|
request *http.Request
|
|
|
|
trailersToSet http.Header
|
|
|
|
}
|
|
|
|
|
|
|
|
var _ io.ReadCloser = &trailerTestStringReader{}
|
|
|
|
|
|
|
|
func (r *trailerTestStringReader) Close() error {
|
|
|
|
copyHeader(r.request.Trailer, r.trailersToSet)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
func TestReverseProxyInsecureSkipVerify(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
var requestReceived bool
|
2016-12-21 22:44:07 +03:00
|
|
|
var requestWasHTTP2 bool
|
|
|
|
backend := newTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2016-06-06 06:51:56 +03:00
|
|
|
requestReceived = true
|
2016-12-21 22:44:07 +03:00
|
|
|
requestWasHTTP2 = r.ProtoAtLeast(2, 0)
|
2016-06-06 06:51:56 +03:00
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
2015-06-07 20:07:23 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
2016-06-06 06:51:56 +03:00
|
|
|
Upstreams: []Upstream{newFakeUpstream(backend.URL, true)},
|
|
|
|
}
|
|
|
|
|
|
|
|
// create request and response recorder
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
2016-06-06 06:51:56 +03:00
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
if !requestReceived {
|
|
|
|
t.Error("Even with insecure HTTPS, expected backend to receive request, but it didn't")
|
|
|
|
}
|
2016-12-21 22:44:07 +03:00
|
|
|
if !requestWasHTTP2 {
|
|
|
|
t.Error("Even with insecure HTTPS, expected proxy to use HTTP/2")
|
|
|
|
}
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
2017-02-15 18:09:42 +03:00
|
|
|
// This test will fail when using the race detector without atomic reads &
|
|
|
|
// writes of UpstreamHost.Conns and UpstreamHost.Unhealthy.
|
|
|
|
func TestReverseProxyMaxConnLimit(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
const MaxTestConns = 2
|
|
|
|
connReceived := make(chan bool, MaxTestConns)
|
|
|
|
connContinue := make(chan bool)
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
connReceived <- true
|
|
|
|
<-connContinue
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
su, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(`
|
|
|
|
proxy / `+backend.URL+` {
|
|
|
|
max_conns `+fmt.Sprint(MaxTestConns)+`
|
|
|
|
}
|
2017-04-17 18:58:47 +03:00
|
|
|
`)), "")
|
2017-02-15 18:09:42 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: su,
|
|
|
|
}
|
|
|
|
|
|
|
|
var jobs sync.WaitGroup
|
|
|
|
|
|
|
|
for i := 0; i < MaxTestConns; i++ {
|
|
|
|
jobs.Add(1)
|
|
|
|
go func(i int) {
|
|
|
|
defer jobs.Done()
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
code, err := p.ServeHTTP(w, httptest.NewRequest("GET", "/", nil))
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Request %d failed: %v", i, err)
|
|
|
|
} else if code != 0 {
|
|
|
|
t.Errorf("Bad return code for request %d: %d", i, code)
|
|
|
|
} else if w.Code != 200 {
|
|
|
|
t.Errorf("Bad statuc code for request %d: %d", i, w.Code)
|
|
|
|
}
|
|
|
|
}(i)
|
|
|
|
}
|
|
|
|
// Wait for all the requests to hit the backend.
|
|
|
|
for i := 0; i < MaxTestConns; i++ {
|
|
|
|
<-connReceived
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now we should have MaxTestConns requests connected and sitting on the backend
|
|
|
|
// server. Verify that the next request is rejected.
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
code, err := p.ServeHTTP(w, httptest.NewRequest("GET", "/", nil))
|
|
|
|
if code != http.StatusBadGateway {
|
|
|
|
t.Errorf("Expected request to be rejected, but got: %d [%v]\nStatus code: %d",
|
|
|
|
code, err, w.Code)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now let all the requests complete and verify the status codes for those:
|
|
|
|
close(connContinue)
|
|
|
|
|
|
|
|
// Wait for the initial requests to finish and check their results.
|
|
|
|
jobs.Wait()
|
|
|
|
}
|
|
|
|
|
2016-10-11 05:15:33 +03:00
|
|
|
func TestWebSocketReverseProxyNonHijackerPanic(t *testing.T) {
|
|
|
|
// Capture the expected panic
|
|
|
|
defer func() {
|
|
|
|
r := recover()
|
|
|
|
if _, ok := r.(httpserver.NonHijackerError); !ok {
|
|
|
|
t.Error("not get the expected panic")
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
var connCount int32
|
|
|
|
wsNop := httptest.NewServer(websocket.Handler(func(ws *websocket.Conn) { atomic.AddInt32(&connCount, 1) }))
|
|
|
|
defer wsNop.Close()
|
|
|
|
|
|
|
|
// Get proxy to use for the test
|
2016-12-26 22:53:18 +03:00
|
|
|
p := newWebSocketTestProxy(wsNop.URL, false)
|
2016-10-11 05:15:33 +03:00
|
|
|
|
|
|
|
// Create client request
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
|
|
|
|
2016-10-11 05:15:33 +03:00
|
|
|
r.Header = http.Header{
|
|
|
|
"Connection": {"Upgrade"},
|
|
|
|
"Upgrade": {"websocket"},
|
|
|
|
"Origin": {wsNop.URL},
|
|
|
|
"Sec-WebSocket-Key": {"x3JJHMbDL1EzLkh9GBhXDw=="},
|
|
|
|
"Sec-WebSocket-Version": {"13"},
|
|
|
|
}
|
|
|
|
|
|
|
|
nonHijacker := httptest.NewRecorder()
|
|
|
|
p.ServeHTTP(nonHijacker, r)
|
|
|
|
}
|
|
|
|
|
2017-09-23 03:10:48 +03:00
|
|
|
func TestWebSocketReverseProxyBackendShutDown(t *testing.T) {
|
|
|
|
shutdown := make(chan struct{})
|
|
|
|
backend := httptest.NewServer(websocket.Handler(func(ws *websocket.Conn) {
|
|
|
|
shutdown <- struct{}{}
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
<-shutdown
|
|
|
|
backend.Close()
|
|
|
|
}()
|
|
|
|
|
|
|
|
// Get proxy to use for the test
|
|
|
|
p := newWebSocketTestProxy(backend.URL, false)
|
|
|
|
backendProxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
defer backendProxy.Close()
|
|
|
|
|
|
|
|
// Set up WebSocket client
|
|
|
|
url := strings.Replace(backendProxy.URL, "http://", "ws://", 1)
|
|
|
|
ws, err := websocket.Dial(url, "", backendProxy.URL)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
defer ws.Close()
|
|
|
|
|
|
|
|
var actualMsg string
|
|
|
|
if rcvErr := websocket.Message.Receive(ws, &actualMsg); rcvErr == nil {
|
|
|
|
t.Errorf("we don't get backend shutdown notification")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
func TestWebSocketReverseProxyServeHTTPHandler(t *testing.T) {
|
|
|
|
// No-op websocket backend simply allows the WS connection to be
|
|
|
|
// accepted then it will be immediately closed. Perfect for testing.
|
2017-05-09 06:16:18 +03:00
|
|
|
accepted := make(chan struct{})
|
|
|
|
wsNop := httptest.NewServer(websocket.Handler(func(ws *websocket.Conn) { close(accepted) }))
|
2016-06-06 06:51:56 +03:00
|
|
|
defer wsNop.Close()
|
|
|
|
|
|
|
|
// Get proxy to use for the test
|
2016-12-26 22:53:18 +03:00
|
|
|
p := newWebSocketTestProxy(wsNop.URL, false)
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// Create client request
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
r.Header = http.Header{
|
|
|
|
"Connection": {"Upgrade"},
|
|
|
|
"Upgrade": {"websocket"},
|
|
|
|
"Origin": {wsNop.URL},
|
|
|
|
"Sec-WebSocket-Key": {"x3JJHMbDL1EzLkh9GBhXDw=="},
|
|
|
|
"Sec-WebSocket-Version": {"13"},
|
|
|
|
}
|
|
|
|
|
|
|
|
// Capture the request
|
|
|
|
w := &recorderHijacker{httptest.NewRecorder(), new(fakeConn)}
|
|
|
|
|
|
|
|
// Booya! Do the test.
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
// Make sure the backend accepted the WS connection.
|
|
|
|
// Mostly interested in the Upgrade and Connection response headers
|
|
|
|
// and the 101 status code.
|
|
|
|
expected := []byte("HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: HSmrc0sMlYUkAGmm5OPpG2HaGWk=\r\n\r\n")
|
|
|
|
actual := w.fakeConn.writeBuf.Bytes()
|
|
|
|
if !bytes.Equal(actual, expected) {
|
|
|
|
t.Errorf("Expected backend to accept response:\n'%s'\nActually got:\n'%s'", expected, actual)
|
|
|
|
}
|
2017-05-09 06:16:18 +03:00
|
|
|
|
|
|
|
// wait a minute for backend handling, see issue 1654.
|
|
|
|
time.Sleep(10 * time.Millisecond)
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-accepted:
|
|
|
|
default:
|
|
|
|
t.Error("Expect a accepted websocket connection, but not")
|
2016-04-17 03:45:18 +03:00
|
|
|
}
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketReverseProxyFromWSClient(t *testing.T) {
|
|
|
|
// Echo server allows us to test that socket bytes are properly
|
|
|
|
// being proxied.
|
|
|
|
wsEcho := httptest.NewServer(websocket.Handler(func(ws *websocket.Conn) {
|
|
|
|
io.Copy(ws, ws)
|
|
|
|
}))
|
|
|
|
defer wsEcho.Close()
|
|
|
|
|
|
|
|
// Get proxy to use for the test
|
2016-12-26 22:53:18 +03:00
|
|
|
p := newWebSocketTestProxy(wsEcho.URL, false)
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// This is a full end-end test, so the proxy handler
|
|
|
|
// has to be part of a server listening on a port. Our
|
|
|
|
// WS client will connect to this test server, not
|
|
|
|
// the echo client directly.
|
|
|
|
echoProxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
defer echoProxy.Close()
|
|
|
|
|
|
|
|
// Set up WebSocket client
|
|
|
|
url := strings.Replace(echoProxy.URL, "http://", "ws://", 1)
|
|
|
|
ws, err := websocket.Dial(url, "", echoProxy.URL)
|
2016-10-25 18:28:53 +03:00
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
defer ws.Close()
|
|
|
|
|
|
|
|
// Send test message
|
|
|
|
trialMsg := "Is it working?"
|
2016-10-25 18:28:53 +03:00
|
|
|
|
|
|
|
if sendErr := websocket.Message.Send(ws, trialMsg); sendErr != nil {
|
|
|
|
t.Fatal(sendErr)
|
|
|
|
}
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// It should be echoed back to us
|
|
|
|
var actualMsg string
|
2016-10-25 18:28:53 +03:00
|
|
|
|
|
|
|
if rcvErr := websocket.Message.Receive(ws, &actualMsg); rcvErr != nil {
|
|
|
|
t.Fatal(rcvErr)
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
if actualMsg != trialMsg {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", trialMsg, actualMsg)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-12-26 22:53:18 +03:00
|
|
|
func TestWebSocketReverseProxyFromWSSClient(t *testing.T) {
|
|
|
|
wsEcho := newTLSServer(websocket.Handler(func(ws *websocket.Conn) {
|
|
|
|
io.Copy(ws, ws)
|
|
|
|
}))
|
|
|
|
defer wsEcho.Close()
|
|
|
|
|
|
|
|
p := newWebSocketTestProxy(wsEcho.URL, true)
|
|
|
|
|
|
|
|
echoProxy := newTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
defer echoProxy.Close()
|
|
|
|
|
|
|
|
// Set up WebSocket client
|
|
|
|
url := strings.Replace(echoProxy.URL, "https://", "wss://", 1)
|
|
|
|
wsCfg, err := websocket.NewConfig(url, echoProxy.URL)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
wsCfg.TlsConfig = &tls.Config{InsecureSkipVerify: true}
|
|
|
|
ws, err := websocket.DialConfig(wsCfg)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
defer ws.Close()
|
|
|
|
|
|
|
|
// Send test message
|
|
|
|
trialMsg := "Is it working?"
|
|
|
|
|
|
|
|
if sendErr := websocket.Message.Send(ws, trialMsg); sendErr != nil {
|
|
|
|
t.Fatal(sendErr)
|
|
|
|
}
|
|
|
|
|
|
|
|
// It should be echoed back to us
|
|
|
|
var actualMsg string
|
|
|
|
|
|
|
|
if rcvErr := websocket.Message.Receive(ws, &actualMsg); rcvErr != nil {
|
|
|
|
t.Fatal(rcvErr)
|
|
|
|
}
|
|
|
|
|
|
|
|
if actualMsg != trialMsg {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", trialMsg, actualMsg)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
func TestUnixSocketProxy(t *testing.T) {
|
|
|
|
if runtime.GOOS == "windows" {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
trialMsg := "Is it working?"
|
|
|
|
|
|
|
|
var proxySuccess bool
|
|
|
|
|
|
|
|
// This is our fake "application" we want to proxy to
|
|
|
|
ts := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// Request was proxied when this is called
|
|
|
|
proxySuccess = true
|
|
|
|
|
|
|
|
fmt.Fprint(w, trialMsg)
|
|
|
|
}))
|
|
|
|
|
|
|
|
// Get absolute path for unix: socket
|
2016-11-29 08:26:54 +03:00
|
|
|
dir, err := ioutil.TempDir("", "caddy_proxytest")
|
2016-06-06 06:51:56 +03:00
|
|
|
if err != nil {
|
2016-08-30 04:09:46 +03:00
|
|
|
t.Fatalf("Failed to make temp dir to contain unix socket. %v", err)
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
2016-11-29 08:26:54 +03:00
|
|
|
defer os.RemoveAll(dir)
|
2016-08-30 04:09:46 +03:00
|
|
|
socketPath := filepath.Join(dir, "test_socket")
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// Change httptest.Server listener to listen to unix: socket
|
|
|
|
ln, err := net.Listen("unix", socketPath)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Unable to listen: %v", err)
|
|
|
|
}
|
|
|
|
ts.Listener = ln
|
|
|
|
|
|
|
|
ts.Start()
|
|
|
|
defer ts.Close()
|
|
|
|
|
|
|
|
url := strings.Replace(ts.URL, "http://", "unix:", 1)
|
2016-12-26 22:53:18 +03:00
|
|
|
p := newWebSocketTestProxy(url, false)
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
echoProxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
defer echoProxy.Close()
|
|
|
|
|
|
|
|
res, err := http.Get(echoProxy.URL)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Unable to GET: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
greeting, err := ioutil.ReadAll(res.Body)
|
|
|
|
res.Body.Close()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Unable to GET: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
actualMsg := fmt.Sprintf("%s", greeting)
|
|
|
|
|
|
|
|
if !proxySuccess {
|
|
|
|
t.Errorf("Expected request to be proxied, but it wasn't")
|
|
|
|
}
|
|
|
|
|
|
|
|
if actualMsg != trialMsg {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", trialMsg, actualMsg)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func GetHTTPProxy(messageFormat string, prefix string) (*Proxy, *httptest.Server) {
|
|
|
|
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
fmt.Fprintf(w, messageFormat, r.URL.String())
|
|
|
|
}))
|
|
|
|
|
|
|
|
return newPrefixedWebSocketTestProxy(ts.URL, prefix), ts
|
|
|
|
}
|
|
|
|
|
2016-11-29 08:26:54 +03:00
|
|
|
func GetSocketProxy(messageFormat string, prefix string) (*Proxy, *httptest.Server, string, error) {
|
2016-06-06 06:51:56 +03:00
|
|
|
ts := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
fmt.Fprintf(w, messageFormat, r.URL.String())
|
|
|
|
}))
|
|
|
|
|
2016-11-29 08:26:54 +03:00
|
|
|
dir, err := ioutil.TempDir("", "caddy_proxytest")
|
2016-06-06 06:51:56 +03:00
|
|
|
if err != nil {
|
2016-11-29 08:26:54 +03:00
|
|
|
return nil, nil, dir, fmt.Errorf("Failed to make temp dir to contain unix socket. %v", err)
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
2016-08-30 04:09:46 +03:00
|
|
|
socketPath := filepath.Join(dir, "test_socket")
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
ln, err := net.Listen("unix", socketPath)
|
|
|
|
if err != nil {
|
2016-11-29 08:26:54 +03:00
|
|
|
os.RemoveAll(dir)
|
|
|
|
return nil, nil, dir, fmt.Errorf("Unable to listen: %v", err)
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
ts.Listener = ln
|
|
|
|
|
|
|
|
ts.Start()
|
|
|
|
|
|
|
|
tsURL := strings.Replace(ts.URL, "http://", "unix:", 1)
|
|
|
|
|
2016-11-29 08:26:54 +03:00
|
|
|
return newPrefixedWebSocketTestProxy(tsURL, prefix), ts, dir, nil
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func GetTestServerMessage(p *Proxy, ts *httptest.Server, path string) (string, error) {
|
|
|
|
echoProxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
|
|
|
|
// *httptest.Server is passed so it can be `defer`red properly
|
|
|
|
defer ts.Close()
|
|
|
|
defer echoProxy.Close()
|
|
|
|
|
|
|
|
res, err := http.Get(echoProxy.URL + path)
|
|
|
|
if err != nil {
|
|
|
|
return "", fmt.Errorf("Unable to GET: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
greeting, err := ioutil.ReadAll(res.Body)
|
|
|
|
res.Body.Close()
|
|
|
|
if err != nil {
|
|
|
|
return "", fmt.Errorf("Unable to read body: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return fmt.Sprintf("%s", greeting), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestUnixSocketProxyPaths(t *testing.T) {
|
|
|
|
greeting := "Hello route %s"
|
|
|
|
|
|
|
|
tests := []struct {
|
|
|
|
url string
|
|
|
|
prefix string
|
|
|
|
expected string
|
|
|
|
}{
|
|
|
|
{"", "", fmt.Sprintf(greeting, "/")},
|
|
|
|
{"/hello", "", fmt.Sprintf(greeting, "/hello")},
|
|
|
|
{"/foo/bar", "", fmt.Sprintf(greeting, "/foo/bar")},
|
|
|
|
{"/foo?bar", "", fmt.Sprintf(greeting, "/foo?bar")},
|
|
|
|
{"/greet?name=john", "", fmt.Sprintf(greeting, "/greet?name=john")},
|
|
|
|
{"/world?wonderful&colorful", "", fmt.Sprintf(greeting, "/world?wonderful&colorful")},
|
|
|
|
{"/proxy/hello", "/proxy", fmt.Sprintf(greeting, "/hello")},
|
|
|
|
{"/proxy/foo/bar", "/proxy", fmt.Sprintf(greeting, "/foo/bar")},
|
|
|
|
{"/proxy/?foo=bar", "/proxy", fmt.Sprintf(greeting, "/?foo=bar")},
|
|
|
|
{"/queues/%2F/fetchtasks", "", fmt.Sprintf(greeting, "/queues/%2F/fetchtasks")},
|
|
|
|
{"/queues/%2F/fetchtasks?foo=bar", "", fmt.Sprintf(greeting, "/queues/%2F/fetchtasks?foo=bar")},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range tests {
|
|
|
|
p, ts := GetHTTPProxy(greeting, test.prefix)
|
|
|
|
|
|
|
|
actualMsg, err := GetTestServerMessage(p, ts, test.url)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Getting server message failed - %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if actualMsg != test.expected {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", test.expected, actualMsg)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if runtime.GOOS == "windows" {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range tests {
|
2016-11-29 08:26:54 +03:00
|
|
|
p, ts, tmpdir, err := GetSocketProxy(greeting, test.prefix)
|
2016-06-06 06:51:56 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Getting socket proxy failed - %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
actualMsg, err := GetTestServerMessage(p, ts, test.url)
|
|
|
|
|
|
|
|
if err != nil {
|
2016-11-29 08:26:54 +03:00
|
|
|
os.RemoveAll(tmpdir)
|
2016-06-06 06:51:56 +03:00
|
|
|
t.Fatalf("Getting server message failed - %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if actualMsg != test.expected {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", test.expected, actualMsg)
|
|
|
|
}
|
2016-11-29 08:26:54 +03:00
|
|
|
|
|
|
|
os.RemoveAll(tmpdir)
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestUpstreamHeadersUpdate(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
var actualHeaders http.Header
|
2016-08-04 08:01:52 +03:00
|
|
|
var actualHost string
|
2016-06-06 06:51:56 +03:00
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
actualHeaders = r.Header
|
2016-08-04 08:01:52 +03:00
|
|
|
actualHost = r.Host
|
2016-06-06 06:51:56 +03:00
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
upstream := newFakeUpstream(backend.URL, false)
|
|
|
|
upstream.host.UpstreamHeaders = http.Header{
|
|
|
|
"Connection": {"{>Connection}"},
|
|
|
|
"Upgrade": {"{>Upgrade}"},
|
|
|
|
"+Merge-Me": {"Merge-Value"},
|
|
|
|
"+Add-Me": {"Add-Value"},
|
2016-11-17 07:41:53 +03:00
|
|
|
"+Add-Empty": {"{}"},
|
2016-06-06 06:51:56 +03:00
|
|
|
"-Remove-Me": {""},
|
|
|
|
"Replace-Me": {"{hostname}"},
|
2016-11-17 07:41:53 +03:00
|
|
|
"Clear-Me": {""},
|
2016-08-04 08:01:52 +03:00
|
|
|
"Host": {"{>Host}"},
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
2015-06-07 20:07:23 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
2016-06-06 06:51:56 +03:00
|
|
|
Upstreams: []Upstream{upstream},
|
|
|
|
}
|
|
|
|
|
|
|
|
// create request and response recorder
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
2016-06-06 06:51:56 +03:00
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
2016-08-04 08:01:52 +03:00
|
|
|
const expectHost = "example.com"
|
2016-06-06 06:51:56 +03:00
|
|
|
//add initial headers
|
|
|
|
r.Header.Add("Merge-Me", "Initial")
|
|
|
|
r.Header.Add("Remove-Me", "Remove-Value")
|
|
|
|
r.Header.Add("Replace-Me", "Replace-Value")
|
2016-08-04 08:01:52 +03:00
|
|
|
r.Header.Add("Host", expectHost)
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
replacer := httpserver.NewReplacer(r, nil, "")
|
|
|
|
|
2017-01-08 16:07:33 +03:00
|
|
|
for headerKey, expect := range map[string][]string{
|
|
|
|
"Merge-Me": {"Initial", "Merge-Value"},
|
|
|
|
"Add-Me": {"Add-Value"},
|
|
|
|
"Add-Empty": nil,
|
|
|
|
"Remove-Me": nil,
|
|
|
|
"Replace-Me": {replacer.Replace("{hostname}")},
|
|
|
|
"Clear-Me": nil,
|
|
|
|
} {
|
|
|
|
if got := actualHeaders[headerKey]; !reflect.DeepEqual(got, expect) {
|
|
|
|
t.Errorf("Upstream request does not contain expected %v header: expect %v, but got %v",
|
|
|
|
headerKey, expect, got)
|
|
|
|
}
|
2016-11-17 07:41:53 +03:00
|
|
|
}
|
|
|
|
|
2016-08-04 08:01:52 +03:00
|
|
|
if actualHost != expectHost {
|
|
|
|
t.Errorf("Request sent to upstream backend should have value of Host with %s, but got %s", expectHost, actualHost)
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestDownstreamHeadersUpdate(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Header().Add("Merge-Me", "Initial")
|
|
|
|
w.Header().Add("Remove-Me", "Remove-Value")
|
|
|
|
w.Header().Add("Replace-Me", "Replace-Value")
|
2016-09-17 02:42:42 +03:00
|
|
|
w.Header().Add("Content-Type", "text/html")
|
|
|
|
w.Header().Add("Overwrite-Me", "Overwrite-Value")
|
2016-06-06 06:51:56 +03:00
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
upstream := newFakeUpstream(backend.URL, false)
|
|
|
|
upstream.host.DownstreamHeaders = http.Header{
|
|
|
|
"+Merge-Me": {"Merge-Value"},
|
|
|
|
"+Add-Me": {"Add-Value"},
|
|
|
|
"-Remove-Me": {""},
|
|
|
|
"Replace-Me": {"{hostname}"},
|
|
|
|
}
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
2015-06-07 20:07:23 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
2016-06-06 06:51:56 +03:00
|
|
|
Upstreams: []Upstream{upstream},
|
|
|
|
}
|
|
|
|
|
|
|
|
// create request and response recorder
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
2016-06-06 06:51:56 +03:00
|
|
|
w := httptest.NewRecorder()
|
2016-09-17 02:42:42 +03:00
|
|
|
// set a predefined skip header
|
|
|
|
w.Header().Set("Content-Type", "text/css")
|
|
|
|
// set a predefined overwritten header
|
|
|
|
w.Header().Set("Overwrite-Me", "Initial")
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
replacer := httpserver.NewReplacer(r, nil, "")
|
|
|
|
actualHeaders := w.Header()
|
|
|
|
|
2017-01-08 16:07:33 +03:00
|
|
|
for headerKey, expect := range map[string][]string{
|
|
|
|
"Merge-Me": {"Initial", "Merge-Value"},
|
|
|
|
"Add-Me": {"Add-Value"},
|
|
|
|
"Remove-Me": nil,
|
|
|
|
"Replace-Me": {replacer.Replace("{hostname}")},
|
|
|
|
"Content-Type": {"text/css"},
|
|
|
|
"Overwrite-Me": {"Overwrite-Value"},
|
|
|
|
} {
|
|
|
|
if got := actualHeaders[headerKey]; !reflect.DeepEqual(got, expect) {
|
|
|
|
t.Errorf("Downstream response does not contain expected %s header: expect %v, but got %v",
|
|
|
|
headerKey, expect, got)
|
|
|
|
}
|
2016-09-17 02:42:42 +03:00
|
|
|
}
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
2015-06-07 20:07:23 +03:00
|
|
|
var (
|
|
|
|
upstreamResp1 = []byte("Hello, /")
|
|
|
|
upstreamResp2 = []byte("Hello, /api/")
|
|
|
|
)
|
|
|
|
|
|
|
|
func newMultiHostTestProxy() *Proxy {
|
|
|
|
// No-op backends.
|
|
|
|
upstreamServer1 := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
fmt.Fprintf(w, "%s", upstreamResp1)
|
|
|
|
}))
|
|
|
|
upstreamServer2 := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
fmt.Fprintf(w, "%s", upstreamResp2)
|
|
|
|
}))
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{
|
|
|
|
// The order is important; the short path should go first to ensure
|
|
|
|
// we choose the most specific route, not the first one.
|
|
|
|
&fakeUpstream{
|
|
|
|
name: upstreamServer1.URL,
|
|
|
|
from: "/",
|
|
|
|
},
|
|
|
|
&fakeUpstream{
|
|
|
|
name: upstreamServer2.URL,
|
|
|
|
from: "/api",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
return p
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestMultiReverseProxyFromClient(t *testing.T) {
|
|
|
|
p := newMultiHostTestProxy()
|
|
|
|
|
|
|
|
// This is a full end-end test, so the proxy handler.
|
|
|
|
proxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}))
|
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
// Table tests.
|
|
|
|
var multiProxy = []struct {
|
|
|
|
url string
|
|
|
|
body []byte
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
"/",
|
|
|
|
upstreamResp1,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"/api/",
|
|
|
|
upstreamResp2,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"/messages/",
|
|
|
|
upstreamResp1,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"/api/messages/?text=cat",
|
|
|
|
upstreamResp2,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, tt := range multiProxy {
|
|
|
|
// Create client request
|
2016-10-02 10:04:57 +03:00
|
|
|
reqURL := proxy.URL + tt.url
|
2015-06-07 20:07:23 +03:00
|
|
|
req, err := http.NewRequest("GET", reqURL, nil)
|
2016-10-25 18:28:53 +03:00
|
|
|
|
2015-06-07 20:07:23 +03:00
|
|
|
if err != nil {
|
2016-10-25 18:28:53 +03:00
|
|
|
t.Fatalf("Failed to make request: %v", err)
|
2015-06-07 20:07:23 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
resp, err := http.DefaultClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to make request: %v", err)
|
|
|
|
}
|
|
|
|
body, err := ioutil.ReadAll(resp.Body)
|
|
|
|
resp.Body.Close()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to read response: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !bytes.Equal(body, tt.body) {
|
|
|
|
t.Errorf("Expected '%s' but got '%s' instead", tt.body, body)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-06-30 02:52:31 +03:00
|
|
|
func TestHostSimpleProxyNoHeaderForward(t *testing.T) {
|
|
|
|
var requestHost string
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
requestHost = r.Host
|
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{newFakeUpstream(backend.URL, false)},
|
|
|
|
}
|
|
|
|
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
2016-06-30 02:52:31 +03:00
|
|
|
r.Host = "test.com"
|
|
|
|
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
if !strings.Contains(backend.URL, "//") {
|
|
|
|
t.Fatalf("The URL of the backend server doesn't contains //: %s", backend.URL)
|
|
|
|
}
|
|
|
|
|
|
|
|
expectedHost := strings.Split(backend.URL, "//")
|
|
|
|
if expectedHost[1] != requestHost {
|
|
|
|
t.Fatalf("Expected %s as a Host header got %s\n", expectedHost[1], requestHost)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestHostHeaderReplacedUsingForward(t *testing.T) {
|
|
|
|
var requestHost string
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
requestHost = r.Host
|
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
upstream := newFakeUpstream(backend.URL, false)
|
|
|
|
proxyHostHeader := "test2.com"
|
|
|
|
upstream.host.UpstreamHeaders = http.Header{"Host": []string{proxyHostHeader}}
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{upstream},
|
|
|
|
}
|
|
|
|
|
2016-10-25 18:28:53 +03:00
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
2016-06-30 02:52:31 +03:00
|
|
|
r.Host = "test.com"
|
|
|
|
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
if proxyHostHeader != requestHost {
|
|
|
|
t.Fatalf("Expected %s as a Host header got %s\n", proxyHostHeader, requestHost)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-07-22 20:33:50 +03:00
|
|
|
func TestBasicAuth(t *testing.T) {
|
|
|
|
basicAuthTestcase(t, nil, nil)
|
|
|
|
basicAuthTestcase(t, nil, url.UserPassword("username", "password"))
|
|
|
|
basicAuthTestcase(t, url.UserPassword("usename", "password"), nil)
|
|
|
|
basicAuthTestcase(t, url.UserPassword("unused", "unused"),
|
|
|
|
url.UserPassword("username", "password"))
|
|
|
|
}
|
|
|
|
|
|
|
|
func basicAuthTestcase(t *testing.T, upstreamUser, clientUser *url.Userinfo) {
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
u, p, ok := r.BasicAuth()
|
|
|
|
|
|
|
|
if ok {
|
|
|
|
w.Write([]byte(u))
|
|
|
|
}
|
|
|
|
if ok && p != "" {
|
|
|
|
w.Write([]byte(":"))
|
|
|
|
w.Write([]byte(p))
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
2016-07-28 20:11:14 +03:00
|
|
|
backURL, err := url.Parse(backend.URL)
|
2016-07-22 20:33:50 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to parse URL: %v", err)
|
|
|
|
}
|
2016-07-28 20:11:14 +03:00
|
|
|
backURL.User = upstreamUser
|
2016-07-22 20:33:50 +03:00
|
|
|
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext,
|
2016-07-28 20:11:14 +03:00
|
|
|
Upstreams: []Upstream{newFakeUpstream(backURL.String(), false)},
|
2016-07-22 20:33:50 +03:00
|
|
|
}
|
|
|
|
r, err := http.NewRequest("GET", "/foo", nil)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create request: %v", err)
|
|
|
|
}
|
|
|
|
if clientUser != nil {
|
|
|
|
u := clientUser.Username()
|
|
|
|
p, _ := clientUser.Password()
|
|
|
|
r.SetBasicAuth(u, p)
|
|
|
|
}
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
if w.Code != 200 {
|
|
|
|
t.Fatalf("Invalid response code: %d", w.Code)
|
|
|
|
}
|
|
|
|
body, _ := ioutil.ReadAll(w.Body)
|
|
|
|
|
|
|
|
if clientUser != nil {
|
|
|
|
if string(body) != clientUser.String() {
|
|
|
|
t.Fatalf("Invalid auth info: %s", string(body))
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if upstreamUser != nil {
|
|
|
|
if string(body) != upstreamUser.String() {
|
|
|
|
t.Fatalf("Invalid auth info: %s", string(body))
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if string(body) != "" {
|
|
|
|
t.Fatalf("Invalid auth info: %s", string(body))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-10-02 10:04:57 +03:00
|
|
|
func TestProxyDirectorURL(t *testing.T) {
|
|
|
|
for i, c := range []struct {
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 08:11:10 +03:00
|
|
|
requestURL string
|
|
|
|
targetURL string
|
|
|
|
without string
|
|
|
|
expectURL string
|
2016-10-02 10:04:57 +03:00
|
|
|
}{
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test`,
|
|
|
|
targetURL: `https://localhost:2021`,
|
|
|
|
expectURL: `https://localhost:2021/test`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test`,
|
|
|
|
targetURL: `https://localhost:2021/t`,
|
|
|
|
expectURL: `https://localhost:2021/t/test`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test?t=w`,
|
|
|
|
targetURL: `https://localhost:2021/t`,
|
|
|
|
expectURL: `https://localhost:2021/t/test?t=w`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test`,
|
|
|
|
targetURL: `https://localhost:2021/t?foo=bar`,
|
|
|
|
expectURL: `https://localhost:2021/t/test?foo=bar`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test?t=w`,
|
|
|
|
targetURL: `https://localhost:2021/t?foo=bar`,
|
|
|
|
expectURL: `https://localhost:2021/t/test?foo=bar&t=w`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test?t=w`,
|
|
|
|
targetURL: `https://localhost:2021/t?foo=bar`,
|
|
|
|
expectURL: `https://localhost:2021/t?foo=bar&t=w`,
|
|
|
|
without: "/test",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test?t%3dw`,
|
|
|
|
targetURL: `https://localhost:2021/t?foo%3dbar`,
|
|
|
|
expectURL: `https://localhost:2021/t?foo%3dbar&t%3dw`,
|
|
|
|
without: "/test",
|
|
|
|
},
|
2016-10-11 12:06:49 +03:00
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test/`,
|
|
|
|
targetURL: `https://localhost:2021/t/`,
|
|
|
|
expectURL: `https://localhost:2021/t/test/`,
|
|
|
|
},
|
2016-12-08 04:59:02 +03:00
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test/mypath`,
|
|
|
|
targetURL: `https://localhost:2021/t/`,
|
|
|
|
expectURL: `https://localhost:2021/t/mypath`,
|
|
|
|
without: "/test",
|
|
|
|
},
|
2017-01-26 07:23:50 +03:00
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/%2C`,
|
|
|
|
targetURL: `https://localhost:2021/t/`,
|
|
|
|
expectURL: `https://localhost:2021/t/%2C`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/%2C/`,
|
|
|
|
targetURL: `https://localhost:2021/t/`,
|
|
|
|
expectURL: `https://localhost:2021/t/%2C/`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/test`,
|
|
|
|
targetURL: `https://localhost:2021/%2C`,
|
|
|
|
expectURL: `https://localhost:2021/%2C/test`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
requestURL: `http://localhost:2020/%2C`,
|
|
|
|
targetURL: `https://localhost:2021/%2C`,
|
|
|
|
expectURL: `https://localhost:2021/%2C/%2C`,
|
|
|
|
},
|
2017-04-17 06:00:36 +03:00
|
|
|
{
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 08:11:10 +03:00
|
|
|
requestURL: `http://localhost:2020/%2F/test`,
|
|
|
|
targetURL: `https://localhost:2021/`,
|
|
|
|
expectURL: `https://localhost:2021/%2F/test`,
|
2017-04-17 06:00:36 +03:00
|
|
|
},
|
2017-04-21 14:35:32 +03:00
|
|
|
{
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 08:11:10 +03:00
|
|
|
requestURL: `http://localhost:2020/test/%2F/mypath`,
|
|
|
|
targetURL: `https://localhost:2021/t/`,
|
|
|
|
expectURL: `https://localhost:2021/t/%2F/mypath`,
|
|
|
|
without: "/test",
|
2017-04-21 14:35:32 +03:00
|
|
|
},
|
2016-10-02 10:04:57 +03:00
|
|
|
} {
|
|
|
|
targetURL, err := url.Parse(c.targetURL)
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("case %d failed to parse target URL: %s", i, err)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
req, err := http.NewRequest("GET", c.requestURL, nil)
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("case %d failed to create request: %s", i, err)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
NewSingleHostReverseProxy(targetURL, c.without, 0).Director(req)
|
|
|
|
if expect, got := c.expectURL, req.URL.String(); expect != got {
|
|
|
|
t.Errorf("case %d url not equal: expect %q, but got %q",
|
|
|
|
i, expect, got)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-11-01 07:34:39 +03:00
|
|
|
func TestReverseProxyRetry(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
io.Copy(w, r.Body)
|
|
|
|
r.Body.Close()
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
su, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(`
|
|
|
|
proxy / localhost:65535 localhost:65534 `+backend.URL+` {
|
|
|
|
policy round_robin
|
|
|
|
fail_timeout 5s
|
|
|
|
max_fails 1
|
|
|
|
try_duration 5s
|
|
|
|
try_interval 250ms
|
|
|
|
}
|
2017-04-17 18:58:47 +03:00
|
|
|
`)), "")
|
2016-11-01 07:34:39 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: su,
|
|
|
|
}
|
|
|
|
|
|
|
|
// middle is required to simulate closable downstream request body
|
|
|
|
middle := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
_, err = p.ServeHTTP(w, r)
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer middle.Close()
|
|
|
|
|
|
|
|
testcase := "test content"
|
|
|
|
r, err := http.NewRequest("POST", middle.URL, bytes.NewBufferString(testcase))
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
resp, err := http.DefaultTransport.RoundTrip(r)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
b, err := ioutil.ReadAll(resp.Body)
|
|
|
|
resp.Body.Close()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if string(b) != testcase {
|
|
|
|
t.Fatalf("string(b) = %s, want %s", string(b), testcase)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-11 21:38:52 +03:00
|
|
|
func TestReverseProxyLargeBody(t *testing.T) {
|
|
|
|
log.SetOutput(ioutil.Discard)
|
|
|
|
defer log.SetOutput(os.Stderr)
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
io.Copy(ioutil.Discard, r.Body)
|
|
|
|
r.Body.Close()
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
2017-04-17 18:58:47 +03:00
|
|
|
su, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(`proxy / `+backend.URL)), "")
|
2017-01-11 21:38:52 +03:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: su,
|
|
|
|
}
|
|
|
|
|
|
|
|
// middle is required to simulate closable downstream request body
|
|
|
|
middle := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
_, err = p.ServeHTTP(w, r)
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer middle.Close()
|
|
|
|
|
|
|
|
// Our request body will be 100MB
|
|
|
|
bodySize := uint64(100 * 1000 * 1000)
|
|
|
|
|
|
|
|
// We want to see how much memory the proxy module requires for this request.
|
|
|
|
// So lets record the mem stats before we start it.
|
|
|
|
begMemstats := &runtime.MemStats{}
|
|
|
|
runtime.ReadMemStats(begMemstats)
|
|
|
|
|
|
|
|
r, err := http.NewRequest("POST", middle.URL, &noopReader{len: bodySize})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
resp, err := http.DefaultTransport.RoundTrip(r)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
resp.Body.Close()
|
|
|
|
|
|
|
|
// Finally we need the mem stats after the request is done...
|
|
|
|
endMemstats := &runtime.MemStats{}
|
|
|
|
runtime.ReadMemStats(endMemstats)
|
|
|
|
|
|
|
|
// ...to calculate the total amount of allocated memory during the request.
|
|
|
|
totalAlloc := endMemstats.TotalAlloc - begMemstats.TotalAlloc
|
|
|
|
|
|
|
|
// If that's as much as the size of the body itself it's a serious sign that the
|
|
|
|
// request was not "streamed" to the upstream without buffering it first.
|
|
|
|
if totalAlloc >= bodySize {
|
|
|
|
t.Fatalf("proxy allocated too much memory: %d bytes", totalAlloc)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-24 04:03:42 +03:00
|
|
|
func TestCancelRequest(t *testing.T) {
|
2017-04-19 17:56:51 +03:00
|
|
|
reqInFlight := make(chan struct{})
|
2017-01-24 04:03:42 +03:00
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2017-04-19 17:56:51 +03:00
|
|
|
close(reqInFlight) // cause the client to cancel its request
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-time.After(10 * time.Second):
|
|
|
|
t.Error("Handler never saw CloseNotify")
|
|
|
|
return
|
|
|
|
case <-w.(http.CloseNotifier).CloseNotify():
|
|
|
|
}
|
|
|
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
2017-01-24 04:03:42 +03:00
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{newFakeUpstream(backend.URL, false)},
|
|
|
|
}
|
|
|
|
|
|
|
|
// setup request with cancel ctx
|
|
|
|
req := httptest.NewRequest("GET", "/", nil)
|
|
|
|
ctx, cancel := context.WithCancel(req.Context())
|
|
|
|
defer cancel()
|
|
|
|
req = req.WithContext(ctx)
|
|
|
|
|
|
|
|
// wait for canceling the request
|
|
|
|
go func() {
|
2017-04-19 17:56:51 +03:00
|
|
|
<-reqInFlight
|
2017-01-24 04:03:42 +03:00
|
|
|
cancel()
|
|
|
|
}()
|
|
|
|
|
2017-04-19 17:56:51 +03:00
|
|
|
rec := httptest.NewRecorder()
|
|
|
|
status, err := p.ServeHTTP(rec, req)
|
|
|
|
expectedStatus, expectErr := http.StatusBadGateway, context.Canceled
|
|
|
|
if status != expectedStatus || err != expectErr {
|
|
|
|
t.Errorf("expect proxy handle return status[%d] with error[%v], but got status[%d] with error[%v]",
|
|
|
|
expectedStatus, expectErr, status, err)
|
|
|
|
}
|
|
|
|
if body := rec.Body.String(); body != "" {
|
|
|
|
t.Errorf("expect a blank response, but got %q", body)
|
2017-01-24 04:03:42 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-11 21:38:52 +03:00
|
|
|
type noopReader struct {
|
|
|
|
len uint64
|
|
|
|
pos uint64
|
|
|
|
}
|
|
|
|
|
|
|
|
var _ io.Reader = &noopReader{}
|
|
|
|
|
|
|
|
func (r *noopReader) Read(b []byte) (int, error) {
|
|
|
|
if r.pos >= r.len {
|
|
|
|
return 0, io.EOF
|
|
|
|
}
|
|
|
|
n := int(r.len - r.pos)
|
|
|
|
if n > len(b) {
|
|
|
|
n = len(b)
|
|
|
|
}
|
|
|
|
for i := range b[:n] {
|
|
|
|
b[i] = 0
|
|
|
|
}
|
|
|
|
r.pos += uint64(n)
|
|
|
|
return n, nil
|
|
|
|
}
|
|
|
|
|
2016-06-06 06:51:56 +03:00
|
|
|
func newFakeUpstream(name string, insecure bool) *fakeUpstream {
|
|
|
|
uri, _ := url.Parse(name)
|
|
|
|
u := &fakeUpstream{
|
|
|
|
name: name,
|
2015-06-07 20:07:23 +03:00
|
|
|
from: "/",
|
2016-06-06 06:51:56 +03:00
|
|
|
host: &UpstreamHost{
|
|
|
|
Name: name,
|
2016-08-06 01:41:32 +03:00
|
|
|
ReverseProxy: NewSingleHostReverseProxy(uri, "", http.DefaultMaxIdleConnsPerHost),
|
2016-06-06 06:51:56 +03:00
|
|
|
},
|
|
|
|
}
|
|
|
|
if insecure {
|
2016-08-02 01:47:31 +03:00
|
|
|
u.host.ReverseProxy.UseInsecureTransport()
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
return u
|
|
|
|
}
|
|
|
|
|
|
|
|
type fakeUpstream struct {
|
2015-06-07 20:07:23 +03:00
|
|
|
name string
|
|
|
|
host *UpstreamHost
|
|
|
|
from string
|
|
|
|
without string
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (u *fakeUpstream) From() string {
|
2015-06-07 20:07:23 +03:00
|
|
|
return u.from
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
2016-07-31 12:04:54 +03:00
|
|
|
func (u *fakeUpstream) Select(r *http.Request) *UpstreamHost {
|
2015-06-07 20:07:23 +03:00
|
|
|
if u.host == nil {
|
|
|
|
uri, err := url.Parse(u.name)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("Unable to url.Parse %s: %v", u.name, err)
|
|
|
|
}
|
|
|
|
u.host = &UpstreamHost{
|
|
|
|
Name: u.name,
|
2016-08-06 01:41:32 +03:00
|
|
|
ReverseProxy: NewSingleHostReverseProxy(uri, u.without, http.DefaultMaxIdleConnsPerHost),
|
2015-06-07 20:07:23 +03:00
|
|
|
}
|
|
|
|
}
|
2016-06-06 06:51:56 +03:00
|
|
|
return u.host
|
|
|
|
}
|
|
|
|
|
2016-09-25 01:03:22 +03:00
|
|
|
func (u *fakeUpstream) AllowedPath(requestPath string) bool { return true }
|
|
|
|
func (u *fakeUpstream) GetTryDuration() time.Duration { return 1 * time.Second }
|
|
|
|
func (u *fakeUpstream) GetTryInterval() time.Duration { return 250 * time.Millisecond }
|
2017-01-11 21:38:52 +03:00
|
|
|
func (u *fakeUpstream) GetHostCount() int { return 1 }
|
2017-04-02 23:58:15 +03:00
|
|
|
func (u *fakeUpstream) Stop() error { return nil }
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// newWebSocketTestProxy returns a test proxy that will
|
|
|
|
// redirect to the specified backendAddr. The function
|
|
|
|
// also sets up the rules/environment for testing WebSocket
|
|
|
|
// proxy.
|
2016-12-26 22:53:18 +03:00
|
|
|
func newWebSocketTestProxy(backendAddr string, insecure bool) *Proxy {
|
2016-06-06 06:51:56 +03:00
|
|
|
return &Proxy{
|
2016-12-26 22:53:18 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{&fakeWsUpstream{
|
|
|
|
name: backendAddr,
|
|
|
|
without: "",
|
|
|
|
insecure: insecure,
|
|
|
|
}},
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func newPrefixedWebSocketTestProxy(backendAddr string, prefix string) *Proxy {
|
|
|
|
return &Proxy{
|
2015-06-07 20:07:23 +03:00
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
2016-06-06 06:51:56 +03:00
|
|
|
Upstreams: []Upstream{&fakeWsUpstream{name: backendAddr, without: prefix}},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type fakeWsUpstream struct {
|
2016-12-26 22:53:18 +03:00
|
|
|
name string
|
|
|
|
without string
|
|
|
|
insecure bool
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (u *fakeWsUpstream) From() string {
|
|
|
|
return "/"
|
|
|
|
}
|
|
|
|
|
2016-07-31 12:04:54 +03:00
|
|
|
func (u *fakeWsUpstream) Select(r *http.Request) *UpstreamHost {
|
2016-06-06 06:51:56 +03:00
|
|
|
uri, _ := url.Parse(u.name)
|
2016-12-26 22:53:18 +03:00
|
|
|
host := &UpstreamHost{
|
2016-06-06 06:51:56 +03:00
|
|
|
Name: u.name,
|
2016-08-06 01:41:32 +03:00
|
|
|
ReverseProxy: NewSingleHostReverseProxy(uri, u.without, http.DefaultMaxIdleConnsPerHost),
|
2016-06-06 06:51:56 +03:00
|
|
|
UpstreamHeaders: http.Header{
|
|
|
|
"Connection": {"{>Connection}"},
|
|
|
|
"Upgrade": {"{>Upgrade}"}},
|
|
|
|
}
|
2016-12-26 22:53:18 +03:00
|
|
|
if u.insecure {
|
|
|
|
host.ReverseProxy.UseInsecureTransport()
|
|
|
|
}
|
|
|
|
return host
|
2016-06-06 06:51:56 +03:00
|
|
|
}
|
|
|
|
|
2016-09-25 01:03:22 +03:00
|
|
|
func (u *fakeWsUpstream) AllowedPath(requestPath string) bool { return true }
|
|
|
|
func (u *fakeWsUpstream) GetTryDuration() time.Duration { return 1 * time.Second }
|
|
|
|
func (u *fakeWsUpstream) GetTryInterval() time.Duration { return 250 * time.Millisecond }
|
2017-01-11 21:38:52 +03:00
|
|
|
func (u *fakeWsUpstream) GetHostCount() int { return 1 }
|
2017-04-02 23:58:15 +03:00
|
|
|
func (u *fakeWsUpstream) Stop() error { return nil }
|
2016-06-06 06:51:56 +03:00
|
|
|
|
|
|
|
// recorderHijacker is a ResponseRecorder that can
|
|
|
|
// be hijacked.
|
|
|
|
type recorderHijacker struct {
|
|
|
|
*httptest.ResponseRecorder
|
|
|
|
fakeConn *fakeConn
|
|
|
|
}
|
|
|
|
|
|
|
|
func (rh *recorderHijacker) Hijack() (net.Conn, *bufio.ReadWriter, error) {
|
|
|
|
return rh.fakeConn, nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type fakeConn struct {
|
|
|
|
readBuf bytes.Buffer
|
|
|
|
writeBuf bytes.Buffer
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *fakeConn) LocalAddr() net.Addr { return nil }
|
|
|
|
func (c *fakeConn) RemoteAddr() net.Addr { return nil }
|
|
|
|
func (c *fakeConn) SetDeadline(t time.Time) error { return nil }
|
|
|
|
func (c *fakeConn) SetReadDeadline(t time.Time) error { return nil }
|
|
|
|
func (c *fakeConn) SetWriteDeadline(t time.Time) error { return nil }
|
|
|
|
func (c *fakeConn) Close() error { return nil }
|
|
|
|
func (c *fakeConn) Read(b []byte) (int, error) { return c.readBuf.Read(b) }
|
|
|
|
func (c *fakeConn) Write(b []byte) (int, error) { return c.writeBuf.Write(b) }
|
2016-07-21 04:06:14 +03:00
|
|
|
|
2017-04-19 17:56:51 +03:00
|
|
|
// testResponseRecorder wraps `httptest.ResponseRecorder`,
|
|
|
|
// also implements `http.CloseNotifier`, `http.Hijacker` and `http.Pusher`.
|
|
|
|
type testResponseRecorder struct {
|
2017-05-05 18:42:06 +03:00
|
|
|
*httpserver.ResponseWriterWrapper
|
2017-04-19 17:56:51 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (testResponseRecorder) CloseNotify() <-chan bool { return nil }
|
|
|
|
|
|
|
|
// Interface guards
|
2017-05-05 18:42:06 +03:00
|
|
|
var _ httpserver.HTTPInterfaces = testResponseRecorder{}
|
2017-04-19 17:56:51 +03:00
|
|
|
|
2016-07-21 04:06:14 +03:00
|
|
|
func BenchmarkProxy(b *testing.B) {
|
|
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Write([]byte("Hello, client"))
|
|
|
|
}))
|
|
|
|
defer backend.Close()
|
|
|
|
|
|
|
|
upstream := newFakeUpstream(backend.URL, false)
|
|
|
|
upstream.host.UpstreamHeaders = http.Header{
|
|
|
|
"Hostname": {"{hostname}"},
|
|
|
|
"Host": {"{host}"},
|
|
|
|
"X-Real-IP": {"{remote}"},
|
|
|
|
"X-Forwarded-Proto": {"{scheme}"},
|
|
|
|
}
|
|
|
|
// set up proxy
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: []Upstream{upstream},
|
|
|
|
}
|
|
|
|
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
b.StopTimer()
|
|
|
|
// create request and response recorder
|
|
|
|
r, err := http.NewRequest("GET", "/", nil)
|
|
|
|
if err != nil {
|
|
|
|
b.Fatalf("Failed to create request: %v", err)
|
|
|
|
}
|
|
|
|
b.StartTimer()
|
|
|
|
p.ServeHTTP(w, r)
|
|
|
|
}
|
|
|
|
}
|
2017-07-25 10:12:38 +03:00
|
|
|
|
|
|
|
func TestChunkedWebSocketReverseProxy(t *testing.T) {
|
|
|
|
s := websocket.Server{
|
|
|
|
Handler: websocket.Handler(func(ws *websocket.Conn) {
|
|
|
|
for {
|
|
|
|
select {}
|
|
|
|
}
|
|
|
|
}),
|
|
|
|
}
|
|
|
|
s.Config.Header = http.Header(make(map[string][]string))
|
|
|
|
s.Config.Header.Set("Transfer-Encoding", "chunked")
|
|
|
|
|
|
|
|
wsNop := httptest.NewServer(s)
|
|
|
|
defer wsNop.Close()
|
|
|
|
|
|
|
|
// Get proxy to use for the test
|
|
|
|
p := newWebSocketTestProxy(wsNop.URL, false)
|
|
|
|
|
|
|
|
// Create client request
|
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
|
|
|
|
|
|
|
r.Header = http.Header{
|
|
|
|
"Connection": {"Upgrade"},
|
|
|
|
"Upgrade": {"websocket"},
|
|
|
|
"Origin": {wsNop.URL},
|
|
|
|
"Sec-WebSocket-Key": {"x3JJHMbDL1EzLkh9GBhXDw=="},
|
|
|
|
"Sec-WebSocket-Version": {"13"},
|
|
|
|
}
|
|
|
|
|
|
|
|
// Capture the request
|
|
|
|
w := &recorderHijacker{httptest.NewRecorder(), new(fakeConn)}
|
|
|
|
|
|
|
|
// Booya! Do the test.
|
|
|
|
_, err := p.ServeHTTP(w, r)
|
|
|
|
|
|
|
|
// Make sure the backend accepted the WS connection.
|
|
|
|
// Mostly interested in the Upgrade and Connection response headers
|
|
|
|
// and the 101 status code.
|
|
|
|
expected := []byte("HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: HSmrc0sMlYUkAGmm5OPpG2HaGWk=\r\nTransfer-Encoding: chunked\r\n\r\n")
|
|
|
|
actual := w.fakeConn.writeBuf.Bytes()
|
|
|
|
if !bytes.Equal(actual, expected) {
|
|
|
|
t.Errorf("Expected backend to accept response:\n'%s'\nActually got:\n'%s'", expected, actual)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
}
|
2017-09-12 04:49:02 +03:00
|
|
|
|
|
|
|
func TestQuic(t *testing.T) {
|
2017-09-12 08:34:39 +03:00
|
|
|
if strings.ToLower(os.Getenv("CI")) != "true" {
|
|
|
|
// TODO. (#1782) This test requires configuring hosts
|
|
|
|
// file and updating the certificate in testdata. We
|
|
|
|
// should find a more robust way of testing this.
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-09-12 04:49:02 +03:00
|
|
|
upstream := "quic.clemente.io:8086"
|
|
|
|
config := "proxy / quic://" + upstream
|
|
|
|
content := "Hello, client"
|
|
|
|
|
|
|
|
// make proxy
|
|
|
|
upstreams, err := NewStaticUpstreams(caddyfile.NewDispenser("Testfile", strings.NewReader(config)), "")
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
|
|
|
}
|
|
|
|
p := &Proxy{
|
|
|
|
Next: httpserver.EmptyNext, // prevents panic in some cases when test fails
|
|
|
|
Upstreams: upstreams,
|
|
|
|
}
|
|
|
|
|
|
|
|
// start QUIC server
|
|
|
|
go func() {
|
|
|
|
dir, err := os.Getwd()
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Write([]byte(content))
|
|
|
|
w.WriteHeader(200)
|
|
|
|
})
|
|
|
|
err = h2quic.ListenAndServeQUIC(
|
|
|
|
upstream,
|
|
|
|
path.Join(dir, "testdata", "fullchain.pem"),
|
|
|
|
path.Join(dir, "testdata", "privkey.pem"),
|
|
|
|
handler,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
r := httptest.NewRequest("GET", "/", nil)
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
_, err = p.ServeHTTP(w, r)
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no error. Got: %s", err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// check response
|
|
|
|
if w.Code != 200 {
|
|
|
|
t.Errorf("Expected response code 200, got: %d", w.Code)
|
|
|
|
}
|
|
|
|
responseContent := string(w.Body.Bytes())
|
|
|
|
if responseContent != content {
|
|
|
|
t.Errorf("Expected response body, got: %s", responseContent)
|
|
|
|
}
|
|
|
|
}
|