mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-04 06:43:45 +08:00
c32a0f5f71
* Lint: fix some errcheck #2541 * Lint: fix passing structcheck #2541 * Lint: update fix structcheck #2541 * Lint: fix errcheck for basicauth, browse, fastcgi_test #2541 * Lint: fix errcheck for browse, fastcgi_test, fcgiclient, fcgiclient_test #2541 * Lint: fix errcheck for responsefilter_test, fcgilient_test #2541 * Lint: fix errcheck for header_test #2541 * Lint: update errcheck for fcgiclient_test #2541 * Lint: fix errcheck for server, header_test, fastcgi_test, https_test, recorder_test #2541 * Lint: fix errcheck for tplcontext, vhosttrie_test, internal_test, handler_test #2541 * Lint: fix errcheck for log_test, markdown mholt#2541 * Lint: fix errcheck for policy, body_test, proxy_test #2541 * Lint: fix errcheck for on multiple packages #2541 - reverseproxy - reverseproxy_test - upstream - upstream_test - body_test * Lint: fix errcheck in multiple packages mholt#2541 - handler_test - redirect_test - requestid_test - rewrite_test - fileserver_test * Lint: fix errcheck in multiple packages mholt#2541 - websocket - setup - collection - redirect_test - templates_test * Lint: fix errcheck in logger test #2541 run goimports against #2551 - lexer_test - log_test - markdown * Update caddyhttp/httpserver/logger_test.go Co-Authored-By: Inconnu08 <taufiqrx8@gmail.com> * Update log_test.go * Lint: fix scope in logger_test #2541 * remove redundant err check in logger_test #2541 * fix alias in logger_test #2541 * fix import for format #2541 * refactor variable names and error check #2541
187 lines
5.2 KiB
Go
187 lines
5.2 KiB
Go
// Copyright 2015 Light Code Labs, LLC
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package proxy
|
|
|
|
import (
|
|
"log"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strconv"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/lucas-clemente/quic-go/h2quic"
|
|
)
|
|
|
|
const (
|
|
expectedResponse = "response from request proxied to upstream"
|
|
expectedStatus = http.StatusOK
|
|
)
|
|
|
|
var upstreamHost *httptest.Server
|
|
var upstreamHostTLS *httptest.Server
|
|
|
|
func setupTLSServer() {
|
|
upstreamHostTLS = httptest.NewTLSServer(http.HandlerFunc(
|
|
func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path == "/test-path" {
|
|
w.WriteHeader(expectedStatus)
|
|
if _, err := w.Write([]byte(expectedResponse)); err != nil {
|
|
log.Println("[ERROR] failed to write bytes: ", err)
|
|
}
|
|
} else {
|
|
w.WriteHeader(404)
|
|
if _, err := w.Write([]byte("Not found")); err != nil {
|
|
log.Println("[ERROR] failed to write bytes: ", err)
|
|
}
|
|
}
|
|
}))
|
|
}
|
|
|
|
func setupTest() {
|
|
upstreamHost = httptest.NewServer(http.HandlerFunc(
|
|
func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path == "/test-path" {
|
|
w.WriteHeader(expectedStatus)
|
|
if _, err := w.Write([]byte(expectedResponse)); err != nil {
|
|
log.Println("[ERROR] failed to write bytes: ", err)
|
|
}
|
|
} else {
|
|
w.WriteHeader(404)
|
|
if _, err := w.Write([]byte("Not found")); err != nil {
|
|
log.Println("[ERROR] failed to write bytes: ", err)
|
|
}
|
|
}
|
|
}))
|
|
}
|
|
|
|
func tearDownTLSServer() {
|
|
upstreamHostTLS.Close()
|
|
}
|
|
|
|
func tearDownTest() {
|
|
upstreamHost.Close()
|
|
}
|
|
|
|
func TestReverseProxyWithOwnCACertificates(t *testing.T) {
|
|
setupTLSServer()
|
|
defer tearDownTLSServer()
|
|
|
|
// get http client from tls server
|
|
cl := upstreamHostTLS.Client()
|
|
|
|
// add certs from httptest tls server to reverse proxy
|
|
var transport *http.Transport
|
|
if tr, ok := cl.Transport.(*http.Transport); ok {
|
|
transport = tr
|
|
} else {
|
|
t.Error("could not parse transport from upstreamHostTLS")
|
|
}
|
|
|
|
pool := transport.TLSClientConfig.RootCAs
|
|
|
|
u := staticUpstream{}
|
|
u.CaCertPool = pool
|
|
|
|
upstreamURL, err := url.Parse(upstreamHostTLS.URL)
|
|
if err != nil {
|
|
t.Errorf("Failed to parse test server URL [%s]. %s", upstreamHost.URL, err.Error())
|
|
}
|
|
|
|
// setup host for reverse proxy
|
|
ups, err := u.NewHost(upstreamURL.String())
|
|
if err != nil {
|
|
t.Errorf("Creating new host failed. %v", err)
|
|
}
|
|
|
|
// UseOwnCACertificates called in NewHost sets the RootCAs based if the cert pool is set
|
|
if transport, ok := ups.ReverseProxy.Transport.(*http.Transport); ok {
|
|
if transport.TLSClientConfig.RootCAs == nil {
|
|
t.Errorf("RootCAs not set on TLSClientConfig.")
|
|
}
|
|
} else if transport, ok := ups.ReverseProxy.Transport.(*h2quic.RoundTripper); ok {
|
|
if transport.TLSClientConfig.RootCAs == nil {
|
|
t.Errorf("RootCAs not set on TLSClientConfig.")
|
|
}
|
|
}
|
|
|
|
resp := httptest.NewRecorder()
|
|
req, err := http.NewRequest("GET", "https://test.host/test-path", nil)
|
|
if err != nil {
|
|
t.Errorf("Failed to create new request. %s", err.Error())
|
|
}
|
|
|
|
err = ups.ReverseProxy.ServeHTTP(resp, req, nil)
|
|
if err != nil {
|
|
t.Errorf("Failed to perform reverse proxy to upstream host. %s", err.Error())
|
|
}
|
|
|
|
rBody := resp.Body.String()
|
|
if rBody != expectedResponse {
|
|
t.Errorf("Unexpected proxy response received. Expected: '%s', Got: '%s'", expectedResponse, resp.Body.String())
|
|
}
|
|
|
|
if resp.Code != expectedStatus {
|
|
t.Errorf("Unexpected proxy status. Expected: '%d', Got: '%d'", expectedStatus, resp.Code)
|
|
}
|
|
}
|
|
func TestSingleSRVHostReverseProxy(t *testing.T) {
|
|
setupTest()
|
|
defer tearDownTest()
|
|
|
|
target, err := url.Parse("srv://test.upstream.service")
|
|
if err != nil {
|
|
t.Errorf("Failed to parse target URL. %s", err.Error())
|
|
}
|
|
|
|
upstream, err := url.Parse(upstreamHost.URL)
|
|
if err != nil {
|
|
t.Errorf("Failed to parse test server URL [%s]. %s", upstreamHost.URL, err.Error())
|
|
}
|
|
pp, err := strconv.Atoi(upstream.Port())
|
|
if err != nil {
|
|
t.Errorf("Failed to parse upstream server port [%s]. %s", upstream.Port(), err.Error())
|
|
}
|
|
port := uint16(pp)
|
|
|
|
rp := NewSingleHostReverseProxy(target, "", http.DefaultMaxIdleConnsPerHost, 30*time.Second, 300*time.Millisecond)
|
|
rp.srvResolver = testResolver{
|
|
result: []*net.SRV{
|
|
{Target: upstream.Hostname(), Port: port, Priority: 1, Weight: 1},
|
|
},
|
|
}
|
|
|
|
resp := httptest.NewRecorder()
|
|
req, err := http.NewRequest("GET", "http://test.host/test-path", nil)
|
|
if err != nil {
|
|
t.Errorf("Failed to create new request. %s", err.Error())
|
|
}
|
|
|
|
err = rp.ServeHTTP(resp, req, nil)
|
|
if err != nil {
|
|
t.Errorf("Failed to perform reverse proxy to upstream host. %s", err.Error())
|
|
}
|
|
|
|
if resp.Body.String() != expectedResponse {
|
|
t.Errorf("Unexpected proxy response received. Expected: '%s', Got: '%s'", expectedResponse, resp.Body.String())
|
|
}
|
|
|
|
if resp.Code != expectedStatus {
|
|
t.Errorf("Unexpected proxy status. Expected: '%d', Got: '%d'", expectedStatus, resp.Code)
|
|
}
|
|
}
|