diff options
35 files changed, 279 insertions, 118 deletions
diff --git a/regress/usr.sbin/relayd/Client.pm b/regress/usr.sbin/relayd/Client.pm index 5736f459ed2..37cfa40b130 100644 --- a/regress/usr.sbin/relayd/Client.pm +++ b/regress/usr.sbin/relayd/Client.pm @@ -1,4 +1,4 @@ -# $OpenBSD: Client.pm,v 1.5 2013/07/20 10:30:55 bluhm Exp $ +# $OpenBSD: Client.pm,v 1.6 2014/07/09 16:48:55 reyk Exp $ # Copyright (c) 2010-2012 Alexander Bluhm <bluhm@openbsd.org> # @@ -44,6 +44,10 @@ sub new { sub child { my $self = shift; + if ($self->{mreqs}) { + print STDERR "connection per request\n"; + return; + } $SSL_ERROR = ""; my $iosocket = $self->{ssl} ? "IO::Socket::SSL" : "IO::Socket::INET6"; my $cs = $iosocket->new( @@ -55,6 +59,7 @@ sub child { ) or die ref($self), " $iosocket socket connect failed: $!,$SSL_ERROR"; print STDERR "connect sock: ",$cs->sockhost()," ",$cs->sockport(),"\n"; print STDERR "connect peer: ",$cs->peerhost()," ",$cs->peerport(),"\n"; + print STDERR "single connection\n"; *STDIN = *STDOUT = $self->{cs} = $cs; } diff --git a/regress/usr.sbin/relayd/Server.pm b/regress/usr.sbin/relayd/Server.pm index 76d849a94a4..7bb2923f25a 100644 --- a/regress/usr.sbin/relayd/Server.pm +++ b/regress/usr.sbin/relayd/Server.pm @@ -1,4 +1,4 @@ -# $OpenBSD: Server.pm,v 1.4 2013/07/20 10:30:55 bluhm Exp $ +# $OpenBSD: Server.pm,v 1.5 2014/07/09 16:48:55 reyk Exp $ # Copyright (c) 2010-2012 Alexander Bluhm <bluhm@openbsd.org> # @@ -58,11 +58,16 @@ sub new { sub child { my $self = shift; + if ($self->{mreqs}) { + print STDERR "connection per request\n"; + return; + } my $iosocket = $self->{ssl} ? "IO::Socket::SSL" : "IO::Socket::INET6"; my $as = $self->{ls}->accept() or die ref($self), " $iosocket socket accept failed: $!"; print STDERR "accept sock: ",$as->sockhost()," ",$as->sockport(),"\n"; print STDERR "accept peer: ",$as->peerhost()," ",$as->peerport(),"\n"; + print STDERR "single connection\n"; *STDIN = *STDOUT = $self->{as} = $as; } diff --git a/regress/usr.sbin/relayd/args-http-append.pl b/regress/usr.sbin/relayd/args-http-append.pl index f6c00de4093..bc6727c749a 100644 --- a/regress/usr.sbin/relayd/args-http-append.pl +++ b/regress/usr.sbin/relayd/args-http-append.pl @@ -5,12 +5,17 @@ our %args = ( client => { func => \&http_client, len => 1, - loggrep => { 'X-Server-Append: \d+\.\d+\.\d+\.\d+:\d+$' => 1 }, + loggrep => { 'X-Server-Append: \d+\.\d+\.\d+\.\d+:\d+$' => 1, + 'Set-Cookie: a=b\;' => 1, + }, }, relayd => { protocol => [ "http", - 'request header append "$REMOTE_ADDR:$REMOTE_PORT" to X-Client-Append', - 'response header append "$SERVER_ADDR:$SERVER_PORT" to X-Server-Append', + 'match request header append X-Client-Append value \ + "$REMOTE_ADDR:$REMOTE_PORT"', + 'match response header append X-Server-Append value \ + "$SERVER_ADDR:$SERVER_PORT" \ + cookie set "a" value "b"', ], }, server => { diff --git a/regress/usr.sbin/relayd/args-http-change-path.pl b/regress/usr.sbin/relayd/args-http-change-path.pl index 23205c3941d..2596d438858 100644 --- a/regress/usr.sbin/relayd/args-http-change-path.pl +++ b/regress/usr.sbin/relayd/args-http-change-path.pl @@ -3,21 +3,23 @@ use warnings; our %args = ( client => { - noclient => 1, - nocheck => 1, + func => \&http_client, + loggrep => { + qr/GET \/251 HTTP\/1\.0/ => 1, + }, }, relayd => { protocol => [ "http", - 'request path change "path" to "foobarchangedpath" marked 55', + 'match request path set "*" value "/foopath" \ + url log "*"', ], - loggrep => { - qr/relayd.conf\:.*action only supported for headers/ => 1 - }, - dryrun => "relayd.conf:4: action only supported for headers", + loggrep => { qr/\, done\, \[foo.bar\/foopath\]/ => 1 }, }, server => { - noserver => 1, - nocheck => 1, + func => \&http_server, + loggrep => { + qr/GET \/foopath HTTP\/1\.0/ => 1, + }, }, ); diff --git a/regress/usr.sbin/relayd/args-http-change.pl b/regress/usr.sbin/relayd/args-http-change.pl index 941a2f62185..54286c53579 100644 --- a/regress/usr.sbin/relayd/args-http-change.pl +++ b/regress/usr.sbin/relayd/args-http-change.pl @@ -13,8 +13,8 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request header change "Host" to "foobar.changed"', - 'response header change "X-Test-Header" to "XChangedValue"', + 'match request header set "Host" value "foobar.changed"', + 'match response header set "X-Test-Header" value "XChangedValue"', ], }, server => { diff --git a/regress/usr.sbin/relayd/args-http-chunked.pl b/regress/usr.sbin/relayd/args-http-chunked.pl index 839de14032a..2fdcb98978e 100644 --- a/regress/usr.sbin/relayd/args-http-chunked.pl +++ b/regress/usr.sbin/relayd/args-http-chunked.pl @@ -8,16 +8,21 @@ our %args = ( client => { func => \&http_client, lengths => \@lengths, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log Transfer-Encoding", + "match request header log foo", + "match response header log Transfer-Encoding", ], - loggrep => { "log 'Transfer-Encoding: chunked'" => 2 }, + loggrep => { + "Transfer-Encoding: chunked" => 2, + qr/\[\(null\)\]/ => 0, + }, }, server => { func => \&http_server, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-http-contentlength.pl b/regress/usr.sbin/relayd/args-http-contentlength.pl index fc36cd96556..17db74b1de7 100644 --- a/regress/usr.sbin/relayd/args-http-contentlength.pl +++ b/regress/usr.sbin/relayd/args-http-contentlength.pl @@ -8,18 +8,19 @@ our %args = ( client => { func => \&http_client, lengths => \@lengths, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log Content-Length", + "match request header log foo", + "match response header log Content-Length", ], - loggrep => [ map { "log 'Content-Length: $_'" } @lengths ], + loggrep => [ map { "Content-Length: $_" } @lengths ], }, server => { func => \&http_server, + mreqs => scalar(@lengths), }, - lengths => \@lengths, ); 1; diff --git a/regress/usr.sbin/relayd/args-http-expect.pl b/regress/usr.sbin/relayd/args-http-expect.pl index c9fb482894b..8a8c7dd39ad 100644 --- a/regress/usr.sbin/relayd/args-http-expect.pl +++ b/regress/usr.sbin/relayd/args-http-expect.pl @@ -6,12 +6,18 @@ our %args = ( client => { func => \&http_client, lengths => \@lengths, - path => "query?foo=bar&ok=yes" + path => "query?foo=bar&ok=yes", }, relayd => { protocol => [ "http", - 'request query expect "bar" from "foo" log', + 'block request', + 'block request query log "ok"', + 'pass query log "foo" value "bar"', ], + loggrep => { + qr/\[foo: bar\]/ => 1, + qr/\[ok: yes\]/ => 0, + }, }, server => { func => \&http_server, diff --git a/regress/usr.sbin/relayd/args-http-filter-block.pl b/regress/usr.sbin/relayd/args-http-filter-block.pl index 10c6d437fd5..a3bf1ec66c2 100644 --- a/regress/usr.sbin/relayd/args-http-filter-block.pl +++ b/regress/usr.sbin/relayd/args-http-filter-block.pl @@ -1,4 +1,4 @@ -# test http connection with request block filter, tests lateconnect +# test http block use strict; use warnings; @@ -8,17 +8,19 @@ our %args = ( client => { func => sub { eval { http_client(@_) }; warn $@ }, loggrep => qr/Client missing http 3 response/, - lengths => \@lengths, + lengths => \@lengths, + mreqs => 1, }, relayd => { protocol => [ "http", - 'request path filter "/3"', + 'block request path "/3"', ], - loggrep => qr/rejecting request/, + loggrep => qr/Forbidden/, }, server => { func => \&http_server, lengths => (1, 2, 0), + mreqs => 3, }, ); diff --git a/regress/usr.sbin/relayd/args-http-filter-contentlength.pl b/regress/usr.sbin/relayd/args-http-filter-contentlength.pl index 70450528041..d72f99ddb4d 100644 --- a/regress/usr.sbin/relayd/args-http-filter-contentlength.pl +++ b/regress/usr.sbin/relayd/args-http-filter-contentlength.pl @@ -13,7 +13,7 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'block request path "/2"', ], loggrep => qr/done/, }, diff --git a/regress/usr.sbin/relayd/args-http-filter-cookie.pl b/regress/usr.sbin/relayd/args-http-filter-cookie.pl index e53f4ca9233..1bb6cd5c921 100644 --- a/regress/usr.sbin/relayd/args-http-filter-cookie.pl +++ b/regress/usr.sbin/relayd/args-http-filter-cookie.pl @@ -1,24 +1,33 @@ -# test http block +# test http block cookies use strict; use warnings; +my @lengths = (1, 2, 3, 4); +my @cookies = ("med=thx; domain=.foo.bar; path=/; expires=Mon, 27-Oct-2014 04:11:56 GMT;", "", "", ""); our %args = ( client => { - func => sub { eval { http_client(@_) }; warn $@ }, - loggrep => qr/Client missing http 251 response/, - cookie => "med=thx; domain=.foo.bar; path=/; expires=Mon, 27-Oct-2014 04:11:56 GMT;", - path => "anypath", - nocheck => 1, + func => \&http_client, + loggrep => { + qr/Client missing http 1 response/ => 1, + qr/Set-Cookie: a\=b\;/ => 3, + }, + cookies => \@cookies, + lengths => \@lengths, + httpnok => 1, + mreqs => 1, }, relayd => { protocol => [ "http", - 'request cookie filter "thx" from "med" log', + 'block request cookie log "med" value "thx"', + 'match response cookie append "a" value "b" tag "cookie"', + 'pass tagged "cookie"', ], - loggrep => qr/rejecting request, \[med: thx\]/, + loggrep => qr/Forbidden, \[Cookie: med=thx.*/, }, server => { - noserver => 1, + func => \&http_server, + mreqs => 3, nocheck => 1, }, ); diff --git a/regress/usr.sbin/relayd/args-http-filter-persistent.pl b/regress/usr.sbin/relayd/args-http-filter-persistent.pl index e906de1581e..e16c4f05028 100644 --- a/regress/usr.sbin/relayd/args-http-filter-persistent.pl +++ b/regress/usr.sbin/relayd/args-http-filter-persistent.pl @@ -10,15 +10,19 @@ our %args = ( func => sub { eval { http_client(@_) }; warn $@ }, lengths => \@lengths, loggrep => qr/Client missing http 2 response/, + mreqs => 1, + httpnok => 1, }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'block request path "/2"', ], - loggrep => qr/rejecting request/, + loggrep => qr/Forbidden/, }, server => { func => \&http_server, + mreqs => 7, + nocheck => 1, }, lengths => [251, 16384, 0, 1], md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-http-filter-put-contentlength.pl b/regress/usr.sbin/relayd/args-http-filter-put-contentlength.pl index 62a234943bb..691beb7d27f 100644 --- a/regress/usr.sbin/relayd/args-http-filter-put-contentlength.pl +++ b/regress/usr.sbin/relayd/args-http-filter-put-contentlength.pl @@ -14,7 +14,7 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'match request path "/2"', ], loggrep => qr/done/, }, diff --git a/regress/usr.sbin/relayd/args-http-filter-put.pl b/regress/usr.sbin/relayd/args-http-filter-put.pl index b988b793ea9..e1e57543b39 100644 --- a/regress/usr.sbin/relayd/args-http-filter-put.pl +++ b/regress/usr.sbin/relayd/args-http-filter-put.pl @@ -11,7 +11,7 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'block request path "/2"', ], loggrep => qr/done/, }, diff --git a/regress/usr.sbin/relayd/args-http-filter-url-digest.pl b/regress/usr.sbin/relayd/args-http-filter-url-digest.pl index c3739a80178..7bfd8af02fe 100644 --- a/regress/usr.sbin/relayd/args-http-filter-url-digest.pl +++ b/regress/usr.sbin/relayd/args-http-filter-url-digest.pl @@ -15,11 +15,11 @@ our %args = ( relayd => { protocol => [ "http", 'return error', - 'url filter digest 0ac8ccfc03317891ae2820de10ee2167d31ebd16 log', + 'block request url log digest 0ac8ccfc03317891ae2820de10ee2167d31ebd16', ], loggrep => { - qr/rejecting request \(403 Forbidden\)/ => 1, - qr/\[0ac8ccfc03317891ae2820de10ee2167d31ebd16:/ => 1, + qr/Forbidden \(403 Forbidden\)/ => 1, + qr/\[0ac8ccfc03317891ae2820de10ee2167d31ebd16\]/ => 1, }, }, server => { diff --git a/regress/usr.sbin/relayd/args-http-filter-url-file.pl b/regress/usr.sbin/relayd/args-http-filter-url-file.pl index 823794dd365..363769555e9 100644 --- a/regress/usr.sbin/relayd/args-http-filter-url-file.pl +++ b/regress/usr.sbin/relayd/args-http-filter-url-file.pl @@ -1,28 +1,38 @@ use strict; use warnings; -my @lengths = (1, 2, 4, 0, 3); +my @lengths = (1, 2, 4, 0, 3, 5); our %args = ( client => { - func => sub { eval { http_client(@_) }; warn $@ }, + func => \&http_client, lengths => \@lengths, - loggrep => qr/Forbidden/, + loggrep => { + qr/403 Forbidden/ => 2, + qr/Server: OpenBSD relayd/ => 2, + qr/Connection: close/ => 2, + qr/Content-Length\: 3/ => 0, + qr/Content-Length\: 4/ => 1, + }, + mreqs => 1, + httpnok => 1, }, relayd => { protocol => [ "http", 'return error', - 'label test_reject_label', - 'url filter file "$curdir/args-http-filter-url-file.in" log', - 'no label', + 'pass', + 'block request url log file "$curdir/args-http-filter-url-file.in" value "*" label "test_reject_label"', ], loggrep => { - qr/rejecting request/ => 1, - qr/\[test_reject_label\, foo\.bar\/0\:/ => 1 + qr/Forbidden/ => 2, + qr/\[test_reject_label\, foo\.bar\/0\]/ => 1, + qr/\[test_reject_label\, foo\.bar\/3\]/ => 1, }, }, server => { func => \&http_server, lengths => (1, 2, 4), + mreqs => 4, + nocheck => 1, }, ); diff --git a/regress/usr.sbin/relayd/args-http-filter-url.pl b/regress/usr.sbin/relayd/args-http-filter-url.pl index 534be4c7597..c50ec56ed00 100644 --- a/regress/usr.sbin/relayd/args-http-filter-url.pl +++ b/regress/usr.sbin/relayd/args-http-filter-url.pl @@ -15,11 +15,11 @@ our %args = ( relayd => { protocol => [ "http", 'return error', - 'request url filter "foo.bar/a/b/" log', + 'block request url log "foo.bar/a/b/"', ], loggrep => { - qr/rejecting request \(403 Forbidden\)/ => 1, - qr/\[foo.bar\/a\/b\/:/ => 1, + qr/Forbidden \(403 Forbidden\)/ => 1, + qr/\[foo.bar\/a\/b\// => 1, }, }, server => { diff --git a/regress/usr.sbin/relayd/args-http-filter.pl b/regress/usr.sbin/relayd/args-http-filter.pl index db71a52a8fa..bf282f7b998 100644 --- a/regress/usr.sbin/relayd/args-http-filter.pl +++ b/regress/usr.sbin/relayd/args-http-filter.pl @@ -10,7 +10,7 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'match request path "/2"', ], loggrep => qr/done/, }, diff --git a/regress/usr.sbin/relayd/args-http-hash.pl b/regress/usr.sbin/relayd/args-http-hash.pl index da557eaae84..08c070244f2 100644 --- a/regress/usr.sbin/relayd/args-http-hash.pl +++ b/regress/usr.sbin/relayd/args-http-hash.pl @@ -11,12 +11,13 @@ our %args = ( relayd => { table => 1, protocol => [ "http", - 'path hash "/query" log', + 'match request path hash "/query"', + 'match request path log "/query"', ], relay => 'forward to <table-$test> port $connectport', loggrep => { qr/ (?:done|last write \(done\)), \[\/query: foobar\]/ => 1, - qr/relay_handle_http: hash 0xfde460be/ => 1, + qr/hashkey 0x7dc0306a/ => 1, }, }, server => { diff --git a/regress/usr.sbin/relayd/args-http-label.pl b/regress/usr.sbin/relayd/args-http-label.pl index 5185d73f529..94a7a4ff697 100644 --- a/regress/usr.sbin/relayd/args-http-label.pl +++ b/regress/usr.sbin/relayd/args-http-label.pl @@ -4,18 +4,20 @@ use warnings; our %args = ( client => { func => \&http_client, - loggrep => qr/403 Forbidden/, + loggrep => { + qr/403 Forbidden/ => 1, + qr/Content-Type: text\/html/ => 1 + }, path => "query?foo=bar&ok=yes", httpnok => 1, }, relayd => { protocol => [ "http", 'return error', - 'label "expect_foobar_label"', - 'request query filter "bar" from "foo" log', - 'no label', + 'block', + 'match request query log "foo" value "bar" label "expect_foobar_label"', ], - loggrep => qr/.*403 Forbidden.*expect_foobar_label.*foo: bar/, + loggrep => qr/Forbidden.*403 Forbidden.*expect_foobar_label.*foo: bar/, }, server => { noserver => 1, diff --git a/regress/usr.sbin/relayd/args-http-log.pl b/regress/usr.sbin/relayd/args-http-log.pl index 00f0180fdd5..887c6c7651d 100644 --- a/regress/usr.sbin/relayd/args-http-log.pl +++ b/regress/usr.sbin/relayd/args-http-log.pl @@ -9,9 +9,13 @@ our %args = ( }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log Host", + "match response header log Server", ], + loggrep => { + qr/\[Host: foo.bar\]/ => 1, + qr/\[Server: Perl\/[^\s]+\s*\]/ => 1, + }, }, server => { func => \&http_server, diff --git a/regress/usr.sbin/relayd/args-http-mark-marked.pl b/regress/usr.sbin/relayd/args-http-mark-marked.pl index 6aadeb6ac24..b5a3752a1b7 100644 --- a/regress/usr.sbin/relayd/args-http-mark-marked.pl +++ b/regress/usr.sbin/relayd/args-http-mark-marked.pl @@ -3,19 +3,18 @@ use warnings; our %args = ( client => { - noclient => 1, - nocheck => 1, + func => \&http_client, + len => 33, }, relayd => { protocol => [ "http", - 'request path mark "*" with 99 marked 55', + 'match request path "/3*" value "*" tag RING0', + 'match request tagged RING0 tag RINGX', ], - loggrep => { "either mark or marked" => 1 }, - dryrun => "relayd.conf:4: either mark or marked", + loggrep => { ", RINGX,.*done" => 1 }, }, server => { - noserver => 1, - nocheck => 1, + func => \&http_server, }, ); diff --git a/regress/usr.sbin/relayd/args-http-mark.pl b/regress/usr.sbin/relayd/args-http-mark.pl index 84a6345b01a..960bf9031b9 100644 --- a/regress/usr.sbin/relayd/args-http-mark.pl +++ b/regress/usr.sbin/relayd/args-http-mark.pl @@ -8,14 +8,14 @@ our %args = ( }, relayd => { protocol => [ "http", - 'request path mark "*" from "/foobar" with 55', - 'request header append "bar" to "foo" marked 55', + 'match request path "/foobar" value "*" tag RING0', + 'block request', + 'pass request quick tagged RING0', ], - loggrep => { ", 55,.*done" => 1 }, + loggrep => { ", RING0,.*done" => 1 }, }, server => { func => \&http_server, - loggrep => { "foo: bar" => 1 }, }, ); diff --git a/regress/usr.sbin/relayd/args-http-persistent.pl b/regress/usr.sbin/relayd/args-http-persistent.pl index 59362bc8ad5..9e38dbb5f14 100644 --- a/regress/usr.sbin/relayd/args-http-persistent.pl +++ b/regress/usr.sbin/relayd/args-http-persistent.pl @@ -8,15 +8,18 @@ our %args = ( client => { func => \&http_client, lengths => \@lengths, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log foo", + "match response header log bar", ], + loggrep => qr/\, done/, }, server => { func => \&http_server, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-http-put.pl b/regress/usr.sbin/relayd/args-http-put.pl index 302fe483596..32a95e25bcd 100644 --- a/regress/usr.sbin/relayd/args-http-put.pl +++ b/regress/usr.sbin/relayd/args-http-put.pl @@ -9,15 +9,18 @@ our %args = ( func => \&http_client, lengths => \@lengths, method => "PUT", + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log foo", + "match response header log bar", ], + loggrep => qr/\, done/, }, server => { func => \&http_server, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-http-remove.pl b/regress/usr.sbin/relayd/args-http-remove.pl index 3a87684dd8e..cee6e5ae9c4 100644 --- a/regress/usr.sbin/relayd/args-http-remove.pl +++ b/regress/usr.sbin/relayd/args-http-remove.pl @@ -8,6 +8,7 @@ my %header = ( our %args = ( client => { func => \&http_client, + nocheck => 1, loggrep => { "X-Header-Foo: foo" => 0, "X-Header-Bar: bar" => 1, @@ -15,9 +16,10 @@ our %args = ( }, relayd => { protocol => [ "http", - 'response header remove X-Header-Foo log', + 'match response header remove X-Header-Foo', + 'match response header log "*"', ], - loggrep => { qr/ (?:done|last write \(done\)), \[X-Header-Foo: foo\s*\]/ => 1 }, + loggrep => { qr/ (?:done|last write \(done\)), \[X-Header-Foo: foo \*removed\*\s*\]/ => 1 }, }, server => { func => \&http_server, diff --git a/regress/usr.sbin/relayd/args-http-return.pl b/regress/usr.sbin/relayd/args-http-return.pl index 3d06bd7588d..686729f1291 100644 --- a/regress/usr.sbin/relayd/args-http-return.pl +++ b/regress/usr.sbin/relayd/args-http-return.pl @@ -12,13 +12,11 @@ our %args = ( relayd => { protocol => [ "http", 'return error', - 'label "expect_foobar_return_test"', - 'request query expect "baz" from "foo" log', - 'no label', + 'pass', + 'block request query log "foo" value "bar" label \ + "expect_foobar_return_test"', ], - loggrep => { - ' \(403 Forbidden\), \[expect_foobar_return_test, foo: bar\]' => 1 - }, + loggrep => { 'Forbidden \(403 Forbidden\), \[expect_foobar_return_test, foo: bar\]' => 1 }, }, server => { noserver => 1, diff --git a/regress/usr.sbin/relayd/args-https-chunked.pl b/regress/usr.sbin/relayd/args-https-chunked.pl index fb8d58238d6..af66cf4e1d2 100644 --- a/regress/usr.sbin/relayd/args-https-chunked.pl +++ b/regress/usr.sbin/relayd/args-https-chunked.pl @@ -9,19 +9,24 @@ our %args = ( func => \&http_client, lengths => \@lengths, ssl => 1, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log Transfer-Encoding", + "match request header log foo", + "match response header log Transfer-Encoding", ], - loggrep => { "log 'Transfer-Encoding: chunked'" => 2 }, + loggrep => { + "Transfer-Encoding: chunked" => 2, + qr/\[\(null\)\]/ => 0, + }, forwardssl => 1, listenssl => 1, }, server => { func => \&http_server, ssl => 1, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-https-contentlength.pl b/regress/usr.sbin/relayd/args-https-contentlength.pl index 33d1bff9906..611c2877fa9 100644 --- a/regress/usr.sbin/relayd/args-https-contentlength.pl +++ b/regress/usr.sbin/relayd/args-https-contentlength.pl @@ -9,19 +9,21 @@ our %args = ( func => \&http_client, lengths => \@lengths, ssl => 1, + mreqs => 1 }, relayd => { protocol => [ "http", - "request header log foo", - "response header log Content-Length", + "match request header log foo", + "match response header log Content-Length", ], - loggrep => [ map { "log 'Content-Length: $_'" } @lengths ], + loggrep => [ map { "Content-Length: $_" } @lengths ], forwardssl => 1, listenssl => 1, }, server => { func => \&http_server, ssl => 1, + mreqs => scalar(@lengths), }, lengths => \@lengths, ); diff --git a/regress/usr.sbin/relayd/args-https-filter-persistent.pl b/regress/usr.sbin/relayd/args-https-filter-persistent.pl index 157834c825d..d087182f6e5 100644 --- a/regress/usr.sbin/relayd/args-https-filter-persistent.pl +++ b/regress/usr.sbin/relayd/args-https-filter-persistent.pl @@ -11,14 +11,16 @@ our %args = ( lengths => \@lengths, loggrep => qr/Client missing http 2 response/, ssl => 1, + mreqs => 1, + httpnok => 1, }, relayd => { protocol => [ "http", - 'request path filter "/2"', + 'block request path "/2"', ], loggrep => [ - qr/ssl, ssl client/, - qr/rejecting request/, + qr/ssl, ssl client/ => 1, + qr/Forbidden/ => 1, ], forwardssl => 1, listenssl => 1, @@ -26,6 +28,8 @@ our %args = ( server => { func => \&http_server, ssl => 1, + mreqs => 7, + nocheck => 1, }, lengths => [251, 16384, 0, 1], md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-https-persistent.pl b/regress/usr.sbin/relayd/args-https-persistent.pl index b53985b0783..44ace4ef395 100644 --- a/regress/usr.sbin/relayd/args-https-persistent.pl +++ b/regress/usr.sbin/relayd/args-https-persistent.pl @@ -9,18 +9,21 @@ our %args = ( func => \&http_client, lengths => \@lengths, ssl => 1, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log foo", + "match response header log bar", ], + loggrep => qr/\, done/, forwardssl => 1, listenssl => 1, }, server => { func => \&http_server, ssl => 1, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-https-put.pl b/regress/usr.sbin/relayd/args-https-put.pl index c8a8cef328e..e393dc3210b 100644 --- a/regress/usr.sbin/relayd/args-https-put.pl +++ b/regress/usr.sbin/relayd/args-https-put.pl @@ -10,18 +10,21 @@ our %args = ( lengths => \@lengths, method => "PUT", ssl => 1, + mreqs => 1, }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log foo", + "match response header log bar", ], forwardssl => 1, listenssl => 1, + loggrep => qr/\, done/, }, server => { func => \&http_server, ssl => 1, + mreqs => scalar(@lengths), }, lengths => \@lengths, md5 => "bc3a3f39af35fe5b1687903da2b00c7f", diff --git a/regress/usr.sbin/relayd/args-https.pl b/regress/usr.sbin/relayd/args-https.pl index 90f1141a3e1..ed2c9212406 100644 --- a/regress/usr.sbin/relayd/args-https.pl +++ b/regress/usr.sbin/relayd/args-https.pl @@ -10,8 +10,8 @@ our %args = ( }, relayd => { protocol => [ "http", - "request header log foo", - "response header log bar", + "match request header log foo", + "match response header log bar", ], forwardssl => 1, listenssl => 1, diff --git a/regress/usr.sbin/relayd/args-timeout-http.pl b/regress/usr.sbin/relayd/args-timeout-http.pl index 6cc33be4712..b1899206f2c 100644 --- a/regress/usr.sbin/relayd/args-timeout-http.pl +++ b/regress/usr.sbin/relayd/args-timeout-http.pl @@ -16,8 +16,8 @@ our %args = ( func => sub { errignore(); http_server(@_); - sleep 4; - write_char(@_, 4); + sleep 5; + write_char(@_, 5); }, sleep => 1, down => "Broken pipe", diff --git a/regress/usr.sbin/relayd/funcs.pl b/regress/usr.sbin/relayd/funcs.pl index 01c24ce9ba7..b0cfffca67c 100644 --- a/regress/usr.sbin/relayd/funcs.pl +++ b/regress/usr.sbin/relayd/funcs.pl @@ -1,4 +1,4 @@ -# $OpenBSD: funcs.pl,v 1.11 2014/06/22 14:18:01 bluhm Exp $ +# $OpenBSD: funcs.pl,v 1.12 2014/07/09 16:48:55 reyk Exp $ # Copyright (c) 2010-2013 Alexander Bluhm <bluhm@openbsd.org> # @@ -24,6 +24,7 @@ use Socket; use Socket6; use IO::Socket; use IO::Socket::INET6; +use IO::Socket::SSL; sub find_ports { my %args = @_; @@ -44,6 +45,41 @@ sub find_ports { return @ports; } +sub client_connect { + my $self = shift; + + $SSL_ERROR = ""; + my $iosocket = $self->{ssl} ? "IO::Socket::SSL" : "IO::Socket::INET6"; + my $cs = $iosocket->new( + Proto => "tcp", + Domain => $self->{connectdomain}, + PeerAddr => $self->{connectaddr}, + PeerPort => $self->{connectport}, + SSL_verify_mode => SSL_VERIFY_NONE, + ) or die ref($self), " $iosocket socket connect failed: $!,$SSL_ERROR"; + print STDERR "connect sock: ",$cs->sockhost()," ",$cs->sockport(),"\n"; + print STDERR "connect peer: ",$cs->peerhost()," ",$cs->peerport(),"\n"; + + $self->{stdout} = *STDOUT; + $self->{stdin} = *STDIN; + *STDIN = *STDOUT = $self->{cs} = $cs; +} + +sub client_disconnect { + my $self = shift; + my $cs = $self->{cs}; + + *STDOUT = $self->{stdout}; + *STDIN = $self->{stdin}; + + print STDERR "shutdown sock: ",$cs->sockhost()," ",$cs->sockport(),"\n"; + print STDERR "shutdown peer: ",$cs->peerhost()," ",$cs->peerport(),"\n"; + + IO::Handle::flush(\*STDOUT); + IO::Handle::flush($cs); + $cs->shutdown(SHUT_RDWR); +} + ######################################################################## # Client funcs ######################################################################## @@ -90,9 +126,15 @@ sub http_client { my $vers = $self->{lengths} ? "1.1" : "1.0"; my $method = $self->{method} || "GET"; my %header = %{$self->{header} || {}}; - my $cookie = $self->{cookie} || ""; + my @cookies = $self->{cookies} ? @{$self->{cookies}} : + ($self->{cookie} ? @{$self->{cookie}} : ()); + my $c = 0; foreach my $len (@lengths) { + my $cookie = ($c < scalar(@cookies) && length($cookies[$c])) ? + $cookies[$c] : ""; + ++$c; + $self->{mreqs} && client_connect($self); # encode the requested length or chunks into the url my $path = ref($len) eq 'ARRAY' ? join("/", @$len) : $len; # overwrite path with custom path @@ -105,8 +147,7 @@ sub http_client { if $vers eq "1.1" && $method eq "PUT" && !defined $header{'Content-Length'}; push @request, "$_: $header{$_}" foreach sort keys %header; - push @request, "Cookie: $cookie" - if $cookie ne ""; + push @request, "Cookie: $cookie" if $cookie ne ""; push @request, ""; print STDERR map { ">>> $_\n" } @request; print map { "$_\r\n" } @request; @@ -122,16 +163,18 @@ sub http_client { local $/ = "\r\n"; local $_ = <STDIN>; defined - or die ref($self), " missing http $len response"; - chomp; - print STDERR "<<< $_\n"; - m{^HTTP/$vers 200 OK$} - or die ref($self), " http response not ok" - unless $self->{httpnok}; + or print STDERR ref($self), + " missing http $len response\n"; + chomp if defined; + print STDERR "<<< $_\n" if defined; + die ref($self), " http response not ok" + if (!defined or !m{^HTTP/$vers 200 OK$}) && + !$self->{httpnok}; while (<STDIN>) { chomp; print STDERR "<<< $_\n"; last if /^$/; + last if /^X-Chunk-Trailer:.*/; if (/^Content-Length: (.*)/) { $1 == $len or die ref($self), " bad content length $1"; @@ -147,6 +190,7 @@ sub http_client { read_char($self, $vers eq "1.1" ? $len : undef) if $method eq "GET"; } + $self->{mreqs} && client_disconnect($self); } } @@ -227,13 +271,43 @@ sub read_char { print STDERR "MD5: ", $ctx->hexdigest, "\n"; } +sub server_accept { + my $self = shift; + my $iosocket = $self->{ssl} ? "IO::Socket::SSL" : "IO::Socket::INET6"; + my $as = $self->{ls}->accept() + or die ref($self), " $iosocket socket accept failed: $!"; + print STDERR "accept sock: ",$as->sockhost()," ",$as->sockport(),"\n"; + print STDERR "accept peer: ",$as->peerhost()," ",$as->peerport(),"\n"; + + $self->{stdout} = *STDOUT; + $self->{stdin} = *STDIN; + *STDIN = *STDOUT = $self->{as} = $as; +} + +sub server_disconnect { + my $self = shift; + my $as = $self->{as}; + *STDOUT = $self->{stdout}; + *STDIN = $self->{stdin}; + + print STDERR "shutdown sock: ",$as->sockhost()," ",$as->sockport(),"\n"; + print STDERR "shutdown peer: ",$as->peerhost()," ",$as->peerport(),"\n"; + + IO::Handle::flush(\*STDOUT); + IO::Handle::flush($as); +# $as->shutdown(SHUT_RDWR); + IO::Handle::close($as); +} + sub http_server { my $self = shift; - my %header = %{$self->{header} || {}}; + my %header = %{$self->{header} || { Server => "Perl/".$^V }}; my $cookie = $self->{cookie} || ""; + my $reqsc = $self->{mreqs} || 0; my($method, $url, $vers); do { + $self->{mreqs} && server_accept($self); my $len; { local $/ = "\r\n"; @@ -290,6 +364,10 @@ sub http_server { write_char($self, $len) if $method eq "GET"; } IO::Handle::flush(\*STDOUT); + if ($self->{mreqs}) { + server_disconnect($self); + --$reqsc > 0 or return; + } } while ($vers eq "1.1"); } |