From b46aad6df449445a9fc4aa7b32bd40005438e3f7 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 13 Apr 2024 14:18:05 +0200 Subject: Adding upstream version 2.9.5. Signed-off-by: Daniel Baumann --- .../connection/proxy_protocol_random_fail.vtc | 59 ++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 reg-tests/connection/proxy_protocol_random_fail.vtc (limited to 'reg-tests/connection/proxy_protocol_random_fail.vtc') diff --git a/reg-tests/connection/proxy_protocol_random_fail.vtc b/reg-tests/connection/proxy_protocol_random_fail.vtc new file mode 100644 index 0000000..1ae33de --- /dev/null +++ b/reg-tests/connection/proxy_protocol_random_fail.vtc @@ -0,0 +1,59 @@ +#commit b406b87 +# BUG/MEDIUM: connection: don't store recv() result into trash.data +# +# Cyril Bonté discovered that the proxy protocol randomly fails since +# commit 843b7cb ("MEDIUM: chunks: make the chunk struct's fields match +# the buffer struct"). This is because we used to store recv()'s return +# code into trash.data which is now unsigned, so it never compares as +# negative against 0. Let's clean this up and test the result itself +# without storing it first. + +varnishtest "PROXY protocol random failures" +#REQUIRE_OPTIONS=OPENSSL + +feature ignore_unknown_macro + +#REGTEST_TYPE=broken + +syslog Slog_1 -repeat 8 -level info { + recv + expect ~ "Connect from .* to ${h1_ssl_addr}:${h1_ssl_port}" + recv + expect ~ "ssl-offload-http/http .* \"POST (https://.*:${h1_ssl_port})?/[1-8] HTTP/(2\\.0|1\\.1)\"" +} -start + +haproxy h1 -conf { + global + tune.ssl.default-dh-param 2048 + log ${Slog_1_addr}:${Slog_1_port} len 2048 local0 debug err + + defaults + mode http + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + log global + + listen http + bind unix@"${tmpdir}/http.socket" accept-proxy name ssl-offload-http + option forwardfor + + listen ssl-offload-http + option httplog + bind "fd@${ssl}" ssl crt ${testdir}/common.pem ssl no-sslv3 alpn h2,http/1.1 + server http unix@"${tmpdir}/http.socket" send-proxy +} -start + + +shell { + HOST=${h1_ssl_addr} + if [ "$HOST" = "::1" ] ; then + HOST="\[::1\]" + fi + for i in 1 2 3 4 5 6 7 8 ; do + urls="$urls https://$HOST:${h1_ssl_port}/$i" + done + curl -i -k -d 'x=x' $urls & wait $! +} + +syslog Slog_1 -wait -- cgit v1.2.3