1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
|
varnishtest "mqtt converters Test"
#REQUIRE_VERSION=2.4
feature ignore_unknown_macro
server s1 {
# MQTT 3.1.1 CONNECT packet (id: test_subaaaaaa... [len = 200])
recv 215
sendhex "20020000"
close
# MQTT 3.1.1 CONNECT packet (id: <empty> - username: test - passwd: passwd)
accept
recv 28
sendhex "20020000"
close
# MQTT 3.1.1 CONNECT packet (id: test_sub - username: test - passwd: passwd - will_topic: willtopic - will_payload: willpayload)
accept
recv 60
sendhex "20020000"
close
# MQTT 5.0 CONNECT packet (id: test_sub)
accept
recv 26
sendhex "200600000322000a"
# MQTT 5.0 CONNECT packet (id: test_sub - username: test - passwd: passwd)
accept
recv 40
sendhex "200600000322000a"
# MQTT 5.0 complex CONNECT/CONNACK packet
accept
recv 128
sendhex "20250000221100000078217fff24012501270000ffff22000a2600016100016226000163000164"
close
# Invalid MQTT 3.1.1 CONNACK packet with invalid flags (!= 0x00)
accept
recv 22
sendhex "21020000"
expect_close
# MQTT 3.1 CONNECT packet (id: test_sub - username: test - passwd: passwd)
accept
recv 38
sendhex "20020000"
} -start
server s2 {
# MQTT 5.0 complex CONNECT packet
recv 128
sendhex "20250000221100000078217fff24012501270000ffff22000a2600016100016226000163000164"
} -start
haproxy h1 -conf {
defaults
mode tcp
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
frontend fe1
bind "fd@${fe1}"
tcp-request inspect-delay 1s
tcp-request content reject unless { req.payload(0,0),mqtt_is_valid }
default_backend be1
frontend fe2
bind "fd@${fe2}"
tcp-request inspect-delay 1s
tcp-request content reject unless { req.payload(0,0),mqtt_is_valid }
tcp-request content set-var(req.flags) req.payload(0,0),mqtt_field_value(connect,flags)
tcp-request content set-var(req.protoname) req.payload(0,0),mqtt_field_value(connect,protocol_name)
tcp-request content set-var(req.protovsn) req.payload(0,0),mqtt_field_value(connect,protocol_version)
tcp-request content set-var(req.clientid) req.payload(0,0),mqtt_field_value(connect,client_identifier)
tcp-request content set-var(req.willtopic) req.payload(0,0),mqtt_field_value(connect,will_topic)
tcp-request content set-var(req.willbody) req.payload(0,0),mqtt_field_value(connect,will_payload)
tcp-request content set-var(req.user) req.payload(0,0),mqtt_field_value(connect,username)
tcp-request content set-var(req.pass) req.payload(0,0),mqtt_field_value(connect,password)
tcp-request content set-var(req.maxpktsz) req.payload(0,0),mqtt_field_value(connect,39)
tcp-request content set-var(req.reqpbinfo) req.payload(0,0),mqtt_field_value(connect,23)
tcp-request content set-var(req.ctype) req.payload(0,0),mqtt_field_value(connect,3)
tcp-request content set-var(req.willrsptopic) req.payload(0,0),mqtt_field_value(connect,8)
tcp-request content reject if ! { var(req.protoname) -m str "MQTT" } || ! { var(req.protovsn) -m str "5" }
tcp-request content reject if ! { var(req.flags) -m str "238" } || ! { var(req.clientid) -m str "test_sub" }
tcp-request content reject if ! { var(req.user) -m str "test" } || ! { var(req.pass) -m str "passwd" }
tcp-request content reject if ! { var(req.willtopic) -m str "willtopic" } || ! { var(req.willbody) -m str "willpayload" }
tcp-request content reject if ! { var(req.maxpktsz) -m str "20" } || ! { var(req.reqpbinfo) -m str "1" }
tcp-request content reject if ! { var(req.ctype) -m str "text/plain" } || ! { var(req.willrsptopic) -m str "willrsptopic" }
default_backend be2
backend be1
server s1 ${s1_addr}:${s1_port}
tcp-response inspect-delay 1s
tcp-response content reject unless { res.payload(0,0),mqtt_is_valid }
backend be2
server s2 ${s2_addr}:${s2_port}
tcp-response inspect-delay 1s
tcp-response content reject unless { res.payload(0,0),mqtt_is_valid }
tcp-response content set-var(res.flags) res.payload(0,0),mqtt_field_value(connack,flags)
tcp-response content set-var(res.protovsn) res.payload(0,0),mqtt_field_value(connack,protocol_version)
tcp-response content set-var(res.rcode) res.payload(0,0),mqtt_field_value(connack,reason_code)
tcp-response content set-var(res.sessexpint) res.payload(0,0),mqtt_field_value(connack,17)
tcp-response content set-var(res.recvmax) res.payload(0,0),mqtt_field_value(connack,33)
tcp-response content set-var(res.maxqos) res.payload(0,0),mqtt_field_value(connack,36)
tcp-response content set-var(res.retainavail) res.payload(0,0),mqtt_field_value(connack,37)
tcp-response content set-var(res.maxpktsz) res.payload(0,0),mqtt_field_value(connack,39)
tcp-response content set-var(res.topicaliasmax) res.payload(0,0),mqtt_field_value(connack,34)
tcp-response content reject if ! { var(res.protovsn) -m str "5" } || ! { var(res.flags) -m str "0" }
tcp-response content reject if ! { var(res.rcode) -m str "0" } || ! { var(res.sessexpint) -m str "120" }
tcp-response content reject if ! { var(res.recvmax) -m str "32767" } || ! { var(res.maxqos) -m str "1" }
tcp-response content reject if ! { var(res.retainavail) -m str "1" } || ! { var(res.maxpktsz) -m str "65535" }
tcp-response content reject if ! { var(res.topicaliasmax) -m str "10" }
} -start
client c1_311_1 -connect ${h1_fe1_sock} {
# Valid MQTT 3.1.1 CONNECT packet (id: test_sub)
sendhex "10d40100044d5154540402003c00c8746573745f737562616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161"
recv 4
expect_close
} -run
client c1_311_2 -connect ${h1_fe1_sock} {
# Valid MQTT 3.1.1 CONNECT packet (id: <empty> - username: test - passwd: passwd)
sendhex "101a00044d51545404c2003c00000004746573740006706173737764"
recv 4
expect_close
} -run
client c1_311_3 -connect ${h1_fe1_sock} {
# Valid MQTT 3.1.1 CONNECT packet (id: test_sub - username: test - passwd: passwd - will_topic: willtopic - will_payload: willpayload)
sendhex "103a00044d51545404ee003c0008746573745f737562000977696c6c746f706963000b77696c6c7061796c6f61640004746573740006706173737764"
recv 4
expect_close
} -run
client c1_50_1 -connect ${h1_fe1_sock} {
# Valid MQTT 5.0 CONNECT packet (id: test_sub)
sendhex "101800044d5154540502003c032100140008746573745f737562"
recv 8
expect_close
} -run
client c1_50_2 -connect ${h1_fe1_sock} {
# Valid MQTT 5.0 CONNECT packet (id: test_sub - username: test - passwd: passwd)
sendhex "102600044d51545405c2003c032100140008746573745f7375620004746573740006706173737764"
recv 8
expect_close
} -run
client c1_50_3 -connect ${h1_fe1_sock} {
# Valid MQTT 5.0 complex CONNECT/CONNACK packet
sendhex "107e00044d51545405ee003c182700000014170126000161000162260001630001642100140008746573745f7375622a03000a746578742f706c61696e08000c77696c6c727370746f7069632600016500016626000167000168000977696c6c746f706963000b77696c6c7061796c6f61640004746573740006706173737764"
recv 39
expect_close
} -run
client c2_311_1 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 PINREQ
sendhex "d000"
expect_close
} -run
client c2_311_2 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 CONNECT packet with invalid flags (!= 0x00)
sendhex "111400044d5154540402003c0008746573745f737562"
expect_close
} -run
client c2_311_3 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 CONNACK packet with invalid flags (!= 0x00)
sendhex "101400044d5154540402003c0008746573745f737562"
expect_close
} -run
client c2_311_4 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 CONNECT with too long remaing_length ( > 4 bytes)
sendhex "10ffffffff1400044d5154540402003c0008746573745f737562"
expect_close
} -run
client c2_311_4 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 CONNECT with not matching ( 0x13 != 0x14)
sendhex "101300044d5154540402003c000874657374a5f737562"
expect_close
} -run
client c2_311_4 -connect ${h1_fe1_sock} {
# Invalid MQTT 3.1.1 CONNECT with not matching ( 0x18 != 0x14)
sendhex "101800044d5154540402003c000874657374a5f737562ffffffff"
expect_close
} -run
client c2_50_1 -connect ${h1_fe2_sock} {
# complex MQTT 5.0 CONNECT/CONNACK packet
# - CONNECT :
# client-id : test_sub
# username : test
# password : passwd
# will-topic : willtopic
# will-payload: willpayload
# connect props:
# maximum-packet-size : 20
# request-problem-information: 1
# user-property : name=a value=b
# user-property : name=c value=d
# will props:
# content-type : text/plain
# response-topic: willrsptopic
# user-property : name=e value=f
# user-property : name=g value=h
# - CONNACK :
# flags : 0x00
# reason-code: 0x00
# connack props:
# session-Expiry-interval: 120
# receive-maximum : 32767
# maximum-qos : 1
# retain-available : 1
# maximum-packet-size : 65535
# topic-alias-maximum : 10
# user-property : name=a value=b
# user-property : name=c value=d
sendhex "107e00044d51545405ee003c182700000014170126000161000162260001630001642100140008746573745f7375622a03000a746578742f706c61696e08000c77696c6c727370746f7069632600016500016626000167000168000977696c6c746f706963000b77696c6c7061796c6f61640004746573740006706173737764"
recv 39
expect_close
} -run
client c3_31_1 -connect ${h1_fe1_sock} {
# Valid MQTT 3.1 CONNECT packet (id: test_sub - username: test - passwd: passwd)
sendhex "102400064d514973647003c200000008746573745f7375620004746573740006706173737764"
recv 4
} -run
|
