Blame - reg-tests/http-messaging/h1_host_normalization.vtc - haproxy

blob: 2660c1650132d37030bb0d20dc979b5a24423c62 [file] [log] [blame]

Christopher Faulet	3f5fbe9	2022-07-05 14:50:17 +0200	[diff] [blame]	1	varnishtest "H1 authority validation and host normalizarion based on the scheme (rfc3982 6.3.2) or the method (connect)"
				2
				3	feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6-dev0)'"
				4	feature ignore_unknown_macro
				5
				6	syslog S1 -level info {
				7	# C1
				8	recv
				9	expect ~ "^.* uri: GET http://toto:poue@hostname/c1 HTTP/1.1; host: {hostname}$"
				10
				11	# C2
				12	recv
				13	expect ~ "^.* uri: GET http://hostname:8080/c2 HTTP/1.1; host: {hostname:8080}$"
				14
				15	# C3
				16	recv
				17	expect ~ "^.* uri: GET https://hostname/c3 HTTP/1.1; host: {hostname}$"
				18
				19	# C4
				20	recv
				21	expect ~ "^.* uri: GET https://hostname:80/c4 HTTP/1.1; host: {hostname:80}$"
				22
				23	# C5
				24	recv
				25	expect ~ "^.* uri: CONNECT toto:pouet@hostname:80 HTTP/1.1; host: {hostname}$"
				26	recv
				27	expect ~ "^.* uri: CONNECT toto:pouet@hostname:80 HTTP/1.1; host: {hostname}$"
				28
				29	# C6
				30	recv
				31	expect ~ "^.* uri: CONNECT hostname:443 HTTP/1.1; host: {hostname}$"
				32	recv
				33	expect ~ "^.* uri: CONNECT hostname:443 HTTP/1.1; host: {hostname}$"
				34
				35	recv
				36	expect ~ "^.* uri: CONNECT hostname:8443 HTTP/1.1; host: {hostname:8443}$"
				37	} -start
				38
				39	haproxy h1 -conf {
				40	defaults
				41	mode http
				42	timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
				43	timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
				44	timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
				45
				46	frontend fe
				47	bind "fd@${fe}"
				48
				49	http-request capture req.hdr(host) len 512
				50	log-format "uri: %r; host: %hr"
				51	log ${S1_addr}:${S1_port} len 2048 local0 debug err
				52
				53	http-request return status 200
				54	} -start
				55
				56	# default port 80 with http scheme => should be normalized
				57	# Be sure userinfo are skipped
				58	client c1 -connect ${h1_fe_sock} {
				59	txreq \
				60	-req "GET" \
				61	-url "http://toto:poue@hostname:80/c1" \
				62	-hdr "host: hostname:80"
				63
				64	rxresp
				65	expect resp.status == 200
				66	} -run
				67
				68	# port 8080 with http scheme => no normalization
				69	client c2 -connect ${h1_fe_sock} {
				70	txreq \
				71	-req "GET" \
				72	-url "http://hostname:8080/c2" \
				73	-hdr "host: hostname:8080"
				74
				75	rxresp
				76	expect resp.status == 200
				77	} -run
				78
				79	# default port 443 with https scheme => should be normalized
				80	client c3 -connect ${h1_fe_sock} {
				81	txreq \
				82	-req "GET" \
				83	-url "https://hostname:443/c3" \
				84	-hdr "host: hostname:443"
				85
				86	rxresp
				87	expect resp.status == 200
				88	} -run
				89
				90	# port 80 with https scheme => no normalization
				91	client c4 -connect ${h1_fe_sock} {
				92	txreq \
				93	-req "GET" \
				94	-url "https://hostname:80/c4" \
				95	-hdr "host: hostname:80"
				96
				97	rxresp
				98	expect resp.status == 200
				99	} -run
				100
				101	# CONNECT on port 80 => should be normalized
				102	# Be sure userinfo are skipped
				103	client c5 -connect ${h1_fe_sock} {
				104	txreq \
				105	-req "CONNECT" \
				106	-url "toto:pouet@hostname:80" \
				107	-hdr "host: hostname:80"
				108
				109	rxresp
				110	expect resp.status == 200
				111	} -run
				112	client c5 -connect ${h1_fe_sock} {
				113
				114	txreq \
				115	-req "CONNECT" \
				116	-url "toto:pouet@hostname:80" \
				117	-hdr "host: hostname"
				118
				119	rxresp
				120	expect resp.status == 200
				121	} -run
				122
				123	# CONNECT on port 443 => should be normalized
				124	client c6 -connect ${h1_fe_sock} {
				125	txreq \
				126	-req "CONNECT" \
				127	-url "hostname:443" \
				128	-hdr "host: hostname:443"
				129
				130	rxresp
				131	expect resp.status == 200
				132	} -run
				133	client c6 -connect ${h1_fe_sock} {
				134	txreq \
				135	-req "CONNECT" \
				136	-url "hostname:443" \
				137	-hdr "host: hostname"
				138
				139	rxresp
				140	expect resp.status == 200
				141	} -run
				142
				143	# CONNECT on port non-default port => no normalization
				144	client c7 -connect ${h1_fe_sock} {
				145	txreq \
				146	-req "CONNECT" \
				147	-url "hostname:8443" \
				148	-hdr "host: hostname:8443"
				149
				150	rxresp
				151	expect resp.status == 200
				152	} -run
				153
				154	# host miss-match => error
				155	client c8 -connect ${h1_fe_sock} {
				156	txreq \
				157	-req "GET" \
				158	-url "http://hostname1/" \
				159	-hdr "host: hostname2"
				160
				161	rxresp
				162	expect resp.status == 400
				163	} -run
				164
				165	# port miss-match => error
				166	client c9 -connect ${h1_fe_sock} {
				167	txreq \
				168	-req "GET" \
				169	-url "http://hostname:80/" \
				170	-hdr "host: hostname:81"
				171
				172	rxresp
				173	expect resp.status == 400
				174	} -run
				175
				176	# no host port with a non-default port in abs-uri => error
				177	client c10 -connect ${h1_fe_sock} {
				178	txreq \
				179	-req "GET" \
				180	-url "http://hostname:8080/" \
				181	-hdr "host: hostname"
				182
				183	rxresp
				184	expect resp.status == 400
				185	} -run
				186
				187	# non-default host port with a default in abs-uri => error
				188	client c11 -connect ${h1_fe_sock} {
				189	txreq \
				190	-req "GET" \
				191	-url "http://hostname/" \
				192	-hdr "host: hostname:81"
				193
				194	rxresp
				195	expect resp.status == 400
				196	} -run
				197
				198	# miss-match between host headers => error
				199	client c12 -connect ${h1_fe_sock} {
				200	txreq \
				201	-req "GET" \
				202	-url "http://hostname1/" \
				203	-hdr "host: hostname1" \
				204	-hdr "host: hostname2"
				205
				206	rxresp
				207	expect resp.status == 400
				208	} -run
				209
				210	# miss-match between host headers but with a normalization => error
				211	client c13 -connect ${h1_fe_sock} {
				212	txreq \
				213	-req "GET" \
				214	-url "http://hostname1/" \
				215	-hdr "host: hostname1:80" \
				216	-hdr "host: hostname1"
				217
				218	rxresp
				219	expect resp.status == 400
				220	} -run
				221
				222	# CONNECT authoriy without port => error
				223	client c14 -connect ${h1_fe_sock} {
				224	txreq \
				225	-req "CONNECT" \
				226	-url "hostname" \
				227	-hdr "host: hostname"
				228
				229	rxresp
				230	expect resp.status == 400
				231	} -run
				232
				233	# host miss-match with CONNECT => error
				234	client c15 -connect ${h1_fe_sock} {
				235	txreq \
				236	-req "CONNECT" \
				237	-url "hostname1:80" \
				238	-hdr "host: hostname2:80"
				239
				240	rxresp
				241	expect resp.status == 400
				242	} -run
				243
				244	# port miss-match with CONNECT => error
				245	client c16 -connect ${h1_fe_sock} {
				246	txreq \
				247	-req "CONNECT" \
				248	-url "hostname:80" \
				249	-hdr "host: hostname:443"
				250
				251	rxresp
				252	expect resp.status == 400
				253	} -run
				254
				255	# no host port with non-default port in CONNECT authority => error
				256	client c17 -connect ${h1_fe_sock} {
				257	txreq \
				258	-req "CONNECT" \
				259	-url "hostname:8080" \
				260	-hdr "host: hostname"
				261
				262	rxresp
				263	expect resp.status == 400
				264	} -run
				265
				266	# no authority => error
				267	client c18 -connect ${h1_fe_sock} {
				268	txreq \
				269	-req "CONNECT" \
				270	-url "/" \
				271	-hdr "host: hostname"
				272
				273	rxresp
				274	expect resp.status == 400
				275	} -run
				276
				277	syslog S1 -wait