blob: 983857733fe4f6ca64c29610ba3ba7aab4e48e4a [file] [log] [blame]
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +02001#commit b406b87
2# BUG/MEDIUM: connection: don't store recv() result into trash.data
3#
4# Cyril Bonté discovered that the proxy protocol randomly fails since
5# commit 843b7cb ("MEDIUM: chunks: make the chunk struct's fields match
6# the buffer struct"). This is because we used to store recv()'s return
7# code into trash.data which is now unsigned, so it never compares as
8# negative against 0. Let's clean this up and test the result itself
9# without storing it first.
10
11varnishtest "PROXY protocol random failures"
Ilya Shipitsin9ab31382019-04-17 12:19:56 +050012#REQUIRE_OPTIONS=OPENSSL
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020013
14feature ignore_unknown_macro
15
Willy Tarreau41378892020-11-21 15:33:03 +010016#REGTEST_TYPE=broken
Frédéric Lécailledc1a3bd2019-03-29 15:07:24 +010017
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020018syslog Slog_1 -repeat 8 -level info {
19 recv
20 expect ~ "Connect from .* to ${h1_ssl_addr}:${h1_ssl_port}"
21 recv
Christopher Faulet452e5782019-10-14 16:22:03 +020022 expect ~ "ssl-offload-http/http .* \"POST (https://.*:${h1_ssl_port})?/[1-8] HTTP/(2\\.0|1\\.1)\""
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020023} -start
24
25haproxy h1 -conf {
26 global
27 nbproc 4
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020028 tune.ssl.default-dh-param 2048
29 stats bind-process 1
30 log ${Slog_1_addr}:${Slog_1_port} len 2048 local0 debug err
31
32 defaults
33 mode http
Christopher Faulet8f161482018-12-19 11:49:39 +010034 ${no-htx} option http-use-htx
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020035 timeout client 1s
36 timeout server 1s
37 timeout connect 1s
38 log global
39
40 listen http
41 bind-process 1
Frédéric Lécaillea7029472018-12-20 09:55:44 +010042 bind unix@"${tmpdir}/http.socket" accept-proxy name ssl-offload-http
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020043 option forwardfor
44
45 listen ssl-offload-http
46 option httplog
47 bind-process 2-4
48 bind "fd@${ssl}" ssl crt ${testdir}/common.pem ssl no-sslv3 alpn h2,http/1.1
Frédéric Lécaillea7029472018-12-20 09:55:44 +010049 server http unix@"${tmpdir}/http.socket" send-proxy
Frédéric Lécailleafbfa2a2018-08-24 16:14:28 +020050} -start
51
52
53shell {
54 HOST=${h1_ssl_addr}
55 if [ "$HOST" = "::1" ] ; then
56 HOST="\[::1\]"
57 fi
58 for i in 1 2 3 4 5 6 7 8 ; do
59 urls="$urls https://$HOST:${h1_ssl_port}/$i"
60 done
61 curl -i -k -d 'x=x' $urls & wait $!
62}
63
64syslog Slog_1 -wait