Skip to content

Commit

Permalink
Update host parsing tests for PR 1862 (#446)
Browse files Browse the repository at this point in the history
  • Loading branch information
@RomanBelozerov
RomanBelozerov authored May 10, 2023
1 parent b39bd10 commit d3f6caa
Show file tree
Hide file tree
Showing 12 changed files with 532 additions and 110 deletions.
23 changes: 7 additions & 16 deletions forwarding/test_match_host_forwarded.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,44 +115,35 @@ class TestMatchHost(tester.TempestaTest):
"uri": "/foo",
"headers": [
("Host", "testwiki.com"), # <--must be matched by "host eq"
("Forwarded", "host=testapp.com"),
("Forwarded", "host=forwarded.host.ignored"),
],
"block": False,
"sid": 1,
},
{
"uri": "/foo",
"headers": [
("Host", "unkhost.com"),
("Forwarded", "host=testapp.com"), # <--must be matched by "host eq"
("Host", "TesTaPp.cOm"), # <--must be matched by "host eq"
("Forwarded", "HoSt=forwarded.host.ignored"),
],
"block": False,
"sid": 2,
},
{
"uri": "/foo",
"headers": [
("Host", "unkhost.com"),
("Forwarded", "HoSt=TesTaPp.cOm"), # <--must be matched by "host eq"
],
"block": False,
"sid": 2,
},
{
"uri": "/foo",
"headers": [
("Host", "unkhost.com"),
("Host", "[fd80::1cb2:ad12:ca16:98ef]:8080"), # <--must be matched by "host eq"
(
"Forwarded",
'host="[fd80::1cb2:ad12:ca16:98ef]:8080"',
), # <--must be matched by "host eq"
'host="forwarded.host.ignored"',
),
],
"block": False,
"sid": 2,
},
{
"uri": "/foo",
"headers": [("Host", "badhost.com"), ("Forwarded", "host=testapp.com")],
"headers": [("Host", "badhost.com"), ("Forwarded", "host=forwarded.host.ignored")],
"block": True,
"sid": 0,
},
Expand Down
99 changes: 99 additions & 0 deletions http2_general/test_h2_headers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -343,6 +343,105 @@ def test_request_with_some_data(self):
self.assertIn(response_header, client.last_response.headers.headers)


class TestH2Host(H2Base):
def test_host_missing(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[
(":path", "/"),
(":scheme", "https"),
(":method", "GET"),
],
expected_status_code="400",
)

def test_empty_authority_header(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[(":path", "/"), (":scheme", "https"), (":method", "GET"), (":authority", "")],
expected_status_code="400",
)

def test_empty_host_header(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[(":path", "/"), (":scheme", "https"), (":method", "GET"), ("host", "")],
expected_status_code="400",
)

def test_host_authority_ok(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[
(":path", "/"),
(":scheme", "https"),
(":method", "GET"),
(":authority", "localhost"),
],
expected_status_code="200",
)

def test_host_header_ok(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[
(":path", "/"),
(":scheme", "https"),
(":method", "GET"),
("host", "localhost"),
],
expected_status_code="200",
)

def test_different_host_and_authority_headers(self):
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[
(":path", "/"),
(":scheme", "https"),
(":method", "GET"),
(":authority", "deproxy"),
("host", "localhost"),
],
expected_status_code="200",
)

def test_forwarded_and_empty_host_header(self):
"""Host header must be present. Forwarded header does not set host header."""
self.start_all_services()
client = self.get_client("deproxy")
client.parsing = False

client.send_request(
request=[
(":path", "/"),
(":scheme", "https"),
(":method", "GET"),
("host", ""),
("forwarded", "host=localhost"),
],
expected_status_code="400",
)


class CurlTestBase(tester.TempestaTest):
clients = [
{
Expand Down
101 changes: 96 additions & 5 deletions http_general/test_headers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@


class BackendSetCoookie(tester.TempestaTest):

backends = [
{
"id": "set-cookie-1",
Expand Down Expand Up @@ -101,13 +100,12 @@ def test_request_success(self):
"wordpress-login", # WordPress response with multiple Set-Cookie headers
):
with self.subTest("GET cookies", path=path):
client.make_request(f"GET /{path} HTTP/1.1\r\n\r\n")
client.make_request(f"GET /{path} HTTP/1.1\r\nHost: deproxy\r\n\r\n")
self.assertTrue(client.wait_for_response(timeout=1))
self.assertEqual(client.last_response.status, "200")


class RepeatedHeaderCache(tester.TempestaTest):

backends = [
{
"id": "headers",
Expand Down Expand Up @@ -153,7 +151,7 @@ def test_request_cache_del_dup_success(self):
self.start_all_services()
client = self.get_client("deproxy")

client.make_request("GET / HTTP/1.1\r\n\r\n")
client.make_request("GET / HTTP/1.1\r\nHost: deproxy\r\n\r\n")

self.assertTrue(client.wait_for_response(timeout=1))
self.assertEqual(client.last_response.status, "200")
Expand Down Expand Up @@ -196,7 +194,100 @@ def test_small_header_name_accepted(self):
header = "X" * length
client.start()
with self.subTest(header=header):
client.make_request("GET / HTTP/1.1\r\n" f"{header}: test\r\n" "\r\n")
client.make_request(f"GET / HTTP/1.1\r\nHost: deproxy\r\n{header}: test\r\n\r\n")
self.assertTrue(client.wait_for_response(timeout=1))
self.assertEqual(client.last_response.status, "200")
client.stop()


class TestHost(tester.TempestaTest):
backends = [
{
"id": "deproxy",
"type": "deproxy",
"port": "8000",
"response": "static",
"response_content": (
"HTTP/1.1 200 OK\r\n"
+ "Date: test\r\n"
+ "Server: debian\r\n"
+ "Content-Length: 0\r\n\r\n"
),
}
]

tempesta = {
"config": """
listen 80;
server ${server_ip}:8000;
block_action attack reply;
block_action error reply;
"""
}

clients = [
{
"id": "deproxy",
"type": "deproxy",
"addr": "${tempesta_ip}",
"port": "80",
},
]

def test_host_missing(self):
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=f"GET / HTTP/1.1\r\n\r\n",
expected_status_code="400",
)

def test_host_header_empty(self):
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=f"GET / HTTP/1.1\r\nHost:\r\n\r\n",
expected_status_code="400",
)

def test_host_header_ok(self):
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=f"GET / HTTP/1.1\r\nHost: localhost\r\n\r\n",
expected_status_code="200",
)

def test_host_in_uri_without_host_header(self):
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=f"GET http://[email protected]/ HTTP/1.1\r\n\r\n",
expected_status_code="400",
)

def test_different_host_in_uri_and_headers(self):
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=f"GET http://[email protected]/ HTTP/1.1\r\nHost: localhost\r\n\r\n",
expected_status_code="200",
)

def test_forwarded_and_empty_host_header(self):
"""Host header must be present. Forwarded header does not set host header."""
self.start_all_services()
client = self.get_client("deproxy")

client.send_request(
request=(
f"GET http://[email protected]/ HTTP/1.1\r\nForwarded: host=localhost\r\n\r\n"
),
expected_status_code="400",
)
2 changes: 1 addition & 1 deletion t_frang/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
__all__ = [
"test_connection_rate_burst",
"test_header_cnt",
"test_host_required",
"test_http_strict_host_checking",
"test_http_resp_code_block",
"test_ip_block",
"test_length",
Expand Down
Loading

0 comments on commit d3f6caa

Please sign in to comment.