2024-09-26 11:00:05 +02:00
|
|
|
package fast
|
2019-03-14 09:30:04 +01:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
2024-11-06 09:56:04 +01:00
|
|
|
"crypto/sha1"
|
2019-03-14 09:30:04 +01:00
|
|
|
"crypto/tls"
|
2024-11-06 09:56:04 +01:00
|
|
|
"encoding/base64"
|
2020-11-06 09:26:03 +01:00
|
|
|
"errors"
|
2019-03-14 09:30:04 +01:00
|
|
|
"fmt"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"net/url"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
gorillawebsocket "github.com/gorilla/websocket"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/require"
|
2024-09-26 11:00:05 +02:00
|
|
|
"github.com/traefik/traefik/v3/pkg/testhelpers"
|
2019-03-14 09:30:04 +01:00
|
|
|
"golang.org/x/net/websocket"
|
|
|
|
)
|
|
|
|
|
2024-11-06 09:56:04 +01:00
|
|
|
func TestWebSocketUpgradeCase(t *testing.T) {
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
challengeKey := r.Header.Get("Sec-Websocket-Key")
|
|
|
|
|
|
|
|
hijacker, ok := w.(http.Hijacker)
|
|
|
|
require.True(t, ok)
|
|
|
|
|
|
|
|
c, _, err := hijacker.Hijack()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
// Force answer with "Connection: upgrade" in lowercase.
|
|
|
|
_, err = c.Write([]byte("HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: upgrade\r\nSec-WebSocket-Accept: " + computeAcceptKey(challengeKey) + "\r\n\n"))
|
|
|
|
require.NoError(t, err)
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
_, conn, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
).open()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
conn.Close()
|
|
|
|
}
|
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
func TestWebSocketTCPClose(t *testing.T) {
|
|
|
|
errChan := make(chan error, 1)
|
|
|
|
upgrader := gorillawebsocket.Upgrader{}
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
c, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer c.Close()
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
for {
|
|
|
|
_, _, err := c.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
errChan <- err
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
_, conn, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
).open()
|
|
|
|
require.NoError(t, err)
|
2020-11-06 09:26:03 +01:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
conn.Close()
|
|
|
|
|
|
|
|
serverErr := <-errChan
|
|
|
|
|
2020-11-06 09:26:03 +01:00
|
|
|
var wsErr *gorillawebsocket.CloseError
|
2023-11-17 01:50:06 +01:00
|
|
|
require.ErrorAs(t, serverErr, &wsErr)
|
2019-03-14 09:30:04 +01:00
|
|
|
assert.Equal(t, 1006, wsErr.Code)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketPingPong(t *testing.T) {
|
2020-07-07 14:42:03 +02:00
|
|
|
upgrader := gorillawebsocket.Upgrader{
|
2019-03-14 09:30:04 +01:00
|
|
|
HandshakeTimeout: 10 * time.Second,
|
|
|
|
CheckOrigin: func(*http.Request) bool {
|
|
|
|
return true
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.HandleFunc("/ws", func(writer http.ResponseWriter, request *http.Request) {
|
|
|
|
ws, err := upgrader.Upgrade(writer, request, nil)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
ws.SetPingHandler(func(appData string) error {
|
|
|
|
err = ws.WriteMessage(gorillawebsocket.PongMessage, []byte(appData+"Pong"))
|
|
|
|
require.NoError(t, err)
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
_, _, _ = ws.ReadMessage()
|
|
|
|
})
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
|
|
|
}))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
serverAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
headers := http.Header{}
|
|
|
|
webSocketURL := "ws://" + serverAddr + "/ws"
|
|
|
|
headers.Add("Origin", webSocketURL)
|
|
|
|
|
|
|
|
conn, resp, err := gorillawebsocket.DefaultDialer.Dial(webSocketURL, headers)
|
|
|
|
require.NoError(t, err, "Error during Dial with response: %+v", resp)
|
|
|
|
defer conn.Close()
|
|
|
|
|
|
|
|
goodErr := fmt.Errorf("signal: %s", "Good data")
|
|
|
|
badErr := fmt.Errorf("signal: %s", "Bad data")
|
|
|
|
conn.SetPongHandler(func(data string) error {
|
|
|
|
if data == "PingPong" {
|
|
|
|
return goodErr
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
return badErr
|
|
|
|
})
|
|
|
|
|
|
|
|
err = conn.WriteControl(gorillawebsocket.PingMessage, []byte("Ping"), time.Now().Add(time.Second))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
_, _, err = conn.ReadMessage()
|
|
|
|
|
2020-11-06 09:26:03 +01:00
|
|
|
if !errors.Is(err, goodErr) {
|
2019-03-14 09:30:04 +01:00
|
|
|
require.NoError(t, err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketEcho(t *testing.T) {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.Handle("/ws", websocket.Handler(func(conn *websocket.Conn) {
|
|
|
|
msg := make([]byte, 4)
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
n, err := conn.Read(msg)
|
|
|
|
require.NoError(t, err)
|
2019-03-14 09:30:04 +01:00
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
_, err = conn.Write(msg[:n])
|
2019-03-14 09:30:04 +01:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
err = conn.Close()
|
|
|
|
require.NoError(t, err)
|
|
|
|
}))
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
|
|
|
}))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
serverAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
headers := http.Header{}
|
|
|
|
webSocketURL := "ws://" + serverAddr + "/ws"
|
|
|
|
headers.Add("Origin", webSocketURL)
|
|
|
|
|
|
|
|
conn, resp, err := gorillawebsocket.DefaultDialer.Dial(webSocketURL, headers)
|
|
|
|
require.NoError(t, err, "Error during Dial with response: %+v", resp)
|
|
|
|
|
|
|
|
err = conn.WriteMessage(gorillawebsocket.TextMessage, []byte("OK"))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
_, msg, err := conn.ReadMessage()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
assert.Equal(t, "OK", string(msg))
|
2019-03-14 09:30:04 +01:00
|
|
|
|
|
|
|
err = conn.Close()
|
|
|
|
require.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketPassHost(t *testing.T) {
|
|
|
|
testCases := []struct {
|
|
|
|
desc string
|
|
|
|
passHost bool
|
|
|
|
expected string
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
desc: "PassHost false",
|
|
|
|
passHost: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
desc: "PassHost true",
|
|
|
|
passHost: true,
|
|
|
|
expected: "example.com",
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range testCases {
|
|
|
|
t.Run(test.desc, func(t *testing.T) {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.Handle("/ws", websocket.Handler(func(conn *websocket.Conn) {
|
|
|
|
req := conn.Request()
|
|
|
|
|
|
|
|
if test.passHost {
|
|
|
|
require.Equal(t, test.expected, req.Host)
|
|
|
|
} else {
|
|
|
|
require.NotEqual(t, test.expected, req.Host)
|
|
|
|
}
|
|
|
|
|
|
|
|
msg := make([]byte, 4)
|
2024-09-26 11:00:05 +02:00
|
|
|
|
|
|
|
n, err := conn.Read(msg)
|
2019-03-14 09:30:04 +01:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
_, err = conn.Write(msg[:n])
|
2019-03-14 09:30:04 +01:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
err = conn.Close()
|
|
|
|
require.NoError(t, err)
|
|
|
|
}))
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
|
|
|
}))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
|
|
|
|
serverAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
headers := http.Header{}
|
|
|
|
webSocketURL := "ws://" + serverAddr + "/ws"
|
|
|
|
headers.Add("Origin", webSocketURL)
|
|
|
|
headers.Add("Host", "example.com")
|
|
|
|
|
|
|
|
conn, resp, err := gorillawebsocket.DefaultDialer.Dial(webSocketURL, headers)
|
|
|
|
require.NoError(t, err, "Error during Dial with response: %+v", resp)
|
|
|
|
|
|
|
|
err = conn.WriteMessage(gorillawebsocket.TextMessage, []byte("OK"))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
_, msg, err := conn.ReadMessage()
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
assert.Equal(t, "OK", string(msg))
|
2019-03-14 09:30:04 +01:00
|
|
|
|
|
|
|
err = conn.Close()
|
|
|
|
require.NoError(t, err)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketServerWithoutCheckOrigin(t *testing.T) {
|
|
|
|
upgrader := gorillawebsocket.Upgrader{CheckOrigin: func(r *http.Request) bool {
|
|
|
|
return true
|
|
|
|
}}
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
c, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer c.Close()
|
|
|
|
for {
|
|
|
|
mt, message, err := c.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
err = c.WriteMessage(mt, message)
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("ok"),
|
|
|
|
withOrigin("http://127.0.0.2"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketRequestWithOrigin(t *testing.T) {
|
|
|
|
upgrader := gorillawebsocket.Upgrader{}
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
c, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer c.Close()
|
|
|
|
for {
|
|
|
|
mt, message, err := c.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
err = c.WriteMessage(mt, message)
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
2022-11-16 11:38:07 +01:00
|
|
|
_, err := newWebsocketRequest(
|
2019-03-14 09:30:04 +01:00
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("echo"),
|
|
|
|
withOrigin("http://127.0.0.2"),
|
|
|
|
).send()
|
|
|
|
require.EqualError(t, err, "bad status")
|
|
|
|
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("ok"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketRequestWithQueryParams(t *testing.T) {
|
|
|
|
upgrader := gorillawebsocket.Upgrader{}
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
conn, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer conn.Close()
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
assert.Equal(t, "test", r.URL.Query().Get("query"))
|
|
|
|
for {
|
|
|
|
mt, message, err := conn.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
err = conn.WriteMessage(mt, message)
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws?query=test"),
|
|
|
|
withData("ok"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketRequestWithHeadersInResponseWriter(t *testing.T) {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.Handle("/ws", websocket.Handler(func(conn *websocket.Conn) {
|
2024-09-26 11:00:05 +02:00
|
|
|
_ = conn.Close()
|
|
|
|
}))
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
2019-03-14 09:30:04 +01:00
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
u := parseURI(t, srv.URL)
|
|
|
|
|
2024-10-25 14:26:04 +02:00
|
|
|
f, err := NewReverseProxy(u, nil, true, false, false, newConnPool(1, 0, 0, func() (net.Conn, error) {
|
2024-09-26 11:00:05 +02:00
|
|
|
return net.Dial("tcp", u.Host)
|
|
|
|
}))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
proxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
req.URL = parseURI(t, srv.URL)
|
|
|
|
w.Header().Set("HEADER-KEY", "HEADER-VALUE")
|
|
|
|
f.ServeHTTP(w, req)
|
|
|
|
}))
|
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
serverAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
headers := http.Header{}
|
|
|
|
webSocketURL := "ws://" + serverAddr + "/ws"
|
|
|
|
headers.Add("Origin", webSocketURL)
|
|
|
|
conn, resp, err := gorillawebsocket.DefaultDialer.Dial(webSocketURL, headers)
|
|
|
|
require.NoError(t, err, "Error during Dial with response: %+v", err, resp)
|
|
|
|
defer conn.Close()
|
|
|
|
|
|
|
|
assert.Equal(t, "HEADER-VALUE", resp.Header.Get("HEADER-KEY"))
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketRequestWithEncodedChar(t *testing.T) {
|
|
|
|
upgrader := gorillawebsocket.Upgrader{}
|
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
conn, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer conn.Close()
|
|
|
|
assert.Equal(t, "/%3A%2F%2F", r.URL.EscapedPath())
|
|
|
|
for {
|
|
|
|
mt, message, err := conn.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
err = conn.WriteMessage(mt, message)
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/%3A%2F%2F"),
|
|
|
|
withData("ok"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketUpgradeFailed(t *testing.T) {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.HandleFunc("/ws", func(w http.ResponseWriter, req *http.Request) {
|
2022-08-09 17:36:08 +02:00
|
|
|
w.WriteHeader(http.StatusBadRequest)
|
2019-03-14 09:30:04 +01:00
|
|
|
})
|
2024-09-26 11:00:05 +02:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
|
|
|
}))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
u := parseURI(t, srv.URL)
|
2024-10-25 14:26:04 +02:00
|
|
|
f, err := NewReverseProxy(u, nil, true, false, false, newConnPool(1, 0, 0, func() (net.Conn, error) {
|
2024-09-26 11:00:05 +02:00
|
|
|
return net.Dial("tcp", u.Host)
|
|
|
|
}))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
proxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
path := req.URL.Path // keep the original path
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
if path != "/ws" {
|
2022-08-09 17:36:08 +02:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2024-09-26 11:00:05 +02:00
|
|
|
return
|
2019-03-14 09:30:04 +01:00
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
|
|
|
// Set new backend URL
|
|
|
|
req.URL = parseURI(t, srv.URL)
|
|
|
|
req.URL.Path = path
|
|
|
|
f.ServeHTTP(w, req)
|
2019-03-14 09:30:04 +01:00
|
|
|
}))
|
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
conn, err := net.DialTimeout("tcp", proxyAddr, dialTimeout)
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
defer conn.Close()
|
|
|
|
|
|
|
|
req, err := http.NewRequest(http.MethodGet, "ws://127.0.0.1/ws", nil)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
req.Header.Add("upgrade", "websocket")
|
|
|
|
req.Header.Add("Connection", "upgrade")
|
|
|
|
|
|
|
|
err = req.Write(conn)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
// First request works with 400
|
|
|
|
br := bufio.NewReader(conn)
|
|
|
|
resp, err := http.ReadResponse(br, req)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
assert.Equal(t, 400, resp.StatusCode)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestForwardsWebsocketTraffic(t *testing.T) {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
mux.Handle("/ws", websocket.Handler(func(conn *websocket.Conn) {
|
|
|
|
_, err := conn.Write([]byte("ok"))
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
err = conn.Close()
|
|
|
|
require.NoError(t, err)
|
|
|
|
}))
|
2024-09-26 11:00:05 +02:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
mux.ServeHTTP(w, req)
|
|
|
|
}))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxy := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxy.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxy.Listener.Addr().String()
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("echo"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
func createTLSWebsocketServer() *httptest.Server {
|
|
|
|
upgrader := gorillawebsocket.Upgrader{}
|
|
|
|
srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
conn, err := upgrader.Upgrade(w, r, nil)
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer conn.Close()
|
|
|
|
for {
|
|
|
|
mt, message, err := conn.ReadMessage()
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
err = conn.WriteMessage(mt, message)
|
|
|
|
if err != nil {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
return srv
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestWebSocketTransferTLSConfig(t *testing.T) {
|
|
|
|
srv := createTLSWebsocketServer()
|
|
|
|
defer srv.Close()
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxyWithoutTLSConfig := createProxyWithForwarder(t, srv.URL, createConnectionPool(srv.URL, nil))
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxyWithoutTLSConfig.Close()
|
|
|
|
|
|
|
|
proxyAddr := proxyWithoutTLSConfig.Listener.Addr().String()
|
|
|
|
|
2022-11-16 11:38:07 +01:00
|
|
|
_, err := newWebsocketRequest(
|
2019-03-14 09:30:04 +01:00
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("ok"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.EqualError(t, err, "bad status")
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
pool := createConnectionPool(srv.URL, &tls.Config{InsecureSkipVerify: true})
|
2019-03-14 09:30:04 +01:00
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
proxyWithTLSConfig := createProxyWithForwarder(t, srv.URL, pool)
|
2019-03-14 09:30:04 +01:00
|
|
|
defer proxyWithTLSConfig.Close()
|
|
|
|
|
|
|
|
proxyAddr = proxyWithTLSConfig.Listener.Addr().String()
|
|
|
|
|
|
|
|
resp, err := newWebsocketRequest(
|
|
|
|
withServer(proxyAddr),
|
|
|
|
withPath("/ws"),
|
|
|
|
withData("ok"),
|
|
|
|
).send()
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, "ok", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
const dialTimeout = time.Second
|
|
|
|
|
|
|
|
type websocketRequestOpt func(w *websocketRequest)
|
|
|
|
|
|
|
|
func withServer(server string) websocketRequestOpt {
|
|
|
|
return func(w *websocketRequest) {
|
|
|
|
w.ServerAddr = server
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func withPath(path string) websocketRequestOpt {
|
|
|
|
return func(w *websocketRequest) {
|
|
|
|
w.Path = path
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func withData(data string) websocketRequestOpt {
|
|
|
|
return func(w *websocketRequest) {
|
|
|
|
w.Data = data
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func withOrigin(origin string) websocketRequestOpt {
|
|
|
|
return func(w *websocketRequest) {
|
|
|
|
w.Origin = origin
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func newWebsocketRequest(opts ...websocketRequestOpt) *websocketRequest {
|
|
|
|
wsrequest := &websocketRequest{}
|
|
|
|
for _, opt := range opts {
|
|
|
|
opt(wsrequest)
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
if wsrequest.Origin == "" {
|
|
|
|
wsrequest.Origin = "http://" + wsrequest.ServerAddr
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
if wsrequest.Config == nil {
|
|
|
|
wsrequest.Config, _ = websocket.NewConfig(fmt.Sprintf("ws://%s%s", wsrequest.ServerAddr, wsrequest.Path), wsrequest.Origin)
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
return wsrequest
|
|
|
|
}
|
|
|
|
|
|
|
|
type websocketRequest struct {
|
|
|
|
ServerAddr string
|
|
|
|
Path string
|
|
|
|
Data string
|
|
|
|
Origin string
|
|
|
|
Config *websocket.Config
|
|
|
|
}
|
|
|
|
|
|
|
|
func (w *websocketRequest) send() (string, error) {
|
|
|
|
conn, _, err := w.open()
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
defer conn.Close()
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
if _, err := conn.Write([]byte(w.Data)); err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2020-07-07 14:42:03 +02:00
|
|
|
msg := make([]byte, 512)
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
var n int
|
|
|
|
n, err = conn.Read(msg)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
|
|
|
received := string(msg[:n])
|
|
|
|
return received, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (w *websocketRequest) open() (*websocket.Conn, net.Conn, error) {
|
|
|
|
client, err := net.DialTimeout("tcp", w.ServerAddr, dialTimeout)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
conn, err := websocket.NewClient(w.Config, client)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
return conn, client, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func parseURI(t *testing.T, uri string) *url.URL {
|
2020-12-29 10:54:03 +01:00
|
|
|
t.Helper()
|
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
out, err := url.ParseRequestURI(uri)
|
|
|
|
require.NoError(t, err)
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2019-03-14 09:30:04 +01:00
|
|
|
return out
|
|
|
|
}
|
|
|
|
|
2024-09-26 11:00:05 +02:00
|
|
|
func createConnectionPool(target string, tlsConfig *tls.Config) *connPool {
|
|
|
|
u := testhelpers.MustParseURL(target)
|
2024-10-25 14:26:04 +02:00
|
|
|
return newConnPool(200, 0, 0, func() (net.Conn, error) {
|
2024-09-26 11:00:05 +02:00
|
|
|
if tlsConfig != nil {
|
|
|
|
return tls.Dial("tcp", u.Host, tlsConfig)
|
|
|
|
}
|
|
|
|
|
|
|
|
return net.Dial("tcp", u.Host)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func createProxyWithForwarder(t *testing.T, uri string, pool *connPool) *httptest.Server {
|
2020-12-29 10:54:03 +01:00
|
|
|
t.Helper()
|
|
|
|
|
2022-11-16 11:38:07 +01:00
|
|
|
u := parseURI(t, uri)
|
2024-10-25 14:26:04 +02:00
|
|
|
proxy, err := NewReverseProxy(u, nil, false, true, false, pool)
|
2024-09-26 11:00:05 +02:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
2022-11-16 11:38:07 +01:00
|
|
|
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
2019-03-14 09:30:04 +01:00
|
|
|
path := req.URL.Path // keep the original path
|
|
|
|
// Set new backend URL
|
2022-11-16 11:38:07 +01:00
|
|
|
req.URL = u
|
2019-03-14 09:30:04 +01:00
|
|
|
req.URL.Path = path
|
|
|
|
|
|
|
|
proxy.ServeHTTP(w, req)
|
|
|
|
}))
|
2022-11-16 11:38:07 +01:00
|
|
|
t.Cleanup(srv.Close)
|
2024-09-26 11:00:05 +02:00
|
|
|
|
2022-11-16 11:38:07 +01:00
|
|
|
return srv
|
2019-03-14 09:30:04 +01:00
|
|
|
}
|
2024-11-06 09:56:04 +01:00
|
|
|
|
|
|
|
func computeAcceptKey(challengeKey string) string {
|
|
|
|
h := sha1.New() // #nosec G401 -- (CWE-326) https://datatracker.ietf.org/doc/html/rfc6455#page-54
|
|
|
|
h.Write([]byte(challengeKey))
|
|
|
|
h.Write([]byte("258EAFA5-E914-47DA-95CA-C5AB0DC85B11"))
|
|
|
|
return base64.StdEncoding.EncodeToString(h.Sum(nil))
|
|
|
|
}
|