2017-10-30 10:02:03 +01:00
|
|
|
package integration
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"os"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/go-check/check"
|
2020-09-16 15:46:04 +02:00
|
|
|
"github.com/traefik/traefik/v2/integration/try"
|
2017-10-30 10:02:03 +01:00
|
|
|
checker "github.com/vdemeester/shakers"
|
|
|
|
)
|
|
|
|
|
2021-11-25 10:10:06 +00:00
|
|
|
type ProxyProtocolSuite struct {
|
|
|
|
BaseSuite
|
|
|
|
gatewayIP string
|
|
|
|
haproxyIP string
|
|
|
|
whoamiIP string
|
|
|
|
}
|
2017-10-30 10:02:03 +01:00
|
|
|
|
|
|
|
func (s *ProxyProtocolSuite) SetUpSuite(c *check.C) {
|
|
|
|
s.createComposeProject(c, "proxy-protocol")
|
2021-11-25 10:10:06 +00:00
|
|
|
s.composeUp(c)
|
|
|
|
|
|
|
|
s.gatewayIP = s.getContainerIP(c, "traefik")
|
|
|
|
s.haproxyIP = s.getComposeServiceIP(c, "haproxy")
|
|
|
|
s.whoamiIP = s.getComposeServiceIP(c, "whoami")
|
2017-10-30 10:02:03 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ProxyProtocolSuite) TestProxyProtocolTrusted(c *check.C) {
|
2019-08-26 15:40:04 +03:00
|
|
|
file := s.adaptFile(c, "fixtures/proxy-protocol/with.toml", struct {
|
|
|
|
HaproxyIP string
|
|
|
|
WhoamiIP string
|
2021-11-25 10:10:06 +00:00
|
|
|
}{HaproxyIP: s.haproxyIP, WhoamiIP: s.whoamiIP})
|
2019-08-26 15:40:04 +03:00
|
|
|
defer os.Remove(file)
|
|
|
|
|
|
|
|
cmd, display := s.traefikCmd(withConfigFile(file))
|
|
|
|
defer display(c)
|
|
|
|
err := cmd.Start()
|
|
|
|
c.Assert(err, checker.IsNil)
|
2020-10-09 09:32:03 +02:00
|
|
|
defer s.killCmd(cmd)
|
2019-08-26 15:40:04 +03:00
|
|
|
|
2021-11-25 10:10:06 +00:00
|
|
|
err = try.GetRequest("http://"+s.haproxyIP+"/whoami", 1*time.Second,
|
2019-08-26 15:40:04 +03:00
|
|
|
try.StatusCodeIs(http.StatusOK),
|
2021-11-25 10:10:06 +00:00
|
|
|
try.BodyContains("X-Forwarded-For: "+s.gatewayIP))
|
2019-08-26 15:40:04 +03:00
|
|
|
c.Assert(err, checker.IsNil)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ProxyProtocolSuite) TestProxyProtocolV2Trusted(c *check.C) {
|
2017-10-30 10:02:03 +01:00
|
|
|
file := s.adaptFile(c, "fixtures/proxy-protocol/with.toml", struct {
|
|
|
|
HaproxyIP string
|
|
|
|
WhoamiIP string
|
2021-11-25 10:10:06 +00:00
|
|
|
}{HaproxyIP: s.haproxyIP, WhoamiIP: s.whoamiIP})
|
2017-10-30 10:02:03 +01:00
|
|
|
defer os.Remove(file)
|
|
|
|
|
|
|
|
cmd, display := s.traefikCmd(withConfigFile(file))
|
|
|
|
defer display(c)
|
|
|
|
err := cmd.Start()
|
|
|
|
c.Assert(err, checker.IsNil)
|
2020-10-09 09:32:03 +02:00
|
|
|
defer s.killCmd(cmd)
|
2017-10-30 10:02:03 +01:00
|
|
|
|
2021-11-25 10:10:06 +00:00
|
|
|
err = try.GetRequest("http://"+s.haproxyIP+":81/whoami", 1*time.Second,
|
2019-08-26 15:40:04 +03:00
|
|
|
try.StatusCodeIs(http.StatusOK),
|
2021-11-25 10:10:06 +00:00
|
|
|
try.BodyContains("X-Forwarded-For: "+s.gatewayIP))
|
2017-10-30 10:02:03 +01:00
|
|
|
c.Assert(err, checker.IsNil)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ProxyProtocolSuite) TestProxyProtocolNotTrusted(c *check.C) {
|
2019-08-26 15:40:04 +03:00
|
|
|
file := s.adaptFile(c, "fixtures/proxy-protocol/without.toml", struct {
|
|
|
|
HaproxyIP string
|
|
|
|
WhoamiIP string
|
2021-11-25 10:10:06 +00:00
|
|
|
}{HaproxyIP: s.haproxyIP, WhoamiIP: s.whoamiIP})
|
2019-08-26 15:40:04 +03:00
|
|
|
defer os.Remove(file)
|
|
|
|
|
|
|
|
cmd, display := s.traefikCmd(withConfigFile(file))
|
|
|
|
defer display(c)
|
|
|
|
err := cmd.Start()
|
|
|
|
c.Assert(err, checker.IsNil)
|
2020-10-09 09:32:03 +02:00
|
|
|
defer s.killCmd(cmd)
|
2019-08-26 15:40:04 +03:00
|
|
|
|
2021-11-25 10:10:06 +00:00
|
|
|
err = try.GetRequest("http://"+s.haproxyIP+"/whoami", 1*time.Second,
|
2019-08-26 15:40:04 +03:00
|
|
|
try.StatusCodeIs(http.StatusOK),
|
2021-11-25 10:10:06 +00:00
|
|
|
try.BodyContains("X-Forwarded-For: "+s.haproxyIP))
|
2019-08-26 15:40:04 +03:00
|
|
|
c.Assert(err, checker.IsNil)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *ProxyProtocolSuite) TestProxyProtocolV2NotTrusted(c *check.C) {
|
2017-10-30 10:02:03 +01:00
|
|
|
file := s.adaptFile(c, "fixtures/proxy-protocol/without.toml", struct {
|
|
|
|
HaproxyIP string
|
|
|
|
WhoamiIP string
|
2021-11-25 10:10:06 +00:00
|
|
|
}{HaproxyIP: s.haproxyIP, WhoamiIP: s.whoamiIP})
|
2017-10-30 10:02:03 +01:00
|
|
|
defer os.Remove(file)
|
|
|
|
|
|
|
|
cmd, display := s.traefikCmd(withConfigFile(file))
|
|
|
|
defer display(c)
|
|
|
|
err := cmd.Start()
|
|
|
|
c.Assert(err, checker.IsNil)
|
2020-10-09 09:32:03 +02:00
|
|
|
defer s.killCmd(cmd)
|
2017-10-30 10:02:03 +01:00
|
|
|
|
2021-11-25 10:10:06 +00:00
|
|
|
err = try.GetRequest("http://"+s.haproxyIP+":81/whoami", 1*time.Second,
|
2019-08-26 15:40:04 +03:00
|
|
|
try.StatusCodeIs(http.StatusOK),
|
2021-11-25 10:10:06 +00:00
|
|
|
try.BodyContains("X-Forwarded-For: "+s.haproxyIP))
|
2017-10-30 10:02:03 +01:00
|
|
|
c.Assert(err, checker.IsNil)
|
|
|
|
}
|