JustAnotherArchivist
/
transfer.sh
forked from kiska/transfer.sh
1
0
Fork 1
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
315 Commits
17 Branches
34 MiB
 
 
 
Tree: 46a543b286
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '46a543b286'
${ noResults }
transfer.sh/vendor/github.com/google/martian/cmd/proxy/main_test.go

381 lines
11 KiB
Raw Blame History 

  1. // Copyright 2015 Google Inc. All rights reserved.

  2. //

  3. // Licensed under the Apache License, Version 2.0 (the "License");

  4. // you may not use this file except in compliance with the License.

  5. // You may obtain a copy of the License at

  6. //

  7. //     http://www.apache.org/licenses/LICENSE-2.0

  8. //

  9. // Unless required by applicable law or agreed to in writing, software

  10. // distributed under the License is distributed on an "AS IS" BASIS,

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. // See the License for the specific language governing permissions and

  13. // limitations under the License.

  14. 

  15. package main

  16. 

  17. import (

  18. 	"crypto/tls"

  19. 	"crypto/x509"

  20. 	"encoding/base64"

  21. 	"fmt"

  22. 	"io/ioutil"

  23. 	"net"

  24. 	"net/http"

  25. 	"net/url"

  26. 	"os"

  27. 	"os/exec"

  28. 	"path/filepath"

  29. 	"strings"

  30. 	"testing"

  31. 	"time"

  32. 

  33. 	"github.com/google/martian/mitm"

  34. )

  35. 

  36. func waitForProxy(t *testing.T, c *http.Client, apiURL string) {

  37. 	timeout := 5 * time.Second

  38. 	deadline := time.Now().Add(timeout)

  39. 	for time.Now().Before(deadline) {

  40. 		res, err := c.Get(apiURL)

  41. 		if err != nil {

  42. 			time.Sleep(200 * time.Millisecond)

  43. 			continue

  44. 		}

  45. 		defer res.Body.Close()

  46. 		if got, want := res.StatusCode, http.StatusOK; got != want {

  47. 			t.Fatalf("waitForProxy: c.Get(%q): got status %d, want %d", apiURL, got, want)

  48. 		}

  49. 		return

  50. 	}

  51. 	t.Fatalf("waitForProxy: did not start up within %.1f seconds", timeout.Seconds())

  52. }

  53. 

  54. // getFreePort returns a port string preceded by a colon, e.g. ":1234"

  55. func getFreePort(t *testing.T) string {

  56. 	l, err := net.Listen("tcp", ":")

  57. 	if err != nil {

  58. 		t.Fatalf("getFreePort: could not get free port: %v", err)

  59. 	}

  60. 	defer l.Close()

  61. 	return l.Addr().String()[strings.LastIndex(l.Addr().String(), ":"):]

  62. }

  63. 

  64. func parseURL(t *testing.T, u string) *url.URL {

  65. 	p, err := url.Parse(u)

  66. 	if err != nil {

  67. 		t.Fatalf("url.Parse(%q): got error %v, want no error", u, err)

  68. 	}

  69. 	return p

  70. }

  71. 

  72. func TestProxyMain(t *testing.T) {

  73. 	tempDir, err := ioutil.TempDir("", t.Name())

  74. 	if err != nil {

  75. 		t.Fatal(err)

  76. 	}

  77. 	defer os.RemoveAll(tempDir)

  78. 

  79. 	// Build proxy binary

  80. 	binPath := filepath.Join(tempDir, "proxy")

  81. 	cmd := exec.Command("go", "build", "-o", binPath)

  82. 	cmd.Stdout = os.Stdout

  83. 	cmd.Stderr = os.Stderr

  84. 	if err := cmd.Run(); err != nil {

  85. 		t.Fatal(err)

  86. 	}

  87. 

  88. 	t.Run("Http", func(t *testing.T) {

  89. 		// Start proxy

  90. 		proxyPort := getFreePort(t)

  91. 		apiPort := getFreePort(t)

  92. 		cmd := exec.Command(binPath, "-addr="+proxyPort, "-api-addr="+apiPort)

  93. 		cmd.Stdout = os.Stdout

  94. 		cmd.Stderr = os.Stderr

  95. 		if err := cmd.Start(); err != nil {

  96. 			t.Fatal(err)

  97. 		}

  98. 		defer cmd.Wait()

  99. 		defer cmd.Process.Signal(os.Interrupt)

  100. 

  101. 		proxyURL := "http://localhost" + proxyPort

  102. 		apiURL := "http://localhost" + apiPort

  103. 		configureURL := "http://martian.proxy/configure"

  104. 

  105. 		// TODO: Make using API hostport directly work on Travis.

  106. 		apiClient := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, apiURL))}}

  107. 		waitForProxy(t, apiClient, configureURL)

  108. 

  109. 		// Configure modifiers

  110. 		config := strings.NewReader(`

  111. 			{

  112. 			  "fifo.Group": {

  113. 			    "scope": ["request", "response"],

  114. 			    "modifiers": [

  115. 			      {

  116. 			        "status.Modifier": {

  117. 			          "scope": ["response"],

  118. 			          "statusCode": 418

  119. 			        }

  120. 			      },

  121. 			      {

  122. 			        "skip.RoundTrip": {}

  123. 			      }

  124. 			    ]

  125. 			  }

  126. 			}`)

  127. 		res, err := apiClient.Post(configureURL, "application/json", config)

  128. 		if err != nil {

  129. 			t.Fatalf("apiClient.Post(%q): got error %v, want no error", configureURL, err)

  130. 		}

  131. 		defer res.Body.Close()

  132. 		if got, want := res.StatusCode, http.StatusOK; got != want {

  133. 			t.Fatalf("apiClient.Post(%q): got status %d, want %d", configureURL, got, want)

  134. 		}

  135. 

  136. 		// Exercise proxy

  137. 		client := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, proxyURL))}}

  138. 

  139. 		testURL := "http://super.fake.domain/"

  140. 		res, err = client.Get(testURL)

  141. 		if err != nil {

  142. 			t.Fatalf("client.Get(%q): got error %v, want no error", testURL, err)

  143. 		}

  144. 		defer res.Body.Close()

  145. 		if got, want := res.StatusCode, http.StatusTeapot; got != want {

  146. 			t.Errorf("client.Get(%q): got status %d, want %d", testURL, got, want)

  147. 		}

  148. 	})

  149. 

  150. 	t.Run("HttpsGenerateCert", func(t *testing.T) {

  151. 		// Create test certificate for test TLS server

  152. 		certName := "martian.proxy"

  153. 		certOrg := "Martian Authority"

  154. 		certExpiry := 90 * time.Minute

  155. 		servCert, servPriv, err := mitm.NewAuthority(certName, certOrg, certExpiry)

  156. 		if err != nil {

  157. 			t.Fatalf("mitm.NewAuthority(%q, %q, %q): got error %v, want no error", certName, certOrg, certExpiry, err)

  158. 		}

  159. 		mc, err := mitm.NewConfig(servCert, servPriv)

  160. 		if err != nil {

  161. 			t.Fatalf("mitm.NewConfig(%p, %q): got error %v, want no error", servCert, servPriv, err)

  162. 		}

  163. 		sc := mc.TLS()

  164. 

  165. 		// Configure and start test TLS server

  166. 		servPort := getFreePort(t)

  167. 		l, err := tls.Listen("tcp", servPort, sc)

  168. 		if err != nil {

  169. 			t.Fatalf("tls.Listen(\"tcp\", %q, %p): got error %v, want no error", servPort, sc, err)

  170. 		}

  171. 		defer l.Close()

  172. 

  173. 		server := &http.Server{

  174. 			Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

  175. 				w.WriteHeader(http.StatusTeapot)

  176. 				w.Write([]byte("Hello!"))

  177. 			}),

  178. 		}

  179. 		go server.Serve(l)

  180. 		defer server.Close()

  181. 

  182. 		// Start proxy

  183. 		proxyPort := getFreePort(t)

  184. 		apiPort := getFreePort(t)

  185. 		cmd := exec.Command(binPath, "-addr="+proxyPort, "-api-addr="+apiPort, "-generate-ca-cert", "-skip-tls-verify")

  186. 		cmd.Stdout = os.Stdout

  187. 		cmd.Stderr = os.Stderr

  188. 		if err := cmd.Start(); err != nil {

  189. 			t.Fatal(err)

  190. 		}

  191. 		defer cmd.Wait()

  192. 		defer cmd.Process.Signal(os.Interrupt)

  193. 

  194. 		proxyURL := "http://localhost" + proxyPort

  195. 		apiURL := "http://localhost" + apiPort

  196. 		configureURL := "http://martian.proxy/configure"

  197. 

  198. 		// TODO: Make using API hostport directly work on Travis.

  199. 		apiClient := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, apiURL))}}

  200. 		waitForProxy(t, apiClient, configureURL)

  201. 

  202. 		// Configure modifiers

  203. 		config := strings.NewReader(fmt.Sprintf(`

  204. 			{

  205. 			  "body.Modifier": {

  206. 			    "scope": ["response"],

  207. 			    "contentType": "text/plain",

  208. 			    "body": "%s"

  209. 			  }

  210. 			}`, base64.StdEncoding.EncodeToString([]byte("茶壺"))))

  211. 		res, err := apiClient.Post(configureURL, "application/json", config)

  212. 		if err != nil {

  213. 			t.Fatalf("apiClient.Post(%q): got error %v, want no error", configureURL, err)

  214. 		}

  215. 		defer res.Body.Close()

  216. 		if got, want := res.StatusCode, http.StatusOK; got != want {

  217. 			t.Fatalf("apiClient.Post(%q): got status %d, want %d", configureURL, got, want)

  218. 		}

  219. 

  220. 		// Install proxy's CA cert into http client

  221. 		caCertURL := "http://martian.proxy/authority.cer"

  222. 		res, err = apiClient.Get(caCertURL)

  223. 		if err != nil {

  224. 			t.Fatalf("apiClient.Get(%q): got error %v, want no error", caCertURL, err)

  225. 		}

  226. 		defer res.Body.Close()

  227. 		caCert, err := ioutil.ReadAll(res.Body)

  228. 		if err != nil {

  229. 			t.Fatalf("ioutil.ReadAll(res.Body): got error %v, want no error", err)

  230. 		}

  231. 		caCertPool := x509.NewCertPool()

  232. 		caCertPool.AppendCertsFromPEM(caCert)

  233. 

  234. 		// Exercise proxy

  235. 		client := &http.Client{Transport: &http.Transport{

  236. 			Proxy: http.ProxyURL(parseURL(t, proxyURL)),

  237. 			TLSClientConfig: &tls.Config{

  238. 				RootCAs: caCertPool,

  239. 			},

  240. 		}}

  241. 

  242. 		testURL := "https://localhost" + servPort

  243. 		res, err = client.Get(testURL)

  244. 		if err != nil {

  245. 			t.Fatalf("client.Get(%q): got error %v, want no error", testURL, err)

  246. 		}

  247. 		defer res.Body.Close()

  248. 		if got, want := res.StatusCode, http.StatusTeapot; got != want {

  249. 			t.Fatalf("client.Get(%q): got status %d, want %d", testURL, got, want)

  250. 		}

  251. 		body, err := ioutil.ReadAll(res.Body)

  252. 		if err != nil {

  253. 			t.Fatalf("ioutil.ReadAll(res.Body): got error %v, want no error", err)

  254. 		}

  255. 		if got, want := string(body), "茶壺"; got != want {

  256. 			t.Fatalf("modified response body: got %s, want %s", got, want)

  257. 		}

  258. 	})

  259. 

  260. 	t.Run("DownstreamProxy", func(t *testing.T) {

  261. 		// Start downstream proxy

  262. 		dsProxyPort := getFreePort(t)

  263. 		dsAPIPort := getFreePort(t)

  264. 		cmd := exec.Command(binPath, "-addr="+dsProxyPort, "-api-addr="+dsAPIPort)

  265. 		cmd.Stdout = os.Stdout

  266. 		cmd.Stderr = os.Stderr

  267. 		if err := cmd.Start(); err != nil {

  268. 			t.Fatal(err)

  269. 		}

  270. 		defer cmd.Wait()

  271. 		defer cmd.Process.Signal(os.Interrupt)

  272. 

  273. 		dsProxyURL := "http://localhost" + dsProxyPort

  274. 		dsAPIURL := "http://localhost" + dsAPIPort

  275. 		configureURL := "http://martian.proxy/configure"

  276. 

  277. 		// TODO: Make using API hostport directly work on Travis.

  278. 		dsAPIClient := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, dsAPIURL))}}

  279. 		waitForProxy(t, dsAPIClient, configureURL)

  280. 

  281. 		// Configure modifiers

  282. 		config := strings.NewReader(`

  283. 			{

  284. 			  "fifo.Group": {

  285. 			    "scope": ["request", "response"],

  286. 			    "modifiers": [

  287. 			      {

  288. 			        "status.Modifier": {

  289. 			          "scope": ["response"],

  290. 			          "statusCode": 418

  291. 			        }

  292. 			      },

  293. 			      {

  294. 			        "skip.RoundTrip": {}

  295. 			      }

  296. 			    ]

  297. 			  }

  298. 			}`)

  299. 		res, err := dsAPIClient.Post(configureURL, "application/json", config)

  300. 		if err != nil {

  301. 			t.Fatalf("dsApiClient.Post(%q): got error %v, want no error", configureURL, err)

  302. 		}

  303. 		defer res.Body.Close()

  304. 		if got, want := res.StatusCode, http.StatusOK; got != want {

  305. 			t.Fatalf("dsApiClient.Post(%q): got status %d, want %d", configureURL, got, want)

  306. 		}

  307. 

  308. 		// Start main proxy

  309. 		proxyPort := getFreePort(t)

  310. 		apiPort := getFreePort(t)

  311. 		cmd = exec.Command(binPath, "-addr="+proxyPort, "-api-addr="+apiPort, "-downstream-proxy-url="+dsProxyURL)

  312. 		cmd.Stdout = os.Stdout

  313. 		cmd.Stderr = os.Stderr

  314. 		if err := cmd.Start(); err != nil {

  315. 			t.Fatal(err)

  316. 		}

  317. 		defer cmd.Wait()

  318. 		defer cmd.Process.Signal(os.Interrupt)

  319. 

  320. 		proxyURL := "http://localhost" + proxyPort

  321. 		apiURL := "http://localhost" + apiPort

  322. 

  323. 		// TODO: Make using API hostport directly work on Travis.

  324. 		apiClient := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, apiURL))}}

  325. 		waitForProxy(t, apiClient, configureURL)

  326. 

  327. 		// Configure modifiers

  328. 		// Setting a different Via header value to circumvent loop detection.

  329. 		config = strings.NewReader(fmt.Sprintf(`

  330. 			{

  331. 			  "fifo.Group": {

  332. 			    "scope": ["request", "response"],

  333. 			    "modifiers": [

  334. 			      {

  335. 			        "header.Modifier": {

  336. 			          "scope": ["request"],

  337. 			          "name": "Via",

  338. 			          "value": "martian_1"

  339. 			        }

  340. 			      },

  341. 			      {

  342. 			        "body.Modifier": {

  343. 			          "scope": ["response"],

  344. 			          "contentType": "text/plain",

  345. 			          "body": "%s"

  346. 			        }

  347. 			      }

  348. 			    ]

  349. 			  }

  350. 			}`, base64.StdEncoding.EncodeToString([]byte("茶壺"))))

  351. 		res, err = apiClient.Post(configureURL, "application/json", config)

  352. 		if err != nil {

  353. 			t.Fatalf("apiClient.Post(%q): got error %v, want no error", configureURL, err)

  354. 		}

  355. 		defer res.Body.Close()

  356. 		if got, want := res.StatusCode, http.StatusOK; got != want {

  357. 			t.Fatalf("apiClient.Post(%q): got status %d, want %d", configureURL, got, want)

  358. 		}

  359. 

  360. 		// Exercise proxy

  361. 		client := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(parseURL(t, proxyURL))}}

  362. 

  363. 		testURL := "http://super.fake.domain/"

  364. 		res, err = client.Get(testURL)

  365. 		if err != nil {

  366. 			t.Fatalf("client.Get(%q): got error %v, want no error", testURL, err)

  367. 		}

  368. 		defer res.Body.Close()

  369. 		if got, want := res.StatusCode, http.StatusTeapot; got != want {

  370. 			t.Errorf("client.Get(%q): got status %d, want %d", testURL, got, want)

  371. 		}

  372. 		body, err := ioutil.ReadAll(res.Body)

  373. 		if err != nil {

  374. 			t.Fatalf("ioutil.ReadAll(res.Body): got error %v, want no error", err)

  375. 		}

  376. 		if got, want := string(body), "茶壺"; got != want {

  377. 			t.Fatalf("modified response body: got %s, want %s", got, want)

  378. 		}

  379. 	})

  380. }