1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
|
# This reg-test checks the full support of HTTP protocol upgrade, using a GET
# method and a Connection: Upgrade header. The equivalent mechanism has been
# defined in rfc8441 for HTTP/2 using CONNECT and a new pseudo-header
# :protocol. Check that haproxy handles properly h1/h2 translation of protocol
# upgrade requests and responses.
varnishtest "h1/h2 support for protocol upgrade test"
feature ignore_unknown_macro
#REQUIRE_VERSION=2.4
# http/1.1 server
server srv_h1 {
rxreq
expect req.method == "GET"
expect req.http.connection == "upgrade"
expect req.http.upgrade == "custom_protocol"
txresp \
-status 101 \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
} -repeat 2 -start
# http/1.1 server
server srv_h1_partial_post {
rxreqhdrs
expect req.method == "POST"
expect req.http.connection == "upgrade"
expect req.http.upgrade == "custom_protocol"
txresp \
-status 101 \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
} -start
# http/1.1 server
server srv_h1_post {
rxreq
expect req.method == "POST"
expect req.http.connection == "upgrade"
expect req.http.upgrade == "custom_protocol"
txresp \
-status 101 \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
} -start
# http2 server
server srv_h2 {
rxpri
stream 0 {
# manually send RFC8441 SETTINGS_ENABLE_CONNECT_PROTOCOL
sendhex "00 00 06 04 00 00 00 00 00 00 08 00 00 00 01"
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
rxhdrs
expect req.method == "CONNECT"
expect req.http.:scheme == "https"
expect req.http.:path == "/"
expect req.http.:authority == "127.0.0.1"
expect req.http.:protocol == "custom_protocol"
txresp \
-status 200
} -run
} -repeat 2 -start
# http2 server without support for RFC8441
server srv_h2_no_ws {
rxpri
stream 0 {
txsettings
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
rxrst
} -run
} -start
# http2 server without support for RFC8441 : settings announced with value 0
server srv_h2_no_ws2 {
rxpri
stream 0 {
# manually send RFC8441 SETTINGS_ENABLE_CONNECT_PROTOCOL with a value of 0
sendhex "00 00 06 04 00 00 00 00 00 00 08 00 00 00 00"
txsettings
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
rxrst
} -run
} -start
# http2 server with support for RFC8441 by H1 client is sending a request with payload
server srv_h2_no_post {
rxpri
stream 0 {
# manually send RFC8441 SETTINGS_ENABLE_CONNECT_PROTOCOL
sendhex "00 00 06 04 00 00 00 00 00 00 08 00 00 00 01"
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
rxrst
} -run
} -start
# http/1.1 server
server srv_h1_h2c {
rxreq
expect req.method == "GET"
expect req.http.upgrade != "h2c"
txresp \
-status 200
} -start
haproxy hap -conf {
defaults
mode http
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
# h1 frontend connected to h2 frontend
listen frt_h1_h2
bind "fd@${frt_h1_h2}"
server feh2_srv ${hap_frt_h2_addr}:${hap_frt_h2_port} proto h2
# h2 frontend connected to srv_h1
listen frt_h2
bind "fd@${frt_h2}" proto h2
server srv_h1 ${srv_h1_addr}:${srv_h1_port}
# h1 frontend connected to srv_h2
listen frt_h1
bind "fd@${frt_h1}"
server srv_h2 ${srv_h2_addr}:${srv_h2_port} proto h2
# h1 frontend connected to srv_h2_no_ws
listen frt_h1_no_ws
bind "fd@${frt_h1_no_ws}"
server srv_h2_no_ws ${srv_h2_no_ws_addr}:${srv_h2_no_ws_port} proto h2
# h1 frontend connected to srv_h2_no_ws2
listen frt_h1_no_ws2
bind "fd@${frt_h1_no_ws2}"
server srv_h2_no_ws2 ${srv_h2_no_ws2_addr}:${srv_h2_no_ws2_port} proto h2
# h1 frontend connected to srv_h2_no_post
listen frt_h1_no_post
bind "fd@${frt_h1_no_post}"
server srv_h2_no_post ${srv_h2_no_post_addr}:${srv_h2_no_post_port} proto h2
# h2 frontend connected to h1 frontend
listen frt_h2_h1
bind "fd@${frt_h2_h1}" proto h2
server frt_h1 ${hap_frt_h1_addr}:${hap_frt_h1_port}
# h1 frontend to handle "h2c" token
listen frt_h1_h2c
bind "fd@${frt_h1_h2c}"
server srv_h1_h2c ${srv_h1_h2c_addr}:${srv_h1_h2c_port}
# h1 frontend connected to h1 server replying before end of POST request
listen frt_h1_partial_post
bind "fd@${frt_h1_partial_post}"
server srv_h1_partial_post ${srv_h1_partial_post_addr}:${srv_h1_partial_post_port}
# h1 frontend connected to h1 server replying post end of POST request
listen frt_h1_post
bind "fd@${frt_h1_post}"
server srv_h1_post ${srv_h1_post_addr}:${srv_h1_post_port}
} -start
## connect to h1 translation frontend
client c1_h1_h2 -connect ${hap_frt_h1_h2_sock} {
txreq \
-req "GET" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
rxresp
expect resp.status == 101
expect resp.http.connection == "upgrade"
expect resp.http.upgrade == "custom_protocol"
} -run
# connect to h2 server frontend
client c2_h2 -connect ${hap_frt_h2_sock} {
txpri
stream 0 {
txsettings
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
txreq \
-req "CONNECT" \
-scheme "http" \
-url "/" \
-hdr ":authority" "127.0.0.1" \
-hdr ":protocol" "custom_protocol"
rxhdrs
expect resp.status == 200
} -run
} -run
# connect to h2 translation frontend
client c3_h2_h1 -connect ${hap_frt_h2_h1_sock} {
txpri
stream 0 {
txsettings
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
txreq \
-req "CONNECT" \
-scheme "http" \
-url "/" \
-hdr ":authority" "127.0.0.1" \
-hdr ":protocol" "custom_protocol"
rxhdrs
expect resp.status == 200
} -run
} -run
# connect to h1 server frontend
client c4_h1 -connect ${hap_frt_h1_sock} {
txreq \
-req "GET" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
rxresp
expect resp.status == 101
expect resp.http.connection == "upgrade"
expect resp.http.upgrade == "custom_protocol"
} -run
# connect via h1 server frontend to h2 server without RFC8441 support
client c5 -connect ${hap_frt_h1_no_ws_sock} {
txreq \
-req "GET" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
rxresp
expect resp.status == 502
} -run
# connect via h1 server frontend to h2 server without RFC8441 support
client c6 -connect ${hap_frt_h1_no_ws2_sock} {
txreq \
-req "GET" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol"
rxresp
expect resp.status == 502
} -run
# connect via h1 server frontend to h2 server with RFC8441 support but send a POST request
client c7 -connect ${hap_frt_h1_no_post_sock} {
txreq \
-req "POST" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol" \
-bodylen 50
rxresp
expect resp.status == 502
} -run
# connect as http/1 with invalid "h2c" protocol
client c8_h2c -connect ${hap_frt_h1_h2c_sock} {
txreq \
-req "GET" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: h2c"
rxresp
expect resp.status == 200
}
# extended connect with invalid "h2c" protocol
client c9_h2c -connect ${hap_frt_h2_h1_sock} {
txpri
stream 0 {
txsettings
rxsettings
txsettings -ack
rxsettings
expect settings.ack == true
} -run
stream 1 {
txreq \
-req "CONNECT" \
-scheme "http" \
-url "/" \
-hdr ":authority" "127.0.0.1" \
-hdr ":protocol" "h2c"
rxrst
expect rst.err == 1
} -run
} -run
## connect to h1 frontend forwarding to a server not waiting end of POST request
client c10_h1_partial_post -connect ${hap_frt_h1_partial_post_sock} {
txreq \
-req "POST" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol" \
-hdr "content-length: 50"
rxresp
expect resp.status == 502
} -run
## connect to h1 frontend forwarding to a server waiting end of POST request
client c10_h1_post -connect ${hap_frt_h1_post_sock} {
txreq \
-req "POST" \
-url "/" \
-hdr "host: 127.0.0.1" \
-hdr "connection: upgrade" \
-hdr "upgrade: custom_protocol" \
-hdr "content-length: 50"
delay 0.2
send_n 5 "0123456789"
rxresp
expect resp.status == 101
expect resp.http.connection == "upgrade"
expect resp.http.upgrade == "custom_protocol"
} -run
|
