1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
use Mojo::Base -strict;
BEGIN { $ENV{MOJO_REACTOR} = 'Mojo::Reactor::Poll' }
use Test::More;
use Mojo::IOLoop::TLS;
plan skip_all => 'set TEST_IPV6 to enable this test (developer only!)'
unless $ENV{TEST_IPV6};
plan skip_all => 'set TEST_TLS to enable this test (developer only!)'
unless $ENV{TEST_TLS};
plan skip_all => 'IO::Socket::SSL 1.94+ required for this test!'
unless Mojo::IOLoop::TLS->can_tls;
# To regenerate all required certificates run these commands (07.01.2016)
# openssl genrsa -out domain.key 1024
# openssl req -new -key domain.key -out domain.csr -subj "/C=US/CN=example.com"
# openssl x509 -req -days 7300 -in domain.csr -out domain.crt -CA ca.crt \
# -CAkey ca.key -CAcreateserial
use Mojo::IOLoop;
use Mojo::Server::Daemon;
use Mojo::UserAgent;
use Mojolicious::Lite;
# Silence
app->log->level('fatal');
get '/' => {text => 'works!'};
# CONNECT proxy server for testing
my (%buffer, $forward);
my $id = Mojo::IOLoop->server(
{address => '[::1]'} => sub {
my ($loop, $stream, $id) = @_;
# Connection to client
$stream->on(
read => sub {
my ($stream, $chunk) = @_;
# Write chunk from client to server
my $server = $buffer{$id}{connection};
return Mojo::IOLoop->stream($server)->write($chunk) if $server;
# Read connect request from client
my $buffer = $buffer{$id}{client} .= $chunk;
if ($buffer =~ /\x0d?\x0a\x0d?\x0a$/) {
$buffer{$id}{client} = '';
if ($buffer =~ /CONNECT \S+:\d+/) {
# Connection to server
$buffer{$id}{connection} = Mojo::IOLoop->client(
{address => '[::1]', port => $forward} => sub {
my ($loop, $err, $stream) = @_;
# Connection to server failed
if ($err) {
Mojo::IOLoop->remove($id);
return delete $buffer{$id};
}
# Start forwarding data in both directions
Mojo::IOLoop->stream($id)
->write("HTTP/1.1 200 OK\x0d\x0a"
. "Connection: keep-alive\x0d\x0a\x0d\x0a");
$stream->on(
read => sub {
my ($stream, $chunk) = @_;
Mojo::IOLoop->stream($id)->write($chunk);
}
);
# Server closed connection
$stream->on(
close => sub {
Mojo::IOLoop->remove($id);
delete $buffer{$id};
}
);
}
);
}
# Invalid request from client
else { Mojo::IOLoop->remove($id) }
}
}
);
# Client closed connection
$stream->on(
close => sub {
my $buffer = delete $buffer{$id};
Mojo::IOLoop->remove($buffer->{connection}) if $buffer->{connection};
}
);
}
);
my $proxy = Mojo::IOLoop->acceptor($id)->port;
# IPv6 and TLS
my $daemon = Mojo::Server::Daemon->new(
app => app,
listen => ['https://[::1]'],
silent => 1
);
$daemon->start;
my $port = Mojo::IOLoop->acceptor($daemon->acceptors->[0])->port;
my $ua = Mojo::UserAgent->new(ioloop => Mojo::IOLoop->singleton);
my $tx = $ua->get("https://[::1]:$port/");
is $tx->res->code, 200, 'right status';
is $tx->res->body, 'works!', 'right content';
# IPv6, TLS, SNI and a proxy
SKIP: {
skip 'SNI support required!', 1
unless IO::Socket::SSL->can_client_sni && IO::Socket::SSL->can_server_sni;
$daemon = Mojo::Server::Daemon->new(app => app, silent => 1);
my $listen
= 'https://[::1]'
. '?127.0.0.1_cert=t/mojo/certs/server.crt'
. '&127.0.0.1_key=t/mojo/certs/server.key'
. '&example.com_cert=t/mojo/certs/domain.crt'
. '&example.com_key=t/mojo/certs/domain.key';
$daemon->listen([$listen])->start;
$forward = Mojo::IOLoop->acceptor($daemon->acceptors->[0])->port;
$ua = Mojo::UserAgent->new(
ioloop => Mojo::IOLoop->singleton,
ca => 't/mojo/certs/ca.crt'
);
$ua->proxy->https("http://[::1]:$proxy");
$tx = $ua->get("https://example.com/");
is $tx->res->code, 200, 'right status';
is $tx->res->body, 'works!', 'right content';
ok !$tx->error, 'no error';
$tx = $ua->get("https://127.0.0.1/");
is $tx->res->code, 200, 'right status';
is $tx->res->body, 'works!', 'right content';
ok !$tx->error, 'no error';
$tx = $ua->get("https://has.no.cert/");
like $tx->error->{message}, qr/hostname verification failed/, 'right error';
}
done_testing();
|
