testTLSProxyProtocolMatrix is the shared implementation for TLS-based proxy protocol tests. It mirrors testProxyProtocolMatrix but uses a TLS backend.
(t *testing.T, ppVersion string, transportVersions []string, numRequests int)
| 275 | // testTLSProxyProtocolMatrix is the shared implementation for TLS-based proxy |
| 276 | // protocol tests. It mirrors testProxyProtocolMatrix but uses a TLS backend. |
| 277 | func testTLSProxyProtocolMatrix(t *testing.T, ppVersion string, transportVersions []string, numRequests int) { |
| 278 | t.Helper() |
| 279 | |
| 280 | backend := newTLSProxyProtoBackend(t) |
| 281 | listenPort := freePort(t) |
| 282 | |
| 283 | tester := caddytest.NewTester(t) |
| 284 | tester.WithDefaultOverrides(caddytest.Config{ |
| 285 | AdminPort: 2999, |
| 286 | }) |
| 287 | cfg := proxyProtoTLSConfig(listenPort, backend.addr(), ppVersion, transportVersions) |
| 288 | tester.InitServer(cfg, "json") |
| 289 | |
| 290 | proxyURL := fmt.Sprintf("http://127.0.0.1:%d/", listenPort) |
| 291 | |
| 292 | for i := 0; i < numRequests; i++ { |
| 293 | resp, err := tester.Client.Get(proxyURL) |
| 294 | if err != nil { |
| 295 | t.Fatalf("request %d/%d: GET %s: %v", i+1, numRequests, proxyURL, err) |
| 296 | } |
| 297 | resp.Body.Close() |
| 298 | if resp.StatusCode != http.StatusOK { |
| 299 | t.Errorf("request %d/%d: expected status 200, got %d", i+1, numRequests, resp.StatusCode) |
| 300 | } |
| 301 | } |
| 302 | |
| 303 | addrs := backend.recordedAddrs() |
| 304 | if len(addrs) == 0 { |
| 305 | t.Fatalf("backend recorded no PROXY protocol addresses (expected at least 1)") |
| 306 | } |
| 307 | |
| 308 | for i, addr := range addrs { |
| 309 | host, _, err := net.SplitHostPort(addr) |
| 310 | if err != nil { |
| 311 | t.Errorf("addr[%d] %q: SplitHostPort: %v", i, addr, err) |
| 312 | continue |
| 313 | } |
| 314 | if host != "127.0.0.1" { |
| 315 | t.Errorf("addr[%d]: expected source 127.0.0.1, got %q", i, host) |
| 316 | } |
| 317 | } |
| 318 | } |
| 319 | |
| 320 | // proxyProtoConfig builds a Caddy JSON configuration that: |
| 321 | // - listens on listenPort for inbound HTTP requests |
no test coverage detected