Tailscale
/
tailscale
зеркало из https://github.com/tailscale/tailscale.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207
							// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause

package tshttpproxy

import (
	"net/http"
	"net/url"
	"os"
	"runtime"
	"strings"
	"testing"
	"time"

	"tailscale.com/util/must"
)

func TestGetAuthHeaderNoResult(t *testing.T) {
	const proxyURL = "http://127.0.0.1:38274"

	u, err := url.Parse(proxyURL)
	if err != nil {
		t.Fatalf("can't parse %q: %v", proxyURL, err)
	}

	got, err := GetAuthHeader(u)
	if err != nil {
		t.Fatalf("can't get auth header value: %v", err)
	}

	if runtime.GOOS == "windows" && strings.HasPrefix(got, "Negotiate") {
		t.Logf("didn't get empty result, but got acceptable Windows Negotiate header")
		return
	}
	if got != "" {
		t.Fatalf("GetAuthHeader(%q) = %q; want empty string", proxyURL, got)
	}
}

func TestGetAuthHeaderBasicAuth(t *testing.T) {
	const proxyURL = "http://user:[email protected]:38274"
	const want = "Basic dXNlcjpwYXNzd29yZA=="

	u, err := url.Parse(proxyURL)
	if err != nil {
		t.Fatalf("can't parse %q: %v", proxyURL, err)
	}

	got, err := GetAuthHeader(u)
	if err != nil {
		t.Fatalf("can't get auth header value: %v", err)
	}

	if got != want {
		t.Fatalf("GetAuthHeader(%q) = %q; want %q", proxyURL, got, want)
	}
}

func TestProxyFromEnvironment_setNoProxyUntil(t *testing.T) {
	const fakeProxyEnv = "10.1.2.3:456"
	const fakeProxyFull = "http://" + fakeProxyEnv

	defer os.Setenv("HTTPS_PROXY", os.Getenv("HTTPS_PROXY"))
	os.Setenv("HTTPS_PROXY", fakeProxyEnv)

	req := &http.Request{URL: must.Get(url.Parse("https://example.com/"))}
	for i := range 3 {
		switch i {
		case 1:
			setNoProxyUntil(time.Minute)
		case 2:
			setNoProxyUntil(0)
		}
		got, err := ProxyFromEnvironment(req)
		if err != nil {
			t.Fatalf("[%d] ProxyFromEnvironment: %v", i, err)
		}
		if got == nil || got.String() != fakeProxyFull {
			t.Errorf("[%d] Got proxy %v; want %v", i, got, fakeProxyFull)
		}
	}

}

func TestSetSelfProxy(t *testing.T) {
	// Ensure we clean everything up at the end of our test
	t.Cleanup(func() {
		config = nil
		proxyFunc = nil
	})

	testCases := []struct {
		name      string
		env       map[string]string
		self      []string
		wantHTTP  string
		wantHTTPS string
	}{
		{
			name: "no self proxy",
			env: map[string]string{
				"HTTP_PROXY":  "127.0.0.1:1234",
				"HTTPS_PROXY": "127.0.0.1:1234",
			},
			self:      nil,
			wantHTTP:  "127.0.0.1:1234",
			wantHTTPS: "127.0.0.1:1234",
		},
		{
			name: "skip proxies",
			env: map[string]string{
				"HTTP_PROXY":  "127.0.0.1:1234",
				"HTTPS_PROXY": "127.0.0.1:5678",
			},
			self:      []string{"127.0.0.1:1234", "127.0.0.1:5678"},
			wantHTTP:  "", // skipped
			wantHTTPS: "", // skipped
		},
		{
			name: "localhost normalization of env var",
			env: map[string]string{
				"HTTP_PROXY":  "localhost:1234",
				"HTTPS_PROXY": "[::1]:5678",
			},
			self:      []string{"127.0.0.1:1234", "127.0.0.1:5678"},
			wantHTTP:  "", // skipped
			wantHTTPS: "", // skipped
		},
		{
			name: "localhost normalization of addr",
			env: map[string]string{
				"HTTP_PROXY":  "127.0.0.1:1234",
				"HTTPS_PROXY": "127.0.0.1:1234",
			},
			self:      []string{"[::1]:1234"},
			wantHTTP:  "", // skipped
			wantHTTPS: "", // skipped
		},
		{
			name: "no ports",
			env: map[string]string{
				"HTTP_PROXY":  "myproxy",
				"HTTPS_PROXY": "myproxy",
			},
			self:      []string{"127.0.0.1:1234"},
			wantHTTP:  "myproxy",
			wantHTTPS: "myproxy",
		},
	}
	for _, tt := range testCases {
		t.Run(tt.name, func(t *testing.T) {
			for k, v := range tt.env {
				oldEnv, found := os.LookupEnv(k)
				if found {
					t.Cleanup(func() {
						os.Setenv(k, oldEnv)
					})
				}
				os.Setenv(k, v)
			}

			// Reset computed variables
			config = nil
			proxyFunc = func(*url.URL) (*url.URL, error) {
				panic("should not be called")
			}

			SetSelfProxy(tt.self...)

			if got := config.HTTPProxy; got != tt.wantHTTP {
				t.Errorf("got HTTPProxy=%q; want %q", got, tt.wantHTTP)
			}
			if got := config.HTTPSProxy; got != tt.wantHTTPS {
				t.Errorf("got HTTPSProxy=%q; want %q", got, tt.wantHTTPS)
			}
			if proxyFunc != nil {
				t.Errorf("wanted nil proxyFunc")
			}

			// Verify that we do actually proxy through the
			// expected proxy, if we have one configured.
			pf := getProxyFunc()
			if tt.wantHTTP != "" {
				want := "http://" + tt.wantHTTP

				uu, _ := url.Parse("http://tailscale.com")
				dest, err := pf(uu)
				if err != nil {
					t.Error(err)
				} else if dest.String() != want {
					t.Errorf("got dest=%q; want %q", dest, want)
				}
			}
			if tt.wantHTTPS != "" {
				want := "http://" + tt.wantHTTPS

				uu, _ := url.Parse("https://tailscale.com")
				dest, err := pf(uu)
				if err != nil {
					t.Error(err)
				} else if dest.String() != want {
					t.Errorf("got dest=%q; want %q", dest, want)
				}
			}
		})
	}
}