DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix proxy_protocol duplication in listen definition

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2020-06-09 10:29:02 -04:00
parent 0549d9b132
commit 3d3efaab29
2 changed files with 63 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

44
test/e2e/settings/proxy_protocol.go
View file

@ -17,6 +17,7 @@ limitations under the License.
package settings
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net"
@ -103,4 +104,47 @@ var _ = framework.DescribeSetting("use-proxy-protocol", func() {
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-forwarded-proto=https"))
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-forwarded-for=192.168.0.1"))
})
ginkgo.It("should enable PROXY Protocol for HTTPS", func() {
host := "proxy-protocol"
f.UpdateNginxConfigMapData(setting, "true")
ing := f.EnsureIngress(framework.NewSingleIngressWithTLS(host, "/", host, []string{host}, f.Namespace, framework.EchoService, 80, nil))
tlsConfig, err := framework.CreateIngressTLSSecret(f.KubeClientSet,
ing.Spec.TLS[0].Hosts,
ing.Spec.TLS[0].SecretName,
ing.Namespace)
assert.Nil(ginkgo.GinkgoT(), err)
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, "443 proxy_protocol")
})
ip := f.GetNginxIP()
conn, err := net.Dial("tcp", net.JoinHostPort(ip, "443"))
assert.Nil(ginkgo.GinkgoT(), err, "unexpected error connecting to %v:443", ip)
defer conn.Close()
_, err = fmt.Fprintf(conn, "PROXY TCP4 192.168.0.1 192.168.0.11 56324 1234\r\n")
assert.Nil(ginkgo.GinkgoT(), err, "writing proxy protocol")
tlsConn := tls.Client(conn, tlsConfig)
defer tlsConn.Close()
_, err = tlsConn.Write([]byte("GET / HTTP/1.1\r\nHost: proxy-protocol\r\n\r\n"))
assert.Nil(ginkgo.GinkgoT(), err, "writing HTTP request")
data, err := ioutil.ReadAll(tlsConn)
assert.Nil(ginkgo.GinkgoT(), err, "unexpected error reading connection data")
body := string(data)
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("host=%v", "proxy-protocol"))
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-forwarded-port=1234"))
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-forwarded-proto=https"))
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-scheme=https"))
assert.Contains(ginkgo.GinkgoT(), body, fmt.Sprintf("x-forwarded-for=192.168.0.1"))
})
})