System test for PROXYv2
This commit adds a system test suite for PROXYv2. The idea on which it is based is simple: 1. Firstly we check that 'allow-proxy' and 'allow-proxy-on' (whatever is using the new 'isc_nmhandle_real_localaddr/peeraddr()') do what they intended to do. 2. Anything else that needs an interface or peer address (ACL functionality, for example) is using the old 'isc_nmhandle_localaddr/peeraddr()' - which are now returning addresses received via PROXY (if any) instead of the real connection addresses. The beauty of it that we DO NOT need to verify every bit of the code relying on these functions: whatever works in one place will work everywhere else, as these were the only functions that allowed any higher level code to get peer and interface addresses. This way it is relatively easy to see if PROXYv2 works as intended.
This commit is contained in:
Artem Boldariev
8
bin/tests/system/proxy/self-signed-key.pem
Normal file
8
bin/tests/system/proxy/self-signed-key.pem
Normal file
@@ -0,0 +1,8 @@
|
||||
-----BEGIN EC PARAMETERS-----
|
||||
BggqhkjOPQMBBw==
|
||||
-----END EC PARAMETERS-----
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIHwX7CofJJGLEG6evl6h9WSmZ1q1HAOO+SKgvMiqCFcXoAoGCCqGSM49
|
||||
AwEHoUQDQgAE1axzFeiE1MGNxbiuEoNlsuLsiojtZh7mU5LUKu6R9gm4wzX6qNif
|
||||
M7paDmpPCKf8K+vj8ZOb3kjridks9DMLFg==
|
||||
-----END EC PRIVATE KEY-----
|
||||
Reference in New Issue
Block a user