test: add http2 handler e2e suite and tighten host-mapper + idle-timeout tests
Add tests/e2e/http2_test.go covering the http2 handler/listener/connector/dialer
end-to-end through the canonical gost-as-client pattern (8 subtests: forward,
auth, bypass, probeResist/metadata, h2 stream multiplexing). Include
testdata/http2/{server,server_auth,server_bypass,server_proberesist,client,
client_auth}.yaml. Note that h2/h2c listeners pair with the tunnel handler
and only http2 listener pairs with handler http2 (reads r/w from metadata).
Tighten TestDNSHostMapper by pointing the handler at an unreachable upstream
so unmapped names fail at the exchanger, confirming the host-mapper path was
the sole reason mapped names resolved. Fix http_idle_timeout.py to speak HTTP
through the CONNECT tunnel rather than a raw ping, matching the echo backend.
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
+4
-1
@@ -4,7 +4,10 @@ services:
|
||||
handler:
|
||||
type: dns
|
||||
metadata:
|
||||
# No upstream — host mapper resolves before exchanger is ever reached.
|
||||
# Unreachable upstream so the system-DNS fallback is bypassed.
|
||||
# The host mapper resolves mapped names before the exchanger is
|
||||
# reached; unmapped names must hit the exchanger and fail.
|
||||
dns: udp://127.0.0.1:1
|
||||
timeout: 2s
|
||||
listener:
|
||||
type: dns
|
||||
|
||||
Vendored
+20
@@ -0,0 +1,20 @@
|
||||
services:
|
||||
- name: http-proxy
|
||||
addr: :8080
|
||||
handler:
|
||||
type: http
|
||||
chain: h2-chain
|
||||
listener:
|
||||
type: tcp
|
||||
|
||||
chains:
|
||||
- name: h2-chain
|
||||
hops:
|
||||
- name: hop-0
|
||||
nodes:
|
||||
- name: node-0
|
||||
addr: {{.ServerAddr}}
|
||||
connector:
|
||||
type: http2
|
||||
dialer:
|
||||
type: http2
|
||||
+23
@@ -0,0 +1,23 @@
|
||||
services:
|
||||
- name: http-proxy
|
||||
addr: :8080
|
||||
handler:
|
||||
type: http
|
||||
chain: h2-chain
|
||||
listener:
|
||||
type: tcp
|
||||
|
||||
chains:
|
||||
- name: h2-chain
|
||||
hops:
|
||||
- name: hop-0
|
||||
nodes:
|
||||
- name: node-0
|
||||
addr: {{.ServerAddr}}
|
||||
connector:
|
||||
type: http2
|
||||
auth:
|
||||
username: user
|
||||
password: pass
|
||||
dialer:
|
||||
type: http2
|
||||
Vendored
+7
@@ -0,0 +1,7 @@
|
||||
services:
|
||||
- name: h2-proxy
|
||||
addr: :8443
|
||||
handler:
|
||||
type: http2
|
||||
listener:
|
||||
type: http2
|
||||
+18
@@ -0,0 +1,18 @@
|
||||
services:
|
||||
- name: h2-proxy-auth
|
||||
addr: :8443
|
||||
handler:
|
||||
type: http2
|
||||
auther: auther-0
|
||||
metadata:
|
||||
# authBasicRealm: custom realm in 407 Proxy-Authenticate header
|
||||
authBasicRealm: gost-e2e-realm
|
||||
# hash: pin upstream selection by request host (metadata parse coverage)
|
||||
hash: host
|
||||
listener:
|
||||
type: http2
|
||||
authers:
|
||||
- name: auther-0
|
||||
auths:
|
||||
- username: user
|
||||
password: pass
|
||||
+20
@@ -0,0 +1,20 @@
|
||||
bypasses:
|
||||
- name: bypass-0
|
||||
matchers:
|
||||
- 0.0.0.0/0
|
||||
|
||||
services:
|
||||
- name: h2-proxy-bypass
|
||||
addr: :8443
|
||||
handler:
|
||||
type: http2
|
||||
auther: auther-0
|
||||
listener:
|
||||
type: http2
|
||||
bypass: bypass-0
|
||||
|
||||
authers:
|
||||
- name: auther-0
|
||||
auths:
|
||||
- username: user
|
||||
password: pass
|
||||
@@ -0,0 +1,20 @@
|
||||
services:
|
||||
- name: h2-proxy-pr
|
||||
addr: :8443
|
||||
handler:
|
||||
type: http2
|
||||
auther: auther-0
|
||||
metadata:
|
||||
# probeResist: hide the proxy behind a 404 decoy on auth failure
|
||||
probeResist: code:404
|
||||
# header: custom response headers set on proxy responses
|
||||
header:
|
||||
X-Proxy-Info: gost-e2e
|
||||
authBasicRealm: gost-e2e-realm
|
||||
listener:
|
||||
type: http2
|
||||
authers:
|
||||
- name: auther-0
|
||||
auths:
|
||||
- username: user
|
||||
password: pass
|
||||
Reference in New Issue
Block a user