summaryrefslogtreecommitdiffstats
path: root/tests/httpProxy.test
diff options
context:
space:
mode:
Diffstat (limited to 'tests/httpProxy.test')
-rw-r--r--tests/httpProxy.test1146
1 files changed, 1146 insertions, 0 deletions
diff --git a/tests/httpProxy.test b/tests/httpProxy.test
new file mode 100644
index 0000000..d8bd6b7
--- /dev/null
+++ b/tests/httpProxy.test
@@ -0,0 +1,1146 @@
+# Commands covered: http::geturl when using a proxy server.
+#
+# This file contains a collection of tests for the http script library.
+# Sourcing this file into Tcl runs the tests and generates output for errors.
+# No output means no errors were found.
+#
+# Copyright © 1991-1993 The Regents of the University of California.
+# Copyright © 1994-1996 Sun Microsystems, Inc.
+# Copyright © 1998-2000 Ajuba Solutions.
+# Copyright © 2022 Keith Nash.
+#
+# See the file "license.terms" for information on usage and redistribution of
+# this file, and for a DISCLAIMER OF ALL WARRANTIES.
+
+if {"::tcltest" ni [namespace children]} {
+ package require tcltest 2.5
+ namespace import -force ::tcltest::*
+}
+
+package require http 2.10
+
+proc bgerror {args} {
+ global errorInfo
+ puts stderr "httpProxy.test bgerror"
+ puts stderr [join $args]
+ puts stderr $errorInfo
+}
+
+proc stopMe {token} {
+ set ${token}(z) done
+}
+
+if {![info exists ThreadLevel]} {
+ if {[catch {package require Thread}] == 0} {
+ set ValueRange {0 1 2}
+ } else {
+ set ValueRange {0 1}
+ }
+
+ # For each value of ThreadLevel, source this file recursively in the
+ # same interpreter.
+ foreach ThreadLevel $ValueRange {
+ source [info script]
+ }
+ catch {unset ThreadLevel}
+ catch {unset ValueRange}
+ return
+}
+
+catch {puts "==== Test with ThreadLevel $ThreadLevel ===="}
+http::config -threadlevel $ThreadLevel
+
+
+#testConstraint needsSquid 1
+#testConstraint needsTls 1
+
+if {[testConstraint needsTls]} {
+ package require tls
+ http::register https 443 [list ::tls::socket -ssl2 0 -ssl3 0 \
+ -tls1 0 -tls1.1 0 -tls1.2 1 -tls1.3 0 -autoservername 1]
+}
+
+# Testing with Squid
+# - Example Squid configuration for Enterprise Linux 8 (Red Hat, Oracle, Rocky,
+# Alma, ...) is in file tests/httpProxySquidConfigForEL8.tar.gz.
+# - Two instances of Squid are launched, one that needs authentication and one
+# that does not.
+# - Each instance of Squid listens on IPv4 and IPv6, on different ports.
+
+# Instance of Squid that does not need authentication.
+set n4host 127.0.0.1
+set n6host ::1
+set n4port 3128
+set n6port 3130
+
+# Instance of Squid that needs authentication.
+set a4host 127.0.0.1
+set a6host ::1
+set a4port 3129
+set a6port 3131
+
+# concat Basic [base64::encode alice:alicia]
+set aliceCreds {Basic YWxpY2U6YWxpY2lh}
+
+# concat Basic [base64::encode intruder:intruder]
+set badCreds {Basic aW50cnVkZXI6aW50cnVkZXI=}
+
+test httpProxy-1.1.$ThreadLevel {squid is running - ipv4 noauth} -constraints {needsSquid} -setup {
+} -body {
+ set token [http::geturl http://$n4host:$n4port/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed]"
+} -result {complete ok 400 -- none} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-1.2.$ThreadLevel {squid is running - ipv6 noauth} -constraints {needsSquid} -setup {
+} -body {
+ set token [http::geturl http://\[$n6host\]:$n6port/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed]"
+} -result {complete ok 400 -- none} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-1.3.$ThreadLevel {squid is running - ipv4 auth} -constraints {needsSquid} -setup {
+} -body {
+ set token [http::geturl http://$a4host:$a4port/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed]"
+} -result {complete ok 400 -- none} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-1.4.$ThreadLevel {squid is running - ipv6 auth} -constraints {needsSquid} -setup {
+} -body {
+ set token [http::geturl http://\[$a6host\]:$a6port/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed]"
+} -result {complete ok 400 -- none} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-2.1.$ThreadLevel {http no-proxy no-auth} -constraints {needsSquid} -setup {
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-2.2.$ThreadLevel {https no-proxy no-auth} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+}
+
+test httpProxy-2.3.$ThreadLevel {http with-proxy ipv4 no-auth} -constraints {needsSquid} -setup {
+ http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+ http::config -proxyhost {} -proxyport {} -proxynot {}
+}
+
+test httpProxy-2.4.$ThreadLevel {https with-proxy ipv4 no-auth} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+ http::config -proxyhost {} -proxyport {} -proxynot {}
+}
+
+test httpProxy-2.5.$ThreadLevel {http with-proxy ipv6 no-auth} -constraints {needsSquid} -setup {
+ http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+ http::config -proxyhost {} -proxyport {} -proxynot {}
+}
+
+test httpProxy-2.6.$ThreadLevel {https with-proxy ipv6 no-auth} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res
+ http::config -proxyhost {} -proxyport {} -proxynot {}
+}
+
+test httpProxy-3.1.$ThreadLevel {http no-proxy with-auth valid-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.2.$ThreadLevel {https no-proxy with-auth valid-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.3.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.4.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.5.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.6.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.7.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.7x.$ThreadLevel {http with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+
+ http::config -proxyauth $aliceCreds
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.8.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.8x.$ThreadLevel {https with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+
+ http::config -proxyauth $aliceCreds
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.9.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.9p.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+after idle {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.9x.$ThreadLevel {http with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+
+ http::config -proxyauth $aliceCreds
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.10.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.10p.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+after idle {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-3.10x.$ThreadLevel {https with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+
+ http::config -proxyauth $aliceCreds
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.1.$ThreadLevel {http no-proxy with-auth no-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.2.$ThreadLevel {https no-proxy with-auth no-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.3.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.4.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.5.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.6.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.7.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.8.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.9.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.9p.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+after idle {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.10.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-4.10p.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+
+after idle {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.1.$ThreadLevel {http no-proxy with-auth bad-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.2.$ThreadLevel {https no-proxy with-auth bad-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.3.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.4.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.5.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquid} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl http://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.6.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquid needsTls} -setup {
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
+} -body {
+ set token [http::geturl https://www.google.com/]
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
+} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
+ http::cleanup $token
+ unset -nocomplain token ri res pos1 pos2
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.7.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.7p.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ # Use the same caution as for the corresponding https test.
+after idle {
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.8.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.8p.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
+} -body {
+ set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+after idle {
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+}
+ vwait ${token0}(z)
+ after cancel $can0
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can0 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.9.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquid} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
+ set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # Use the same caution as for the corresponding https test.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+test httpProxy-5.10.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquid needsTls} -setup {
+ array unset ::http::socketMapping
+ http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
+ set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
+} -body {
+ # If a bug passes the socket of a failed CONNECT to the main request, an infinite
+ # wait can occur despite -timeout. Fix this with http::reset; to do this the call
+ # to http::geturl must be async so we have $token for use as argument of reset.
+ set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
+ set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
+ vwait ${token}(z)
+ after cancel $can
+
+ set ri [http::responseInfo $token]
+ set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
+ set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
+ set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
+ set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
+ [dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
+ [lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
+} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
+ http::cleanup $token0
+ http::cleanup $token
+ unset -nocomplain token0 token ri res pos1 pos2 can same
+ array unset ::http::socketMapping
+ http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
+}
+
+# cleanup
+unset -nocomplain n4host n6host n4port n6port a4host a6host a4port a6port aliceCreds badCreds
+
+rename bgerror {}
+rename stopMe {}
+
+::tcltest::cleanupTests
+
+# Local variables:
+# mode: tcl
+# End:
+
generated by cgit v0.12 at 2024-10-22 11:40:55 (GMT)