haproxy/reg-tests/http-messaging/srv_ws.vtc

# This reg-test checks websocket support in regards with the server keyword
# 'ws'

varnishtest "h2 backend websocket management via server keyword"

feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev0)'"
feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && !ssllib_name_startswith(wolfSSL)'"
feature ignore_unknown_macro

# haproxy server
haproxy hapsrv -conf {
	defaults
		mode http
		timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
		timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
		timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"

	frontend fe
		bind "fd@${fe}"
		bind "fd@${fessl}" ssl crt ${testdir}/common.pem alpn h2,http/1.1
		capture request header sec-websocket-key len 128
		http-request set-var(txn.ver) req.ver
		use_backend be

	backend be
		# define websocket ACL
		acl ws_handshake hdr(upgrade) -m str websocket

		# handle non-ws streams
		http-request return status 200 if !ws_handshake

		# handle ws streams
		#capture request header sec-websocket-key len 128
		http-request return status 200 hdr connection upgrade hdr upgrade websocket hdr sec-websocket-accept "%[capture.req.hdr(0),concat(258EAFA5-E914-47DA-95CA-C5AB0DC85B11,,),sha1,base64]" if ws_handshake
		http-after-response set-status 101 if { status eq 200 } { res.hdr(upgrade) -m str websocket }
		http-after-response set-header x-backend-protocol "%[var(txn.ver)]"
} -start

# haproxy LB
haproxy hap -conf {
	defaults
		mode http
		timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
		timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
		timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"

	# proto X ws h1 -> websocket on h1
	listen li
		bind "fd@${li}"
		server hap_srv ${hapsrv_fe_addr}:${hapsrv_fe_port} proto h2 ws h1

	# proto X ws h2 -> websocket on h2
	listen lih2
		bind "fd@${lih2}"
		server hap_srv ${hapsrv_fe_addr}:${hapsrv_fe_port} proto h2 ws h2

	# alpn h2,http/1.1 ws h2 -> websocket on h2
	listen lisslh2
		bind "fd@${lisslh2}"
		server hap_srv ${hapsrv_fessl_addr}:${hapsrv_fessl_port} ssl verify none alpn h2,http/1.1 ws h2
		http-response set-header x-alpn "%[ssl_bc_alpn]"

	# ws auto -> websocket on h1
	listen liauto
		bind "fd@${liauto}"
		server hap_srv ${hapsrv_fe_addr}:${hapsrv_fe_port}

	# alpn h2,http/1.1 ws auto -> websocket on h1
	listen lissl
		bind "fd@${lissl}"
		server hap_srv ${hapsrv_fessl_addr}:${hapsrv_fessl_port} ssl verify none alpn h2,http/1.1 ws auto
		http-response set-header x-alpn "%[ssl_bc_alpn]"
	# alpn h2,http/1.1 ws auto -> websocket on h1
	listen lisslauto
		bind "fd@${lisslauto}"
		server hap_srv ${hapsrv_fessl_addr}:${hapsrv_fessl_port} ssl verify none alpn h2,http/1.1
		http-response set-header x-alpn "%[ssl_bc_alpn]"

	# proto h2 ws auto -> websocket on h2
	listen liauto2
		bind "fd@${liauto2}"
		server hap_srv ${hapsrv_fe_addr}:${hapsrv_fe_port} proto h2

	# alpn h2 ws auto -> websocket on h2
	listen lisslauto2
		bind "fd@${lisslauto2}"
		server hap_srv ${hapsrv_fessl_addr}:${hapsrv_fessl_port} ssl verify none alpn h2 ws auto
		http-response set-header x-alpn "%[ssl_bc_alpn]"
} -start

client c1 -connect ${hap_li_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-backend-protocol == "1.1"
} -run

client c1.2 -connect ${hap_lih2_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-backend-protocol == "2.0"
} -run

client c1.3 -connect ${hap_liauto_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-backend-protocol == "1.1"
} -run

client c1.4 -connect ${hap_liauto2_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-backend-protocol == "2.0"
} -run

client c2 -connect ${hap_lisslauto_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-alpn == "http/1.1"
} -run

client c2.2 -connect ${hap_lisslauto2_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-alpn == "h2"
} -run

client c2.3 -connect ${hap_lisslh2_sock} {
	txreq \
	  -req "GET" \
	  -url "/" \
	  -hdr "host: 127.0.0.1" \
	  -hdr "connection: upgrade" \
	  -hdr "upgrade: websocket" \
	  -hdr "sec-websocket-key: dGhlIHNhbXBsZSBub25jZQ=="
	rxresp
	expect resp.status == 101
	expect resp.http.x-alpn == "h2"
} -run