MCPcopy
hub / github.com/AdguardTeam/dnsproxy / TestProxy_trustedProxies

Function TestProxy_trustedProxies

proxy/serverhttps_internal_test.go:72–129  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

70}
71
72func TestProxy_trustedProxies(t *testing.T) {
73 var (
74 clientAddr = netip.MustParseAddr("1.2.3.4")
75 proxyAddr = netip.MustParseAddr("127.0.0.1")
76 )
77
78 doRequest := func(t *testing.T, addr, expectedClientIP netip.Addr) {
79 var gotAddr netip.Addr
80 reqHandler := &TestHandler{
81 OnHandle: func(ctx context.Context, p *Proxy, d *DNSContext) (err error) {
82 gotAddr = d.Addr.Addr()
83
84 return p.Resolve(ctx, d)
85 },
86 }
87
88 // Prepare the proxy server.
89 tlsConf, caPem := newTLSConfig(t)
90 httpConf := &HTTPConfig{
91 ListenAddresses: []netip.AddrPort{localhostAnyPort},
92 }
93 dnsProxy := mustNew(t, &Config{
94 Logger: testLogger,
95 UpstreamConfig: newTestUpstreamConfig(t, defaultTimeout, testDefaultUpstreamAddr),
96 TrustedProxies: defaultTrustedProxies,
97 RequestHandler: reqHandler,
98 TLSConfig: tlsConf,
99 TLSListenAddr: []*net.TCPAddr{net.TCPAddrFromAddrPort(localhostAnyPort)},
100 QUICListenAddr: []*net.UDPAddr{net.UDPAddrFromAddrPort(localhostAnyPort)},
101 HTTPConfig: httpConf,
102 })
103
104 client := createTestHTTPClient(dnsProxy, caPem, false)
105
106 msg := newTestMessage()
107
108 dnsProxy.TrustedProxies = netip.PrefixFrom(addr, addr.BitLen())
109
110 servicetest.RequireRun(t, dnsProxy, testTimeout)
111
112 hdrs := map[string]string{
113 "X-Forwarded-For": strings.Join([]string{clientAddr.String(), proxyAddr.String()}, ","),
114 }
115
116 resp := sendTestDoHMessage(t, client, msg, hdrs)
117 requireResponse(t, msg, resp)
118
119 require.Equal(t, expectedClientIP, gotAddr)
120 }
121
122 t.Run("success", func(t *testing.T) {
123 doRequest(t, proxyAddr, clientAddr)
124 })
125
126 t.Run("not_in_trusted", func(t *testing.T) {
127 doRequest(t, netip.MustParseAddr("127.0.0.2"), proxyAddr)
128 })
129}

Callers

nothing calls this directly

Calls 10

mustNewFunction · 0.85
newTestUpstreamConfigFunction · 0.85
createTestHTTPClientFunction · 0.85
newTestMessageFunction · 0.85
sendTestDoHMessageFunction · 0.85
AddrMethod · 0.80
ResolveMethod · 0.80
newTLSConfigFunction · 0.70
requireResponseFunction · 0.70
StringMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…