# Copyright © 1991-1993 The Regents of the University of California.
# Copyright © 1994-1996 Sun Microsystems, Inc.
# Copyright © 1998-2000 Ajuba Solutions.
# Copyright © 2022-2023 Keith Nash.
#
# See the file "license.terms" for information on usage and redistribution of
# this file, and for a DISCLAIMER OF ALL WARRANTIES.
# You may distribute and/or modify this program under the terms of the GNU
# Affero General Public License as published by the Free Software Foundation,
# either version 3 of the License, or (at your option) any later version.
#
# See the file "COPYING" for information on usage and redistribution
# of this file, and for a DISCLAIMER OF ALL WARRANTIES.
# Commands covered: http::geturl when using a proxy server.
#
# This file contains a collection of tests for the http script library.
# Sourcing this file into Tcl runs the tests and generates output for errors.
# No output means no errors were found.
if {"::tcltest" ni [namespace children]} {
package require tcltest 2.5
namespace import -force ::tcltest::*
}
package require http 2.10
#http::register http 80 ::socket
proc bgerror {args} {
global errorInfo
puts stderr "httpProxy.test bgerror"
puts stderr [join $args]
puts stderr $errorInfo
}
proc stopMe {token} {
set ${token}(z) done
}
#set ThreadLevel 0
if {![info exists ThreadLevel]} {
if {[catch {package require Thread 2.8.9-}] == 0} {
set ValueRange {0 1 2}
} else {
set ValueRange {0 1}
}
# For each value of ThreadLevel, source this file recursively in the
# same interpreter.
foreach ThreadLevel $ValueRange {
source [info script]
}
catch {unset ThreadLevel}
catch {unset ValueRange}
return
}
catch {puts "==== Test with ThreadLevel $ThreadLevel ===="}
http::config -threadlevel $ThreadLevel
�
testConstraint needsSquidNoAuth 0
testConstraint needsSquidAuth 0
testConstraint needsTclTls 0
testConstraint needsTwapi 0
testConstraint needsTwapiFull 0
testConstraint needsTls [expr { [testConstraint needsTclTls]
|| [testConstraint needsTwapi]
|| [testConstraint needsTwapiFull]
}]
if {[testConstraint needsTclTls]} {
package require tls
http::register https 443 [list ::tls::socket -ssl2 0 -ssl3 0 \
-tls1 0 -tls1.1 0 -tls1.2 1 -tls1.3 0 -autoservername 1] ::tls::socketCmd 1 1
} elseif {[testConstraint needsTwapi]} {
# "Original" http::register with 3 arguments has the same capabilities as
# in http 2.9 and earlier. This means that:
# (1) it cannot open a socket in a background thread (this option stops a
# slow DNS lookup from blocking a [socket -async] command); and
# (2) it cannot use a https proxy.
#
testConstraint needsSquidNoAuth 0
testConstraint needsSquidAuth 0
package require twapi
http::register https 443 ::twapi::tls_socket
} elseif {[testConstraint needsTwapiFull]} {
# (Any revisions to TWAPI, and the contents/existence of the twapiTlsPlus
# wrapper, can be negotiated if the bugs listed below can be fixed.)
# Use a temporary wrapper package twapiTlsPlus to present a suitable API.
#
# N.B. MUST EDIT twapi*/tls.tcl so that
#- set so [$socketcmd {*}$socket_args {*}$args]
#+ set so [{*}$socketcmd {*}$socket_args {*}$args]
#
# Bug with https, threadLevel 1,2, no proxy: try test 'httpProxy-2.2.*'
# Bug with https, threadLevel 0, with proxy: try test 'httpProxy-3.4.0'
# In both cases (using TWAPI 4.7.2 25d8bc), the result is:
# ---- Test generated error; Return code was: 1
# ---- Return code should have been one of: 0 2
# ---- errorInfo: cannot yield: C stack busy
# while executing
# "http::geturl https://www.google.com/"
#
package require twapiTlsPlus
http::register https 443 ::twapiTlsPlus::socket ::twapiTlsPlus::socketCmd 1 1
} else {
}
# Testing with Squid
# - Example Squid configuration for Enterprise Linux 8 (Red Hat, Oracle, Rocky,
# Alma, ...) is in file tests/httpProxySquidConfigForEL8.tar.gz.
# - Two instances of Squid are launched, one that needs authentication and one
# that does not.
# - Each instance of Squid listens on IPv4 and IPv6, on different ports.
# Instance of Squid that does not need authentication.
set n4host 127.0.0.1
set n6host ::1
set n4port 3128
set n6port 3130
# Instance of Squid that needs authentication.
set a4host 127.0.0.1
set a6host ::1
set a4port 3129
set a6port 3131
# concat Basic [base64::encode alice:alicia]
set aliceCreds {Basic YWxpY2U6YWxpY2lh}
# concat Basic [base64::encode intruder:intruder]
set badCreds {Basic aW50cnVkZXI6aW50cnVkZXI=}
test httpProxy-1.1.$ThreadLevel {squid is running - ipv4 no-auth} -constraints {needsSquidNoAuth} -setup {
} -body {
set token [http::geturl http://$n4host:$n4port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-1.2.$ThreadLevel {squid is running - ipv6 no-auth} -constraints {needsSquidNoAuth} -setup {
} -body {
set token [http::geturl http://\[$n6host\]:$n6port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-1.3.$ThreadLevel {squid is running - ipv4 with-auth} -constraints {needsSquidAuth} -setup {
} -body {
set token [http::geturl http://$a4host:$a4port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-1.4.$ThreadLevel {squid is running - ipv6 with-auth} -constraints {needsSquidAuth} -setup {
} -body {
set token [http::geturl http://\[$a6host\]:$a6port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-2.1.$ThreadLevel {http no-proxy no-auth} -constraints {} -setup {
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-2.2.$ThreadLevel {https no-proxy no-auth} -constraints {needsTls} -setup {
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
}
test httpProxy-2.3.$ThreadLevel {http with-proxy ipv4 no-auth} -constraints {needsSquidNoAuth} -setup {
http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.4.$ThreadLevel {https with-proxy ipv4 no-auth} -constraints {needsSquidNoAuth needsTls} -setup {
http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.5.$ThreadLevel {http with-proxy ipv6 no-auth} -constraints {needsSquidNoAuth} -setup {
http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.6.$ThreadLevel {https with-proxy ipv6 no-auth} -constraints {needsSquidNoAuth needsTls} -setup {
http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-3.1.$ThreadLevel {http no-proxy with-auth valid-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.2.$ThreadLevel {https no-proxy with-auth valid-creds-provided} -constraints {needsTls} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.3.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.4.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.5.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.6.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.7.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.7x.$ThreadLevel {http with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.8.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.8x.$ThreadLevel {https with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9p.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9x.$ThreadLevel {http with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10p.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10x.$ThreadLevel {https with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.1.$ThreadLevel {http no-proxy with-auth no-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.2.$ThreadLevel {https no-proxy with-auth no-creds-provided} -constraints {needsTls} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.3.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.4.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.5.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.6.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.7.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.8.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.9.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.9p.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.10.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.10p.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.1.$ThreadLevel {http no-proxy with-auth bad-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.2.$ThreadLevel {https no-proxy with-auth bad-creds-provided} -constraints {needsTls} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.3.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.4.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.5.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.6.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquidAuth needsTls} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
} -body {
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
http::cleanup $token
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.7.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.7p.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
# Use the same caution as for the corresponding https test.
after idle {
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.8.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.8p.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
after idle {
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.9.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.10.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
http::cleanup $token0
http::cleanup $token
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
# cleanup
unset -nocomplain n4host n6host n4port n6port a4host a6host a4port a6port aliceCreds badCreds
rename bgerror {}
rename stopMe {}
::tcltest::cleanupTests
# Local variables:
# mode: tcl
# End: