diff --git a/src/iocore/net/SSLSNIConfig.cc b/src/iocore/net/SSLSNIConfig.cc index 19b631e782c..bbac57eb6f7 100644 --- a/src/iocore/net/SSLSNIConfig.cc +++ b/src/iocore/net/SSLSNIConfig.cc @@ -77,6 +77,7 @@ NamedElement::operator=(NamedElement &&other) if (this != &other) { match = std::move(other.match); inbound_port_ranges = std::move(other.inbound_port_ranges); + rank = other.rank; } return *this; } diff --git a/src/iocore/net/unit_tests/sni_conf_test.yaml b/src/iocore/net/unit_tests/sni_conf_test.yaml index d8b264a5036..2f7a1dedc39 100644 --- a/src/iocore/net/unit_tests/sni_conf_test.yaml +++ b/src/iocore/net/unit_tests/sni_conf_test.yaml @@ -36,3 +36,16 @@ sni: http2_buffer_water_mark: 256 - fqdn: foo.bar.com http2: false + +# test with mixed-case +- fqdn: "MiXeDcAsE.foo.com" + http2: true + http2_buffer_water_mark: 256 + inbound_port_ranges: 31337 + +# test with mixed-case glob +- fqdn: "*.MiXeDcAsE.com" + http2: false + +# test glob in the middle, this will be an exact match +- fqdn: "cat.*.com" diff --git a/src/iocore/net/unit_tests/test_SSLSNIConfig.cc b/src/iocore/net/unit_tests/test_SSLSNIConfig.cc index e04cd7837b3..001e2115650 100644 --- a/src/iocore/net/unit_tests/test_SSLSNIConfig.cc +++ b/src/iocore/net/unit_tests/test_SSLSNIConfig.cc @@ -41,78 +41,134 @@ TEST_CASE("Test SSLSNIConfig") SECTION("The config does not match any SNIs for someport.com:577") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 577)}; + auto const &actions{params.get("someport.com", 577)}; CHECK(!actions.first); } SECTION("The config does not match any SNIs for someport.com:808") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 808)}; + auto const &actions{params.get("someport.com", 808)}; CHECK(!actions.first); } SECTION("The config does not match any SNIs for oneport.com:1") { - auto const &actions{params.get({"oneport.com", std::strlen("oneport.com")}, 1)}; + auto const &actions{params.get("oneport.com", 1)}; CHECK(!actions.first); } SECTION("The config does match an SNI for oneport.com:433") { - auto const &actions{params.get({"oneport.com", std::strlen("oneport.com")}, 433)}; + auto const &actions{params.get("oneport.com", 433)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 2); } SECTION("The config matches an SNI for allports.com") { - auto const &actions{params.get({"allports.com", std::strlen("allports.com")}, 1)}; + auto const &actions{params.get("allports.com", 1)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 2); } SECTION("The config matches an SNI for someport.com:1") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 1)}; + auto const &actions{params.get("someport.com", 1)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 3); } SECTION("The config matches an SNI for someport.com:433") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 433)}; + auto const &actions{params.get("someport.com", 433)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 3); } SECTION("The config matches an SNI for someport:8080") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 8080)}; + auto const &actions{params.get("someport.com", 8080)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 2); } SECTION("The config matches an SNI for someport:65535") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 65535)}; + auto const &actions{params.get("someport.com", 65535)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 2); } SECTION("The config matches an SNI for someport:482") { - auto const &actions{params.get({"someport.com", std::strlen("someport.com")}, 482)}; + auto const &actions{params.get("someport.com", 482)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 3); } SECTION("Matching order") { - std::string_view target = "foo.bar.com"; - auto const &actions{params.get(target, 443)}; + auto const &actions{params.get("foo.bar.com", 443)}; REQUIRE(actions.first); REQUIRE(actions.first->size() == 5); ///< three H2 config + early data + fqdn } + + SECTION("Test mixed-case") + { + auto const &actions{params.get("SoMePoRt.CoM", 65535)}; + REQUIRE(actions.first); + REQUIRE(actions.first->size() == 2); + } + + SECTION("Test mixed-case with wildcard in yaml config") + { + auto const &actions{params.get("AnYtHiNg.BaR.CoM", 443)}; + REQUIRE(actions.first); + REQUIRE(actions.first->size() == 4); + // verify the capture group + REQUIRE(actions.second._fqdn_wildcard_captured_groups->at(0) == "AnYtHiNg"); + } + + SECTION("Test mixed-case in yaml config") + { + auto const &actions{params.get("mixedcase.foo.com", 31337)}; + REQUIRE(actions.first); + REQUIRE(actions.first->size() == 4); + } + + SECTION("Test mixed-case glob in yaml config") + { + auto const &actions{params.get("FoO.mixedcase.com", 443)}; + REQUIRE(actions.first); + REQUIRE(actions.first->size() == 3); + // verify the capture group + REQUIRE(actions.second._fqdn_wildcard_captured_groups->at(0) == "FoO"); + } + + SECTION("Test empty SNI does not match") + { + auto const &actions{params.get("", 443)}; + CHECK(!actions.first); + } + + SECTION("Test SNI with special characters does not match") + { + auto const &actions{params.get("some$port.com", 443)}; + CHECK(!actions.first); + } + + SECTION("Test with invalid glob in the middle in yaml config (e.g. cat.*.com) does not match") + { + auto const &actions{params.get("cat.dog.com", 443)}; + REQUIRE(!actions.first); + } + + SECTION("Test with invalid glob in the middle in yaml config (e.g. cat.*.com) does an exact match") + { + auto const &actions{params.get("cat.*.com", 443)}; + REQUIRE(actions.first); + REQUIRE(actions.first->size() == 2); + } } TEST_CASE("SNIConfig reconfigure callback is invoked") diff --git a/src/iocore/net/unit_tests/test_YamlSNIConfig.cc b/src/iocore/net/unit_tests/test_YamlSNIConfig.cc index e461ebe39bf..cbd83c2eb77 100644 --- a/src/iocore/net/unit_tests/test_YamlSNIConfig.cc +++ b/src/iocore/net/unit_tests/test_YamlSNIConfig.cc @@ -55,7 +55,7 @@ TEST_CASE("YamlSNIConfig sets port ranges appropriately") FAIL(errorstream.str()); } REQUIRE(zret.is_ok()); - REQUIRE(conf.items.size() == 7); + REQUIRE(conf.items.size() == 10); SECTION("If no ports were specified, port range should contain all ports.") {