add more e2e test (#2505)

2025-07-29 09:18:11 +00:00 · 2021-08-02 13:07:28 +08:00
parent 2a68c1152f
commit 09f39de74e
20 changed files with 1448 additions and 154 deletions
--- a/test/e2e/basic/basic.go
+++ b/test/e2e/basic/basic.go
@@ -1,11 +1,14 @@
 package basic

 import (
+	"crypto/tls"
 	"fmt"
 	"strings"

+	"github.com/fatedier/frp/pkg/transport"
 	"github.com/fatedier/frp/test/e2e/framework"
 	"github.com/fatedier/frp/test/e2e/framework/consts"
+	"github.com/fatedier/frp/test/e2e/mock/server/httpserver"
 	"github.com/fatedier/frp/test/e2e/mock/server/streamserver"
 	"github.com/fatedier/frp/test/e2e/pkg/port"
 	"github.com/fatedier/frp/test/e2e/pkg/request"
@@ -172,6 +175,106 @@ var _ = Describe("[Feature: Basic]", func() {
 		})
 	})

+	Describe("HTTPS", func() {
+		It("proxy to HTTPS server", func() {
+			serverConf := consts.DefaultServerConfig
+			vhostHTTPSPort := f.AllocPort()
+			serverConf += fmt.Sprintf(`
+			vhost_https_port = %d
+			`, vhostHTTPSPort)
+
+			localPort := f.AllocPort()
+			clientConf := consts.DefaultClientConfig
+			getProxyConf := func(proxyName string, customDomains string, extra string) string {
+				return fmt.Sprintf(`
+				[%s]
+				type = https
+				local_port = %d
+				custom_domains = %s
+				`+extra, proxyName, localPort, customDomains)
+			}
+
+			tests := []struct {
+				proxyName     string
+				customDomains string
+				extraConfig   string
+			}{
+				{
+					proxyName: "normal",
+				},
+				{
+					proxyName:   "with-encryption",
+					extraConfig: "use_encryption = true",
+				},
+				{
+					proxyName:   "with-compression",
+					extraConfig: "use_compression = true",
+				},
+				{
+					proxyName: "with-encryption-and-compression",
+					extraConfig: `
+						use_encryption = true
+						use_compression = true
+						`,
+				},
+				{
+					proxyName:     "multiple-custom-domains",
+					customDomains: "a.example.com, b.example.com",
+				},
+			}
+
+			// build all client config
+			for i, test := range tests {
+				if tests[i].customDomains == "" {
+					tests[i].customDomains = test.proxyName + ".example.com"
+				}
+				clientConf += getProxyConf(test.proxyName, tests[i].customDomains, test.extraConfig) + "\n"
+			}
+			// run frps and frpc
+			f.RunProcesses([]string{serverConf}, []string{clientConf})
+
+			tlsConfig, err := transport.NewServerTLSConfig("", "", "")
+			framework.ExpectNoError(err)
+			localServer := httpserver.New(
+				httpserver.WithBindPort(localPort),
+				httpserver.WithTlsConfig(tlsConfig),
+				httpserver.WithResponse([]byte("test")),
+			)
+			f.RunServer("", localServer)
+
+			for _, test := range tests {
+				for _, domain := range strings.Split(test.customDomains, ",") {
+					domain = strings.TrimSpace(domain)
+					framework.NewRequestExpect(f).
+						Explain(test.proxyName + "-" + domain).
+						Port(vhostHTTPSPort).
+						RequestModify(func(r *request.Request) {
+							r.HTTPS().HTTPHost(domain).TLSConfig(&tls.Config{
+								ServerName:         domain,
+								InsecureSkipVerify: true,
+							})
+						}).
+						ExpectResp([]byte("test")).
+						Ensure()
+				}
+			}
+
+			// not exist host
+			notExistDomain := "not-exist.example.com"
+			framework.NewRequestExpect(f).
+				Explain("not exist host").
+				Port(vhostHTTPSPort).
+				RequestModify(func(r *request.Request) {
+					r.HTTPS().HTTPHost(notExistDomain).TLSConfig(&tls.Config{
+						ServerName:         notExistDomain,
+						InsecureSkipVerify: true,
+					})
+				}).
+				ExpectError(true).
+				Ensure()
+		})
+	})
+
 	Describe("STCP && SUDP", func() {
 		types := []string{"stcp", "sudp"}
 		for _, t := range types {
--- a/test/e2e/basic/client_server.go
+++ b/test/e2e/basic/client_server.go
@@ -6,6 +6,7 @@ import (

 	"github.com/fatedier/frp/test/e2e/framework"
 	"github.com/fatedier/frp/test/e2e/framework/consts"
+	"github.com/fatedier/frp/test/e2e/pkg/cert"
 	"github.com/fatedier/frp/test/e2e/pkg/port"

 	. "github.com/onsi/ginkgo"
@@ -17,19 +18,17 @@ type generalTestConfigures struct {
 	expectError bool
 }

-// defineClientServerTest test a normal tcp and udp proxy with specified TestConfigures.
-func defineClientServerTest(desc string, f *framework.Framework, configures *generalTestConfigures) {
-	It(desc, func() {
-		serverConf := consts.DefaultServerConfig
-		clientConf := consts.DefaultClientConfig
+func runClientServerTest(f *framework.Framework, configures *generalTestConfigures) {
+	serverConf := consts.DefaultServerConfig
+	clientConf := consts.DefaultClientConfig

-		serverConf += fmt.Sprintf(`
+	serverConf += fmt.Sprintf(`
 				%s
 				`, configures.server)

-		tcpPortName := port.GenName("TCP")
-		udpPortName := port.GenName("UDP")
-		clientConf += fmt.Sprintf(`
+	tcpPortName := port.GenName("TCP")
+	udpPortName := port.GenName("UDP")
+	clientConf += fmt.Sprintf(`
 				%s

 				[tcp]
@@ -42,15 +41,21 @@ func defineClientServerTest(desc string, f *framework.Framework, configures *gen
 				local_port = {{ .%s }}
 				remote_port = {{ .%s }}
 				`, configures.client,
-			framework.TCPEchoServerPort, tcpPortName,
-			framework.UDPEchoServerPort, udpPortName,
-		)
+		framework.TCPEchoServerPort, tcpPortName,
+		framework.UDPEchoServerPort, udpPortName,
+	)

-		f.RunProcesses([]string{serverConf}, []string{clientConf})
+	f.RunProcesses([]string{serverConf}, []string{clientConf})

-		framework.NewRequestExpect(f).PortName(tcpPortName).ExpectError(configures.expectError).Explain("tcp proxy").Ensure()
-		framework.NewRequestExpect(f).Protocol("udp").
-			PortName(udpPortName).ExpectError(configures.expectError).Explain("udp proxy").Ensure()
+	framework.NewRequestExpect(f).PortName(tcpPortName).ExpectError(configures.expectError).Explain("tcp proxy").Ensure()
+	framework.NewRequestExpect(f).Protocol("udp").
+		PortName(udpPortName).ExpectError(configures.expectError).Explain("udp proxy").Ensure()
+}
+
+// defineClientServerTest test a normal tcp and udp proxy with specified TestConfigures.
+func defineClientServerTest(desc string, f *framework.Framework, configures *generalTestConfigures) {
+	It(desc, func() {
+		runClientServerTest(f, configures)
 	})
 }

@@ -108,4 +113,122 @@ var _ = Describe("[Feature: Client-Server]", func() {
 			expectError: true,
 		})
 	})
+
+	Describe("TLS with custom certificate", func() {
+		supportProtocols := []string{"tcp", "kcp", "websocket"}
+
+		var (
+			caCrtPath                    string
+			serverCrtPath, serverKeyPath string
+			clientCrtPath, clientKeyPath string
+		)
+		JustBeforeEach(func() {
+			generator := &cert.SelfSignedCertGenerator{}
+			artifacts, err := generator.Generate("0.0.0.0")
+			framework.ExpectNoError(err)
+
+			caCrtPath = f.WriteTempFile("ca.crt", string(artifacts.CACert))
+			serverCrtPath = f.WriteTempFile("server.crt", string(artifacts.Cert))
+			serverKeyPath = f.WriteTempFile("server.key", string(artifacts.Key))
+			generator.SetCA(artifacts.CACert, artifacts.CAKey)
+			generator.Generate("0.0.0.0")
+			clientCrtPath = f.WriteTempFile("client.crt", string(artifacts.Cert))
+			clientKeyPath = f.WriteTempFile("client.key", string(artifacts.Key))
+		})
+
+		for _, protocol := range supportProtocols {
+			tmp := protocol
+
+			It("one-way authentication: "+tmp, func() {
+				runClientServerTest(f, &generalTestConfigures{
+					server: fmt.Sprintf(`
+						protocol = %s
+						kcp_bind_port = {{ .%s }}
+						tls_trusted_ca_file = %s
+					`, tmp, consts.PortServerName, caCrtPath),
+					client: fmt.Sprintf(`
+						protocol = %s
+						tls_enable = true
+						tls_cert_file = %s
+						tls_key_file = %s
+					`, tmp, clientCrtPath, clientKeyPath),
+				})
+			})
+
+			It("mutual authentication: "+tmp, func() {
+				runClientServerTest(f, &generalTestConfigures{
+					server: fmt.Sprintf(`
+						protocol = %s
+						kcp_bind_port = {{ .%s }}
+						tls_cert_file = %s
+						tls_key_file = %s
+						tls_trusted_ca_file = %s
+					`, tmp, consts.PortServerName, serverCrtPath, serverKeyPath, caCrtPath),
+					client: fmt.Sprintf(`
+						protocol = %s
+						tls_enable = true
+						tls_cert_file = %s
+						tls_key_file = %s
+						tls_trusted_ca_file = %s
+					`, tmp, clientCrtPath, clientKeyPath, caCrtPath),
+				})
+			})
+		}
+	})
+
+	Describe("TLS with custom certificate and specified server name", func() {
+		var (
+			caCrtPath                    string
+			serverCrtPath, serverKeyPath string
+			clientCrtPath, clientKeyPath string
+		)
+		JustBeforeEach(func() {
+			generator := &cert.SelfSignedCertGenerator{}
+			artifacts, err := generator.Generate("example.com")
+			framework.ExpectNoError(err)
+
+			caCrtPath = f.WriteTempFile("ca.crt", string(artifacts.CACert))
+			serverCrtPath = f.WriteTempFile("server.crt", string(artifacts.Cert))
+			serverKeyPath = f.WriteTempFile("server.key", string(artifacts.Key))
+			generator.SetCA(artifacts.CACert, artifacts.CAKey)
+			generator.Generate("example.com")
+			clientCrtPath = f.WriteTempFile("client.crt", string(artifacts.Cert))
+			clientKeyPath = f.WriteTempFile("client.key", string(artifacts.Key))
+		})
+
+		It("mutual authentication", func() {
+			runClientServerTest(f, &generalTestConfigures{
+				server: fmt.Sprintf(`
+				tls_cert_file = %s
+				tls_key_file = %s
+				tls_trusted_ca_file = %s
+				`, serverCrtPath, serverKeyPath, caCrtPath),
+				client: fmt.Sprintf(`
+				tls_enable = true
+				tls_server_name = example.com
+				tls_cert_file = %s
+				tls_key_file = %s
+				tls_trusted_ca_file = %s
+				`, clientCrtPath, clientKeyPath, caCrtPath),
+			})
+		})
+
+		It("mutual authentication with incorrect server name", func() {
+			runClientServerTest(f, &generalTestConfigures{
+				server: fmt.Sprintf(`
+				tls_cert_file = %s
+				tls_key_file = %s
+				tls_trusted_ca_file = %s
+				`, serverCrtPath, serverKeyPath, caCrtPath),
+				client: fmt.Sprintf(`
+				tls_enable = true
+				tls_server_name = invalid.com
+				tls_cert_file = %s
+				tls_key_file = %s
+				tls_trusted_ca_file = %s
+				`, clientCrtPath, clientKeyPath, caCrtPath),
+				expectError: true,
+			})
+		})
+	})
 })
--- a/test/e2e/basic/server.go
+++ b/test/e2e/basic/server.go
@@ -86,16 +86,16 @@ var _ = Describe("[Feature: Server Manager]", func() {

 		adminPort := f.AllocPort()
 		clientConf += fmt.Sprintf(`
-			admin_port = %d
+		admin_port = %d

-			[tcp]
-			type = tcp
-			local_port = {{ .%s }}
+		[tcp]
+		type = tcp
+		local_port = {{ .%s }}

-			[udp]
-			type = udp
-			local_port = {{ .%s }}
-			`, adminPort, framework.TCPEchoServerPort, framework.UDPEchoServerPort)
+		[udp]
+		type = udp
+		local_port = {{ .%s }}
+		`, adminPort, framework.TCPEchoServerPort, framework.UDPEchoServerPort)

 		f.RunProcesses([]string{serverConf}, []string{clientConf})

@@ -123,4 +123,25 @@ var _ = Describe("[Feature: Server Manager]", func() {

 		framework.NewRequestExpect(f).Protocol("udp").Port(port).Ensure()
 	})
+
+	It("Port Reuse", func() {
+		serverConf := consts.DefaultServerConfig
+		// Use same port as PortServer
+		serverConf += fmt.Sprintf(`
+		vhost_http_port = {{ .%s }}
+		`, consts.PortServerName)
+
+		clientConf := consts.DefaultClientConfig + fmt.Sprintf(`
+		[http]
+		type = http
+		local_port = {{ .%s }}
+		custom_domains = example.com
+		`, framework.HTTPSimpleServerPort)
+
+		f.RunProcesses([]string{serverConf}, []string{clientConf})
+
+		framework.NewRequestExpect(f).RequestModify(func(r *request.Request) {
+			r.HTTP().HTTPHost("example.com")
+		}).PortName(consts.PortServerName).Ensure()
+	})
 })