mirror of
https://github.com/haproxy/haproxy.git
synced 2026-06-11 01:41:49 -04:00
f4edcdf4de
In domain-based routing and policy rules, suffix matching on hostnames is often easier to express as a prefix match on reversed labels. A dedicated converter makes this convenient with existing fetches and matchers. This also has a performance benefit for large maps. Prefix string matches use the prefix-tree index (PAT_MATCH_BEG with pat_idx_tree_pfx), while end matches use the string-list index (PAT_MATCH_END with pat_idx_list_str), so reversed-label lookups can avoid linear suffix scans. This patch adds "reverse_dom", a string converter that reverses domain labels, ignores one optional trailing dot on input, and rejects empty labels. It intentionally leaves trailing-dot handling to the caller so configurations can choose between exact matches, subdomain-only matches, or an explicit dotted form built with "concat(.)" for prefix lookups. Examples: example.com -> com.example mail.example.com -> com.example.mail The documentation is updated and a reg-test covers the converter itself, the explicit dotted form for "map_beg()", and the subdomain-only "-m beg" case.
94 lines
2.7 KiB
Text
94 lines
2.7 KiB
Text
varnishtest "reverse_dom converter test"
|
|
|
|
feature ignore_unknown_macro
|
|
|
|
server s1 {
|
|
rxreq
|
|
txresp -hdr "Connection: close"
|
|
} -repeat 8 -start
|
|
|
|
haproxy h1 -conf {
|
|
global
|
|
.if feature(THREAD)
|
|
thread-groups 1
|
|
.endif
|
|
|
|
defaults
|
|
mode http
|
|
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
frontend fe
|
|
bind "fd@${fe}"
|
|
|
|
http-request set-var(txn.rev_const) str(MaIl.EXAMPLE.com),reverse_dom
|
|
http-request set-var(txn.rev_host) req.hdr(Host),host_only,reverse_dom if { req.hdr(Host) -m found }
|
|
http-request set-var(txn.rev_host_dot) var(txn.rev_host),concat(.) if { var(txn.rev_host) -m found }
|
|
http-request set-var(txn.route) var(txn.rev_host_dot),map_beg(${testdir}/reverse_dom.map,miss) if { var(txn.rev_host_dot) -m found }
|
|
http-request set-var(txn.sub_only) str(no)
|
|
http-request set-var(txn.sub_only) str(yes) if { var(txn.rev_host) -m beg com.example. }
|
|
|
|
http-request return status 200 hdr X-Rev-Const "%[var(txn.rev_const)]" hdr X-Rev-Host "%[var(txn.rev_host)]" hdr X-Route "%[var(txn.route)]" hdr X-Sub-Only "%[var(txn.sub_only)]"
|
|
|
|
default_backend be
|
|
|
|
backend be
|
|
server s1 ${s1_addr}:${s1_port}
|
|
} -start
|
|
|
|
client c1 -connect ${h1_fe_sock} {
|
|
txreq -url "/" -hdr "Host: example.com"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-const == "com.EXAMPLE.MaIl"
|
|
expect resp.http.x-rev-host == "com.example"
|
|
expect resp.http.x-route == "example"
|
|
expect resp.http.x-sub-only == "no"
|
|
|
|
txreq -url "/" -hdr "Host: mail.example.com"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "com.example.mail"
|
|
expect resp.http.x-route == "mail"
|
|
expect resp.http.x-sub-only == "yes"
|
|
|
|
txreq -url "/" -hdr "Host: example.com."
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "com.example"
|
|
expect resp.http.x-route == "example"
|
|
expect resp.http.x-sub-only == "no"
|
|
|
|
txreq -url "/" -hdr "Host: localhost"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "localhost"
|
|
expect resp.http.x-route == "miss"
|
|
expect resp.http.x-sub-only == "no"
|
|
|
|
txreq -url "/" -hdr "Host: badexample.com"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "com.badexample"
|
|
expect resp.http.x-route == "miss"
|
|
expect resp.http.x-sub-only == "no"
|
|
|
|
txreq -url "/" -hdr "Host: foo..bar"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "<undef>"
|
|
expect resp.http.x-route == "<undef>"
|
|
|
|
txreq -url "/" -hdr "Host: .example.com"
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "<undef>"
|
|
expect resp.http.x-route == "<undef>"
|
|
|
|
txreq -url "/" -hdr "Host: ."
|
|
rxresp
|
|
expect resp.status == 200
|
|
expect resp.http.x-rev-host == "<undef>"
|
|
expect resp.http.x-route == "<undef>"
|
|
} -run
|