mirror of
https://github.com/haproxy/haproxy.git
synced 2026-05-28 04:12:17 -04:00
dae302d479
This test first performs two successive requests over the same connection where reuse is expected, then perform two 401 which must both work, testing both the transition from null->sess, and sess->sess. This test could be backported to detect changes related to private sessions. Thanks to Omkhar Arasaratnam for the test.
55 lines
1 KiB
Text
55 lines
1 KiB
Text
varnishtest "NTLM/Negotiate detection on reused H1 backend triggers NULL session deref"
|
|
|
|
feature ignore_unknown_macro
|
|
|
|
server s1 {
|
|
rxreq
|
|
txresp
|
|
|
|
rxreq
|
|
txresp
|
|
|
|
rxreq
|
|
txresp -status 401 -hdr "WWW-Authenticate: NTLM"
|
|
|
|
rxreq
|
|
txresp -status 401 -hdr "WWW-Authenticate: NTLM"
|
|
} -start
|
|
|
|
haproxy h1 -conf {
|
|
global
|
|
nbthread 1
|
|
|
|
defaults
|
|
mode http
|
|
option http-keep-alive
|
|
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
frontend fe
|
|
bind "fd@${fe}"
|
|
default_backend be
|
|
|
|
backend be
|
|
http-reuse always
|
|
server srv ${s1_addr}:${s1_port}
|
|
} -start
|
|
|
|
client c1 -connect ${h1_fe_sock} {
|
|
txreq -url "/"
|
|
rxresp
|
|
expect resp.status == 200
|
|
|
|
txreq -url "/"
|
|
rxresp
|
|
expect resp.status == 200
|
|
|
|
txreq -url "/"
|
|
rxresp
|
|
expect resp.status == 401
|
|
|
|
txreq -url "/"
|
|
rxresp
|
|
expect resp.status == 401
|
|
} -run
|