tcltk/tcl
1
0
Fork 0
mirror of https://github.com/tcltk/tcl.git synced 2026-05-29 00:27:49 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
b2ccc20deebfa309506693d2dc6faa2d03e2de0e
tcl/tests/httpProxy.test
jan.nijtmans ff768f4501 spacing
2023-12-20 19:51:49 +00:00

1387 lines
69 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Commands covered: http::geturl when using a proxy server.
#
# This file contains a collection of tests for the http script library.
# Sourcing this file into Tcl runs the tests and generates output for errors.
# No output means no errors were found.
#
# Copyright © 1991-1993 The Regents of the University of California.
# Copyright © 1994-1996 Sun Microsystems, Inc.
# Copyright © 1998-2000 Ajuba Solutions.
# Copyright © 2022-2023 Keith Nash.
#
# See the file "license.terms" for information on usage and redistribution of
# this file, and for a DISCLAIMER OF ALL WARRANTIES.
if {"::tcltest" ni [namespace children]} {
package require tcltest 2.5
namespace import -force ::tcltest::*
}
package require http 2.10
# To write a separate summary for each value of ThreadLevel, set constraint ThreadLevelSummary.
#testConstraint ThreadLevelSummary 0
#testConstraint needsSquidNoAuth 0
#testConstraint needsSquidAuth 0
#testConstraint needsTclTls 0
#testConstraint needsTwapi 0
#testConstraint needsTwapiFull 0
#testConstraint knownBug 0
#
# The values of constraints needsTls, knownTwapiFullBugThreadlevelAny, knownTwapiFullBugThreadUsed are always generated by this script.
proc bgerror {args} {
global errorInfo
puts stderr "httpProxy.test bgerror"
puts stderr [join $args]
puts stderr $errorInfo
}
proc stopMe {token} {
set ${token}(z) done
}
proc putsBlurb {} {
puts {}
puts {- Constraints needsTls, knownTwapiFullBugThreadlevelAny, knownTwapiFullBugThreadUsed are}
puts { always set by the script, not by the caller.}
puts {- Set one of needsTclTls, needsTwapi, needsTwapiFull instead of needsTls.}
puts {- Set knownBug instead of knownTwapiFullBugThreadlevelAny, knownTwapiFullBugThreadUsed.}
puts {- If the caller sets constraint needsTwapi, the script forces needsSquidNoAuth and needsSquidAuth to 0.}
puts {}
return
}
if 0 {
# For debugging: run with a single value of ThreadLevel: 0|1|2
set ThreadLevel 0
testConstraint ThreadLevelSummary 1
}
if {![info exists ThreadLevel]} {
if {[catch {package require Thread}] == 0} {
set ValueRange {0 1 2}
} else {
set ValueRange {0 1}
}
# For each value of ThreadLevel, source this file recursively in the
# same interpreter.
foreach ThreadLevel $ValueRange {
source [info script]
}
catch {unset ThreadLevel}
catch {unset ValueRange}
if {![testConstraint ThreadLevelSummary]} {
putsBlurb
::tcltest::cleanupTests
}
return
}
catch {puts "==== Test with ThreadLevel $ThreadLevel ===="}
http::config -threadlevel $ThreadLevel
testConstraint needsTls [expr { [testConstraint needsTclTls]
|| [testConstraint needsTwapi]
|| [testConstraint needsTwapiFull]
}]
if {[testConstraint needsTclTls]} {
package require tls
http::register https 443 [list ::tls::socket -ssl2 0 -ssl3 0 \
-tls1 0 -tls1.1 0 -tls1.2 1 -tls1.3 0 -autoservername 1] ::tls::socketCmd 1 1
testConstraint knownTwapiFullBugThreadlevelAny 1
testConstraint knownTwapiFullBugThreadUsed 1
} elseif {[testConstraint needsTwapi]} {
# "Original" http::register with 3 arguments has the same capabilities as
# in http 2.9 and earlier. This means that:
# (1) it cannot open a socket in a background thread (this option stops a
# slow DNS lookup from blocking a [socket -async] command); and
# (2) it cannot use a https proxy.
#
testConstraint needsSquidNoAuth 0
testConstraint needsSquidAuth 0
package require twapi
http::register https 443 ::twapi::tls_socket
testConstraint knownTwapiFullBugThreadlevelAny 1
testConstraint knownTwapiFullBugThreadUsed 1
} elseif {[testConstraint needsTwapiFull]} {
# (Any revisions to TWAPI, and the contents/existence of the twapiTlsPlus
# wrapper, can be negotiated if the bugs listed below can be fixed.)
# Use a temporary wrapper package twapiTlsPlus to present a suitable API.
#
# N.B. MUST EDIT twapi*/tls.tcl so that
#- set so [$socketcmd {*}$socket_args {*}$args]
#+ set so [{*}$socketcmd {*}$socket_args {*}$args]
#
# Bug with https, threadLevel 1,2, no proxy: try test 'httpProxy-2.2.*'
# Bug with https, threadLevel 0, with proxy: try test 'httpProxy-3.4.0'
# In both cases (using TWAPI 4.7.2 25d8bc), the result is:
# ---- Test generated error; Return code was: 1
# ---- Return code should have been one of: 0 2
# ---- errorInfo: cannot yield: C stack busy
# while executing
# "http::geturl https://www.google.com/"
#
source [file join [file dirname [info script]] twapiTlsPlus.tcl]
package require twapiTlsPlus
http::register https 443 ::twapiTlsPlus::socket ::twapiTlsPlus::socketCmd 1 1
testConstraint knownTwapiFullBugThreadlevelAny [testConstraint knownBug]
if {($ThreadLevel == 1)} {
if {[catch {package require Thread}]} {
set usingThread 0
} else {
set usingThread 2
}
} else {
set usingThread $ThreadLevel
}
if {$usingThread} {
testConstraint knownTwapiFullBugThreadUsed [testConstraint knownBug]
} else {
testConstraint knownTwapiFullBugThreadUsed 1
}
} else {
}
# Testing with Squid
# - Example Squid configuration for Enterprise Linux 8 (Red Hat, Oracle, Rocky,
# Alma, ...) is in file tests/httpProxySquidConfigForEL8.tar.gz.
# - Example Squid configuration for Diladele Squid on Windows is in
# file tests/httpProxySquidConfigForWindowsDiladele.zip.
#
# - Two instances of Squid are launched, one that needs authentication and one
# that does not.
# - Each instance of Squid listens on IPv4 and IPv6, on different ports.
# - If only one instance of Squid can be launched at a time, use the separate
# constraints needsSquidNoAuth, needsSquidAuth when testing.
# Instance of Squid that does not need authentication.
set n4host 127.0.0.1
set n6host ::1
set n4port 3128
set n6port 3130
# Instance of Squid that needs authentication.
set a4host 127.0.0.1
set a6host ::1
set a4port 3129
set a6port 3131
# concat Basic [base64::encode alice:alicia]
set aliceCreds {Basic YWxpY2U6YWxpY2lh}
# concat Basic [base64::encode intruder:intruder]
set badCreds {Basic aW50cnVkZXI6aW50cnVkZXI=}
# For the benefit of the target server, have a short delay between tests.
set fetchPause 200
foreach constr {
ThreadLevelSummary
needsSquidNoAuth
needsSquidAuth
needsTclTls
needsTwapi
needsTwapiFull
needsTls
knownTwapiFullBugThreadlevelAny
knownTwapiFullBugThreadUsed
} {
# For debugging.
# puts [list testConstraint $constr [testConstraint $constr]]
}
#putsBlurb
test httpProxy-1.1.$ThreadLevel {squid is running - ipv4 no-auth} -constraints {needsSquidNoAuth} -setup {
} -body {
after $fetchPause
set token [http::geturl http://$n4host:$n4port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-1.2.$ThreadLevel {squid is running - ipv6 no-auth} -constraints {needsSquidNoAuth} -setup {
} -body {
after $fetchPause
set token [http::geturl http://\[$n6host\]:$n6port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-1.3.$ThreadLevel {squid is running - ipv4 with-auth} -constraints {needsSquidAuth} -setup {
} -body {
after $fetchPause
set token [http::geturl http://$a4host:$a4port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-1.4.$ThreadLevel {squid is running - ipv6 with-auth} -constraints {needsSquidAuth} -setup {
} -body {
after $fetchPause
set token [http::geturl http://\[$a6host\]:$a6port/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed]"
} -result {complete ok 400 -- none} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-2.1.$ThreadLevel {http no-proxy no-auth} -constraints {} -setup {
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-2.2.$ThreadLevel {https no-proxy no-auth} -constraints {needsTls knownTwapiFullBugThreadUsed} -setup {
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
}
test httpProxy-2.3.$ThreadLevel {http with-proxy ipv4 no-auth} -constraints {needsSquidNoAuth} -setup {
http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.4.$ThreadLevel {https with-proxy ipv4 no-auth} -constraints {needsSquidNoAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $n4host -proxyport $n4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.5.$ThreadLevel {http with-proxy ipv6 no-auth} -constraints {needsSquidNoAuth} -setup {
http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-2.6.$ThreadLevel {https with-proxy ipv6 no-auth} -constraints {needsSquidNoAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $n6host -proxyport $n6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res
http::config -proxyhost {} -proxyport {} -proxynot {}
}
test httpProxy-3.1.$ThreadLevel {http no-proxy with-auth valid-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.2.$ThreadLevel {https no-proxy with-auth valid-creds-provided} -constraints {needsTls knownTwapiFullBugThreadUsed} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.3.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.4.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.5.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.6.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.7.$ThreadLevel {http with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.7x.$ThreadLevel {http with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.8.$ThreadLevel {https with-proxy ipv4 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $aliceCreds
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.8x.$ThreadLevel {https with-proxy ipv4 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9p.$ThreadLevel {http with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.9x.$ThreadLevel {http with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10p.$ThreadLevel {https with-proxy ipv6 with-auth valid-creds-provided; check that 2nd valid request with creds is possible, and keep-alive works, pipelining requested and possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $aliceCreds
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-3.10x.$ThreadLevel {https with-proxy ipv6 with-auth 1st request no-creds-provided; check that 2nd request with creds is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
http::config -proxyauth $aliceCreds
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 200 -- SecureProxy 0 0 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.1.$ThreadLevel {http no-proxy with-auth no-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.2.$ThreadLevel {https no-proxy with-auth no-creds-provided} -constraints {needsTls knownTwapiFullBugThreadUsed} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.3.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.4.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.5.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.6.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.7.$ThreadLevel {http with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.8.$ThreadLevel {https with-proxy ipv4 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.9.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.9p.$ThreadLevel {http with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token0; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 0 0 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.10.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-4.10p.$ThreadLevel {https with-proxy ipv6 with-auth no-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth {}
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
after idle {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $aliceCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 0 0 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.1.$ThreadLevel {http no-proxy with-auth bad-creds-provided} -constraints {} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.2.$ThreadLevel {https no-proxy with-auth bad-creds-provided} -constraints {needsTls knownTwapiFullBugThreadUsed} -setup {
http::config -proxyhost {} -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 200 -- none 0 0 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.3.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.4.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.5.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquidAuth} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl http://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.6.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set token [http::geturl https://www.google.com/]
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*]"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1} -cleanup {
catch {http::cleanup $token}
unset -nocomplain token ri res pos1 pos2
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.7.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.7p.$ThreadLevel {http with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested and possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
# Use the same caution as for the corresponding https test.
after idle {
after $fetchPause
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.8.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.8p.$ThreadLevel {https with-proxy ipv4 with-auth bad-creds-provided; check that 2nd request is possible, pipelining requested but not possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a4host -proxyport $a4port -proxynot {127.0.0.1 localhost} -proxyauth $badCreds
} -body {
after $fetchPause
set can0 [after 6000 {http::reset $token0; set ${token0}(z) timeout}]
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
after idle {
after $fetchPause
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
}
vwait ${token0}(z)
after cancel $can0
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can0 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.9.$ThreadLevel {http with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
after $fetchPause
set token0 [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# Use the same caution as for the corresponding https test.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl http://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- HttpProxy 1 1 -- -1 done 1} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
test httpProxy-5.10.$ThreadLevel {https with-proxy ipv6 with-auth bad-creds-provided; check that 2nd request is possible} -constraints {needsSquidAuth needsTls knownTwapiFullBugThreadlevelAny} -setup {
array unset ::http::socketMapping
http::config -proxyhost $a6host -proxyport $a6port -proxynot {::1 localhost} -proxyauth $badCreds
after $fetchPause
set token0 [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000]
} -body {
after $fetchPause
# If a bug passes the socket of a failed CONNECT to the main request, an infinite
# wait can occur despite -timeout. Fix this with http::reset; to do this the call
# to http::geturl must be async so we have $token for use as argument of reset.
set can [after 6000 {http::reset $token; set ${token}(z) timeout}]
set token [http::geturl https://www.google.com/ -keepalive 1 -timeout 5000 -command stopMe]
vwait ${token}(z)
after cancel $can
set ri [http::responseInfo $token]
set pos1 [lsearch -exact [string tolower [set ${token}(requestHeaders)]] proxy-authorization]
set pos2 [lsearch -exact [set ${token}(requestHeaders)] $badCreds]
set same [string equal [set ${token0}(sock)] [set ${token}(sock)]]
set res "[dict get $ri stage] [dict get $ri status] [dict get $ri responseCode] --\
[dict get $ri proxyUsed] [expr {$pos1 > -1}] [expr {$pos2 > -1}] --\
[lsearch -glob [array get ::http::socketMapping] HTTP_PLACEHOLDER_*] [set ${token}(z)] $same"
} -result {complete ok 407 -- SecureProxyFailed 1 1 -- -1 done 0} -cleanup {
catch {http::cleanup $token0}
catch {http::cleanup $token}
unset -nocomplain token0 token ri res pos1 pos2 can same
array unset ::http::socketMapping
http::config -proxyhost {} -proxyport {} -proxynot {} -proxyauth {}
}
# cleanup
unset -nocomplain n4host n6host n4port n6port a4host a6host a4port a6port aliceCreds badCreds fetchPause
rename bgerror {}
rename stopMe {}
if {[testConstraint ThreadLevelSummary]} {
putsBlurb
::tcltest::cleanupTests
rename putsBlurb {}
}
# Local variables:
# mode: tcl
# End:
Reference in New Issue View Git Blame Copy Permalink