Add a test for reverse proxy SNI

5 files changed, 31 insertions, 3 deletions

diff --git a/test/createinstance.sh b/test/createinstance.sh
index ca35eef..f3ed4d7 100755
--- a/test/createinstance.sh
+++ b/test/createinstance.sh
@@ -17,6 +17,7 @@ function create_content_dirs {
     mkdir $dir/protocoltls1
     mkdir $dir/protocoltls11
     mkdir $dir/protocoltls12
+    mkdir $dir/proxydata
 
     cat > $dir/index.html << EOF
     <html>
@@ -33,6 +34,7 @@ EOF
     cp $dir/index.html $dir/protocoltls1/index.html
     cp $dir/index.html $dir/protocoltls11/index.html
     cp $dir/index.html $dir/protocoltls12/index.html
+    cp $dir/index.html $dir/proxydata/index.html
 }
 
 target=$1
diff --git a/test/httpd.conf.tmpl b/test/httpd.conf.tmpl
index 36af91d..af8849d 100644
--- a/test/httpd.conf.tmpl
+++ b/test/httpd.conf.tmpl
@@ -187,6 +187,8 @@ LoadModule logio_module modules/mod_logio.so
 LoadModule macro_module modules/mod_macro.so
 LoadModule mime_magic_module modules/mod_mime_magic.so
 LoadModule mime_module modules/mod_mime.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
 LoadModule negotiation_module modules/mod_negotiation.so
 LoadModule remoteip_module modules/mod_remoteip.so
 LoadModule reqtimeout_module modules/mod_reqtimeout.so
diff --git a/test/suite1.tmpl b/test/suite1.tmpl
index 101d21c..827e478 100644
--- a/test/suite1.tmpl
+++ b/test/suite1.tmpl
@@ -102,6 +102,14 @@ CoreDumpDirectory $SERVER_ROOT
         NSSOptions +ExportCertData +CompatEnvVars +StdEnvVars
     </Directory>
 
+    NSSProxyEngine on
+    NSSProxyCipherSuite +rsa_rc4_128_md5,+rsa_3des_sha,+rsa_des_sha,+rsa_aes_128_sha,+rsa_aes_256_sha
+
+    NSSProxyProtocol TLSv1.0,TLSv1.2
+    ProxyPreserveHost $PRESERVEHOST
+    ProxyPass /proxy https://www1.example.com:8000/proxydata
+    ProxyPassReverse /proxy https://www1.example.com:8000/proxydata
+
 </VirtualHost>
 
 #
diff --git a/test/test.py b/test/test.py
index 721d210..c471fdb 100644
--- a/test/test.py
+++ b/test/test.py
@@ -20,7 +20,9 @@ class test_suite1(Declarative):
     def setUpClass(cls):
         write_template_file('suite1.tmpl', 'work/httpd/conf/test.conf',
             {'DBPREFIX': os.environ.get('DBPREFIX', ''),
-             'SNI': 'off'}
+             'SNI': 'off',
+             'PRESERVEHOST': 'Off',
+            }
         )
         # Generate a single VH to do negative SNI testing
         write_template_file('sni.tmpl', 'work/httpd/conf.d/sni1.conf',
@@ -260,7 +262,7 @@ class test_suite1(Declarative):
         ),
 
         dict(
-            desc='Make non-SNI request',
+            desc='SNI request when SNI is disabled',
             request=('/index.html',
                     {'host': 'www1.example.com', 'port': 8000}
             ),
@@ -268,4 +270,10 @@ class test_suite1(Declarative):
             expected_str='doesn\'t match',
         ),
 
+        dict(
+            desc='Reverse proxy request when SNI is disabled',
+            request=('/proxy/index.html', {}),
+            expected=400,
+        ),
+
     ]
diff --git a/test/testsni.py b/test/testsni.py
index 9808f91..b5203cb 100644
--- a/test/testsni.py
+++ b/test/testsni.py
@@ -9,7 +9,9 @@ class test_suite1(Declarative):
     def setUpClass(cls):
         write_template_file('suite1.tmpl', 'work/httpd/conf/test.conf',
             {'DBPREFIX': os.environ.get('DBPREFIX', ''),
-             'SNI': 'on'}
+             'SNI': 'on',
+             'PRESERVEHOST': 'Off',
+            }
         )
         for i in range(1,26):
             write_template_file('sni.tmpl', 'work/httpd/conf.d/sni%d.conf' % i,
@@ -98,4 +100,10 @@ class test_suite1(Declarative):
             expected=requests.exceptions.ConnectionError(),
         ),
 
+        dict(
+            desc='Reverse proxy request when SNI is enabled',
+            request=('/proxy/index.html', {'sni': True}),
+            expected=200,
+        ),
+
     ]