123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412 |
- -module(rfc8441_SUITE).
- -compile(export_all).
- -compile(nowarn_export_all).
- -import(ct_helper, [config/2]).
- -import(ct_helper, [doc/1]).
- all() -> [{group, enabled}].
- groups() ->
- Tests = ct_helper:all(?MODULE),
- [{enabled, [parallel], Tests}].
- init_per_group(Name = enabled, Config) ->
- cowboy_test:init_http(Name, #{
- enable_connect_protocol => true,
- env => #{dispatch => cowboy_router:compile(init_routes(Config))}
- }, Config).
- end_per_group(Name, _) ->
- ok = cowboy:stop_listener(Name).
- init_routes(_) -> [
- {"localhost", [
- {"/ws", ws_echo, []}
- ]}
- ].
- do_handshake(Config) ->
- {ok, Socket} = gen_tcp:connect("localhost", config(port, Config), [binary, {active, false}]),
-
- ok = gen_tcp:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]),
-
- {ok, << Len:24 >>} = gen_tcp:recv(Socket, 3, 1000),
- {ok, << 4:8, 0:40, SettingsPayload:Len/binary >>} = gen_tcp:recv(Socket, 6 + Len, 1000),
- Settings = cow_http2:parse_settings_payload(SettingsPayload),
-
- ok = gen_tcp:send(Socket, cow_http2:settings_ack()),
-
- {ok, << 0:24, 4:8, 1:8, 0:32 >>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, Socket, Settings}.
- reject_handshake_when_disabled(Config0) ->
- doc("Extended CONNECT requests MUST be rejected with a "
- "PROTOCOL_ERROR stream error when enable_connect_protocol=false. (draft-01 3)"),
- Config = cowboy_test:init_http(disabled, #{
- enable_connect_protocol => false,
- env => #{dispatch => cowboy_router:compile(init_routes(Config0))}
- }, Config0),
-
- {ok, Socket, Settings} = do_handshake(Config),
- case Settings of
- #{enable_connect_protocol := false} -> ok;
- _ when map_size(Settings) =:= 0 -> ok
- end,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_handshake_disabled_by_default(Config0) ->
- doc("Extended CONNECT requests MUST be rejected with a "
- "PROTOCOL_ERROR stream error with default enable_connect_protocol. (draft-01 3)"),
- Config = cowboy_test:init_http(disabled_by_default, #{
- env => #{dispatch => cowboy_router:compile(init_routes(Config0))}
- }, Config0),
-
- {ok, Socket, Settings} = do_handshake(Config),
- case Settings of
- #{enable_connect_protocol := false} -> ok;
- _ when map_size(Settings) =:= 0 -> ok
- end,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- accept_uppercase_pseudo_header_protocol(Config) ->
- doc("The :protocol pseudo header is case insensitive. (draft-01 4)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"WEBSOCKET">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << Len1:24, 1:8, _:8, 1:32 >>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, RespHeadersBlock} = gen_tcp:recv(Socket, Len1, 1000),
- {RespHeaders, _} = cow_hpack:decode(RespHeadersBlock),
- {_, <<"200">>} = lists:keyfind(<<":status">>, 1, RespHeaders),
- ok.
- reject_many_pseudo_header_protocol(Config) ->
- doc("An extended CONNECT request containing more than one protocol component "
- "must be rejected with a PROTOCOL_ERROR stream error. (draft-01 4, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":protocol">>, <<"mqtt">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_unknown_pseudo_header_protocol(Config) ->
- doc("An extended CONNECT request with an unknown protocol must be rejected "
- "with a 400 error. (draft-01 4)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"mqtt">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << Len1:24, 1:8, _:8, 1:32 >>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, RespHeadersBlock} = gen_tcp:recv(Socket, Len1, 1000),
- {RespHeaders, _} = cow_hpack:decode(RespHeadersBlock),
- {_, <<"400">>} = lists:keyfind(<<":status">>, 1, RespHeaders),
- ok.
- reject_invalid_pseudo_header_protocol(Config) ->
- doc("An extended CONNECT request with an invalid protocol must be rejected "
- "with a 400 error. (draft-01 4)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket mqtt">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << Len1:24, 1:8, _:8, 1:32 >>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, RespHeadersBlock} = gen_tcp:recv(Socket, Len1, 1000),
- {RespHeaders, _} = cow_hpack:decode(RespHeadersBlock),
- {_, <<"400">>} = lists:keyfind(<<":status">>, 1, RespHeaders),
- ok.
- reject_missing_pseudo_header_scheme(Config) ->
- doc("An extended CONNECT request without a scheme component must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 4, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_missing_pseudo_header_path(Config) ->
- doc("An extended CONNECT request without a path component must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 4, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_missing_pseudo_header_authority(Config) ->
- doc("An extended CONNECT request without an authority component must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 4, draft-01 5)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_missing_pseudo_header_protocol(Config) ->
- doc("An extended CONNECT request without a protocol component must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 4, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_connection_header(Config) ->
- doc("An extended CONNECT request with a connection header must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 5, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"connection">>, <<"upgrade">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- reject_upgrade_header(Config) ->
- doc("An extended CONNECT request with a upgrade header must be rejected "
- "with a PROTOCOL_ERROR stream error. (draft-01 5, RFC7540 8.1.2.6)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"upgrade">>, <<"websocket">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << _:24, 3:8, _:8, 1:32, 1:32 >>} = gen_tcp:recv(Socket, 13, 6000),
- ok.
- accept_handshake_when_enabled(Config) ->
- doc("Confirm the example for Websocket over HTTP/2 works. (draft-01 5.1)"),
-
- {ok, Socket, Settings} = do_handshake(Config),
- #{enable_connect_protocol := true} = Settings,
-
- {ReqHeadersBlock, _} = cow_hpack:encode([
- {<<":method">>, <<"CONNECT">>},
- {<<":protocol">>, <<"websocket">>},
- {<<":scheme">>, <<"http">>},
- {<<":path">>, <<"/ws">>},
- {<<":authority">>, <<"localhost">>},
- {<<"sec-websocket-version">>, <<"13">>},
- {<<"origin">>, <<"http://localhost">>}
- ]),
- ok = gen_tcp:send(Socket, cow_http2:headers(1, nofin, ReqHeadersBlock)),
-
- {ok, << Len1:24, 1:8, _:8, 1:32 >>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, RespHeadersBlock} = gen_tcp:recv(Socket, Len1, 1000),
- {RespHeaders, _} = cow_hpack:decode(RespHeadersBlock),
- {_, <<"200">>} = lists:keyfind(<<":status">>, 1, RespHeaders),
-
- Mask = 16#37fa213d,
- MaskedHello = ws_SUITE:do_mask(<<"Hello">>, Mask, <<>>),
- ok = gen_tcp:send(Socket, cow_http2:data(1, nofin,
- <<1:1, 0:3, 1:4, 1:1, 5:7, Mask:32, MaskedHello/binary>>)),
- {ok, <<Len2:24, _:8, _:8, _:32>>} = gen_tcp:recv(Socket, 9, 1000),
- {ok, <<1:1, 0:3, 1:4, 0:1, 5:7, "Hello">>} = gen_tcp:recv(Socket, Len2, 1000),
- ok.
|