Add basic tests for new JS challenge behaviour

framework/deproxy_client.py

@@ -300,10 +300,11 @@ def make_requests(self, requests: list[deproxy.Request | str], pipelined=False)
                 request if isinstance(request, str) else request.msg for request in requests
             ]
 
+            req_buf_len = len(self.request_buffers)
             self._add_to_request_buffers("".join(requests))
             self.valid_req_num += len(requests)
 
-            self.nrreq += len(self.request_buffers)
+            self.nrreq += len(self.request_buffers) - req_buf_len
         else:
             for request in requests:
                 self.make_request(request)

helpers/deproxy.py

@@ -681,9 +681,9 @@ def create(
         request.method = method
         request.uri = uri
         request.version = version
-        request.headers = HeaderCollection(
-            **{header[0]: header[1] for header in pseudo_headers + headers}
-        )
+        request.headers = HeaderCollection()
+        for header in pseudo_headers + headers:
+            request.headers.add(name=header[0], value=header[1])
         request.body = body
         request.build_message()
 

helpers/nginx.py

@@ -95,8 +95,9 @@ def set_workdir(self, workdir):
 
     def set_resourse_location(self, location=""):
         if not location:
-            location = tf_cfg.cfg.get("Server", "resources")
-        self.location = "root %s" % location
+            self.location = "return 200"
+        else:
+            self.location = "root %s" % location
         self.update_config()
 
     def set_return_code(self, code=200):

http2_general/test_h2_frame.py

@@ -430,7 +430,7 @@ class TestH2FrameEnabledDisabledTsoGroGsoStickyCookie(
                 proxy_pass default;
                 sticky {
                     sticky_sessions;
-                    cookie enforce;
+                    cookie enforce max_misses=0;
                     secret "f00)9eR59*_/22";
                 }
             }

http2_general/test_h2_headers.py

@@ -11,7 +11,7 @@
 from hyperframe import frame
 
 from framework import tester
-from framework.parameterize import param, parameterize
+from framework.parameterize import param, parameterize, parameterize_class
 from helpers import tf_cfg
 from helpers.deproxy import HttpMessage
 from http2_general.helpers import H2Base
@@ -91,6 +91,21 @@
 %s
 """
 
+DEPROXY_CLIENT_HTTP = {
+    "id": "deproxy",
+    "type": "deproxy",
+    "addr": "${tempesta_ip}",
+    "port": "80",
+}
+
+DEPROXY_CLIENT_H2 = {
+    "id": "deproxy",
+    "type": "deproxy_h2",
+    "addr": "${tempesta_ip}",
+    "port": "443",
+    "ssl": True,
+}
+
 
 class HeadersParsing(H2Base):
     def test_small_header_in_request(self):
@@ -151,6 +166,108 @@ def test_long_header_name_in_response(self):
                 client.send_request(self.post_request, status_code)
 
 
+@parameterize_class(
+    [
+        {"name": "Http", "clients": [DEPROXY_CLIENT_HTTP]},
+        {"name": "H2", "clients": [DEPROXY_CLIENT_H2]},
+    ]
+)
+class CookieParsing(tester.TempestaTest):
+    cookie = {"name": "cname", "value": "123456789"}
+
+    backends = [
+        {
+            "id": "deproxy",
+            "type": "deproxy",
+            "port": "8000",
+            "response": "static",
+            "response_content": "HTTP/1.1 200 OK\r\nContent-Length: 0\r\n\r\n",
+        }
+    ]
+
+    tempesta = {
+        "config": """
+listen 80;
+listen 443 proto=h2;
+
+tls_certificate ${tempesta_workdir}/tempesta.crt;
+tls_certificate_key ${tempesta_workdir}/tempesta.key;
+tls_match_any_server_name;
+
+server ${server_ip}:8000;
+
+block_action attack reply;
+
+sticky {
+    cookie enforce;
+}
+"""
+    }
+
+    @parameterize.expand(
+        [
+            param(name="single_cookie", cookies="{0}", expected_status_code="200"),
+            param(
+                name="many_cookie_first",
+                cookies="{0}; cookie1=value1; cookie2=value2",
+                expected_status_code="200",
+            ),
+            param(
+                name="many_cookie_last",
+                cookies="cookie1=value1; cookie2=value2; {0}",
+                expected_status_code="200",
+            ),
+            param(
+                name="many_cookie_between",
+                cookies="cookie1=value1; {0}; cookie2=value2",
+                expected_status_code="200",
+            ),
+            param(name="duplicate_cookie", cookies="{0}; {0}", expected_status_code="500"),
+            param(
+                name="many_cookie_and_name_as_substring_other_name_1",
+                cookies="cookie1__tfw=value1; {0}",
+                expected_status_code="200",
+            ),
+            param(
+                name="many_cookie_and_name_as_substring_other_name_2",
+                cookies="__tfwcookie1=value1; {0}",
+                expected_status_code="200",
+            ),
+            param(
+                name="many_cookie_and_name_as_substring_other_value_1",
+                cookies="cookie1=value1__tfw; {0}",
+                expected_status_code="200",
+            ),
+            param(
+                name="many_cookie_and_name_as_substring_other_value_2",
+                cookies="cookie1=__tfwvalue1; {0}",
+                expected_status_code="200",
+            ),
+        ]
+    )
+    def test(self, name, cookies, expected_status_code):
+        self.start_all_services()
+
+        client = self.get_client("deproxy")
+
+        client.send_request(client.create_request("GET", []), "302")
+        # get a sticky cookie from a response headers
+        tfw_cookie = client.last_response.headers.get("set-cookie").split("; ")[0].split("=")
+
+        sticky_cookie = f"{tfw_cookie[0]}={tfw_cookie[1]}"
+        for _ in range(2):  # first as string and second as bytes from dynamic table
+            client.send_request(
+                request=client.create_request(
+                    method="GET",
+                    headers=[("cookie", cookies.format(sticky_cookie))],
+                ),
+                expected_status_code=expected_status_code,
+            )
+            if expected_status_code != "200":
+                self.assertTrue(client.wait_for_connection_close())
+                break
+
+
 class DuplicateSingularHeader(H2Base):
     def test_two_header_as_bytes_from_dynamic_table(self):
         client = self.get_client("deproxy")
@@ -1302,12 +1419,7 @@ def __do_test_replacement(self, client, server, content_type, expected_content_t
         ):
             request = client.create_request(
                 method="POST",
-                headers=[
-                    (":authority", "localhost"),
-                    (":path", "/"),
-                    (":scheme", "https"),
-                    ("content-type", content_type.format(*state)),
-                ],
+                headers=[("content-type", content_type.format(*state))],
             )
 
             client.send_request(request, "200")
@@ -1322,12 +1434,7 @@ def test_content_length_field_from_hpack_table(self):
 
         request = client.create_request(
             method="POST",
-            headers=[
-                (":authority", "localhost"),
-                (":path", "/"),
-                (":scheme", "https"),
-                ("content-length", "10"),
-            ],
+            headers=[("content-length", "10")],
             body="aaaaaaaaaa",
         )
 
@@ -1354,12 +1461,7 @@ def test_method_override_from_hpack_table(self):
 
         request = client.create_request(
             method="GET",
-            headers=[
-                (":authority", "localhost"),
-                (":path", "/"),
-                (":scheme", "https"),
-                ("x-http-method-override", "HEAD"),
-            ],
+            headers=[("x-http-method-override", "HEAD")],
         )
 
         tempesta = self.get_tempesta()
@@ -1381,12 +1483,7 @@ def test_pragma_from_hpack_table(self):
 
         request = client.create_request(
             method="GET",
-            headers=[
-                (":authority", "localhost"),
-                (":path", "/"),
-                (":scheme", "https"),
-                ("pragma", "no-cache"),
-            ],
+            headers=[("pragma", "no-cache")],
         )
 
         tempesta = self.get_tempesta()
@@ -1397,14 +1494,7 @@ def test_pragma_from_hpack_table(self):
         client.send_request(request, "200")
         self.assertEqual(2, len(server.requests))
 
-        request = client.create_request(
-            method="GET",
-            headers=[
-                (":authority", "localhost"),
-                (":path", "/"),
-                (":scheme", "https"),
-            ],
-        )
+        request = client.create_request(method="GET", headers=[])
 
         client.send_request(request, "200")
         self.assertEqual(3, len(server.requests))

selftests/test_deproxy.py

@@ -1,6 +1,7 @@
 from h2.exceptions import ProtocolError
 
 from framework import deproxy_client, tester
+from framework.parameterize import param, parameterize
 from helpers import chains, deproxy, tempesta, tf_cfg
 from testers import functional
 
@@ -155,6 +156,24 @@ def test_make_request(self):
         self.assertTrue(deproxy_cl.wait_for_response(timeout=0.5))
         self.assertEqual(deproxy_cl.last_response.status, "200")
 
+    def test_duplicate_headers(self):
+        client = self.get_client("deproxy")
+        server = self.get_server("deproxy")
+
+        self.start_all_services()
+        client.send_request(
+            request=client.create_request(
+                method="GET",
+                headers=[
+                    ("cookie", "name1=value1"),
+                    ("cookie", "name2=value2"),
+                ],
+            ),
+            expected_status_code="200",
+        )
+
+        self.assertEqual(server.last_request.headers.get("cookie"), "name1=value1; name2=value2")
+
     def test_parsing_make_request(self):
         self.start_all()
 
@@ -367,20 +386,26 @@ def test_many_make_request_2(self):
         self.assertEqual(client.last_response.status, "400")
         self.assertEqual(len(client.responses), 1)
 
-    def test_make_requests(self):
+    def __send_requests(self, client, request, count, expected_len, pipelined):
+        client.make_requests([request] * count, pipelined=pipelined)
+        client.wait_for_response(timeout=3)
+
+        self.assertEqual(len(client.responses), expected_len)
+        for res in client.responses:
+            self.assertEqual(res.status, "200")
+
+    @parameterize.expand(
+        [param(name="not_pipelined", pipelined=False), param(name="pipelined", pipelined=True)]
+    )
+    def test_make_requests(self, name, pipelined):
         self.start_all()
         client: deproxy_client.DeproxyClient = self.get_client("deproxy")
         client.parsing = True
 
         request = "GET / HTTP/1.1\r\nHost: localhost\r\n\r\n"
 
-        messages = 5
-        client.make_requests([request] * messages)
-        client.wait_for_response(timeout=3)
-
-        self.assertEqual(len(client.responses), messages)
-        for res in client.responses:
-            self.assertEqual(res.status, "200")
+        self.__send_requests(client, request, 3, 3, pipelined)
+        self.__send_requests(client, request, 3, 6, pipelined)
 
     def test_parsing_make_requests(self):
         self.start_all()