test(e2e): add e2e test for sendfile & server side https (#264)

hengyoush · Jan 9, 2025 · 3d3e1e4 · 3d3e1e4
1 parent 05b2c40
commit 3d3e1e4
Show file tree

Hide file tree

Showing 3 changed files with 132 additions and 1 deletion.
diff --git a/agent/conn/conntrack.go b/agent/conn/conntrack.go
@@ -486,7 +486,7 @@ func (c *Connection4) OnSyscallEvent(data []byte, event *bpf.SyscallEventData, r
 		}
 	} else if event.SyscallEvent.GetSourceFunction() == bpf.AgentSourceFunctionTKSyscallSendfile {
 		// sendfile has no data, so we need to fill a fake data
-		common.ConntrackLog.Errorln("sendfile has no data, so we need to fill a fake data")
+		common.ConntrackLog.Debug("sendfile has no data, so we need to fill a fake data")
 		fakeData := make([]byte, event.SyscallEvent.Ke.Len)
 		addedToBuffer = c.addDataToBufferAndTryParse(fakeData, &event.SyscallEvent.Ke)
 	}

diff --git a/testdata/nginx_https.conf b/testdata/nginx_https.conf
@@ -0,0 +1,87 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+	server {
+		listen 1443 ssl;
+		ssl_certificate /etc/test/nginx.crt;
+		ssl_certificate_key /etc/test/nginx.key;
+	}
+}
+
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+#
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}
diff --git a/testdata/test_https.sh b/testdata/test_https.sh
@@ -6,6 +6,8 @@ CMD="$1"
 FILE_PREFIX="/tmp/kyanos"
 HTTPS_CLIENT_LNAME="${FILE_PREFIX}_https_client.log"
 HTTPS_SERVER_LNAME="${FILE_PREFIX}_https_server.log"
+SENDFILE_TEST_LNAME="${FILE_PREFIX}_sendfile_test.log"
+NGINX_SERVER_HTTPS_TEST_LNAME="${FILE_PREFIX}_nginx_server_http_test.log"
 
 function test_http_plain_client() {
     pip install --break-system-packages requests || true
@@ -39,9 +41,51 @@ function test_http_plain_server() {
     # check_time_detail_completed_with_last_lines "${HTTPS_LNAME}" 2
     cat "${HTTPS_SERVER_LNAME}" | grep "python-requests"
 }
+
+function test_https_nginx_server() {
+    TEST_DIR=/etc/test
+    rm -rf ${TEST_DIR:?}/*
+    mkdir -p ${TEST_DIR}
+    openssl genrsa -out ${TEST_DIR}/nginx.key 2048
+    openssl req -new -x509 -key ${TEST_DIR}/nginx.key -out ${TEST_DIR}/nginx.crt -days 365 -nodes -subj "/C=US/ST=California/L=San Francisco/O=My Company/CN=localhost"
+    chmod -R a+r ${TEST_DIR}/*
+    # start ngnix https server via docker
+    cid=$(docker run --rm -d -p 1443:1443 -v ./testdata/nginx_https.conf:/etc/nginx/nginx.conf:ro -v ${TEST_DIR}:${TEST_DIR} nginx:latest)
+    export cid
+    echo $cid
+    timeout 30 ${CMD} watch --debug-output http --local-ports 1443 2>&1 | tee "${NGINX_SERVER_HTTPS_TEST_LNAME}" &
+    sleep 20
+
+    curl -k https://localhost:1443 || true
+    sleep 3
+    docker stop $cid
+    wait
+    cat "${NGINX_SERVER_HTTPS_TEST_LNAME}"
+    check_patterns_in_file "${NGINX_SERVER_HTTPS_TEST_LNAME}" "[request]"
+}
+
+
+function test_sendfile() {
+    # start ngnix https server via docker
+    cid=$(docker run --rm -d -p 1880:80  nginx:latest)
+    export cid
+    echo $cid
+    timeout 30 ${CMD} watch --debug-output http --local-ports 80 2>&1 | tee "${SENDFILE_TEST_LNAME}" &
+    sleep 20
+
+    curl  http://localhost:1880 || true
+    sleep 3
+    docker stop $cid
+    wait
+    cat "${SENDFILE_TEST_LNAME}"
+    check_patterns_in_file "${SENDFILE_TEST_LNAME}" "[request]"
+}
+
 function main() {
     test_http_plain_client
     test_http_plain_server
+    test_https_nginx_server
+    test_sendfile
 }
 
 main