mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-27 12:02:10 -05:00
019555fb1d
This commit adds a system test suite for PROXYv2. The idea on which it is based is simple: 1. Firstly we check that 'allow-proxy' and 'allow-proxy-on' (whatever is using the new 'isc_nmhandle_real_localaddr/peeraddr()') do what they intended to do. 2. Anything else that needs an interface or peer address (ACL functionality, for example) is using the old 'isc_nmhandle_localaddr/peeraddr()' - which are now returning addresses received via PROXY (if any) instead of the real connection addresses. The beauty of it that we DO NOT need to verify every bit of the code relying on these functions: whatever works in one place will work everywhere else, as these were the only functions that allowed any higher level code to get peer and interface addresses. This way it is relatively easy to see if PROXYv2 works as intended.
15 lines
875 B
Text
15 lines
875 B
Text
-----BEGIN CERTIFICATE-----
|
|
MIICWDCCAf+gAwIBAgIUXudNo4NQ7lRM1xFFJ4ugVtyCzKgwCgYIKoZIzj0EAwIw
|
|
gYExCzAJBgNVBAYTAlVBMRgwFgYDVQQIDA9LaGFya2l2IE9ibGFzdCcxEDAOBgNV
|
|
BAcMB0toYXJraXYxJDAiBgNVBAoMG0ludGVybmV0IFN5c3RlbXMgQ29uc29ydGl1
|
|
bTEgMB4GA1UEAwwXc2VsZi5zaWduZWQuZXhhbXBsZS5jb20wHhcNMjMxMTE3MTU1
|
|
NjI3WhcNNDQwNTMwMTU1NjI3WjCBgTELMAkGA1UEBhMCVUExGDAWBgNVBAgMD0to
|
|
YXJraXYgT2JsYXN0JzEQMA4GA1UEBwwHS2hhcmtpdjEkMCIGA1UECgwbSW50ZXJu
|
|
ZXQgU3lzdGVtcyBDb25zb3J0aXVtMSAwHgYDVQQDDBdzZWxmLnNpZ25lZC5leGFt
|
|
cGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNWscxXohNTBjcW4rhKD
|
|
ZbLi7IqI7WYe5lOS1CrukfYJuMM1+qjYnzO6Wg5qTwin/Cvr4/GTm95I64nZLPQz
|
|
CxajUzBRMB0GA1UdDgQWBBSnOr8xGlELdrcmyDIw9scsqn4UYjAfBgNVHSMEGDAW
|
|
gBSnOr8xGlELdrcmyDIw9scsqn4UYjAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49
|
|
BAMCA0cAMEQCIG0OgexHV7bl/ZHd3Rn0VAudCHC7b1W2Sr6q+7kspLfhAiBemkVD
|
|
POeoih/7KT3yn8j90+WWVlzV+mpom3eaVkjjog==
|
|
-----END CERTIFICATE-----
|