[Privoxy-commits] [privoxy] 15/38: Add test scenario acl-multiple-ip-addresses-specified-with-destination
User Git
git at git.privoxy.org
Thu Apr 9 09:37:13 CEST 2026
This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository privoxy.
commit 748a2cca7ebb3a2f696aafddc00af9694d16976b
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Wed Apr 1 10:28:09 2026 +0200
Add test scenario acl-multiple-ip-addresses-specified-with-destination
---
.../data/DISABLED | 1 +
.../data/test1 | 33 +++++++++++
.../data/test2 | 47 +++++++++++++++
.../data/test3 | 44 ++++++++++++++
.../data/test4 | 44 ++++++++++++++
.../data/test5 | 44 ++++++++++++++
.../data/test6 | 42 +++++++++++++
.../data/test7 | 62 +++++++++++++++++++
.../data/test8 | 69 ++++++++++++++++++++++
.../privoxy.conf | 24 ++++++++
.../templates/connect-failed | 1 +
11 files changed, 411 insertions(+)
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/DISABLED b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/DISABLED
new file mode 100644
index 00000000..da43e6a4
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/DISABLED
@@ -0,0 +1 @@
+# Don't disable any tests.
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test1 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test1
new file mode 100644
index 00000000..cfa2aff8
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test1
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Connection: close
+Content-Type: text/html
+Content-Length: 14
+
+Blafaseldieda
+</data>
+</reply>
+
+<client>
+<server>
+http
+</server>
+<name>
+Request from permitted IP address
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER
+</command>
+</client>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test2 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test2
new file mode 100644
index 00000000..dc49e25b
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test2
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<proxy-reply>
+<data>
+HTTP/1.1 503 Connect failed
+Content-Length: 44
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Wed, 01 Apr 2026 07:30:49 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+Could not connect to destination 127.0.1.2.
+</data>
+</proxy-reply>
+
+<client>
+<name>
+Request from client address from denied network range that does not have an exception
+</name>
+<command>
+--interface 127.0.1.2 http://127.0.1.2/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.2
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+<strip>
+^Date
+</strip>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test3 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test3
new file mode 100644
index 00000000..ff4ad0d9
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test3
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP CONNECT
+HTTPS
+</keywords>
+</info>
+
+<proxy-reply>
+<data>
+HTTP/1.1 503 Connect failed
+Content-Length: 48
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Wed, 01 Apr 2026 07:30:49 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+</data>
+</proxy-reply>
+
+<client>
+<name>
+Request from denied client address to https address without https inspection enabled
+</name>
+<command>
+--interface 127.0.1.2 https://127.0.1.2/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.2
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+7
+</errorcode>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test4 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test4
new file mode 100644
index 00000000..8cad828e
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test4
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<proxy-reply>
+<data>
+HTTP/1.1 503 Connect failed
+Content-Length: 44
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Wed, 01 Apr 2026 07:30:49 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+Could not connect to destination 127.0.0.1.
+</data>
+</proxy-reply>
+
+<client>
+<name>
+Request from client address from denied network range
+</name>
+<command>
+--interface 127.0.1.3 http://127.0.0.1/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.3
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test5 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test5
new file mode 100644
index 00000000..d7c9b092
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test5
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<<proxy-reply>
+<data>
+HTTP/1.1 503 Connect failed
+Content-Length: 44
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Wed, 01 Apr 2026 07:30:49 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+Could not connect to destination 127.0.0.1.
+</data>
+</proxy-reply>
+
+<client>
+<name>
+Request from client address from denied network range
+</name>
+<command>
+--head --interface 127.0.1.3 http://127.0.0.1/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.3
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test6 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test6
new file mode 100644
index 00000000..f8919ddc
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test6
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Connection: close
+Content-Type: text/html
+Content-Length: 14
+
+Blafaseldieda
+</data>
+</reply>
+
+<client>
+<server>
+http
+</server>
+<name>
+Request from client address from denied network range to destination that has an exception
+</name>
+<command>
+--interface 127.0.1.2 http://127.0.0.1:%HTTPPORT/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.2
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test7 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test7
new file mode 100644
index 00000000..3fa21c81
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test7
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Connection: keep-alive
+Content-Type: text/html
+Content-Length: 14
+
+Blafaseldieda
+</data>
+</reply>
+
+<client>
+<server>
+http
+</server>
+<name>
+Request from client address from denied network range to destination that has an exception followed by a destination that is denied
+</name>
+<command>
+--interface 127.0.1.2 http://127.0.0.1:%HTTPPORT/%TESTNUMBER http://127.0.0.5/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.2
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+<stdout>
+HTTP/1.1 200 OK
+Connection: keep-alive
+Content-Type: text/html
+Content-Length: 14
+Proxy-Connection: keep-alive
+
+Blafaseldieda
+HTTP/1.1 503 Connect failed
+Content-Length: 44
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Fri, 03 Apr 2026 07:34:35 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+Could not connect to destination 127.0.0.5.
+</stdout>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test8 b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test8
new file mode 100644
index 00000000..796e3f6b
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/data/test8
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
+
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Connection: keep-alive
+Content-Type: text/html
+Content-Length: 14
+
+Blafaseldieda
+</data>
+</reply>
+
+<client>
+<server>
+http
+</server>
+<name>
+Request from client address from denied network range to destination that has an exception followed by a destination that is denied followed by a request that is allowed
+</name>
+<command>
+--interface 127.0.1.2 http://127.0.0.1:%HTTPPORT/%TESTNUMBER http://127.0.0.5/%TESTNUMBER http://127.0.0.1:%HTTPPORT/%TESTNUMBER
+</command>
+<precheck>
+%PERL $TESTDIR/../../bind-to-address.pl 127.0.1.2
+</precheck>
+</client>
+
+<verify>
+<errorcode>
+0
+</errorcode>
+<stdout>
+HTTP/1.1 200 OK
+Connection: keep-alive
+Content-Type: text/html
+Content-Length: 14
+Proxy-Connection: keep-alive
+
+Blafaseldieda
+HTTP/1.1 503 Connect failed
+Content-Length: 44
+Content-Type: text/html
+Cache-Control: no-cache
+X-Ignore-Header: Date
+Date: Fri, 03 Apr 2026 07:34:35 GMT
+Last-Modified: Wed, 08 Jun 1955 12:00:00 GMT
+Expires: Sat, 17 Jun 2000 12:00:00 GMT
+Pragma: no-cache
+
+Could not connect to destination 127.0.0.5.
+HTTP/1.1 200 OK
+Connection: keep-alive
+Content-Type: text/html
+Content-Length: 14
+Proxy-Connection: keep-alive
+
+Blafaseldieda
+</stdout>
+</verify>
+
+</testcase>
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/privoxy.conf b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/privoxy.conf
new file mode 100644
index 00000000..387036f2
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/privoxy.conf
@@ -0,0 +1,24 @@
+listen-address 127.0.0.1:9119
+
+debug 1 # Log the destination for each request Privoxy let through. See also debug 1024.
+debug 2 # show each connection status
+debug 4 # show tagging-related messages
+debug 8 # show header parsing
+debug 32 # debug force feature
+debug 64 # debug regular expression filters
+debug 128 # debug redirects
+debug 256 # debug GIF de-animation
+debug 512 # Common Log Format
+debug 1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+debug 4096 # Startup banner and warnings.
+debug 8192 # Non-fatal errors
+
+templdir ./templates
+
+deny-access 127.0.1.1/24
+deny-access 127.0.1.1/16 127.0.1.1
+permit-access 127.0.0.1
+permit-access 127.0.1.2 127.0.0.1
+permit-access 127.0.1.1
+
+keep-alive-timeout 10
diff --git a/tests/cts/acl-multiple-ip-addresses-specified-with-destination/templates/connect-failed b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/templates/connect-failed
new file mode 100644
index 00000000..1003e2c3
--- /dev/null
+++ b/tests/cts/acl-multiple-ip-addresses-specified-with-destination/templates/connect-failed
@@ -0,0 +1 @@
+Could not connect to destination @hostport at .
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Privoxy-commits
mailing list