test: improve test to ensure ipv6 compatability

hashicorp · Sep 18, 2024 · b1cca67 · b1cca67
1 parent 913e6d7
commit b1cca67
Show file tree

Hide file tree

Showing 12 changed files with 116 additions and 45 deletions.
diff --git a/api/client_test.go b/api/client_test.go
@@ -23,11 +23,17 @@ func TestConfigSetAddress(t *testing.T) {
 
 	tests := []test{
 		{
-			"bare",
+			"ipv4",
 			"http://127.0.0.1:9200",
 			"http://127.0.0.1:9200",
 			"",
 		},
+		{
+			"ipv6",
+			"http://[::1]:9200",
+			"http://[::1]:9200",
+			"",
+		},
 		{
 			"bare with version",
 			"http://127.0.0.1:9200/v1",

diff --git a/api/proxy/proxy_test.go b/api/proxy/proxy_test.go
@@ -169,6 +169,9 @@ func testSessionAuth(t *testing.T) *targets.SessionAuthorizationData {
 			{
 				Address: "localhost:9202",
 			},
+			{
+				Address: "[::1]:9201",
+			},
 		},
 	}
 

diff --git a/internal/auth/oidc/repository_auth_method_update_test.go b/internal/auth/oidc/repository_auth_method_update_test.go
@@ -724,7 +724,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) {
 	// do not run these tests with t.Parallel()
 	ctx := context.Background()
 
-	tp := oidc.StartTestProvider(t)
+	tp := oidc.StartTestProvider(t, oidc.WithTestHost("::1"))
 	tpClientId := "alice-rp"
 	tpClientSecret := "her-dog's-name"
 	tp.SetClientCreds(tpClientId, tpClientSecret)
@@ -744,7 +744,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) {
 	databaseWrapper, err := kmsCache.GetWrapper(context.Background(), org.PublicId, kms.KeyPurposeDatabase)
 	require.NoError(t, err)
 	port := testutil.TestFreePort(t)
-	testAuthMethodCallback, err := url.Parse(fmt.Sprintf("http://localhost:%d/callback", port))
+	testAuthMethodCallback, err := url.Parse(fmt.Sprintf("http://[::1]:%d/callback", port))
 	require.NoError(t, err)
 	testAuthMethod := TestAuthMethod(t,
 		conn, databaseWrapper,
@@ -793,7 +793,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) {
 			authMethod: func() *AuthMethod {
 				cp := testAuthMethod.Clone()
 				port := testutil.TestFreePort(t)
-				cp.Issuer = fmt.Sprintf("http://localhost:%d", port)
+				cp.Issuer = fmt.Sprintf("http://[::1]:%d", port)
 				return cp
 			}(),
 			withAuthMethod:  true,
@@ -1327,7 +1327,7 @@ func Test_pingEndpoint(t *testing.T) {
 						}, nil
 					},
 				}
-				return client, http.MethodGet, "http://localhost/get"
+				return client, http.MethodGet, "http://[::1]/get"
 			},
 			wantStatus: 200,
 		},
@@ -1341,7 +1341,7 @@ func Test_pingEndpoint(t *testing.T) {
 						}, nil
 					},
 				}
-				return client, http.MethodGet, "http://localhost/get"
+				return client, http.MethodGet, "http://[::1]/get"
 			},
 			wantStatus: 500,
 		},
@@ -1353,7 +1353,7 @@ func Test_pingEndpoint(t *testing.T) {
 						return nil, fmt.Errorf("invalid request")
 					},
 				}
-				return client, http.MethodGet, "http://localhost/get"
+				return client, http.MethodGet, "http://[::1]/get"
 			},
 			wantErr: true,
 		},

diff --git a/internal/clientcache/internal/daemon/options_test.go b/internal/clientcache/internal/daemon/options_test.go
@@ -26,10 +26,10 @@ func Test_GetOpts(t *testing.T) {
 		assert.Equal(t, opts, testOpts)
 	})
 	t.Run("WithUrl", func(t *testing.T) {
-		opts, err := getOpts(WithUrl(ctx, "http://localhost:9200"))
+		opts, err := getOpts(WithUrl(ctx, "http://[::1]:9200"))
 		require.NoError(t, err)
 		testOpts := getDefaultOptions()
-		testOpts.withUrl = "http://localhost:9200"
+		testOpts.withUrl = "http://[::1]:9200"
 		assert.Equal(t, opts, testOpts)
 	})
 	t.Run("WithLogger", func(t *testing.T) {

diff --git a/internal/event/cloudevents_formatter_node_test.go b/internal/event/cloudevents_formatter_node_test.go
@@ -20,7 +20,7 @@ import (
 
 func Test_newCloudEventsFormatterFilter(t *testing.T) {
 	t.Parallel()
-	testSource, err := url.Parse("https://localhost:9200")
+	testSource, err := url.Parse("https://[::1]:9200")
 	require.NoError(t, err)
 	tests := []struct {
 		name            string
@@ -152,7 +152,7 @@ func Test_newCloudEventsFormatterFilter(t *testing.T) {
 func TestNode_Process(t *testing.T) {
 	t.Parallel()
 	ctx := context.Background()
-	testUrl, err := url.Parse("https://localhost")
+	testUrl, err := url.Parse("https://[::1]")
 	require.NoError(t, err)
 	now := time.Now()
 
@@ -294,12 +294,12 @@ func TestNode_Process(t *testing.T) {
 			},
 			wantText: `{
   "id": "%s",
-  "source": "https://localhost",
+  "source": "https://[::1]",
   "specversion": "1.0",
   "type": "test",
   "data": "test-string",
   "datacontentype": "text/plain",
-  "dataschema": "https://localhost",
+  "dataschema": "https://[::1]",
   "time": %s
 }
 `,

diff --git a/internal/ratelimit/handler_test.go b/internal/ratelimit/handler_test.go
@@ -67,7 +67,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -109,7 +109,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -151,7 +151,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -193,7 +193,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -235,7 +235,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -277,7 +277,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -319,7 +319,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusOK,
 			http.Header{
@@ -369,7 +369,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusTooManyRequests,
 			http.Header{
@@ -436,7 +436,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusServiceUnavailable,
 			http.Header{
@@ -477,7 +477,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusInternalServerError,
 			http.Header{},
@@ -516,7 +516,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusNotFound,
 			http.Header{},
@@ -555,7 +555,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusBadRequest,
 			http.Header{},
@@ -594,7 +594,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusMethodNotAllowed,
 			http.Header{},
@@ -633,7 +633,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusMethodNotAllowed,
 			http.Header{},
@@ -672,7 +672,7 @@ func TestHandler(t *testing.T) {
 				require.NoError(t, err)
 				return r
 			},
-			"127.0.0.1",
+			"[::1]",
 			"authtoken",
 			http.StatusMethodNotAllowed,
 			http.Header{},
@@ -756,7 +756,7 @@ func TestHandlerErrors(t *testing.T) {
 				ctx, err = event.NewRequestInfoContext(ctx, &event.RequestInfo{
 					Id:       id,
 					EventId:  common.GeneratedTraceId(ctx),
-					ClientIp: "127.0.0.1",
+					ClientIp: "[::1]",
 				})
 				require.NoError(t, err)
 				return ctx

diff --git a/internal/server/repository_controller_test.go b/internal/server/repository_controller_test.go
@@ -54,13 +54,29 @@ func TestRepository_UpsertController(t *testing.T) {
 			wantErr: true,
 		},
 		{
-			name: "valid-controller",
+			name: "valid-ipv4-controller",
 			controller: &store.Controller{
-				PrivateId: "test-controller",
+				PrivateId: "test-ipv4-controller",
 				Address:   "127.0.0.1",
 			},
 			wantCount: 1,
 		},
+		{
+			name: "valid-ipv6-controller",
+			controller: &store.Controller{
+				PrivateId: "test-ipv6-controller",
+				Address:   "[2001:4860:4860:0:0:0:0:8888]",
+			},
+			wantCount: 1,
+		},
+		{
+			name: "valid-abbreviated-ipv6-controller",
+			controller: &store.Controller{
+				PrivateId: "test-abbreviated-ipv6-controller",
+				Address:   "[2001:4860:4860::8888]",
+			},
+			wantCount: 1,
+		},
 		{
 			name: "valid-controller-short-name",
 			controller: &store.Controller{

diff --git a/internal/session/session_connect_with_test.go b/internal/session/session_connect_with_test.go
@@ -29,7 +29,7 @@ func TestConnectWith_validate(t *testing.T) {
 		wantErr bool
 	}{
 		{
-			name: "valid",
+			name: "valid-ipv4",
 			fields: fields{
 				SessionId:          id,
 				ClientTcpAddress:   "0.0.0.1",
@@ -39,6 +39,17 @@ func TestConnectWith_validate(t *testing.T) {
 				UserClientIp:       "127.0.0.1",
 			},
 		},
+		{
+			name: "valid-ipv6",
+			fields: fields{
+				SessionId:          id,
+				ClientTcpAddress:   "[::1]",
+				ClientTcpPort:      22,
+				EndpointTcpAddress: "[::1]",
+				EndpointTcpPort:    2222,
+				UserClientIp:       "[::2]",
+			},
+		},
 		{
 			name: "missing-SessionId",
 			fields: fields{

diff --git a/internal/session/session_test.go b/internal/session/session_test.go
@@ -33,7 +33,7 @@ func TestSession_Create(t *testing.T) {
 	composedOf := testSessionCredentialParams(t, conn, wrapper, iamRepo)
 	exp := &timestamp.Timestamp{Timestamp: timestamppb.New(time.Now().Add(time.Hour))}
 
-	defaultAddresses := []string{"1.2.3.4", "a.b.c.d"}
+	defaultAddresses := []string{"1.2.3.4", "a.b.c.d", "[2001:4860:4860::8888]", "[2001:4860:4860:0:0:0:0:8888]"}
 	type args struct {
 		composedOf ComposedOf
 		addresses  []string
@@ -50,7 +50,7 @@ func TestSession_Create(t *testing.T) {
 		wantCreateErr bool
 	}{
 		{
-			name: "valid-hostset-host",
+			name: "valid-hostset-host-ipv4",
 			args: args{
 				composedOf: composedOf,
 				opt:        []Option{WithExpirationTime(exp)},
@@ -72,6 +72,33 @@ func TestSession_Create(t *testing.T) {
 			},
 			create: true,
 		},
+		{
+			name: "valid-hostset-host-ipv6",
+			args: args{
+				composedOf: func() ComposedOf {
+					c := composedOf
+					c.Endpoint = "tcp://[::1]:22"
+					return c
+				}(),
+				opt:       []Option{WithExpirationTime(exp)},
+				addresses: defaultAddresses,
+			},
+			want: &Session{
+				UserId:             composedOf.UserId,
+				HostId:             composedOf.HostId,
+				TargetId:           composedOf.TargetId,
+				HostSetId:          composedOf.HostSetId,
+				AuthTokenId:        composedOf.AuthTokenId,
+				ProjectId:          composedOf.ProjectId,
+				Endpoint:           "tcp://[::1]:22",
+				ExpirationTime:     composedOf.ExpirationTime,
+				ConnectionLimit:    composedOf.ConnectionLimit,
+				DynamicCredentials: composedOf.DynamicCredentials,
+				StaticCredentials:  composedOf.StaticCredentials,
+				CorrelationId:      composedOf.CorrelationId,
+			},
+			create: true,
+		},
 		{
 			name: "valid-target-address",
 			args: args{