Refactor RDP proxy handling and update related tests

2026-05-17 20:38:35 +03:00
parent 8e9402580f
commit d551e57fd5
172 changed files with 22117 additions and 2509 deletions
@@ -23,6 +23,18 @@ import (
 	"github.com/gorilla/websocket"
 )

+type testProductionForwardTransport struct {
+	targets map[string]Server
+}
+
+func (t testProductionForwardTransport) SendProduction(ctx context.Context, nextNodeID string, envelope ProductionEnvelope) (ProductionForwardResult, error) {
+	target, ok := t.targets[strings.TrimSpace(nextNodeID)]
+	if !ok {
+		return ProductionForwardResult{}, ErrForwardPeerUnavailable
+	}
+	return target.ForwardProduction(ctx, envelope)
+}
+
 func TestMeshHealthAcceptsSameCluster(t *testing.T) {
 	local := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"}
 	server := httptest.NewServer(Server{Local: local}.Handler())
@@ -92,8 +104,9 @@ func TestFabricSessionWebSocketDisabledByDefault(t *testing.T) {
 func TestFabricSessionWebSocketPingPongAndEvents(t *testing.T) {
 	var events []FabricSessionEventLogEntry
 	server := httptest.NewServer(Server{
-		Local:                PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
-		FabricSessionEnabled: true,
+		Local:                         PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
+		FabricSessionEnabled:          true,
+		FabricSessionWebSocketEnabled: true,
 		FabricSessionLogger: func(entry FabricSessionEventLogEntry) {
 			events = append(events, entry)
 		},
@@ -119,8 +132,9 @@ func TestFabricSessionWebSocketPingPongAndEvents(t *testing.T) {

 func TestFabricSessionWebSocketOpenStreamDataAck(t *testing.T) {
 	server := httptest.NewServer(Server{
-		Local:                PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
-		FabricSessionEnabled: true,
+		Local:                         PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
+		FabricSessionEnabled:          true,
+		FabricSessionWebSocketEnabled: true,
 	}.Handler())
 	defer server.Close()

@@ -151,8 +165,9 @@ func TestFabricSessionWebSocketOpenStreamDataAck(t *testing.T) {

 func TestFabricSessionWebSocketRequiresToken(t *testing.T) {
 	server := httptest.NewServer(Server{
-		Local:                PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
-		FabricSessionEnabled: true,
+		Local:                         PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
+		FabricSessionEnabled:          true,
+		FabricSessionWebSocketEnabled: true,
 	}.Handler())
 	defer server.Close()

@@ -172,9 +187,10 @@ func TestFabricSessionWebSocketRequiresSignedAuthorityWhenConfigured(t *testing.
 		t.Fatalf("generate key: %v", err)
 	}
 	server := httptest.NewServer(Server{
-		Local:                     PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
-		FabricSessionEnabled:      true,
-		ClusterAuthorityPublicKey: base64.StdEncoding.EncodeToString(publicKey),
+		Local:                         PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
+		FabricSessionEnabled:          true,
+		FabricSessionWebSocketEnabled: true,
+		ClusterAuthorityPublicKey:     base64.StdEncoding.EncodeToString(publicKey),
 	}.Handler())
 	defer server.Close()

@@ -196,9 +212,10 @@ func TestFabricSessionWebSocketAcceptsSignedAuthority(t *testing.T) {
 	token := "rap_fsn_signedtest"
 	var events []FabricSessionEventLogEntry
 	server := httptest.NewServer(Server{
-		Local:                     PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
-		FabricSessionEnabled:      true,
-		ClusterAuthorityPublicKey: base64.StdEncoding.EncodeToString(publicKey),
+		Local:                         PeerIdentity{ClusterID: "cluster-1", NodeID: "node-a"},
+		FabricSessionEnabled:          true,
+		FabricSessionWebSocketEnabled: true,
+		ClusterAuthorityPublicKey:     base64.StdEncoding.EncodeToString(publicKey),
 		FabricSessionLogger: func(entry FabricSessionEventLogEntry) {
 			events = append(events, entry)
 		},
@@ -360,23 +377,20 @@ func TestMeshForwardingGateDeliversFabricControlAtDestination(t *testing.T) {
 func TestMeshForwardingGateForwardsDirectFabricControlToNextHop(t *testing.T) {
 	nodeC := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-c"}
 	var deliveredObservation ProductionEnvelopeObservation
-	serverC := httptest.NewServer(Server{
+	serverC := Server{
 		Local:                       nodeC,
 		ProductionForwardingEnabled: true,
 		ProductionEnvelopeObserver: func(_ context.Context, observation ProductionEnvelopeObservation) error {
 			deliveredObservation = observation
 			return nil
 		},
-	}.Handler())
-	defer serverC.Close()
+	}

 	nodeB := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"}
 	serverB := httptest.NewServer(Server{
 		Local:                       nodeB,
 		ProductionForwardingEnabled: true,
-		ProductionForwardTransport: NewHTTPProductionForwardTransport(map[string]string{
-			nodeC.NodeID: serverC.URL,
-		}),
+		ProductionForwardTransport:  testProductionForwardTransport{targets: map[string]Server{nodeC.NodeID: serverC}},
 	}.Handler())
 	defer serverB.Close()

@@ -414,36 +428,30 @@ func TestMeshForwardingGateForwardsMultiHopFabricControlByRoutePath(t *testing.T
 	var deliveredObservation ProductionEnvelopeObservation
 	var nodeREvents []ProductionForwardLogEntry
 	var nodeBEvents []ProductionForwardLogEntry
-	serverC := httptest.NewServer(Server{
+	serverC := Server{
 		Local:                       nodeC,
 		ProductionForwardingEnabled: true,
 		ProductionEnvelopeObserver: func(_ context.Context, observation ProductionEnvelopeObservation) error {
 			deliveredObservation = observation
 			return nil
 		},
-	}.Handler())
-	defer serverC.Close()
+	}

 	nodeR := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-r"}
-	serverR := httptest.NewServer(Server{
+	serverR := Server{
 		Local:                       nodeR,
 		ProductionForwardingEnabled: true,
-		ProductionForwardTransport: NewHTTPProductionForwardTransport(map[string]string{
-			nodeC.NodeID: serverC.URL,
-		}),
+		ProductionForwardTransport:  testProductionForwardTransport{targets: map[string]Server{nodeC.NodeID: serverC}},
 		ProductionForwardLogger: func(entry ProductionForwardLogEntry) {
 			nodeREvents = append(nodeREvents, entry)
 		},
-	}.Handler())
-	defer serverR.Close()
+	}

 	nodeB := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"}
 	serverB := httptest.NewServer(Server{
 		Local:                       nodeB,
 		ProductionForwardingEnabled: true,
-		ProductionForwardTransport: NewHTTPProductionForwardTransport(map[string]string{
-			nodeR.NodeID: serverR.URL,
-		}),
+		ProductionForwardTransport:  testProductionForwardTransport{targets: map[string]Server{nodeR.NodeID: serverR}},
 		ProductionForwardLogger: func(entry ProductionForwardLogEntry) {
 			nodeBEvents = append(nodeBEvents, entry)
 		},
@@ -490,7 +498,7 @@ func TestMeshForwardingGateForwardsConfiguredProductionRoute(t *testing.T) {
 	nodeC := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-c"}
 	route := configuredProductionRoute("route-1", []string{"node-a", "node-b", "node-r", nodeC.NodeID})
 	var deliveredObservation ProductionEnvelopeObservation
-	serverC := httptest.NewServer(Server{
+	serverC := Server{
 		Local:                       nodeC,
 		ProductionForwardingEnabled: true,
 		ProductionRoutes:            []SyntheticRoute{route},
@@ -498,28 +506,22 @@ func TestMeshForwardingGateForwardsConfiguredProductionRoute(t *testing.T) {
 			deliveredObservation = observation
 			return nil
 		},
-	}.Handler())
-	defer serverC.Close()
+	}

 	nodeR := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-r"}
-	serverR := httptest.NewServer(Server{
+	serverR := Server{
 		Local:                       nodeR,
 		ProductionForwardingEnabled: true,
 		ProductionRoutes:            []SyntheticRoute{route},
-		ProductionForwardTransport: NewHTTPProductionForwardTransport(map[string]string{
-			nodeC.NodeID: serverC.URL,
-		}),
-	}.Handler())
-	defer serverR.Close()
+		ProductionForwardTransport:  testProductionForwardTransport{targets: map[string]Server{nodeC.NodeID: serverC}},
+	}

 	nodeB := PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"}
 	serverB := httptest.NewServer(Server{
 		Local:                       nodeB,
 		ProductionForwardingEnabled: true,
 		ProductionRoutes:            []SyntheticRoute{route},
-		ProductionForwardTransport: NewHTTPProductionForwardTransport(map[string]string{
-			nodeR.NodeID: serverR.URL,
-		}),
+		ProductionForwardTransport:  testProductionForwardTransport{targets: map[string]Server{nodeR.NodeID: serverR}},
 	}.Handler())
 	defer serverB.Close()

@@ -5016,3 +5018,30 @@ func TestSyntheticEndpointDisabledByDefault(t *testing.T) {
 		t.Fatalf("status = %d, want %d", resp.StatusCode, http.StatusServiceUnavailable)
 	}
 }
+
+func TestHTTPDataPlaneDisabledRequiresQUIC(t *testing.T) {
+	server := httptest.NewServer(Server{
+		Local:                PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"},
+		SyntheticRuntime:     NewSyntheticRuntime(SyntheticRuntimeConfig{Enabled: true, Local: PeerIdentity{ClusterID: "cluster-1", NodeID: "node-b"}}),
+		DisableHTTPDataPlane: true,
+	}.Handler())
+	defer server.Close()
+
+	resp, err := http.Post(server.URL+"/mesh/v1/synthetic/probe", "application/json", bytes.NewReader([]byte(`{}`)))
+	if err != nil {
+		t.Fatalf("post synthetic probe: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusGone {
+		t.Fatalf("synthetic status = %d, want %d", resp.StatusCode, http.StatusGone)
+	}
+
+	resp, err = http.Post(server.URL+"/mesh/v1/forward", "application/json", bytes.NewReader([]byte(`{}`)))
+	if err != nil {
+		t.Fatalf("post production forward: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusGone {
+		t.Fatalf("forward status = %d, want %d", resp.StatusCode, http.StatusGone)
+	}
+}