Skip to content

Commit

Permalink
Add --unix-socket option
Browse files Browse the repository at this point in the history
This is a feature provided by cURL that allows sending requests to
a web server via a Unix Domain Socket. Some use cases
include:

* Querying docker API
* Running a web server w/o opening a TCP port for security and/or performance reasons

https://curl.se/docs/manpage.html#--unix-socket
  • Loading branch information
ztittle committed Jan 6, 2024
1 parent 1e7324b commit e57b96e
Show file tree
Hide file tree
Showing 40 changed files with 177 additions and 2 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -972,6 +972,7 @@ will follow a redirection only for the second entry.
| <a href="#ssl-no-revoke" id="ssl-no-revoke"><code>--ssl-no-revoke</code></a> | (Windows) This option tells Hurl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.<br> |
| <a href="#test" id="test"><code>--test</code></a> | Activate test mode: with this, the HTTP response is not outputted anymore, progress is reported for each Hurl file tested, and a text summary is displayed when all files have been run.<br> |
| <a href="#to-entry" id="to-entry"><code>--to-entry &lt;ENTRY_NUMBER&gt;</code></a> | Execute Hurl file to ENTRY_NUMBER (starting at 1).<br>Ignore the remaining of the file. It is useful for debugging a session.<br> |
| <a href="#unix-socket" id="unix-socket"><code>--unix-socket &lt;PATH&gt;</code></a> | (HTTP) Connect through this Unix domain socket, instead of using the network.<br> |
| <a href="#user" id="user"><code>-u, --user &lt;USER:PASSWORD&gt;</code></a> | Add basic Authentication header to each request.<br> |
| <a href="#user-agent" id="user-agent"><code>-A, --user-agent &lt;NAME&gt;</code></a> | Specify the User-Agent string to send to the HTTP server.<br> |
| <a href="#variable" id="variable"><code>--variable &lt;NAME=VALUE&gt;</code></a> | Define variable (name/value) to be used in Hurl templates.<br> |
Expand Down
3 changes: 3 additions & 0 deletions bin/test/test_prerequisites.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ if ($LASTEXITCODE) { Throw }
sleep 5
if (netstat -ano | Select-String LISTENING | Select-string 127.0.0.1:8003) {write-host -foregroundcolor Green "server-ssl-client-authent up"} else {write-host -foregroundcolor Red "server-ssl-client-authent is down" ; cat build\server-ssl-client-authent.log ; exit 1}

python unix_socket/server.py 2>&1 > build\server-unix-socket.log &
if ($LASTEXITCODE) { Throw }

Get-ChildItem -Force C:\Squid\bin
write-output "cache deny all" "cache_log /dev/null" "access_log /dev/null" "http_access allow all" "http_port 0.0.0.0:3128" "request_header_add From-Proxy Hello" "reply_header_add From-Proxy Hello" > squid.conf
C:\Squid\bin\squid -d 2 -N -f squid.conf 2>&1 | tee -Append -filepath build\proxy.log &
Expand Down
3 changes: 3 additions & 0 deletions bin/test/test_prerequisites.sh
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,9 @@ echo -e "\n------------------ Starting ssl/server.py (Self-signed certificate +
nohup python3 ssl/server.py 8003 ssl/server/cert.selfsigned.pem true > build/server-ssl-client-authent.log 2>&1 &
check_listen_port "ssl/server.py" 8003 || cat_and_exit_err build/server-ssl-client-authent.log

echo -e "\n------------------ Starting unix_socket/server.py"
python3 unix_socket/server.py > build/server-unix-socket.log 2>&1 &

echo -e "\n------------------ Starting squid (proxy)"
if [ -f /var/run/squid.pid ] ; then
sudo squid -k shutdown || true
Expand Down
4 changes: 4 additions & 0 deletions contrib/npm/hurl/docs/hurl.1
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,10 @@ Duration in milliseconds between each retry. Default is 1000 ms.

(Windows) This option tells Hurl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.

.IP "--unix-socket <PATH> "

(HTTP) Connect through this Unix domain socket, instead of using the network.

.IP "--test "

Activate test mode: with this, the HTTP response is not outputted anymore, progress is reported for each Hurl file tested, and a text summary is displayed when all files have been run.
Expand Down
1 change: 1 addition & 0 deletions contrib/sample/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ fn main() {
.retry(Retry::None)
.retry_interval(Duration::from_secs(1))
.ssl_no_revoke(false)
.unix_socket(None)
.timeout(Duration::from_secs(300))
.to_entry(None)
.user(None)
Expand Down
1 change: 1 addition & 0 deletions docs/manual.md
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ will follow a redirection only for the second entry.
| <a href="#ssl-no-revoke" id="ssl-no-revoke"><code>--ssl-no-revoke</code></a> | (Windows) This option tells Hurl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.<br> |
| <a href="#test" id="test"><code>--test</code></a> | Activate test mode: with this, the HTTP response is not outputted anymore, progress is reported for each Hurl file tested, and a text summary is displayed when all files have been run.<br> |
| <a href="#to-entry" id="to-entry"><code>--to-entry &lt;ENTRY_NUMBER&gt;</code></a> | Execute Hurl file to ENTRY_NUMBER (starting at 1).<br>Ignore the remaining of the file. It is useful for debugging a session.<br> |
| <a href="#unix-socket" id="unix-socket"><code>--unix-socket &lt;PATH&gt;</code></a> | (HTTP) Connect through this Unix domain socket, instead of using the network.<br> |
| <a href="#user" id="user"><code>-u, --user &lt;USER:PASSWORD&gt;</code></a> | Add basic Authentication header to each request.<br> |
| <a href="#user-agent" id="user-agent"><code>-A, --user-agent &lt;NAME&gt;</code></a> | Specify the User-Agent string to send to the HTTP server.<br> |
| <a href="#variable" id="variable"><code>--variable &lt;NAME=VALUE&gt;</code></a> | Define variable (name/value) to be used in Hurl templates.<br> |
Expand Down
4 changes: 4 additions & 0 deletions docs/manual/hurl.1
Original file line number Diff line number Diff line change
Expand Up @@ -332,6 +332,10 @@ Duration in milliseconds between each retry. Default is 1000 ms.

(Windows) This option tells Hurl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.

.IP "--unix-socket <PATH> "

(HTTP) Connect through this Unix domain socket, instead of using the network.

.IP "--test "

Activate test mode: with this, the HTTP response is not outputted anymore, progress is reported for each Hurl file tested, and a text summary is displayed when all files have been run.
Expand Down
4 changes: 4 additions & 0 deletions docs/manual/hurl.md
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,10 @@ Activate test mode: with this, the HTTP response is not outputted anymore, progr
Execute Hurl file to ENTRY_NUMBER (starting at 1).
Ignore the remaining of the file. It is useful for debugging a session.

### --unix-socket <PATH> {#unix-socket}

(HTTP) Connect through this Unix domain socket, instead of using the network.

### -u, --user <USER:PASSWORD> {#user}

Add basic Authentication header to each request.
Expand Down
3 changes: 3 additions & 0 deletions docs/spec/grammar/hurl.grammar
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ option:
| retry-option
| retry-interval-option
| skip-option
| unix-socket-option
| variable-option
| verbose-option
| very-verbose-option
Expand Down Expand Up @@ -190,6 +191,8 @@ retry-interval-option: "retry-interval" ":" integer-option lt

skip-option: "skip" ":" boolean-option lt

unix-socket-option: "unix-socket" ":" value-string lt

variable-option: "variable" ":" variable-definition lt

verbose-option: "verbose" ":" boolean-option lt
Expand Down
6 changes: 6 additions & 0 deletions docs/spec/options/hurl/unix_socket.option
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
name: unix_socket
long: unix-socket
value: <path>
help: (HTTP) Connect through this Unix domain socket, instead of using the network
---
(HTTP) Connect through this Unix domain socket, instead of using the network.
2 changes: 1 addition & 1 deletion integration/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ virtual environment and install required dependencies:
```shell
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip install --requirements bin/requirements-fozen.txt
$ pip install --requirement bin/requirements-frozen.txt
```

### Proxy
Expand Down
2 changes: 1 addition & 1 deletion integration/hurl/tests_error_parser/invalid_option.err
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ error: Parsing option
--> tests_error_parser/invalid_option.hurl:3:1
|
3 | foo: true
| ^ the option name is not valid. Valid values are aws-sigv4, cacert, cert, compressed, connect-to, delay, insecure, http1.0, http1.1, http2, http3, ipv4, ipv6, key, location, max-redirs, output, path-as-is, proxy, resolve, retry, retry-interval, skip, variable, verbose, very-verbose
| ^ the option name is not valid. Valid values are aws-sigv4, cacert, cert, compressed, connect-to, delay, insecure, http1.0, http1.1, http2, http3, ipv4, ipv6, key, location, max-redirs, output, path-as-is, proxy, resolve, retry, retry-interval, skip, unix-socket, variable, verbose, very-verbose
|

7 changes: 7 additions & 0 deletions integration/hurl/tests_failed/unix_socket.err.pattern
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
error: HTTP connection
--> tests_ok/unix_socket.hurl:1:5
|
1 | GET http://example/hello
| ^^^^^^^^^^^^^^^^^^^^ (7) ~~~
|

1 change: 1 addition & 0 deletions integration/hurl/tests_failed/unix_socket.exit
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
3
11 changes: 11 additions & 0 deletions integration/hurl/tests_failed/unix_socket.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Set-StrictMode -Version latest
$ErrorActionPreference = 'Stop'

$ErrorActionPreference = 'Continue'
curl --version | grep Features | grep -q UnixSockets
if ($LASTEXITCODE -eq 1) {
exit 255
}
$ErrorActionPreference = 'Stop'

hurl --unix-socket /unknown tests_ok/unix_socket.hurl
3 changes: 3 additions & 0 deletions integration/hurl/tests_failed/unix_socket.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/bash
set -Eeuo pipefail
hurl --unix-socket /unknown tests_ok/unix_socket.hurl
2 changes: 2 additions & 0 deletions integration/hurl/tests_ok/help.out.pattern
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,8 @@ Options:
Activate test mode
--to-entry <ENTRY_NUMBER>
Execute Hurl file to ENTRY_NUMBER (starting at 1)
--unix-socket <PATH>
(HTTP) Connect through this Unix domain socket, instead of using the network.
-A, --user-agent <NAME>
Specify the User-Agent string to send to the HTTP server
-u, --user <USER:PASSWORD>
Expand Down
1 change: 1 addition & 0 deletions integration/hurl/tests_ok/unix_socket.curl
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
curl --unix-socket 'build/unix_socket.sock' 'http://example/hello'
4 changes: 4 additions & 0 deletions integration/hurl/tests_ok/unix_socket.hurl
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
GET http://example/hello
HTTP 200
[Asserts]
`Hello World!`
1 change: 1 addition & 0 deletions integration/hurl/tests_ok/unix_socket.out
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Hello World!
11 changes: 11 additions & 0 deletions integration/hurl/tests_ok/unix_socket.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Set-StrictMode -Version latest
$ErrorActionPreference = 'Stop'

$ErrorActionPreference = 'Continue'
curl --version | grep Features | grep -q UnixSockets
if ($LASTEXITCODE -eq 1) {
exit 255
}
$ErrorActionPreference = 'Stop'

hurl --unix-socket build/unix_socket.sock --verbose tests_ok/unix_socket.hurl
3 changes: 3 additions & 0 deletions integration/hurl/tests_ok/unix_socket.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/bash
set -Eeuo pipefail
hurl --unix-socket build/unix_socket.sock --verbose tests_ok/unix_socket.hurl
33 changes: 33 additions & 0 deletions integration/hurl/unix_socket/server.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/usr/bin/env python3
from os import path, unlink
from socket import socket, AF_UNIX
from flask import Flask

app = Flask("Unix Domain Sockets Server")


@app.route("/hello")
def hello():
return "Hello World!"


def main():
sock = socket(AF_UNIX)
socket_path = "build/unix_socket.sock"

try:
unlink(socket_path)
except OSError:
if path.exists(socket_path):
raise

sock.bind(socket_path)

try:
app.run(host="unix://" + socket_path)
finally:
unlink(socket_path)


if __name__ == "__main__":
main()
1 change: 1 addition & 0 deletions packages/hurl/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -964,6 +964,7 @@ will follow a redirection only for the second entry.
| <a href="#ssl-no-revoke" id="ssl-no-revoke"><code>--ssl-no-revoke</code></a> | (Windows) This option tells Hurl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.<br> |
| <a href="#test" id="test"><code>--test</code></a> | Activate test mode: with this, the HTTP response is not outputted anymore, progress is reported for each Hurl file tested, and a text summary is displayed when all files have been run.<br> |
| <a href="#to-entry" id="to-entry"><code>--to-entry &lt;ENTRY_NUMBER&gt;</code></a> | Execute Hurl file to ENTRY_NUMBER (starting at 1).<br>Ignore the remaining of the file. It is useful for debugging a session.<br> |
| <a href="#unix-socket" id="unix-socket"><code>--unix-socket &lt;PATH&gt;</code></a> | (HTTP) Connect through this Unix domain socket, instead of using the network.<br> |
| <a href="#user" id="user"><code>-u, --user &lt;USER:PASSWORD&gt;</code></a> | Add basic Authentication header to each request.<br> |
| <a href="#user-agent" id="user-agent"><code>-A, --user-agent &lt;NAME&gt;</code></a> | Specify the User-Agent string to send to the HTTP server.<br> |
| <a href="#variable" id="variable"><code>--variable &lt;NAME=VALUE&gt;</code></a> | Define variable (name/value) to be used in Hurl templates.<br> |
Expand Down
8 changes: 8 additions & 0 deletions packages/hurl/src/cli/options/commands.rs
Original file line number Diff line number Diff line change
Expand Up @@ -405,6 +405,14 @@ pub fn to_entry() -> clap::Arg {
.num_args(1)
}

pub fn unix_socket() -> clap::Arg {
clap::Arg::new("unix_socket")
.long("unix-socket")
.value_name("PATH")
.help("(HTTP) Connect through this Unix domain socket, instead of using the network.")
.num_args(1)
}

pub fn user() -> clap::Arg {
clap::Arg::new("user")
.long("user")
Expand Down
4 changes: 4 additions & 0 deletions packages/hurl/src/cli/options/matches.rs
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,10 @@ pub fn to_entry(arg_matches: &ArgMatches) -> Option<usize> {
get::<u32>(arg_matches, "to_entry").map(|x| x as usize)
}

pub fn unix_socket(arg_matches: &ArgMatches) -> Option<String> {
get::<String>(arg_matches, "unix_socket")
}

pub fn user(arg_matches: &ArgMatches) -> Option<String> {
get::<String>(arg_matches, "user")
}
Expand Down
Loading

0 comments on commit e57b96e

Please sign in to comment.