add ratelimit tests

2017-03-30 16:31:22 -07:00 · 2017-03-30 16:31:22 -07:00 · 4c73e6310d
commit 4c73e6310d
parent f66d5185ad
3 changed files with 53 additions and 0 deletions
--- a/cloudron.js
+++ b/cloudron.js
@ -3,6 +3,7 @@
 'use strict';

 var assert = require('assert'),
+    async = require('async'),
    common = require('./common.js'),
    debug = require('debug')('e2e:cloudron'),
    dns = require('dns'),
@ -643,6 +644,15 @@ Cloudron.prototype.checkAddons = function (domain, owner) {
    throw lastError;
 };

+Cloudron.prototype.checkAppRateLimit = function (domain) {
+    var res = request.post('https://' + domain + '/ratelimit').end();
+
+    assert.strictEqual(res.statusCode, 200);
+    for (var addon in res.body) {
+       assert.strictEqual(res.body[addon], 'OK');
+    }
+};
+ 
 Cloudron.prototype.checkDnsbl = function (domain) {
    var res = request.post('https://' + domain + '/check_dnsbl').end();
    common.verifyResponse2xx(res, 'Could not query dnsbl');
@ -760,3 +770,28 @@ Cloudron.prototype.checkMail = function (account, callback) {
        body: common.regexp('This release depends on you')
    }, callback);
 };
+
+Cloudron.prototype.checkTcpRateLimit = function (port, times, callback) {
+    tcpBomb(this._adminFqdn, port, times, 900 /* timeout */, function (error, result) {
+        if (error) return callback(new Error(host + ':' + port + ':' + error.message)); 
+
+        if (result.timeout) return callback(null, { status: 'OK' }); // something timedout, this is good enough
+
+        return callback(new Error(host + ':' + port + ':' + JSON.stringify(result, null, 4)));
+    });
+};
+
+Cloudron.prototype.checkNginxRateLimit = function (times, callback) {
+    var ok = 0;
+
+    async.times(times, function (n, done) {
+        var client = new net.Socket();
+ 
+        var res = request.post('https://' + this._box.ip + '/api/v1/developer/login').send({ username: owner.username, password: owner.password }).end();
+
+        if (res.statusCode === 200) ++ok;
+    });
+
+    callback(ok == times ? new Error('All requests succeeded') : null);
+};
+
--- a/test/app-flow-test.js
+++ b/test/app-flow-test.js
@ -71,6 +71,10 @@ describe('Application flow test', function () {
        cloudron.checkAddons(cloudron.appFqdn(location), owner);
    });

+    it('can check the app ratelimit', function () {
+        cloudron.checkAppRateLimit(cloudron.appFqdn(location));
+    });
+
    it('can check dnsbl', function () {
        cloudron.checkDnsbl(cloudron.appFqdn(location));
    });
--- a/test/new-user-test.js
+++ b/test/new-user-test.js
@ -132,6 +132,20 @@ describe('Appstore new user flow', function () {
        ], done);
    });

+    it('does TCP ratelimiting', function (done) {
+        async.series([
+            cloudron.checkTcpRateLimit.bind(cloudron, 202, 5), // ssh
+            cloudron.checkTcpRateLimit.bind(cloudron, 25, 50), // mail
+            cloudron.checkTcpRateLimit.bind(cloudron, 587, 50), // msa
+            cloudron.checkTcpRateLimit.bind(cloudron, 993, 50), // imap
+            cloudron.checkTcpRateLimit.bind(cloudron, 4190, 50), // sieve
+        ], done);
+    });
+
+    it('does nginx ratelimiting', function (done) {
+        cloudron.checkNginxRateLimit(10, done);
+    });
+
    it('can delete the cloudron', function () {
        appStore.deleteCloudron(box);
    });