1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
// Copyright (C) 2024 The Qt Company Ltd.
// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
#include <QtHttpServer/private/qhttpserverrequestfilter_p.h>
#include <QtHttpServer/qhttpserverconfiguration.h>
#include <QtTest/qtest.h>
QT_BEGIN_NAMESPACE
class tst_QHttpServerRequestFilter : public QObject
{
Q_OBJECT
private slots:
void testIsRequestWithinRate();
void testIsRequestAllowed();
};
void tst_QHttpServerRequestFilter::testIsRequestWithinRate()
{
using namespace QHttpServerRequestFilterPrivate;
QHttpServerRequestFilter filter1;
QHostAddress address("127.0.0.1");
QCOMPARE(filter1.isRequestWithinRate(address), true);
QHttpServerConfiguration config;
config.setRateLimitPerSecond(0);
filter1.setConfiguration(config);
QCOMPARE(filter1.isRequestWithinRate(address), true);
QHttpServerRequestFilter filter2;
config.setRateLimitPerSecond(1);
filter2.setConfiguration(config);
qint64 currTimeMSec = QDateTime::currentMSecsSinceEpoch();
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), true);
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), false);
// check next period
currTimeMSec += cPeriodDurationMSec + 1;
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), true);
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), false);
// check after 2 periods
currTimeMSec += 2 * cPeriodDurationMSec + 1;
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), true);
QCOMPARE(filter2.isRequestWithinRate(address, currTimeMSec), false);
// check after previous ip info becomes garbage
QHostAddress address2("127.0.0.2");
currTimeMSec += 3 * cPeriodDurationMSec;
QCOMPARE(filter2.isRequestWithinRate(address2, currTimeMSec), true);
QCOMPARE(filter2.isRequestWithinRate(address2, currTimeMSec), false);
// check after this ip becomes garbage
currTimeMSec += 3 * cPeriodDurationMSec;
QCOMPARE(filter2.isRequestWithinRate(address2, currTimeMSec), true);
QCOMPARE(filter2.isRequestWithinRate(address2, currTimeMSec), false);
// higher rate limit
QHttpServerRequestFilter filter3;
const int nRequests = 10;
config.setRateLimitPerSecond(nRequests);
filter3.setConfiguration(config);
currTimeMSec = QDateTime::currentMSecsSinceEpoch();
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), true);
currTimeMSec += cPeriodDurationMSec;
for (int i = 0; i < nRequests - 1; ++i)
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), true);
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), false);
// check next period
currTimeMSec += 1;
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), true);
for (int i = 0; i < nRequests - 1; ++i)
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), true);
QCOMPARE(filter3.isRequestWithinRate(address2, currTimeMSec), false);
// more hosts
QHttpServerRequestFilter filter4;
config.setRateLimitPerSecond(1);
filter4.setConfiguration(config);
currTimeMSec = QDateTime::currentMSecsSinceEpoch();
for (int i = 0; i < 10; ++i) {
const auto hostAddress = QHostAddress(QString("127.0.0.%1").arg(i));
QCOMPARE(filter4.isRequestWithinRate(hostAddress, currTimeMSec), true);
QCOMPARE(filter4.isRequestWithinRate(hostAddress, currTimeMSec), false);
}
// check after all the hosts become garbage
currTimeMSec += 3 * cPeriodDurationMSec;
QCOMPARE(filter4.isRequestWithinRate(QHostAddress("168.0.0.1"), currTimeMSec), true);
}
void tst_QHttpServerRequestFilter::testIsRequestAllowed()
{
using namespace QHttpServerRequestFilterPrivate;
QHttpServerRequestFilter filter;
QHttpServerConfiguration config;
// no blacklist or whitelist set
filter.setConfiguration(config);
QCOMPARE(filter.isRequestAllowed(QHostAddress("127.0.0.1")), true);
// whitelist only
QList<std::pair<QHostAddress, int>> whiteList = {
{ QHostAddress("192.168.1.100"), 32 },
{ QHostAddress("10.0.0.0"), 8 }
};
config.setWhitelist(whiteList);
filter.setConfiguration(config);
QCOMPARE(filter.isRequestAllowed(QHostAddress("192.168.1.100")), true);
QCOMPARE(filter.isRequestAllowed(QHostAddress("192.168.1.101")), false);
QCOMPARE(filter.isRequestAllowed(QHostAddress("10.0.0.50")), true);
QCOMPARE(filter.isRequestAllowed(QHostAddress("11.0.0.1")), false);
// blacklist only
QList<std::pair<QHostAddress, int>> blackList = {
{ QHostAddress("192.168.1.200"), 32 },
{ QHostAddress("172.16.0.0"), 12 }
};
config.setBlacklist(blackList);
config.setWhitelist({});
filter.setConfiguration(config);
QCOMPARE(filter.isRequestAllowed(QHostAddress("192.168.1.200")), false);
QCOMPARE(filter.isRequestAllowed(QHostAddress("192.168.1.201")), true);
QCOMPARE(filter.isRequestAllowed(QHostAddress("172.16.5.10")), false);
QCOMPARE(filter.isRequestAllowed(QHostAddress("172.32.0.1")), true);
// both whitelist and blacklist (whitelist should take priority)
whiteList = {
{ QHostAddress("10.0.0.1"), 32 }
};
blackList = {
{ QHostAddress("10.0.0.0"), 8 }
};
config.setWhitelist(whiteList);
config.setBlacklist(blackList);
filter.setConfiguration(config);
QCOMPARE(filter.isRequestAllowed(QHostAddress("10.0.0.1")), true);
QCOMPARE(filter.isRequestAllowed(QHostAddress("10.0.0.2")), false);
QCOMPARE(filter.isRequestAllowed(QHostAddress("192.168.0.1")), false);
}
QT_END_NAMESPACE
QTEST_MAIN(tst_QHttpServerRequestFilter)
#include "tst_qhttpserverrequestfilter.moc"
|
