diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-06-05 15:52:06 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-06-05 15:52:06 -0400 |
| commit | e3b1573be6aefc91946fa4649591ed1690d77ee8 (patch) | |
| tree | 449e6a0f317b7ce73a18b3c34477f474247f074f | |
| parent | dd573f72b2f20b9aec310ee298ac4e9b737f835d (diff) | |
| parent | 91f49bc0f0759d0e0a794fbfe8cce5a9bb07e607 (diff) | |
| download | tor-e3b1573be6aefc91946fa4649591ed1690d77ee8.tar.gz tor-e3b1573be6aefc91946fa4649591ed1690d77ee8.zip | |
Merge branch 'maint-0.3.0'
| -rw-r--r-- | changes/bug22460_case1 | 16 | ||||
| -rw-r--r-- | changes/bug22460_case2 | 8 | ||||
| -rw-r--r-- | src/common/tortls.c | 27 | ||||
| -rw-r--r-- | src/common/tortls.h | 1 | ||||
| -rw-r--r-- | src/or/connection_or.c | 51 | ||||
| -rw-r--r-- | src/or/connection_or.h | 4 | ||||
| -rw-r--r-- | src/or/main.c | 17 | ||||
| -rw-r--r-- | src/or/or.h | 6 | ||||
| -rw-r--r-- | src/or/router.c | 5 | ||||
| -rw-r--r-- | src/or/routerkeys.c | 37 | ||||
| -rw-r--r-- | src/or/routerkeys.h | 2 | ||||
| -rw-r--r-- | src/test/test_link_handshake.c | 39 | ||||
| -rw-r--r-- | src/test/test_routerkeys.c | 20 | ||||
| -rw-r--r-- | src/test/test_shared_random.c | 4 |
14 files changed, 190 insertions, 47 deletions
diff --git a/changes/bug22460_case1 b/changes/bug22460_case1 new file mode 100644 index 0000000000..cfe78ad791 --- /dev/null +++ b/changes/bug22460_case1 @@ -0,0 +1,16 @@ + o Major bugfixes (relays, key management): + - Regenerate link and authentication certificates whenever the key that + signs them changes; also, regenerate link certificates whenever the + signed key changes. Previously, these processes were only weakly + coupled, and we relays could (for minutes to hours) wind up with an + inconsistent set of keys and certificates, which other relays + would not accept. Fixes two cases of bug 22460; bugfix on + 0.3.0.1-alpha. + - When sending an Ed25519 signing->link certificate in a CERTS cell, + send the certificate that matches the x509 certificate that we used + on the TLS connection. Previously, there was a race condition if + the TLS context rotated after we began the TLS handshake but + before we sent the CERTS cell. Fixes a case of bug 22460; bugfix + on 0.3.0.1-alpha. + + diff --git a/changes/bug22460_case2 b/changes/bug22460_case2 new file mode 100644 index 0000000000..0a11759832 --- /dev/null +++ b/changes/bug22460_case2 @@ -0,0 +1,8 @@ + o Major bugfixes (relay, link handshake): + + - When performing the v3 link handshake on a TLS connection, report that + we have the x509 certificate that we actually used on that connection, + even if we have changed certificates since that connection was first + opened. Previously, we would claim to have used our most recent x509 + link certificate, which would sometimes make the link handshake fail. + Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha. diff --git a/src/common/tortls.c b/src/common/tortls.c index 42fb91a9f7..44db3aec58 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -705,11 +705,13 @@ tor_x509_cert_new,(X509 *x509_cert)) return cert; } -/** Return a copy of <b>cert</b> */ +/** Return a new copy of <b>cert</b>. */ tor_x509_cert_t * tor_x509_cert_dup(const tor_x509_cert_t *cert) { - return tor_x509_cert_new(X509_dup(cert->cert)); + tor_assert(cert); + X509 *x509 = cert->cert; + return tor_x509_cert_new(X509_dup(x509)); } /** Read a DER-encoded X509 cert, of length exactly <b>certificate_len</b>, @@ -2047,7 +2049,8 @@ tor_tls_peer_has_cert(tor_tls_t *tls) return 1; } -/** Return the peer certificate, or NULL if there isn't one. */ +/** Return a newly allocated copy of the peer certificate, or NULL if there + * isn't one. */ MOCK_IMPL(tor_x509_cert_t *, tor_tls_get_peer_cert,(tor_tls_t *tls)) { @@ -2059,6 +2062,24 @@ tor_tls_get_peer_cert,(tor_tls_t *tls)) return tor_x509_cert_new(cert); } +/** Return a newly allocated copy of the cerficate we used on the connection, + * or NULL if somehow we didn't use one. */ +MOCK_IMPL(tor_x509_cert_t *, +tor_tls_get_own_cert,(tor_tls_t *tls)) +{ + X509 *cert = SSL_get_certificate(tls->ssl); + tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE, + "getting own-connection certificate"); + if (!cert) + return NULL; + /* Fun inconsistency: SSL_get_peer_certificate increments the reference + * count, but SSL_get_certificate does not. */ + X509 *duplicate = X509_dup(cert); + if (BUG(duplicate == NULL)) + return NULL; + return tor_x509_cert_new(duplicate); +} + /** Warn that a certificate lifetime extends through a certain range. */ static void log_cert_lifetime(int severity, const X509 *cert, const char *problem, diff --git a/src/common/tortls.h b/src/common/tortls.h index fd0186cf90..f430aff70b 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -219,6 +219,7 @@ int tor_tls_is_server(tor_tls_t *tls); void tor_tls_free(tor_tls_t *tls); int tor_tls_peer_has_cert(tor_tls_t *tls); MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls)); +MOCK_DECL(tor_x509_cert_t *,tor_tls_get_own_cert,(tor_tls_t *tls)); int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity); int tor_tls_check_lifetime(int severity, tor_tls_t *tls, time_t now, diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 280f8f70ad..ab0f411cc5 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1838,6 +1838,9 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here) s->started_here = started_here ? 1 : 0; s->digest_sent_data = 1; s->digest_received_data = 1; + if (! started_here && get_current_link_cert_cert()) { + s->own_link_cert = tor_cert_dup(get_current_link_cert_cert()); + } s->certs = or_handshake_certs_new(); s->certs->started_here = s->started_here; return 0; @@ -1852,6 +1855,7 @@ or_handshake_state_free(or_handshake_state_t *state) crypto_digest_free(state->digest_sent); crypto_digest_free(state->digest_received); or_handshake_certs_free(state->certs); + tor_cert_free(state->own_link_cert); memwipe(state, 0xBE, sizeof(or_handshake_state_t)); tor_free(state); } @@ -2228,7 +2232,8 @@ add_certs_cell_cert_helper(certs_cell_t *certs_cell, /** Add an encoded X509 cert (stored as <b>cert_len</b> bytes at * <b>cert_encoded</b>) to the trunnel certs_cell_t object that we are - * building in <b>certs_cell</b>. Set its type field to <b>cert_type</b>. */ + * building in <b>certs_cell</b>. Set its type field to <b>cert_type</b>. + * (If <b>cert</b> is NULL, take no action.) */ static void add_x509_cert(certs_cell_t *certs_cell, uint8_t cert_type, @@ -2246,7 +2251,7 @@ add_x509_cert(certs_cell_t *certs_cell, /** Add an Ed25519 cert from <b>cert</b> to the trunnel certs_cell_t object * that we are building in <b>certs_cell</b>. Set its type field to - * <b>cert_type</b>. */ + * <b>cert_type</b>. (If <b>cert</b> is NULL, take no action.) */ static void add_ed25519_cert(certs_cell_t *certs_cell, uint8_t cert_type, @@ -2259,12 +2264,19 @@ add_ed25519_cert(certs_cell_t *certs_cell, cert->encoded, cert->encoded_len); } +#ifdef TOR_UNIT_TESTS +int certs_cell_ed25519_disabled_for_testing = 0; +#else +#define certs_cell_ed25519_disabled_for_testing 0 +#endif + /** Send a CERTS cell on the connection <b>conn</b>. Return 0 on success, -1 * on failure. */ int connection_or_send_certs_cell(or_connection_t *conn) { - const tor_x509_cert_t *link_cert = NULL, *id_cert = NULL; + const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL; + tor_x509_cert_t *own_link_cert = NULL; var_cell_t *cell; certs_cell_t *certs_cell = NULL; @@ -2277,21 +2289,26 @@ connection_or_send_certs_cell(or_connection_t *conn) const int conn_in_server_mode = ! conn->handshake_state->started_here; /* Get the encoded values of the X509 certificates */ - if (tor_tls_get_my_certs(conn_in_server_mode, &link_cert, &id_cert) < 0) + if (tor_tls_get_my_certs(conn_in_server_mode, + &global_link_cert, &id_cert) < 0) return -1; - tor_assert(link_cert); + if (conn_in_server_mode) { + own_link_cert = tor_tls_get_own_cert(conn->tls); + } tor_assert(id_cert); certs_cell = certs_cell_new(); /* Start adding certs. First the link cert or auth1024 cert. */ if (conn_in_server_mode) { + tor_assert_nonfatal(own_link_cert); add_x509_cert(certs_cell, - OR_CERT_TYPE_TLS_LINK, link_cert); + OR_CERT_TYPE_TLS_LINK, own_link_cert); } else { + tor_assert(global_link_cert); add_x509_cert(certs_cell, - OR_CERT_TYPE_AUTH_1024, link_cert); + OR_CERT_TYPE_AUTH_1024, global_link_cert); } /* Next the RSA->RSA ID cert */ @@ -2303,9 +2320,11 @@ connection_or_send_certs_cell(or_connection_t *conn) CERTTYPE_ED_ID_SIGN, get_master_signing_key_cert()); if (conn_in_server_mode) { + tor_assert_nonfatal(conn->handshake_state->own_link_cert || + certs_cell_ed25519_disabled_for_testing); add_ed25519_cert(certs_cell, CERTTYPE_ED_SIGN_LINK, - get_current_link_cert_cert()); + conn->handshake_state->own_link_cert); } else { add_ed25519_cert(certs_cell, CERTTYPE_ED_SIGN_AUTH, @@ -2338,6 +2357,7 @@ connection_or_send_certs_cell(or_connection_t *conn) connection_or_write_var_cell_to_buf(cell, conn); var_cell_free(cell); certs_cell_free(certs_cell); + tor_x509_cert_free(own_link_cert); return 0; } @@ -2478,10 +2498,10 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, memcpy(auth1_getarray_type(auth), authtype_str, 8); { - const tor_x509_cert_t *id_cert=NULL, *link_cert=NULL; + const tor_x509_cert_t *id_cert=NULL; const common_digests_t *my_digests, *their_digests; const uint8_t *my_id, *their_id, *client_id, *server_id; - if (tor_tls_get_my_certs(server, &link_cert, &id_cert)) + if (tor_tls_get_my_certs(server, NULL, &id_cert)) goto err; my_digests = tor_x509_cert_get_id_digests(id_cert); their_digests = @@ -2536,13 +2556,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, { /* Digest of cert used on TLS link : 32 octets. */ - const tor_x509_cert_t *cert = NULL; - tor_x509_cert_t *freecert = NULL; + tor_x509_cert_t *cert = NULL; if (server) { - tor_tls_get_my_certs(1, &cert, NULL); + cert = tor_tls_get_own_cert(conn->tls); } else { - freecert = tor_tls_get_peer_cert(conn->tls); - cert = freecert; + cert = tor_tls_get_peer_cert(conn->tls); } if (!cert) { log_warn(LD_OR, "Unable to find cert when making %s data.", @@ -2553,8 +2571,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, memcpy(auth->scert, tor_x509_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32); - if (freecert) - tor_x509_cert_free(freecert); + tor_x509_cert_free(cert); } /* HMAC of clientrandom and serverrandom using master key : 32 octets */ diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 4261658932..fe85a3f5fd 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -114,5 +114,9 @@ void var_cell_free(var_cell_t *cell); void connection_or_group_set_badness_(smartlist_t *group, int force); +#ifdef TOR_UNIT_TESTS +extern int certs_cell_ed25519_disabled_for_testing; +#endif + #endif diff --git a/src/or/main.c b/src/or/main.c index 2520a7e21d..9699c8d381 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1551,8 +1551,9 @@ check_ed_keys_callback(time_t now, const or_options_t *options) { if (server_mode(options)) { if (should_make_new_ed_keys(options, now)) { - if (load_ed_keys(options, now) < 0 || - generate_ed_link_cert(options, now)) { + int new_signing_key = load_ed_keys(options, now); + if (new_signing_key < 0 || + generate_ed_link_cert(options, now, new_signing_key > 0)) { log_err(LD_OR, "Unable to update Ed25519 keys! Exiting."); tor_cleanup(); exit(0); @@ -1604,6 +1605,11 @@ rotate_x509_certificate_callback(time_t now, const or_options_t *options) log_err(LD_BUG, "Error reinitializing TLS context"); tor_assert_unreached(); } + if (generate_ed_link_cert(options, now, 1)) { + log_err(LD_OR, "Unable to update Ed25519->TLS link certificate for " + "new TLS context."); + tor_assert_unreached(); + } /* We also make sure to rotate the TLS connections themselves if they've * been up for too long -- but that's done via is_bad_for_new_circs in @@ -2376,8 +2382,9 @@ do_hup(void) /* Maybe we've been given a new ed25519 key or certificate? */ time_t now = approx_time(); - if (load_ed_keys(options, now) < 0 || - generate_ed_link_cert(options, now)) { + int new_signing_key = load_ed_keys(options, now); + if (new_signing_key < 0 || + generate_ed_link_cert(options, now, new_signing_key > 0)) { log_warn(LD_OR, "Problem reloading Ed25519 keys; still using old keys."); } @@ -3745,7 +3752,7 @@ tor_main(int argc, char *argv[]) result = do_main_loop(); break; case CMD_KEYGEN: - result = load_ed_keys(get_options(), time(NULL)); + result = load_ed_keys(get_options(), time(NULL)) < 0; break; case CMD_LIST_FINGERPRINT: result = do_list_fingerprint(); diff --git a/src/or/or.h b/src/or/or.h index 0d29e19d75..1f55b55062 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1471,6 +1471,12 @@ typedef struct or_handshake_state_t { /* True iff we have sent a netinfo cell */ unsigned int sent_netinfo : 1; + /** The signing->ed25519 link certificate corresponding to the x509 + * certificate we used on the TLS connection (if this is a server-side + * connection). We make a copy of this here to prevent a race condition + * caused by TLS context rotation. */ + struct tor_cert_st *own_link_cert; + /** True iff we should feed outgoing cells into digest_sent and * digest_received respectively. * diff --git a/src/or/router.c b/src/or/router.c index 9b4c2445f4..2187a76b48 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -986,7 +986,8 @@ init_keys(void) } /* 1d. Load all ed25519 keys */ - if (load_ed_keys(options,now) < 0) + const int new_signing_key = load_ed_keys(options,now); + if (new_signing_key < 0) return -1; /* 2. Read onion key. Make it if none is found. */ @@ -1056,7 +1057,7 @@ init_keys(void) /* 3b. Get an ed25519 link certificate. Note that we need to do this * after we set up the TLS context */ - if (generate_ed_link_cert(options, now) < 0) { + if (generate_ed_link_cert(options, now, new_signing_key > 0) < 0) { log_err(LD_GENERAL,"Couldn't make link cert"); return -1; } diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index c8d5f701a4..5ab369b671 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -673,6 +673,9 @@ static time_t rsa_ed_crosscert_expiration = 0; /** * Running as a server: load, reload, or refresh our ed25519 keys and * certificates, creating and saving new ones as needed. + * + * Return -1 on failure; 0 on success if the signing key was not replaced; + * and 1 on success if the signing key was replaced. */ int load_ed_keys(const or_options_t *options, time_t now) @@ -685,6 +688,7 @@ load_ed_keys(const or_options_t *options, time_t now) const tor_cert_t *check_signing_cert = NULL; tor_cert_t *sign_cert = NULL; tor_cert_t *auth_cert = NULL; + int signing_key_changed = 0; // It is later than 1972, since otherwise there would be no C compilers. // (Try to diagnose #22466.) @@ -726,7 +730,23 @@ load_ed_keys(const or_options_t *options, time_t now) use_signing = sign; } + if (use_signing) { + /* We loaded a signing key with its certificate. */ + if (! master_signing_key) { + /* We didn't know one before! */ + signing_key_changed = 1; + } else if (! ed25519_pubkey_eq(&use_signing->pubkey, + &master_signing_key->pubkey) || + ! tor_memeq(use_signing->seckey.seckey, + master_signing_key->seckey.seckey, + ED25519_SECKEY_LEN)) { + /* We loaded a different signing key than the one we knew before. */ + signing_key_changed = 1; + } + } + if (!use_signing && master_signing_key) { + /* We couldn't load a signing key, but we already had one loaded */ check_signing_cert = signing_key_cert; use_signing = master_signing_key; } @@ -886,6 +906,7 @@ load_ed_keys(const or_options_t *options, time_t now) if (!sign) FAIL("Missing signing key"); use_signing = sign; + signing_key_changed = 1; tor_assert(sign_cert->signing_key_included); tor_assert(ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey)); @@ -922,6 +943,7 @@ load_ed_keys(const or_options_t *options, time_t now) } if (!current_auth_key || + signing_key_changed || EXPIRES_SOON(auth_key_cert, options->TestingAuthKeySlop)) { auth = ed_key_new(use_signing, INIT_ED_KEY_NEEDCERT, now, @@ -949,7 +971,7 @@ load_ed_keys(const or_options_t *options, time_t now) SET_CERT(auth_key_cert, auth_cert); } - return 0; + return signing_key_changed; err: ed25519_keypair_free(id); ed25519_keypair_free(sign); @@ -963,16 +985,18 @@ load_ed_keys(const or_options_t *options, time_t now) * Retrieve our currently-in-use Ed25519 link certificate and id certificate, * and, if they would expire soon (based on the time <b>now</b>, generate new * certificates (without embedding the public part of the signing key inside). + * If <b>force</b> is true, always generate a new certificate. * - * The signed_key from the expiring certificate will be used to sign the new - * key within newly generated X509 certificate. + * The signed_key from the current id->signing certificate will be used to + * sign the new key within newly generated X509 certificate. * * Returns -1 upon error. Otherwise, returns 0 upon success (either when the * current certificate is still valid, or when a new certificate was * successfully generated). */ int -generate_ed_link_cert(const or_options_t *options, time_t now) +generate_ed_link_cert(const or_options_t *options, time_t now, + int force) { const tor_x509_cert_t *link_ = NULL, *id = NULL; tor_cert_t *link_cert = NULL; @@ -984,7 +1008,8 @@ generate_ed_link_cert(const or_options_t *options, time_t now) const common_digests_t *digests = tor_x509_cert_get_cert_digests(link_); - if (link_cert_cert && + if (force == 0 && + link_cert_cert && ! EXPIRES_SOON(link_cert_cert, options->TestingLinkKeySlop) && fast_memeq(digests->d[DIGEST_SHA256], link_cert_cert->signed_key.pubkey, DIGEST256_LEN)) { @@ -1086,7 +1111,7 @@ init_mock_ed_keys(const crypto_pk_t *rsa_identity_key) MAKECERT(auth_key_cert, master_signing_key, current_auth_key, CERT_TYPE_SIGNING_AUTH, 0); - if (generate_ed_link_cert(get_options(), time(NULL)) < 0) { + if (generate_ed_link_cert(get_options(), time(NULL), 0) < 0) { log_warn(LD_BUG, "Couldn't make link certificate"); goto err; } diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h index 6453c785b5..c10cf32a71 100644 --- a/src/or/routerkeys.h +++ b/src/or/routerkeys.h @@ -66,7 +66,7 @@ MOCK_DECL(int, check_tap_onion_key_crosscert,(const uint8_t *crosscert, int load_ed_keys(const or_options_t *options, time_t now); int should_make_new_ed_keys(const or_options_t *options, const time_t now); -int generate_ed_link_cert(const or_options_t *options, time_t now); +int generate_ed_link_cert(const or_options_t *options, time_t now, int force); int read_encrypted_secret_key(ed25519_secret_key_t *out, const char *fname); diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 217088ee37..6e5f4430d5 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -52,7 +52,7 @@ mock_get_peer_cert(tor_tls_t *tls) if (mock_peer_cert_expect_tortls && mock_peer_cert_expect_tortls != tls) return NULL; - return mock_peer_cert; + return tor_x509_cert_dup(mock_peer_cert); } static int mock_send_netinfo_called = 0; @@ -98,6 +98,14 @@ mock_export_key_material(tor_tls_t *tls, uint8_t *secrets_out, return 0; } +static tor_x509_cert_t *mock_own_cert = NULL; +static tor_x509_cert_t * +mock_get_own_cert(tor_tls_t *tls) +{ + (void)tls; + return tor_x509_cert_dup(mock_own_cert); +} + /* Test good certs cells */ static void test_link_handshake_certs_ok(void *arg) @@ -119,6 +127,7 @@ test_link_handshake_certs_ok(void *arg) MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell); MOCK(connection_or_send_netinfo, mock_send_netinfo); MOCK(tor_tls_get_peer_cert, mock_get_peer_cert); + MOCK(tor_tls_get_own_cert, mock_get_own_cert); key1 = pk_generate(2); key2 = pk_generate(3); @@ -133,9 +142,17 @@ test_link_handshake_certs_ok(void *arg) /* If we're making a CERTS cell for an ed handshake, let's make sure we * have some Ed25519 certificates and keys. */ init_mock_ed_keys(key2); + } else { + certs_cell_ed25519_disabled_for_testing = 1; } /* c1 has started_here == 1 */ + { + const tor_x509_cert_t *link = NULL; + tt_assert(!tor_tls_get_my_certs(1, &link, NULL)); + mock_own_cert = tor_x509_cert_dup(link); + } + c1->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3; c1->link_proto = 3; tt_int_op(connection_init_or_handshake_state(c1, 1), ==, 0); @@ -278,6 +295,9 @@ test_link_handshake_certs_ok(void *arg) UNMOCK(connection_or_write_var_cell_to_buf); UNMOCK(connection_or_send_netinfo); UNMOCK(tor_tls_get_peer_cert); + UNMOCK(tor_tls_get_own_cert); + tor_x509_cert_free(mock_own_cert); + mock_own_cert = NULL; memset(c1->identity_digest, 0, sizeof(c1->identity_digest)); memset(c2->identity_digest, 0, sizeof(c2->identity_digest)); connection_free_(TO_CONN(c1)); @@ -315,6 +335,7 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj) UNMOCK(connection_or_send_netinfo); UNMOCK(connection_or_close_for_error); UNMOCK(tor_tls_get_peer_cert); + UNMOCK(tor_tls_get_own_cert); if (d) { tor_free(d->cell); @@ -880,6 +901,11 @@ test_link_handshake_send_authchallenge(void *arg) or_connection_t *c1 = or_connection_new(CONN_TYPE_OR, AF_INET); var_cell_t *cell1=NULL, *cell2=NULL; + crypto_pk_t *rsa0 = pk_generate(0), *rsa1 = pk_generate(1); + tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, + rsa0, rsa1, 86400), ==, 0); + init_mock_ed_keys(rsa0); + MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell); tt_int_op(connection_init_or_handshake_state(c1, 0), ==, 0); @@ -905,6 +931,8 @@ test_link_handshake_send_authchallenge(void *arg) connection_free_(TO_CONN(c1)); tor_free(cell1); tor_free(cell2); + crypto_pk_free(rsa0); + crypto_pk_free(rsa1); } typedef struct authchallenge_data_s { @@ -1118,6 +1146,7 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg) (void) test; UNMOCK(connection_or_write_var_cell_to_buf); UNMOCK(tor_tls_get_peer_cert); + UNMOCK(tor_tls_get_own_cert); UNMOCK(tor_tls_get_tlssecrets); UNMOCK(connection_or_close_for_error); UNMOCK(channel_set_circid_type); @@ -1135,7 +1164,11 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg) crypto_pk_free(d->key2); tor_free(d); } + tor_x509_cert_free(mock_peer_cert); + tor_x509_cert_free(mock_own_cert); mock_peer_cert = NULL; + mock_own_cert = NULL; + return 1; } @@ -1149,6 +1182,7 @@ authenticate_data_setup(const struct testcase_t *test) MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell); MOCK(tor_tls_get_peer_cert, mock_get_peer_cert); + MOCK(tor_tls_get_own_cert, mock_get_own_cert); MOCK(tor_tls_get_tlssecrets, mock_get_tlssecrets); MOCK(connection_or_close_for_error, mock_close_for_err); MOCK(channel_set_circid_type, mock_set_circid_type); @@ -1215,6 +1249,9 @@ authenticate_data_setup(const struct testcase_t *test) mock_peer_cert = tor_x509_cert_decode(der, sz); tt_assert(mock_peer_cert); + mock_own_cert = tor_x509_cert_decode(der, sz); + tt_assert(mock_own_cert); + /* Make an authenticate cell ... */ int authtype; if (is_ed) diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 263923f50f..db6b9b3872 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -450,8 +450,8 @@ test_routerkeys_ed_keys_init_all(void *arg) options->DataDirectory = dir; - tt_int_op(0, ==, load_ed_keys(options, now)); - tt_int_op(0, ==, generate_ed_link_cert(options, now)); + tt_int_op(1, ==, load_ed_keys(options, now)); + tt_int_op(0, ==, generate_ed_link_cert(options, now, 0)); tt_assert(get_master_identity_key()); tt_assert(get_master_identity_key()); tt_assert(get_master_signing_keypair()); @@ -466,7 +466,7 @@ test_routerkeys_ed_keys_init_all(void *arg) /* Call load_ed_keys again, but nothing has changed. */ tt_int_op(0, ==, load_ed_keys(options, now)); - tt_int_op(0, ==, generate_ed_link_cert(options, now)); + tt_int_op(0, ==, generate_ed_link_cert(options, now, 0)); tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id)); tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign)); tt_mem_op(&auth, ==, get_current_auth_keypair(), sizeof(auth)); @@ -474,8 +474,8 @@ test_routerkeys_ed_keys_init_all(void *arg) /* Force a reload: we make new link/auth keys. */ routerkeys_free_all(); - tt_int_op(0, ==, load_ed_keys(options, now)); - tt_int_op(0, ==, generate_ed_link_cert(options, now)); + tt_int_op(1, ==, load_ed_keys(options, now)); + tt_int_op(0, ==, generate_ed_link_cert(options, now, 0)); tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id)); tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign)); tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert())); @@ -489,7 +489,7 @@ test_routerkeys_ed_keys_init_all(void *arg) /* Force a link/auth-key regeneration by advancing time. */ tt_int_op(0, ==, load_ed_keys(options, now+3*86400)); - tt_int_op(0, ==, generate_ed_link_cert(options, now+3*86400)); + tt_int_op(0, ==, generate_ed_link_cert(options, now+3*86400, 0)); tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id)); tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign)); tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert())); @@ -502,8 +502,8 @@ test_routerkeys_ed_keys_init_all(void *arg) memcpy(&auth, get_current_auth_keypair(), sizeof(auth)); /* Force a signing-key regeneration by advancing time. */ - tt_int_op(0, ==, load_ed_keys(options, now+100*86400)); - tt_int_op(0, ==, generate_ed_link_cert(options, now+100*86400)); + tt_int_op(1, ==, load_ed_keys(options, now+100*86400)); + tt_int_op(0, ==, generate_ed_link_cert(options, now+100*86400, 0)); tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id)); tt_mem_op(&sign, !=, get_master_signing_keypair(), sizeof(sign)); tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert())); @@ -520,8 +520,8 @@ test_routerkeys_ed_keys_init_all(void *arg) routerkeys_free_all(); unlink(get_fname("test_ed_keys_init_all/keys/" "ed25519_master_id_secret_key")); - tt_int_op(0, ==, load_ed_keys(options, now)); - tt_int_op(0, ==, generate_ed_link_cert(options, now)); + tt_int_op(1, ==, load_ed_keys(options, now)); + tt_int_op(0, ==, generate_ed_link_cert(options, now, 0)); tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id)); tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign)); tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert())); diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c index d511f163e3..026a0f3825 100644 --- a/src/test/test_shared_random.c +++ b/src/test/test_shared_random.c @@ -48,7 +48,7 @@ init_authority_state(void) mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); tt_assert(mock_cert); options->AuthoritativeDir = 1; - tt_int_op(0, ==, load_ed_keys(options, time(NULL))); + tt_int_op(load_ed_keys(options, time(NULL)), OP_GE, 0); sr_state_init(0, 0); /* It's possible a commit has been generated in our state depending on * the phase we are currently in which uses "now" as the starting @@ -286,7 +286,7 @@ test_sr_commit(void *arg) tt_assert(auth_cert); options->AuthoritativeDir = 1; - tt_int_op(0, ==, load_ed_keys(options, now)); + tt_int_op(load_ed_keys(options, time(NULL)), OP_GE, 0); } /* Generate our commit object and validate it has the appropriate field |