diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-10-25 19:30:50 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-10-26 08:32:48 -0400 |
| commit | 8cc528c75067567ef32822e5bdb39535cea5d5e8 (patch) | |
| tree | 2deac85d98eac5d5b3bfc60cf26742de2128a9fe /src/test/test_dir.c | |
| parent | 01482e30ad8a453f3721ef17a4a9633806b90684 (diff) | |
| download | tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.tar.gz tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.zip | |
Allow asking a bridge's own descriptor over one-hop connection
When we refactored purpose_needs_anonymity(), we made it so _all_
bridge requests required anonymity. But that missed the case
that we are allowed to ask a bridge for its own descriptor.
With this patch, we consider the resource, and allow "authority.z"
("your own descriptor, compressed") for a bridge's server descriptor
to be non-anonymous.
Fix for bug 20410; bug not in any released Tor.
Diffstat (limited to 'src/test/test_dir.c')
| -rw-r--r-- | src/test/test_dir.c | 52 |
1 files changed, 36 insertions, 16 deletions
diff --git a/src/test/test_dir.c b/src/test/test_dir.c index d9c565cc8a..419aa249a7 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -3258,7 +3258,7 @@ test_dir_purpose_needs_anonymity_returns_true_by_default(void *arg) (void)arg; tor_capture_bugs_(1); - tt_int_op(1, ==, purpose_needs_anonymity(0, 0)); + tt_int_op(1, ==, purpose_needs_anonymity(0, 0, NULL)); tt_int_op(1, ==, smartlist_len(tor_get_captured_bug_log_())); tor_end_capture_bugs_(); done: ; @@ -3269,9 +3269,21 @@ test_dir_purpose_needs_anonymity_returns_true_for_bridges(void *arg) { (void)arg; - tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE)); + tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE, NULL)); + tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE, + "foobar")); tt_int_op(1, ==, purpose_needs_anonymity(DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2, - ROUTER_PURPOSE_BRIDGE)); + ROUTER_PURPOSE_BRIDGE, NULL)); + done: ; +} + +static void +test_dir_purpose_needs_anonymity_returns_false_for_own_bridge_desc(void *arg) +{ + (void)arg; + tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_SERVERDESC, + ROUTER_PURPOSE_BRIDGE, + "authority.z")); done: ; } @@ -3282,11 +3294,11 @@ test_dir_purpose_needs_anonymity_returns_true_for_sensitive_purpose(void *arg) tt_int_op(1, ==, purpose_needs_anonymity( DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2, - ROUTER_PURPOSE_GENERAL)); + ROUTER_PURPOSE_GENERAL, NULL)); tt_int_op(1, ==, purpose_needs_anonymity( - DIR_PURPOSE_UPLOAD_RENDDESC_V2, 0)); + DIR_PURPOSE_UPLOAD_RENDDESC_V2, 0, NULL)); tt_int_op(1, ==, purpose_needs_anonymity( - DIR_PURPOSE_FETCH_RENDDESC_V2, 0)); + DIR_PURPOSE_FETCH_RENDDESC_V2, 0, NULL)); done: ; } @@ -3296,17 +3308,24 @@ test_dir_purpose_needs_anonymity_ret_false_for_non_sensitive_conn(void *arg) (void)arg; tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_DIR, - ROUTER_PURPOSE_GENERAL)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_VOTE, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_SIGNATURES, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_STATUS_VOTE, 0)); + ROUTER_PURPOSE_GENERAL, NULL)); + tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_VOTE, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_SIGNATURES, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_STATUS_VOTE, 0, NULL)); tt_int_op(0, ==, purpose_needs_anonymity( - DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_CONSENSUS, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_SERVERDESC, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_EXTRAINFO, 0)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_MICRODESC, 0)); + DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_CONSENSUS, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_SERVERDESC, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_EXTRAINFO, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_MICRODESC, 0, NULL)); done: ; } @@ -5512,6 +5531,7 @@ struct testcase_t dir_tests[] = { DIR(dirserv_set_routerstatus_testing, 0), DIR(http_handling, 0), DIR(purpose_needs_anonymity_returns_true_for_bridges, 0), + DIR(purpose_needs_anonymity_returns_false_for_own_bridge_desc, 0), DIR(purpose_needs_anonymity_returns_true_by_default, 0), DIR(purpose_needs_anonymity_returns_true_for_sensitive_purpose, 0), DIR(purpose_needs_anonymity_ret_false_for_non_sensitive_conn, 0), |