diff options
author | Gabriela Moldovan <gabi@torproject.org> | 2023-02-15 14:52:35 +0000 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2023-03-07 09:46:05 -0500 |
commit | 16c6788fbc30cf0a2611dd021d1797931a53a86d (patch) | |
tree | 10486dd6918e9c97c85fc1539abe6bfec0f5a3ff /src/test | |
parent | 119b84c365da867a6dcb85877f1d13dcf06c59a4 (diff) | |
download | tor-16c6788fbc30cf0a2611dd021d1797931a53a86d.tar.gz tor-16c6788fbc30cf0a2611dd021d1797931a53a86d.zip |
metrics: Add a `reason` label to the HS error metrics.
This adds a `reason` label to the `hs_intro_rejected_intro_req_count` and
`hs_rdv_error_count` metrics introduced in #40755.
Metric look up and intialization is now more a bit more involved. This may be
fine for now, but it will become unwieldy if/when we add more labels (and as
such will need to be refactored).
Also, in the future, we may want to introduce finer grained `reason` labels.
For example, the `invalid_introduce2` label actually covers multiple types of
errors that can happen during the processing of an INTRODUCE2 cell (such as
cell parse errors, replays, decryption errors).
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
Diffstat (limited to 'src/test')
-rw-r--r-- | src/test/test_hs_metrics.c | 19 | ||||
-rw-r--r-- | src/test/test_hs_service.c | 92 |
2 files changed, 98 insertions, 13 deletions
diff --git a/src/test/test_hs_metrics.c b/src/test/test_hs_metrics.c index 03f6aedbb4..b7c0ab53da 100644 --- a/src/test/test_hs_metrics.c +++ b/src/test/test_hs_metrics.c @@ -40,7 +40,7 @@ test_metrics(void *arg) /* Update entry by identifier. */ hs_metrics_update_by_ident(HS_METRICS_NUM_INTRODUCTIONS, - &service->keys.identity_pk, 0, 42); + &service->keys.identity_pk, 0, NULL, 42); /* Confirm the entry value. */ const smartlist_t *entries = metrics_store_get_all(service->metrics.store, @@ -53,24 +53,29 @@ test_metrics(void *arg) /* Update entry by service now. */ hs_metrics_update_by_service(HS_METRICS_NUM_INTRODUCTIONS, - service, 0, 42); + service, 0, NULL, 42); tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 84); + const char *reason = HS_METRICS_ERR_INTRO_REQ_BAD_AUTH_KEY; + /* Update tor_hs_intro_rejected_intro_req_count */ hs_metrics_update_by_ident(HS_METRICS_NUM_REJECTED_INTRO_REQ, - &service->keys.identity_pk, 0, 112); + &service->keys.identity_pk, 0, reason, 112); entries = metrics_store_get_all(service->metrics.store, "tor_hs_intro_rejected_intro_req_count"); tt_assert(entries); - tt_int_op(smartlist_len(entries), OP_EQ, 1); - entry = smartlist_get(entries, 0); + tt_int_op(smartlist_len(entries), OP_EQ, + hs_metrics_intro_req_error_reasons_size); + + entry = metrics_store_find_entry_with_label( + entries, "reason=\"bad_auth_key\""); tt_assert(entry); tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 112); /* Update tor_hs_intro_rejected_intro_req_count entry by service now. */ - hs_metrics_update_by_service(HS_METRICS_NUM_REJECTED_INTRO_REQ, - service, 0, 10); + hs_metrics_update_by_service(HS_METRICS_NUM_REJECTED_INTRO_REQ, service, 0, + reason, 10); tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 122); done: diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 7e675620bd..03a4800f25 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -1229,14 +1229,34 @@ test_bad_introduce2(void *arg) "an INTRODUCE2 cell on circuit"); teardown_capture_of_logs(); - /* Make sure the tor_hs_intro_rejected_intro_req_count metric was - * incremented */ entries = metrics_store_get_all(service->metrics.store, "tor_hs_intro_rejected_intro_req_count"); tt_assert(entries); - tt_int_op(smartlist_len(entries), OP_EQ, 1); - entry = smartlist_get(entries, 0); + /* There are `hs_metrics_intro_req_size` entries (one for each + * possible `reason` label value). */ + tt_int_op(smartlist_len(entries), OP_EQ, + hs_metrics_intro_req_error_reasons_size); + + /* Make sure the tor_hs_intro_rejected_intro_req_count metric was + * only incremented for reason HS_METRICS_ERR_INTRO_REQ_BAD_AUTH_KEY. */ + for (size_t i = 0; i < hs_metrics_intro_req_error_reasons_size; ++i) { + const char *reason = hs_metrics_intro_req_error_reasons[i]; + + if (!strcmp(reason, HS_METRICS_ERR_INTRO_REQ_BAD_AUTH_KEY)) { + continue; + } + + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", reason)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 0); + } + + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_BAD_AUTH_KEY)); tt_assert(entry); tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); @@ -1257,8 +1277,31 @@ test_bad_introduce2(void *arg) tt_u64_op(ip->introduce2_count, OP_EQ, 0); /* Make sure the tor_hs_intro_rejected_intro_req_count metric was incremented - * a second time */ - tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 2); + * a second time, this time, with reason="invalid_introduce2_cell". */ + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_INTRODUCE2)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); + + /* The metric entries with other reason labels are unaffected */ + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_SUBCREDENTIAL)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 0); + + entry = metrics_store_find_entry_with_label( + entries, metrics_format_label( + "reason", HS_METRICS_ERR_INTRO_REQ_INTRODUCE2_REPLAY)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 0); + + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_BAD_AUTH_KEY)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); done: or_state_free(dummy_state); @@ -2293,6 +2336,8 @@ test_intro2_handling(void *arg) /* Disable onionbalance */ x_service.config.ob_master_pubkeys = NULL; x_service.state.replay_cache_rend_cookie = replaycache_new(0,0); + /* Initialize the metrics store */ + hs_metrics_service_init(&x_service); /* Create subcredential for x: */ ed25519_keypair_t x_identity_keypair; @@ -2456,6 +2501,20 @@ test_intro2_handling(void *arg) (uint8_t*)relay_payload, relay_payload_len); tt_int_op(retval, OP_EQ, 0); + /* We haven't encountered any errors yet, so all the introduction request + * error metrics should be 0 */ + const smartlist_t *entries = metrics_store_get_all( + x_service.metrics.store, "tor_hs_intro_rejected_intro_req_count"); + const metrics_store_entry_t *entry = NULL; + + for (size_t i = 0; i < hs_metrics_intro_req_error_reasons_size; ++i) { + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", hs_metrics_intro_req_error_reasons[i])); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 0); + } + /* ************************************************************ */ /* Act IV: @@ -2473,6 +2532,11 @@ test_intro2_handling(void *arg) tt_int_op(retval, OP_EQ, -1); expect_log_msg_containing("with the same ENCRYPTED section"); teardown_capture_of_logs(); + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_INTRODUCE2)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); /* Now cleanup the intro point replay cache but not the service replay cache and see that this one triggers this time. */ @@ -2487,6 +2551,12 @@ test_intro2_handling(void *arg) expect_log_msg_containing("with same REND_COOKIE"); teardown_capture_of_logs(); + entry = metrics_store_find_entry_with_label( + entries, metrics_format_label( + "reason", HS_METRICS_ERR_INTRO_REQ_INTRODUCE2_REPLAY)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); + /* Now just to make sure cleanup both replay caches and make sure that the cell gets through */ replaycache_free(x_ip->replay_cache); @@ -2499,6 +2569,9 @@ test_intro2_handling(void *arg) (uint8_t*)relay_payload, relay_payload_len); tt_int_op(retval, OP_EQ, 0); + /* This time, the error metric was *not* incremented */ + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 1); + /* As a final thing, create an INTRODUCE1 cell from Alice to X using Y's * subcred (should fail since Y is just another instance and not the frontend * service!) */ @@ -2515,7 +2588,13 @@ test_intro2_handling(void *arg) intro_circ, x_ip, &y_subcred, (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, -1); + entry = metrics_store_find_entry_with_label( + entries, + metrics_format_label("reason", HS_METRICS_ERR_INTRO_REQ_INTRODUCE2)); + tt_assert(entry); + tt_int_op(metrics_store_entry_get_value(entry), OP_EQ, 2); done: /* Start cleaning up X */ @@ -2524,6 +2603,7 @@ test_intro2_handling(void *arg) tor_free(x_service.state.ob_subcreds); service_descriptor_free(x_service.desc_current); service_descriptor_free(x_service.desc_next); + hs_metrics_service_free(&x_service); service_intro_point_free(x_ip); /* Clean up Alice */ |