diff options
| -rw-r--r-- | changes/prop227 | 5 | ||||
| -rw-r--r-- | doc/tor.1.txt | 6 | ||||
| -rw-r--r-- | src/common/container.c | 25 | ||||
| -rw-r--r-- | src/common/container.h | 8 | ||||
| -rw-r--r-- | src/or/config.c | 9 | ||||
| -rw-r--r-- | src/or/control.c | 2 | ||||
| -rw-r--r-- | src/or/dirserv.c | 86 | ||||
| -rw-r--r-- | src/or/dirserv.h | 2 | ||||
| -rw-r--r-- | src/or/dirvote.c | 100 | ||||
| -rw-r--r-- | src/or/dirvote.h | 6 | ||||
| -rw-r--r-- | src/or/networkstatus.c | 31 | ||||
| -rw-r--r-- | src/or/or.h | 4 | ||||
| -rw-r--r-- | src/or/routerparse.c | 12 | ||||
| -rw-r--r-- | src/test/test_dir.c | 147 |
14 files changed, 435 insertions, 8 deletions
diff --git a/changes/prop227 b/changes/prop227 new file mode 100644 index 0000000000..cd47fe26ba --- /dev/null +++ b/changes/prop227 @@ -0,0 +1,5 @@ + o Minor features (directory system): + - Authorities can now vote on the correct digests and latest versions for + different software packages. This allows packages that include Tor to use + the Tor authority system as a way to get notified of updates and their + correct digests. Implements proposal 227. Closes ticket 10395. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 90dad545c7..99ab8cb0b3 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1886,6 +1886,12 @@ on the public Tor network. multiple times: the values from multiple lines are spliced together. When this is set then **VersioningAuthoritativeDirectory** should be set too. +[[RecommendedPackageVersions]] **RecommendedPackageVersions** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ :: + Adds "package" line to the directory authority's vote. This information + is used to vote on the correct URL and digest for the released versions + of different Tor-related packages, so that the consensus can certify + them. This line may appear any number of times. + [[RecommendedClientVersions]] **RecommendedClientVersions** __STRING__:: STRING is a comma-separated list of Tor versions currently believed to be safe for clients to use. This information is included in version 2 diff --git a/src/common/container.c b/src/common/container.c index 37e28004ae..864fd8a552 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -518,11 +518,13 @@ smartlist_sort(smartlist_t *sl, int (*compare)(const void **a, const void **b)) /** Given a smartlist <b>sl</b> sorted with the function <b>compare</b>, * return the most frequent member in the list. Break ties in favor of - * later elements. If the list is empty, return NULL. + * later elements. If the list is empty, return NULL. If count_out is + * non-null, set it to the most frequent member. */ void * -smartlist_get_most_frequent(const smartlist_t *sl, - int (*compare)(const void **a, const void **b)) +smartlist_get_most_frequent_(const smartlist_t *sl, + int (*compare)(const void **a, const void **b), + int *count_out) { const void *most_frequent = NULL; int most_frequent_count = 0; @@ -530,8 +532,11 @@ smartlist_get_most_frequent(const smartlist_t *sl, const void *cur = NULL; int i, count=0; - if (!sl->num_used) + if (!sl->num_used) { + if (count_out) + *count_out = 0; return NULL; + } for (i = 0; i < sl->num_used; ++i) { const void *item = sl->list[i]; if (cur && 0 == compare(&cur, &item)) { @@ -549,6 +554,8 @@ smartlist_get_most_frequent(const smartlist_t *sl, most_frequent = cur; most_frequent_count = count; } + if (count_out) + *count_out = most_frequent_count; return (void*)most_frequent; } @@ -728,6 +735,16 @@ smartlist_get_most_frequent_string(smartlist_t *sl) return smartlist_get_most_frequent(sl, compare_string_ptrs_); } +/** Return the most frequent string in the sorted list <b>sl</b>. + * If <b>count_out</b> is provided, set <b>count_out</b> to the + * number of times that string appears. + */ +char * +smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out) +{ + return smartlist_get_most_frequent_(sl, compare_string_ptrs_, count_out); +} + /** Remove duplicate strings from a sorted list, and free them with tor_free(). */ void diff --git a/src/common/container.h b/src/common/container.h index 377cdf5dba..6edc80f75b 100644 --- a/src/common/container.h +++ b/src/common/container.h @@ -94,8 +94,11 @@ void smartlist_del_keeporder(smartlist_t *sl, int idx); void smartlist_insert(smartlist_t *sl, int idx, void *val); void smartlist_sort(smartlist_t *sl, int (*compare)(const void **a, const void **b)); -void *smartlist_get_most_frequent(const smartlist_t *sl, - int (*compare)(const void **a, const void **b)); +void *smartlist_get_most_frequent_(const smartlist_t *sl, + int (*compare)(const void **a, const void **b), + int *count_out); +#define smartlist_get_most_frequent(sl, compare) \ + smartlist_get_most_frequent_((sl), (compare), NULL) void smartlist_uniq(smartlist_t *sl, int (*compare)(const void **a, const void **b), void (*free_fn)(void *elt)); @@ -106,6 +109,7 @@ void smartlist_sort_digests256(smartlist_t *sl); void smartlist_sort_pointers(smartlist_t *sl); char *smartlist_get_most_frequent_string(smartlist_t *sl); +char *smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out); char *smartlist_get_most_frequent_digest256(smartlist_t *sl); void smartlist_uniq_strings(smartlist_t *sl); diff --git a/src/or/config.c b/src/or/config.c index f24b19a388..a0d1346afb 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -86,6 +86,7 @@ static config_abbrev_t option_abbrevs_[] = { PLURAL(HiddenServiceExcludeNode), PLURAL(NumCPU), PLURAL(RendNode), + PLURAL(RecommendedPackage), PLURAL(RendExcludeNode), PLURAL(StrictEntryNode), PLURAL(StrictExitNode), @@ -367,6 +368,7 @@ static config_var_t option_vars_[] = { V(RecommendedVersions, LINELIST, NULL), V(RecommendedClientVersions, LINELIST, NULL), V(RecommendedServerVersions, LINELIST, NULL), + V(RecommendedPackages, LINELIST, NULL), V(RefuseUnknownExits, AUTOBOOL, "auto"), V(RejectPlaintextPorts, CSV, ""), V(RelayBandwidthBurst, MEMUNIT, "0"), @@ -2743,6 +2745,13 @@ options_validate(or_options_t *old_options, or_options_t *options, "features to be broken in unpredictable ways."); } + for (cl = options->RecommendedPackages; cl; cl = cl->next) { + if (! validate_recommended_package_line(cl->value)) { + log_warn(LD_CONFIG, "Invalid RecommendedPackage line %s will be ignored", + escaped(cl->value)); + } + } + if (options->AuthoritativeDir) { if (!options->ContactInfo && !options->TestingTorNetwork) REJECT("Authoritative directory servers must set ContactInfo"); diff --git a/src/or/control.c b/src/or/control.c index e963aeab7f..24e1479b50 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -2183,6 +2183,8 @@ static const getinfo_item_t getinfo_items[] = { "Brief summary of router status by nickname (v2 directory format)."), PREFIX("ns/purpose/", networkstatus, "Brief summary of router status by purpose (v2 directory format)."), + PREFIX("consensus/", networkstatus, + "Information about and from the ns consensus."), ITEM("network-status", dir, "Brief summary of router status (v1 directory format)"), ITEM("circuit-status", events, "List of current circuits originating here."), diff --git a/src/or/dirserv.c b/src/or/dirserv.c index b694f8af77..0be2a2071e 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2511,6 +2511,15 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; + v3_out->package_lines = smartlist_new(); + { + config_line_t *cl; + for (cl = get_options()->RecommendedPackages; cl; cl = cl->next) { + if (validate_recommended_package_line(cl->value)) + smartlist_add(v3_out->package_lines, tor_strdup(cl->value)); + } + } + v3_out->known_flags = smartlist_new(); smartlist_split_string(v3_out->known_flags, "Authority Exit Fast Guard Stable V2Dir Valid", @@ -3256,6 +3265,83 @@ connection_dirserv_flushed_some(dir_connection_t *conn) } } +/** Return true iff <b>line</b> is a valid RecommendedPackages line. + */ +/* + The grammar is: + + "package" SP PACKAGENAME SP VERSION SP URL SP DIGESTS NL + + PACKAGENAME = NONSPACE + VERSION = NONSPACE + URL = NONSPACE + DIGESTS = DIGEST | DIGESTS SP DIGEST + DIGEST = DIGESTTYPE "=" DIGESTVAL + + NONSPACE = one or more non-space printing characters + + DIGESTVAL = DIGESTTYPE = one or more non-=, non-" " characters. + + SP = " " + NL = a newline + + */ +int +validate_recommended_package_line(const char *line) +{ + const char *cp = line; + +#define WORD() \ + do { \ + if (*cp == ' ') \ + return 0; \ + cp = strchr(cp, ' '); \ + if (!cp) \ + return 0; \ + } while (0) + + WORD(); /* skip packagename */ + ++cp; + WORD(); /* skip version */ + ++cp; + WORD(); /* Skip URL */ + ++cp; + + /* Skip digesttype=digestval + */ + int n_entries = 0; + while (1) { + const char *start_of_word = cp; + const char *end_of_word = strchr(cp, ' '); + if (! end_of_word) + end_of_word = cp + strlen(cp); + + if (start_of_word == end_of_word) + return 0; + + const char *eq = memchr(start_of_word, '=', end_of_word - start_of_word); + + if (!eq) + return 0; + if (eq == start_of_word) + return 0; + if (eq == end_of_word - 1) + return 0; + if (memchr(eq+1, '=', end_of_word - (eq+1))) + return 0; + + ++n_entries; + if (0 == *end_of_word) + break; + + cp = end_of_word + 1; + } + + if (n_entries == 0) + return 0; + + return 1; +} + /** Release all storage used by the directory server. */ void dirserv_free_all(void) diff --git a/src/or/dirserv.h b/src/or/dirserv.h index d4ce54260c..514ec444e6 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -104,6 +104,8 @@ void dirserv_free_all(void); void cached_dir_decref(cached_dir_t *d); cached_dir_t *new_cached_dir(char *s, time_t published); +int validate_recommended_package_line(const char *line); + #ifdef DIRSERV_PRIVATE /* Put the MAX_MEASUREMENT_AGE #define here so unit tests can see it */ diff --git a/src/or/dirvote.c b/src/or/dirvote.c index f0dcc88070..7739c52d15 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -66,6 +66,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, { smartlist_t *chunks = smartlist_new(); const char *client_versions = NULL, *server_versions = NULL; + char *packages = NULL; char fingerprint[FINGERPRINT_LEN+1]; char digest[DIGEST_LEN]; uint32_t addr; @@ -98,6 +99,18 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, server_versions_line = tor_strdup(""); } + if (v3_ns->package_lines) { + smartlist_t *tmp = smartlist_new(); + SMARTLIST_FOREACH(v3_ns->package_lines, const char *, p, + if (validate_recommended_package_line(p)) + smartlist_add_asprintf(tmp, "package %s\n", p)); + packages = smartlist_join_strings(tmp, "", 0, NULL); + SMARTLIST_FOREACH(tmp, char *, cp, tor_free(cp)); + smartlist_free(tmp); + } else { + packages = tor_strdup(""); + } + { char published[ISO_TIME_LEN+1]; char va[ISO_TIME_LEN+1]; @@ -132,6 +145,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, "valid-until %s\n" "voting-delay %d %d\n" "%s%s" /* versions */ + "%s" /* packages */ "known-flags %s\n" "flag-thresholds %s\n" "params %s\n" @@ -143,6 +157,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, v3_ns->vote_seconds, v3_ns->dist_seconds, client_versions_line, server_versions_line, + packages, flags, flag_thresholds, params, @@ -230,6 +245,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, done: tor_free(client_versions_line); tor_free(server_versions_line); + tor_free(packages); SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); smartlist_free(chunks); @@ -1037,6 +1053,7 @@ networkstatus_compute_consensus(smartlist_t *votes, const routerstatus_format_type_t rs_format = flavor == FLAV_NS ? NS_V3_CONSENSUS : NS_V3_CONSENSUS_MICRODESC; char *params = NULL; + char *packages = NULL; int added_weights = 0; tor_assert(flavor == FLAV_NS || flavor == FLAV_MICRODESC); tor_assert(total_authorities >= smartlist_len(votes)); @@ -1120,6 +1137,11 @@ networkstatus_compute_consensus(smartlist_t *votes, n_versioning_servers); client_versions = compute_consensus_versions_list(combined_client_versions, n_versioning_clients); + if (consensus_method >= MIN_METHOD_FOR_PACKAGE_LINES) { + packages = compute_consensus_package_lines(votes); + } else { + packages = tor_strdup(""); + } SMARTLIST_FOREACH(combined_server_versions, char *, cp, tor_free(cp)); SMARTLIST_FOREACH(combined_client_versions, char *, cp, tor_free(cp)); @@ -1162,10 +1184,13 @@ networkstatus_compute_consensus(smartlist_t *votes, "voting-delay %d %d\n" "client-versions %s\n" "server-versions %s\n" + "%s" /* packages */ "known-flags %s\n", va_buf, fu_buf, vu_buf, vote_seconds, dist_seconds, - client_versions, server_versions, flaglist); + client_versions, server_versions, + packages, + flaglist); tor_free(flaglist); } @@ -1852,6 +1877,7 @@ networkstatus_compute_consensus(smartlist_t *votes, tor_free(client_versions); tor_free(server_versions); + tor_free(packages); SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp)); smartlist_free(flags); SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); @@ -1860,6 +1886,78 @@ networkstatus_compute_consensus(smartlist_t *votes, return result; } +/** Given a list of networkstatus_t for each vote, return a newly allocated + * string containing the "package" lines for the vote. */ +STATIC char * +compute_consensus_package_lines(smartlist_t *votes) +{ + const int n_votes = smartlist_len(votes); + + /* This will be a map from "packagename version" strings to arrays + * of const char *, with the i'th member of the array corresponding to the + * package line from the i'th vote. + */ + strmap_t *package_status = strmap_new(); + + SMARTLIST_FOREACH_BEGIN(votes, networkstatus_t *, v) { + if (! v->package_lines) + continue; + SMARTLIST_FOREACH_BEGIN(v->package_lines, const char *, line) { + if (! validate_recommended_package_line(line)) + continue; + + /* Skip 'cp' to the second space in the line. */ + const char *cp = strchr(line, ' '); + if (!cp) continue; + ++cp; + cp = strchr(cp, ' '); + if (!cp) continue; + + char *key = tor_strndup(line, cp - line); + + const char **status = strmap_get(package_status, key); + if (!status) { + status = tor_calloc(n_votes, sizeof(const char *)); + strmap_set(package_status, key, status); + } + status[v_sl_idx] = line; /* overwrite old value */ + tor_free(key); + } SMARTLIST_FOREACH_END(line); + } SMARTLIST_FOREACH_END(v); + + smartlist_t *entries = smartlist_new(); /* temporary */ + smartlist_t *result_list = smartlist_new(); /* output */ + STRMAP_FOREACH(package_status, key, const char **, values) { + int i, count=-1; + for (i = 0; i < n_votes; ++i) { + if (values[i]) + smartlist_add(entries, (void*) values[i]); + } + smartlist_sort_strings(entries); + int n_voting_for_entry = smartlist_len(entries); + const char *most_frequent = + smartlist_get_most_frequent_string_(entries, &count); + + if (n_voting_for_entry >= 3 && count > n_voting_for_entry / 2) { + smartlist_add_asprintf(result_list, "package %s\n", most_frequent); + } + + smartlist_clear(entries); + + } STRMAP_FOREACH_END; + + smartlist_sort_strings(result_list); + + char *result = smartlist_join_strings(result_list, "", 0, NULL); + + SMARTLIST_FOREACH(result_list, char *, cp, tor_free(cp)); + smartlist_free(result_list); + smartlist_free(entries); + strmap_free(package_status, tor_free_); + + return result; +} + /** Given a consensus vote <b>target</b> and a set of detached signatures in * <b>sigs</b> that correspond to the same consensus, check whether there are * any new signatures in <b>src_voter_list</b> that should be added to diff --git a/src/or/dirvote.h b/src/or/dirvote.h index 8908336fa1..20dcbcd5b6 100644 --- a/src/or/dirvote.h +++ b/src/or/dirvote.h @@ -55,7 +55,7 @@ #define MIN_SUPPORTED_CONSENSUS_METHOD 13 /** The highest consensus method that we currently support. */ -#define MAX_SUPPORTED_CONSENSUS_METHOD 18 +#define MAX_SUPPORTED_CONSENSUS_METHOD 19 /** Lowest consensus method where microdesc consensuses omit any entry * with no microdesc. */ @@ -79,6 +79,9 @@ * microdescriptors. */ #define MIN_METHOD_FOR_ID_HASH_IN_MD 18 +/** Lowest consensus method where we include "package" lines*/ +#define MIN_METHOD_FOR_PACKAGE_LINES 19 + /** Default bandwidth to clip unmeasured bandwidths to using method >= * MIN_METHOD_TO_CLIP_UNMEASURED_BW */ #define DEFAULT_MAX_UNMEASURED_BW_KB 20 @@ -160,6 +163,7 @@ STATIC char *format_networkstatus_vote(crypto_pk_t *private_key, networkstatus_t *v3_ns); STATIC char *dirvote_compute_params(smartlist_t *votes, int method, int total_authorities); +STATIC char *compute_consensus_package_lines(smartlist_t *votes); #endif #endif diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 59ba1e6cb7..da110fdff6 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -257,6 +257,10 @@ networkstatus_vote_free(networkstatus_t *ns) SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c)); smartlist_free(ns->supported_methods); } + if (ns->package_lines) { + SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c)); + smartlist_free(ns->package_lines); + } if (ns->voters) { SMARTLIST_FOREACH_BEGIN(ns->voters, networkstatus_voter_info_t *, voter) { tor_free(voter->nickname); @@ -1909,6 +1913,33 @@ getinfo_helper_networkstatus(control_connection_t *conn, } else if (!strcmpstart(question, "ns/purpose/")) { *answer = networkstatus_getinfo_by_purpose(question+11, time(NULL)); return *answer ? 0 : -1; + } else if (!strcmp(question, "consensus/packages")) { + const networkstatus_t *ns = networkstatus_get_latest_consensus(); + if (ns && ns->package_lines) + *answer = smartlist_join_strings(ns->package_lines, "\n", 0, NULL); + else + *errmsg = "No consensus available"; + return *answer ? 0 : -1; + } else if (!strcmp(question, "consensus/valid-after") || + !strcmp(question, "consensus/fresh-until") || + !strcmp(question, "consensus/valid-until")) { + const networkstatus_t *ns = networkstatus_get_latest_consensus(); + if (ns) { + time_t t; + if (!strcmp(question, "consensus/valid-after")) + t = ns->valid_after; + else if (!strcmp(question, "consensus/fresh-until")) + t = ns->fresh_until; + else + t = ns->valid_until; + + char tbuf[ISO_TIME_LEN+1]; + format_iso_time(tbuf, t); + *answer = tor_strdup(tbuf); + } else { + *errmsg = "No consensus available"; + } + return *answer ? 0 : -1; } else { return 0; } diff --git a/src/or/or.h b/src/or/or.h index 4207f3d7b3..520b7dba89 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2417,6 +2417,9 @@ typedef struct networkstatus_t { /** Vote only: what methods is this voter willing to use? */ smartlist_t *supported_methods; + /** List of 'package' lines describing hashes of downloadable packages */ + smartlist_t *package_lines; + /** How long does this vote/consensus claim that authorities take to * distribute their votes to one another? */ int vote_seconds; @@ -3433,6 +3436,7 @@ typedef struct { config_line_t *RecommendedVersions; config_line_t *RecommendedClientVersions; config_line_t *RecommendedServerVersions; + config_line_t *RecommendedPackages; /** Whether dirservers allow router descriptors with private IPs. */ int DirAllowPrivateAddresses; /** Whether routers accept EXTEND cells to routers with private IPs. */ diff --git a/src/or/routerparse.c b/src/or/routerparse.c index a2bc8fbb93..f7687e0e40 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -131,6 +131,7 @@ typedef enum { K_CONSENSUS_METHOD, K_LEGACY_DIR_KEY, K_DIRECTORY_FOOTER, + K_PACKAGE, A_PURPOSE, A_LAST_LISTED, @@ -420,6 +421,7 @@ static token_rule_t networkstatus_token_table[] = { T1("known-flags", K_KNOWN_FLAGS, ARGS, NO_OBJ ), T01("params", K_PARAMS, ARGS, NO_OBJ ), T( "fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ), + T0N("package", K_PACKAGE, CONCAT_ARGS, NO_OBJ ), CERTIFICATE_MEMBERS @@ -2626,6 +2628,16 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, ns->server_versions = tor_strdup(tok->args[0]); } + { + smartlist_t *package_lst = find_all_by_keyword(tokens, K_PACKAGE); + ns->package_lines = smartlist_new(); + if (package_lst) { + SMARTLIST_FOREACH(package_lst, directory_token_t *, t, + smartlist_add(ns->package_lines, tor_strdup(t->args[0]))); + } + smartlist_free(package_lst); + } + tok = find_by_keyword(tokens, K_KNOWN_FLAGS); ns->known_flags = smartlist_new(); inorder = 1; diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 991e613cb6..84e80ea760 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -2954,6 +2954,152 @@ test_dir_fetch_type(void *arg) done: ; } +static void +test_dir_packages(void *arg) +{ + smartlist_t *votes = smartlist_new(); + char *res = NULL; + (void)arg; + +#define BAD(s) \ + tt_int_op(0, ==, validate_recommended_package_line(s)); +#define GOOD(s) \ + tt_int_op(1, ==, validate_recommended_package_line(s)); + GOOD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz " + "sha256=sssdlkfjdsklfjdskfljasdklfj"); + GOOD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz " + "sha256=sssdlkfjdsklfjdskfljasdklfj blake2b=fred"); + BAD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz " + "sha256=sssdlkfjdsklfjdskfljasdklfj="); + BAD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz " + "sha256=sssdlkfjdsklfjdskfljasdklfj blake2b"); + BAD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz "); + BAD("tor 0.2.6.3-alpha " + "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz"); + BAD("tor 0.2.6.3-alpha "); + BAD("tor 0.2.6.3-alpha"); + BAD("tor "); + BAD("tor"); + BAD(""); + BAD("=foobar sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); + BAD("= = sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); + + BAD("sha512= sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); + + votes = smartlist_new(); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); + SMARTLIST_FOREACH(votes, networkstatus_t *, ns, + ns->package_lines = smartlist_new()); + +#define ADD(i, s) \ + smartlist_add(((networkstatus_t*)smartlist_get(votes, (i)))->package_lines, \ + (void*)(s)); + + /* Only one vote for this one. */ + ADD(4, "cisco 99z http://foobar.example.com/ sha256=blahblah"); + + /* Only two matching entries for this one, but 3 voters */ + ADD(1, "mystic 99y http://barfoo.example.com/ sha256=blahblah"); + ADD(3, "mystic 99y http://foobar.example.com/ sha256=blahblah"); + ADD(4, "mystic 99y http://foobar.example.com/ sha256=blahblah"); + + /* Only two matching entries for this one, but at least 4 voters */ + ADD(1, "mystic 99p http://barfoo.example.com/ sha256=ggggggg"); + ADD(3, "mystic 99p http://foobar.example.com/ sha256=blahblah"); + ADD(4, "mystic 99p http://foobar.example.com/ sha256=blahblah"); + ADD(5, "mystic 99p http://foobar.example.com/ sha256=ggggggg"); + + /* This one has only invalid votes. */ + ADD(0, "haffenreffer 1.2 http://foobar.example.com/ sha256"); + ADD(1, "haffenreffer 1.2 http://foobar.example.com/ "); + ADD(2, "haffenreffer 1.2 "); + ADD(3, "haffenreffer "); + ADD(4, "haffenreffer"); + + /* Three matching votes for this; it should actually go in! */ + ADD(2, "element 0.66.1 http://quux.example.com/ sha256=abcdef"); + ADD(3, "element 0.66.1 http://quux.example.com/ sha256=abcdef"); + ADD(4, "element 0.66.1 http://quux.example.com/ sha256=abcdef"); + ADD(1, "element 0.66.1 http://quum.example.com/ sha256=abcdef"); + ADD(0, "element 0.66.1 http://quux.example.com/ sha256=abcde"); + + /* Three votes for A, three votes for B */ + ADD(0, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob"); + ADD(1, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob"); + ADD(2, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob"); + ADD(3, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz"); + ADD(4, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz"); + ADD(5, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz"); + + /* Three votes for A, two votes for B */ + ADD(1, "clownshoes 22alpha3 http://quumble.example.com/ blake2=foob"); + ADD(2, "clownshoes 22alpha3 http://quumble.example.com/ blake2=foob"); + ADD(3, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz"); + ADD(4, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz"); + ADD(5, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz"); + + /* Four votes for A, two for B. */ + ADD(0, "clownshoes 22alpha4 http://quumble.example.com/ blake2=foob"); + ADD(1, "clownshoes 22alpha4 http://quumble.example.com/ blake2=foob"); + ADD(2, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa"); + ADD(3, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa"); + ADD(4, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa"); + ADD(5, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa"); + + /* Five votes for A ... all from the same guy. Three for B. */ + ADD(0, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(1, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(3, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy"); + + /* As above but new replaces old: no two match. */ + ADD(0, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(1, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(1, "cbc 99.1.11.1.2 http://example.com/cbc/x cubehash=ahooy sha512=m"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy"); + ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy"); + + + res = compute_consensus_package_lines(votes); + tt_assert(res); + tt_str_op(res, ==, + "package cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m\n" + "package clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz\n" + "package clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa\n" + "package element 0.66.1 http://quux.example.com/ sha256=abcdef\n" + "package mystic 99y http://foobar.example.com/ sha256=blahblah\n" + ); + +#undef ADD +#undef BAD +#undef GOOD + done: + SMARTLIST_FOREACH(votes, networkstatus_t *, ns, + { smartlist_free(ns->package_lines); tor_free(ns); }); + tor_free(res); +} + #define DIR_LEGACY(name) \ { #name, test_dir_ ## name , TT_FORK, NULL, NULL } @@ -2983,6 +3129,7 @@ struct testcase_t dir_tests[] = { DIR(http_handling, 0), DIR(purpose_needs_anonymity, 0), DIR(fetch_type, 0), + DIR(packages, 0), END_OF_TESTCASES }; |