diff options
52 files changed, 964 insertions, 789 deletions
diff --git a/.gitignore b/.gitignore index b141e80e89..f304a32ecf 100644 --- a/.gitignore +++ b/.gitignore @@ -189,9 +189,6 @@ uptime-*.json /src/test/test-memwipe.exe /src/test/test-switch-id.exe /src/test/test_workqueue.exe -/src/test/test_zero_length_keys.sh -/src/test/test_ntor.sh -/src/test/test_bt.sh # /src/tools/ /src/tools/tor-checkkey diff --git a/changes/bug17150 b/changes/bug17150 new file mode 100644 index 0000000000..686cc34296 --- /dev/null +++ b/changes/bug17150 @@ -0,0 +1,7 @@ + o Minor bugfixes (directory warnings): + - When fetching extrainfo documents, compare their SHA256 digests + and Ed25519 signing key certificates + with the routerinfo that led us to fetch them, rather than + with the most recent routerinfo. Otherwise we generate many + spurious warnings about mismatches. Fixes bug 17150; bugfix + on 0.2.7.2-alpha. diff --git a/changes/bug18286 b/changes/bug18286 index 6e9ae3de09..e398fb004b 100644 --- a/changes/bug18286 +++ b/changes/bug18286 @@ -1,4 +1,5 @@ o Minor features (build): - - Tor now again builds with the recent OpenSSL 1.1 development branch - (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). + - Tor now builds again with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre4 and 1.1.0-pre5-dev). Closes ticket 18286. + diff --git a/changes/bug18460 b/changes/bug18460 index 457e5dfc17..a8c1a19774 100644 --- a/changes/bug18460 +++ b/changes/bug18460 @@ -1,4 +1,4 @@ o Minor bugfixes (statistics): - - Include consensus downloads via IPv6 in directory-request statistics. - Fixes bug 18480; bugfix on 4741aa4 in 0.2.3.14-alpha. + - We now include consensus downloads via IPv6 in our directory-request statistics. + Fixes bug 18460; bugfix on 0.2.3.14-alpha. diff --git a/changes/bug18481 b/changes/bug18481 index 7fd9e1edc0..6fd882b36b 100644 --- a/changes/bug18481 +++ b/changes/bug18481 @@ -2,4 +2,4 @@ - Turn all TestingClientBootstrap* into non-testing torrc options. This changes simply renames them by removing "Testing" in front of them and they do not require TestingTorNetwork to be enabled anymore. Fixes - #18481; bugfix on tor-0.2.8.1-alpha. + bug 18481; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug18616 b/changes/bug18616 new file mode 100644 index 0000000000..ec59e846ed --- /dev/null +++ b/changes/bug18616 @@ -0,0 +1,14 @@ + o Major bugfixes (directory mirrors): + - Decide whether to advertise begindir support the same way we decide + whether to advertise our DirPort. These decisions being out of sync + led to surprising behavior like advertising begindir support when + our hibernation config options made us not advertise a DirPort. + Resolves bug 18616; bugfix on 0.2.8.1-alpha. Patch by teor. + + o Minor bugfixes: + - Consider more config options when relays decide whether to regenerate + their descriptor. Fixes more of bug 12538; bugfix on 0.2.8.1-alpha. + - Resolve some edge cases where we might launch an ORPort reachability + check even when DisableNetwork is set. Noticed while fixing bug + 18616; bugfix on 0.2.3.9-alpha. + diff --git a/changes/bug18729 b/changes/bug18729 index d4312c0b76..4ec9ca3254 100644 --- a/changes/bug18729 +++ b/changes/bug18729 @@ -1,3 +1,3 @@ - o Minor logging changes: + o Minor features (logging): - Stop blasting twelve lines per second from periodic_event_dispatch() at loglevel debug. Resolves ticket 18729; fix on 0.2.8.1-alpha. diff --git a/changes/bug18809 b/changes/bug18809 new file mode 100644 index 0000000000..1e151874b7 --- /dev/null +++ b/changes/bug18809 @@ -0,0 +1,16 @@ + o Major bugfixes (bootstrap): + - Check if bootstrap consensus downloads are still needed + when the linked connection attaches. This prevents tor + making unnecessary begindir-style connections, which are + the only directory connections tor clients make since + the fix for 18483 was merged. + - Fix some edge cases where consensus download connections + may not have been closed, even though they were not needed. + Related to fix 18809. + - Make relays retry consensus downloads the correct number of + times, rather than the more aggressive client retry count. + Fixes part of ticket 18809. + - Stop downloading consensuses when we have a consensus, + even if we don't have all the certificates for it yet. + Fixes bug 18809; bugfix on 0.2.8.1-alpha. + Patches by arma and teor. diff --git a/changes/bug18816 b/changes/bug18816 index 7265f5ab3f..103f816962 100644 --- a/changes/bug18816 +++ b/changes/bug18816 @@ -1,4 +1,4 @@ o Minor bugfix (bootstrap): - Consistently use the consensus download schedule for authority certificates. - Resolves ticket 18816; fix on fddb814fe in 0.2.4.13-alpha. + Fixes bug 18816; bugfix on 0.2.4.13-alpha. diff --git a/changes/bug18921 b/changes/bug18921 index 934a604945..cdd868a005 100644 --- a/changes/bug18921 +++ b/changes/bug18921 @@ -1,4 +1,4 @@ o Major bugfixes (IPv6 bridges): - Fix directory address selection for IPv6 bridges. - Resolves #18921, bugfix on #17840 in 0.2.8.1-alpha. + Fixes bug 18921; bugfix on 0.2.8.1-alpha. Patch by "teor". diff --git a/changes/bug18929 b/changes/bug18929 index f79bacae8e..c607e630a6 100644 --- a/changes/bug18929 +++ b/changes/bug18929 @@ -1,5 +1,5 @@ o Minor bugfixes (IPv6): - Make directory node selection more reliable, mainly for IPv6-only clients and clients with few reachable addresses. - Resolves #18929, bugfix on #17840 in 0.2.8.1-alpha. + Fixes bug 18929; bugfix on 0.2.8.1-alpha. Patch by "teor". diff --git a/changes/bug18943 b/changes/bug18943 index 53569f05cb..6bcd868460 100644 --- a/changes/bug18943 +++ b/changes/bug18943 @@ -2,5 +2,5 @@ - The SHA3 and SHAKE routines now produce the correct output on Big Endian systems, unbreaking the unit tests. No code calls either algorithm family yet, so this is primarily a build fix. - Closes ticket 18943. + Fixes bug 18943; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug19003 b/changes/bug19003 index d9ef23d24c..ca94938ef9 100644 --- a/changes/bug19003 +++ b/changes/bug19003 @@ -1,5 +1,5 @@ o Minor bugfixes (small networks): - Allow directories in small networks to bootstrap by skipping DirPort checks when the consensus has no exits. - Resolves #19003, bugfix on #18050 in 0.2.8.1-alpha. + Fixes bug 19003; bugfix on 0.2.8.1-alpha. Patch by teor. diff --git a/changes/bug19161 b/changes/bug19161 new file mode 100644 index 0000000000..78c2165308 --- /dev/null +++ b/changes/bug19161 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - When libscrypt.h is found, but no libscrypt library can be linked, + treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha. diff --git a/changes/fallbacks-201604 b/changes/fallbacks-201604 index d61615a6e8..7acefaaf08 100644 --- a/changes/fallbacks-201604 +++ b/changes/fallbacks-201604 @@ -1,9 +1,9 @@ - o Minor enhancements (fallback directory mirrors): - - Give each fallback the same weight for client selection. - Restrict fallbacks to one per operator. - Report fallback directory detail changes when rebuilding list. - Add new fallback directory mirrors to the whitelist. - Update fallback directories based on the latest OnionOO data. - Many other minor simplifications and fixes. + o Minor features (fallback directory mirrors): + - Give each fallback the same weight for client selection; + restrict fallbacks to one per operator; + report fallback directory detail changes when rebuilding list; + add new fallback directory mirrors to the whitelist; + update fallback directories based on the latest OnionOO data; + and any other minor simplifications and fixes. Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of - bug 18812 on tor 0.2.8.1-alpha; patch by "teor". + bug 18812 on 0.2.8.1-alpha; patch by "teor". diff --git a/changes/feature18483 b/changes/feature18483 index b3c42e60fd..d0fa8df58d 100644 --- a/changes/feature18483 +++ b/changes/feature18483 @@ -1,4 +1,4 @@ o Minor features (clients): - Make clients, onion services, and bridge relays always use an encrypted begindir connection for directory requests. - Resolves #18483. Patch by "teor". + Resolves ticket 18483. Patch by "teor". diff --git a/changes/geoip-april2016 b/changes/geoip-april2016 index 4cd03e556b..c55aa179b5 100644 --- a/changes/geoip-april2016 +++ b/changes/geoip-april2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the April 5 2016 Maxmind GeoLite2 Country database. diff --git a/changes/geoip-may2016 b/changes/geoip-may2016 index 3fd42dce24..cf78ab10c7 100644 --- a/changes/geoip-may2016 +++ b/changes/geoip-may2016 @@ -1,4 +1,4 @@ - o Minor features: + o Minor features (geoip): - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 Country database. diff --git a/changes/memarea_overflow b/changes/memarea_overflow new file mode 100644 index 0000000000..8fdc38cc09 --- /dev/null +++ b/changes/memarea_overflow @@ -0,0 +1,7 @@ + o Minor bugfixes (pointer arithmetic): + - Fix a bug in memarea_alloc() that could have resulted in remote heap + write access, if Tor had ever passed an unchecked size to + memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc() + are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix + on 0.2.1.1-alpha. Bug found by Guido Vranken. + diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug new file mode 100644 index 0000000000..6b5fb4f2f9 --- /dev/null +++ b/changes/rsa_init_bug @@ -0,0 +1,7 @@ + o Major bugfixes (key management): + - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer + to the previous (uninitialized) key value. The impact here should be + limited to a difficult-to-trigger crash, if OpenSSL is running an + engine that makes key generation failures possible, or if OpenSSL runs + out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by + Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. diff --git a/configure.ac b/configure.ac index a487948745..59433c2a65 100644 --- a/configure.ac +++ b/configure.ac @@ -833,6 +833,7 @@ dnl Check for libscrypt if test "x$enable_libscrypt" != "xno"; then AC_CHECK_HEADERS([libscrypt.h]) AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt]) + AC_CHECK_FUNCS([libscrypt_scrypt]) fi dnl ============================================================ diff --git a/src/common/crypto.c b/src/common/crypto.c index d2a42698cb..933f1033f7 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -585,8 +585,10 @@ MOCK_IMPL(int, { tor_assert(env); - if (env->key) + if (env->key) { RSA_free(env->key); + env->key = NULL; + } { BIGNUM *e = BN_new(); diff --git a/src/common/crypto_s2k.c b/src/common/crypto_s2k.c index a9140c7553..3bc05f1cf9 100644 --- a/src/common/crypto_s2k.c +++ b/src/common/crypto_s2k.c @@ -19,7 +19,7 @@ #include <openssl/evp.h> -#ifdef HAVE_LIBSCRYPT_H +#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) #define HAVE_SCRYPT #include <libscrypt.h> #endif diff --git a/src/common/memarea.c b/src/common/memarea.c index 0a3fd009b0..173ed4e1cb 100644 --- a/src/common/memarea.c +++ b/src/common/memarea.c @@ -83,8 +83,7 @@ typedef struct memarea_chunk_t { struct memarea_chunk_t *next_chunk; size_t mem_size; /**< How much RAM is available in mem, total? */ char *next_mem; /**< Next position in mem to allocate data at. If it's - * greater than or equal to mem+mem_size, this chunk is - * full. */ + * equal to mem+mem_size, this chunk is full. */ #ifdef USE_ALIGNED_ATTRIBUTE /** Actual content of the memory chunk. */ char mem[FLEXIBLE_ARRAY_MEMBER] __attribute__((aligned(MEMAREA_ALIGN))); @@ -205,7 +204,10 @@ memarea_alloc(memarea_t *area, size_t sz) tor_assert(sz < SIZE_T_CEILING); if (sz == 0) sz = 1; - if (chunk->next_mem+sz > chunk->U_MEM+chunk->mem_size) { + tor_assert(chunk->next_mem <= chunk->U_MEM + chunk->mem_size); + const size_t space_remaining = + (chunk->U_MEM + chunk->mem_size) - chunk->next_mem; + if (sz > space_remaining) { if (sz+CHUNK_HEADER_SIZE >= CHUNK_SIZE) { /* This allocation is too big. Stick it in a special chunk, and put * that chunk second in the list. */ diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index a5a933e6b0..820724adea 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -984,7 +984,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) } control_event_client_status(LOG_NOTICE, "CIRCUIT_ESTABLISHED"); clear_broken_connection_map(1); - if (server_mode(options) && !check_whether_orport_reachable()) { + if (server_mode(options) && !check_whether_orport_reachable(options)) { inform_testing_reachability(); consider_testing_reachability(1, 1); } diff --git a/src/or/circuituse.c b/src/or/circuituse.c index a4b580104f..2c724dee05 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1426,7 +1426,7 @@ static void circuit_testing_opened(origin_circuit_t *circ) { if (have_performed_bandwidth_test || - !check_whether_orport_reachable()) { + !check_whether_orport_reachable(get_options())) { /* either we've already done everything we want with testing circuits, * or this testing circuit became open due to a fluke, e.g. we picked * a last hop where we already had the connection open due to an @@ -1443,7 +1443,8 @@ circuit_testing_opened(origin_circuit_t *circ) static void circuit_testing_failed(origin_circuit_t *circ, int at_last_hop) { - if (server_mode(get_options()) && check_whether_orport_reachable()) + const or_options_t *options = get_options(); + if (server_mode(options) && check_whether_orport_reachable(options)) return; log_info(LD_GENERAL, @@ -2359,6 +2360,25 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) /* we're a general conn */ origin_circuit_t *circ=NULL; + /* Are we linked to a dir conn that aims to fetch a consensus? + * We check here because this conn might no longer be needed. */ + if (base_conn->linked_conn && + base_conn->linked_conn->type == CONN_TYPE_DIR && + base_conn->linked_conn->purpose == DIR_PURPOSE_FETCH_CONSENSUS) { + + /* Yes we are. Is there a consensus fetch farther along than us? */ + if (networkstatus_consensus_is_already_downloading( + TO_DIR_CONN(base_conn->linked_conn)->requested_resource)) { + /* We're doing the "multiple consensus fetch attempts" game from + * proposal 210, and we're late to the party. Just close this conn. + * The circuit and TLS conn that we made will time out after a while + * if nothing else wants to use them. */ + log_info(LD_DIR, "Closing extra consensus fetch (to %s) since one " + "is already downloading.", base_conn->linked_conn->address); + return -1; + } + } + if (conn->chosen_exit_name) { const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 1); int opt = conn->chosen_exit_optional; diff --git a/src/or/config.c b/src/or/config.c index 5d938d101a..0850013d33 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -4343,8 +4343,10 @@ options_transition_affects_descriptor(const or_options_t *old_options, !opt_streq(old_options->MyFamily, new_options->MyFamily) || !opt_streq(old_options->AccountingStart, new_options->AccountingStart) || old_options->AccountingMax != new_options->AccountingMax || + old_options->AccountingRule != new_options->AccountingRule || public_server_mode(old_options) != public_server_mode(new_options) || - old_options->DirCache != new_options->DirCache) + old_options->DirCache != new_options->DirCache || + old_options->AssumeReachable != new_options->AssumeReachable) return 1; return 0; @@ -7005,9 +7007,8 @@ get_first_listener_addrport_string(int listener_type) int get_first_advertised_port_by_type_af(int listener_type, int address_family) { - if (!configured_ports) - return 0; - SMARTLIST_FOREACH_BEGIN(configured_ports, const port_cfg_t *, cfg) { + const smartlist_t *conf_ports = get_configured_ports(); + SMARTLIST_FOREACH_BEGIN(conf_ports, const port_cfg_t *, cfg) { if (cfg->type == listener_type && !cfg->server_cfg.no_advertise && (tor_addr_family(&cfg->addr) == address_family || diff --git a/src/or/connection.c b/src/or/connection.c index 118e239176..4fbbaf1abd 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -4438,32 +4438,6 @@ connection_get_by_type_state_rendquery(int type, int state, )); } -#define CONN_FIRST_AND_FREE_TEMPLATE(sl) \ - STMT_BEGIN \ - if (smartlist_len(sl) > 0) { \ - void *first_item = smartlist_get(sl, 0); \ - smartlist_free(sl); \ - return first_item; \ - } else { \ - smartlist_free(sl); \ - return NULL; \ - } \ - STMT_END - -/** Return a directory connection (if any one exists) that is fetching - * the item described by <b>purpose</b>/<b>resource</b>, otherwise return NULL. - */ -dir_connection_t * -connection_dir_get_by_purpose_and_resource( - int purpose, - const char *resource) -{ - smartlist_t *conns = connection_dir_list_by_purpose_and_resource( - purpose, - resource); - CONN_FIRST_AND_FREE_TEMPLATE(conns); -} - /** Return a new smartlist of dir_connection_t * from get_connection_array() * that satisfy conn_test on connection_t *conn_var, and dirconn_test on * dir_connection_t *dirconn_var. conn_var must be of CONN_TYPE_DIR and not @@ -4504,25 +4478,6 @@ connection_dir_list_by_purpose_and_resource( dirconn->requested_resource)); } -/** Return a directory connection (if any one exists) that is fetching - * the item described by <b>purpose</b>/<b>resource</b>/<b>state</b>, - * otherwise return NULL. */ -dir_connection_t * -connection_dir_get_by_purpose_resource_and_state( - int purpose, - const char *resource, - int state) -{ - smartlist_t *conns = - connection_dir_list_by_purpose_resource_and_state( - purpose, - resource, - state); - CONN_FIRST_AND_FREE_TEMPLATE(conns); -} - -#undef CONN_FIRST_AND_FREE_TEMPLATE - /** Return a list of directory connections that are fetching the item * described by <b>purpose</b>/<b>resource</b>/<b>state</b>. If there are * none, return an empty list. This list must be freed using smartlist_free, diff --git a/src/or/connection.h b/src/or/connection.h index 45175cd5a2..4835235fba 100644 --- a/src/or/connection.h +++ b/src/or/connection.h @@ -192,13 +192,6 @@ MOCK_DECL(connection_t *,connection_get_by_type_addr_port_purpose,(int type, connection_t *connection_get_by_type_state(int type, int state); connection_t *connection_get_by_type_state_rendquery(int type, int state, const char *rendquery); -dir_connection_t *connection_dir_get_by_purpose_and_resource( - int purpose, - const char *resource); -dir_connection_t *connection_dir_get_by_purpose_resource_and_state( - int purpose, - const char *resource, - int state); smartlist_t *connection_dir_list_by_purpose_and_resource( int purpose, const char *resource); diff --git a/src/or/control.c b/src/or/control.c index e06d7d28a2..e2ad8cc6dc 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -2148,6 +2148,7 @@ getinfo_helper_events(control_connection_t *control_conn, const char *question, char **answer, const char **errmsg) { + const or_options_t *options = get_options(); (void) control_conn; if (!strcmp(question, "circuit-status")) { smartlist_t *status = smartlist_new(); @@ -2284,17 +2285,19 @@ getinfo_helper_events(control_connection_t *control_conn, *answer = tor_strdup(directories_have_accepted_server_descriptor() ? "1" : "0"); } else if (!strcmp(question, "status/reachability-succeeded/or")) { - *answer = tor_strdup(check_whether_orport_reachable() ? "1" : "0"); + *answer = tor_strdup(check_whether_orport_reachable(options) ? + "1" : "0"); } else if (!strcmp(question, "status/reachability-succeeded/dir")) { - *answer = tor_strdup(check_whether_dirport_reachable() ? "1" : "0"); + *answer = tor_strdup(check_whether_dirport_reachable(options) ? + "1" : "0"); } else if (!strcmp(question, "status/reachability-succeeded")) { tor_asprintf(answer, "OR=%d DIR=%d", - check_whether_orport_reachable() ? 1 : 0, - check_whether_dirport_reachable() ? 1 : 0); + check_whether_orport_reachable(options) ? 1 : 0, + check_whether_dirport_reachable(options) ? 1 : 0); } else if (!strcmp(question, "status/bootstrap-phase")) { *answer = tor_strdup(last_sent_bootstrap_message); } else if (!strcmpstart(question, "status/version/")) { - int is_server = server_mode(get_options()); + int is_server = server_mode(options); networkstatus_t *c = networkstatus_get_latest_consensus(); version_status_t status; const char *recommended; @@ -2336,7 +2339,7 @@ getinfo_helper_events(control_connection_t *control_conn, } *answer = bridge_stats; } else if (!strcmp(question, "status/fresh-relay-descs")) { - if (!server_mode(get_options())) { + if (!server_mode(options)) { *errmsg = "Only relays have descriptors"; return -1; } diff --git a/src/or/directory.c b/src/or/directory.c index 8dc018a662..89b08223d2 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -96,6 +96,9 @@ static void directory_initiate_command_rend( time_t if_modified_since, const rend_data_t *rend_query); +static void connection_dir_close_consensus_fetches( + dir_connection_t *except_this_one, const char *resource); + /********* START VARIABLES **********/ /** How far in the future do we allow a directory server to tell us it is @@ -1170,12 +1173,6 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, return; } - /* ensure we don't make excess connections when we're already downloading - * a consensus during bootstrap */ - if (connection_dir_avoid_extra_connection_for_purpose(dir_purpose)) { - return; - } - conn = dir_connection_new(tor_addr_family(&addr)); /* set up conn so it's got all the data we need to remember */ @@ -1216,11 +1213,6 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING; /* fall through */ case 0: - /* Close this connection if there's another consensus connection - * downloading (during bootstrap), or connecting (after bootstrap). */ - if (connection_dir_close_consensus_conn_if_extra(conn)) { - return; - } /* queue the command on the outbuf */ directory_send_command(conn, dir_purpose, 1, resource, payload, payload_len, @@ -1268,11 +1260,6 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, connection_mark_for_close(TO_CONN(conn)); return; } - /* Close this connection if there's another consensus connection - * downloading (during bootstrap), or connecting (after bootstrap). */ - if (connection_dir_close_consensus_conn_if_extra(conn)) { - return; - } conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING; /* queue the command on the outbuf */ directory_send_command(conn, dir_purpose, 0, resource, @@ -2028,6 +2015,10 @@ connection_dir_client_reached_eof(dir_connection_t *conn) networkstatus_consensus_download_failed(0, flavname); return -1; } + + /* If we launched other fetches for this consensus, cancel them. */ + connection_dir_close_consensus_fetches(conn, flavname); + /* launches router downloads as needed */ routers_update_all_from_networkstatus(now, 3); update_microdescs_from_networkstatus(now); @@ -3679,226 +3670,37 @@ connection_dir_finished_flushing(dir_connection_t *conn) return 0; } -/* A helper function for connection_dir_close_consensus_conn_if_extra() - * and connection_dir_close_extra_consensus_conns() that returns 0 if - * we can't have, or don't want to close, excess consensus connections. */ -STATIC int -connection_dir_would_close_consensus_conn_helper(void) -{ - const or_options_t *options = get_options(); - - /* we're only interested in closing excess connections if we could - * have created any in the first place */ - if (!networkstatus_consensus_can_use_multiple_directories(options)) { - return 0; - } - - /* We want to close excess connections downloading a consensus. - * If there aren't any excess, we don't have anything to close. */ - if (!networkstatus_consensus_has_excess_connections()) { - return 0; - } - - /* If we have excess connections, but none of them are downloading a - * consensus, and we are still bootstrapping (that is, we have no usable - * consensus), we don't want to close any until one starts downloading. */ - if (!networkstatus_consensus_is_downloading_usable_flavor() - && networkstatus_consensus_is_boostrapping(time(NULL))) { - return 0; - } - - /* If we have just stopped bootstrapping (that is, just parsed a consensus), - * we might still have some excess connections hanging around. So we still - * have to check if we want to close any, even if we've stopped - * bootstrapping. */ - return 1; -} - -/* Check if we would close excess consensus connections. If we would, any - * new consensus connection would become excess immediately, so return 1. - * Otherwise, return 0. */ -int -connection_dir_avoid_extra_connection_for_purpose(unsigned int purpose) -{ - const or_options_t *options = get_options(); - - /* We're not interested in connections that aren't fetching a consensus. */ - if (purpose != DIR_PURPOSE_FETCH_CONSENSUS) { - return 0; - } - - /* we're only interested in avoiding excess connections if we could - * have created any in the first place */ - if (!networkstatus_consensus_can_use_multiple_directories(options)) { - return 0; - } - - /* If there are connections downloading a consensus, and we are still - * bootstrapping (that is, we have no usable consensus), we can be sure that - * any further connections would be excess. */ - if (networkstatus_consensus_is_downloading_usable_flavor() - && networkstatus_consensus_is_boostrapping(time(NULL))) { - return 1; - } - - return 0; -} - -/* Check if we have more than one consensus download connection attempt, and - * close conn: - * - if we don't have a consensus, and we're downloading a consensus, and conn - * is not downloading a consensus yet; - * - if we do have a consensus, and there's more than one consensus connection. +/* We just got a new consensus! If there are other in-progress requests + * for this consensus flavor (for example because we launched several in + * parallel), cancel them. * - * Post-bootstrap consensus connection attempts are initiated one at a time. - * So this function won't close any consensus connection attempts that - * are initiated after bootstrap. - */ -int -connection_dir_close_consensus_conn_if_extra(dir_connection_t *conn) -{ - tor_assert(conn); - tor_assert(conn->base_.type == CONN_TYPE_DIR); - - /* We're not interested in connections that aren't fetching a consensus. */ - if (conn->base_.purpose != DIR_PURPOSE_FETCH_CONSENSUS) { - return 0; - } - - /* The connection has already been closed */ - if (conn->base_.marked_for_close) { - return 0; - } - - /* Only close this connection if there's another consensus connection - * downloading (during bootstrap), or connecting (after bootstrap). - * Post-bootstrap consensus connection attempts won't be closed, because - * they only occur one at a time. */ - if (!connection_dir_would_close_consensus_conn_helper()) { - return 0; - } - - const int we_are_bootstrapping = networkstatus_consensus_is_boostrapping( - time(NULL)); - - /* We don't want to check other connections to see if they are downloading, - * as this is prone to race-conditions. So leave it for - * connection_dir_consider_close_extra_consensus_conns() to clean up. - * - * But if conn has just started connecting, or we have a consensus already, - * we can be sure it's not needed any more. */ - if (!we_are_bootstrapping - || conn->base_.state == DIR_CONN_STATE_CONNECTING) { - connection_close_immediate(&conn->base_); - connection_mark_for_close(&conn->base_); - return -1; - } - - return 0; -} - -/* Clean up excess consensus download connection attempts. - * During bootstrap, or when the bootstrap consensus has just been downloaded, - * if we have more than one active consensus connection: - * - if we don't have a consensus, and we're downloading a consensus, keep an - * earlier connection, or a connection to a fallback directory, and close - * all other connections; - * - if we have just downloaded the bootstrap consensus, and have other - * consensus connections left over, close all of them. + * We do this check here (not just in + * connection_ap_handshake_attach_circuit()) to handle the edge case where + * a consensus fetch begins and ends before some other one tries to attach to + * a circuit, in which case the other one won't know that we're all happy now. * - * Post-bootstrap consensus connection attempts are initiated one at a time. - * So this function won't close any consensus connection attempts that - * are initiated after bootstrap. + * Don't mark the conn that just gave us the consensus -- otherwise we + * would end up double-marking it when it cleans itself up. */ -void -connection_dir_close_extra_consensus_conns(void) +static void +connection_dir_close_consensus_fetches(dir_connection_t *except_this_one, + const char *resource) { - /* Only cleanup connections if there is more than one consensus connection, - * and at least one of those connections is already downloading - * (during bootstrap), or connecting (just after the bootstrap consensus is - * downloaded). - * Post-bootstrap consensus connection attempts won't be cleaned up, because - * they only occur one at a time. */ - if (!connection_dir_would_close_consensus_conn_helper()) { - return; - } - - int we_are_bootstrapping = networkstatus_consensus_is_boostrapping( - time(NULL)); - - const char *usable_resource = networkstatus_get_flavor_name( - usable_consensus_flavor()); - smartlist_t *consens_usable_conns = - connection_dir_list_by_purpose_and_resource( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource); - - /* If we want to keep a connection that's downloading, find a connection to - * keep, favouring: - * - connections opened earlier (they are likely to have progressed further) - * - connections to fallbacks (to reduce the load on authorities) */ - dir_connection_t *kept_download_conn = NULL; - int kept_is_authority = 0; - if (we_are_bootstrapping) { - SMARTLIST_FOREACH_BEGIN(consens_usable_conns, - dir_connection_t *, d) { - tor_assert(d); - int d_is_authority = router_digest_is_trusted_dir(d->identity_digest); - /* keep the first connection that is past the connecting state, but - * prefer fallbacks. */ - if (d->base_.state != DIR_CONN_STATE_CONNECTING) { - if (!kept_download_conn || (kept_is_authority && !d_is_authority)) { - kept_download_conn = d; - kept_is_authority = d_is_authority; - /* we've found the earliest fallback, and want to keep it regardless - * of any other connections */ - if (!kept_is_authority) - break; - } - } - } SMARTLIST_FOREACH_END(d); - } - - SMARTLIST_FOREACH_BEGIN(consens_usable_conns, - dir_connection_t *, d) { - tor_assert(d); - /* don't close this connection if it's the one we want to keep */ - if (kept_download_conn && d == kept_download_conn) + smartlist_t *conns_to_close = + connection_dir_list_by_purpose_and_resource(DIR_PURPOSE_FETCH_CONSENSUS, + resource); + SMARTLIST_FOREACH_BEGIN(conns_to_close, dir_connection_t *, d) { + if (d == except_this_one) continue; - /* mark all other connections for close */ - if (!d->base_.marked_for_close) { - connection_close_immediate(&d->base_); - connection_mark_for_close(&d->base_); - } + log_info(LD_DIR, "Closing consensus fetch (to %s) since one " + "has just arrived.", TO_CONN(d)->address); + connection_mark_for_close(TO_CONN(d)); } SMARTLIST_FOREACH_END(d); - - smartlist_free(consens_usable_conns); - consens_usable_conns = NULL; - - /* make sure we've closed all excess connections */ - const int final_connecting_conn_count = - connection_dir_count_by_purpose_resource_and_state( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource, - DIR_CONN_STATE_CONNECTING); - if (final_connecting_conn_count > 0) { - log_warn(LD_BUG, "Expected 0 consensus connections connecting after " - "cleanup, got %d.", final_connecting_conn_count); - } - const int expected_final_conn_count = (we_are_bootstrapping ? 1 : 0); - const int final_conn_count = - connection_dir_count_by_purpose_and_resource( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource); - if (final_conn_count > expected_final_conn_count) { - log_warn(LD_BUG, "Expected %d consensus connections after cleanup, got " - "%d.", expected_final_conn_count, final_connecting_conn_count); - } + smartlist_free(conns_to_close); } /** Connected handler for directory connections: begin sending data to the - * server, and return 0, or, if the connection is an excess bootstrap - * connection, close all excess bootstrap connections. + * server, and return 0. * Only used when connections don't immediately connect. */ int connection_dir_finished_connecting(dir_connection_t *conn) @@ -3910,12 +3712,6 @@ connection_dir_finished_connecting(dir_connection_t *conn) log_debug(LD_HTTP,"Dir connection to router %s:%u established.", conn->base_.address,conn->base_.port); - /* Close this connection if there's another consensus connection - * downloading (during bootstrap), or connecting (after bootstrap). */ - if (connection_dir_close_consensus_conn_if_extra(conn)) { - return -1; - } - /* start flushing conn */ conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING; return 0; @@ -3932,7 +3728,7 @@ find_dl_schedule(download_status_t *dls, const or_options_t *options) const int dir_server = dir_server_mode(options); const int multi_d = networkstatus_consensus_can_use_multiple_directories( options); - const int we_are_bootstrapping = networkstatus_consensus_is_boostrapping( + const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping( time(NULL)); const int use_fallbacks = networkstatus_consensus_can_use_extra_fallbacks( options); diff --git a/src/or/directory.h b/src/or/directory.h index c4edbb5c0f..7646cac03f 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -78,9 +78,6 @@ void directory_initiate_command(const tor_addr_t *or_addr, uint16_t or_port, const char *resource, const char *payload, size_t payload_len, time_t if_modified_since); -int connection_dir_avoid_extra_connection_for_purpose(unsigned int purpose); -int connection_dir_close_consensus_conn_if_extra(dir_connection_t *conn); -void connection_dir_close_extra_consensus_conns(void); #define DSR_HEX (1<<0) #define DSR_BASE64 (1<<1) @@ -147,7 +144,6 @@ STATIC int directory_handle_command_get(dir_connection_t *conn, const char *headers, const char *req_body, size_t req_body_len); -STATIC int connection_dir_would_close_consensus_conn_helper(void); STATIC int download_status_schedule_get_delay(download_status_t *dls, const smartlist_t *schedule, time_t now); diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 3e1f48062c..dafaed8bf2 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -257,11 +257,11 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg, return FP_REJECT; } - if (router->signing_key_cert) { + if (router->cache_info.signing_key_cert) { /* This has an ed25519 identity key. */ if (KEYPIN_MISMATCH == keypin_check((const uint8_t*)router->cache_info.identity_digest, - router->signing_key_cert->signing_key.pubkey)) { + router->cache_info.signing_key_cert->signing_key.pubkey)) { log_fn(severity, LD_DIR, "Descriptor from router %s has an Ed25519 key, " "but the <rsa,ed25519> keys don't match what they were before.", @@ -629,10 +629,10 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source) /* Do keypinning again ... this time, to add the pin if appropriate */ int keypin_status; - if (ri->signing_key_cert) { + if (ri->cache_info.signing_key_cert) { keypin_status = keypin_check_and_add( (const uint8_t*)ri->cache_info.identity_digest, - ri->signing_key_cert->signing_key.pubkey, + ri->cache_info.signing_key_cert->signing_key.pubkey, ! key_pinning); } else { keypin_status = keypin_check_lone_rsa( @@ -691,12 +691,14 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source) static was_router_added_t dirserv_add_extrainfo(extrainfo_t *ei, const char **msg) { - const routerinfo_t *ri; + routerinfo_t *ri; int r; tor_assert(msg); *msg = NULL; - ri = router_get_by_id_digest(ei->cache_info.identity_digest); + /* Needs to be mutable so routerinfo_incompatible_with_extrainfo + * can mess with some of the flags in ri->cache_info. */ + ri = router_get_mutable_by_digest(ei->cache_info.identity_digest); if (!ri) { *msg = "No corresponding router descriptor for extra-info descriptor"; extrainfo_free(ei); @@ -716,7 +718,8 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char **msg) return ROUTER_BAD_EI; } - if ((r = routerinfo_incompatible_with_extrainfo(ri, ei, NULL, msg))) { + if ((r = routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei, + &ri->cache_info, msg))) { extrainfo_free(ei); return r < 0 ? ROUTER_IS_ALREADY_KNOWN : ROUTER_BAD_EI; } @@ -1131,8 +1134,11 @@ directory_caches_unknown_auth_certs(const or_options_t *options) return dir_server_mode(options) || options->BridgeRelay; } -/** Return 1 if we want to keep descriptors, networkstatuses, etc around - * and we're willing to serve them to others. Else return 0. +/** Return 1 if we want to keep descriptors, networkstatuses, etc around. + * Else return 0. + * Check options->DirPort_set and directory_permits_begindir_requests() + * to see if we are willing to serve these directory documents to others via + * the DirPort and begindir-over-ORPort, respectively. */ int directory_caches_dir_info(const or_options_t *options) @@ -2136,9 +2142,9 @@ routers_make_ed_keys_unique(smartlist_t *routers) SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) { ri->omit_from_vote = 0; - if (ri->signing_key_cert == NULL) + if (ri->cache_info.signing_key_cert == NULL) continue; /* No ed key */ - const uint8_t *pk = ri->signing_key_cert->signing_key.pubkey; + const uint8_t *pk = ri->cache_info.signing_key_cert->signing_key.pubkey; if ((ri2 = digest256map_get(by_ed_key, pk))) { /* Duplicate; must omit one. Set the omit_from_vote flag in whichever * one has the earlier published_on. */ @@ -2891,8 +2897,9 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, set_routerstatus_from_routerinfo(rs, node, ri, now, listbadexits); - if (ri->signing_key_cert) { - memcpy(vrs->ed25519_id, ri->signing_key_cert->signing_key.pubkey, + if (ri->cache_info.signing_key_cert) { + memcpy(vrs->ed25519_id, + ri->cache_info.signing_key_cert->signing_key.pubkey, ED25519_PUBKEY_LEN); } diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 9854af7d7f..62f85877fe 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -3528,10 +3528,11 @@ dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method) char idbuf[ED25519_BASE64_LEN+1]; const char *keytype; if (consensus_method >= MIN_METHOD_FOR_ED25519_ID_IN_MD && - ri->signing_key_cert && - ri->signing_key_cert->signing_key_included) { + ri->cache_info.signing_key_cert && + ri->cache_info.signing_key_cert->signing_key_included) { keytype = "ed25519"; - ed25519_public_to_base64(idbuf, &ri->signing_key_cert->signing_key); + ed25519_public_to_base64(idbuf, + &ri->cache_info.signing_key_cert->signing_key); } else { keytype = "rsa1024"; digest_to_base64(idbuf, ri->cache_info.identity_digest); diff --git a/src/or/main.c b/src/or/main.c index a2cf5b1101..b9fee1d480 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1484,17 +1484,6 @@ run_scheduled_events(time_t now) dirvote_act(options, now); } - /* 2d. Cleanup excess consensus bootstrap connections every second. - * connection_dir_close_consensus_conn_if_extra() closes some connections - * that are clearly excess, but this check is more thorough. - * This only closes connections if there is more than one consensus - * connection, and at least one of those connections is already downloading - * (during bootstrap), or connecting (just after the bootstrap consensus is - * downloaded). - * It won't close any consensus connections initiated after bootstrap, - * because those attempts are made one at a time. */ - connection_dir_close_extra_consensus_conns(); - /* 3a. Every second, we examine pending circuits and prune the * ones which have been pending for more than a few seconds. * We do this before step 4, so it can try building more if @@ -1917,7 +1906,7 @@ fetch_networkstatus_callback(time_t now, const or_options_t *options) /* How often do we check whether we should download network status * documents? */ - const int we_are_bootstrapping = networkstatus_consensus_is_boostrapping( + const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping( now); const int prefer_mirrors = !directory_fetches_from_authorities( get_options()); @@ -2094,7 +2083,7 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg) TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT) { /* every 20 minutes, check and complain if necessary */ const routerinfo_t *me = router_get_my_routerinfo(); - if (me && !check_whether_orport_reachable()) { + if (me && !check_whether_orport_reachable(options)) { char *address = tor_dup_ip(me->addr); log_warn(LD_CONFIG,"Your server (%s:%d) has not managed to confirm that " "its ORPort is reachable. Relays do not publish descriptors " @@ -2107,7 +2096,7 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg) tor_free(address); } - if (me && !check_whether_dirport_reachable()) { + if (me && !check_whether_dirport_reachable(options)) { char *address = tor_dup_ip(me->addr); log_warn(LD_CONFIG, "Your server (%s:%d) has not managed to confirm that its " diff --git a/src/or/microdesc.c b/src/or/microdesc.c index 299042995b..5b5c29a6d2 100644 --- a/src/or/microdesc.c +++ b/src/or/microdesc.c @@ -955,8 +955,8 @@ we_fetch_router_descriptors(const or_options_t *options) } /** Return the consensus flavor we actually want to use to build circuits. */ -int -usable_consensus_flavor(void) +MOCK_IMPL(int, +usable_consensus_flavor,(void)) { if (we_use_microdescriptors_for_circuits(get_options())) { return FLAV_MICRODESC; diff --git a/src/or/microdesc.h b/src/or/microdesc.h index 0675e233d6..40c83139e9 100644 --- a/src/or/microdesc.h +++ b/src/or/microdesc.h @@ -47,7 +47,7 @@ void microdesc_free_all(void); void update_microdesc_downloads(time_t now); void update_microdescs_from_networkstatus(time_t now); -int usable_consensus_flavor(void); +MOCK_DECL(int, usable_consensus_flavor,(void)); int we_fetch_microdescriptors(const or_options_t *options); int we_fetch_router_descriptors(const or_options_t *options); int we_use_microdescriptors_for_circuits(const or_options_t *options); diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 185708a0c1..51fc01108f 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -121,8 +121,7 @@ static int have_warned_about_new_version = 0; static void routerstatus_list_update_named_server_map(void); static void update_consensus_bootstrap_multiple_downloads( time_t now, - const or_options_t *options, - int we_are_bootstrapping); + const or_options_t *options); /** Forget that we've warned about anything networkstatus-related, so we will * give fresh warnings if the same behavior happens again. */ @@ -792,26 +791,6 @@ check_consensus_waiting_for_certs(int flavor, time_t now, return 0; } -/* Return the maximum download tries for a consensus, based on options and - * whether we_are_bootstrapping. */ -static int -consensus_max_download_tries(const or_options_t *options, - int we_are_bootstrapping) -{ - int use_fallbacks = networkstatus_consensus_can_use_extra_fallbacks(options); - - if (we_are_bootstrapping) { - if (use_fallbacks) { - return options->ClientBootstrapConsensusMaxDownloadTries; - } else { - return - options->ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries; - } - } - - return options->TestingConsensusMaxDownloadTries; -} - /** If we want to download a fresh consensus, launch a new download as * appropriate. */ static void @@ -819,7 +798,7 @@ update_consensus_networkstatus_downloads(time_t now) { int i; const or_options_t *options = get_options(); - const int we_are_bootstrapping = networkstatus_consensus_is_boostrapping( + const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping( now); const int use_multi_conn = networkstatus_consensus_can_use_multiple_directories(options); @@ -865,28 +844,14 @@ update_consensus_networkstatus_downloads(time_t now) && i == usable_consensus_flavor()) { /* Check if we're already downloading a usable consensus */ - int consens_conn_count = - connection_dir_count_by_purpose_and_resource( - DIR_PURPOSE_FETCH_CONSENSUS, - resource); - int connect_consens_conn_count = - connection_dir_count_by_purpose_resource_and_state( - DIR_PURPOSE_FETCH_CONSENSUS, - resource, - DIR_CONN_STATE_CONNECTING); - - if (i == usable_consensus_flavor() - && connect_consens_conn_count < consens_conn_count) { + if (networkstatus_consensus_is_already_downloading(resource)) continue; - } - /* Make multiple connections for a bootstrap consensus download */ - update_consensus_bootstrap_multiple_downloads(now, options, - we_are_bootstrapping); + /* Make multiple connections for a bootstrap consensus download. */ + update_consensus_bootstrap_multiple_downloads(now, options); } else { /* Check if we failed downloading a consensus too recently */ - int max_dl_tries = consensus_max_download_tries(options, - we_are_bootstrapping); + int max_dl_tries = options->TestingConsensusMaxDownloadTries; /* Let's make sure we remembered to update consensus_dl_status */ tor_assert(consensus_dl_status[i].schedule == DL_SCHED_CONSENSUS); @@ -921,12 +886,16 @@ static void update_consensus_bootstrap_attempt_downloads( time_t now, const or_options_t *options, - int we_are_bootstrapping, download_status_t *dls, download_want_authority_t want_authority) { - int max_dl_tries = consensus_max_download_tries(options, - we_are_bootstrapping); + int use_fallbacks = networkstatus_consensus_can_use_extra_fallbacks(options); + int max_dl_tries = options->ClientBootstrapConsensusMaxDownloadTries; + if (!use_fallbacks) { + max_dl_tries = + options->ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries; + } + const char *resource = networkstatus_get_flavor_name( usable_consensus_flavor()); @@ -954,13 +923,12 @@ update_consensus_bootstrap_attempt_downloads( * connections. * Only call when bootstrapping, and when we want to make additional * connections. Only nodes that satisfy - * networkstatus_consensus_can_use_multiple_directories make additonal + * networkstatus_consensus_can_use_multiple_directories make additional * connections. */ static void update_consensus_bootstrap_multiple_downloads(time_t now, - const or_options_t *options, - int we_are_bootstrapping) + const or_options_t *options) { const int usable_flavor = usable_consensus_flavor(); @@ -969,12 +937,6 @@ update_consensus_bootstrap_multiple_downloads(time_t now, return; } - /* If we've managed to validate a usable consensus, don't make additonal - * connections. */ - if (!we_are_bootstrapping) { - return; - } - /* Launch concurrent consensus download attempt(s) based on the mirror and * authority schedules. Try the mirror first - this makes it slightly more * likely that we'll connect to the fallback first, and then end the @@ -993,8 +955,7 @@ update_consensus_bootstrap_multiple_downloads(time_t now, if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) { /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */ - update_consensus_bootstrap_attempt_downloads(now, options, - we_are_bootstrapping, dls_f, + update_consensus_bootstrap_attempt_downloads(now, options, dls_f, DL_WANT_ANY_DIRSERVER); } } @@ -1004,8 +965,7 @@ update_consensus_bootstrap_multiple_downloads(time_t now, &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY]; if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) { - update_consensus_bootstrap_attempt_downloads(now, options, - we_are_bootstrapping, dls_a, + update_consensus_bootstrap_attempt_downloads(now, options, dls_a, DL_WANT_AUTHORITY); } } @@ -1273,16 +1233,34 @@ networkstatus_get_reasonably_live_consensus(time_t now, int flavor) return NULL; } -/** Check if we're bootstrapping a consensus download. This means that we are - * only using the authorities and fallback directory mirrors to download the - * consensus flavour we'll use. */ -int -networkstatus_consensus_is_boostrapping(time_t now) -{ - /* If we don't have a consensus, we must still be bootstrapping */ - return !networkstatus_get_reasonably_live_consensus( - now, - usable_consensus_flavor()); +/** Check if we need to download a consensus during tor's bootstrap phase. + * If we have no consensus, or our consensus is unusably old, return 1. + * As soon as we have received a consensus, return 0, even if we don't have + * enough certificates to validate it. + * If a fallback directory gives us a consensus we can never get certs for, + * check_consensus_waiting_for_certs() will wait 20 minutes before failing + * the cert downloads. After that, a new consensus will be fetched from a + * randomly chosen fallback. */ +MOCK_IMPL(int, +networkstatus_consensus_is_bootstrapping,(time_t now)) +{ + /* If we have a validated, reasonably live consensus, we're not + * bootstrapping a consensus at all. */ + if (networkstatus_get_reasonably_live_consensus( + now, + usable_consensus_flavor())) { + return 0; + } + + /* If we have a consensus, but we're waiting for certificates, + * we're not waiting for a consensus download while bootstrapping. */ + if (consensus_is_waiting_for_certs()) { + return 0; + } + + /* If we have no consensus, or our consensus is very old, we are + * bootstrapping, and we need to download a consensus. */ + return 1; } /** Check if we can use multiple directories for a consensus download. @@ -1299,8 +1277,8 @@ networkstatus_consensus_can_use_multiple_directories( /** Check if we can use fallback directory mirrors for a consensus download. * If we have fallbacks and don't want to fetch from the authorities, * we can use them. */ -int -networkstatus_consensus_can_use_extra_fallbacks(const or_options_t *options) +MOCK_IMPL(int, +networkstatus_consensus_can_use_extra_fallbacks,(const or_options_t *options)) { /* The list length comparisons are a quick way to check if we have any * non-authority fallback directories. If we ever have any authorities that @@ -1314,61 +1292,39 @@ networkstatus_consensus_can_use_extra_fallbacks(const or_options_t *options) > smartlist_len(router_get_trusted_dir_servers()))); } -/* Check if there is more than 1 consensus connection retrieving the usable - * consensus flavor. If so, return 1, if not, return 0. - * - * During normal operation, Tor only makes one consensus download - * connection. But clients can make multiple simultaneous consensus - * connections to improve bootstrap speed and reliability. - * - * If there is more than one connection, we must have connections left - * over from bootstrapping. However, some of the connections may have - * completed and been cleaned up, so it is not sufficient to check the - * return value of this function to see if a client could make multiple - * bootstrap connections. Use - * networkstatus_consensus_can_use_multiple_directories() - * and networkstatus_consensus_is_boostrapping(). */ +/* Is there a consensus fetch for flavor <b>resource</b> that's far + * enough along to be attached to a circuit? */ int -networkstatus_consensus_has_excess_connections(void) -{ - const char *usable_resource = networkstatus_get_flavor_name( - usable_consensus_flavor()); - const int consens_conn_usable_count = - connection_dir_count_by_purpose_and_resource( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource); - /* The maximum number of connections we want downloading a usable consensus - * Always 1, whether bootstrapping or not. */ - const int max_expected_consens_conn_usable_count = 1; - - if (consens_conn_usable_count > max_expected_consens_conn_usable_count) { - return 1; - } - - return 0; -} - -/* Is tor currently downloading a consensus of the usable flavor? */ -int -networkstatus_consensus_is_downloading_usable_flavor(void) -{ - const char *usable_resource = networkstatus_get_flavor_name( - usable_consensus_flavor()); - const int consens_conn_usable_count = - connection_dir_count_by_purpose_and_resource( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource); - - const int connect_consens_conn_usable_count = - connection_dir_count_by_purpose_resource_and_state( - DIR_PURPOSE_FETCH_CONSENSUS, - usable_resource, - DIR_CONN_STATE_CONNECTING); - if (connect_consens_conn_usable_count < consens_conn_usable_count) { - return 1; - } +networkstatus_consensus_is_already_downloading(const char *resource) +{ + int answer = 0; + + /* First, get a list of all the dir conns that are fetching a consensus, + * fetching *this* consensus, and are in state "reading" (meaning they + * have already flushed their request onto the socks connection). */ + smartlist_t *fetching_conns = + connection_dir_list_by_purpose_resource_and_state( + DIR_PURPOSE_FETCH_CONSENSUS, resource, DIR_CONN_STATE_CLIENT_READING); + + /* Then, walk through each conn, to see if its linked socks connection + * is in an attached state. We have to check this separately, since with + * the optimistic data feature, fetches can send their request to the + * socks connection and go into state 'reading', even before they're + * attached to any circuit. */ + SMARTLIST_FOREACH_BEGIN(fetching_conns, dir_connection_t *, dirconn) { + /* Do any of these other dir conns have a linked socks conn that is + * attached to a circuit already? */ + connection_t *base = TO_CONN(dirconn); + if (base->linked_conn && + base->linked_conn->type == CONN_TYPE_AP && + !AP_CONN_STATE_IS_UNATTACHED(base->linked_conn->state)) { + answer = 1; + break; /* stop looping, because we know the answer will be yes */ + } + } SMARTLIST_FOREACH_END(dirconn); + smartlist_free(fetching_conns); - return 0; + return answer; } /** Given two router status entries for the same router identity, return 1 if diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index 9bbb9a389e..ac93e5de91 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -70,13 +70,12 @@ MOCK_DECL(networkstatus_t *,networkstatus_get_latest_consensus_by_flavor, networkstatus_t *networkstatus_get_live_consensus(time_t now); networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now, int flavor); -int networkstatus_consensus_is_boostrapping(time_t now); +MOCK_DECL(int, networkstatus_consensus_is_bootstrapping,(time_t now)); int networkstatus_consensus_can_use_multiple_directories( const or_options_t *options); -int networkstatus_consensus_can_use_extra_fallbacks( - const or_options_t *options); -int networkstatus_consensus_has_excess_connections(void); -int networkstatus_consensus_is_downloading_usable_flavor(void); +MOCK_DECL(int, networkstatus_consensus_can_use_extra_fallbacks,( + const or_options_t *options)); +int networkstatus_consensus_is_already_downloading(const char *resource); #define NSSET_FROM_CACHE 1 #define NSSET_WAS_WAITING_FOR_CERTS 2 diff --git a/src/or/or.h b/src/or/or.h index 6694bb4ece..2252f38161 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2065,6 +2065,10 @@ typedef struct signed_descriptor_t { time_t published_on; /** For routerdescs only: digest of the corresponding extrainfo. */ char extra_info_digest[DIGEST_LEN]; + /** For routerdescs only: A SHA256-digest of the extrainfo (if any) */ + char extra_info_digest256[DIGEST256_LEN]; + /** Certificate for ed25519 signing key. */ + struct tor_cert_st *signing_key_cert; /** For routerdescs only: Status of downloading the corresponding * extrainfo. */ download_status_t ei_dl_status; @@ -2096,8 +2100,6 @@ typedef int16_t country_t; /** Information about another onion router in the network. */ typedef struct { signed_descriptor_t cache_info; - /** A SHA256-digest of the extrainfo (if any) */ - char extra_info_digest256[DIGEST256_LEN]; char *nickname; /**< Human-readable OR name. */ uint32_t addr; /**< IPv4 address of OR, in host order. */ @@ -2115,8 +2117,6 @@ typedef struct { crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */ /** Public curve25519 key for onions */ curve25519_public_key_t *onion_curve25519_pkey; - /** Certificate for ed25519 signing key */ - struct tor_cert_st *signing_key_cert; /** What's the earliest expiration time on all the certs in this * routerinfo? */ time_t cert_expiration_time; @@ -2192,8 +2192,6 @@ typedef struct extrainfo_t { uint8_t digest256[DIGEST256_LEN]; /** The router's nickname. */ char nickname[MAX_NICKNAME_LEN+1]; - /** Certificate for ed25519 signing key */ - struct tor_cert_st *signing_key_cert; /** True iff we found the right key for this extra-info, verified the * signature, and found it to be bad. */ unsigned int bad_sig : 1; diff --git a/src/or/rephist.c b/src/or/rephist.c index fe0ca91c25..04ed7aef0f 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -1867,14 +1867,17 @@ any_predicted_circuits(time_t now) int rep_hist_circbuilding_dormant(time_t now) { + const or_options_t *options = get_options(); + if (any_predicted_circuits(now)) return 0; /* see if we'll still need to build testing circuits */ - if (server_mode(get_options()) && - (!check_whether_orport_reachable() || !circuit_enough_testing_circs())) + if (server_mode(options) && + (!check_whether_orport_reachable(options) || + !circuit_enough_testing_circs())) return 0; - if (!check_whether_dirport_reachable()) + if (!check_whether_dirport_reachable(options)) return 0; return 1; diff --git a/src/or/router.c b/src/or/router.c index 3f94703a26..aa4acf6f64 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1079,23 +1079,49 @@ router_reset_reachability(void) can_reach_or_port = can_reach_dir_port = 0; } -/** Return 1 if ORPort is known reachable; else return 0. */ -int -check_whether_orport_reachable(void) +/** Return 1 if we won't do reachability checks, because: + * - AssumeReachable is set, or + * - the network is disabled. + * Otherwise, return 0. + */ +static int +router_reachability_checks_disabled(const or_options_t *options) { - const or_options_t *options = get_options(); return options->AssumeReachable || + net_is_disabled(); +} + +/** Return 0 if we need to do an ORPort reachability check, because: + * - no reachability check has been done yet, or + * - we've initiated reachability checks, but none have succeeded. + * Return 1 if we don't need to do an ORPort reachability check, because: + * - we've seen a successful reachability check, or + * - AssumeReachable is set, or + * - the network is disabled. + */ +int +check_whether_orport_reachable(const or_options_t *options) +{ + int reach_checks_disabled = router_reachability_checks_disabled(options); + return reach_checks_disabled || can_reach_or_port; } -/** Return 1 if we don't have a dirport configured, or if it's reachable. */ +/** Return 0 if we need to do a DirPort reachability check, because: + * - no reachability check has been done yet, or + * - we've initiated reachability checks, but none have succeeded. + * Return 1 if we don't need to do a DirPort reachability check, because: + * - we've seen a successful reachability check, or + * - there is no DirPort set, or + * - AssumeReachable is set, or + * - the network is disabled. + */ int -check_whether_dirport_reachable(void) +check_whether_dirport_reachable(const or_options_t *options) { - const or_options_t *options = get_options(); - return !options->DirPort_set || - options->AssumeReachable || - net_is_disabled() || + int reach_checks_disabled = router_reachability_checks_disabled(options) || + !options->DirPort_set; + return reach_checks_disabled || can_reach_dir_port; } @@ -1148,10 +1174,11 @@ router_should_be_directory_server(const or_options_t *options, int dir_port) "seconds long. Raising to 1."); interval_length = 1; } - log_info(LD_GENERAL, "Calculating whether to disable dirport: effective " + log_info(LD_GENERAL, "Calculating whether to advertise %s: effective " "bwrate: %u, AccountingMax: "U64_FORMAT", " - "accounting interval length %d", effective_bw, - U64_PRINTF_ARG(options->AccountingMax), + "accounting interval length %d", + dir_port ? "dirport" : "begindir", + effective_bw, U64_PRINTF_ARG(options->AccountingMax), interval_length); acc_bytes = options->AccountingMax; @@ -1199,34 +1226,62 @@ dir_server_mode(const or_options_t *options) } /** Look at a variety of factors, and return 0 if we don't want to - * advertise the fact that we have a DirPort open, else return the - * DirPort we want to advertise. + * advertise the fact that we have a DirPort open or begindir support, else + * return 1. + * + * Where dir_port or supports_tunnelled_dir_requests are not relevant, they + * must be 0. * - * Log a helpful message if we change our mind about whether to publish - * a DirPort. + * Log a helpful message if we change our mind about whether to publish. */ static int -decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) +decide_to_advertise_dir_impl(const or_options_t *options, + uint16_t dir_port, + int supports_tunnelled_dir_requests) { /* Part one: reasons to publish or not publish that aren't * worth mentioning to the user, either because they're obvious * or because they're normal behavior. */ - if (!dir_port) /* short circuit the rest of the function */ + /* short circuit the rest of the function */ + if (!dir_port && !supports_tunnelled_dir_requests) return 0; if (authdir_mode(options)) /* always publish */ - return dir_port; + return 1; if (net_is_disabled()) return 0; - if (!check_whether_dirport_reachable()) + if (dir_port && !router_get_advertised_dir_port(options, dir_port)) return 0; - if (!router_get_advertised_dir_port(options, dir_port)) + if (supports_tunnelled_dir_requests && + !router_get_advertised_or_port(options)) return 0; - /* Part two: reasons to publish or not publish that the user - * might find surprising. router_should_be_directory_server() - * considers config options that make us choose not to publish. */ - return router_should_be_directory_server(options, dir_port) ? dir_port : 0; + /* Part two: consider config options that could make us choose to + * publish or not publish that the user might find surprising. */ + return router_should_be_directory_server(options, dir_port); +} + +/** Front-end to decide_to_advertise_dir_impl(): return 0 if we don't want to + * advertise the fact that we have a DirPort open, else return the + * DirPort we want to advertise. + */ +static int +decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) +{ + /* supports_tunnelled_dir_requests is not relevant, pass 0 */ + return decide_to_advertise_dir_impl(options, dir_port, 0) ? dir_port : 0; +} + +/** Front-end to decide_to_advertise_dir_impl(): return 0 if we don't want to + * advertise the fact that we support begindir requests, else return 1. + */ +static int +decide_to_advertise_begindir(const or_options_t *options, + int supports_tunnelled_dir_requests) +{ + /* dir_port is not relevant, pass 0 */ + return decide_to_advertise_dir_impl(options, 0, + supports_tunnelled_dir_requests); } /** Allocate and return a new extend_info_t that can be used to build @@ -1260,9 +1315,9 @@ void consider_testing_reachability(int test_or, int test_dir) { const routerinfo_t *me = router_get_my_routerinfo(); - int orport_reachable = check_whether_orport_reachable(); - tor_addr_t addr; const or_options_t *options = get_options(); + int orport_reachable = check_whether_orport_reachable(options); + tor_addr_t addr; if (!me) return; @@ -1295,7 +1350,7 @@ consider_testing_reachability(int test_or, int test_dir) /* XXX IPv6 self testing */ tor_addr_from_ipv4h(&addr, me->addr); - if (test_dir && !check_whether_dirport_reachable() && + if (test_dir && !check_whether_dirport_reachable(options) && !connection_get_by_type_addr_port_purpose( CONN_TYPE_DIR, &addr, me->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)) { @@ -1314,18 +1369,19 @@ void router_orport_found_reachable(void) { const routerinfo_t *me = router_get_my_routerinfo(); + const or_options_t *options = get_options(); if (!can_reach_or_port && me) { char *address = tor_dup_ip(me->addr); log_notice(LD_OR,"Self-testing indicates your ORPort is reachable from " "the outside. Excellent.%s", - get_options()->PublishServerDescriptor_ != NO_DIRINFO - && check_whether_dirport_reachable() ? + options->PublishServerDescriptor_ != NO_DIRINFO + && check_whether_dirport_reachable(options) ? " Publishing server descriptor." : ""); can_reach_or_port = 1; mark_my_descriptor_dirty("ORPort found reachable"); /* This is a significant enough change to upload immediately, * at least in a test network */ - if (get_options()->TestingTorNetwork == 1) { + if (options->TestingTorNetwork == 1) { reschedule_descriptor_update_check(); } control_event_server_status(LOG_NOTICE, @@ -1340,19 +1396,20 @@ void router_dirport_found_reachable(void) { const routerinfo_t *me = router_get_my_routerinfo(); + const or_options_t *options = get_options(); if (!can_reach_dir_port && me) { char *address = tor_dup_ip(me->addr); log_notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable " "from the outside. Excellent.%s", - get_options()->PublishServerDescriptor_ != NO_DIRINFO - && check_whether_orport_reachable() ? + options->PublishServerDescriptor_ != NO_DIRINFO + && check_whether_orport_reachable(options) ? " Publishing server descriptor." : ""); can_reach_dir_port = 1; - if (decide_to_advertise_dirport(get_options(), me->dir_port)) { + if (decide_to_advertise_dirport(options, me->dir_port)) { mark_my_descriptor_dirty("DirPort found reachable"); /* This is a significant enough change to upload immediately, * at least in a test network */ - if (get_options()->TestingTorNetwork == 1) { + if (options->TestingTorNetwork == 1) { reschedule_descriptor_update_check(); } } @@ -1570,14 +1627,14 @@ decide_if_publishable_server(void) return 1; if (!router_get_advertised_or_port(options)) return 0; - if (!check_whether_orport_reachable()) + if (!check_whether_orport_reachable(options)) return 0; if (router_have_consensus_path() == CONSENSUS_PATH_INTERNAL) { /* All set: there are no exits in the consensus (maybe this is a tiny * test network), so we can't check our DirPort reachability. */ return 1; } else { - return check_whether_dirport_reachable(); + return check_whether_dirport_reachable(options); } } @@ -1933,8 +1990,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) ri->addr = addr; ri->or_port = router_get_advertised_or_port(options); ri->dir_port = router_get_advertised_dir_port(options, 0); - ri->supports_tunnelled_dir_requests = dir_server_mode(options) && - router_should_be_directory_server(options, ri->dir_port); + ri->supports_tunnelled_dir_requests = + directory_permits_begindir_requests(options); ri->cache_info.published_on = time(NULL); ri->onion_pkey = crypto_pk_dup_key(get_onion_key()); /* must invoke from * main thread */ @@ -1979,7 +2036,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) routerinfo_free(ri); return -1; } - ri->signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + ri->cache_info.signing_key_cert = + tor_cert_dup(get_master_signing_key_cert()); get_platform_str(platform, sizeof(platform)); ri->platform = tor_strdup(platform); @@ -2071,7 +2129,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) ei->cache_info.is_extrainfo = 1; strlcpy(ei->nickname, get_options()->Nickname, sizeof(ei->nickname)); ei->cache_info.published_on = ri->cache_info.published_on; - ei->signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + ei->cache_info.signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + memcpy(ei->cache_info.identity_digest, ri->cache_info.identity_digest, DIGEST_LEN); if (extrainfo_dump_to_string(&ei->cache_info.signed_descriptor_body, @@ -2097,7 +2156,7 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) memcpy(ri->cache_info.extra_info_digest, ei->cache_info.signed_descriptor_digest, DIGEST_LEN); - memcpy(ri->extra_info_digest256, + memcpy(ri->cache_info.extra_info_digest256, ei->digest256, DIGEST256_LEN); } else { @@ -2138,7 +2197,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) ri->cache_info.signed_descriptor_digest); if (ei) { - tor_assert(! routerinfo_incompatible_with_extrainfo(ri, ei, NULL, NULL)); + tor_assert(! routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei, + &ri->cache_info, NULL)); } *r = ri; @@ -2467,7 +2527,8 @@ router_dump_router_to_string(routerinfo_t *router, const or_options_t *options = get_options(); smartlist_t *chunks = NULL; char *output = NULL; - const int emit_ed_sigs = signing_keypair && router->signing_key_cert; + const int emit_ed_sigs = signing_keypair && + router->cache_info.signing_key_cert; char *ed_cert_line = NULL; char *rsa_tap_cc_line = NULL; char *ntor_cc_line = NULL; @@ -2479,12 +2540,12 @@ router_dump_router_to_string(routerinfo_t *router, goto err; } if (emit_ed_sigs) { - if (!router->signing_key_cert->signing_key_included || - !ed25519_pubkey_eq(&router->signing_key_cert->signed_key, + if (!router->cache_info.signing_key_cert->signing_key_included || + !ed25519_pubkey_eq(&router->cache_info.signing_key_cert->signed_key, &signing_keypair->pubkey)) { log_warn(LD_BUG, "Tried to sign a router descriptor with a mismatched " "ed25519 key chain %d", - router->signing_key_cert->signing_key_included); + router->cache_info.signing_key_cert->signing_key_included); goto err; } } @@ -2500,14 +2561,14 @@ router_dump_router_to_string(routerinfo_t *router, char ed_cert_base64[256]; char ed_fp_base64[ED25519_BASE64_LEN+1]; if (base64_encode(ed_cert_base64, sizeof(ed_cert_base64), - (const char*)router->signing_key_cert->encoded, - router->signing_key_cert->encoded_len, - BASE64_ENCODE_MULTILINE) < 0) { + (const char*)router->cache_info.signing_key_cert->encoded, + router->cache_info.signing_key_cert->encoded_len, + BASE64_ENCODE_MULTILINE) < 0) { log_err(LD_BUG,"Couldn't base64-encode signing key certificate!"); goto err; } if (ed25519_public_to_base64(ed_fp_base64, - &router->signing_key_cert->signing_key)<0) { + &router->cache_info.signing_key_cert->signing_key)<0) { log_err(LD_BUG,"Couldn't base64-encode identity key\n"); goto err; } @@ -2534,15 +2595,15 @@ router_dump_router_to_string(routerinfo_t *router, } /* Cross-certify with RSA key */ - if (tap_key && router->signing_key_cert && - router->signing_key_cert->signing_key_included) { + if (tap_key && router->cache_info.signing_key_cert && + router->cache_info.signing_key_cert->signing_key_included) { char buf[256]; int tap_cc_len = 0; uint8_t *tap_cc = make_tap_onion_key_crosscert(tap_key, - &router->signing_key_cert->signing_key, - router->identity_pkey, - &tap_cc_len); + &router->cache_info.signing_key_cert->signing_key, + router->identity_pkey, + &tap_cc_len); if (!tap_cc) { log_warn(LD_BUG,"make_tap_onion_key_crosscert failed!"); goto err; @@ -2564,16 +2625,16 @@ router_dump_router_to_string(routerinfo_t *router, } /* Cross-certify with onion keys */ - if (ntor_keypair && router->signing_key_cert && - router->signing_key_cert->signing_key_included) { + if (ntor_keypair && router->cache_info.signing_key_cert && + router->cache_info.signing_key_cert->signing_key_included) { int sign = 0; char buf[256]; /* XXXX Base the expiration date on the actual onion key expiration time?*/ tor_cert_t *cert = make_ntor_onion_key_crosscert(ntor_keypair, - &router->signing_key_cert->signing_key, - router->cache_info.published_on, - MIN_ONION_KEY_LIFETIME, &sign); + &router->cache_info.signing_key_cert->signing_key, + router->cache_info.published_on, + MIN_ONION_KEY_LIFETIME, &sign); if (!cert) { log_warn(LD_BUG,"make_ntor_onion_key_crosscert failed!"); goto err; @@ -2612,9 +2673,9 @@ router_dump_router_to_string(routerinfo_t *router, char extra_info_digest[HEX_DIGEST_LEN+1]; base16_encode(extra_info_digest, sizeof(extra_info_digest), router->cache_info.extra_info_digest, DIGEST_LEN); - if (!tor_digest256_is_zero(router->extra_info_digest256)) { + if (!tor_digest256_is_zero(router->cache_info.extra_info_digest256)) { char d256_64[BASE64_DIGEST256_LEN+1]; - digest256_to_base64(d256_64, router->extra_info_digest256); + digest256_to_base64(d256_64, router->cache_info.extra_info_digest256); tor_asprintf(&extra_info_line, "extra-info-digest %s %s\n", extra_info_digest, d256_64); } else { @@ -2715,7 +2776,8 @@ router_dump_router_to_string(routerinfo_t *router, tor_free(p6); } - if (router->supports_tunnelled_dir_requests) { + if (decide_to_advertise_begindir(options, + router->supports_tunnelled_dir_requests)) { smartlist_add(chunks, tor_strdup("tunnelled-dir-server\n")); } @@ -2919,7 +2981,8 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, time_t now = time(NULL); smartlist_t *chunks = smartlist_new(); extrainfo_t *ei_tmp = NULL; - const int emit_ed_sigs = signing_keypair && extrainfo->signing_key_cert; + const int emit_ed_sigs = signing_keypair && + extrainfo->cache_info.signing_key_cert; char *ed_cert_line = NULL; base16_encode(identity, sizeof(identity), @@ -2927,19 +2990,19 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, format_iso_time(published, extrainfo->cache_info.published_on); bandwidth_usage = rep_hist_get_bandwidth_lines(); if (emit_ed_sigs) { - if (!extrainfo->signing_key_cert->signing_key_included || - !ed25519_pubkey_eq(&extrainfo->signing_key_cert->signed_key, + if (!extrainfo->cache_info.signing_key_cert->signing_key_included || + !ed25519_pubkey_eq(&extrainfo->cache_info.signing_key_cert->signed_key, &signing_keypair->pubkey)) { log_warn(LD_BUG, "Tried to sign a extrainfo descriptor with a " "mismatched ed25519 key chain %d", - extrainfo->signing_key_cert->signing_key_included); + extrainfo->cache_info.signing_key_cert->signing_key_included); goto err; } char ed_cert_base64[256]; if (base64_encode(ed_cert_base64, sizeof(ed_cert_base64), - (const char*)extrainfo->signing_key_cert->encoded, - extrainfo->signing_key_cert->encoded_len, - BASE64_ENCODE_MULTILINE) < 0) { + (const char*)extrainfo->cache_info.signing_key_cert->encoded, + extrainfo->cache_info.signing_key_cert->encoded_len, + BASE64_ENCODE_MULTILINE) < 0) { log_err(LD_BUG,"Couldn't base64-encode signing key certificate!"); goto err; } diff --git a/src/or/router.h b/src/or/router.h index 5165462a13..73bfea1faa 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -39,8 +39,8 @@ int router_initialize_tls_context(void); int init_keys(void); int init_keys_client(void); -int check_whether_orport_reachable(void); -int check_whether_dirport_reachable(void); +int check_whether_orport_reachable(const or_options_t *options); +int check_whether_dirport_reachable(const or_options_t *options); int dir_server_mode(const or_options_t *options); void consider_testing_reachability(int test_or, int test_dir); void router_orport_found_reachable(void); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index d40d704a1d..a08b5f3190 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2897,7 +2897,7 @@ routerinfo_free(routerinfo_t *router) tor_free(router->onion_curve25519_pkey); if (router->identity_pkey) crypto_pk_free(router->identity_pkey); - tor_cert_free(router->signing_key_cert); + tor_cert_free(router->cache_info.signing_key_cert); if (router->declared_family) { SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s)); smartlist_free(router->declared_family); @@ -2916,7 +2916,7 @@ extrainfo_free(extrainfo_t *extrainfo) { if (!extrainfo) return; - tor_cert_free(extrainfo->signing_key_cert); + tor_cert_free(extrainfo->cache_info.signing_key_cert); tor_free(extrainfo->cache_info.signed_descriptor_body); tor_free(extrainfo->pending_sig); @@ -2932,11 +2932,25 @@ signed_descriptor_free(signed_descriptor_t *sd) return; tor_free(sd->signed_descriptor_body); + tor_cert_free(sd->signing_key_cert); memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */ tor_free(sd); } +/** Copy src into dest, and steal all references inside src so that when + * we free src, we don't mess up dest. */ +static void +signed_descriptor_move(signed_descriptor_t *dest, + signed_descriptor_t *src) +{ + tor_assert(dest != src); + memcpy(dest, src, sizeof(signed_descriptor_t)); + src->signed_descriptor_body = NULL; + src->signing_key_cert = NULL; + dest->routerlist_index = -1; +} + /** Extract a signed_descriptor_t from a general routerinfo, and free the * routerinfo. */ @@ -2946,9 +2960,7 @@ signed_descriptor_from_routerinfo(routerinfo_t *ri) signed_descriptor_t *sd; tor_assert(ri->purpose == ROUTER_PURPOSE_GENERAL); sd = tor_malloc_zero(sizeof(signed_descriptor_t)); - memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t)); - sd->routerlist_index = -1; - ri->cache_info.signed_descriptor_body = NULL; + signed_descriptor_move(sd, &ri->cache_info); routerinfo_free(ri); return sd; } @@ -3126,7 +3138,7 @@ extrainfo_insert,(routerlist_t *rl, extrainfo_t *ei, int warn_if_incompatible)) "Mismatch in digest in extrainfo map."); goto done; } - if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, + if (routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei, sd, &compatibility_error_msg)) { char d1[HEX_DIGEST_LEN+1], d2[HEX_DIGEST_LEN+1]; r = (ri->cache_info.extrainfo_is_bogus) ? @@ -3434,9 +3446,7 @@ routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd) 0, 1, NULL, NULL); if (!ri) return NULL; - memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t)); - sd->signed_descriptor_body = NULL; /* Steal reference. */ - ri->cache_info.routerlist_index = -1; + signed_descriptor_move(&ri->cache_info, sd); routerlist_remove_old(rl, sd, -1); @@ -5165,25 +5175,32 @@ router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2) return 1; } -/** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the - * extrainfo document - * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be +/** Check whether <b>sd</b> describes a router descriptor compatible with the + * extrainfo document <b>ei</b>. + * + * <b>identity_pkey</b> (which must also be provided) is RSA1024 identity key + * for the router. We use it to check the signature of the extrainfo document, + * if it has not already been checked. + * + * If no router is compatible with <b>ei</b>, <b>ei</b> should be * dropped. Return 0 for "compatible", return 1 for "reject, and inform * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If * <b>msg</b> is present, set *<b>msg</b> to a description of the * incompatibility (if any). + * + * Set the extrainfo_is_bogus field in <b>sd</b> if the digests matched + * but the extrainfo was nonetheless incompatible. **/ int -routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri, +routerinfo_incompatible_with_extrainfo(const crypto_pk_t *identity_pkey, extrainfo_t *ei, signed_descriptor_t *sd, const char **msg) { int digest_matches, digest256_matches, r=1; - tor_assert(ri); + tor_assert(identity_pkey); + tor_assert(sd); tor_assert(ei); - if (!sd) - sd = (signed_descriptor_t*)&ri->cache_info; if (ei->bad_sig) { if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key."; @@ -5195,27 +5212,28 @@ routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri, /* Set digest256_matches to 1 if the digest is correct, or if no * digest256 was in the ri. */ digest256_matches = tor_memeq(ei->digest256, - ri->extra_info_digest256, DIGEST256_LEN); + sd->extra_info_digest256, DIGEST256_LEN); digest256_matches |= - tor_mem_is_zero(ri->extra_info_digest256, DIGEST256_LEN); + tor_mem_is_zero(sd->extra_info_digest256, DIGEST256_LEN); /* The identity must match exactly to have been generated at the same time * by the same router. */ - if (tor_memneq(ri->cache_info.identity_digest, + if (tor_memneq(sd->identity_digest, ei->cache_info.identity_digest, DIGEST_LEN)) { if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo"; goto err; /* different servers */ } - if (! tor_cert_opt_eq(ri->signing_key_cert, ei->signing_key_cert)) { + if (! tor_cert_opt_eq(sd->signing_key_cert, + ei->cache_info.signing_key_cert)) { if (msg) *msg = "Extrainfo signing key cert didn't match routerinfo"; goto err; /* different servers */ } if (ei->pending_sig) { char signed_digest[128]; - if (crypto_pk_public_checksig(ri->identity_pkey, + if (crypto_pk_public_checksig(identity_pkey, signed_digest, sizeof(signed_digest), ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN || tor_memneq(signed_digest, ei->cache_info.signed_descriptor_digest, @@ -5226,7 +5244,7 @@ routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri, goto err; /* Bad signature, or no match. */ } - ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted; + ei->cache_info.send_unencrypted = sd->send_unencrypted; tor_free(ei->pending_sig); } diff --git a/src/or/routerlist.h b/src/or/routerlist.h index bc48c2087c..67cc253c5a 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -191,7 +191,7 @@ void update_extrainfo_downloads(time_t now); void router_reset_descriptor_download_failures(void); int router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2); -int routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri, +int routerinfo_incompatible_with_extrainfo(const crypto_pk_t *ri, extrainfo_t *ei, signed_descriptor_t *sd, const char **msg); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index cec10c8f24..91025c1568 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1,4 +1,4 @@ - /* Copyright (c) 2001 Matej Pfajfar. +/* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. * Copyright (c) 2007-2016, The Tor Project, Inc. */ @@ -1405,7 +1405,8 @@ router_parse_entry_from_string(const char *s, const char *end, log_warn(LD_DIR, "Couldn't parse ed25519 cert"); goto err; } - router->signing_key_cert = cert; /* makes sure it gets freed. */ + /* makes sure it gets freed. */ + router->cache_info.signing_key_cert = cert; if (cert->cert_type != CERT_TYPE_ID_SIGNING || ! cert->signing_key_included) { @@ -1600,8 +1601,8 @@ router_parse_entry_from_string(const char *s, const char *end, } if (tok->n_args >= 2) { - if (digest256_from_base64(router->extra_info_digest256, tok->args[1]) - < 0) { + if (digest256_from_base64(router->cache_info.extra_info_digest256, + tok->args[1]) < 0) { log_warn(LD_DIR, "Invalid extra info digest256 %s", escaped(tok->args[1])); } @@ -1786,7 +1787,9 @@ extrainfo_parse_entry_from_string(const char *s, const char *end, log_warn(LD_DIR, "Couldn't parse ed25519 cert"); goto err; } - extrainfo->signing_key_cert = cert; /* makes sure it gets freed. */ + /* makes sure it gets freed. */ + extrainfo->cache_info.signing_key_cert = cert; + if (cert->cert_type != CERT_TYPE_ID_SIGNING || ! cert->signing_key_included) { log_warn(LD_DIR, "Invalid form for ed25519 cert"); diff --git a/src/test/test_connection.c b/src/test/test_connection.c index 15ae973f00..bf95b0b59f 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -11,6 +11,7 @@ #include "connection.h" #include "main.h" +#include "microdesc.h" #include "networkstatus.h" #include "rendcache.h" #include "directory.h" @@ -54,7 +55,11 @@ static int test_conn_get_rsrc_teardown(const struct testcase_t *tc, #define TEST_CONN_RSRC_STATE_SUCCESSFUL (DIR_CONN_STATE_CLIENT_FINISHED) #define TEST_CONN_RSRC_2 (networkstatus_get_flavor_name(FLAV_NS)) -#define TEST_CONN_DL_STATE (DIR_CONN_STATE_CLIENT_SENDING) +#define TEST_CONN_DL_STATE (DIR_CONN_STATE_CLIENT_READING) + +/* see AP_CONN_STATE_IS_UNATTACHED() */ +#define TEST_CONN_UNATTACHED_STATE (AP_CONN_STATE_CIRCUIT_WAIT) +#define TEST_CONN_ATTACHED_STATE (AP_CONN_STATE_CONNECT_WAIT) #define TEST_CONN_FD_INIT 50 static int mock_connection_connect_sockaddr_called = 0; @@ -109,27 +114,25 @@ test_conn_lookup_addr_helper(const char *address, int family, tor_addr_t *addr) tor_addr_make_null(addr, TEST_CONN_FAMILY); } -static void * -test_conn_get_basic_setup(const struct testcase_t *tc) +static connection_t * +test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose) { connection_t *conn = NULL; tor_addr_t addr; int socket_err = 0; int in_progress = 0; - (void)tc; MOCK(connection_connect_sockaddr, mock_connection_connect_sockaddr); init_connection_lists(); - conn = connection_new(TEST_CONN_TYPE, TEST_CONN_FAMILY); + conn = connection_new(type, TEST_CONN_FAMILY); tt_assert(conn); test_conn_lookup_addr_helper(TEST_CONN_ADDRESS, TEST_CONN_FAMILY, &addr); tt_assert(!tor_addr_is_null(&addr)); - /* XXXX - connection_connect doesn't set these, should it? */ tor_addr_copy_tight(&conn->addr, &addr); conn->port = TEST_CONN_PORT; mock_connection_connect_sockaddr_called = 0; @@ -140,8 +143,8 @@ test_conn_get_basic_setup(const struct testcase_t *tc) tt_assert(in_progress == 0 || in_progress == 1); /* fake some of the attributes so the connection looks OK */ - conn->state = TEST_CONN_STATE; - conn->purpose = TEST_CONN_BASIC_PURPOSE; + conn->state = state; + conn->purpose = purpose; assert_connection_ok(conn, time(NULL)); UNMOCK(connection_connect_sockaddr); @@ -151,12 +154,17 @@ test_conn_get_basic_setup(const struct testcase_t *tc) /* On failure */ done: UNMOCK(connection_connect_sockaddr); - test_conn_get_basic_teardown(tc, conn); - - /* Returning NULL causes the unit test to fail */ return NULL; } +static void * +test_conn_get_basic_setup(const struct testcase_t *tc) +{ + (void)tc; + return test_conn_get_connection(TEST_CONN_STATE, TEST_CONN_TYPE, + TEST_CONN_BASIC_PURPOSE); +} + static int test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg) { @@ -186,9 +194,8 @@ test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg) connection_close_immediate(conn->linked_conn); connection_mark_for_close(conn->linked_conn); } - conn->linked_conn->linked_conn = NULL; - connection_free(conn->linked_conn); - conn->linked_conn = NULL; + + close_closeable_connections(); } /* We didn't set the events up properly, so we can't use event_del() in @@ -222,7 +229,10 @@ static void * test_conn_get_rend_setup(const struct testcase_t *tc) { dir_connection_t *conn = DOWNCAST(dir_connection_t, - test_conn_get_basic_setup(tc)); + test_conn_get_connection( + TEST_CONN_STATE, + TEST_CONN_TYPE, + TEST_CONN_REND_PURPOSE)); tt_assert(conn); assert_connection_ok(&conn->base_, time(NULL)); @@ -235,7 +245,6 @@ test_conn_get_rend_setup(const struct testcase_t *tc) TEST_CONN_REND_ADDR, REND_SERVICE_ID_LEN_BASE32+1); conn->rend_data->hsdirs_fp = smartlist_new(); - conn->base_.purpose = TEST_CONN_REND_PURPOSE; assert_connection_ok(&conn->base_, time(NULL)); return conn; @@ -266,42 +275,64 @@ test_conn_get_rend_teardown(const struct testcase_t *tc, void *arg) return rv; } -static void * -test_conn_get_rsrc_setup(const struct testcase_t *tc) +static dir_connection_t * +test_conn_download_status_add_a_connection(const char *resource) { dir_connection_t *conn = DOWNCAST(dir_connection_t, - test_conn_get_basic_setup(tc)); + test_conn_get_connection( + TEST_CONN_STATE, + TEST_CONN_TYPE, + TEST_CONN_RSRC_PURPOSE)); + tt_assert(conn); assert_connection_ok(&conn->base_, time(NULL)); - /* TODO: use the canonical function to do this - maybe? */ - conn->requested_resource = tor_strdup(TEST_CONN_RSRC); - conn->base_.purpose = TEST_CONN_RSRC_PURPOSE; + /* Replace the existing resource with the one we want */ + if (resource) { + if (conn->requested_resource) { + tor_free(conn->requested_resource); + } + conn->requested_resource = tor_strdup(resource); + assert_connection_ok(&conn->base_, time(NULL)); + } - assert_connection_ok(&conn->base_, time(NULL)); return conn; - /* On failure */ done: - test_conn_get_rend_teardown(tc, conn); - /* Returning NULL causes the unit test to fail */ + test_conn_get_rsrc_teardown(NULL, conn); return NULL; } +static void * +test_conn_get_rsrc_setup(const struct testcase_t *tc) +{ + (void)tc; + return test_conn_download_status_add_a_connection(TEST_CONN_RSRC); +} + static int test_conn_get_rsrc_teardown(const struct testcase_t *tc, void *arg) { - dir_connection_t *conn = DOWNCAST(dir_connection_t, arg); int rv = 0; + connection_t *conn = (connection_t *)arg; tt_assert(conn); - assert_connection_ok(&conn->base_, time(NULL)); + assert_connection_ok(conn, time(NULL)); + + if (conn->type == CONN_TYPE_DIR) { + dir_connection_t *dir_conn = DOWNCAST(dir_connection_t, arg); + + tt_assert(dir_conn); + assert_connection_ok(&dir_conn->base_, time(NULL)); - /* avoid a last-ditch attempt to refetch the consensus */ - conn->base_.state = TEST_CONN_RSRC_STATE_SUCCESSFUL; + /* avoid a last-ditch attempt to refetch the consensus */ + dir_conn->base_.state = TEST_CONN_RSRC_STATE_SUCCESSFUL; + assert_connection_ok(&dir_conn->base_, time(NULL)); + } /* connection_free_() cleans up requested_resource */ - rv = test_conn_get_basic_teardown(tc, arg); + rv = test_conn_get_basic_teardown(tc, conn); + done: return rv; } @@ -336,14 +367,30 @@ test_conn_download_status_teardown(const struct testcase_t *tc, void *arg) return rv; } -static dir_connection_t * -test_conn_download_status_add_a_connection(void) +/* Like connection_ap_make_link(), but does much less */ +static connection_t * +test_conn_get_linked_connection(connection_t *l_conn, uint8_t state) { - dir_connection_t *conn = DOWNCAST(dir_connection_t, - test_conn_get_rsrc_setup(NULL)); + tt_assert(l_conn); + assert_connection_ok(l_conn, time(NULL)); + + /* AP connections don't seem to have purposes */ + connection_t *conn = test_conn_get_connection(state, CONN_TYPE_AP, + 0); tt_assert(conn); - assert_connection_ok(&conn->base_, time(NULL)); + assert_connection_ok(conn, time(NULL)); + + conn->linked = 1; + l_conn->linked = 1; + conn->linked_conn = l_conn; + l_conn->linked_conn = conn; + /* we never opened a real socket, so we can just overwrite it */ + conn->s = TOR_INVALID_SOCKET; + l_conn->s = TOR_INVALID_SOCKET; + + assert_connection_ok(conn, time(NULL)); + assert_connection_ok(l_conn, time(NULL)); return conn; @@ -524,44 +571,6 @@ test_conn_get_rsrc(void *arg) tt_assert(conn); assert_connection_ok(&conn->base_, time(NULL)); - tt_assert(connection_dir_get_by_purpose_and_resource( - conn->base_.purpose, - conn->requested_resource) - == conn); - tt_assert(connection_dir_get_by_purpose_and_resource( - TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) - == conn); - tt_assert(connection_dir_get_by_purpose_and_resource( - !conn->base_.purpose, - "") - == NULL); - tt_assert(connection_dir_get_by_purpose_and_resource( - !TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC_2) - == NULL); - - tt_assert(connection_dir_get_by_purpose_resource_and_state( - conn->base_.purpose, - conn->requested_resource, - conn->base_.state) - == conn); - tt_assert(connection_dir_get_by_purpose_resource_and_state( - TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC, - TEST_CONN_STATE) - == conn); - tt_assert(connection_dir_get_by_purpose_resource_and_state( - !conn->base_.purpose, - "", - !conn->base_.state) - == NULL); - tt_assert(connection_dir_get_by_purpose_resource_and_state( - !TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC_2, - !TEST_CONN_STATE) - == NULL); - sl_is_conn_assert(connection_dir_list_by_purpose_and_resource( conn->base_.purpose, conn->requested_resource), @@ -641,120 +650,208 @@ test_conn_get_rsrc(void *arg) static void test_conn_download_status(void *arg) { - (void)arg; dir_connection_t *conn = NULL; dir_connection_t *conn2 = NULL; - dir_connection_t *conn3 = NULL; - - /* no connections, no excess, not downloading */ - tt_assert(networkstatus_consensus_has_excess_connections() == 0); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 0); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 0); - - /* one connection, no excess, not downloading */ - conn = test_conn_download_status_add_a_connection(); - tt_assert(networkstatus_consensus_has_excess_connections() == 0); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 0); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 0); - - /* one connection, no excess, but downloading */ + dir_connection_t *conn4 = NULL; + connection_t *ap_conn = NULL; + + consensus_flavor_t usable_flavor = (consensus_flavor_t)arg; + + /* The "other flavor" trick only works if there are two flavors */ + tor_assert(N_CONSENSUS_FLAVORS == 2); + consensus_flavor_t other_flavor = ((usable_flavor == FLAV_NS) + ? FLAV_MICRODESC + : FLAV_NS); + const char *res = networkstatus_get_flavor_name(usable_flavor); + const char *other_res = networkstatus_get_flavor_name(other_flavor); + + /* no connections */ + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); + + /* one connection, not downloading */ + conn = test_conn_download_status_add_a_connection(res); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); + + /* one connection, downloading but not linked (not possible on a client, + * but possible on a relay) */ conn->base_.state = TEST_CONN_DL_STATE; - tt_assert(networkstatus_consensus_has_excess_connections() == 0); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 1); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); - conn->base_.state = TEST_CONN_STATE; + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); - /* two connections, excess, but not downloading */ - conn2 = test_conn_download_status_add_a_connection(); - tt_assert(networkstatus_consensus_has_excess_connections() == 1); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 0); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 0); + /* one connection, downloading and linked, but not yet attached */ + ap_conn = test_conn_get_linked_connection(TO_CONN(conn), + TEST_CONN_UNATTACHED_STATE); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); - /* two connections, excess, downloading */ - conn2->base_.state = TEST_CONN_DL_STATE; - tt_assert(networkstatus_consensus_has_excess_connections() == 1); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 1); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); - conn2->base_.state = TEST_CONN_STATE; - - /* more connections, excess, but not downloading */ - conn3 = test_conn_download_status_add_a_connection(); - tt_assert(networkstatus_consensus_has_excess_connections() == 1); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 0); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 0); - - /* more connections, excess, downloading */ - conn3->base_.state = TEST_CONN_DL_STATE; - tt_assert(networkstatus_consensus_has_excess_connections() == 1); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 1); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); - - /* more connections, more downloading */ - conn2->base_.state = TEST_CONN_DL_STATE; - tt_assert(networkstatus_consensus_has_excess_connections() == 1); - tt_assert(networkstatus_consensus_is_downloading_usable_flavor() == 1); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); + /* one connection, downloading and linked and attached */ + ap_conn->state = TEST_CONN_ATTACHED_STATE; + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); + + /* one connection, linked and attached but not downloading */ + conn->base_.state = TEST_CONN_STATE; + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); - /* now try closing the one that isn't downloading: - * these tests won't work unless tor thinks it is bootstrapping */ - tt_assert(networkstatus_consensus_is_boostrapping(time(NULL))); + /* two connections, both not downloading */ + conn2 = test_conn_download_status_add_a_connection(res); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 2); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); + /* two connections, one downloading */ + conn->base_.state = TEST_CONN_DL_STATE; + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 2); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); + conn->base_.state = TEST_CONN_STATE; + + /* more connections, all not downloading */ + /* ignore the return value, it's free'd using the connection list */ + (void)test_conn_download_status_add_a_connection(res); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 0); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); tt_assert(connection_dir_count_by_purpose_and_resource( TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) == 3); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); - tt_assert(connection_dir_close_consensus_conn_if_extra(conn) == -1); + res) == 3); tt_assert(connection_dir_count_by_purpose_and_resource( TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) == 2); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); + other_res) == 0); - /* now try closing one that is already closed - nothing happens */ - tt_assert(connection_dir_close_consensus_conn_if_extra(conn) == 0); + /* more connections, one downloading */ + conn->base_.state = TEST_CONN_DL_STATE; + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); tt_assert(connection_dir_count_by_purpose_and_resource( TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) == 2); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); + res) == 3); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 0); - /* now try closing one that is downloading - it stays open */ - tt_assert(connection_dir_close_consensus_conn_if_extra(conn2) == 0); + /* more connections, two downloading (should never happen, but needs + * to be tested for completeness) */ + conn2->base_.state = TEST_CONN_DL_STATE; + /* ignore the return value, it's free'd using the connection list */ + (void)test_conn_get_linked_connection(TO_CONN(conn2), + TEST_CONN_ATTACHED_STATE); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 3); tt_assert(connection_dir_count_by_purpose_and_resource( TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) == 2); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); + other_res) == 0); + conn->base_.state = TEST_CONN_STATE; - /* now try closing all excess connections */ - connection_dir_close_extra_consensus_conns(); + /* more connections, a different one downloading */ + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 3); tt_assert(connection_dir_count_by_purpose_and_resource( TEST_CONN_RSRC_PURPOSE, - TEST_CONN_RSRC) == 1); - tt_assert(connection_dir_avoid_extra_connection_for_purpose( - TEST_CONN_RSRC_PURPOSE) == 1); + other_res) == 0); + + /* a connection for the other flavor (could happen if a client is set to + * cache directory documents), one preferred flavor downloading + */ + conn4 = test_conn_download_status_add_a_connection(other_res); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 0); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 3); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 1); + + /* a connection for the other flavor (could happen if a client is set to + * cache directory documents), both flavors downloading + */ + conn4->base_.state = TEST_CONN_DL_STATE; + /* ignore the return value, it's free'd using the connection list */ + (void)test_conn_get_linked_connection(TO_CONN(conn4), + TEST_CONN_ATTACHED_STATE); + tt_assert(networkstatus_consensus_is_already_downloading(res) == 1); + tt_assert(networkstatus_consensus_is_already_downloading(other_res) == 1); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + res) == 3); + tt_assert(connection_dir_count_by_purpose_and_resource( + TEST_CONN_RSRC_PURPOSE, + other_res) == 1); done: - /* the teardown function removes all the connections */; + /* the teardown function removes all the connections in the global list*/; } #define CONNECTION_TESTCASE(name, fork, setup) \ { #name, test_conn_##name, fork, &setup, NULL } +/* where arg is an expression (constant, varaible, compound expression) */ +#define CONNECTION_TESTCASE_ARG(name, fork, setup, arg) \ + { #name "_" #arg, test_conn_##name, fork, &setup, (void *)arg } + struct testcase_t connection_tests[] = { CONNECTION_TESTCASE(get_basic, TT_FORK, test_conn_get_basic_st), CONNECTION_TESTCASE(get_rend, TT_FORK, test_conn_get_rend_st), CONNECTION_TESTCASE(get_rsrc, TT_FORK, test_conn_get_rsrc_st), - CONNECTION_TESTCASE(download_status, TT_FORK, test_conn_download_status_st), + CONNECTION_TESTCASE_ARG(download_status, TT_FORK, + test_conn_download_status_st, FLAV_MICRODESC), + CONNECTION_TESTCASE_ARG(download_status, TT_FORK, + test_conn_download_status_st, FLAV_NS), //CONNECTION_TESTCASE(func_suffix, TT_FORK, setup_func_pair), END_OF_TESTCASES }; diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c index 9b39199cd0..6f3e40e0ab 100644 --- a/src/test/test_crypto_slow.c +++ b/src/test/test_crypto_slow.c @@ -10,7 +10,8 @@ #include "crypto_s2k.h" #include "crypto_pwbox.h" -#if defined(HAVE_LIBSCRYPT_H) +#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) +#define HAVE_LIBSCRYPT #include <libscrypt.h> #endif @@ -129,7 +130,7 @@ test_crypto_s2k_general(void *arg) } } -#if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_EVP_PBE_SCRYPT) +#if defined(HAVE_LIBSCRYPT) && defined(HAVE_EVP_PBE_SCRYPT) static void test_libscrypt_eq_openssl(void *arg) { @@ -276,7 +277,7 @@ test_crypto_s2k_errors(void *arg) buf, sizeof(buf), "ABC", 3)); /* Truncated output */ -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz, "ABC", 3, 0)); tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 50, &sz, @@ -287,7 +288,7 @@ test_crypto_s2k_errors(void *arg) tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_new(buf, 29, &sz, "ABC", 3, S2K_FLAG_NO_SCRYPT)); -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, 0)); tt_int_op(S2K_TRUNCATED, OP_EQ, secret_to_key_make_specifier(buf, 18, S2K_FLAG_LOW_MEM)); @@ -308,7 +309,7 @@ test_crypto_s2k_errors(void *arg) secret_to_key_derivekey(buf2, sizeof(buf2), buf, 18, "ABC", 3)); -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT /* It's a bad scrypt buffer if N would overflow uint64 */ memset(buf, 0, sizeof(buf)); buf[0] = 2; /* scrypt */ @@ -329,7 +330,7 @@ test_crypto_scrypt_vectors(void *arg) uint8_t spec[64], out[64]; (void)arg; -#ifndef HAVE_LIBSCRYPT_H +#ifndef HAVE_LIBSCRYPT if (1) tt_skip(); #endif @@ -507,7 +508,7 @@ test_crypto_pwbox(void *arg) struct testcase_t slow_crypto_tests[] = { CRYPTO_LEGACY(s2k_rfc2440), -#ifdef HAVE_LIBSCRYPT_H +#ifdef HAVE_LIBSCRYPT { "s2k_scrypt", test_crypto_s2k_general, 0, &passthrough_setup, (void*)"scrypt" }, { "s2k_scrypt_low", test_crypto_s2k_general, 0, &passthrough_setup, diff --git a/src/test/test_dir.c b/src/test/test_dir.c index ea179fb02c..26b0e72a9a 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -85,6 +85,15 @@ test_dir_nicknames(void *arg) ; } +static smartlist_t *mocked_configured_ports = NULL; + +/** Returns mocked_configured_ports */ +static const smartlist_t * +mock_get_configured_ports(void) +{ + return mocked_configured_ports; +} + /** Run unit tests for router descriptor generation logic. */ static void test_dir_formats(void *arg) @@ -104,6 +113,7 @@ test_dir_formats(void *arg) or_options_t *options = get_options_mutable(); const addr_policy_t *p; time_t now = time(NULL); + port_cfg_t orport, dirport; (void)arg; pk1 = pk_generate(0); @@ -150,15 +160,15 @@ test_dir_formats(void *arg) ed25519_secret_key_from_seed(&kp2.seckey, (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); - r2->signing_key_cert = tor_cert_create(&kp1, + r2->cache_info.signing_key_cert = tor_cert_create(&kp1, CERT_TYPE_ID_SIGNING, &kp2.pubkey, now, 86400, CERT_FLAG_INCLUDE_SIGNING_KEY); char cert_buf[256]; base64_encode(cert_buf, sizeof(cert_buf), - (const char*)r2->signing_key_cert->encoded, - r2->signing_key_cert->encoded_len, + (const char*)r2->cache_info.signing_key_cert->encoded, + r2->cache_info.signing_key_cert->encoded_len, BASE64_ENCODE_MULTILINE); r2->platform = tor_strdup(platform); r2->cache_info.published_on = 5; @@ -185,9 +195,31 @@ test_dir_formats(void *arg) /* XXXX025 router_dump_to_string should really take this from ri.*/ options->ContactInfo = tor_strdup("Magri White " "<magri@elsewhere.example.com>"); + /* Skip reachability checks for DirPort and tunnelled-dir-server */ + options->AssumeReachable = 1; + + /* Fake just enough of an ORPort and DirPort to get by */ + MOCK(get_configured_ports, mock_get_configured_ports); + mocked_configured_ports = smartlist_new(); + + memset(&orport, 0, sizeof(orport)); + orport.type = CONN_TYPE_OR_LISTENER; + orport.addr.family = AF_INET; + orport.port = 9000; + smartlist_add(mocked_configured_ports, &orport); + + memset(&dirport, 0, sizeof(dirport)); + dirport.type = CONN_TYPE_DIR_LISTENER; + dirport.addr.family = AF_INET; + dirport.port = 9003; + smartlist_add(mocked_configured_ports, &dirport); buf = router_dump_router_to_string(r1, pk2, NULL, NULL, NULL); + UNMOCK(get_configured_ports); + smartlist_free(mocked_configured_ports); + mocked_configured_ports = NULL; + tor_free(options->ContactInfo); tt_assert(buf); @@ -247,7 +279,8 @@ test_dir_formats(void *arg) strlcat(buf2, "master-key-ed25519 ", sizeof(buf2)); { char k[ED25519_BASE64_LEN+1]; - tt_assert(ed25519_public_to_base64(k, &r2->signing_key_cert->signing_key) + tt_assert(ed25519_public_to_base64(k, + &r2->cache_info.signing_key_cert->signing_key) >= 0); strlcat(buf2, k, sizeof(buf2)); strlcat(buf2, "\n", sizeof(buf2)); @@ -308,6 +341,16 @@ test_dir_formats(void *arg) strlcat(buf2, "tunnelled-dir-server\n", sizeof(buf2)); strlcat(buf2, "router-sig-ed25519 ", sizeof(buf2)); + /* Fake just enough of an ORPort to get by */ + MOCK(get_configured_ports, mock_get_configured_ports); + mocked_configured_ports = smartlist_new(); + + memset(&orport, 0, sizeof(orport)); + orport.type = CONN_TYPE_OR_LISTENER; + orport.addr.family = AF_INET; + orport.port = 9005; + smartlist_add(mocked_configured_ports, &orport); + buf = router_dump_router_to_string(r2, pk1, pk2, &r2_onion_keypair, &kp2); tt_assert(buf); buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same @@ -318,6 +361,10 @@ test_dir_formats(void *arg) buf = router_dump_router_to_string(r2, pk1, NULL, NULL, NULL); + UNMOCK(get_configured_ports); + smartlist_free(mocked_configured_ports); + mocked_configured_ports = NULL; + /* Reset for later */ cp = buf; rp2 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); @@ -3995,12 +4042,56 @@ test_dir_choose_compression_level(void* data) done: ; } +static int mock_networkstatus_consensus_is_bootstrapping_value = 0; +static int +mock_networkstatus_consensus_is_bootstrapping(time_t now) +{ + (void)now; + return mock_networkstatus_consensus_is_bootstrapping_value; +} + +static int mock_networkstatus_consensus_can_use_extra_fallbacks_value = 0; +static int +mock_networkstatus_consensus_can_use_extra_fallbacks( + const or_options_t *options) +{ + (void)options; + return mock_networkstatus_consensus_can_use_extra_fallbacks_value; +} + +/* data is a 2 character nul-terminated string. + * If data[0] is 'b', set bootstrapping, anything else means not bootstrapping + * If data[1] is 'f', set extra fallbacks, anything else means no extra + * fallbacks. + */ static void test_dir_find_dl_schedule(void* data) { + const char *str = (const char *)data; + + tt_assert(strlen(data) == 2); + + if (str[0] == 'b') { + mock_networkstatus_consensus_is_bootstrapping_value = 1; + } else { + mock_networkstatus_consensus_is_bootstrapping_value = 0; + } + + if (str[1] == 'f') { + mock_networkstatus_consensus_can_use_extra_fallbacks_value = 1; + } else { + mock_networkstatus_consensus_can_use_extra_fallbacks_value = 0; + } + + MOCK(networkstatus_consensus_is_bootstrapping, + mock_networkstatus_consensus_is_bootstrapping); + MOCK(networkstatus_consensus_can_use_extra_fallbacks, + mock_networkstatus_consensus_can_use_extra_fallbacks); + download_status_t dls; - smartlist_t server, client, server_cons, client_cons, bridge; - (void)data; + smartlist_t server, client, server_cons, client_cons; + smartlist_t client_boot_auth_only_cons, client_boot_auth_cons; + smartlist_t client_boot_fallback_cons, bridge; mock_options = malloc(sizeof(or_options_t)); reset_options(mock_options, &mock_get_options_calls); @@ -4010,43 +4101,121 @@ test_dir_find_dl_schedule(void* data) mock_options->TestingClientDownloadSchedule = &client; mock_options->TestingServerConsensusDownloadSchedule = &server_cons; mock_options->TestingClientConsensusDownloadSchedule = &client_cons; + mock_options->ClientBootstrapConsensusAuthorityOnlyDownloadSchedule = + &client_boot_auth_only_cons; + mock_options->ClientBootstrapConsensusAuthorityDownloadSchedule = + &client_boot_auth_cons; + mock_options->ClientBootstrapConsensusFallbackDownloadSchedule = + &client_boot_fallback_cons; mock_options->TestingBridgeDownloadSchedule = &bridge; dls.schedule = DL_SCHED_GENERIC; + /* client */ mock_options->ClientOnly = 1; tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &client); mock_options->ClientOnly = 0; + + /* dir mode */ mock_options->DirPort_set = 1; - mock_options->ORPort_set = 1; mock_options->DirCache = 1; tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &server); + mock_options->DirPort_set = 0; + mock_options->DirCache = 0; -#if 0 dls.schedule = DL_SCHED_CONSENSUS; - mock_options->ClientOnly = 1; - mock_options->DirCache = 0; - tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &client_cons); - mock_options->ClientOnly = 0; - mock_options->DirCache = 1; + /* public server mode */ + mock_options->ORPort_set = 1; tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &server_cons); -#endif + mock_options->ORPort_set = 0; + + /* client and bridge modes */ + if (networkstatus_consensus_is_bootstrapping(time(NULL))) { + if (networkstatus_consensus_can_use_extra_fallbacks(mock_options)) { + dls.want_authority = 1; + /* client */ + mock_options->ClientOnly = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_auth_cons); + mock_options->ClientOnly = 0; + + /* bridge relay */ + mock_options->ORPort_set = 1; + mock_options->BridgeRelay = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_auth_cons); + mock_options->ORPort_set = 0; + mock_options->BridgeRelay = 0; + + dls.want_authority = 0; + /* client */ + mock_options->ClientOnly = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_fallback_cons); + mock_options->ClientOnly = 0; + + /* bridge relay */ + mock_options->ORPort_set = 1; + mock_options->BridgeRelay = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_fallback_cons); + mock_options->ORPort_set = 0; + mock_options->BridgeRelay = 0; + + } else { + /* dls.want_authority is ignored */ + /* client */ + mock_options->ClientOnly = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_auth_only_cons); + mock_options->ClientOnly = 0; + + /* bridge relay */ + mock_options->ORPort_set = 1; + mock_options->BridgeRelay = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_boot_auth_only_cons); + mock_options->ORPort_set = 0; + mock_options->BridgeRelay = 0; + } + } else { + /* client */ + mock_options->ClientOnly = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_cons); + mock_options->ClientOnly = 0; + + /* bridge relay */ + mock_options->ORPort_set = 1; + mock_options->BridgeRelay = 1; + tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, + &client_cons); + mock_options->ORPort_set = 0; + mock_options->BridgeRelay = 0; + } dls.schedule = DL_SCHED_BRIDGE; + /* client */ mock_options->ClientOnly = 1; tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &bridge); - mock_options->ClientOnly = 0; - tt_ptr_op(find_dl_schedule(&dls, mock_options), OP_EQ, &bridge); done: + UNMOCK(networkstatus_consensus_is_bootstrapping); + UNMOCK(networkstatus_consensus_can_use_extra_fallbacks); UNMOCK(get_options); + free(mock_options); + mock_options = NULL; } -#define DIR_LEGACY(name) \ +#define DIR_LEGACY(name) \ { #name, test_dir_ ## name , TT_FORK, NULL, NULL } #define DIR(name,flags) \ { #name, test_dir_##name, (flags), NULL, NULL } +/* where arg is a string constant */ +#define DIR_ARG(name,flags,arg) \ + { #name "_" arg, test_dir_##name, (flags), &passthrough_setup, (void*) arg } + struct testcase_t dir_tests[] = { DIR_LEGACY(nicknames), DIR_LEGACY(formats), @@ -4081,7 +4250,10 @@ struct testcase_t dir_tests[] = { DIR(should_not_init_request_to_dir_auths_without_v3_info, 0), DIR(should_init_request_to_dir_auths, 0), DIR(choose_compression_level, 0), - DIR(find_dl_schedule, 0), + DIR_ARG(find_dl_schedule, TT_FORK, "bf"), + DIR_ARG(find_dl_schedule, TT_FORK, "ba"), + DIR_ARG(find_dl_schedule, TT_FORK, "cf"), + DIR_ARG(find_dl_schedule, TT_FORK, "ca"), END_OF_TESTCASES }; diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c index 7db819a622..581f58b45f 100644 --- a/src/test/test_microdesc.c +++ b/src/test/test_microdesc.c @@ -483,7 +483,7 @@ test_md_generate(void *arg) md = dirvote_create_microdescriptor(ri, 21); tt_str_op(md->body, ==, test_md2_21); tt_assert(ed25519_pubkey_eq(md->ed25519_identity_pkey, - &ri->signing_key_cert->signing_key)); + &ri->cache_info.signing_key_cert->signing_key)); done: microdesc_free(md); diff --git a/src/test/test_policy.c b/src/test/test_policy.c index 48e82551e3..a939ebf54f 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -716,10 +716,9 @@ test_policies_reject_exit_address(void *arg) } static smartlist_t *test_configured_ports = NULL; -const smartlist_t *mock_get_configured_ports(void); /** Returns test_configured_ports */ -const smartlist_t * +static const smartlist_t * mock_get_configured_ports(void) { return test_configured_ports; diff --git a/src/test/test_routerlist.c b/src/test/test_routerlist.c index 497606920d..2cffa6e801 100644 --- a/src/test/test_routerlist.c +++ b/src/test/test_routerlist.c @@ -15,6 +15,7 @@ #include "container.h" #include "directory.h" #include "dirvote.h" +#include "microdesc.h" #include "networkstatus.h" #include "nodelist.h" #include "policies.h" @@ -190,6 +191,14 @@ construct_consensus(char **consensus_text_md) crypto_pk_free(sign_skey_leg); } +static int mock_usable_consensus_flavor_value = FLAV_NS; + +static int +mock_usable_consensus_flavor(void) +{ + return mock_usable_consensus_flavor_value; +} + static void test_router_pick_directory_server_impl(void *arg) { @@ -209,6 +218,22 @@ test_router_pick_directory_server_impl(void *arg) (void)arg; + MOCK(usable_consensus_flavor, mock_usable_consensus_flavor); + + /* With no consensus, we must be bootstrapping, regardless of time or flavor + */ + mock_usable_consensus_flavor_value = FLAV_NS; + tt_assert(networkstatus_consensus_is_bootstrapping(now)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60)); + tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60)); + + mock_usable_consensus_flavor_value = FLAV_MICRODESC; + tt_assert(networkstatus_consensus_is_bootstrapping(now)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60)); + tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60)); + /* No consensus available, fail early */ rs = router_pick_directory_server_impl(V3_DIRINFO, (const int) 0, NULL); tt_assert(rs == NULL); @@ -223,6 +248,28 @@ test_router_pick_directory_server_impl(void *arg) tt_int_op(smartlist_len(con_md->routerstatus_list), ==, 3); tt_assert(!networkstatus_set_current_consensus_from_ns(con_md, "microdesc")); + + /* If the consensus time or flavor doesn't match, we are still + * bootstrapping */ + mock_usable_consensus_flavor_value = FLAV_NS; + tt_assert(networkstatus_consensus_is_bootstrapping(now)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60)); + tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60)); + + /* With a valid consensus for the current time and flavor, we stop + * bootstrapping, even if we have no certificates */ + mock_usable_consensus_flavor_value = FLAV_MICRODESC; + tt_assert(!networkstatus_consensus_is_bootstrapping(now + 2000)); + tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_after)); + tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_until)); + tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_until + + 24*60*60)); + /* These times are outside the test validity period */ + tt_assert(networkstatus_consensus_is_bootstrapping(now)); + tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60)); + tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60)); + nodelist_set_consensus(con_md); nodelist_assert_ok(); @@ -362,6 +409,7 @@ test_router_pick_directory_server_impl(void *arg) node_router1->rs->last_dir_503_at = 0; done: + UNMOCK(usable_consensus_flavor); if (router1_id) tor_free(router1_id); if (router2_id) |