diff options
Diffstat (limited to 'src/test')
519 files changed, 30616 insertions, 5536 deletions
diff --git a/src/test/.may_include b/src/test/.may_include new file mode 100644 index 0000000000..11c5ffbb14 --- /dev/null +++ b/src/test/.may_include @@ -0,0 +1,2 @@ +*.h +*.inc diff --git a/src/test/Makefile.nmake b/src/test/Makefile.nmake index cfbe281b94..ca6a84cf8a 100644 --- a/src/test/Makefile.nmake +++ b/src/test/Makefile.nmake @@ -1,4 +1,4 @@ -all: test.exe test-child.exe bench.exe +all: test.exe bench.exe CFLAGS = /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common /I ..\or \ /I ..\ext @@ -19,6 +19,7 @@ TEST_OBJECTS = test.obj test_addr.obj test_channel.obj test_channeltls.obj \ test_cell_formats.obj test_relay.obj test_replay.obj \ test_channelpadding.obj \ test_circuitstats.obj \ + test_circuitpadding.obj \ test_scheduler.obj test_introduce.obj test_hs.obj tinytest.obj tinytest.obj: ..\ext\tinytest.c @@ -30,8 +31,5 @@ test.exe: $(TEST_OBJECTS) bench.exe: bench.obj $(CC) $(CFLAGS) bench.obj $(LIBS) ..\common\*.lib /Fe$@ -test-child.exe: test-child.obj - $(CC) $(CFLAGS) test-child.obj /Fe$@ - clean: - del *.obj *.lib test.exe bench.exe test-child.exe + del *.obj *.lib test.exe bench.exe diff --git a/src/test/bench.c b/src/test/bench.c index 06c616c3b0..7a8c04e802 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -14,16 +14,19 @@ #include "core/crypto/onion_tap.h" #include "core/crypto/relay_crypto.h" +#include "lib/intmath/weakrng.h" + #ifdef ENABLE_OPENSSL #include <openssl/opensslv.h> #include <openssl/evp.h> #include <openssl/ec.h> #include <openssl/ecdh.h> #include <openssl/obj_mac.h> -#endif +#endif /* defined(ENABLE_OPENSSL) */ #include "core/or/circuitlist.h" #include "app/config/config.h" +#include "app/main/subsysmgr.h" #include "lib/crypt_ops/crypto_curve25519.h" #include "lib/crypt_ops/crypto_dh.h" #include "core/crypto/onion_ntor.h" @@ -38,6 +41,9 @@ #include "lib/crypt_ops/digestset.h" #include "lib/crypt_ops/crypto_init.h" +#include "feature/dirparse/microdesc_parse.h" +#include "feature/nodelist/microdesc.h" + #if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID) static uint64_t nanostart; static inline uint64_t @@ -332,6 +338,65 @@ bench_ed25519(void) } static void +bench_rand_len(int len) +{ + const int N = 100000; + int i; + char *buf = tor_malloc(len); + uint64_t start,end; + + start = perftime(); + for (i = 0; i < N; ++i) { + crypto_rand(buf, len); + } + end = perftime(); + printf("crypto_rand(%d): %f nsec.\n", len, NANOCOUNT(start,end,N)); + + crypto_fast_rng_t *fr = crypto_fast_rng_new(); + start = perftime(); + for (i = 0; i < N; ++i) { + crypto_fast_rng_getbytes(fr,(uint8_t*)buf,len); + } + end = perftime(); + printf("crypto_fast_rng_getbytes(%d): %f nsec.\n", len, + NANOCOUNT(start,end,N)); + crypto_fast_rng_free(fr); + + if (len <= 32) { + start = perftime(); + for (i = 0; i < N; ++i) { + crypto_strongest_rand((uint8_t*)buf, len); + } + end = perftime(); + printf("crypto_strongest_rand(%d): %f nsec.\n", len, + NANOCOUNT(start,end,N)); + } + + if (len == 4) { + tor_weak_rng_t weak; + tor_init_weak_random(&weak, 1337); + + start = perftime(); + uint32_t t=0; + for (i = 0; i < N; ++i) { + t += tor_weak_random(&weak); + } + end = perftime(); + printf("weak_rand(4): %f nsec.\n", NANOCOUNT(start,end,N)); + } + + tor_free(buf); +} + +static void +bench_rand(void) +{ + bench_rand_len(4); + bench_rand_len(16); + bench_rand_len(128); +} + +static void bench_cell_aes(void) { uint64_t start, end; @@ -636,7 +701,42 @@ bench_ecdh_p224(void) { bench_ecdh_impl(NID_secp224r1, "P-224"); } -#endif +#endif /* defined(ENABLE_OPENSSL) */ + +static void +bench_md_parse(void) +{ + uint64_t start, end; + const int N = 100000; + // selected arbitrarily + const char md_text[] = + "@last-listed 2018-12-14 18:14:14\n" + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAMHkZeXNDX/49JqM2BVLmh1Fnb5iMVnatvZZTLJyedqDLkbXZ1WKP5oh\n" + "7ec14dj/k3ntpwHD4s2o3Lb6nfagWbug4+F/rNJ7JuFru/PSyOvDyHGNAuegOXph\n" + "3gTGjdDpv/yPoiadGebbVe8E7n6hO+XxM2W/4dqheKimF0/s9B7HAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "ntor-onion-key QgF/EjqlNG1wRHLIop/nCekEH+ETGZSgYOhu26eiTF4=\n" + "family $00E9A86E7733240E60D8435A7BBD634A23894098 " + "$329BD7545DEEEBBDC8C4285F243916F248972102 " + "$69E06EBB2573A4F89330BDF8BC869794A3E10E4D " + "$DCA2A3FAE50B3729DAA15BC95FB21AF03389818B\n" + "p accept 53,80,443,5222-5223,25565\n" + "id ed25519 BzffzY99z6Q8KltcFlUTLWjNTBU7yKK+uQhyi1Ivb3A\n"; + + reset_perftime(); + start = perftime(); + for (int i = 0; i < N; ++i) { + smartlist_t *s = microdescs_parse_from_string(md_text, NULL, 1, + SAVED_IN_CACHE, NULL); + SMARTLIST_FOREACH(s, microdesc_t *, md, microdesc_free(md)); + smartlist_free(s); + } + + end = perftime(); + printf("Microdesc parse: %f nsec\n", NANOCOUNT(start, end, N)); +} typedef void (*bench_fn)(void); @@ -656,6 +756,7 @@ static struct benchmark_t benchmarks[] = { ENT(onion_TAP), ENT(onion_ntor), ENT(ed25519), + ENT(rand), ENT(cell_aes), ENT(cell_ops), @@ -665,6 +766,8 @@ static struct benchmark_t benchmarks[] = { ENT(ecdh_p256), ENT(ecdh_p224), #endif + + ENT(md_parse), {NULL,NULL,0} }; @@ -690,9 +793,10 @@ main(int argc, const char **argv) char *errmsg; or_options_t *options; - tor_threads_init(); + subsystems_init_upto(SUBSYS_LEVEL_LIBS); + flush_log_messages_from_startup(); + tor_compress_init(); - init_logging(1); if (argc == 4 && !strcmp(argv[1], "diff")) { const int N = 200; @@ -702,11 +806,13 @@ main(int argc, const char **argv) perror("X"); return 1; } + size_t f1len = strlen(f1); + size_t f2len = strlen(f2); for (i = 0; i < N; ++i) { - char *diff = consensus_diff_generate(f1, f2); + char *diff = consensus_diff_generate(f1, f1len, f2, f2len); tor_free(diff); } - char *diff = consensus_diff_generate(f1, f2); + char *diff = consensus_diff_generate(f1, f1len, f2, f2len); printf("%s", diff); tor_free(f1); tor_free(f2); @@ -737,7 +843,6 @@ main(int argc, const char **argv) init_protocol_warning_severity_level(); options = options_new(); - init_logging(1); options->command = CMD_RUN_UNITTESTS; options->DataDirectory = tor_strdup(""); options->KeyDirectory = tor_strdup(""); diff --git a/src/test/bt_test.py b/src/test/bt_test.py index f9ca79efde..d728f13596 100755 --- a/src/test/bt_test.py +++ b/src/test/bt_test.py @@ -15,7 +15,11 @@ OK """ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division from __future__ import print_function +from __future__ import unicode_literals + import sys diff --git a/src/test/conf_examples/badnick_1/error b/src/test/conf_examples/badnick_1/error new file mode 100644 index 0000000000..3e92ddc832 --- /dev/null +++ b/src/test/conf_examples/badnick_1/error @@ -0,0 +1 @@ +nicknames must be between 1 and 19 characters inclusive diff --git a/src/test/conf_examples/badnick_1/expected_log_no_dirauth_relay b/src/test/conf_examples/badnick_1/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..9190a3326b --- /dev/null +++ b/src/test/conf_examples/badnick_1/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*badnick_1[./]*torrc diff --git a/src/test/conf_examples/badnick_1/expected_no_dirauth_relay b/src/test/conf_examples/badnick_1/expected_no_dirauth_relay new file mode 100644 index 0000000000..b00be15c2e --- /dev/null +++ b/src/test/conf_examples/badnick_1/expected_no_dirauth_relay @@ -0,0 +1 @@ +Nickname TooManyCharactersInThisNickname diff --git a/src/test/conf_examples/badnick_1/torrc b/src/test/conf_examples/badnick_1/torrc new file mode 100644 index 0000000000..087e3f2ff1 --- /dev/null +++ b/src/test/conf_examples/badnick_1/torrc @@ -0,0 +1,4 @@ +# This nickname is too long; we won't accept it. +# (Unless the relay module is disabled, because Nickname is a +# relay-only option. We'll ignore all relay-only options in #32395.) +Nickname TooManyCharactersInThisNickname diff --git a/src/test/conf_examples/badnick_2/error b/src/test/conf_examples/badnick_2/error new file mode 100644 index 0000000000..ceac99f012 --- /dev/null +++ b/src/test/conf_examples/badnick_2/error @@ -0,0 +1 @@ +must contain only the characters \[a-zA-Z0-9\] diff --git a/src/test/conf_examples/badnick_2/expected_log_no_dirauth_relay b/src/test/conf_examples/badnick_2/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..a15c7b02cb --- /dev/null +++ b/src/test/conf_examples/badnick_2/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*badnick_2[./]*torrc diff --git a/src/test/conf_examples/badnick_2/expected_no_dirauth_relay b/src/test/conf_examples/badnick_2/expected_no_dirauth_relay new file mode 100644 index 0000000000..08dcdc33a9 --- /dev/null +++ b/src/test/conf_examples/badnick_2/expected_no_dirauth_relay @@ -0,0 +1 @@ +Nickname has a space diff --git a/src/test/conf_examples/badnick_2/torrc b/src/test/conf_examples/badnick_2/torrc new file mode 100644 index 0000000000..51a5f96c00 --- /dev/null +++ b/src/test/conf_examples/badnick_2/torrc @@ -0,0 +1,4 @@ +# this nickname has spaces in it and won't work. +# (Unless the relay module is disabled, because Nickname is a +# relay-only option. We'll ignore all relay-only options in #32395.) +Nickname has a space diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth b/src/test/conf_examples/bridgeauth_1/error_no_dirauth new file mode 100644 index 0000000000..e6bd5db69c --- /dev/null +++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth @@ -0,0 +1 @@ +This tor was built with dirauth mode disabled. diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay new file mode 100644 index 0000000000..e6bd5db69c --- /dev/null +++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with dirauth mode disabled. diff --git a/src/test/conf_examples/bridgeauth_1/expected b/src/test/conf_examples/bridgeauth_1/expected new file mode 100644 index 0000000000..d43aaf2c8b --- /dev/null +++ b/src/test/conf_examples/bridgeauth_1/expected @@ -0,0 +1,7 @@ +Address 198.51.100.123 +AuthoritativeDirectory 1 +BridgeAuthoritativeDir 1 +ContactInfo tor_parse_test@example.com +DirPort 80 +Nickname Unnamed +ORPort 443 diff --git a/src/test/conf_examples/bridgeauth_1/expected_log b/src/test/conf_examples/bridgeauth_1/expected_log new file mode 100644 index 0000000000..cabe9d3f89 --- /dev/null +++ b/src/test/conf_examples/bridgeauth_1/expected_log @@ -0,0 +1 @@ +Read configuration file .*bridgeauth_1[./]*torrc diff --git a/src/test/conf_examples/bridgeauth_1/torrc b/src/test/conf_examples/bridgeauth_1/torrc new file mode 100644 index 0000000000..740bc6c2eb --- /dev/null +++ b/src/test/conf_examples/bridgeauth_1/torrc @@ -0,0 +1,8 @@ +AuthoritativeDirectory 1 +BridgeAuthoritativeDir 1 + +ContactInfo tor_parse_test@example.com + +Address 198.51.100.123 +ORPort 443 +DirPort 80 diff --git a/src/test/conf_examples/contactinfo_notutf8/error b/src/test/conf_examples/contactinfo_notutf8/error new file mode 100644 index 0000000000..6d165152ce --- /dev/null +++ b/src/test/conf_examples/contactinfo_notutf8/error @@ -0,0 +1 @@ +ContactInfo config option must be UTF-8 diff --git a/src/test/conf_examples/contactinfo_notutf8/expected_log_no_dirauth_relay b/src/test/conf_examples/contactinfo_notutf8/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..caa07aca40 --- /dev/null +++ b/src/test/conf_examples/contactinfo_notutf8/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*contactinfo_notutf8[./]*torrc diff --git a/src/test/conf_examples/contactinfo_notutf8/expected_no_dirauth_relay b/src/test/conf_examples/contactinfo_notutf8/expected_no_dirauth_relay new file mode 100644 index 0000000000..cc8bd7b8e3 --- /dev/null +++ b/src/test/conf_examples/contactinfo_notutf8/expected_no_dirauth_relay @@ -0,0 +1 @@ +ContactInfo "\304\353\304\353\304\353@example.com" diff --git a/src/test/conf_examples/contactinfo_notutf8/torrc b/src/test/conf_examples/contactinfo_notutf8/torrc new file mode 100644 index 0000000000..0176a56a97 --- /dev/null +++ b/src/test/conf_examples/contactinfo_notutf8/torrc @@ -0,0 +1,5 @@ +# We only accept ContactInfo in UTF-8 (or 7-bit ASCII) +# (Unless the relay module is disabled, because ContactInfo is a +# relay-only option. We'll ignore all relay-only options in #32395. +# But at the moment, tor canonicalises and quotes the string.) +ContactInfo ÄëÄëÄë@example.com diff --git a/src/test/conf_examples/controlsock/error b/src/test/conf_examples/controlsock/error new file mode 100644 index 0000000000..8fbea37894 --- /dev/null +++ b/src/test/conf_examples/controlsock/error @@ -0,0 +1 @@ +not supported on this OS\|without setting a ControlSocket diff --git a/src/test/conf_examples/controlsock/torrc b/src/test/conf_examples/controlsock/torrc new file mode 100644 index 0000000000..dd3cb7ede5 --- /dev/null +++ b/src/test/conf_examples/controlsock/torrc @@ -0,0 +1 @@ +ControlSocketsGroupWritable 1 diff --git a/src/test/conf_examples/crypto_accel/expected b/src/test/conf_examples/crypto_accel/expected new file mode 100644 index 0000000000..ea80ca19dc --- /dev/null +++ b/src/test/conf_examples/crypto_accel/expected @@ -0,0 +1,2 @@ +AccelName nonexistent_chartreuse_accelerator +HardwareAccel 1 diff --git a/src/test/conf_examples/crypto_accel/expected_log b/src/test/conf_examples/crypto_accel/expected_log new file mode 100644 index 0000000000..7fab0c8dad --- /dev/null +++ b/src/test/conf_examples/crypto_accel/expected_log @@ -0,0 +1 @@ +Unable to load dynamic OpenSSL engine "nonexistent_chartreuse_accelerator" diff --git a/src/test/conf_examples/crypto_accel/expected_log_nss b/src/test/conf_examples/crypto_accel/expected_log_nss new file mode 100644 index 0000000000..c0fe7b003c --- /dev/null +++ b/src/test/conf_examples/crypto_accel/expected_log_nss @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, NSS .*, Zlib .*, Liblzma .*, and Libzstd .* diff --git a/src/test/conf_examples/crypto_accel/expected_nss b/src/test/conf_examples/crypto_accel/expected_nss new file mode 100644 index 0000000000..ea80ca19dc --- /dev/null +++ b/src/test/conf_examples/crypto_accel/expected_nss @@ -0,0 +1,2 @@ +AccelName nonexistent_chartreuse_accelerator +HardwareAccel 1 diff --git a/src/test/conf_examples/crypto_accel/torrc b/src/test/conf_examples/crypto_accel/torrc new file mode 100644 index 0000000000..9ca18903b7 --- /dev/null +++ b/src/test/conf_examples/crypto_accel/torrc @@ -0,0 +1,3 @@ + +AccelName nonexistent_chartreuse_accelerator +HardwareAccel 1 diff --git a/src/test/conf_examples/crypto_accel_req/error b/src/test/conf_examples/crypto_accel_req/error new file mode 100644 index 0000000000..e12e002915 --- /dev/null +++ b/src/test/conf_examples/crypto_accel_req/error @@ -0,0 +1 @@ +Unable to load required dynamic OpenSSL engine "nonexistent_chartreuse_accelerator" diff --git a/src/test/conf_examples/crypto_accel_req/expected_log_nss b/src/test/conf_examples/crypto_accel_req/expected_log_nss new file mode 100644 index 0000000000..c0fe7b003c --- /dev/null +++ b/src/test/conf_examples/crypto_accel_req/expected_log_nss @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, NSS .*, Zlib .*, Liblzma .*, and Libzstd .* diff --git a/src/test/conf_examples/crypto_accel_req/expected_nss b/src/test/conf_examples/crypto_accel_req/expected_nss new file mode 100644 index 0000000000..f3e172f640 --- /dev/null +++ b/src/test/conf_examples/crypto_accel_req/expected_nss @@ -0,0 +1,2 @@ +AccelName !nonexistent_chartreuse_accelerator +HardwareAccel 1 diff --git a/src/test/conf_examples/crypto_accel_req/torrc b/src/test/conf_examples/crypto_accel_req/torrc new file mode 100644 index 0000000000..981d9116fc --- /dev/null +++ b/src/test/conf_examples/crypto_accel_req/torrc @@ -0,0 +1,3 @@ + +AccelName !nonexistent_chartreuse_accelerator +HardwareAccel 1 diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth b/src/test/conf_examples/dirauth_1/error_no_dirauth new file mode 100644 index 0000000000..e6bd5db69c --- /dev/null +++ b/src/test/conf_examples/dirauth_1/error_no_dirauth @@ -0,0 +1 @@ +This tor was built with dirauth mode disabled. diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth_relay b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay new file mode 100644 index 0000000000..e6bd5db69c --- /dev/null +++ b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with dirauth mode disabled. diff --git a/src/test/conf_examples/dirauth_1/expected b/src/test/conf_examples/dirauth_1/expected new file mode 100644 index 0000000000..901f7d947f --- /dev/null +++ b/src/test/conf_examples/dirauth_1/expected @@ -0,0 +1,8 @@ +Address 192.0.2.1 +AuthoritativeDirectory 1 +ContactInfo tor_parse_test@example.net +DirPort 9030 +DownloadExtraInfo 1 +Nickname Unnamed +ORPort 9001 +V3AuthoritativeDirectory 1 diff --git a/src/test/conf_examples/dirauth_1/expected_log b/src/test/conf_examples/dirauth_1/expected_log new file mode 100644 index 0000000000..b788be2e33 --- /dev/null +++ b/src/test/conf_examples/dirauth_1/expected_log @@ -0,0 +1 @@ +Read configuration file .*dirauth_1[./]*torrc diff --git a/src/test/conf_examples/dirauth_1/torrc b/src/test/conf_examples/dirauth_1/torrc new file mode 100644 index 0000000000..b870e6e8e0 --- /dev/null +++ b/src/test/conf_examples/dirauth_1/torrc @@ -0,0 +1,8 @@ +AuthoritativeDirectory 1 +V3AuthoritativeDirectory 1 + +ContactInfo tor_parse_test@example.net + +Address 192.0.2.1 +ORPort 9001 +DirPort 9030 diff --git a/src/test/conf_examples/dirauth_2/expected b/src/test/conf_examples/dirauth_2/expected new file mode 100644 index 0000000000..19ab024ed3 --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected @@ -0,0 +1 @@ +AuthDirMaxServersPerAddr 8 diff --git a/src/test/conf_examples/dirauth_2/expected_log b/src/test/conf_examples/dirauth_2/expected_log new file mode 100644 index 0000000000..88611fee9d --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected_log @@ -0,0 +1 @@ +Read configuration file diff --git a/src/test/conf_examples/dirauth_2/expected_log_no_dirauth b/src/test/conf_examples/dirauth_2/expected_log_no_dirauth new file mode 100644 index 0000000000..01110c5d8c --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected_log_no_dirauth @@ -0,0 +1 @@ +This copy of Tor was built without support for the option "AuthDirMaxServersPerAddr". Skipping.
\ No newline at end of file diff --git a/src/test/conf_examples/dirauth_2/expected_log_no_dirauth_relay b/src/test/conf_examples/dirauth_2/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..01110c5d8c --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +This copy of Tor was built without support for the option "AuthDirMaxServersPerAddr". Skipping.
\ No newline at end of file diff --git a/src/test/conf_examples/dirauth_2/expected_no_dirauth b/src/test/conf_examples/dirauth_2/expected_no_dirauth new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected_no_dirauth diff --git a/src/test/conf_examples/dirauth_2/expected_no_dirauth_relay b/src/test/conf_examples/dirauth_2/expected_no_dirauth_relay new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/dirauth_2/expected_no_dirauth_relay diff --git a/src/test/conf_examples/dirauth_2/torrc b/src/test/conf_examples/dirauth_2/torrc new file mode 100644 index 0000000000..bd1cdbc8b9 --- /dev/null +++ b/src/test/conf_examples/dirauth_2/torrc @@ -0,0 +1,5 @@ +# +# This will get accepted if the module is enabled, and ignored if the module +# is disabled. +# +AuthDirMaxServersPerAddr 8 diff --git a/src/test/conf_examples/empty_1/expected b/src/test/conf_examples/empty_1/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_1/expected diff --git a/src/test/conf_examples/empty_1/expected_log b/src/test/conf_examples/empty_1/expected_log new file mode 100644 index 0000000000..4c6b00069f --- /dev/null +++ b/src/test/conf_examples/empty_1/expected_log @@ -0,0 +1 @@ +Read configuration file .*empty_1[./]*torrc diff --git a/src/test/conf_examples/empty_1/torrc b/src/test/conf_examples/empty_1/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_1/torrc diff --git a/src/test/conf_examples/empty_2/cmdline b/src/test/conf_examples/empty_2/cmdline new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_2/cmdline diff --git a/src/test/conf_examples/empty_2/expected b/src/test/conf_examples/empty_2/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_2/expected diff --git a/src/test/conf_examples/empty_2/expected_log b/src/test/conf_examples/empty_2/expected_log new file mode 100644 index 0000000000..9c846a03f3 --- /dev/null +++ b/src/test/conf_examples/empty_2/expected_log @@ -0,0 +1 @@ +Read configuration file .*empty_2[./]*torrc\.defaults diff --git a/src/test/conf_examples/empty_2/torrc b/src/test/conf_examples/empty_2/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_2/torrc diff --git a/src/test/conf_examples/empty_2/torrc.defaults b/src/test/conf_examples/empty_2/torrc.defaults new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_2/torrc.defaults diff --git a/src/test/conf_examples/empty_3/expected b/src/test/conf_examples/empty_3/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_3/expected diff --git a/src/test/conf_examples/empty_3/expected_log b/src/test/conf_examples/empty_3/expected_log new file mode 100644 index 0000000000..e3f2365893 --- /dev/null +++ b/src/test/conf_examples/empty_3/expected_log @@ -0,0 +1 @@ +Processing configuration path \".*included\" at recursion level 1\. diff --git a/src/test/conf_examples/empty_3/included/empty b/src/test/conf_examples/empty_3/included/empty new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/empty_3/included/empty diff --git a/src/test/conf_examples/empty_3/torrc b/src/test/conf_examples/empty_3/torrc new file mode 100644 index 0000000000..049b438903 --- /dev/null +++ b/src/test/conf_examples/empty_3/torrc @@ -0,0 +1 @@ +%include "included" diff --git a/src/test/conf_examples/empty_4/error b/src/test/conf_examples/empty_4/error new file mode 100644 index 0000000000..e6c2f7d885 --- /dev/null +++ b/src/test/conf_examples/empty_4/error @@ -0,0 +1 @@ +Unable to open configuration file
\ No newline at end of file diff --git a/src/test/conf_examples/example_1/expected b/src/test/conf_examples/example_1/expected new file mode 100644 index 0000000000..9d6688a565 --- /dev/null +++ b/src/test/conf_examples/example_1/expected @@ -0,0 +1,2 @@ +ContactInfo tor_tellini@example.com +SocksPort 80 diff --git a/src/test/conf_examples/example_1/expected_log b/src/test/conf_examples/example_1/expected_log new file mode 100644 index 0000000000..8f83eec988 --- /dev/null +++ b/src/test/conf_examples/example_1/expected_log @@ -0,0 +1 @@ +Read configuration file .*example_1[./]*torrc diff --git a/src/test/conf_examples/example_1/torrc b/src/test/conf_examples/example_1/torrc new file mode 100644 index 0000000000..bff7fa0aa2 --- /dev/null +++ b/src/test/conf_examples/example_1/torrc @@ -0,0 +1,5 @@ + +# Here is a simple example torrc. + SocksPort 80 + +ContactInfo "tor_tellini@example.com" diff --git a/src/test/conf_examples/example_2/error b/src/test/conf_examples/example_2/error new file mode 100644 index 0000000000..ce18b68db4 --- /dev/null +++ b/src/test/conf_examples/example_2/error @@ -0,0 +1 @@ +Unknown option 'JumpingJellyjars' diff --git a/src/test/conf_examples/example_2/torrc b/src/test/conf_examples/example_2/torrc new file mode 100644 index 0000000000..8ec8133b24 --- /dev/null +++ b/src/test/conf_examples/example_2/torrc @@ -0,0 +1 @@ +JumpingJellyjars 1 diff --git a/src/test/conf_examples/example_3/cmdline b/src/test/conf_examples/example_3/cmdline new file mode 100644 index 0000000000..5b2fadcebb --- /dev/null +++ b/src/test/conf_examples/example_3/cmdline @@ -0,0 +1 @@ +--socksport 99 diff --git a/src/test/conf_examples/example_3/expected b/src/test/conf_examples/example_3/expected new file mode 100644 index 0000000000..867fb8bcc8 --- /dev/null +++ b/src/test/conf_examples/example_3/expected @@ -0,0 +1 @@ +SocksPort 99 diff --git a/src/test/conf_examples/example_3/expected_log b/src/test/conf_examples/example_3/expected_log new file mode 100644 index 0000000000..807f9c2fc8 --- /dev/null +++ b/src/test/conf_examples/example_3/expected_log @@ -0,0 +1 @@ +Read configuration file .*example_3[./]*torrc diff --git a/src/test/conf_examples/example_3/torrc b/src/test/conf_examples/example_3/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/example_3/torrc diff --git a/src/test/conf_examples/include_1/error_no_dirauth_relay b/src/test/conf_examples/include_1/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/include_1/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/include_1/expected b/src/test/conf_examples/include_1/expected new file mode 100644 index 0000000000..4bbf52ce9f --- /dev/null +++ b/src/test/conf_examples/include_1/expected @@ -0,0 +1,3 @@ +ContactInfo includefile@example.com +Nickname nested +ORPort 8008 diff --git a/src/test/conf_examples/include_1/expected_log b/src/test/conf_examples/include_1/expected_log new file mode 100644 index 0000000000..0791a494d2 --- /dev/null +++ b/src/test/conf_examples/include_1/expected_log @@ -0,0 +1 @@ +Processing configuration path \".*nested\.inc\" at recursion level 2\. diff --git a/src/test/conf_examples/include_1/included.inc b/src/test/conf_examples/include_1/included.inc new file mode 100644 index 0000000000..8d1834345d --- /dev/null +++ b/src/test/conf_examples/include_1/included.inc @@ -0,0 +1,4 @@ + +ContactInfo includefile@example.com + +%include "nested.inc"
\ No newline at end of file diff --git a/src/test/conf_examples/include_1/nested.inc b/src/test/conf_examples/include_1/nested.inc new file mode 100644 index 0000000000..789b044a2b --- /dev/null +++ b/src/test/conf_examples/include_1/nested.inc @@ -0,0 +1,2 @@ + +Nickname nested
\ No newline at end of file diff --git a/src/test/conf_examples/include_1/torrc b/src/test/conf_examples/include_1/torrc new file mode 100644 index 0000000000..2ed4074f6e --- /dev/null +++ b/src/test/conf_examples/include_1/torrc @@ -0,0 +1,4 @@ + +%include "included.inc" + +ORPort 8008 diff --git a/src/test/conf_examples/include_bug_31408/error_no_dirauth_relay b/src/test/conf_examples/include_bug_31408/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/include_bug_31408/expected b/src/test/conf_examples/include_bug_31408/expected new file mode 100644 index 0000000000..2e822f1a78 --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/expected @@ -0,0 +1,2 @@ +Nickname test31408 +ORPort 31408 diff --git a/src/test/conf_examples/include_bug_31408/expected_log b/src/test/conf_examples/include_bug_31408/expected_log new file mode 100644 index 0000000000..e3f2365893 --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/expected_log @@ -0,0 +1 @@ +Processing configuration path \".*included\" at recursion level 1\. diff --git a/src/test/conf_examples/include_bug_31408/included/01_nickname.inc b/src/test/conf_examples/include_bug_31408/included/01_nickname.inc new file mode 100644 index 0000000000..508dd89a35 --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/included/01_nickname.inc @@ -0,0 +1 @@ +Nickname test31408 diff --git a/src/test/conf_examples/include_bug_31408/included/02_no_configs.inc b/src/test/conf_examples/include_bug_31408/included/02_no_configs.inc new file mode 100644 index 0000000000..140e927f19 --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/included/02_no_configs.inc @@ -0,0 +1,3 @@ +# Bug 31048 is triggered when the last file in a config directory: +# * contains no configuration options, +# * but is non-empty: that is, it contains comments or whitespace. diff --git a/src/test/conf_examples/include_bug_31408/torrc b/src/test/conf_examples/include_bug_31408/torrc new file mode 100644 index 0000000000..a42685e93c --- /dev/null +++ b/src/test/conf_examples/include_bug_31408/torrc @@ -0,0 +1,2 @@ +%include "included" +ORPort 31408 diff --git a/src/test/conf_examples/large_1/error_no_dirauth_relay b/src/test/conf_examples/large_1/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/large_1/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/large_1/expected b/src/test/conf_examples/large_1/expected new file mode 100644 index 0000000000..99a12ffc84 --- /dev/null +++ b/src/test/conf_examples/large_1/expected @@ -0,0 +1,158 @@ +AccountingMax 10737418240 +AccountingRule sum +AccountingStart day 05:15 +Address 128.66.8.8 +AllowNonRFC953Hostnames 1 +AndroidIdentityTag droidy +AutomapHostsOnResolve 1 +AutomapHostsSuffixes .onions +AvoidDiskWrites 1 +BandwidthBurst 2147483647 +BandwidthRate 1610612736 +Bridge 128.66.1.10:80 +CacheDirectory /this-is-a-cache +CellStatistics 1 +CircuitBuildTimeout 200 +CircuitsAvailableTimeout 10 +CircuitStreamTimeout 20 +ClientOnly 1 +ClientPreferIPv6DirPort 1 +ClientPreferIPv6ORPort 1 +ClientRejectInternalAddresses 0 +ClientUseIPv4 0 +ClientUseIPv6 1 +ConnDirectionStatistics 1 +ConnectionPadding 1 +ConnLimit 64 +ConsensusParams wombat=7 +ConstrainedSockets 1 +ConstrainedSockSize 10240 +ContactInfo long_config@example.com +ControlPortFileGroupReadable 1 +ControlPort 9058 +CookieAuthentication 1 +CookieAuthFile /control/cookie +CookieAuthFileGroupReadable 1 +CountPrivateBandwidth 1 +DataDirectory /data/dir +DirAllowPrivateAddresses 1 +DirPolicy reject 128.66.1.1/32, accept *:* +DirPortFrontPage /dirport/frontpage +DirPort 99 +DirReqStatistics 0 +DisableDebuggerAttachment 0 +DisableNetwork 1 +DisableOOSCheck 0 +DNSPort 53535 +DormantCanceledByStartup 1 +DormantClientTimeout 1260 +DormantOnFirstStartup 1 +DormantTimeoutDisabledByIdleStreams 0 +DoSCircuitCreationBurst 1000 +DoSCircuitCreationDefenseTimePeriod 300 +DoSCircuitCreationDefenseType 2 +DoSCircuitCreationEnabled 1 +DoSCircuitCreationMinConnections 10 +DoSCircuitCreationRate 100 +DoSConnectionDefenseType 2 +DoSConnectionEnabled 1 +DoSConnectionMaxConcurrentCount 6 +DoSRefuseSingleHopClientRendezvous 0 +DownloadExtraInfo 1 +EnforceDistinctSubnets 0 +EntryNodes potrzebie,triffid,cromulent +EntryStatistics 1 +ExcludeExitNodes blaznort,kriffid,zeppelin +ExcludeNodes 128.66.7.6 +ExitNodes 128.66.7.7,128.66.128.0/17,exitexit +ExitPolicy accept *:80,reject *:* +ExitPolicyRejectLocalInterfaces 1 +ExitPolicyRejectPrivate 0 +ExitPortStatistics 1 +ExitRelay 1 +ExtendAllowPrivateAddresses 1 +ExtendByEd25519ID 1 +ExtORPortCookieAuthFile /foobar +ExtORPort 99 +FascistFirewall 1 +FetchDirInfoEarly 1 +FetchDirInfoExtraEarly 1 +FetchUselessDescriptors 1 +FirewallPorts 80,443,999 +GeoIPExcludeUnknown 1 +GeoIPFile /geoip +GuardfractionFile /gff +GuardLifetime 691200 +HeartbeatPeriod 2700 +IPv6Exit 1 +KeepalivePeriod 540 +KeyDirectory /keyz +KISTSchedRunInterval 1 +Log notice file /logfile +Log info file /logfile-verbose +LogTimeGranularity 60000 +LongLivedPorts 9090 +MainloopStats 1 +MapAddress www.example.com:10.0.0.6 +MaxAdvertisedBandwidth 100 +MaxCircuitDirtiness 3600 +MaxClientCircuitsPending 127 +MaxConsensusAgeForDiffs 2629728 +MaxMemInQueues 314572800 +MaxOnionQueueDelay 60000 +MaxUnparseableDescSizeToLog 1048576 +MiddleNodes grommit,truffle,parcheesi +MyFamily $ffffffffffffffffffffffffffffffffffffffff +NewCircuitPeriod 7200 +Nickname nickname +NodeFamily $ffffffffffffffffffffffffffffffffffffffff,$dddddddddddddddddddddddddddddddddddddddd +NumCPUs 3 +NumDirectoryGuards 4 +NumEntryGuards 5 +NumPrimaryGuards 8 +OfflineMasterKey 1 +OptimisticData 1 +ORPort 2222 +OutboundBindAddress 10.0.0.7 +OutboundBindAddressExit 10.0.0.8 +OutboundBindAddressOR 10.0.0.9 +PerConnBWBurst 10485760 +PerConnBWRate 102400 +PidFile /piddy +ProtocolWarnings 1 +PublishHidServDescriptors 0 +PublishServerDescriptor 0 +ReachableAddresses 0.0.0.0, *:* +ReachableDirAddresses 128.0.0.0/1 +ReachableORAddresses 128.0.0.0/8 +RejectPlaintextPorts 23 +RelayBandwidthBurst 10000 +RelayBandwidthRate 1000 +RendPostPeriod 600 +RephistTrackTime 600 +SafeLogging 0 +Schedulers Vanilla,KISTLite,Kist +ShutdownWaitLength 10 +SigningKeyLifetime 4838400 +Socks5Proxy 128.66.99.99:99 +Socks5ProxyPassword flynn +Socks5ProxyUsername spaceparanoids +SocksPolicy accept 127.0.0.0/24, reject *:* +SocksPort 9099 +SocksTimeout 600 +SSLKeyLifetime 86400 +StrictNodes 1 +SyslogIdentityTag tortor +TestSocks 1 +TokenBucketRefillInterval 1000 +TrackHostExits www.example.com +TrackHostExitsExpire 3600 +TruncateLogFile 1 +UnixSocksGroupWritable 1 +UpdateBridgesFromAuthority 1 +UseDefaultFallbackDirs 0 +UseGuardFraction 1 +UseMicrodescriptors 0 +VirtualAddrNetworkIPv4 18.66.0.0/16 +VirtualAddrNetworkIPv6 [ff00::]/16 +WarnPlaintextPorts 7,11,23,1001 diff --git a/src/test/conf_examples/large_1/expected_log b/src/test/conf_examples/large_1/expected_log new file mode 100644 index 0000000000..21248bb5e4 --- /dev/null +++ b/src/test/conf_examples/large_1/expected_log @@ -0,0 +1 @@ +Your log may contain sensitive information diff --git a/src/test/conf_examples/large_1/expected_log_no_dirauth b/src/test/conf_examples/large_1/expected_log_no_dirauth new file mode 100644 index 0000000000..0b74de4e40 --- /dev/null +++ b/src/test/conf_examples/large_1/expected_log_no_dirauth @@ -0,0 +1 @@ +This copy of Tor was built without support for the option "ConsensusParams". Skipping. diff --git a/src/test/conf_examples/large_1/expected_no_dirauth b/src/test/conf_examples/large_1/expected_no_dirauth new file mode 100644 index 0000000000..26a33bdc7c --- /dev/null +++ b/src/test/conf_examples/large_1/expected_no_dirauth @@ -0,0 +1,157 @@ +AccountingMax 10737418240 +AccountingRule sum +AccountingStart day 05:15 +Address 128.66.8.8 +AllowNonRFC953Hostnames 1 +AndroidIdentityTag droidy +AutomapHostsOnResolve 1 +AutomapHostsSuffixes .onions +AvoidDiskWrites 1 +BandwidthBurst 2147483647 +BandwidthRate 1610612736 +Bridge 128.66.1.10:80 +CacheDirectory /this-is-a-cache +CellStatistics 1 +CircuitBuildTimeout 200 +CircuitsAvailableTimeout 10 +CircuitStreamTimeout 20 +ClientOnly 1 +ClientPreferIPv6DirPort 1 +ClientPreferIPv6ORPort 1 +ClientRejectInternalAddresses 0 +ClientUseIPv4 0 +ClientUseIPv6 1 +ConnDirectionStatistics 1 +ConnectionPadding 1 +ConnLimit 64 +ConstrainedSockets 1 +ConstrainedSockSize 10240 +ContactInfo long_config@example.com +ControlPortFileGroupReadable 1 +ControlPort 9058 +CookieAuthentication 1 +CookieAuthFile /control/cookie +CookieAuthFileGroupReadable 1 +CountPrivateBandwidth 1 +DataDirectory /data/dir +DirAllowPrivateAddresses 1 +DirPolicy reject 128.66.1.1/32, accept *:* +DirPortFrontPage /dirport/frontpage +DirPort 99 +DirReqStatistics 0 +DisableDebuggerAttachment 0 +DisableNetwork 1 +DisableOOSCheck 0 +DNSPort 53535 +DormantCanceledByStartup 1 +DormantClientTimeout 1260 +DormantOnFirstStartup 1 +DormantTimeoutDisabledByIdleStreams 0 +DoSCircuitCreationBurst 1000 +DoSCircuitCreationDefenseTimePeriod 300 +DoSCircuitCreationDefenseType 2 +DoSCircuitCreationEnabled 1 +DoSCircuitCreationMinConnections 10 +DoSCircuitCreationRate 100 +DoSConnectionDefenseType 2 +DoSConnectionEnabled 1 +DoSConnectionMaxConcurrentCount 6 +DoSRefuseSingleHopClientRendezvous 0 +DownloadExtraInfo 1 +EnforceDistinctSubnets 0 +EntryNodes potrzebie,triffid,cromulent +EntryStatistics 1 +ExcludeExitNodes blaznort,kriffid,zeppelin +ExcludeNodes 128.66.7.6 +ExitNodes 128.66.7.7,128.66.128.0/17,exitexit +ExitPolicy accept *:80,reject *:* +ExitPolicyRejectLocalInterfaces 1 +ExitPolicyRejectPrivate 0 +ExitPortStatistics 1 +ExitRelay 1 +ExtendAllowPrivateAddresses 1 +ExtendByEd25519ID 1 +ExtORPortCookieAuthFile /foobar +ExtORPort 99 +FascistFirewall 1 +FetchDirInfoEarly 1 +FetchDirInfoExtraEarly 1 +FetchUselessDescriptors 1 +FirewallPorts 80,443,999 +GeoIPExcludeUnknown 1 +GeoIPFile /geoip +GuardfractionFile /gff +GuardLifetime 691200 +HeartbeatPeriod 2700 +IPv6Exit 1 +KeepalivePeriod 540 +KeyDirectory /keyz +KISTSchedRunInterval 1 +Log notice file /logfile +Log info file /logfile-verbose +LogTimeGranularity 60000 +LongLivedPorts 9090 +MainloopStats 1 +MapAddress www.example.com:10.0.0.6 +MaxAdvertisedBandwidth 100 +MaxCircuitDirtiness 3600 +MaxClientCircuitsPending 127 +MaxConsensusAgeForDiffs 2629728 +MaxMemInQueues 314572800 +MaxOnionQueueDelay 60000 +MaxUnparseableDescSizeToLog 1048576 +MiddleNodes grommit,truffle,parcheesi +MyFamily $ffffffffffffffffffffffffffffffffffffffff +NewCircuitPeriod 7200 +Nickname nickname +NodeFamily $ffffffffffffffffffffffffffffffffffffffff,$dddddddddddddddddddddddddddddddddddddddd +NumCPUs 3 +NumDirectoryGuards 4 +NumEntryGuards 5 +NumPrimaryGuards 8 +OfflineMasterKey 1 +OptimisticData 1 +ORPort 2222 +OutboundBindAddress 10.0.0.7 +OutboundBindAddressExit 10.0.0.8 +OutboundBindAddressOR 10.0.0.9 +PerConnBWBurst 10485760 +PerConnBWRate 102400 +PidFile /piddy +ProtocolWarnings 1 +PublishHidServDescriptors 0 +PublishServerDescriptor 0 +ReachableAddresses 0.0.0.0, *:* +ReachableDirAddresses 128.0.0.0/1 +ReachableORAddresses 128.0.0.0/8 +RejectPlaintextPorts 23 +RelayBandwidthBurst 10000 +RelayBandwidthRate 1000 +RendPostPeriod 600 +RephistTrackTime 600 +SafeLogging 0 +Schedulers Vanilla,KISTLite,Kist +ShutdownWaitLength 10 +SigningKeyLifetime 4838400 +Socks5Proxy 128.66.99.99:99 +Socks5ProxyPassword flynn +Socks5ProxyUsername spaceparanoids +SocksPolicy accept 127.0.0.0/24, reject *:* +SocksPort 9099 +SocksTimeout 600 +SSLKeyLifetime 86400 +StrictNodes 1 +SyslogIdentityTag tortor +TestSocks 1 +TokenBucketRefillInterval 1000 +TrackHostExits www.example.com +TrackHostExitsExpire 3600 +TruncateLogFile 1 +UnixSocksGroupWritable 1 +UpdateBridgesFromAuthority 1 +UseDefaultFallbackDirs 0 +UseGuardFraction 1 +UseMicrodescriptors 0 +VirtualAddrNetworkIPv4 18.66.0.0/16 +VirtualAddrNetworkIPv6 [ff00::]/16 +WarnPlaintextPorts 7,11,23,1001 diff --git a/src/test/conf_examples/large_1/torrc b/src/test/conf_examples/large_1/torrc new file mode 100644 index 0000000000..20ddf00e16 --- /dev/null +++ b/src/test/conf_examples/large_1/torrc @@ -0,0 +1,166 @@ +AccountingMax 10 GB +AccountingRule sum +AccountingStart day 05:15 +Address 128.66.8.8 +AllowNonRFC953Hostnames 1 +AndroidIdentityTag droidy +AutomapHostsOnResolve 1 +AutomapHostsSuffixes .onions +AvoidDiskWrites 1 +BandwidthBurst 2 GB +BandwidthRate 1.5 GB +Bridge 128.66.1.10:80 +CacheDirectory /this-is-a-cache +CellStatistics 1 +CircuitBuildTimeout 200 +CircuitPadding 1 +CircuitsAvailableTimeout 10 +CircuitStreamTimeout 20 +ClientOnly 1 +ClientPreferIPv6DirPort 1 +ClientPreferIPv6ORPort 1 +ClientRejectInternalAddresses 0 +ClientUseIPv4 0 +ClientUseIPv6 1 +ConnDirectionStatistics 1 +ConnectionPadding 1 +ConnLimit 64 +ConsensusParams wombat=7 +ConstrainedSockets 1 +ConstrainedSockSize 10240 +ContactInfo long_config@example.com +ControlPortFileGroupReadable 1 +ControlPort 9058 +CookieAuthentication 1 +CookieAuthFile /control/cookie +CookieAuthFileGroupReadable 1 +CountPrivateBandwidth 1 +DataDirectory /data/dir +DirAllowPrivateAddresses 1 +DirPolicy reject 128.66.1.1/32, accept *:* +DirReqStatistics 0 +DirPort 99 +DirPortFrontPage /dirport/frontpage +DisableDebuggerAttachment 0 +DisableNetwork 1 +DisableOOSCheck 0 +DNSPort 53535 +DormantCanceledByStartup 1 +DormantClientTimeout 21 minutes +DormantOnFirstStartup 1 +DormantTimeoutDisabledByIdleStreams 0 +DoSCircuitCreationBurst 1000 +DoSCircuitCreationDefenseTimePeriod 5 minutes +DoSCircuitCreationDefenseType 2 +DoSCircuitCreationEnabled 1 +DoSCircuitCreationMinConnections 10 +DoSCircuitCreationRate 100 +DoSConnectionDefenseType 2 +DoSConnectionEnabled 1 +DoSConnectionMaxConcurrentCount 6 +DoSRefuseSingleHopClientRendezvous 0 +DownloadExtraInfo 1 +EnforceDistinctSubnets 0 +EntryNodes potrzebie,triffid,cromulent +EntryStatistics 1 +ExcludeExitNodes blaznort,kriffid,zeppelin +ExcludeNodes 128.66.7.6 +ExitNodes 128.66.7.7,128.66.128.0/17,exitexit +ExitPolicy accept *:80,reject *:* +ExitPolicyRejectLocalInterfaces 1 +ExitPolicyRejectPrivate 0 +ExitPortStatistics 1 +ExitRelay 1 +ExtendAllowPrivateAddresses 1 +ExtendByEd25519ID 1 +ExtORPort 99 +ExtORPortCookieAuthFile /foobar +ExtraInfoStatistics 1 +FascistFirewall 1 +FetchDirInfoEarly 1 +FetchDirInfoExtraEarly 1 +FetchHidServDescriptors 1 +FetchServerDescriptors 1 +FetchUselessDescriptors 1 +FirewallPorts 80,443,999 +GeoIPExcludeUnknown 1 +GeoIPFile /geoip +GuardfractionFile /gff +GuardLifetime 8 days +HeartbeatPeriod 45 minutes +IPv6Exit 1 +KeepalivePeriod 9 minutes +KeyDirectory /keyz +KISTSchedRunInterval 1 msec +LearnCircuitBuildTimeout 1 +Log notice file /logfile +Log info file /logfile-verbose +LogTimeGranularity 1 minute +LongLivedPorts 9090 +MainloopStats 1 +MapAddress www.example.com:10.0.0.6 +MaxAdvertisedBandwidth 100 +MaxCircuitDirtiness 1 hour +MaxClientCircuitsPending 127 +MaxConsensusAgeForDiffs 1 month +MaxMemInQueues 300 MB +MaxOnionQueueDelay 60 seconds +MaxUnparseableDescSizeToLog 1 MB +MiddleNodes grommit, truffle, parcheesi +MyFamily $ffffffffffffffffffffffffffffffffffffffff +NewCircuitPeriod 2 hours +Nickname nickname +NodeFamily $ffffffffffffffffffffffffffffffffffffffff,$dddddddddddddddddddddddddddddddddddddddd +NumCPUs 3 +NumDirectoryGuards 4 +NumEntryGuards 5 +NumPrimaryGuards 8 +OfflineMasterKey 1 +OptimisticData 1 +ORPort 2222 +OutboundBindAddress 10.0.0.7 +OutboundBindAddressExit 10.0.0.8 +OutboundBindAddressOR 10.0.0.9 +PaddingStatistics 1 +PerConnBWBurst 10 MB +PerConnBWRate 100 kb +PidFile /piddy +ProtocolWarnings 1 +PublishHidServDescriptors 0 +PublishServerDescriptor 0 +ReachableAddresses 0.0.0.0, *:* +ReachableDirAddresses 128.0.0.0/1 +ReachableORAddresses 128.0.0.0/8 +RejectPlaintextPorts 23 +RelayBandwidthBurst 10000 +RelayBandwidthRate 1000 +RendPostPeriod 10 minutes +RephistTrackTime 10 minutes +SafeLogging 0 +SafeSocks 0 +Schedulers Vanilla,KISTLite,Kist +ShutdownWaitLength 10 seconds +SigningKeyLifetime 8 weeks +Socks5Proxy 128.66.99.99:99 +Socks5ProxyPassword flynn +Socks5ProxyUsername spaceparanoids +SocksPolicy accept 127.0.0.0/24, reject *:* +SocksPort 9099 +SocksTimeout 10 minutes +SSLKeyLifetime 1 day +StrictNodes 1 +SyslogIdentityTag tortor +TestSocks 1 +TokenBucketRefillInterval 1 second +TrackHostExits www.example.com +TrackHostExitsExpire 1 hour +TruncateLogFile 1 +UnixSocksGroupWritable 1 +UpdateBridgesFromAuthority 1 +UseDefaultFallbackDirs 0 +UseEntryGuards 1 +UseGuardFraction 1 +UseMicrodescriptors 0 +VirtualAddrNetworkIPv4 18.66.0.0/16 +VirtualAddrNetworkIPv6 [ff00::]/16 +WarnPlaintextPorts 7,11,23,1001 diff --git a/src/test/conf_examples/lzma_zstd_1/expected b/src/test/conf_examples/lzma_zstd_1/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected diff --git a/src/test/conf_examples/lzma_zstd_1/expected_log b/src/test/conf_examples/lzma_zstd_1/expected_log new file mode 100644 index 0000000000..a5531ca21e --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_log @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, .*, Zlib .*, Liblzma N/A, and Libzstd N/A diff --git a/src/test/conf_examples/lzma_zstd_1/expected_log_lzma b/src/test/conf_examples/lzma_zstd_1/expected_log_lzma new file mode 100644 index 0000000000..2947e5991b --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_log_lzma @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, .*, Zlib .*, Liblzma .*, and Libzstd N/A diff --git a/src/test/conf_examples/lzma_zstd_1/expected_log_lzma_zstd b/src/test/conf_examples/lzma_zstd_1/expected_log_lzma_zstd new file mode 100644 index 0000000000..e76e4357f8 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_log_lzma_zstd @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, .*, Zlib .*, Liblzma .*, and Libzstd .*
\ No newline at end of file diff --git a/src/test/conf_examples/lzma_zstd_1/expected_log_zstd b/src/test/conf_examples/lzma_zstd_1/expected_log_zstd new file mode 100644 index 0000000000..c8b174423b --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_log_zstd @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, .*, Zlib .*, Liblzma N/A, and Libzstd .*
\ No newline at end of file diff --git a/src/test/conf_examples/lzma_zstd_1/expected_lzma b/src/test/conf_examples/lzma_zstd_1/expected_lzma new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_lzma diff --git a/src/test/conf_examples/lzma_zstd_1/expected_lzma_zstd b/src/test/conf_examples/lzma_zstd_1/expected_lzma_zstd new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_lzma_zstd diff --git a/src/test/conf_examples/lzma_zstd_1/expected_zstd b/src/test/conf_examples/lzma_zstd_1/expected_zstd new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/expected_zstd diff --git a/src/test/conf_examples/lzma_zstd_1/torrc b/src/test/conf_examples/lzma_zstd_1/torrc new file mode 100644 index 0000000000..f873d79028 --- /dev/null +++ b/src/test/conf_examples/lzma_zstd_1/torrc @@ -0,0 +1 @@ +# This test checks for the optional library list in tor's logs diff --git a/src/test/conf_examples/missing_cl_arg/cmdline b/src/test/conf_examples/missing_cl_arg/cmdline new file mode 100644 index 0000000000..7fc4d0a54d --- /dev/null +++ b/src/test/conf_examples/missing_cl_arg/cmdline @@ -0,0 +1 @@ +--hash-password diff --git a/src/test/conf_examples/missing_cl_arg/error b/src/test/conf_examples/missing_cl_arg/error new file mode 100644 index 0000000000..61dbeac8aa --- /dev/null +++ b/src/test/conf_examples/missing_cl_arg/error @@ -0,0 +1 @@ +Command-line option '--hash-password' with no value. diff --git a/src/test/conf_examples/missing_cl_arg/torrc b/src/test/conf_examples/missing_cl_arg/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/missing_cl_arg/torrc diff --git a/src/test/conf_examples/nss_1/expected b/src/test/conf_examples/nss_1/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/nss_1/expected diff --git a/src/test/conf_examples/nss_1/expected_log b/src/test/conf_examples/nss_1/expected_log new file mode 100644 index 0000000000..32e8cfc2f8 --- /dev/null +++ b/src/test/conf_examples/nss_1/expected_log @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, OpenSSL .*, Zlib .*, Liblzma .*, and Libzstd .* diff --git a/src/test/conf_examples/nss_1/expected_log_nss b/src/test/conf_examples/nss_1/expected_log_nss new file mode 100644 index 0000000000..c0fe7b003c --- /dev/null +++ b/src/test/conf_examples/nss_1/expected_log_nss @@ -0,0 +1 @@ +Tor 0.* running on .* with Libevent .*, NSS .*, Zlib .*, Liblzma .*, and Libzstd .* diff --git a/src/test/conf_examples/nss_1/expected_nss b/src/test/conf_examples/nss_1/expected_nss new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/nss_1/expected_nss diff --git a/src/test/conf_examples/nss_1/torrc b/src/test/conf_examples/nss_1/torrc new file mode 100644 index 0000000000..f873d79028 --- /dev/null +++ b/src/test/conf_examples/nss_1/torrc @@ -0,0 +1 @@ +# This test checks for the optional library list in tor's logs diff --git a/src/test/conf_examples/obsolete_1/expected b/src/test/conf_examples/obsolete_1/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/obsolete_1/expected diff --git a/src/test/conf_examples/obsolete_1/expected_log b/src/test/conf_examples/obsolete_1/expected_log new file mode 100644 index 0000000000..52f6f70a2e --- /dev/null +++ b/src/test/conf_examples/obsolete_1/expected_log @@ -0,0 +1 @@ +Skipping obsolete configuration option diff --git a/src/test/conf_examples/obsolete_1/torrc b/src/test/conf_examples/obsolete_1/torrc new file mode 100644 index 0000000000..e711fe4065 --- /dev/null +++ b/src/test/conf_examples/obsolete_1/torrc @@ -0,0 +1,70 @@ +# These options are obsolete as of 0.4.2 +# Obsolete options without arguments, or with an empty argument, +# are silently ignored. So we give each one of these options an argument. +AllowDotExit 1 +AllowInvalidNodes 1 +AllowSingleHopCircuits 1 +AllowSingleHopExits 1 +AlternateHSAuthority 1 +AuthDirBadDir 1 +AuthDirBadDirCCs 1 +AuthDirRejectUnlisted 1 +AuthDirListBadDirs 1 +AuthDirMaxServersPerAuthAddr 1 +CircuitIdleTimeout 1 +ControlListenAddress 1 +DirListenAddress 1 +DisableIOCP 1 +DisableV2DirectoryInfo_ 1 +DynamicDHGroups 1 +DNSListenAddress 1 +TestingEnableTbEmptyEvent 1 +ExcludeSingleHopRelays 1 +FallbackNetworkstatusFile 1 +FastFirstHopPK 1 +FetchV2Networkstatus 1 +Group 1 +HidServDirectoryV2 1 +CloseHSClientCircuitsImmediatelyOnTimeout 1 +CloseHSServiceRendCircuitsImmediatelyOnTimeout 1 +MaxOnionsPending 1 +NamingAuthoritativeDirectory 1 +NATDListenAddress 1 +PredictedPortsRelevanceTime 1 +WarnUnsafeSocks 1 +ORListenAddress 1 +PathBiasDisableRate 1 +PathBiasScaleFactor 1 +PathBiasMultFactor 1 +PathBiasUseCloseCounts 1 +PortForwarding 1 +PortForwardingHelper 1 +PreferTunneledDirConns 1 +RecommendedPackages 1 +RunTesting 1 +SchedulerLowWaterMark__ 1 +SchedulerHighWaterMark__ 1 +SchedulerMaxFlushCells__ 1 +SocksListenAddress 1 +StrictEntryNodes 1 +StrictExitNodes 1 +Support022HiddenServices 1 +Tor2webMode 1 +Tor2webRendezvousPoints 1 +TLSECGroup 1 +TransListenAddress 1 +TunnelDirConns 1 +UseEntryGuardsAsDirGuards 1 +UseNTorHandshake 1 +UserspaceIOCPBuffers 1 +V1AuthoritativeDirectory 1 +V2AuthoritativeDirectory 1 +VoteOnHidServDirectoriesV2 1 +UseFilteringSSLBufferevents 1 +__UseFilteringSSLBufferevents 1 +TestingConsensusMaxDownloadTries 1 +ClientBootstrapConsensusMaxDownloadTries 1 +ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries 1 +TestingDescriptorMaxDownloadTries 1 +TestingMicrodescMaxDownloadTries 1 +TestingCertMaxDownloadTries 1 diff --git a/src/test/conf_examples/obsolete_2/expected b/src/test/conf_examples/obsolete_2/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/obsolete_2/expected diff --git a/src/test/conf_examples/obsolete_2/expected_log b/src/test/conf_examples/obsolete_2/expected_log new file mode 100644 index 0000000000..2160355ee9 --- /dev/null +++ b/src/test/conf_examples/obsolete_2/expected_log @@ -0,0 +1 @@ +Read configuration file .*obsolete_2[./]*torrc diff --git a/src/test/conf_examples/obsolete_2/torrc b/src/test/conf_examples/obsolete_2/torrc new file mode 100644 index 0000000000..b83e7a7369 --- /dev/null +++ b/src/test/conf_examples/obsolete_2/torrc @@ -0,0 +1,5 @@ +# This option has been obsolete for some time +# Obsolete options without arguments, or with an empty argument, +# are silently ignored. +AllowDotExit +AllowInvalidNodes "" diff --git a/src/test/conf_examples/obsolete_3/expected b/src/test/conf_examples/obsolete_3/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/obsolete_3/expected diff --git a/src/test/conf_examples/obsolete_3/expected_log b/src/test/conf_examples/obsolete_3/expected_log new file mode 100644 index 0000000000..82d76ec818 --- /dev/null +++ b/src/test/conf_examples/obsolete_3/expected_log @@ -0,0 +1 @@ +Skipping obsolete configuration option "AllowDotExit" diff --git a/src/test/conf_examples/obsolete_3/torrc b/src/test/conf_examples/obsolete_3/torrc new file mode 100644 index 0000000000..e0efe752bf --- /dev/null +++ b/src/test/conf_examples/obsolete_3/torrc @@ -0,0 +1,4 @@ +# This option has been obsolete for some time +# Obsolete options without arguments, or with an empty argument, +# are silently ignored. So we give this option an argument. +AllowDotExit 1 diff --git a/src/test/conf_examples/ops_1/cmdline b/src/test/conf_examples/ops_1/cmdline new file mode 100644 index 0000000000..2bb9bfa132 --- /dev/null +++ b/src/test/conf_examples/ops_1/cmdline @@ -0,0 +1 @@ +ORPort 1000 diff --git a/src/test/conf_examples/ops_1/error_no_dirauth_relay b/src/test/conf_examples/ops_1/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/ops_1/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/ops_1/expected b/src/test/conf_examples/ops_1/expected new file mode 100644 index 0000000000..84be6a70e2 --- /dev/null +++ b/src/test/conf_examples/ops_1/expected @@ -0,0 +1,2 @@ +Nickname Unnamed +ORPort 1000 diff --git a/src/test/conf_examples/ops_1/expected_log b/src/test/conf_examples/ops_1/expected_log new file mode 100644 index 0000000000..b785d7fb52 --- /dev/null +++ b/src/test/conf_examples/ops_1/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_1[./]*torrc diff --git a/src/test/conf_examples/ops_1/torrc b/src/test/conf_examples/ops_1/torrc new file mode 100644 index 0000000000..daf8ae60fe --- /dev/null +++ b/src/test/conf_examples/ops_1/torrc @@ -0,0 +1,3 @@ +# We'll replace this option on the command line. + +ORPort 9999 diff --git a/src/test/conf_examples/ops_2/cmdline b/src/test/conf_examples/ops_2/cmdline new file mode 100644 index 0000000000..fdd48a045c --- /dev/null +++ b/src/test/conf_examples/ops_2/cmdline @@ -0,0 +1 @@ +/ORPort diff --git a/src/test/conf_examples/ops_2/expected b/src/test/conf_examples/ops_2/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/ops_2/expected diff --git a/src/test/conf_examples/ops_2/expected_log b/src/test/conf_examples/ops_2/expected_log new file mode 100644 index 0000000000..17fbc3ffbf --- /dev/null +++ b/src/test/conf_examples/ops_2/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_2[./]*torrc diff --git a/src/test/conf_examples/ops_2/torrc b/src/test/conf_examples/ops_2/torrc new file mode 100644 index 0000000000..21fcc93f9a --- /dev/null +++ b/src/test/conf_examples/ops_2/torrc @@ -0,0 +1,3 @@ +# We'll remove this option on the command line, and not replace it. + +ORPort 9999 diff --git a/src/test/conf_examples/ops_3/cmdline b/src/test/conf_examples/ops_3/cmdline new file mode 100644 index 0000000000..e4965d26f8 --- /dev/null +++ b/src/test/conf_examples/ops_3/cmdline @@ -0,0 +1 @@ ++ORPort 1000 diff --git a/src/test/conf_examples/ops_3/error_no_dirauth_relay b/src/test/conf_examples/ops_3/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/ops_3/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/ops_3/expected b/src/test/conf_examples/ops_3/expected new file mode 100644 index 0000000000..569d26b577 --- /dev/null +++ b/src/test/conf_examples/ops_3/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort 9999 +ORPort 1000 diff --git a/src/test/conf_examples/ops_3/expected_log b/src/test/conf_examples/ops_3/expected_log new file mode 100644 index 0000000000..151498f0df --- /dev/null +++ b/src/test/conf_examples/ops_3/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_3[./]*torrc diff --git a/src/test/conf_examples/ops_3/torrc b/src/test/conf_examples/ops_3/torrc new file mode 100644 index 0000000000..14adf87d7f --- /dev/null +++ b/src/test/conf_examples/ops_3/torrc @@ -0,0 +1,3 @@ +# We will extend this option on the command line + +ORPort 9999 diff --git a/src/test/conf_examples/ops_4/error_no_dirauth_relay b/src/test/conf_examples/ops_4/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/ops_4/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/ops_4/expected b/src/test/conf_examples/ops_4/expected new file mode 100644 index 0000000000..bf52f6a330 --- /dev/null +++ b/src/test/conf_examples/ops_4/expected @@ -0,0 +1,2 @@ +Nickname Unnamed +ORPort 9099 diff --git a/src/test/conf_examples/ops_4/expected_log b/src/test/conf_examples/ops_4/expected_log new file mode 100644 index 0000000000..7632b2290c --- /dev/null +++ b/src/test/conf_examples/ops_4/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_4[./]*torrc\.defaults diff --git a/src/test/conf_examples/ops_4/torrc b/src/test/conf_examples/ops_4/torrc new file mode 100644 index 0000000000..dcec2aa95d --- /dev/null +++ b/src/test/conf_examples/ops_4/torrc @@ -0,0 +1,3 @@ +# This value is unadorned, so replaces the one from defaults.torrc. + +ORPort 9099 diff --git a/src/test/conf_examples/ops_4/torrc.defaults b/src/test/conf_examples/ops_4/torrc.defaults new file mode 100644 index 0000000000..04cd0393c6 --- /dev/null +++ b/src/test/conf_examples/ops_4/torrc.defaults @@ -0,0 +1 @@ +ORPort 9000 diff --git a/src/test/conf_examples/ops_5/error_no_dirauth_relay b/src/test/conf_examples/ops_5/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/ops_5/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/ops_5/expected b/src/test/conf_examples/ops_5/expected new file mode 100644 index 0000000000..288721da53 --- /dev/null +++ b/src/test/conf_examples/ops_5/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort 9000 +ORPort 9099 diff --git a/src/test/conf_examples/ops_5/expected_log b/src/test/conf_examples/ops_5/expected_log new file mode 100644 index 0000000000..ec63cb0638 --- /dev/null +++ b/src/test/conf_examples/ops_5/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_5[./]*torrc\.defaults diff --git a/src/test/conf_examples/ops_5/torrc b/src/test/conf_examples/ops_5/torrc new file mode 100644 index 0000000000..3284fc1c55 --- /dev/null +++ b/src/test/conf_examples/ops_5/torrc @@ -0,0 +1,3 @@ +# This value has a plus, and so extends the one from defaults.torrc. + ++ORPort 9099 diff --git a/src/test/conf_examples/ops_5/torrc.defaults b/src/test/conf_examples/ops_5/torrc.defaults new file mode 100644 index 0000000000..04cd0393c6 --- /dev/null +++ b/src/test/conf_examples/ops_5/torrc.defaults @@ -0,0 +1 @@ +ORPort 9000 diff --git a/src/test/conf_examples/ops_6/expected b/src/test/conf_examples/ops_6/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/ops_6/expected diff --git a/src/test/conf_examples/ops_6/expected_log b/src/test/conf_examples/ops_6/expected_log new file mode 100644 index 0000000000..f9b1ca0412 --- /dev/null +++ b/src/test/conf_examples/ops_6/expected_log @@ -0,0 +1 @@ +Read configuration file .*ops_6[./]*torrc\.defaults diff --git a/src/test/conf_examples/ops_6/torrc b/src/test/conf_examples/ops_6/torrc new file mode 100644 index 0000000000..4d51caaff7 --- /dev/null +++ b/src/test/conf_examples/ops_6/torrc @@ -0,0 +1,3 @@ +# This value has a slash, and so clears the one from defaults.torrc. + +/ORPort diff --git a/src/test/conf_examples/ops_6/torrc.defaults b/src/test/conf_examples/ops_6/torrc.defaults new file mode 100644 index 0000000000..04cd0393c6 --- /dev/null +++ b/src/test/conf_examples/ops_6/torrc.defaults @@ -0,0 +1 @@ +ORPort 9000 diff --git a/src/test/conf_examples/pt_01/expected b/src/test/conf_examples/pt_01/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/pt_01/expected diff --git a/src/test/conf_examples/pt_01/expected_log b/src/test/conf_examples/pt_01/expected_log new file mode 100644 index 0000000000..65bfa7a7b7 --- /dev/null +++ b/src/test/conf_examples/pt_01/expected_log @@ -0,0 +1 @@ +Linelist option 'ExtORPort' has no value\. Skipping diff --git a/src/test/conf_examples/pt_01/torrc b/src/test/conf_examples/pt_01/torrc new file mode 100644 index 0000000000..574bb32a0d --- /dev/null +++ b/src/test/conf_examples/pt_01/torrc @@ -0,0 +1,7 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Empty linelist values are ignored with a warning +ExtORPort +ServerTransportPlugin +ServerTransportListenAddr +ServerTransportOptions diff --git a/src/test/conf_examples/pt_02/error b/src/test/conf_examples/pt_02/error new file mode 100644 index 0000000000..ce28eab729 --- /dev/null +++ b/src/test/conf_examples/pt_02/error @@ -0,0 +1 @@ +Invalid ExtORPort configuration diff --git a/src/test/conf_examples/pt_02/expected_log_no_dirauth_relay b/src/test/conf_examples/pt_02/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..0e48dca7fd --- /dev/null +++ b/src/test/conf_examples/pt_02/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*pt_02[./]*torrc diff --git a/src/test/conf_examples/pt_02/expected_no_dirauth_relay b/src/test/conf_examples/pt_02/expected_no_dirauth_relay new file mode 100644 index 0000000000..f5cd26e6b7 --- /dev/null +++ b/src/test/conf_examples/pt_02/expected_no_dirauth_relay @@ -0,0 +1,8 @@ +ExtORPort illegal_hostname_chars$()^*%(% +ServerTransportListenAddr bad +ServerTransportListenAddr bad2 illegal_hostname_chars$()^*%(% +ServerTransportOptions bad +ServerTransportOptions bad2 not_kv +ServerTransportPlugin bad +ServerTransportPlugin bad2 exec +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_02/torrc b/src/test/conf_examples/pt_02/torrc new file mode 100644 index 0000000000..825f2c4be4 --- /dev/null +++ b/src/test/conf_examples/pt_02/torrc @@ -0,0 +1,13 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Bad options are also ignored +# (Unless the relay module is disabled, because they are relay-only +# options. We'll ignore all relay-only options in #32395.) +ExtORPort illegal_hostname_chars$()^*%(%#%)#(%* +ServerTransportPlugin bad +ServerTransportPlugin bad2 exec +ServerTransportPlugin bad3 exec / +ServerTransportListenAddr bad +ServerTransportListenAddr bad2 illegal_hostname_chars$()^*%(%#%)#(%* +ServerTransportOptions bad +ServerTransportOptions bad2 not_kv diff --git a/src/test/conf_examples/pt_03/expected b/src/test/conf_examples/pt_03/expected new file mode 100644 index 0000000000..f849f2a78f --- /dev/null +++ b/src/test/conf_examples/pt_03/expected @@ -0,0 +1 @@ +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_03/expected_log b/src/test/conf_examples/pt_03/expected_log new file mode 100644 index 0000000000..285a189c28 --- /dev/null +++ b/src/test/conf_examples/pt_03/expected_log @@ -0,0 +1 @@ +We use pluggable transports but the Extended ORPort is disabled diff --git a/src/test/conf_examples/pt_03/expected_log_no_dirauth_relay b/src/test/conf_examples/pt_03/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..88f4e5bdfb --- /dev/null +++ b/src/test/conf_examples/pt_03/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*pt_03[./]*torrc diff --git a/src/test/conf_examples/pt_03/expected_no_dirauth_relay b/src/test/conf_examples/pt_03/expected_no_dirauth_relay new file mode 100644 index 0000000000..f849f2a78f --- /dev/null +++ b/src/test/conf_examples/pt_03/expected_no_dirauth_relay @@ -0,0 +1 @@ +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_03/torrc b/src/test/conf_examples/pt_03/torrc new file mode 100644 index 0000000000..9868c39b26 --- /dev/null +++ b/src/test/conf_examples/pt_03/torrc @@ -0,0 +1,4 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Plugin, but no ExtORPort +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_04/expected b/src/test/conf_examples/pt_04/expected new file mode 100644 index 0000000000..9087f600e0 --- /dev/null +++ b/src/test/conf_examples/pt_04/expected @@ -0,0 +1,3 @@ +ExtORPortCookieAuthFile / +ExtORPort 1 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_04/expected_log b/src/test/conf_examples/pt_04/expected_log new file mode 100644 index 0000000000..5b3ab51d25 --- /dev/null +++ b/src/test/conf_examples/pt_04/expected_log @@ -0,0 +1 @@ +Tor is not configured as a relay but you specified a ServerTransportPlugin line.*The ServerTransportPlugin line will be ignored diff --git a/src/test/conf_examples/pt_04/expected_log_no_dirauth_relay b/src/test/conf_examples/pt_04/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..2b989bf320 --- /dev/null +++ b/src/test/conf_examples/pt_04/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*pt_04[./]*torrc diff --git a/src/test/conf_examples/pt_04/expected_no_dirauth_relay b/src/test/conf_examples/pt_04/expected_no_dirauth_relay new file mode 100644 index 0000000000..9087f600e0 --- /dev/null +++ b/src/test/conf_examples/pt_04/expected_no_dirauth_relay @@ -0,0 +1,3 @@ +ExtORPortCookieAuthFile / +ExtORPort 1 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_04/torrc b/src/test/conf_examples/pt_04/torrc new file mode 100644 index 0000000000..18bb28f9cf --- /dev/null +++ b/src/test/conf_examples/pt_04/torrc @@ -0,0 +1,6 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try a bad cookie auth file +ExtORPort 1 +ExtORPortCookieAuthFile / +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_05/error_no_dirauth_relay b/src/test/conf_examples/pt_05/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/pt_05/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/pt_05/expected b/src/test/conf_examples/pt_05/expected new file mode 100644 index 0000000000..61568bb9ac --- /dev/null +++ b/src/test/conf_examples/pt_05/expected @@ -0,0 +1,4 @@ +ExtORPort 1 +Nickname Unnamed +ORPort 2 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_05/expected_log b/src/test/conf_examples/pt_05/expected_log new file mode 100644 index 0000000000..c05a0931d6 --- /dev/null +++ b/src/test/conf_examples/pt_05/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set diff --git a/src/test/conf_examples/pt_05/torrc b/src/test/conf_examples/pt_05/torrc new file mode 100644 index 0000000000..55c569bb1b --- /dev/null +++ b/src/test/conf_examples/pt_05/torrc @@ -0,0 +1,6 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try a valid minimal config +ORPort 2 +ExtORPort 1 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_06/expected b/src/test/conf_examples/pt_06/expected new file mode 100644 index 0000000000..d5788b92c9 --- /dev/null +++ b/src/test/conf_examples/pt_06/expected @@ -0,0 +1,6 @@ +ExtORPortCookieAuthFile / +ExtORPortCookieAuthFileGroupReadable 1 +ExtORPort 1 +ServerTransportListenAddr bad3 127.0.0.1:2 +ServerTransportOptions bad3 a=b +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_06/expected_log b/src/test/conf_examples/pt_06/expected_log new file mode 100644 index 0000000000..5b3ab51d25 --- /dev/null +++ b/src/test/conf_examples/pt_06/expected_log @@ -0,0 +1 @@ +Tor is not configured as a relay but you specified a ServerTransportPlugin line.*The ServerTransportPlugin line will be ignored diff --git a/src/test/conf_examples/pt_06/expected_log_no_dirauth_relay b/src/test/conf_examples/pt_06/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..f35a380c9f --- /dev/null +++ b/src/test/conf_examples/pt_06/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*pt_06[./]*torrc diff --git a/src/test/conf_examples/pt_06/expected_no_dirauth_relay b/src/test/conf_examples/pt_06/expected_no_dirauth_relay new file mode 100644 index 0000000000..d5788b92c9 --- /dev/null +++ b/src/test/conf_examples/pt_06/expected_no_dirauth_relay @@ -0,0 +1,6 @@ +ExtORPortCookieAuthFile / +ExtORPortCookieAuthFileGroupReadable 1 +ExtORPort 1 +ServerTransportListenAddr bad3 127.0.0.1:2 +ServerTransportOptions bad3 a=b +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_06/torrc b/src/test/conf_examples/pt_06/torrc new file mode 100644 index 0000000000..20cfc329a7 --- /dev/null +++ b/src/test/conf_examples/pt_06/torrc @@ -0,0 +1,9 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try a config with all the options +ExtORPort 1 +ExtORPortCookieAuthFile / +ExtORPortCookieAuthFileGroupReadable 1 +ServerTransportPlugin bad3 exec / +ServerTransportListenAddr bad3 127.0.0.1:2 +ServerTransportOptions bad3 a=b diff --git a/src/test/conf_examples/pt_07/error_no_dirauth_relay b/src/test/conf_examples/pt_07/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/pt_07/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/pt_07/expected b/src/test/conf_examples/pt_07/expected new file mode 100644 index 0000000000..c3a75dc407 --- /dev/null +++ b/src/test/conf_examples/pt_07/expected @@ -0,0 +1,4 @@ +ExtORPort 2.2.2.2:1 +Nickname Unnamed +ORPort 2 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_07/expected_log b/src/test/conf_examples/pt_07/expected_log new file mode 100644 index 0000000000..5afaf02ba9 --- /dev/null +++ b/src/test/conf_examples/pt_07/expected_log @@ -0,0 +1 @@ +You specified a public address .* for ExtORPort diff --git a/src/test/conf_examples/pt_07/torrc b/src/test/conf_examples/pt_07/torrc new file mode 100644 index 0000000000..40eaf50e64 --- /dev/null +++ b/src/test/conf_examples/pt_07/torrc @@ -0,0 +1,6 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try a valid config with a risky ExtORPort address +ORPort 2 +ExtORPort 2.2.2.2:1 +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_08/error b/src/test/conf_examples/pt_08/error new file mode 100644 index 0000000000..7931bbb4b9 --- /dev/null +++ b/src/test/conf_examples/pt_08/error @@ -0,0 +1 @@ +ExtORPort does not support unix sockets
\ No newline at end of file diff --git a/src/test/conf_examples/pt_08/expected_log_no_dirauth_relay b/src/test/conf_examples/pt_08/expected_log_no_dirauth_relay new file mode 100644 index 0000000000..79dcbc10ca --- /dev/null +++ b/src/test/conf_examples/pt_08/expected_log_no_dirauth_relay @@ -0,0 +1 @@ +Read configuration file .*pt_08[./]*torrc diff --git a/src/test/conf_examples/pt_08/expected_no_dirauth_relay b/src/test/conf_examples/pt_08/expected_no_dirauth_relay new file mode 100644 index 0000000000..9a1a9bd1e4 --- /dev/null +++ b/src/test/conf_examples/pt_08/expected_no_dirauth_relay @@ -0,0 +1,2 @@ +ExtORPort unix:/ +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_08/torrc b/src/test/conf_examples/pt_08/torrc new file mode 100644 index 0000000000..6f1d79d706 --- /dev/null +++ b/src/test/conf_examples/pt_08/torrc @@ -0,0 +1,7 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try an invalid config with a unix socket for ExtORPort +# (Unless the relay module is disabled, because they are relay-only +# options. We'll ignore all relay-only options in #32395.) +ExtORPort unix:/ +ServerTransportPlugin bad3 exec / diff --git a/src/test/conf_examples/pt_09/error b/src/test/conf_examples/pt_09/error new file mode 100644 index 0000000000..882b50a7bc --- /dev/null +++ b/src/test/conf_examples/pt_09/error @@ -0,0 +1 @@ +Error parsing ServerTransportListenAddr address
\ No newline at end of file diff --git a/src/test/conf_examples/pt_09/error_no_dirauth_relay b/src/test/conf_examples/pt_09/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/pt_09/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/pt_09/torrc b/src/test/conf_examples/pt_09/torrc new file mode 100644 index 0000000000..50a8e95b95 --- /dev/null +++ b/src/test/conf_examples/pt_09/torrc @@ -0,0 +1,7 @@ +# Relay PT tests +# Options from relay/transport_config.c +# Try a valid minimal config, with a bad ServerTransportListenAddr +ORPort 2 +ExtORPort 1 +ServerTransportPlugin bad3 exec / +ServerTransportListenAddr bad3 [aaaa::bbbb:ccccc] diff --git a/src/test/conf_examples/relay_01/expected b/src/test/conf_examples/relay_01/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_examples/relay_01/expected diff --git a/src/test/conf_examples/relay_01/expected_log b/src/test/conf_examples/relay_01/expected_log new file mode 100644 index 0000000000..32e8c99d27 --- /dev/null +++ b/src/test/conf_examples/relay_01/expected_log @@ -0,0 +1 @@ +Linelist option 'ORPort' has no value\. Skipping diff --git a/src/test/conf_examples/relay_01/torrc b/src/test/conf_examples/relay_01/torrc new file mode 100644 index 0000000000..da3e85b427 --- /dev/null +++ b/src/test/conf_examples/relay_01/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Empty linelist values are ignored with a warning +ORPort +DirPort diff --git a/src/test/conf_examples/relay_02/error b/src/test/conf_examples/relay_02/error new file mode 100644 index 0000000000..dd87d9f7e2 --- /dev/null +++ b/src/test/conf_examples/relay_02/error @@ -0,0 +1 @@ +Unrecognized value bad diff --git a/src/test/conf_examples/relay_02/error_no_dirauth_relay b/src/test/conf_examples/relay_02/error_no_dirauth_relay new file mode 100644 index 0000000000..dd87d9f7e2 --- /dev/null +++ b/src/test/conf_examples/relay_02/error_no_dirauth_relay @@ -0,0 +1 @@ +Unrecognized value bad diff --git a/src/test/conf_examples/relay_02/torrc b/src/test/conf_examples/relay_02/torrc new file mode 100644 index 0000000000..3eaa4403a9 --- /dev/null +++ b/src/test/conf_examples/relay_02/torrc @@ -0,0 +1,7 @@ +# Relay tests +# Options from relay/relay_config.c +# Bad options are also ignored +ORPort illegal_hostname_chars$()^*%(%#%)#(%* +DirPort illegal_hostname_chars$()^*%(%#%)#(%* +DirCache bad +BridgeRelay bad diff --git a/src/test/conf_examples/relay_03/error_no_dirauth_relay b/src/test/conf_examples/relay_03/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_03/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_03/expected b/src/test/conf_examples/relay_03/expected new file mode 100644 index 0000000000..15056a8d1f --- /dev/null +++ b/src/test/conf_examples/relay_03/expected @@ -0,0 +1,2 @@ +DirPort 1 +ORPort 0 diff --git a/src/test/conf_examples/relay_03/expected_log b/src/test/conf_examples/relay_03/expected_log new file mode 100644 index 0000000000..46ab723e4a --- /dev/null +++ b/src/test/conf_examples/relay_03/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_03[./]*torrc diff --git a/src/test/conf_examples/relay_03/torrc b/src/test/conf_examples/relay_03/torrc new file mode 100644 index 0000000000..fd7da7bb95 --- /dev/null +++ b/src/test/conf_examples/relay_03/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# DirPort, but no ORPort +ORPort 0 +DirPort 1 diff --git a/src/test/conf_examples/relay_04/error_no_dirauth_relay b/src/test/conf_examples/relay_04/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_04/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_04/expected b/src/test/conf_examples/relay_04/expected new file mode 100644 index 0000000000..1d25374ed1 --- /dev/null +++ b/src/test/conf_examples/relay_04/expected @@ -0,0 +1,2 @@ +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_04/expected_log b/src/test/conf_examples/relay_04/expected_log new file mode 100644 index 0000000000..c05a0931d6 --- /dev/null +++ b/src/test/conf_examples/relay_04/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set diff --git a/src/test/conf_examples/relay_04/torrc b/src/test/conf_examples/relay_04/torrc new file mode 100644 index 0000000000..ff08b2376b --- /dev/null +++ b/src/test/conf_examples/relay_04/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid minimal config +ORPort 1 diff --git a/src/test/conf_examples/relay_05/error_no_dirauth_relay b/src/test/conf_examples/relay_05/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_05/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_05/expected b/src/test/conf_examples/relay_05/expected new file mode 100644 index 0000000000..ae58cee1af --- /dev/null +++ b/src/test/conf_examples/relay_05/expected @@ -0,0 +1,3 @@ +DirPort 2 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_05/expected_log b/src/test/conf_examples/relay_05/expected_log new file mode 100644 index 0000000000..483c2e2aae --- /dev/null +++ b/src/test/conf_examples/relay_05/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_05[./]*torrc diff --git a/src/test/conf_examples/relay_05/torrc b/src/test/conf_examples/relay_05/torrc new file mode 100644 index 0000000000..faeaad32a0 --- /dev/null +++ b/src/test/conf_examples/relay_05/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid minimal directory mirror config +ORPort 1 +DirPort 2 diff --git a/src/test/conf_examples/relay_06/error_no_dirauth_relay b/src/test/conf_examples/relay_06/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_06/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_06/expected b/src/test/conf_examples/relay_06/expected new file mode 100644 index 0000000000..904c7339e0 --- /dev/null +++ b/src/test/conf_examples/relay_06/expected @@ -0,0 +1,3 @@ +BridgeRelay 1 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_06/expected_log b/src/test/conf_examples/relay_06/expected_log new file mode 100644 index 0000000000..70eb18df19 --- /dev/null +++ b/src/test/conf_examples/relay_06/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_06[./]*torrc diff --git a/src/test/conf_examples/relay_06/torrc b/src/test/conf_examples/relay_06/torrc new file mode 100644 index 0000000000..baeae8df5d --- /dev/null +++ b/src/test/conf_examples/relay_06/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid minimal bridge config +ORPort 1 +BridgeRelay 1 diff --git a/src/test/conf_examples/relay_07/error_no_dirauth_relay b/src/test/conf_examples/relay_07/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_07/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_07/expected b/src/test/conf_examples/relay_07/expected new file mode 100644 index 0000000000..79fa3e5a47 --- /dev/null +++ b/src/test/conf_examples/relay_07/expected @@ -0,0 +1,3 @@ +DirCache 0 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_07/expected_log b/src/test/conf_examples/relay_07/expected_log new file mode 100644 index 0000000000..14729a7ab1 --- /dev/null +++ b/src/test/conf_examples/relay_07/expected_log @@ -0,0 +1 @@ +DirCache is disabled and we are configured as a relay diff --git a/src/test/conf_examples/relay_07/torrc b/src/test/conf_examples/relay_07/torrc new file mode 100644 index 0000000000..01ac138597 --- /dev/null +++ b/src/test/conf_examples/relay_07/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid minimal non-directory cache config +ORPort 1 +DirCache 0 diff --git a/src/test/conf_examples/relay_08/error_no_dirauth_relay b/src/test/conf_examples/relay_08/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_08/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_08/expected b/src/test/conf_examples/relay_08/expected new file mode 100644 index 0000000000..904c7339e0 --- /dev/null +++ b/src/test/conf_examples/relay_08/expected @@ -0,0 +1,3 @@ +BridgeRelay 1 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_08/expected_log b/src/test/conf_examples/relay_08/expected_log new file mode 100644 index 0000000000..b0168c803d --- /dev/null +++ b/src/test/conf_examples/relay_08/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_08[./]*torrc diff --git a/src/test/conf_examples/relay_08/torrc b/src/test/conf_examples/relay_08/torrc new file mode 100644 index 0000000000..9e2ff9465c --- /dev/null +++ b/src/test/conf_examples/relay_08/torrc @@ -0,0 +1,6 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid config with all the bridge options +ORPort 1 +BridgeRelay 1 +DirCache 1 diff --git a/src/test/conf_examples/relay_09/error_no_dirauth_relay b/src/test/conf_examples/relay_09/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_09/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_09/expected b/src/test/conf_examples/relay_09/expected new file mode 100644 index 0000000000..ae58cee1af --- /dev/null +++ b/src/test/conf_examples/relay_09/expected @@ -0,0 +1,3 @@ +DirPort 2 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_09/expected_log b/src/test/conf_examples/relay_09/expected_log new file mode 100644 index 0000000000..d3ab4f6593 --- /dev/null +++ b/src/test/conf_examples/relay_09/expected_log @@ -0,0 +1 @@ +By default, Tor does not run as an exit relay diff --git a/src/test/conf_examples/relay_09/torrc b/src/test/conf_examples/relay_09/torrc new file mode 100644 index 0000000000..014eeca34b --- /dev/null +++ b/src/test/conf_examples/relay_09/torrc @@ -0,0 +1,6 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid config with all the non-bridge options +ORPort 1 +DirPort 2 +DirCache 1 diff --git a/src/test/conf_examples/relay_10/error_no_dirauth_relay b/src/test/conf_examples/relay_10/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_10/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_10/expected b/src/test/conf_examples/relay_10/expected new file mode 100644 index 0000000000..904c7339e0 --- /dev/null +++ b/src/test/conf_examples/relay_10/expected @@ -0,0 +1,3 @@ +BridgeRelay 1 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_10/expected_log b/src/test/conf_examples/relay_10/expected_log new file mode 100644 index 0000000000..5b81a904e5 --- /dev/null +++ b/src/test/conf_examples/relay_10/expected_log @@ -0,0 +1 @@ +Can't set a DirPort on a bridge relay diff --git a/src/test/conf_examples/relay_10/torrc b/src/test/conf_examples/relay_10/torrc new file mode 100644 index 0000000000..4318ebb45b --- /dev/null +++ b/src/test/conf_examples/relay_10/torrc @@ -0,0 +1,7 @@ +# Relay tests +# Options from relay/relay_config.c +# Try a valid config, that has a warning: Bridge, warn and disable DirPort +ORPort 1 +DirPort 2 +DirCache 1 +BridgeRelay 1 diff --git a/src/test/conf_examples/relay_11/error b/src/test/conf_examples/relay_11/error new file mode 100644 index 0000000000..8ed5c31bc7 --- /dev/null +++ b/src/test/conf_examples/relay_11/error @@ -0,0 +1 @@ +We are advertising an ORPort, but not actually listening on one diff --git a/src/test/conf_examples/relay_11/error_no_dirauth_relay b/src/test/conf_examples/relay_11/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_11/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_11/torrc b/src/test/conf_examples/relay_11/torrc new file mode 100644 index 0000000000..a1e13eb3ce --- /dev/null +++ b/src/test/conf_examples/relay_11/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Advertising but not listening: ORPort +ORPort 1 NoListen diff --git a/src/test/conf_examples/relay_12/error b/src/test/conf_examples/relay_12/error new file mode 100644 index 0000000000..57706d6a7a --- /dev/null +++ b/src/test/conf_examples/relay_12/error @@ -0,0 +1 @@ +We are advertising a DirPort, but not actually listening on one diff --git a/src/test/conf_examples/relay_12/error_no_dirauth_relay b/src/test/conf_examples/relay_12/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_12/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_12/torrc b/src/test/conf_examples/relay_12/torrc new file mode 100644 index 0000000000..4a7d398112 --- /dev/null +++ b/src/test/conf_examples/relay_12/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Advertising but not listening: DirPort +DirPort 1 NoListen diff --git a/src/test/conf_examples/relay_13/error b/src/test/conf_examples/relay_13/error new file mode 100644 index 0000000000..cd74247ea8 --- /dev/null +++ b/src/test/conf_examples/relay_13/error @@ -0,0 +1 @@ +We are listening on an ORPort, but not advertising any ORPorts diff --git a/src/test/conf_examples/relay_13/error_no_dirauth_relay b/src/test/conf_examples/relay_13/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_13/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_13/torrc b/src/test/conf_examples/relay_13/torrc new file mode 100644 index 0000000000..b76b72c0cc --- /dev/null +++ b/src/test/conf_examples/relay_13/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Listening but not advertising: ORPort +ORPort 1 NoAdvertise diff --git a/src/test/conf_examples/relay_14/error_no_dirauth_relay b/src/test/conf_examples/relay_14/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_14/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_14/expected b/src/test/conf_examples/relay_14/expected new file mode 100644 index 0000000000..31bb1c2507 --- /dev/null +++ b/src/test/conf_examples/relay_14/expected @@ -0,0 +1 @@ +DirPort 1 NoAdvertise diff --git a/src/test/conf_examples/relay_14/expected_log b/src/test/conf_examples/relay_14/expected_log new file mode 100644 index 0000000000..9b0c820211 --- /dev/null +++ b/src/test/conf_examples/relay_14/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_14[./]*torrc diff --git a/src/test/conf_examples/relay_14/torrc b/src/test/conf_examples/relay_14/torrc new file mode 100644 index 0000000000..15c6496c7e --- /dev/null +++ b/src/test/conf_examples/relay_14/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Listening but not advertising: DirPort +DirPort 1 NoAdvertise diff --git a/src/test/conf_examples/relay_15/error b/src/test/conf_examples/relay_15/error new file mode 100644 index 0000000000..da30f0cd14 --- /dev/null +++ b/src/test/conf_examples/relay_15/error @@ -0,0 +1 @@ +Can't advertise more than one DirPort diff --git a/src/test/conf_examples/relay_15/error_no_dirauth_relay b/src/test/conf_examples/relay_15/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_15/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_15/torrc b/src/test/conf_examples/relay_15/torrc new file mode 100644 index 0000000000..e1f78ee6a0 --- /dev/null +++ b/src/test/conf_examples/relay_15/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Advertising more than one DirPort +DirPort 1 +DirPort 2 diff --git a/src/test/conf_examples/relay_16/error b/src/test/conf_examples/relay_16/error new file mode 100644 index 0000000000..37b89ee572 --- /dev/null +++ b/src/test/conf_examples/relay_16/error @@ -0,0 +1 @@ +Configured public relay to listen only on an IPv6 address. Tor needs to listen on an IPv4 address diff --git a/src/test/conf_examples/relay_16/error_no_dirauth_relay b/src/test/conf_examples/relay_16/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_16/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_16/torrc b/src/test/conf_examples/relay_16/torrc new file mode 100644 index 0000000000..e544cd87a4 --- /dev/null +++ b/src/test/conf_examples/relay_16/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# IPv6 ORPort only +ORPort [::1]:2 diff --git a/src/test/conf_examples/relay_17/error_no_dirauth_relay b/src/test/conf_examples/relay_17/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_17/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_17/expected b/src/test/conf_examples/relay_17/expected new file mode 100644 index 0000000000..3fb0c9db92 --- /dev/null +++ b/src/test/conf_examples/relay_17/expected @@ -0,0 +1,4 @@ +AccountingMax 1 +KeepBindCapabilities 0 +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_17/expected_log b/src/test/conf_examples/relay_17/expected_log new file mode 100644 index 0000000000..7711f90178 --- /dev/null +++ b/src/test/conf_examples/relay_17/expected_log @@ -0,0 +1 @@ +You have set AccountingMax to use hibernation diff --git a/src/test/conf_examples/relay_17/torrc b/src/test/conf_examples/relay_17/torrc new file mode 100644 index 0000000000..f63f36815e --- /dev/null +++ b/src/test/conf_examples/relay_17/torrc @@ -0,0 +1,6 @@ +# Relay tests +# Options from relay/relay_config.c +# Rebind warning +ORPort 1 +AccountingMax 1 +KeepBindCapabilities 0 diff --git a/src/test/conf_examples/relay_18/error b/src/test/conf_examples/relay_18/error new file mode 100644 index 0000000000..5b28d311b0 --- /dev/null +++ b/src/test/conf_examples/relay_18/error @@ -0,0 +1 @@ +Invalid DirPort configuration diff --git a/src/test/conf_examples/relay_18/error_no_dirauth_relay b/src/test/conf_examples/relay_18/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_18/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_18/torrc b/src/test/conf_examples/relay_18/torrc new file mode 100644 index 0000000000..67a0fd0dfb --- /dev/null +++ b/src/test/conf_examples/relay_18/torrc @@ -0,0 +1,4 @@ +# Relay tests +# Options from relay/relay_config.c +# Bad DirPort +DirPort illegal_hostname_chars$()^*%(%#%)#(%* diff --git a/src/test/conf_examples/relay_19/error_no_dirauth_relay b/src/test/conf_examples/relay_19/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_19/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_19/expected b/src/test/conf_examples/relay_19/expected new file mode 100644 index 0000000000..f077169c88 --- /dev/null +++ b/src/test/conf_examples/relay_19/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort 1 +PublishServerDescriptor diff --git a/src/test/conf_examples/relay_19/expected_log b/src/test/conf_examples/relay_19/expected_log new file mode 100644 index 0000000000..17656ba2cf --- /dev/null +++ b/src/test/conf_examples/relay_19/expected_log @@ -0,0 +1 @@ +Read configuration file .*relay_19[./]*torrc diff --git a/src/test/conf_examples/relay_19/torrc b/src/test/conf_examples/relay_19/torrc new file mode 100644 index 0000000000..fd2cd91fa5 --- /dev/null +++ b/src/test/conf_examples/relay_19/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Minimal PublishServerDescriptor +ORPort 1 +PublishServerDescriptor diff --git a/src/test/conf_examples/relay_20/error b/src/test/conf_examples/relay_20/error new file mode 100644 index 0000000000..e5a81637f8 --- /dev/null +++ b/src/test/conf_examples/relay_20/error @@ -0,0 +1 @@ +Unrecognized value in PublishServerDescriptor diff --git a/src/test/conf_examples/relay_20/error_no_dirauth_relay b/src/test/conf_examples/relay_20/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_20/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_20/torrc b/src/test/conf_examples/relay_20/torrc new file mode 100644 index 0000000000..87dd74fdc1 --- /dev/null +++ b/src/test/conf_examples/relay_20/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Invalid PublishServerDescriptor +ORPort 1 +PublishServerDescriptor bad diff --git a/src/test/conf_examples/relay_21/error_no_dirauth_relay b/src/test/conf_examples/relay_21/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_21/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_21/expected b/src/test/conf_examples/relay_21/expected new file mode 100644 index 0000000000..9bcead1402 --- /dev/null +++ b/src/test/conf_examples/relay_21/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort 1 +PublishServerDescriptor v1,v2,hidserv diff --git a/src/test/conf_examples/relay_21/expected_log b/src/test/conf_examples/relay_21/expected_log new file mode 100644 index 0000000000..ba0d56fb1c --- /dev/null +++ b/src/test/conf_examples/relay_21/expected_log @@ -0,0 +1 @@ +PublishServerDescriptor v1 has no effect diff --git a/src/test/conf_examples/relay_21/torrc b/src/test/conf_examples/relay_21/torrc new file mode 100644 index 0000000000..97f032f626 --- /dev/null +++ b/src/test/conf_examples/relay_21/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Ignored PublishServerDescriptor values +ORPort 1 +PublishServerDescriptor v1,v2,hidserv diff --git a/src/test/conf_examples/relay_22/error b/src/test/conf_examples/relay_22/error new file mode 100644 index 0000000000..c47dd8c4c6 --- /dev/null +++ b/src/test/conf_examples/relay_22/error @@ -0,0 +1 @@ +Invalid BridgeDistribution value diff --git a/src/test/conf_examples/relay_22/error_no_dirauth_relay b/src/test/conf_examples/relay_22/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_22/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_22/torrc b/src/test/conf_examples/relay_22/torrc new file mode 100644 index 0000000000..e83c83260e --- /dev/null +++ b/src/test/conf_examples/relay_22/torrc @@ -0,0 +1,6 @@ +# Relay tests +# Options from relay/relay_config.c +# Bad BridgeDistribution characters +ORPort 1 +BridgeRelay 1 +BridgeDistribution *$%()@! diff --git a/src/test/conf_examples/relay_23/error b/src/test/conf_examples/relay_23/error new file mode 100644 index 0000000000..f76bbe77c4 --- /dev/null +++ b/src/test/conf_examples/relay_23/error @@ -0,0 +1 @@ +Relays must use 'auto' for the ConnectionPadding setting diff --git a/src/test/conf_examples/relay_23/error_no_dirauth_relay b/src/test/conf_examples/relay_23/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_23/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_23/torrc b/src/test/conf_examples/relay_23/torrc new file mode 100644 index 0000000000..3d28a1e27c --- /dev/null +++ b/src/test/conf_examples/relay_23/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Relays can't set ConnectionPadding +ORPort 1 +ConnectionPadding 1 diff --git a/src/test/conf_examples/relay_24/error b/src/test/conf_examples/relay_24/error new file mode 100644 index 0000000000..f76bbe77c4 --- /dev/null +++ b/src/test/conf_examples/relay_24/error @@ -0,0 +1 @@ +Relays must use 'auto' for the ConnectionPadding setting diff --git a/src/test/conf_examples/relay_24/error_no_dirauth_relay b/src/test/conf_examples/relay_24/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_24/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_24/torrc b/src/test/conf_examples/relay_24/torrc new file mode 100644 index 0000000000..1206e59e09 --- /dev/null +++ b/src/test/conf_examples/relay_24/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Relays can't set ConnectionPadding +ORPort 1 +ConnectionPadding 0 diff --git a/src/test/conf_examples/relay_25/error b/src/test/conf_examples/relay_25/error new file mode 100644 index 0000000000..bac681e6cc --- /dev/null +++ b/src/test/conf_examples/relay_25/error @@ -0,0 +1 @@ +Relays cannot set ReducedConnectionPadding diff --git a/src/test/conf_examples/relay_25/error_no_dirauth_relay b/src/test/conf_examples/relay_25/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_25/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_25/torrc b/src/test/conf_examples/relay_25/torrc new file mode 100644 index 0000000000..ab862a16f3 --- /dev/null +++ b/src/test/conf_examples/relay_25/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Relays can't set ReducedConnectionPadding 1 +ORPort 1 +ReducedConnectionPadding 1 diff --git a/src/test/conf_examples/relay_26/error b/src/test/conf_examples/relay_26/error new file mode 100644 index 0000000000..94334935e3 --- /dev/null +++ b/src/test/conf_examples/relay_26/error @@ -0,0 +1 @@ +Relays cannot set CircuitPadding to 0 diff --git a/src/test/conf_examples/relay_26/error_no_dirauth_relay b/src/test/conf_examples/relay_26/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_26/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_26/torrc b/src/test/conf_examples/relay_26/torrc new file mode 100644 index 0000000000..5dd6d68dc4 --- /dev/null +++ b/src/test/conf_examples/relay_26/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Relays can't set CircuitPadding to 0 +ORPort 1 +CircuitPadding 0 diff --git a/src/test/conf_examples/relay_27/error b/src/test/conf_examples/relay_27/error new file mode 100644 index 0000000000..e26ce46914 --- /dev/null +++ b/src/test/conf_examples/relay_27/error @@ -0,0 +1 @@ +Relays cannot set ReducedCircuitPadding diff --git a/src/test/conf_examples/relay_27/error_no_dirauth_relay b/src/test/conf_examples/relay_27/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_27/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_27/torrc b/src/test/conf_examples/relay_27/torrc new file mode 100644 index 0000000000..8556b2f351 --- /dev/null +++ b/src/test/conf_examples/relay_27/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Relays can't set ReducedCircuitPadding 1 +ORPort 1 +ReducedCircuitPadding 1 diff --git a/src/test/conf_examples/relay_28/error b/src/test/conf_examples/relay_28/error new file mode 100644 index 0000000000..3f14df975b --- /dev/null +++ b/src/test/conf_examples/relay_28/error @@ -0,0 +1 @@ +SigningKeyLifetime is too short diff --git a/src/test/conf_examples/relay_28/error_no_dirauth_relay b/src/test/conf_examples/relay_28/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_28/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_28/torrc b/src/test/conf_examples/relay_28/torrc new file mode 100644 index 0000000000..3e2c895bb7 --- /dev/null +++ b/src/test/conf_examples/relay_28/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# Short key lifetimes +ORPort 1 +SigningKeyLifetime 1 diff --git a/src/test/conf_examples/relay_29/error_no_dirauth_relay b/src/test/conf_examples/relay_29/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_29/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_29/expected b/src/test/conf_examples/relay_29/expected new file mode 100644 index 0000000000..1d25374ed1 --- /dev/null +++ b/src/test/conf_examples/relay_29/expected @@ -0,0 +1,2 @@ +Nickname Unnamed +ORPort 1 diff --git a/src/test/conf_examples/relay_29/expected_log b/src/test/conf_examples/relay_29/expected_log new file mode 100644 index 0000000000..f46c609c0c --- /dev/null +++ b/src/test/conf_examples/relay_29/expected_log @@ -0,0 +1 @@ +Linelist option 'MyFamily' has no value\. Skipping diff --git a/src/test/conf_examples/relay_29/torrc b/src/test/conf_examples/relay_29/torrc new file mode 100644 index 0000000000..4181d5acc2 --- /dev/null +++ b/src/test/conf_examples/relay_29/torrc @@ -0,0 +1,5 @@ +# Relay tests +# Options from relay/relay_config.c +# MyFamily normalisation: empty MyFamily +ORPort 1 +MyFamily diff --git a/src/test/conf_examples/relay_30/error_no_dirauth_relay b/src/test/conf_examples/relay_30/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_30/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_30/expected b/src/test/conf_examples/relay_30/expected new file mode 100644 index 0000000000..3a4e9feb3f --- /dev/null +++ b/src/test/conf_examples/relay_30/expected @@ -0,0 +1,2 @@ +Nickname Unnamed +ORPort auto diff --git a/src/test/conf_examples/relay_30/expected_log b/src/test/conf_examples/relay_30/expected_log new file mode 100644 index 0000000000..d5478c1a15 --- /dev/null +++ b/src/test/conf_examples/relay_30/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set
\ No newline at end of file diff --git a/src/test/conf_examples/relay_30/torrc b/src/test/conf_examples/relay_30/torrc new file mode 100644 index 0000000000..bf8487fe16 --- /dev/null +++ b/src/test/conf_examples/relay_30/torrc @@ -0,0 +1,3 @@ +# Relay tests +# default (IPv4) ORPort auto +ORPort auto diff --git a/src/test/conf_examples/relay_31/error_no_dirauth_relay b/src/test/conf_examples/relay_31/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_31/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_31/expected b/src/test/conf_examples/relay_31/expected new file mode 100644 index 0000000000..9a40cdd588 --- /dev/null +++ b/src/test/conf_examples/relay_31/expected @@ -0,0 +1,3 @@ +DirPort auto +Nickname Unnamed +ORPort auto diff --git a/src/test/conf_examples/relay_31/expected_log b/src/test/conf_examples/relay_31/expected_log new file mode 100644 index 0000000000..d5478c1a15 --- /dev/null +++ b/src/test/conf_examples/relay_31/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set
\ No newline at end of file diff --git a/src/test/conf_examples/relay_31/torrc b/src/test/conf_examples/relay_31/torrc new file mode 100644 index 0000000000..e662bb71b3 --- /dev/null +++ b/src/test/conf_examples/relay_31/torrc @@ -0,0 +1,4 @@ +# Relay tests +# default (IPv4) ORPort and DirPort auto +ORPort auto +DirPort auto diff --git a/src/test/conf_examples/relay_32/error_no_dirauth_relay b/src/test/conf_examples/relay_32/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_32/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_32/expected b/src/test/conf_examples/relay_32/expected new file mode 100644 index 0000000000..14b36c8259 --- /dev/null +++ b/src/test/conf_examples/relay_32/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort auto +ORPort [::1]:auto diff --git a/src/test/conf_examples/relay_32/expected_log b/src/test/conf_examples/relay_32/expected_log new file mode 100644 index 0000000000..d5478c1a15 --- /dev/null +++ b/src/test/conf_examples/relay_32/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set
\ No newline at end of file diff --git a/src/test/conf_examples/relay_32/torrc b/src/test/conf_examples/relay_32/torrc new file mode 100644 index 0000000000..95a66c4852 --- /dev/null +++ b/src/test/conf_examples/relay_32/torrc @@ -0,0 +1,4 @@ +# Relay tests +# default (IPv4) ORPort auto and IPv6 ORPort auto +ORPort auto +ORPort [::1]:auto diff --git a/src/test/conf_examples/relay_33/error_no_dirauth_relay b/src/test/conf_examples/relay_33/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_33/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_33/expected b/src/test/conf_examples/relay_33/expected new file mode 100644 index 0000000000..22567cbe2e --- /dev/null +++ b/src/test/conf_examples/relay_33/expected @@ -0,0 +1,3 @@ +Nickname Unnamed +ORPort 127.0.0.1:auto +ORPort [::1]:auto diff --git a/src/test/conf_examples/relay_33/expected_log b/src/test/conf_examples/relay_33/expected_log new file mode 100644 index 0000000000..d5478c1a15 --- /dev/null +++ b/src/test/conf_examples/relay_33/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set
\ No newline at end of file diff --git a/src/test/conf_examples/relay_33/torrc b/src/test/conf_examples/relay_33/torrc new file mode 100644 index 0000000000..44d16ad31a --- /dev/null +++ b/src/test/conf_examples/relay_33/torrc @@ -0,0 +1,4 @@ +# Relay tests +# explicit IPv4 ORPort auto and IPv6 ORPort auto +ORPort 127.0.0.1:auto +ORPort [::1]:auto diff --git a/src/test/conf_examples/relay_34/error_no_dirauth_relay b/src/test/conf_examples/relay_34/error_no_dirauth_relay new file mode 100644 index 0000000000..9f9c0fd8f3 --- /dev/null +++ b/src/test/conf_examples/relay_34/error_no_dirauth_relay @@ -0,0 +1 @@ +This tor was built with relay mode disabled. diff --git a/src/test/conf_examples/relay_34/expected b/src/test/conf_examples/relay_34/expected new file mode 100644 index 0000000000..bccde684f3 --- /dev/null +++ b/src/test/conf_examples/relay_34/expected @@ -0,0 +1,4 @@ +DirPort 127.0.0.1:auto +Nickname Unnamed +ORPort 127.0.0.1:auto +ORPort [::1]:auto diff --git a/src/test/conf_examples/relay_34/expected_log b/src/test/conf_examples/relay_34/expected_log new file mode 100644 index 0000000000..d5478c1a15 --- /dev/null +++ b/src/test/conf_examples/relay_34/expected_log @@ -0,0 +1 @@ +Your ContactInfo config option is not set
\ No newline at end of file diff --git a/src/test/conf_examples/relay_34/torrc b/src/test/conf_examples/relay_34/torrc new file mode 100644 index 0000000000..01010a5c38 --- /dev/null +++ b/src/test/conf_examples/relay_34/torrc @@ -0,0 +1,5 @@ +# Relay tests +# explicit IPv4 ORPort and DirPort auto and IPv6 ORPort auto +ORPort 127.0.0.1:auto +ORPort [::1]:auto +DirPort 127.0.0.1:auto diff --git a/src/test/conf_examples/relpath_rad/error b/src/test/conf_examples/relpath_rad/error new file mode 100644 index 0000000000..e131744475 --- /dev/null +++ b/src/test/conf_examples/relpath_rad/error @@ -0,0 +1 @@ +RunAsDaemon is not compatible with relative paths. diff --git a/src/test/conf_examples/relpath_rad/torrc b/src/test/conf_examples/relpath_rad/torrc new file mode 100644 index 0000000000..fe02441c3f --- /dev/null +++ b/src/test/conf_examples/relpath_rad/torrc @@ -0,0 +1,4 @@ + +# Relative-path data directories are incompatible with RunAsDaemon +DataDirectory ./datadir +RunAsDaemon 1 diff --git a/src/test/conf_failures/README b/src/test/conf_failures/README new file mode 100644 index 0000000000..0da470eeb4 --- /dev/null +++ b/src/test/conf_failures/README @@ -0,0 +1,5 @@ +This directory contains typical test_parseconf.sh failure cases. + +If these directories are copied into conf_examples, test_parseconf.sh will +fail. Use these failure cases to make sure test_parseconf.sh handles failures +correctly, and produces useful output. diff --git a/src/test/conf_failures/fail-error-success/error b/src/test/conf_failures/fail-error-success/error new file mode 100644 index 0000000000..569a631e86 --- /dev/null +++ b/src/test/conf_failures/fail-error-success/error @@ -0,0 +1 @@ +Tor diff --git a/src/test/conf_failures/fail-error-success/torrc b/src/test/conf_failures/fail-error-success/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_failures/fail-error-success/torrc diff --git a/src/test/conf_failures/fail-error/error b/src/test/conf_failures/fail-error/error new file mode 100644 index 0000000000..4c0be97832 --- /dev/null +++ b/src/test/conf_failures/fail-error/error @@ -0,0 +1 @@ +no match diff --git a/src/test/conf_failures/fail-error/torrc b/src/test/conf_failures/fail-error/torrc new file mode 100644 index 0000000000..bb6fe186a4 --- /dev/null +++ b/src/test/conf_failures/fail-error/torrc @@ -0,0 +1 @@ +bad bad bad diff --git a/src/test/conf_failures/fail-expected-error/expected b/src/test/conf_failures/fail-expected-error/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_failures/fail-expected-error/expected diff --git a/src/test/conf_failures/fail-expected-error/torrc b/src/test/conf_failures/fail-expected-error/torrc new file mode 100644 index 0000000000..bb6fe186a4 --- /dev/null +++ b/src/test/conf_failures/fail-expected-error/torrc @@ -0,0 +1 @@ +bad bad bad diff --git a/src/test/conf_failures/fail-expected-log/expected b/src/test/conf_failures/fail-expected-log/expected new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_failures/fail-expected-log/expected diff --git a/src/test/conf_failures/fail-expected-log/expected_log b/src/test/conf_failures/fail-expected-log/expected_log new file mode 100644 index 0000000000..bb6fe186a4 --- /dev/null +++ b/src/test/conf_failures/fail-expected-log/expected_log @@ -0,0 +1 @@ +bad bad bad diff --git a/src/test/conf_failures/fail-expected-log/torrc b/src/test/conf_failures/fail-expected-log/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_failures/fail-expected-log/torrc diff --git a/src/test/conf_failures/fail-expected/expected b/src/test/conf_failures/fail-expected/expected new file mode 100644 index 0000000000..67be85f127 --- /dev/null +++ b/src/test/conf_failures/fail-expected/expected @@ -0,0 +1 @@ +bad diff --git a/src/test/conf_failures/fail-expected/torrc b/src/test/conf_failures/fail-expected/torrc new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/test/conf_failures/fail-expected/torrc diff --git a/src/test/ed25519_exts_ref.py b/src/test/ed25519_exts_ref.py index 75562184b5..ae537ff15b 100644 --- a/src/test/ed25519_exts_ref.py +++ b/src/test/ed25519_exts_ref.py @@ -8,6 +8,11 @@ Includes self-tester and test vector generator. """ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import slow_ed25519 from slow_ed25519 import * @@ -147,7 +152,7 @@ class SelfTest(unittest.TestCase): # Check that identities match assert(identity == identity2) # Check that identity is the point (0,1) - assert(identity == [0L,1L]) + assert(identity == [0,1]) # Check identity element: a*E = E, where a is a random scalar scalar = random_scalar(os.urandom) @@ -181,22 +186,22 @@ BLINDING_PARAMS = [ PREFIX = "ED25519_" def writeArray(name, array): - print "static const char *{prefix}{name}[] = {{".format( - prefix=PREFIX,name=name) + print("static const char *{prefix}{name}[] = {{".format( + prefix=PREFIX,name=name)) for a in array: h = binascii.b2a_hex(a) if len(h) > 70: h1 = h[:70] h2 = h[70:] - print ' "{0}"\n "{1}",'.format(h1,h2) + print(' "{0}"\n "{1}",'.format(h1,h2)) else: - print ' "{0}",'.format(h) - print "};\n" + print(' "{0}",'.format(h)) + print("};\n") def comment(text, initial="/**"): - print initial - print textwrap.fill(text,initial_indent=" * ",subsequent_indent=" * ") - print " */" + print(initial) + print(textwrap.fill(text,initial_indent=" * ",subsequent_indent=" * ")) + print(" */") def makeTestVectors(): comment("""Test vectors for our ed25519 implementation and related @@ -252,7 +257,7 @@ def makeTestVectors(): if __name__ == '__main__': import sys if len(sys.argv) == 1 or sys.argv[1] not in ("SelfTest", "MakeVectors"): - print "You should specify one of 'SelfTest' or 'MakeVectors'" + print("You should specify one of 'SelfTest' or 'MakeVectors'") sys.exit(1) if sys.argv[1] == 'SelfTest': unittest.main() diff --git a/src/test/fakechans.h b/src/test/fakechans.h index 4006e1bec4..c3accb1637 100644 --- a/src/test/fakechans.h +++ b/src/test/fakechans.h @@ -1,4 +1,4 @@ - /* Copyright (c) 2014-2019, The Tor Project, Inc. */ + /* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef TOR_FAKECHANS_H diff --git a/src/test/fakecircs.c b/src/test/fakecircs.c new file mode 100644 index 0000000000..4d5b97197e --- /dev/null +++ b/src/test/fakecircs.c @@ -0,0 +1,91 @@ +/* Copyright (c) 2019-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file fakecircs.c + * \brief Fake circuits API for unit test. + **/ + +#define CIRCUITBUILD_PRIVATE +#define CIRCUITLIST_PRIVATE +#define CRYPT_PATH_PRIVATE + +#include "core/or/or.h" + +#include "core/crypto/relay_crypto.h" +#include "core/or/channel.h" +#include "core/or/circuitbuild.h" +#include "core/or/circuitlist.h" +#include "core/or/circuitpadding.h" +#include "core/or/crypt_path.h" +#include "core/or/relay.h" +#include "core/or/relay_crypto_st.h" + +#include "test/fakecircs.h" + +/** Return newly allocated OR circuit using the given nchan and pchan. It must + * be freed with the free_fake_orcirc(). */ +or_circuit_t * +new_fake_orcirc(channel_t *nchan, channel_t *pchan) +{ + or_circuit_t *orcirc = NULL; + circuit_t *circ = NULL; + crypt_path_t tmp_cpath; + char whatevs_key[CPATH_KEY_MATERIAL_LEN]; + + orcirc = tor_malloc_zero(sizeof(*orcirc)); + circ = &(orcirc->base_); + circ->magic = OR_CIRCUIT_MAGIC; + + circuit_set_n_circid_chan(circ, get_unique_circ_id_by_chan(nchan), nchan); + cell_queue_init(&(circ->n_chan_cells)); + + circ->n_hop = NULL; + circ->streams_blocked_on_n_chan = 0; + circ->streams_blocked_on_p_chan = 0; + circ->n_delete_pending = 0; + circ->p_delete_pending = 0; + circ->received_destroy = 0; + circ->state = CIRCUIT_STATE_OPEN; + circ->purpose = CIRCUIT_PURPOSE_OR; + circ->package_window = CIRCWINDOW_START_MAX; + circ->deliver_window = CIRCWINDOW_START_MAX; + circ->n_chan_create_cell = NULL; + + circuit_set_p_circid_chan(orcirc, get_unique_circ_id_by_chan(pchan), pchan); + cell_queue_init(&(orcirc->p_chan_cells)); + + memset(&tmp_cpath, 0, sizeof(tmp_cpath)); + if (cpath_init_circuit_crypto(&tmp_cpath, whatevs_key, + sizeof(whatevs_key), 0, 0)<0) { + log_warn(LD_BUG,"Circuit initialization failed"); + return NULL; + } + orcirc->crypto = tmp_cpath.pvt_crypto; + + return orcirc; +} + +/** Free fake OR circuit which MUST be created by new_fake_orcirc(). */ +void +free_fake_orcirc(or_circuit_t *orcirc) +{ + if (!orcirc) { + return; + } + + circuit_t *circ = TO_CIRCUIT(orcirc); + + relay_crypto_clear(&orcirc->crypto); + + circpad_circuit_free_all_machineinfos(circ); + + if (orcirc->p_chan && orcirc->p_chan->cmux) { + circuitmux_detach_circuit(orcirc->p_chan->cmux, circ); + } + if (circ->n_chan && circ->n_chan->cmux) { + circuitmux_detach_circuit(circ->n_chan->cmux, circ); + } + + tor_free_(circ); +} diff --git a/src/test/fakecircs.h b/src/test/fakecircs.h new file mode 100644 index 0000000000..ed8a150a3f --- /dev/null +++ b/src/test/fakecircs.h @@ -0,0 +1,17 @@ +/* Copyright (c) 2019-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file fakecircs.h + * \brief Declarations for fake circuits for test suite use. + **/ + +#ifndef TOR_FAKECIRCS_H +#define TOR_FAKECIRCS_H + +#include "core/or/or_circuit_st.h" + +or_circuit_t *new_fake_orcirc(channel_t *nchan, channel_t *pchan); +void free_fake_orcirc(or_circuit_t *orcirc); + +#endif /* !defined(TOR_FAKECIRCS_H) */ diff --git a/src/test/fuzz/.may_include b/src/test/fuzz/.may_include new file mode 100644 index 0000000000..424c745c12 --- /dev/null +++ b/src/test/fuzz/.may_include @@ -0,0 +1 @@ +*.h diff --git a/src/test/fuzz/fixup_filenames.sh b/src/test/fuzz/fixup_filenames.sh index 68efc1abc5..f730d532a5 100755 --- a/src/test/fuzz/fixup_filenames.sh +++ b/src/test/fuzz/fixup_filenames.sh @@ -8,9 +8,9 @@ if [ ! -d "$1" ] ; then fi for fn in "$1"/* ; do - prev=`basename "$fn"` - post=`sha256sum "$fn" | sed -e 's/ .*//;'` - if [ "$prev" == "$post" ] ; then + prev=$(basename "$fn") + post=$(sha256sum "$fn" | sed -e 's/ .*//;') + if [ "$prev" = "$post" ] ; then echo "OK $prev" else echo "mv $prev $post" diff --git a/src/test/fuzz/fuzz_consensus.c b/src/test/fuzz/fuzz_consensus.c index 5947a3f48c..f2bf29ea78 100644 --- a/src/test/fuzz/fuzz_consensus.c +++ b/src/test/fuzz/fuzz_consensus.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define SIGCOMMON_PRIVATE #include "core/or/or.h" @@ -61,13 +61,13 @@ int fuzz_main(const uint8_t *data, size_t sz) { networkstatus_t *ns; - char *str = tor_memdup_nulterm(data, sz); const char *eos = NULL; networkstatus_type_t tp = NS_TYPE_CONSENSUS; if (tor_memstr(data, MIN(sz, 1024), "tus vote")) tp = NS_TYPE_VOTE; const char *what = (tp == NS_TYPE_CONSENSUS) ? "consensus" : "vote"; - ns = networkstatus_parse_vote_from_string(str, + ns = networkstatus_parse_vote_from_string((const char *)data, + sz, &eos, tp); if (ns) { @@ -76,6 +76,6 @@ fuzz_main(const uint8_t *data, size_t sz) } else { log_debug(LD_GENERAL, "Parsing as %s failed", what); } - tor_free(str); + return 0; } diff --git a/src/test/fuzz/fuzz_descriptor.c b/src/test/fuzz/fuzz_descriptor.c index 58ee3dbc35..eb4d4d507f 100644 --- a/src/test/fuzz/fuzz_descriptor.c +++ b/src/test/fuzz/fuzz_descriptor.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define SIGCOMMON_PRIVATE #include "core/or/or.h" diff --git a/src/test/fuzz/fuzz_diff.c b/src/test/fuzz/fuzz_diff.c index 1bc60e50ee..9cd2116245 100644 --- a/src/test/fuzz/fuzz_diff.c +++ b/src/test/fuzz/fuzz_diff.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONSDIFF_PRIVATE @@ -10,9 +10,11 @@ #include "test/fuzz/fuzzing.h" static int -mock_consensus_compute_digest_(const char *c, consensus_digest_t *d) +mock_consensus_compute_digest_(const char *c, size_t len, + consensus_digest_t *d) { (void)c; + (void)len; memset(d->sha3_256, 3, sizeof(d->sha3_256)); return 0; } @@ -42,28 +44,34 @@ fuzz_main(const uint8_t *stdin_buf, size_t data_size) if (! separator) return 0; size_t c1_len = separator - stdin_buf; - char *c1 = tor_memdup_nulterm(stdin_buf, c1_len); + const char *c1 = (const char *)stdin_buf; size_t c2_len = data_size - c1_len - SEPLEN; - char *c2 = tor_memdup_nulterm(separator + SEPLEN, c2_len); + const char *c2 = (const char *)separator + SEPLEN; - char *c3 = consensus_diff_generate(c1, c2); + const char *cp = memchr(c1, 0, c1_len); + if (cp) + c1_len = cp - c1; + + cp = memchr(c2, 0, c2_len); + if (cp) + c2_len = cp - c2; + + char *c3 = consensus_diff_generate(c1, c1_len, c2, c2_len); if (c3) { - char *c4 = consensus_diff_apply(c1, c3); + char *c4 = consensus_diff_apply(c1, c1_len, c3, strlen(c3)); tor_assert(c4); - if (strcmp(c2, c4)) { - printf("%s\n", escaped(c1)); - printf("%s\n", escaped(c2)); + int equal = (c2_len == strlen(c4)) && fast_memeq(c2, c4, c2_len); + if (! equal) { + //printf("%s\n", escaped(c1)); + //printf("%s\n", escaped(c2)); printf("%s\n", escaped(c3)); printf("%s\n", escaped(c4)); } - tor_assert(! strcmp(c2, c4)); + tor_assert(equal); tor_free(c3); tor_free(c4); } - tor_free(c1); - tor_free(c2); return 0; } - diff --git a/src/test/fuzz/fuzz_diff_apply.c b/src/test/fuzz/fuzz_diff_apply.c index 9bd3cb0bf8..a819c73338 100644 --- a/src/test/fuzz/fuzz_diff_apply.c +++ b/src/test/fuzz/fuzz_diff_apply.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONSDIFF_PRIVATE @@ -10,9 +10,11 @@ #include "test/fuzz/fuzzing.h" static int -mock_consensus_compute_digest_(const char *c, consensus_digest_t *d) +mock_consensus_compute_digest_(const char *c, size_t len, + consensus_digest_t *d) { (void)c; + (void)len; memset(d->sha3_256, 3, sizeof(d->sha3_256)); return 0; } @@ -50,16 +52,13 @@ fuzz_main(const uint8_t *stdin_buf, size_t data_size) if (! separator) return 0; size_t c1_len = separator - stdin_buf; - char *c1 = tor_memdup_nulterm(stdin_buf, c1_len); + const char *c1 = (const char *)stdin_buf; size_t c2_len = data_size - c1_len - SEPLEN; - char *c2 = tor_memdup_nulterm(separator + SEPLEN, c2_len); + const char *c2 = (const char *)separator + SEPLEN; - char *c3 = consensus_diff_apply(c1, c2); + char *c3 = consensus_diff_apply(c1, c1_len, c2, c2_len); - tor_free(c1); - tor_free(c2); tor_free(c3); return 0; } - diff --git a/src/test/fuzz/fuzz_extrainfo.c b/src/test/fuzz/fuzz_extrainfo.c index f18bd68d65..ad21254e3e 100644 --- a/src/test/fuzz/fuzz_extrainfo.c +++ b/src/test/fuzz/fuzz_extrainfo.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define SIGCOMMON_PRIVATE #include "core/or/or.h" diff --git a/src/test/fuzz/fuzz_hsdescv2.c b/src/test/fuzz/fuzz_hsdescv2.c index 34639b237c..81d9e5f00e 100644 --- a/src/test/fuzz/fuzz_hsdescv2.c +++ b/src/test/fuzz/fuzz_hsdescv2.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" #include "feature/dirparse/unparseable.h" diff --git a/src/test/fuzz/fuzz_hsdescv3.c b/src/test/fuzz/fuzz_hsdescv3.c index 2cbd655898..8d7eab1a8d 100644 --- a/src/test/fuzz/fuzz_hsdescv3.c +++ b/src/test/fuzz/fuzz_hsdescv3.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define HS_DESCRIPTOR_PRIVATE @@ -35,16 +35,21 @@ mock_rsa_ed25519_crosscert_check(const uint8_t *crosscert, static size_t mock_decrypt_desc_layer(const hs_descriptor_t *desc, - const uint8_t *encrypted_blob, - size_t encrypted_blob_size, const uint8_t *descriptor_cookie, - int is_superencrypted_layer, + bool is_superencrypted_layer, char **decrypted_out) { (void)is_superencrypted_layer; (void)desc; (void)descriptor_cookie; const size_t overhead = HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN; + const uint8_t *encrypted_blob = (is_superencrypted_layer) + ? desc->plaintext_data.superencrypted_blob + : desc->superencrypted_data.encrypted_blob; + size_t encrypted_blob_size = (is_superencrypted_layer) + ? desc->plaintext_data.superencrypted_blob_size + : desc->superencrypted_data.encrypted_blob_size; + if (encrypted_blob_size < overhead) return 0; *decrypted_out = tor_memdup_nulterm( @@ -80,12 +85,12 @@ int fuzz_main(const uint8_t *data, size_t sz) { hs_descriptor_t *desc = NULL; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; char *fuzzing_data = tor_memdup_nulterm(data, sz); - memset(subcredential, 'A', sizeof(subcredential)); + memset(&subcredential, 'A', sizeof(subcredential)); - hs_desc_decode_descriptor(fuzzing_data, subcredential, NULL, &desc); + hs_desc_decode_descriptor(fuzzing_data, &subcredential, NULL, &desc); if (desc) { log_debug(LD_GENERAL, "Decoding okay"); hs_descriptor_free(desc); @@ -96,4 +101,3 @@ fuzz_main(const uint8_t *data, size_t sz) tor_free(fuzzing_data); return 0; } - diff --git a/src/test/fuzz/fuzz_http.c b/src/test/fuzz/fuzz_http.c index 2798c47d23..a4fd182f1e 100644 --- a/src/test/fuzz/fuzz_http.c +++ b/src/test/fuzz/fuzz_http.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -8,7 +8,7 @@ #include "core/or/or.h" #include "lib/err/backtrace.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "app/config/config.h" #include "core/mainloop/connection.h" #include "feature/dircache/dircache.h" diff --git a/src/test/fuzz/fuzz_http_connect.c b/src/test/fuzz/fuzz_http_connect.c index a60fc36804..9e5a48ba4d 100644 --- a/src/test/fuzz/fuzz_http_connect.c +++ b/src/test/fuzz/fuzz_http_connect.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -8,7 +8,7 @@ #include "core/or/or.h" #include "lib/err/backtrace.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "app/config/config.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" diff --git a/src/test/fuzz/fuzz_iptsv2.c b/src/test/fuzz/fuzz_iptsv2.c index 76fa3c164e..bc51ffcdb8 100644 --- a/src/test/fuzz/fuzz_iptsv2.c +++ b/src/test/fuzz/fuzz_iptsv2.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/fuzz/fuzz_microdesc.c b/src/test/fuzz/fuzz_microdesc.c index 28fdc5e24d..3fc709183b 100644 --- a/src/test/fuzz/fuzz_microdesc.c +++ b/src/test/fuzz/fuzz_microdesc.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/fuzz/fuzz_multi.sh b/src/test/fuzz/fuzz_multi.sh index b4a17ed8cb..406ab498d9 100755 --- a/src/test/fuzz/fuzz_multi.sh +++ b/src/test/fuzz/fuzz_multi.sh @@ -1,3 +1,5 @@ +#!/bin/sh + MEMLIMIT_BYTES=21990500990976 N_CPUS=1 @@ -6,9 +8,9 @@ if [ $# -ge 1 ]; then shift fi -FILTER=echo +FILTER="echo" -for i in `seq -w "$N_CPUS"`; do +for i in $(seq -w "$N_CPUS"); do if [ "$i" -eq 1 ]; then if [ "$N_CPUS" -eq 1 ]; then INSTANCE="" diff --git a/src/test/fuzz/fuzz_socks.c b/src/test/fuzz/fuzz_socks.c index 06cb08391e..4e7cb4d48d 100644 --- a/src/test/fuzz/fuzz_socks.c +++ b/src/test/fuzz/fuzz_socks.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -6,7 +6,7 @@ #define BUFFERS_PRIVATE #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "lib/err/backtrace.h" #include "lib/log/log.h" #include "core/proto/proto_socks.h" diff --git a/src/test/fuzz/fuzz_strops.c b/src/test/fuzz/fuzz_strops.c new file mode 100644 index 0000000000..05d9101e72 --- /dev/null +++ b/src/test/fuzz/fuzz_strops.c @@ -0,0 +1,253 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file fuzz_strops.c + * \brief Fuzzers for various string encoding/decoding operations + **/ + +#include "orconfig.h" + +#include "lib/cc/torint.h" +#include "lib/ctime/di_ops.h" +#include "lib/encoding/binascii.h" +#include "lib/encoding/cstring.h" +#include "lib/encoding/kvline.h" +#include "lib/encoding/confline.h" +#include "lib/malloc/malloc.h" +#include "lib/log/escape.h" +#include "lib/log/util_bug.h" +#include "lib/intmath/muldiv.h" + +#include "test/fuzz/fuzzing.h" + +#include <stdio.h> +#include <string.h> + +int +fuzz_init(void) +{ + return 0; +} + +int +fuzz_cleanup(void) +{ + return 0; +} + +typedef struct chunk_t { + uint8_t *buf; + size_t len; +} chunk_t; + +#define chunk_free(ch) \ + FREE_AND_NULL(chunk_t, chunk_free_, (ch)) + +static chunk_t * +chunk_new(size_t len) +{ + chunk_t *ch = tor_malloc(sizeof(chunk_t)); + ch->buf = tor_malloc(len); + ch->len = len; + return ch; +} +static void +chunk_free_(chunk_t *ch) +{ + if (!ch) + return; + tor_free(ch->buf); + tor_free(ch); +} +static bool +chunk_eq(const chunk_t *a, const chunk_t *b) +{ + return a->len == b->len && fast_memeq(a->buf, b->buf, a->len); +} + +static chunk_t * +b16_dec(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(CEIL_DIV(inp->len, 2)); + int r = base16_decode((char *)ch->buf, ch->len, (char *)inp->buf, inp->len); + if (r >= 0) { + ch->len = r; + } else { + chunk_free(ch); + } + return ch; +} +static chunk_t * +b16_enc(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(inp->len * 2 + 1); + base16_encode((char *)ch->buf, ch->len, (char*)inp->buf, inp->len); + return ch; +} + +static chunk_t * +b32_dec(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(inp->len);//XXXX + int r = base32_decode((char *)ch->buf, ch->len, (char *)inp->buf, inp->len); + if (r >= 0) { + ch->len = r; + } else { + chunk_free(ch); + } + return ch; +} +static chunk_t * +b32_enc(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(base32_encoded_size(inp->len)); + base32_encode((char *)ch->buf, ch->len, (char*)inp->buf, inp->len); + ch->len = strlen((char *) ch->buf); + return ch; +} + +static chunk_t * +b64_dec(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(inp->len);//XXXX This could be shorter. + int r = base64_decode((char *)ch->buf, ch->len, (char *)inp->buf, inp->len); + if (r >= 0) { + ch->len = r; + } else { + chunk_free(ch); + } + return ch; +} +static chunk_t * +b64_enc(const chunk_t *inp) +{ + chunk_t *ch = chunk_new(BASE64_BUFSIZE(inp->len)); + base64_encode((char *)ch->buf, ch->len, (char *)inp->buf, inp->len, 0); + ch->len = strlen((char *) ch->buf); + return ch; +} + +static chunk_t * +c_dec(const chunk_t *inp) +{ + char *s = tor_memdup_nulterm(inp->buf, inp->len); + chunk_t *ch = tor_malloc(sizeof(chunk_t)); + char *r = NULL; + (void) unescape_string(s, &r, &ch->len); + tor_free(s); + ch->buf = (uint8_t*) r; + if (!ch->buf) { + tor_free(ch); + } + return ch; +} +static chunk_t * +c_enc(const chunk_t *inp) +{ + char *s = tor_memdup_nulterm(inp->buf, inp->len); + chunk_t *ch = tor_malloc(sizeof(chunk_t)); + ch->buf = (uint8_t*)esc_for_log(s); + tor_free(s); + ch->len = strlen((char*)ch->buf); + return ch; +} + +static int kv_flags = 0; +static config_line_t * +kv_dec(const chunk_t *inp) +{ + char *s = tor_memdup_nulterm(inp->buf, inp->len); + config_line_t *res = kvline_parse(s, kv_flags); + tor_free(s); + return res; +} +static chunk_t * +kv_enc(const config_line_t *inp) +{ + char *s = kvline_encode(inp, kv_flags); + if (!s) + return NULL; + chunk_t *res = tor_malloc(sizeof(chunk_t)); + res->buf = (uint8_t*)s; + res->len = strlen(s); + return res; +} + +/* Given an encoder function, a decoder function, and a function to free + * the decoded object, check whether any string that successfully decoded + * will then survive an encode-decode-encode round-trip unchanged. + */ +#define ENCODE_ROUNDTRIP(E,D,FREE) \ + STMT_BEGIN { \ + bool err = false; \ + a = D(&inp); \ + if (!a) \ + return 0; \ + b = E(a); \ + tor_assert(b); \ + c = D(b); \ + tor_assert(c); \ + d = E(c); \ + tor_assert(d); \ + if (!chunk_eq(b,d)) { \ + printf("Unequal chunks: %s\n", \ + hex_str((char*)b->buf, b->len)); \ + printf(" vs %s\n", \ + hex_str((char*)d->buf, d->len)); \ + err = true; \ + } \ + FREE(a); \ + chunk_free(b); \ + FREE(c); \ + chunk_free(d); \ + tor_assert(!err); \ + } STMT_END + +int +fuzz_main(const uint8_t *stdin_buf, size_t data_size) +{ + if (!data_size) + return 0; + + chunk_t inp = { (uint8_t*)stdin_buf, data_size }; + chunk_t *b=NULL,*d=NULL; + void *a=NULL,*c=NULL; + + switch (stdin_buf[0]) { + case 0: + ENCODE_ROUNDTRIP(b16_enc, b16_dec, chunk_free_); + break; + case 1: + ENCODE_ROUNDTRIP(b32_enc, b32_dec, chunk_free_); + break; + case 2: + ENCODE_ROUNDTRIP(b64_enc, b64_dec, chunk_free_); + break; + case 3: + ENCODE_ROUNDTRIP(c_enc, c_dec, chunk_free_); + break; + case 5: + kv_flags = KV_QUOTED|KV_OMIT_KEYS; + ENCODE_ROUNDTRIP(kv_enc, kv_dec, config_free_lines_); + break; + case 6: + kv_flags = 0; + ENCODE_ROUNDTRIP(kv_enc, kv_dec, config_free_lines_); + break; + case 7: + kv_flags = KV_OMIT_VALS; + ENCODE_ROUNDTRIP(kv_enc, kv_dec, config_free_lines_); + break; + case 8: + kv_flags = KV_QUOTED; + ENCODE_ROUNDTRIP(kv_enc, kv_dec, config_free_lines_); + break; + case 9: + kv_flags = KV_QUOTED|KV_OMIT_VALS; + ENCODE_ROUNDTRIP(kv_enc, kv_dec, config_free_lines_); + break; + } + + return 0; +} diff --git a/src/test/fuzz/fuzz_vrs.c b/src/test/fuzz/fuzz_vrs.c index 967397d1af..d6e88e59e7 100644 --- a/src/test/fuzz/fuzz_vrs.c +++ b/src/test/fuzz/fuzz_vrs.c @@ -1,8 +1,9 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define NS_PARSE_PRIVATE #define NETWORKSTATUS_PRIVATE #include "core/or/or.h" +#include "feature/dirauth/dirvote.h" #include "feature/dirparse/ns_parse.h" #include "feature/dirparse/unparseable.h" #include "lib/memarea/memarea.h" @@ -35,9 +36,12 @@ fuzz_init(void) dummy_vote = tor_malloc_zero(sizeof(*dummy_vote)); dummy_vote->known_flags = smartlist_new(); smartlist_split_string(dummy_vote->known_flags, - "Authority BadExit Exit Fast Guard HSDir " - "NoEdConsensus Running Stable V2Dir Valid", + DIRVOTE_UNIVERSAL_FLAGS, " ", 0, 0); + smartlist_split_string(dummy_vote->known_flags, + DIRVOTE_OPTIONAL_FLAGS, + " ", 0, 0); + smartlist_sort_strings(dummy_vote->known_flags); return 0; } @@ -53,24 +57,24 @@ fuzz_cleanup(void) int fuzz_main(const uint8_t *data, size_t sz) { - char *str = tor_memdup_nulterm(data, sz); const char *s; routerstatus_t *rs_ns = NULL, *rs_md = NULL, *rs_vote = NULL; vote_routerstatus_t *vrs = tor_malloc_zero(sizeof(*vrs)); smartlist_t *tokens = smartlist_new(); + const char *eos = (const char *)data + sz; - s = str; - rs_ns = routerstatus_parse_entry_from_string(area, &s, tokens, + s = (const char *)data; + rs_ns = routerstatus_parse_entry_from_string(area, &s, eos, tokens, NULL, NULL, 26, FLAV_NS); tor_assert(smartlist_len(tokens) == 0); - s = str; - rs_md = routerstatus_parse_entry_from_string(area, &s, tokens, + s = (const char *)data; + rs_md = routerstatus_parse_entry_from_string(area, &s, eos, tokens, NULL, NULL, 26, FLAV_MICRODESC); tor_assert(smartlist_len(tokens) == 0); - s = str; - rs_vote = routerstatus_parse_entry_from_string(area, &s, tokens, + s = (const char *)data; + rs_vote = routerstatus_parse_entry_from_string(area, &s, eos, tokens, dummy_vote, vrs, 26, FLAV_NS); tor_assert(smartlist_len(tokens) == 0); @@ -82,6 +86,6 @@ fuzz_main(const uint8_t *data, size_t sz) vote_routerstatus_free(vrs); memarea_clear(area); smartlist_free(tokens); - tor_free(str); + return 0; } diff --git a/src/test/fuzz/fuzzing.h b/src/test/fuzz/fuzzing.h index 150ac4aa7d..6cbcdc41ad 100644 --- a/src/test/fuzz/fuzzing.h +++ b/src/test/fuzz/fuzzing.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef FUZZING_H #define FUZZING_H @@ -9,5 +9,5 @@ int fuzz_main(const uint8_t *data, size_t sz); void disable_signature_checking(void); -#endif /* FUZZING_H */ +#endif /* !defined(FUZZING_H) */ diff --git a/src/test/fuzz/fuzzing_common.c b/src/test/fuzz/fuzzing_common.c index 8ea4898522..d9719074ad 100644 --- a/src/test/fuzz/fuzzing_common.c +++ b/src/test/fuzz/fuzzing_common.c @@ -1,14 +1,17 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CRYPTO_ED25519_PRIVATE +#define CONFIG_PRIVATE #include "orconfig.h" #include "core/or/or.h" +#include "app/main/subsysmgr.h" #include "lib/err/backtrace.h" #include "app/config/config.h" #include "test/fuzz/fuzzing.h" #include "lib/compress/compress.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "lib/crypt_ops/crypto_init.h" +#include "lib/version/torversion.h" static or_options_t *mock_options = NULL; static const or_options_t * @@ -94,12 +97,10 @@ disable_signature_checking(void) static void global_init(void) { - tor_threads_init(); - tor_compress_init(); + subsystems_init_upto(SUBSYS_LEVEL_LIBS); + flush_log_messages_from_startup(); - /* Initialise logging first */ - init_logging(1); - configure_backtrace_handler(get_version()); + tor_compress_init(); if (crypto_global_init(0, NULL, NULL) < 0) abort(); @@ -111,7 +112,7 @@ global_init(void) } /* set up the options. */ - mock_options = tor_malloc_zero(sizeof(or_options_t)); + mock_options = options_new(); MOCK(get_options, mock_get_options); /* Make BUG() and nonfatal asserts crash */ @@ -137,7 +138,7 @@ LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) return fuzz_main(Data, Size); } -#else /* Not LLVM_FUZZ, so AFL. */ +#else /* !defined(LLVM_FUZZ) */ int main(int argc, char **argv) @@ -166,7 +167,7 @@ main(int argc, char **argv) memset(&s, 0, sizeof(s)); set_log_severity_config(loglevel, LOG_ERR, &s); /* ALWAYS log bug warnings. */ - s.masks[LOG_WARN-LOG_ERR] |= LD_BUG; + s.masks[SEVERITY_MASK_IDX(LOG_WARN)] |= LD_BUG; add_stream_log(&s, "", fileno(stdout)); } @@ -189,9 +190,9 @@ main(int argc, char **argv) if (fuzz_cleanup() < 0) abort(); - tor_free(mock_options); + or_options_free(mock_options); UNMOCK(get_options); return 0; } -#endif +#endif /* defined(LLVM_FUZZ) */ diff --git a/src/test/fuzz/include.am b/src/test/fuzz/include.am index 27eeced8c5..d0711f05d6 100644 --- a/src/test/fuzz/include.am +++ b/src/test/fuzz/include.am @@ -153,6 +153,16 @@ src_test_fuzz_fuzz_socks_LDADD = $(FUZZING_LIBS) endif if UNITTESTS_ENABLED +src_test_fuzz_fuzz_strops_SOURCES = \ + src/test/fuzz/fuzzing_common.c \ + src/test/fuzz/fuzz_strops.c +src_test_fuzz_fuzz_strops_CPPFLAGS = $(FUZZING_CPPFLAGS) +src_test_fuzz_fuzz_strops_CFLAGS = $(FUZZING_CFLAGS) +src_test_fuzz_fuzz_strops_LDFLAGS = $(FUZZING_LDFLAG) +src_test_fuzz_fuzz_strops_LDADD = $(FUZZING_LIBS) +endif + +if UNITTESTS_ENABLED src_test_fuzz_fuzz_vrs_SOURCES = \ src/test/fuzz/fuzzing_common.c \ src/test/fuzz/fuzz_vrs.c @@ -176,6 +186,7 @@ FUZZERS = \ src/test/fuzz/fuzz-iptsv2 \ src/test/fuzz/fuzz-microdesc \ src/test/fuzz/fuzz-socks \ + src/test/fuzz/fuzz-strops \ src/test/fuzz/fuzz-vrs endif @@ -291,6 +302,15 @@ src_test_fuzz_lf_fuzz_socks_LDADD = $(LIBFUZZER_LIBS) endif if UNITTESTS_ENABLED +src_test_fuzz_lf_fuzz_strops_SOURCES = \ + $(src_test_fuzz_fuzz_strops_SOURCES) +src_test_fuzz_lf_fuzz_strops_CPPFLAGS = $(LIBFUZZER_CPPFLAGS) +src_test_fuzz_lf_fuzz_strops_CFLAGS = $(LIBFUZZER_CFLAGS) +src_test_fuzz_lf_fuzz_strops_LDFLAGS = $(LIBFUZZER_LDFLAG) +src_test_fuzz_lf_fuzz_strops_LDADD = $(LIBFUZZER_LIBS) +endif + +if UNITTESTS_ENABLED src_test_fuzz_lf_fuzz_vrs_SOURCES = \ $(src_test_fuzz_fuzz_vrs_SOURCES) src_test_fuzz_lf_fuzz_vrs_CPPFLAGS = $(LIBFUZZER_CPPFLAGS) @@ -312,6 +332,7 @@ LIBFUZZER_FUZZERS = \ src/test/fuzz/lf-fuzz-iptsv2 \ src/test/fuzz/lf-fuzz-microdesc \ src/test/fuzz/lf-fuzz-socks \ + src/test/fuzz/lf-fuzz-strops \ src/test/fuzz/lf-fuzz-vrs else @@ -406,6 +427,13 @@ src_test_fuzz_liboss_fuzz_socks_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS) endif if UNITTESTS_ENABLED +src_test_fuzz_liboss_fuzz_strops_a_SOURCES = \ + $(src_test_fuzz_fuzz_strops_SOURCES) +src_test_fuzz_liboss_fuzz_strops_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS) +src_test_fuzz_liboss_fuzz_strops_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS) +endif + +if UNITTESTS_ENABLED src_test_fuzz_liboss_fuzz_vrs_a_SOURCES = \ $(src_test_fuzz_fuzz_vrs_SOURCES) src_test_fuzz_liboss_fuzz_vrs_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS) @@ -425,6 +453,7 @@ OSS_FUZZ_FUZZERS = \ src/test/fuzz/liboss-fuzz-iptsv2.a \ src/test/fuzz/liboss-fuzz-microdesc.a \ src/test/fuzz/liboss-fuzz-socks.a \ + src/test/fuzz/liboss-fuzz-strops.a \ src/test/fuzz/liboss-fuzz-vrs.a else diff --git a/src/test/fuzz/minimize.sh b/src/test/fuzz/minimize.sh index 87d3dda13c..ce43812bb8 100755 --- a/src/test/fuzz/minimize.sh +++ b/src/test/fuzz/minimize.sh @@ -7,7 +7,7 @@ if [ ! -d "$1" ] ; then exit 1 fi -which=`basename "$1"` +which=$(basename "$1") mkdir "$1.out" afl-cmin -i "$1" -o "$1.out" -m none "./src/test/fuzz/fuzz-${which}" diff --git a/src/test/fuzz_static_testcases.sh b/src/test/fuzz_static_testcases.sh index f7b3adffb1..b883352402 100755 --- a/src/test/fuzz_static_testcases.sh +++ b/src/test/fuzz_static_testcases.sh @@ -14,7 +14,7 @@ fi for fuzzer in "${builddir:-.}"/src/test/fuzz/fuzz-* ; do - f=`basename $fuzzer` + f=$(basename "$fuzzer") case="${f#fuzz-}" if [ -d "${TOR_FUZZ_CORPORA}/${case}" ]; then echo "Running tests for ${case}" diff --git a/src/test/hs_build_address.py b/src/test/hs_build_address.py index 7ff22c3a9a..91864eabcb 100644 --- a/src/test/hs_build_address.py +++ b/src/test/hs_build_address.py @@ -1,3 +1,8 @@ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import sys import hashlib import struct diff --git a/src/test/hs_indexes.py b/src/test/hs_indexes.py index af0b81f8de..5c6d893a66 100644 --- a/src/test/hs_indexes.py +++ b/src/test/hs_indexes.py @@ -7,6 +7,11 @@ # store/fetch the descriptor on the hashring. (hs_build_hs_index()). # +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import sys import hashlib import struct diff --git a/src/test/hs_ntor_ref.py b/src/test/hs_ntor_ref.py index d58ac3ca23..98025dd584 100644 --- a/src/test/hs_ntor_ref.py +++ b/src/test/hs_ntor_ref.py @@ -41,6 +41,11 @@ The whole logic and concept for this test suite was taken from ntor_ref.py. *** DO NOT USE THIS IN PRODUCTION. *** """ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import struct import os, sys import binascii diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index f2ae8398df..5116fc7169 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -1,17 +1,34 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#define HS_CLIENT_PRIVATE + #include "core/or/or.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "test/test.h" #include "feature/nodelist/torcert.h" +#include "feature/hs/hs_client.h" #include "feature/hs/hs_common.h" +#include "feature/hs/hs_service.h" #include "test/hs_test_helpers.h" +/** + * Create an introduction point taken straight out of an HSv3 descriptor. + * + * Use 'signing_kp' to sign the introduction point certificates. + * + * If 'intro_auth_kp' is provided use that as the introduction point + * authentication keypair, otherwise generate one on the fly. + * + * If 'intro_enc_kp' is provided use that as the introduction point encryption + * keypair, otherwise generate one on the fly. + */ hs_desc_intro_point_t * hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, - const char *addr, int legacy) + const char *addr, int legacy, + const ed25519_keypair_t *intro_auth_kp, + const curve25519_keypair_t *intro_enc_kp) { int ret; ed25519_keypair_t auth_kp; @@ -21,30 +38,43 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, /* For a usable intro point we need at least two link specifiers: One legacy * keyid and one ipv4 */ { - hs_desc_link_specifier_t *ls_legacy = tor_malloc_zero(sizeof(*ls_legacy)); - hs_desc_link_specifier_t *ls_v4 = tor_malloc_zero(sizeof(*ls_v4)); - ls_legacy->type = LS_LEGACY_ID; - memcpy(ls_legacy->u.legacy_id, "0299F268FCA9D55CD157976D39AE92B4B455B3A8", - DIGEST_LEN); - ls_v4->u.ap.port = 9001; - int family = tor_addr_parse(&ls_v4->u.ap.addr, addr); + tor_addr_t a; + tor_addr_make_unspec(&a); + link_specifier_t *ls_legacy = link_specifier_new(); + link_specifier_t *ls_ip = link_specifier_new(); + link_specifier_set_ls_type(ls_legacy, LS_LEGACY_ID); + memset(link_specifier_getarray_un_legacy_id(ls_legacy), 'C', + link_specifier_getlen_un_legacy_id(ls_legacy)); + int family = tor_addr_parse(&a, addr); switch (family) { case AF_INET: - ls_v4->type = LS_IPV4; + link_specifier_set_ls_type(ls_ip, LS_IPV4); + link_specifier_set_un_ipv4_addr(ls_ip, tor_addr_to_ipv4h(&a)); + link_specifier_set_un_ipv4_port(ls_ip, 9001); break; case AF_INET6: - ls_v4->type = LS_IPV6; + link_specifier_set_ls_type(ls_ip, LS_IPV6); + memcpy(link_specifier_getarray_un_ipv6_addr(ls_ip), + tor_addr_to_in6_addr8(&a), + link_specifier_getlen_un_ipv6_addr(ls_ip)); + link_specifier_set_un_ipv6_port(ls_ip, 9001); break; default: - /* Stop the test, not suppose to have an error. */ - tt_int_op(family, OP_EQ, AF_INET); + /* Stop the test, not supposed to have an error. + * Compare with -1 to show the actual family. + */ + tt_int_op(family, OP_EQ, -1); } smartlist_add(ip->link_specifiers, ls_legacy); - smartlist_add(ip->link_specifiers, ls_v4); + smartlist_add(ip->link_specifiers, ls_ip); } - ret = ed25519_keypair_generate(&auth_kp, 0); - tt_int_op(ret, ==, 0); + if (intro_auth_kp) { + memcpy(&auth_kp, intro_auth_kp, sizeof(ed25519_keypair_t)); + } else { + ret = ed25519_keypair_generate(&auth_kp, 0); + tt_int_op(ret, OP_EQ, 0); + } ip->auth_key_cert = tor_cert_create(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, &auth_kp.pubkey, now, HS_DESC_CERT_LIFETIME, @@ -55,7 +85,7 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, ip->legacy.key = crypto_pk_new(); tt_assert(ip->legacy.key); ret = crypto_pk_generate_key(ip->legacy.key); - tt_int_op(ret, ==, 0); + tt_int_op(ret, OP_EQ, 0); ssize_t cert_len = tor_make_rsa_ed25519_crosscert( &signing_kp->pubkey, ip->legacy.key, now + HS_DESC_CERT_LIFETIME, @@ -72,8 +102,12 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, ed25519_keypair_t ed25519_kp; tor_cert_t *cross_cert; - ret = curve25519_keypair_generate(&curve25519_kp, 0); - tt_int_op(ret, ==, 0); + if (intro_enc_kp) { + memcpy(&curve25519_kp, intro_enc_kp, sizeof(curve25519_keypair_t)); + } else { + ret = curve25519_keypair_generate(&curve25519_kp, 0); + tt_int_op(ret, OP_EQ, 0); + } ed25519_keypair_from_curve25519_keypair(&ed25519_kp, &signbit, &curve25519_kp); cross_cert = tor_cert_create(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, @@ -82,6 +116,8 @@ hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, CERT_FLAG_INCLUDE_SIGNING_KEY); tt_assert(cross_cert); ip->enc_key_cert = cross_cert; + memcpy(ip->enc_key.public_key, curve25519_kp.pubkey.public_key, + CURVE25519_PUBKEY_LEN); } intro_point = ip; @@ -127,11 +163,11 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, desc->plaintext_data.lifetime_sec = 3 * 60 * 60; hs_get_subcredential(&signing_kp->pubkey, &blinded_kp.pubkey, - desc->subcredential); + &desc->subcredential); /* Setup superencrypted data section. */ ret = curve25519_keypair_generate(&auth_ephemeral_kp, 0); - tt_int_op(ret, ==, 0); + tt_int_op(ret, OP_EQ, 0); memcpy(&desc->superencrypted_data.auth_ephemeral_pubkey, &auth_ephemeral_kp.pubkey, sizeof(curve25519_public_key_t)); @@ -152,13 +188,17 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, if (!no_ip) { /* Add four intro points. */ smartlist_add(desc->encrypted_data.intro_points, - hs_helper_build_intro_point(signing_kp, now, "1.2.3.4", 0)); + hs_helper_build_intro_point(signing_kp, now, "1.2.3.4", 0, + NULL, NULL)); smartlist_add(desc->encrypted_data.intro_points, - hs_helper_build_intro_point(signing_kp, now, "[2600::1]", 0)); + hs_helper_build_intro_point(signing_kp, now, "[2600::1]", 0, + NULL, NULL)); smartlist_add(desc->encrypted_data.intro_points, - hs_helper_build_intro_point(signing_kp, now, "3.2.1.4", 1)); + hs_helper_build_intro_point(signing_kp, now, "3.2.1.4", 1, + NULL, NULL)); smartlist_add(desc->encrypted_data.intro_points, - hs_helper_build_intro_point(signing_kp, now, "5.6.7.8", 1)); + hs_helper_build_intro_point(signing_kp, now, "5.6.7.8", 1, + NULL, NULL)); } descp = desc; @@ -173,7 +213,7 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, * an HS. Used to decrypt descriptors in unittests. */ void hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp, - uint8_t *subcred_out) + hs_subcredential_t *subcred_out) { ed25519_keypair_t blinded_kp; uint64_t current_time_period = hs_get_time_period_num(approx_time()); @@ -198,11 +238,39 @@ hs_helper_build_hs_desc_no_ip(const ed25519_keypair_t *signing_kp) return hs_helper_build_hs_desc_impl(1, signing_kp); } +hs_descriptor_t * +hs_helper_build_hs_desc_with_client_auth( + const uint8_t *descriptor_cookie, + const curve25519_public_key_t *client_pk, + const ed25519_keypair_t *signing_kp) +{ + curve25519_keypair_t auth_ephemeral_kp; + hs_descriptor_t *desc = hs_helper_build_hs_desc_impl(0, signing_kp); + hs_desc_authorized_client_t *desc_client; + + /* The number of client authorized auth has tobe a multiple of + * HS_DESC_AUTH_CLIENT_MULTIPLE so remove one that we'll replace. */ + desc_client = smartlist_get(desc->superencrypted_data.clients, 0); + smartlist_remove(desc->superencrypted_data.clients, desc_client); + hs_desc_authorized_client_free(desc_client); + + desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); + + curve25519_keypair_generate(&auth_ephemeral_kp, 0); + memcpy(&desc->superencrypted_data.auth_ephemeral_pubkey, + &auth_ephemeral_kp.pubkey, sizeof(curve25519_public_key_t)); + + hs_desc_build_authorized_client(&desc->subcredential, client_pk, + &auth_ephemeral_kp.seckey, + descriptor_cookie, desc_client); + smartlist_add(desc->superencrypted_data.clients, desc_client); + return desc; +} + void hs_helper_desc_equal(const hs_descriptor_t *desc1, const hs_descriptor_t *desc2) { - char *addr1 = NULL, *addr2 = NULL; /* Plaintext data section. */ tt_int_op(desc1->plaintext_data.version, OP_EQ, desc2->plaintext_data.version); @@ -216,7 +284,7 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, tt_mem_op(desc1->plaintext_data.blinded_pubkey.pubkey, OP_EQ, desc2->plaintext_data.blinded_pubkey.pubkey, ED25519_PUBKEY_LEN); - tt_u64_op(desc1->plaintext_data.revision_counter, ==, + tt_u64_op(desc1->plaintext_data.revision_counter, OP_EQ, desc2->plaintext_data.revision_counter); /* NOTE: We can't compare the encrypted blob because when encoding the @@ -233,7 +301,7 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, { tt_assert(desc1->superencrypted_data.clients); tt_assert(desc2->superencrypted_data.clients); - tt_int_op(smartlist_len(desc1->superencrypted_data.clients), ==, + tt_int_op(smartlist_len(desc1->superencrypted_data.clients), OP_EQ, smartlist_len(desc2->superencrypted_data.clients)); for (int i=0; i < smartlist_len(desc1->superencrypted_data.clients); @@ -251,15 +319,15 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, } /* Encrypted data section. */ - tt_uint_op(desc1->encrypted_data.create2_ntor, ==, + tt_uint_op(desc1->encrypted_data.create2_ntor, OP_EQ, desc2->encrypted_data.create2_ntor); /* Authentication type. */ - tt_int_op(!!desc1->encrypted_data.intro_auth_types, ==, + tt_int_op(!!desc1->encrypted_data.intro_auth_types, OP_EQ, !!desc2->encrypted_data.intro_auth_types); if (desc1->encrypted_data.intro_auth_types && desc2->encrypted_data.intro_auth_types) { - tt_int_op(smartlist_len(desc1->encrypted_data.intro_auth_types), ==, + tt_int_op(smartlist_len(desc1->encrypted_data.intro_auth_types), OP_EQ, smartlist_len(desc2->encrypted_data.intro_auth_types)); for (int i = 0; i < smartlist_len(desc1->encrypted_data.intro_auth_types); @@ -273,7 +341,7 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, { tt_assert(desc1->encrypted_data.intro_points); tt_assert(desc2->encrypted_data.intro_points); - tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), ==, + tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), OP_EQ, smartlist_len(desc2->encrypted_data.intro_points)); for (int i=0; i < smartlist_len(desc1->encrypted_data.intro_points); i++) { hs_desc_intro_point_t *ip1 = smartlist_get(desc1->encrypted_data @@ -288,38 +356,76 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, tt_mem_op(&ip1->enc_key, OP_EQ, &ip2->enc_key, CURVE25519_PUBKEY_LEN); } - tt_int_op(smartlist_len(ip1->link_specifiers), ==, + tt_int_op(smartlist_len(ip1->link_specifiers), OP_EQ, smartlist_len(ip2->link_specifiers)); for (int j = 0; j < smartlist_len(ip1->link_specifiers); j++) { - hs_desc_link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j), - *ls2 = smartlist_get(ip2->link_specifiers, j); - tt_int_op(ls1->type, ==, ls2->type); - switch (ls1->type) { + link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j), + *ls2 = smartlist_get(ip2->link_specifiers, j); + tt_int_op(link_specifier_get_ls_type(ls1), OP_EQ, + link_specifier_get_ls_type(ls2)); + switch (link_specifier_get_ls_type(ls1)) { case LS_IPV4: + { + uint32_t addr1 = link_specifier_get_un_ipv4_addr(ls1); + uint32_t addr2 = link_specifier_get_un_ipv4_addr(ls2); + tt_int_op(addr1, OP_EQ, addr2); + uint16_t port1 = link_specifier_get_un_ipv4_port(ls1); + uint16_t port2 = link_specifier_get_un_ipv4_port(ls2); + tt_int_op(port1, OP_EQ, port2); + } + break; case LS_IPV6: { - addr1 = tor_addr_to_str_dup(&ls1->u.ap.addr); - addr2 = tor_addr_to_str_dup(&ls2->u.ap.addr); - tt_str_op(addr1, OP_EQ, addr2); - tor_free(addr1); - tor_free(addr2); - tt_int_op(ls1->u.ap.port, ==, ls2->u.ap.port); + const uint8_t *addr1 = + link_specifier_getconstarray_un_ipv6_addr(ls1); + const uint8_t *addr2 = + link_specifier_getconstarray_un_ipv6_addr(ls2); + tt_int_op(link_specifier_getlen_un_ipv6_addr(ls1), OP_EQ, + link_specifier_getlen_un_ipv6_addr(ls2)); + tt_mem_op(addr1, OP_EQ, addr2, + link_specifier_getlen_un_ipv6_addr(ls1)); + uint16_t port1 = link_specifier_get_un_ipv6_port(ls1); + uint16_t port2 = link_specifier_get_un_ipv6_port(ls2); + tt_int_op(port1, OP_EQ, port2); } break; case LS_LEGACY_ID: - tt_mem_op(ls1->u.legacy_id, OP_EQ, ls2->u.legacy_id, - sizeof(ls1->u.legacy_id)); + { + const uint8_t *id1 = + link_specifier_getconstarray_un_legacy_id(ls1); + const uint8_t *id2 = + link_specifier_getconstarray_un_legacy_id(ls2); + tt_int_op(link_specifier_getlen_un_legacy_id(ls1), OP_EQ, + link_specifier_getlen_un_legacy_id(ls2)); + tt_mem_op(id1, OP_EQ, id2, + link_specifier_getlen_un_legacy_id(ls1)); + } break; default: /* Unknown type, caught it and print its value. */ - tt_int_op(ls1->type, OP_EQ, -1); + tt_int_op(link_specifier_get_ls_type(ls1), OP_EQ, -1); } } } } done: - tor_free(addr1); - tor_free(addr2); + ; } +void +hs_helper_add_client_auth(const ed25519_public_key_t *service_pk, + const curve25519_secret_key_t *client_sk) +{ + digest256map_t *client_auths = get_hs_client_auths_map(); + if (client_auths == NULL) { + client_auths = digest256map_new(); + set_hs_client_auths_map(client_auths); + } + + hs_client_service_authorization_t *auth = + tor_malloc_zero(sizeof(hs_client_service_authorization_t)); + memcpy(&auth->enc_seckey, client_sk, sizeof(curve25519_secret_key_t)); + hs_build_address(service_pk, HS_VERSION_THREE, auth->onion_address); + digest256map_set(client_auths, service_pk->pubkey, auth); +} diff --git a/src/test/hs_test_helpers.h b/src/test/hs_test_helpers.h index 9662a83ba8..23d11f2a4a 100644 --- a/src/test/hs_test_helpers.h +++ b/src/test/hs_test_helpers.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef TOR_HS_TEST_HELPERS_H @@ -8,18 +8,26 @@ #include "feature/hs/hs_descriptor.h" /* Set of functions to help build and test descriptors. */ -hs_desc_intro_point_t *hs_helper_build_intro_point( - const ed25519_keypair_t *signing_kp, time_t now, - const char *addr, int legacy); +hs_desc_intro_point_t * +hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, + const char *addr, int legacy, + const ed25519_keypair_t *intro_auth_kp, + const curve25519_keypair_t *intro_enc_kp); hs_descriptor_t *hs_helper_build_hs_desc_no_ip( const ed25519_keypair_t *signing_kp); hs_descriptor_t *hs_helper_build_hs_desc_with_ip( const ed25519_keypair_t *signing_kp); +hs_descriptor_t *hs_helper_build_hs_desc_with_client_auth( + const uint8_t *descriptor_cookie, + const curve25519_public_key_t *client_pk, + const ed25519_keypair_t *signing_kp); void hs_helper_desc_equal(const hs_descriptor_t *desc1, const hs_descriptor_t *desc2); -void -hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp, - uint8_t *subcred_out); +struct hs_subcredential_t; +void hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp, + struct hs_subcredential_t *subcred_out); -#endif /* !defined(TOR_HS_TEST_HELPERS_H) */ +void hs_helper_add_client_auth(const ed25519_public_key_t *service_pk, + const curve25519_secret_key_t *client_sk); +#endif /* !defined(TOR_HS_TEST_HELPERS_H) */ diff --git a/src/test/include.am b/src/test/include.am index 75861fb9ef..7814dbca89 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -24,6 +24,8 @@ TESTSCRIPTS = \ src/test/test_workqueue_pipe2.sh \ src/test/test_workqueue_socketpair.sh \ src/test/test_switch_id.sh \ + src/test/test_cmdline.sh \ + src/test/test_parseconf.sh \ src/test/unittest_part1.sh \ src/test/unittest_part2.sh \ src/test/unittest_part3.sh \ @@ -39,9 +41,26 @@ TESTSCRIPTS += \ endif if USEPYTHON -TESTSCRIPTS += src/test/test_ntor.sh src/test/test_hs_ntor.sh src/test/test_bt.sh +TESTSCRIPTS += \ + src/test/test_ntor.sh \ + src/test/test_hs_ntor.sh \ + src/test/test_bt.sh \ + scripts/maint/practracker/test_practracker.sh \ + scripts/maint/run_check_subsystem_order.sh + +if COVERAGE_ENABLED +# ... +else +# Only do this when coverage is not on, since it invokes lots of code +# in a kind of unpredictable way. TESTSCRIPTS += src/test/test_rebind.sh endif +endif + +if USE_PERL +TESTSCRIPTS += \ + scripts/maint/checkSpaceTest.sh +endif TESTS += src/test/test-slow src/test/test-memwipe \ src/test/test_workqueue \ @@ -51,15 +70,25 @@ TESTS += src/test/test-slow src/test/test-memwipe \ $(TESTSCRIPTS) # These flavors are run using automake's test-driver and test-network.sh -TEST_CHUTNEY_FLAVORS = basic-min bridges-min hs-v2-min hs-v3-min \ - single-onion-v23 + +# run a quick test or two +# this test only uses IPv4 +TEST_CHUTNEY_FLAVOR_QUICK = bridges+hs-v23 # only run if we can ping6 ::1 (localhost) -# IPv6-only v3 single onion services don't work yet, so we don't test the -# single-onion-v23-ipv6-md flavor +TEST_CHUTNEY_FLAVOR_QUICK_IPV6 = single-onion-v23-ipv6-md + +# run a basic set of tests, which only use IPv4 +TEST_CHUTNEY_FLAVORS = basic-min bridges-min hs-v23-min single-onion-v23 + +# only run if we can ping ::1 (localhost) TEST_CHUTNEY_FLAVORS_IPV6 = bridges+ipv6-min ipv6-exit-min hs-v23-ipv6-md \ - single-onion-ipv6-md + single-onion-v23-ipv6-md + # only run if we can find a stable (or simply another) version of tor -TEST_CHUTNEY_FLAVORS_MIXED = mixed+hs-v2 +TEST_CHUTNEY_FLAVORS_MIXED = mixed+hs-v23 + +# only run if IPv6 and mixed networks are run +TEST_CHUTNEY_FLAVORS_IPV6_MIXED = mixed+hs-v23-ipv6 ### This is a lovely feature, but it requires automake >= 1.12, and Tor ### doesn't require that yet. @@ -73,10 +102,11 @@ noinst_PROGRAMS+= \ src/test/test \ src/test/test-slow \ src/test/test-memwipe \ - src/test/test-child \ + src/test/test-process \ src/test/test_workqueue \ src/test/test-switch-id \ - src/test/test-timers + src/test/test-timers \ + src/test/test-rng endif src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \ @@ -92,31 +122,42 @@ src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \ src_test_test_SOURCES = if UNITTESTS_ENABLED + +# ADD_C_FILE: INSERT SOURCES HERE. src_test_test_SOURCES += \ + src/test/fakecircs.c \ src/test/log_test_helpers.c \ src/test/hs_test_helpers.c \ + src/test/opts_test_helpers.c \ src/test/rend_test_helpers.c \ + src/test/resolve_test_helpers.c \ + src/test/rng_test_helpers.c \ src/test/test.c \ src/test/test_accounting.c \ src/test/test_addr.c \ src/test/test_address.c \ src/test/test_address_set.c \ src/test/test_bridges.c \ + src/test/test_btrack.c \ src/test/test_buffers.c \ src/test/test_bwmgt.c \ src/test/test_cell_formats.c \ src/test/test_cell_queue.c \ src/test/test_channel.c \ src/test/test_channelpadding.c \ + src/test/test_circuitpadding.c \ src/test/test_channeltls.c \ src/test/test_checkdir.c \ src/test/test_circuitlist.c \ src/test/test_circuitmux.c \ + src/test/test_circuitmux_ewma.c \ src/test/test_circuitbuild.c \ src/test/test_circuituse.c \ src/test/test_circuitstats.c \ src/test/test_compat_libevent.c \ src/test/test_config.c \ + src/test/test_confmgr.c \ + src/test/test_confparse.c \ src/test/test_connection.c \ src/test/test_conscache.c \ src/test/test_consdiff.c \ @@ -126,10 +167,12 @@ src_test_test_SOURCES += \ src/test/test_controller_events.c \ src/test/test_crypto.c \ src/test/test_crypto_ope.c \ + src/test/test_crypto_rng.c \ src/test/test_data.c \ src/test/test_dir.c \ src/test/test_dir_common.c \ src/test/test_dir_handle_get.c \ + src/test/test_dispatch.c \ src/test/test_dos.c \ src/test/test_entryconn.c \ src/test/test_entrynodes.c \ @@ -145,27 +188,38 @@ src_test_test_SOURCES += \ src/test/test_hs_client.c \ src/test/test_hs_intropoint.c \ src/test/test_hs_control.c \ + src/test/test_hs_ob.c \ src/test/test_handles.c \ src/test/test_hs_cache.c \ src/test/test_hs_descriptor.c \ + src/test/test_hs_dos.c \ src/test/test_introduce.c \ src/test/test_keypin.c \ src/test/test_link_handshake.c \ src/test/test_logging.c \ src/test/test_mainloop.c \ src/test/test_microdesc.c \ + src/test/test_namemap.c \ + src/test/test_netinfo.c \ src/test/test_nodelist.c \ src/test/test_oom.c \ src/test/test_oos.c \ src/test/test_options.c \ + src/test/test_options_act.c \ src/test/test_pem.c \ src/test/test_periodic_event.c \ src/test/test_policy.c \ + src/test/test_process.c \ + src/test/test_process_descs.c \ + src/test/test_prob_distr.c \ src/test/test_procmon.c \ + src/test/test_proto_haproxy.c \ src/test/test_proto_http.c \ src/test/test_proto_misc.c \ src/test/test_protover.c \ src/test/test_pt.c \ + src/test/test_pubsub_build.c \ + src/test/test_pubsub_msg.c \ src/test/test_relay.c \ src/test/test_relaycell.c \ src/test/test_relaycrypt.c \ @@ -176,19 +230,24 @@ src_test_test_SOURCES += \ src/test/test_routerlist.c \ src/test/test_routerset.c \ src/test/test_scheduler.c \ + src/test/test_sendme.c \ src/test/test_shared_random.c \ src/test/test_socks.c \ + src/test/test_stats.c \ src/test/test_status.c \ src/test/test_storagedir.c \ src/test/test_threads.c \ + src/test/test_token_bucket.c \ src/test/test_tortls.c \ src/test/test_util.c \ src/test/test_util_format.c \ src/test/test_util_process.c \ + src/test/test_voting_flags.c \ src/test/test_voting_schedule.c \ src/test/test_x509.c \ src/test/test_helpers.c \ src/test/test_dns.c \ + src/test/test_parsecommon.c \ src/test/testing_common.c \ src/test/testing_rsakeys.c \ src/ext/tinytest.c @@ -206,9 +265,13 @@ endif src_test_test_slow_SOURCES = if UNITTESTS_ENABLED src_test_test_slow_SOURCES += \ + src/test/rng_test_helpers.c \ src/test/test_slow.c \ src/test/test_crypto_slow.c \ - src/test/test_util_slow.c \ + src/test/test_process_slow.c \ + src/test/test_prob_distr.c \ + src/test/ptr_helpers.c \ + src/test/test_ptr_slow.c \ src/test/testing_common.c \ src/test/testing_rsakeys.c \ src/ext/tinytest.c @@ -259,6 +322,12 @@ src_test_test_slow_CFLAGS = $(src_test_test_CFLAGS) src_test_test_slow_LDADD = $(src_test_test_LDADD) src_test_test_slow_LDFLAGS = $(src_test_test_LDFLAGS) +src_test_test_rng_CPPFLAGS = $(src_test_test_CPPFLAGS) +src_test_test_rng_CFLAGS = $(src_test_test_CFLAGS) +src_test_test_rng_SOURCES = src/test/test_rng.c +src_test_test_rng_LDFLAGS = $(src_test_test_LDFLAGS) +src_test_test_rng_LDADD = $(src_test_test_LDADD) + src_test_test_memwipe_CPPFLAGS = $(src_test_test_CPPFLAGS) # Don't use bugtrap cflags here: memwipe tests require memory violations. src_test_test_memwipe_CFLAGS = $(TEST_CFLAGS) @@ -300,12 +369,18 @@ src_test_test_timers_LDADD = \ @TOR_LZMA_LIBS@ src_test_test_timers_LDFLAGS = $(src_test_test_LDFLAGS) +# ADD_C_FILE: INSERT HEADERS HERE. noinst_HEADERS+= \ src/test/fakechans.h \ + src/test/fakecircs.h \ src/test/hs_test_helpers.h \ src/test/log_test_helpers.h \ + src/test/opts_test_helpers.h \ src/test/rend_test_helpers.h \ + src/test/resolve_test_helpers.h \ + src/test/rng_test_helpers.h \ src/test/test.h \ + src/test/ptr_helpers.h \ src/test/test_helpers.h \ src/test/test_dir_common.h \ src/test/test_connection.h \ @@ -364,6 +439,7 @@ EXTRA_DIST += \ src/test/test_rebind.sh \ src/test/test_rebind.py \ src/test/zero_length_keys.sh \ + scripts/maint/run_check_subsystem_order.sh \ src/test/rust_supp.txt \ src/test/test_keygen.sh \ src/test/test_key_expiration.sh \ @@ -378,6 +454,8 @@ EXTRA_DIST += \ src/test/test_workqueue_pipe.sh \ src/test/test_workqueue_pipe2.sh \ src/test/test_workqueue_socketpair.sh \ + src/test/test_cmdline.sh \ + src/test/test_parseconf.sh \ src/test/unittest_part1.sh \ src/test/unittest_part2.sh \ src/test/unittest_part3.sh \ diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c index 03c52dd6bd..5e60d6b282 100644 --- a/src/test/log_test_helpers.c +++ b/src/test/log_test_helpers.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define LOG_PRIVATE #include "lib/log/log.h" diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h index 5d1c3c1914..c2d71c6bcd 100644 --- a/src/test/log_test_helpers.h +++ b/src/test/log_test_helpers.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" @@ -78,7 +78,7 @@ void mock_dump_saved_logs(void); mock_saved_log_n_entries() == 1, \ ("expected log to contain exactly 1 message \"%s\"", \ str)); \ - } while (0); + } while (0) #define expect_single_log_msg_containing(str) \ do { \ @@ -86,30 +86,30 @@ void mock_dump_saved_logs(void); mock_saved_log_n_entries() == 1 , \ ("expected log to contain 1 message, containing \"%s\"",\ str)); \ - } while (0); + } while (0) #define expect_no_log_msg(str) \ assert_log_predicate(!mock_saved_log_has_message(str), \ - ("expected log to not contain \"%s\"",str)); + ("expected log to not contain \"%s\"",str)) #define expect_no_log_msg_containing(str) \ assert_log_predicate(!mock_saved_log_has_message_containing(str), \ - ("expected log to not contain \"%s\"", str)); + ("expected log to not contain \"%s\"", str)) #define expect_log_severity(severity) \ assert_log_predicate(mock_saved_log_has_severity(severity), \ - ("expected log to contain severity " # severity)); + ("expected log to contain severity " # severity)) #define expect_no_log_severity(severity) \ assert_log_predicate(!mock_saved_log_has_severity(severity), \ - ("expected log to not contain severity " # severity)); + ("expected log to not contain severity " # severity)) #define expect_log_entry() \ assert_log_predicate(mock_saved_log_has_entry(), \ - ("expected log to contain entries")); + ("expected log to contain entries")) #define expect_no_log_entry() \ assert_log_predicate(!mock_saved_log_has_entry(), \ - ("expected log to not contain entries")); + ("expected log to not contain entries")) #endif /* !defined(TOR_LOG_TEST_HELPERS_H) */ diff --git a/src/test/ntor_ref.py b/src/test/ntor_ref.py index 204f05e2ad..e3307430e1 100755 --- a/src/test/ntor_ref.py +++ b/src/test/ntor_ref.py @@ -27,6 +27,11 @@ commands: """ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import binascii try: import curve25519 @@ -99,7 +104,7 @@ else: def int2byte(i): return bytes([i]) -def kdf_rfc5869(key, salt, info, n): +def kdf_rfc5869(key, salt, info, n): prk = HMAC(key=salt, msg=key) diff --git a/src/test/ope_ref.py b/src/test/ope_ref.py index f9bd97c546..61a86b57bb 100644 --- a/src/test/ope_ref.py +++ b/src/test/ope_ref.py @@ -1,9 +1,14 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 # Copyright 2018-2019, The Tor Project, Inc. See LICENSE for licensing info. # Reference implementation for our rudimentary OPE code, used to # generate test vectors. See crypto_ope.c for more details. +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.backends import default_backend diff --git a/src/test/opts_test_helpers.c b/src/test/opts_test_helpers.c new file mode 100644 index 0000000000..619ca40733 --- /dev/null +++ b/src/test/opts_test_helpers.c @@ -0,0 +1,38 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * @file opts_testing_helpers.c + * @brief Helper functions to access module-specific config options. + **/ + +#include "orconfig.h" +#include "test/opts_test_helpers.h" + +#define CONFIG_PRIVATE +#include "core/or/or.h" +#include "lib/confmgt/confmgt.h" +#include "app/main/subsysmgr.h" +#include "app/config/config.h" + +#include "lib/crypt_ops/crypto_sys.h" +#include "feature/dirauth/dirauth_sys.h" + +struct dirauth_options_t * +get_dirauth_options(struct or_options_t *opt) +{ + int idx = subsystems_get_options_idx(&sys_dirauth); + tor_assert(idx >= 0); + return config_mgr_get_obj_mutable(get_options_mgr(), opt, idx); +} + +struct crypto_options_t * +get_crypto_options(struct or_options_t *opt) +{ + int idx = subsystems_get_options_idx(&sys_crypto); + tor_assert(idx >= 0); + return config_mgr_get_obj_mutable(get_options_mgr(), opt, idx); +} diff --git a/src/test/opts_test_helpers.h b/src/test/opts_test_helpers.h new file mode 100644 index 0000000000..f925194e63 --- /dev/null +++ b/src/test/opts_test_helpers.h @@ -0,0 +1,22 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * @file opts_testing_helpers.h + * @brief Header for test/opts_test_helpers.c + **/ + +#ifndef TOR_TEST_OPTS_TESTING_HELPERS_H +#define TOR_TEST_OPTS_TESTING_HELPERS_H + +struct crypto_options_t; +struct dirauth_options_t; +struct or_options_t; + +struct crypto_options_t *get_crypto_options(struct or_options_t *opt); +struct dirauth_options_t *get_dirauth_options(struct or_options_t *opt); + +#endif /* !defined(TOR_TEST_OPTS_TESTING_HELPERS_H) */ diff --git a/src/test/prob_distr_mpfr_ref.c b/src/test/prob_distr_mpfr_ref.c new file mode 100644 index 0000000000..de4179c4e0 --- /dev/null +++ b/src/test/prob_distr_mpfr_ref.c @@ -0,0 +1,64 @@ +/* Copyright 2012-2020, The Tor Project, Inc + * See LICENSE for licensing information */ + +/** prob_distr_mpfr_ref.c + * + * Example reference file for GNU MPFR vectors tested in test_prob_distr.c . + * Code by Riastradh. + */ + +#include <complex.h> +#include <float.h> +#include <math.h> +#include <stdio.h> + +/* Must come after <stdio.h> so we get mpfr_printf. */ +#include <mpfr.h> + +/* gcc -o mpfr prob_distr_mpfr_ref.c -lmpfr -lm */ + +/* Computes logit(p) for p = .49999 */ +int +main(void) +{ + mpfr_t p, q, r; + mpfr_init(p); + mpfr_set_prec(p, 200); + mpfr_init(q); + mpfr_set_prec(q, 200); + mpfr_init(r); + mpfr_set_prec(r, 200); + mpfr_set_d(p, .49999, MPFR_RNDN); + mpfr_set_d(q, 1, MPFR_RNDN); + /* r := q - p = 1 - p */ + mpfr_sub(r, q, p, MPFR_RNDN); + /* q := p/r = p/(1 - p) */ + mpfr_div(q, p, r, MPFR_RNDN); + /* r := log(q) = log(p/(1 - p)) */ + mpfr_log(r, q, MPFR_RNDN); + mpfr_printf("mpfr 200-bit\t%.128Rg\n", r); + + /* + * Print a double approximation to logit three different ways. All + * three agree bit for bit on the libms I tried, with the nextafter + * adjustment (which is well within the 10 eps relative error bound + * advertised). Apparently I must have used the Goldberg expression + * for what I wrote down in the test case. + */ + printf("mpfr 53-bit\t%.17g\n", nextafter(mpfr_get_d(r, MPFR_RNDN), 0), 0); + volatile double p0 = .49999; + printf("log1p\t\t%.17g\n", nextafter(-log1p((1 - 2*p0)/p0), 0)); + volatile double x = (1 - 2*p0)/p0; + volatile double xp1 = x + 1; + printf("Goldberg\t%.17g\n", -x*log(xp1)/(xp1 - 1)); + + /* + * Print a bad approximation, using the naive expression, to see a + * lot of wrong digits, far beyond the 10 eps relative error attained + * by -log1p((1 - 2*p)/p). + */ + printf("naive\t\t%.17g\n", log(p0/(1 - p0))); + + fflush(stdout); + return ferror(stdout); +} diff --git a/src/test/ptr_helpers.c b/src/test/ptr_helpers.c new file mode 100644 index 0000000000..0e0995df7c --- /dev/null +++ b/src/test/ptr_helpers.c @@ -0,0 +1,50 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "test/ptr_helpers.h" + +/** + * Cast <b> (inptr_t value) to a void pointer. + */ +void * +cast_intptr_to_voidstar(intptr_t x) +{ + void *r = (void *)x; + + return r; +} + +/** + * Cast x (void pointer) to inptr_t value. + */ +intptr_t +cast_voidstar_to_intptr(void *x) +{ + intptr_t r = (intptr_t)x; + + return r; +} + +/** + * Cast x (uinptr_t value) to void pointer. + */ +void * +cast_uintptr_to_voidstar(uintptr_t x) +{ + void *r = (void *)x; + + return r; +} + +/** + * Cast x (void pointer) to uinptr_t value. + */ +uintptr_t +cast_voidstar_to_uintptr(void *x) +{ + uintptr_t r = (uintptr_t)x; + + return r; +} diff --git a/src/test/ptr_helpers.h b/src/test/ptr_helpers.h new file mode 100644 index 0000000000..0999fdf5d2 --- /dev/null +++ b/src/test/ptr_helpers.h @@ -0,0 +1,23 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_PTR_HELPERS_H +#define TOR_PTR_HELPERS_H + +#include <stdint.h> + +void * +cast_intptr_to_voidstar(intptr_t x); + +intptr_t +cast_voidstar_to_intptr(void *x); + +void * +cast_uintptr_to_voidstar(uintptr_t x); + +uintptr_t +cast_voidstar_to_uintptr(void *x); + +#endif /* !defined(TOR_PTR_HELPERS_H) */ diff --git a/src/test/rend_test_helpers.c b/src/test/rend_test_helpers.c index f12d193cc5..61bacb4d2e 100644 --- a/src/test/rend_test_helpers.c +++ b/src/test/rend_test_helpers.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/rend_test_helpers.h b/src/test/rend_test_helpers.h index c10da52cd7..b1078ce866 100644 --- a/src/test/rend_test_helpers.h +++ b/src/test/rend_test_helpers.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/resolve_test_helpers.c b/src/test/resolve_test_helpers.c new file mode 100644 index 0000000000..ed5853c359 --- /dev/null +++ b/src/test/resolve_test_helpers.c @@ -0,0 +1,85 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * @file resolve_test_helpers.c + * @brief Helper functions for mocking libc's blocking hostname lookup + * facilities. + **/ + +#define RESOLVE_PRIVATE +#include "orconfig.h" +#include "test/resolve_test_helpers.h" +#include "lib/net/address.h" +#include "lib/net/resolve.h" +#include "test/test.h" + +#include <stdio.h> +#include <string.h> + +/** + * Mock replacement for our getaddrinfo/gethostbyname wrapper. + **/ +static int +replacement_host_lookup(const char *name, uint16_t family, tor_addr_t *addr) +{ + static const struct lookup_table_ent { + const char *name; + const char *ipv4; + const char *ipv6; + } entries[] = { + { "localhost", "127.0.0.1", "::1" }, + { "torproject.org", "198.51.100.6", "2001:DB8::700" }, + { NULL, NULL, NULL }, + }; + + int r = -1; + + for (unsigned i = 0; entries[i].name != NULL; ++i) { + if (!strcasecmp(name, entries[i].name)) { + if (family == AF_INET6) { + int s = tor_addr_parse(addr, entries[i].ipv6); + tt_int_op(s, OP_EQ, AF_INET6); + } else { + int s = tor_addr_parse(addr, entries[i].ipv4); + tt_int_op(s, OP_EQ, AF_INET); + } + r = 0; + break; + } + } + + log_debug(LD_GENERAL, "resolve(%s,%d) => %s", + name, family, r == 0 ? fmt_addr(addr) : "-1"); + + return r; + done: + return -1; +} + +/** + * Set up a mock replacement for our wrapper on libc's resolver code. + * + * According to our replacement, only "localhost" and "torproject.org" + * are real addresses; everything else doesn't exist. + * + * Use this function to avoid using the DNS resolver during unit tests; + * call unmock_hostname_resolver() when you're done. + **/ +void +mock_hostname_resolver(void) +{ + MOCK(tor_addr_lookup_host_impl, replacement_host_lookup); +} + +/** + * Unmock our wrappers for libc's blocking hostname resolver code. + **/ +void +unmock_hostname_resolver(void) +{ + UNMOCK(tor_addr_lookup_host_impl); +} diff --git a/src/test/resolve_test_helpers.h b/src/test/resolve_test_helpers.h new file mode 100644 index 0000000000..ca642d6c63 --- /dev/null +++ b/src/test/resolve_test_helpers.h @@ -0,0 +1,18 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * @file resolve_test_helpers.h + * @brief Header for test/resolve_test_helpers.c + **/ + +#ifndef TOR_TEST_RESOLVE_TEST_HELPERS_H +#define TOR_TEST_RESOLVE_TEST_HELPERS_H + +void mock_hostname_resolver(void); +void unmock_hostname_resolver(void); + +#endif /* !defined(TOR_TEST_RESOLVE_TEST_HELPERS_H) */ diff --git a/src/test/rng_test_helpers.c b/src/test/rng_test_helpers.c new file mode 100644 index 0000000000..b7d7cb0dfa --- /dev/null +++ b/src/test/rng_test_helpers.c @@ -0,0 +1,259 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file rng_test_helpers.c + * \brief Helpers for overriding PRNGs during unit tests. + * + * We define two PRNG overrides: a "reproducible PRNG" where the seed is + * chosen randomly but the stream can be replayed later on in case a bug is + * found, and a "deterministic PRNG" where the seed is fixed in the unit + * tests. + * + * Obviously, this code is testing-only. + */ + +#include "orconfig.h" +#include "core/or/or.h" + +#include "lib/crypt_ops/crypto_rand.h" +#include "ext/tinytest.h" + +#include "test/rng_test_helpers.h" + +#ifndef TOR_UNIT_TESTS +#error "No. Never link this code into Tor proper." +#endif + +/** + * True iff the RNG is currently replaced. Prevents double-replacement. + **/ +static bool rng_is_replaced = false; + +/** + * Mutex to protect deterministic prng. + * + * Note that if you actually _use_ the prng from two threads at the same time, + * the results will probably be nondeterministic anyway. + */ +static tor_mutex_t *rng_mutex = NULL; + +/** + * Cached old value for the thread prng. + **/ +static crypto_fast_rng_t *stored_fast_rng = NULL; + +/** replacement for crypto_strongest_rand that delegates to crypto_rand. */ +static void +mock_crypto_strongest_rand(uint8_t *out, size_t len) +{ + crypto_rand((char *)out, len); +} + +/* This is the seed of the deterministic randomness. */ +static uint8_t rng_seed[16]; +static crypto_xof_t *rng_xof = NULL; + +/** + * Print the seed for our PRNG to stdout. We use this when we're failed + * test that had a reproducible RNG set. + **/ +void +testing_dump_reproducible_rng_seed(void) +{ + printf("\n" + "Seed: %s\n", + hex_str((const char*)rng_seed, sizeof(rng_seed))); +} + +/** Produce deterministic randomness for the stochastic tests using the global + * rng_xof output. + * + * This function produces deterministic data over multiple calls iff it's + * called in the same call order with the same 'n' parameter. + * If not, outputs will deviate. */ +static void +crypto_rand_deterministic(char *out, size_t n) +{ + tor_assert(rng_xof); + tor_mutex_acquire(rng_mutex); + crypto_xof_squeeze_bytes(rng_xof, (uint8_t*)out, n); + tor_mutex_release(rng_mutex); +} + +/** + * Implementation helper: override our crypto_rand() PRNG with a given seed of + * length <b>seed_len</b>. Overlong seeds are truncated; short ones are + * padded. + **/ +static void +enable_deterministic_rng_impl(const uint8_t *seed, size_t seed_len) +{ + tor_assert(!rng_is_replaced); + tor_assert(crypto_rand == crypto_rand__real); + + memset(rng_seed, 0, sizeof(rng_seed)); + memcpy(rng_seed, seed, MIN(seed_len, sizeof(rng_seed))); + + rng_mutex = tor_mutex_new(); + + crypto_xof_free(rng_xof); + rng_xof = crypto_xof_new(); + crypto_xof_add_bytes(rng_xof, rng_seed, sizeof(rng_seed)); + MOCK(crypto_rand, crypto_rand_deterministic); + MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand); + + uint8_t fast_rng_seed[CRYPTO_FAST_RNG_SEED_LEN]; + memset(fast_rng_seed, 0xff, sizeof(fast_rng_seed)); + memcpy(fast_rng_seed, rng_seed, MIN(sizeof(rng_seed), + sizeof(fast_rng_seed))); + crypto_fast_rng_t *fast_rng = crypto_fast_rng_new_from_seed(fast_rng_seed); + crypto_fast_rng_disable_reseed(fast_rng); + stored_fast_rng = crypto_replace_thread_fast_rng(fast_rng); + + rng_is_replaced = true; +} + +/** + * Replace our get_thread_fast_rng(), crypto_rand() and + * crypto_strongest_rand() prngs with a variant that generates all of its + * output deterministically from a randomly chosen seed. In the event of an + * error, you can log the seed later on with + * testing_dump_reproducible_rng_seed. + **/ +void +testing_enable_reproducible_rng(void) +{ + const char *provided_seed = getenv("TOR_TEST_RNG_SEED"); + if (provided_seed) { + size_t hexlen = strlen(provided_seed); + size_t seedlen = hexlen / 2; + uint8_t *seed = tor_malloc(hexlen / 2); + if (base16_decode((char*)seed, seedlen, provided_seed, hexlen) < 0) { + puts("Cannot decode value in TOR_TEST_RNG_SEED"); + exit(1); + } + enable_deterministic_rng_impl(seed, seedlen); + tor_free(seed); + } else { + uint8_t seed[16]; + crypto_rand((char*)seed, sizeof(seed)); + enable_deterministic_rng_impl(seed, sizeof(seed)); + } +} + +/** + * Replace our get_thread_fast_rng(), crypto_rand() and + * crypto_strongest_rand() prngs with a variant that generates all of its + * output deterministically from a fixed seed. This variant is mainly useful + * for cases when we don't want coverage to change between runs. + * + * USAGE NOTE: Test correctness SHOULD NOT depend on the specific output of + * this "rng". If you need a specific output, use + * testing_enable_prefilled_rng() instead. + **/ +void +testing_enable_deterministic_rng(void) +{ + static const uint8_t quotation[] = + "What will it be? A tree? A weed? " + "Each one is started from a seed."; // -- Mary Ann Hoberman + enable_deterministic_rng_impl(quotation, sizeof(quotation)); +} + +static uint8_t *prefilled_rng_buffer = NULL; +static size_t prefilled_rng_buflen; +static size_t prefilled_rng_idx; + +/** + * crypto_rand() replacement that returns canned data. + **/ +static void +crypto_rand_prefilled(char *out, size_t n) +{ + tor_mutex_acquire(rng_mutex); + while (n) { + size_t n_to_copy = MIN(prefilled_rng_buflen - prefilled_rng_idx, n); + memcpy(out, prefilled_rng_buffer + prefilled_rng_idx, n_to_copy); + out += n_to_copy; + n -= n_to_copy; + prefilled_rng_idx += n_to_copy; + + if (prefilled_rng_idx == prefilled_rng_buflen) { + prefilled_rng_idx = 0; + } + } + tor_mutex_release(rng_mutex); +} + +/** + * Replace our crypto_rand() and crypto_strongest_rand() prngs with a variant + * that yields output from a buffer. If it reaches the end of the buffer, it + * starts over. + * + * Note: the get_thread_fast_rng() prng is not replaced by this; we'll need + * more code to support that. + **/ +void +testing_enable_prefilled_rng(const void *buffer, size_t buflen) +{ + tor_assert(buflen > 0); + tor_assert(!rng_mutex); + rng_mutex = tor_mutex_new(); + + tor_mutex_acquire(rng_mutex); + + prefilled_rng_buffer = tor_memdup(buffer, buflen); + prefilled_rng_buflen = buflen; + prefilled_rng_idx = 0; + + tor_mutex_release(rng_mutex); + + MOCK(crypto_rand, crypto_rand_prefilled); + MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand); +} + +/** + * Reset the position in the prefilled RNG buffer to the start. + */ +void +testing_prefilled_rng_reset(void) +{ + tor_mutex_acquire(rng_mutex); + prefilled_rng_idx = 0; + tor_mutex_release(rng_mutex); +} + +/** + * Undo the overrides for our PRNG. To be used at the end of testing. + * + * Note that this function should be safe to call even if the rng has not + * yet been replaced. + **/ +void +testing_disable_rng_override(void) +{ + crypto_xof_free(rng_xof); + tor_free(prefilled_rng_buffer); + UNMOCK(crypto_rand); + UNMOCK(crypto_strongest_rand_); + tor_mutex_free(rng_mutex); + + crypto_fast_rng_t *rng = crypto_replace_thread_fast_rng(stored_fast_rng); + crypto_fast_rng_free(rng); + + rng_is_replaced = false; +} + +/** + * As testing_disable_rng_override(), but dump the seed if the current + * test has failed. + */ +void +testing_disable_reproducible_rng(void) +{ + if (tinytest_cur_test_has_failed()) { + testing_dump_reproducible_rng_seed(); + } + testing_disable_rng_override(); +} diff --git a/src/test/rng_test_helpers.h b/src/test/rng_test_helpers.h new file mode 100644 index 0000000000..6fcdaa2653 --- /dev/null +++ b/src/test/rng_test_helpers.h @@ -0,0 +1,25 @@ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_RNG_TEST_HELPERS_H +#define TOR_RNG_TEST_HELPERS_H + +#include "core/or/or.h" + +void testing_enable_deterministic_rng(void); +void testing_enable_reproducible_rng(void); +void testing_enable_prefilled_rng(const void *buffer, size_t buflen); + +void testing_prefilled_rng_reset(void); + +void testing_disable_rng_override(void); + +void testing_disable_reproducible_rng(void); +#define testing_disable_deterministic_rng() \ + testing_disable_rng_override() +#define testing_disable_prefilled_rng() \ + testing_disable_rng_override() + +void testing_dump_reproducible_rng_seed(void); + +#endif /* !defined(TOR_RNG_TEST_HELPERS_H) */ diff --git a/src/test/slow_ed25519.py b/src/test/slow_ed25519.py index f44708b200..be4eeab857 100644 --- a/src/test/slow_ed25519.py +++ b/src/test/slow_ed25519.py @@ -1,5 +1,5 @@ # This is the ed25519 implementation from -# http://ed25519.cr.yp.to/python/ed25519.py . +# https://ed25519.cr.yp.to/python/ed25519.py . # It is in the public domain. # # It isn't constant-time. Don't use it except for testing. Also, see @@ -8,6 +8,11 @@ # # Don't edit this file. Mess with ed25519_ref.py +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import hashlib b = 256 diff --git a/src/test/slownacl_curve25519.py b/src/test/slownacl_curve25519.py index 4dabab61b6..0cafe0e71f 100644 --- a/src/test/slownacl_curve25519.py +++ b/src/test/slownacl_curve25519.py @@ -6,10 +6,15 @@ # Nick got the slownacl source from: # https://github.com/mdempsky/dnscurve/tree/master/slownacl -__all__ = ['smult_curve25519_base', 'smult_curve25519'] +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals import sys +__all__ = ['smult_curve25519_base', 'smult_curve25519'] + P = 2 ** 255 - 19 A = 486662 diff --git a/src/test/sr_commit_calc_ref.py b/src/test/sr_commit_calc_ref.py index 45e629cfb0..c4cb72d87f 100644 --- a/src/test/sr_commit_calc_ref.py +++ b/src/test/sr_commit_calc_ref.py @@ -12,6 +12,11 @@ # COMMIT = base64-encode( TIMESTAMP || H(REVEAL) ) # +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import sys import hashlib import struct diff --git a/src/test/sr_srv_calc_ref.py b/src/test/sr_srv_calc_ref.py index 492ca62b15..a3752b15cc 100644 --- a/src/test/sr_srv_calc_ref.py +++ b/src/test/sr_srv_calc_ref.py @@ -10,6 +10,11 @@ # HASHED_REVEALS | previous_SRV) # +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division +from __future__ import print_function +from __future__ import unicode_literals + import sys import hashlib import struct diff --git a/src/test/test-child.c b/src/test/test-child.c deleted file mode 100644 index 11a1695cad..0000000000 --- a/src/test/test-child.c +++ /dev/null @@ -1,61 +0,0 @@ -/* Copyright (c) 2011-2019, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -#include "orconfig.h" -#include <stdio.h> -#ifdef _WIN32 -#define WINDOWS_LEAN_AND_MEAN -#include <windows.h> -#else -#include <unistd.h> -#endif /* defined(_WIN32) */ -#include <string.h> - -#ifdef _WIN32 -#define SLEEP(sec) Sleep((sec)*1000) -#else -#define SLEEP(sec) sleep(sec) -#endif - -/** Trivial test program which prints out its command line arguments so we can - * check if tor_spawn_background() works */ -int -main(int argc, char **argv) -{ - int i; - int delay = 1; - int fast = 0; - - if (argc > 1) { - if (!strcmp(argv[1], "--hang")) { - delay = 60; - } else if (!strcmp(argv[1], "--fast")) { - fast = 1; - delay = 0; - } - } - - fprintf(stdout, "OUT\n"); - fprintf(stderr, "ERR\n"); - for (i = 1; i < argc; i++) - fprintf(stdout, "%s\n", argv[i]); - if (!fast) - fprintf(stdout, "SLEEPING\n"); - /* We need to flush stdout so that test_util_spawn_background_partial_read() - succeed. Otherwise ReadFile() will get the entire output in one */ - // XXX: Can we make stdio flush on newline? - fflush(stdout); - if (!fast) - SLEEP(1); - fprintf(stdout, "DONE\n"); - fflush(stdout); - if (fast) - return 0; - - while (--delay) { - SLEEP(1); - } - - return 0; -} - diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c index 43754ed1c2..4faf7bc5a1 100644 --- a/src/test/test-memwipe.c +++ b/src/test/test-memwipe.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -49,7 +49,7 @@ const char *s = NULL; * us do bad things, such as access freed buffers, without crashing. */ extern const char *malloc_options; const char *malloc_options = "sufjj"; -#endif +#endif /* defined(OpenBSD) */ static unsigned fill_a_buffer_memset(void) diff --git a/src/test/test-network.sh b/src/test/test-network.sh index b7a9f1b3c0..5ef995f1a4 100755 --- a/src/test/test-network.sh +++ b/src/test/test-network.sh @@ -5,7 +5,7 @@ # If we already know CHUTNEY_PATH, don't bother with argument parsing TEST_NETWORK="$CHUTNEY_PATH/tools/test-network.sh" # Call the chutney version of this script, if it exists, and we can find it -if [ -d "$CHUTNEY_PATH" -a -x "$TEST_NETWORK" ]; then +if [ -d "$CHUTNEY_PATH" ] && [ -x "$TEST_NETWORK" ]; then # we can't produce any output, because we might be --quiet # this preserves arguments with spaces correctly exec "$TEST_NETWORK" "$@" @@ -16,34 +16,16 @@ fi # Do we output anything at all? ECHO="${ECHO:-echo}" # Output is prefixed with the name of the script -myname=$(basename $0) - -# Save the arguments before we destroy them -# This might not preserve arguments with spaces in them -ORIGINAL_ARGS="$@" +myname=$(basename "$0") # We need to find CHUTNEY_PATH, so that we can call the version of this script # in chutney/tools with the same arguments. We also need to respect --quiet. -until [ -z "$1" ] -do - case "$1" in - --chutney-path) - CHUTNEY_PATH="$2" - shift - ;; - --tor-path) - TOR_DIR="$2" - shift - ;; - --quiet) - ECHO=true - ;; - *) - # maybe chutney's test-network.sh can handle it - ;; - esac - shift -done +CHUTNEY_PATH=$(echo "$@" | awk -F '--chutney-path ' '{sub(" .*","",$2); print $2}') +TOR_DIR=$(echo "$@" | awk -F '--tor-dir ' '{sub(" .*","",$2); print $2}') + +if echo "$@" | grep -e "--quiet" > /dev/null; then + ECHO=true +fi # optional: $TOR_DIR is the tor build directory # it's used to find the location of tor binaries @@ -52,12 +34,12 @@ done # - if $PWD looks like a tor build directory, set it to $PWD, or # - unset $TOR_DIR, and let chutney fall back to finding tor binaries in $PATH if [ ! -d "$TOR_DIR" ]; then - if [ -d "$BUILDDIR/src/core/or" -a -d "$BUILDDIR/src/tools" ]; then + if [ -d "$BUILDDIR/src/core/or" ] && [ -d "$BUILDDIR/src/tools" ]; then # Choose the build directory # But only if it looks like one $ECHO "$myname: \$TOR_DIR not set, trying \$BUILDDIR" TOR_DIR="$BUILDDIR" - elif [ -d "$PWD/src/core/or" -a -d "$PWD/src/tools" ]; then + elif [ -d "$PWD/src/core/or" ] && [ -d "$PWD/src/tools" ]; then # Guess the tor directory is the current directory # But only if it looks like one $ECHO "$myname: \$TOR_DIR not set, trying \$PWD" @@ -73,12 +55,12 @@ fi # - if $PWD looks like a chutney directory, set it to $PWD, or # - set it based on $TOR_DIR, expecting chutney to be next to tor, or # - fail and tell the user how to clone the chutney repository -if [ ! -d "$CHUTNEY_PATH" -o ! -x "$CHUTNEY_PATH/chutney" ]; then +if [ ! -d "$CHUTNEY_PATH" ] || [ ! -x "$CHUTNEY_PATH/chutney" ]; then if [ -x "$PWD/chutney" ]; then $ECHO "$myname: \$CHUTNEY_PATH not valid, trying \$PWD" CHUTNEY_PATH="$PWD" - elif [ -d "$TOR_DIR" -a -d "$TOR_DIR/../chutney" -a \ - -x "$TOR_DIR/../chutney/chutney" ]; then + elif [ -d "$TOR_DIR" ] && [ -d "$TOR_DIR/../chutney" ] && \ + [ -x "$TOR_DIR/../chutney/chutney" ]; then $ECHO "$myname: \$CHUTNEY_PATH not valid, trying \$TOR_DIR/../chutney" CHUTNEY_PATH="$TOR_DIR/../chutney" else @@ -94,12 +76,12 @@ fi TEST_NETWORK="$CHUTNEY_PATH/tools/test-network.sh" # Call the chutney version of this script, if it exists, and we can find it -if [ -d "$CHUTNEY_PATH" -a -x "$TEST_NETWORK" ]; then +if [ -d "$CHUTNEY_PATH" ] && [ -x "$TEST_NETWORK" ]; then $ECHO "$myname: Calling newer chutney script $TEST_NETWORK" # this may fail if some arguments have spaces in them # if so, set CHUTNEY_PATH before calling test-network.sh, and spaces # will be handled correctly - exec "$TEST_NETWORK" $ORIGINAL_ARGS + exec "$TEST_NETWORK" "$@" else $ECHO "$myname: Could not find tools/test-network.sh in CHUTNEY_PATH." $ECHO "$myname: Please update your chutney using 'git pull'." diff --git a/src/test/test-process.c b/src/test/test-process.c new file mode 100644 index 0000000000..f5a1f1a54e --- /dev/null +++ b/src/test/test-process.c @@ -0,0 +1,85 @@ +/* Copyright (c) 2011-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" +#include <stdio.h> +#ifdef _WIN32 +#define WINDOWS_LEAN_AND_MEAN +#include <windows.h> +#else +#include <unistd.h> +#endif /* defined(_WIN32) */ +#include <string.h> +#include <stdlib.h> + +#ifdef _WIN32 +#define SLEEP(sec) Sleep((sec)*1000) +#else +#define SLEEP(sec) sleep(sec) +#endif + +/* Trivial test program to test process_t. */ +int +main(int argc, char **argv) +{ + /* Does our process get the right arguments? */ + for (int i = 0; i < argc; ++i) { + fprintf(stdout, "argv[%d] = '%s'\n", i, argv[i]); + fflush(stdout); + } + + /* Make sure our process got our environment variable. */ + fprintf(stdout, "Environment variable TOR_TEST_ENV = '%s'\n", + getenv("TOR_TEST_ENV")); + fflush(stdout); + + /* Test line handling on stdout and stderr. */ + fprintf(stdout, "Output on stdout\nThis is a new line\n"); + fflush(stdout); + + fprintf(stderr, "Output on stderr\nThis is a new line\n"); + fflush(stderr); + + fprintf(stdout, "Partial line on stdout ..."); + fflush(stdout); + + fprintf(stderr, "Partial line on stderr ..."); + fflush(stderr); + + SLEEP(2); + + fprintf(stdout, "end of partial line on stdout\n"); + fflush(stdout); + fprintf(stderr, "end of partial line on stderr\n"); + fflush(stderr); + + /* Echo input from stdin. */ + char buffer[1024]; + + int count = 0; + + while (fgets(buffer, sizeof(buffer), stdin)) { + /* Strip the newline. */ + size_t size = strlen(buffer); + + if (size >= 1 && buffer[size - 1] == '\n') { + buffer[size - 1] = '\0'; + --size; + } + + if (size >= 1 && buffer[size - 1] == '\r') { + buffer[size - 1] = '\0'; + --size; + } + + fprintf(stdout, "Read line from stdin: '%s'\n", buffer); + fflush(stdout); + + if (++count == 3) + break; + } + + fprintf(stdout, "We are done for here, thank you!\n"); + + return 0; +} diff --git a/src/test/test-timers.c b/src/test/test-timers.c index c80fb1e305..18e2191a09 100644 --- a/src/test/test-timers.c +++ b/src/test/test-timers.c @@ -1,4 +1,4 @@ -/* Copyright 2016-2019, The Tor Project, Inc. */ +/* Copyright 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -59,7 +59,7 @@ main(int argc, char **argv) { (void)argc; (void)argv; - tor_libevent_cfg cfg; + tor_libevent_cfg_t cfg; memset(&cfg, 0, sizeof(cfg)); tor_libevent_initialize(&cfg); timers_initialize(); diff --git a/src/test/test.c b/src/test/test.c index 58b468775c..4b6082ce4f 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -12,6 +12,7 @@ #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_rand.h" #include "app/config/or_state_st.h" +#include "test/rng_test_helpers.h" #include <stdio.h> #ifdef HAVE_FCNTL_H @@ -37,7 +38,7 @@ #include "core/or/or.h" #include "lib/err/backtrace.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/or/circuitlist.h" #include "core/or/circuitstats.h" #include "lib/compress/compress.h" @@ -54,7 +55,6 @@ #include "core/crypto/onion_fast.h" #include "core/crypto/onion_tap.h" #include "core/or/policies.h" -#include "feature/stats/rephist.h" #include "app/config/statefile.h" #include "lib/crypt_ops/crypto_curve25519.h" @@ -283,7 +283,7 @@ test_fast_handshake(void *arg) /* First, test an entire handshake. */ memset(client_handshake, 0, sizeof(client_handshake)); tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake)); - tt_assert(! tor_mem_is_zero((char*)client_handshake, + tt_assert(! fast_mem_is_zero((char*)client_handshake, sizeof(client_handshake))); tt_int_op(0, OP_EQ, @@ -354,18 +354,6 @@ test_onion_queues(void *arg) tor_free(onionskin); } -static crypto_cipher_t *crypto_rand_aes_cipher = NULL; - -// Mock replacement for crypto_rand: Generates bytes from a provided AES_CTR -// cipher in <b>crypto_rand_aes_cipher</b>. -static void -crypto_rand_deterministic_aes(char *out, size_t n) -{ - tor_assert(crypto_rand_aes_cipher); - memset(out, 0, n); - crypto_cipher_crypt_inplace(crypto_rand_aes_cipher, out, n); -} - static void test_circuit_timeout(void *arg) { @@ -397,8 +385,7 @@ test_circuit_timeout(void *arg) // Use a deterministic RNG here, or else we'll get nondeterministic // coverage in some of the circuitstats functions. - MOCK(crypto_rand, crypto_rand_deterministic_aes); - crypto_rand_aes_cipher = crypto_cipher_new("xyzzyplughplover"); + testing_enable_deterministic_rng(); circuitbuild_running_unit_tests(); #define timeout0 (build_time_t)(30*1000.0) @@ -534,8 +521,8 @@ test_circuit_timeout(void *arg) circuit_build_times_free_timeouts(&final); or_state_free(state); teardown_periodic_events(); - UNMOCK(crypto_rand); - crypto_cipher_free(crypto_rand_aes_cipher); + + testing_disable_deterministic_rng(); } /** Test encoding and parsing of rendezvous service descriptors. */ @@ -651,166 +638,6 @@ test_rend_fns(void *arg) tor_free(intro_points_encrypted); } -/** Run unit tests for stats code. */ -static void -test_stats(void *arg) -{ - time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */ - char *s = NULL; - int i; - - /* Start with testing exit port statistics; we shouldn't collect exit - * stats without initializing them. */ - (void)arg; - rep_hist_note_exit_stream_opened(80); - rep_hist_note_exit_bytes(80, 100, 10000); - s = rep_hist_format_exit_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Initialize stats, note some streams and bytes, and generate history - * string. */ - rep_hist_exit_stats_init(now); - rep_hist_note_exit_stream_opened(80); - rep_hist_note_exit_bytes(80, 100, 10000); - rep_hist_note_exit_stream_opened(443); - rep_hist_note_exit_bytes(443, 100, 10000); - rep_hist_note_exit_bytes(443, 100, 10000); - s = rep_hist_format_exit_stats(now + 86400); - tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "exit-kibibytes-written 80=1,443=1,other=0\n" - "exit-kibibytes-read 80=10,443=20,other=0\n" - "exit-streams-opened 80=4,443=4,other=0\n",OP_EQ, s); - tor_free(s); - - /* Add a few bytes on 10 more ports and ensure that only the top 10 - * ports are contained in the history string. */ - for (i = 50; i < 60; i++) { - rep_hist_note_exit_bytes(i, i, i); - rep_hist_note_exit_stream_opened(i); - } - s = rep_hist_format_exit_stats(now + 86400); - tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "exit-kibibytes-written 52=1,53=1,54=1,55=1,56=1,57=1,58=1," - "59=1,80=1,443=1,other=1\n" - "exit-kibibytes-read 52=1,53=1,54=1,55=1,56=1,57=1,58=1," - "59=1,80=10,443=20,other=1\n" - "exit-streams-opened 52=4,53=4,54=4,55=4,56=4,57=4,58=4," - "59=4,80=4,443=4,other=4\n",OP_EQ, s); - tor_free(s); - - /* Stop collecting stats, add some bytes, and ensure we don't generate - * a history string. */ - rep_hist_exit_stats_term(); - rep_hist_note_exit_bytes(80, 100, 10000); - s = rep_hist_format_exit_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Re-start stats, add some bytes, reset stats, and see what history we - * get when observing no streams or bytes at all. */ - rep_hist_exit_stats_init(now); - rep_hist_note_exit_stream_opened(80); - rep_hist_note_exit_bytes(80, 100, 10000); - rep_hist_reset_exit_stats(now); - s = rep_hist_format_exit_stats(now + 86400); - tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "exit-kibibytes-written other=0\n" - "exit-kibibytes-read other=0\n" - "exit-streams-opened other=0\n",OP_EQ, s); - tor_free(s); - - /* Continue with testing connection statistics; we shouldn't collect - * conn stats without initializing them. */ - rep_hist_note_or_conn_bytes(1, 20, 400, now); - s = rep_hist_format_conn_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Initialize stats, note bytes, and generate history string. */ - rep_hist_conn_stats_init(now); - rep_hist_note_or_conn_bytes(1, 30000, 400000, now); - rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5); - rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10); - rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); - s = rep_hist_format_conn_stats(now + 86400); - tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,1,0\n",OP_EQ, s); - tor_free(s); - - /* Stop collecting stats, add some bytes, and ensure we don't generate - * a history string. */ - rep_hist_conn_stats_term(); - rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); - s = rep_hist_format_conn_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Re-start stats, add some bytes, reset stats, and see what history we - * get when observing no bytes at all. */ - rep_hist_conn_stats_init(now); - rep_hist_note_or_conn_bytes(1, 30000, 400000, now); - rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5); - rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10); - rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); - rep_hist_reset_conn_stats(now); - s = rep_hist_format_conn_stats(now + 86400); - tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,0,0\n",OP_EQ, s); - tor_free(s); - - /* Continue with testing buffer statistics; we shouldn't collect buffer - * stats without initializing them. */ - rep_hist_add_buffer_stats(2.0, 2.0, 20); - s = rep_hist_format_buffer_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Initialize stats, add statistics for a single circuit, and generate - * the history string. */ - rep_hist_buffer_stats_init(now); - rep_hist_add_buffer_stats(2.0, 2.0, 20); - s = rep_hist_format_buffer_stats(now + 86400); - tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "cell-processed-cells 20,0,0,0,0,0,0,0,0,0\n" - "cell-queued-cells 2.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00," - "0.00,0.00\n" - "cell-time-in-queue 2,0,0,0,0,0,0,0,0,0\n" - "cell-circuits-per-decile 1\n",OP_EQ, s); - tor_free(s); - - /* Add nineteen more circuit statistics to the one that's already in the - * history to see that the math works correctly. */ - for (i = 21; i < 30; i++) - rep_hist_add_buffer_stats(2.0, 2.0, i); - for (i = 20; i < 30; i++) - rep_hist_add_buffer_stats(3.5, 3.5, i); - s = rep_hist_format_buffer_stats(now + 86400); - tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "cell-processed-cells 29,28,27,26,25,24,23,22,21,20\n" - "cell-queued-cells 2.75,2.75,2.75,2.75,2.75,2.75,2.75,2.75," - "2.75,2.75\n" - "cell-time-in-queue 3,3,3,3,3,3,3,3,3,3\n" - "cell-circuits-per-decile 2\n",OP_EQ, s); - tor_free(s); - - /* Stop collecting stats, add statistics for one circuit, and ensure we - * don't generate a history string. */ - rep_hist_buffer_stats_term(); - rep_hist_add_buffer_stats(2.0, 2.0, 20); - s = rep_hist_format_buffer_stats(now + 86400); - tt_ptr_op(s, OP_EQ, NULL); - - /* Re-start stats, add statistics for one circuit, reset stats, and make - * sure that the history has all zeros. */ - rep_hist_buffer_stats_init(now); - rep_hist_add_buffer_stats(2.0, 2.0, 20); - rep_hist_reset_buffer_stats(now); - s = rep_hist_format_buffer_stats(now + 86400); - tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" - "cell-processed-cells 0,0,0,0,0,0,0,0,0,0\n" - "cell-queued-cells 0.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00," - "0.00,0.00\n" - "cell-time-in-queue 0,0,0,0,0,0,0,0,0,0\n" - "cell-circuits-per-decile 0\n",OP_EQ, s); - - done: - tor_free(s); -} - #define ENT(name) \ { #name, test_ ## name , 0, NULL, NULL } #define FORK(name) \ @@ -824,7 +651,6 @@ static struct testcase_t test_array[] = { { "fast_handshake", test_fast_handshake, 0, NULL, NULL }, FORK(circuit_timeout), FORK(rend_fns), - FORK(stats), END_OF_TESTCASES }; @@ -845,18 +671,24 @@ struct testgroup_t testgroups[] = { { "channeltls/", channeltls_tests }, { "checkdir/", checkdir_tests }, { "circuitbuild/", circuitbuild_tests }, + { "circuitpadding/", circuitpadding_tests }, { "circuitlist/", circuitlist_tests }, { "circuitmux/", circuitmux_tests }, - { "circuituse/", circuituse_tests }, + { "circuitmux_ewma/", circuitmux_ewma_tests }, { "circuitstats/", circuitstats_tests }, + { "circuituse/", circuituse_tests }, { "compat/libevent/", compat_libevent_tests }, { "config/", config_tests }, + { "config/mgr/", confmgr_tests }, + { "config/parse/", confparse_tests }, { "connection/", connection_tests }, { "conscache/", conscache_tests }, { "consdiff/", consdiff_tests }, { "consdiffmgr/", consdiffmgr_tests }, { "container/", container_tests }, + { "container/namemap/", namemap_tests }, { "control/", controller_tests }, + { "control/btrack/", btrack_tests }, { "control/event/", controller_event_tests }, { "crypto/", crypto_tests }, { "crypto/ope/", crypto_ope_tests }, @@ -864,42 +696,57 @@ struct testgroup_t testgroups[] = { { "crypto/openssl/", crypto_openssl_tests }, #endif { "crypto/pem/", pem_tests }, + { "crypto/rng/", crypto_rng_tests }, { "dir/", dir_tests }, - { "dir_handle_get/", dir_handle_get_tests }, + { "dir/auth/process_descs/", process_descs_tests }, { "dir/md/", microdesc_tests }, - { "dir/voting-schedule/", voting_schedule_tests }, + { "dir/voting/flags/", voting_flags_tests }, + { "dir/voting/schedule/", voting_schedule_tests }, + { "dir_handle_get/", dir_handle_get_tests }, + { "dispatch/", dispatch_tests, }, + { "dns/", dns_tests }, { "dos/", dos_tests }, { "entryconn/", entryconn_tests }, { "entrynodes/", entrynodes_tests }, - { "guardfraction/", guardfraction_tests }, { "extorport/", extorport_tests }, { "geoip/", geoip_tests }, - { "legacy_hs/", hs_tests }, + { "guardfraction/", guardfraction_tests }, { "hs_cache/", hs_cache }, { "hs_cell/", hs_cell_tests }, + { "hs_client/", hs_client_tests }, { "hs_common/", hs_common_tests }, { "hs_config/", hs_config_tests }, { "hs_control/", hs_control_tests }, { "hs_descriptor/", hs_descriptor }, + { "hs_dos/", hs_dos_tests }, + { "hs_intropoint/", hs_intropoint_tests }, { "hs_ntor/", hs_ntor_tests }, + { "hs_ob/", hs_ob_tests }, { "hs_service/", hs_service_tests }, - { "hs_client/", hs_client_tests }, - { "hs_intropoint/", hs_intropoint_tests }, { "introduce/", introduce_tests }, { "keypin/", keypin_tests }, + { "legacy_hs/", hs_tests }, { "link-handshake/", link_handshake_tests }, { "mainloop/", mainloop_tests }, + { "netinfo/", netinfo_tests }, { "nodelist/", nodelist_tests }, { "oom/", oom_tests }, { "oos/", oos_tests }, { "options/", options_tests }, + { "options/act/", options_act_tests }, + { "parsecommon/", parsecommon_tests }, { "periodic-event/" , periodic_event_tests }, { "policy/" , policy_tests }, + { "prob_distr/", prob_distr_tests }, { "procmon/", procmon_tests }, + { "process/", process_tests }, + { "proto/haproxy/", proto_haproxy_tests }, { "proto/http/", proto_http_tests }, { "proto/misc/", proto_misc_tests }, { "protover/", protover_tests }, { "pt/", pt_tests }, + { "pubsub/build/", pubsub_build_tests }, + { "pubsub/msg/", pubsub_msg_tests }, { "relay/" , relay_tests }, { "relaycell/", relaycell_tests }, { "relaycrypt/", relaycrypt_tests }, @@ -910,10 +757,13 @@ struct testgroup_t testgroups[] = { { "routerlist/", routerlist_tests }, { "routerset/" , routerset_tests }, { "scheduler/", scheduler_tests }, - { "socks/", socks_tests }, + { "sendme/", sendme_tests }, { "shared-random/", sr_tests }, + { "socks/", socks_tests }, + { "stats/", stats_tests }, { "status/" , status_tests }, { "storagedir/", storagedir_tests }, + { "token_bucket/", token_bucket_tests }, { "tortls/", tortls_tests }, #ifndef ENABLE_NSS { "tortls/openssl/", tortls_openssl_tests }, @@ -921,10 +771,9 @@ struct testgroup_t testgroups[] = { { "tortls/x509/", x509_tests }, { "util/", util_tests }, { "util/format/", util_format_tests }, + { "util/handle/", handle_tests }, { "util/logging/", logging_tests }, { "util/process/", util_process_tests }, { "util/thread/", thread_tests }, - { "util/handle/", handle_tests }, - { "dns/", dns_tests }, END_OF_GROUPS }; diff --git a/src/test/test.h b/src/test/test.h index aacc9dba87..18987719d0 100644 --- a/src/test/test.h +++ b/src/test/test.h @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2003, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef TOR_TEST_H @@ -37,6 +37,7 @@ #define test_memeq_hex(expr1, hex) test_mem_op_hex(expr1, OP_EQ, hex) +#ifndef COCCI #define tt_double_op(a,op,b) \ tt_assert_test_type(a,b,#a" "#op" "#b,double,(val1_ op val2_),"%g", \ TT_EXIT_TEST_FUNCTION) @@ -64,6 +65,7 @@ tt_assert_test_fmt_type(a,b,#a" "#op" "#b,int64_t,(val1_ op val2_), \ int64_t, "%"PRId64, \ {print_ = (int64_t) value_;}, {}, TT_EXIT_TEST_FUNCTION) +#endif /* !defined(COCCI) */ /** * Declare that the test is done, even though no tt___op() calls were made. @@ -79,169 +81,98 @@ struct crypto_pk_t *pk_generate(int idx); void init_pregenerated_keys(void); void free_pregenerated_keys(void); -#define US2_CONCAT_2__(a, b) a ## __ ## b -#define US_CONCAT_2__(a, b) a ## _ ## b -#define US_CONCAT_3__(a, b, c) a ## _ ## b ## _ ## c -#define US_CONCAT_2_(a, b) US_CONCAT_2__(a, b) -#define US_CONCAT_3_(a, b, c) US_CONCAT_3__(a, b, c) - -/* - * These macros are helpful for streamlining the authorship of several test - * cases that use mocks. - * - * The pattern is as follows. - * * Declare a top level namespace: - * #define NS_MODULE foo - * - * * For each test case you want to write, create a new submodule in the - * namespace. All mocks and other information should belong to a single - * submodule to avoid interference with other test cases. - * You can simply name the submodule after the function in the module you - * are testing: - * #define NS_SUBMODULE some_function - * or, if you're wanting to write several tests against the same function, - * ie., you are testing an aspect of that function, you can use: - * #define NS_SUBMODULE ASPECT(some_function, behavior) - * - * * Declare all the mocks you will use. The NS_DECL macro serves to declare - * the mock in the current namespace (defined by NS_MODULE and NS_SUBMODULE). - * It behaves like MOCK_DECL: - * NS_DECL(int, dependent_function, (void *)); - * Here, dependent_function must be declared and implemented with the - * MOCK_DECL and MOCK_IMPL macros. The NS_DECL macro also defines an integer - * global for use for tracking how many times a mock was called, and can be - * accessed by CALLED(mock_name). For example, you might put - * CALLED(dependent_function)++; - * in your mock body. - * - * * Define a function called NS(main) that will contain the body of the - * test case. The NS macro can be used to reference a name in the current - * namespace. - * - * * In NS(main), indicate that a mock function in the current namespace, - * declared with NS_DECL is to override that in the global namespace, - * with the NS_MOCK macro: - * NS_MOCK(dependent_function) - * Unmock with: - * NS_UNMOCK(dependent_function) - * - * * Define the mocks with the NS macro, eg., - * int - * NS(dependent_function)(void *) - * { - * CALLED(dependent_function)++; - * } - * - * * In the struct testcase_t array, you can use the TEST_CASE and - * TEST_CASE_ASPECT macros to define the cases without having to do so - * explicitly nor without having to reset NS_SUBMODULE, eg., - * struct testcase_t foo_tests[] = { - * TEST_CASE_ASPECT(some_function, behavior), - * ... - * END_OF_TESTCASES - * which will define a test case named "some_function__behavior". - */ - -#define NAME_TEST_(name) #name -#define NAME_TEST(name) NAME_TEST_(name) -#define ASPECT(test_module, test_name) US2_CONCAT_2__(test_module, test_name) -#define TEST_CASE(function) \ - { \ - NAME_TEST(function), \ - NS_FULL(NS_MODULE, function, test_main), \ - TT_FORK, \ - NULL, \ - NULL, \ - } -#define TEST_CASE_ASPECT(function, aspect) \ - { \ - NAME_TEST(ASPECT(function, aspect)), \ - NS_FULL(NS_MODULE, ASPECT(function, aspect), test_main), \ - TT_FORK, \ - NULL, \ - NULL, \ - } - -#define NS(name) US_CONCAT_3_(NS_MODULE, NS_SUBMODULE, name) -#define NS_FULL(module, submodule, name) US_CONCAT_3_(module, submodule, name) - -#define CALLED(mock_name) US_CONCAT_2_(NS(mock_name), called) -#define NS_DECL(retval, mock_fn, args) \ - extern int CALLED(mock_fn); \ - static retval NS(mock_fn) args; int CALLED(mock_fn) = 0 -#define NS_MOCK(name) MOCK(name, NS(name)) -#define NS_UNMOCK(name) UNMOCK(name) - extern const struct testcase_setup_t passthrough_setup; extern const struct testcase_setup_t ed25519_test_setup; extern struct testcase_t accounting_tests[]; extern struct testcase_t addr_tests[]; -extern struct testcase_t address_tests[]; extern struct testcase_t address_set_tests[]; +extern struct testcase_t address_tests[]; extern struct testcase_t bridges_tests[]; -extern struct testcase_t bwmgt_tests[]; +extern struct testcase_t btrack_tests[]; extern struct testcase_t buffer_tests[]; +extern struct testcase_t bwmgt_tests[]; extern struct testcase_t cell_format_tests[]; extern struct testcase_t cell_queue_tests[]; extern struct testcase_t channel_tests[]; extern struct testcase_t channelpadding_tests[]; +extern struct testcase_t circuitpadding_tests[]; extern struct testcase_t channeltls_tests[]; extern struct testcase_t checkdir_tests[]; extern struct testcase_t circuitbuild_tests[]; extern struct testcase_t circuitlist_tests[]; extern struct testcase_t circuitmux_tests[]; -extern struct testcase_t circuituse_tests[]; +extern struct testcase_t circuitmux_ewma_tests[]; extern struct testcase_t circuitstats_tests[]; +extern struct testcase_t circuituse_tests[]; extern struct testcase_t compat_libevent_tests[]; extern struct testcase_t config_tests[]; +extern struct testcase_t confmgr_tests[]; +extern struct testcase_t confparse_tests[]; extern struct testcase_t connection_tests[]; extern struct testcase_t conscache_tests[]; extern struct testcase_t consdiff_tests[]; extern struct testcase_t consdiffmgr_tests[]; extern struct testcase_t container_tests[]; -extern struct testcase_t controller_tests[]; extern struct testcase_t controller_event_tests[]; -extern struct testcase_t crypto_tests[]; +extern struct testcase_t controller_tests[]; extern struct testcase_t crypto_ope_tests[]; extern struct testcase_t crypto_openssl_tests[]; -extern struct testcase_t dir_tests[]; +extern struct testcase_t crypto_rng_tests[]; +extern struct testcase_t crypto_tests[]; extern struct testcase_t dir_handle_get_tests[]; +extern struct testcase_t dir_tests[]; +extern struct testcase_t dispatch_tests[]; +extern struct testcase_t dns_tests[]; extern struct testcase_t dos_tests[]; extern struct testcase_t entryconn_tests[]; extern struct testcase_t entrynodes_tests[]; -extern struct testcase_t guardfraction_tests[]; extern struct testcase_t extorport_tests[]; extern struct testcase_t geoip_tests[]; -extern struct testcase_t hs_tests[]; +extern struct testcase_t guardfraction_tests[]; +extern struct testcase_t handle_tests[]; extern struct testcase_t hs_cache[]; extern struct testcase_t hs_cell_tests[]; +extern struct testcase_t hs_client_tests[]; extern struct testcase_t hs_common_tests[]; extern struct testcase_t hs_config_tests[]; extern struct testcase_t hs_control_tests[]; extern struct testcase_t hs_descriptor[]; +extern struct testcase_t hs_dos_tests[]; +extern struct testcase_t hs_intropoint_tests[]; extern struct testcase_t hs_ntor_tests[]; +extern struct testcase_t hs_ob_tests[]; extern struct testcase_t hs_service_tests[]; -extern struct testcase_t hs_client_tests[]; -extern struct testcase_t hs_intropoint_tests[]; +extern struct testcase_t hs_tests[]; extern struct testcase_t introduce_tests[]; extern struct testcase_t keypin_tests[]; extern struct testcase_t link_handshake_tests[]; extern struct testcase_t logging_tests[]; extern struct testcase_t mainloop_tests[]; extern struct testcase_t microdesc_tests[]; +extern struct testcase_t namemap_tests[]; +extern struct testcase_t netinfo_tests[]; extern struct testcase_t nodelist_tests[]; extern struct testcase_t oom_tests[]; extern struct testcase_t oos_tests[]; extern struct testcase_t options_tests[]; +extern struct testcase_t options_act_tests[]; +extern struct testcase_t parsecommon_tests[]; extern struct testcase_t pem_tests[]; extern struct testcase_t periodic_event_tests[]; extern struct testcase_t policy_tests[]; +extern struct testcase_t prob_distr_tests[]; +extern struct testcase_t slow_stochastic_prob_distr_tests[]; extern struct testcase_t procmon_tests[]; +extern struct testcase_t process_tests[]; +extern struct testcase_t process_descs_tests[]; +extern struct testcase_t proto_haproxy_tests[]; extern struct testcase_t proto_http_tests[]; extern struct testcase_t proto_misc_tests[]; extern struct testcase_t protover_tests[]; extern struct testcase_t pt_tests[]; +extern struct testcase_t pubsub_build_tests[]; +extern struct testcase_t pubsub_msg_tests[]; extern struct testcase_t relay_tests[]; extern struct testcase_t relaycell_tests[]; extern struct testcase_t relaycrypt_tests[]; @@ -252,23 +183,26 @@ extern struct testcase_t routerkeys_tests[]; extern struct testcase_t routerlist_tests[]; extern struct testcase_t routerset_tests[]; extern struct testcase_t scheduler_tests[]; -extern struct testcase_t storagedir_tests[]; +extern struct testcase_t sendme_tests[]; extern struct testcase_t socks_tests[]; +extern struct testcase_t sr_tests[]; +extern struct testcase_t stats_tests[]; extern struct testcase_t status_tests[]; +extern struct testcase_t storagedir_tests[]; extern struct testcase_t thread_tests[]; -extern struct testcase_t tortls_tests[]; +extern struct testcase_t token_bucket_tests[]; extern struct testcase_t tortls_openssl_tests[]; -extern struct testcase_t util_tests[]; +extern struct testcase_t tortls_tests[]; extern struct testcase_t util_format_tests[]; extern struct testcase_t util_process_tests[]; +extern struct testcase_t util_tests[]; +extern struct testcase_t voting_flags_tests[]; extern struct testcase_t voting_schedule_tests[]; -extern struct testcase_t dns_tests[]; -extern struct testcase_t handle_tests[]; -extern struct testcase_t sr_tests[]; extern struct testcase_t x509_tests[]; extern struct testcase_t slow_crypto_tests[]; -extern struct testcase_t slow_util_tests[]; +extern struct testcase_t slow_process_tests[]; +extern struct testcase_t slow_ptr_tests[]; extern struct testgroup_t testgroups[]; diff --git a/src/test/test_accounting.c b/src/test/test_accounting.c index 8ae8fe4343..7933df5e35 100644 --- a/src/test/test_accounting.c +++ b/src/test/test_accounting.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" @@ -11,19 +11,16 @@ #include "app/config/or_state_st.h" -#define NS_MODULE accounting - -#define NS_SUBMODULE limits - /* * Test to make sure accounting triggers hibernation * correctly with both sum or max rules set */ static or_state_t *or_state; -NS_DECL(or_state_t *, get_or_state, (void)); +static or_state_t * acct_limits_get_or_state(void); +ATTR_UNUSED static int acct_limits_get_or_state_called = 0; static or_state_t * -NS(get_or_state)(void) +acct_limits_get_or_state(void) { return or_state; } @@ -35,7 +32,8 @@ test_accounting_limits(void *arg) time_t fake_time = time(NULL); (void) arg; - NS_MOCK(get_or_state); + MOCK(get_or_state, + acct_limits_get_or_state); or_state = or_state_new(); options->AccountingMax = 100; @@ -94,12 +92,10 @@ test_accounting_limits(void *arg) goto done; done: - NS_UNMOCK(get_or_state); + UNMOCK(get_or_state); or_state_free(or_state); } -#undef NS_SUBMODULE - struct testcase_t accounting_tests[] = { { "bwlimits", test_accounting_limits, TT_FORK, NULL, NULL }, END_OF_TESTCASES diff --git a/src/test/test_addr.c b/src/test/test_addr.c index 8868edce25..cf5aad7e71 100644 --- a/src/test/test_addr.c +++ b/src/test/test_addr.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define ADDRESSMAP_PRIVATE @@ -11,6 +11,8 @@ #include "feature/client/addressmap.h" #include "test/log_test_helpers.h" #include "lib/net/resolve.h" +#include "test/rng_test_helpers.h" +#include "test/resolve_test_helpers.h" #ifdef HAVE_SYS_UN_H #include <sys/un.h> @@ -50,6 +52,7 @@ test_addr_basic(void *arg) ; } +#ifndef COCCI #define test_op_ip6_(a,op,b,e1,e2) \ STMT_BEGIN \ tt_assert_test_fmt_type(a,b,e1" "#op" "e2,struct in6_addr*, \ @@ -67,6 +70,7 @@ test_addr_basic(void *arg) TT_EXIT_TEST_FUNCTION \ ); \ STMT_END +#endif /* !defined(COCCI) */ /** Helper: Assert that two strings both decode as IPv6 addresses with * tor_inet_pton(), and both decode to the same address. */ @@ -106,9 +110,10 @@ test_addr_basic(void *arg) tt_int_op(tor_inet_pton(AF_INET6, a, &t1.addr.in6_addr), OP_EQ, 1); \ t1.family = AF_INET6; \ if (tor_addr_is_internal(&t1, for_listening)) \ - TT_DIE(("%s was not internal", a)); \ + TT_DIE(("%s was internal", a)); \ STMT_END +#ifndef COCCI /** Helper: Assert that <b>a</b> and <b>b</b>, when parsed by * tor_inet_pton(), give addresses that compare in the order defined by * <b>op</b> with tor_addr_compare(). */ @@ -133,6 +138,7 @@ test_addr_basic(void *arg) TT_DIE(("Failed: tor_addr_compare_masked(%s,%s,%d) %s 0", \ a, b, m, #op)); \ STMT_END +#endif /* !defined(COCCI) */ /** Helper: assert that <b>xx</b> is parseable as a masked IPv6 address with * ports by tor_parse_mask_addr_ports(), with family <b>f</b>, IP address @@ -239,7 +245,7 @@ test_addr_ip6_helpers(void *arg) tt_int_op(0,OP_EQ, tor_addr_lookup("9000::5", AF_UNSPEC, &t1)); tt_int_op(AF_INET6,OP_EQ, tor_addr_family(&t1)); tt_int_op(0x90,OP_EQ, tor_addr_to_in6_addr8(&t1)[0]); - tt_assert(tor_mem_is_zero((char*)tor_addr_to_in6_addr8(&t1)+1, 14)); + tt_assert(fast_mem_is_zero((char*)tor_addr_to_in6_addr8(&t1)+1, 14)); tt_int_op(0x05,OP_EQ, tor_addr_to_in6_addr8(&t1)[15]); /* === Test pton: valid af_inet6 */ @@ -653,12 +659,7 @@ test_addr_ip6_helpers(void *arg) tt_int_op(tor_addr_family(&t1),OP_EQ,AF_INET); tt_int_op(tor_addr_to_ipv4h(&t1),OP_EQ,0x01010202); r=tor_addr_parse_mask_ports("3.4.16.032:1-2",0,&t1, &mask, &port1, &port2); - tt_int_op(r, OP_EQ, AF_INET); - tt_int_op(mask,OP_EQ,32); - tt_int_op(tor_addr_family(&t1),OP_EQ,AF_INET); - tt_int_op(tor_addr_to_ipv4h(&t1),OP_EQ,0x03041020); - tt_uint_op(port1, OP_EQ, 1); - tt_uint_op(port2, OP_EQ, 2); + tt_int_op(r, OP_EQ, -1); r=tor_addr_parse_mask_ports("1.1.2.3/255.255.128.0",0,&t1, &mask,NULL,NULL); tt_int_op(r, OP_EQ, AF_INET); tt_int_op(mask,OP_EQ,17); @@ -696,7 +697,7 @@ test_addr_ip6_helpers(void *arg) &t1,&mask,&port1,&port2); tt_int_op(r,OP_EQ,AF_INET6); tt_int_op(tor_addr_family(&t1),OP_EQ,AF_INET6); - tt_assert(tor_mem_is_zero((const char*)tor_addr_to_in6_addr32(&t1), 16)); + tt_assert(fast_mem_is_zero((const char*)tor_addr_to_in6_addr32(&t1), 16)); tt_int_op(mask,OP_EQ,0); tt_int_op(port1,OP_EQ,1); tt_int_op(port2,OP_EQ,65535); @@ -723,104 +724,559 @@ test_addr_ip6_helpers(void *arg) ; } -/** Test tor_addr_port_parse(). */ +/* Test that addr_str successfully parses, and: + * - the address has family expect_family, + * - the fmt_decorated result of tor_addr_to_str() is expect_str. + */ +#define TEST_ADDR_PARSE_FMT(addr_str, expect_family, fmt_decorated, \ + expect_str) \ + STMT_BEGIN \ + r = tor_addr_parse(&addr, addr_str); \ + tt_int_op(r, OP_EQ, expect_family); \ + sv = tor_addr_to_str(buf, &addr, sizeof(buf), fmt_decorated); \ + tt_str_op(sv, OP_EQ, buf); \ + tt_str_op(buf, OP_EQ, expect_str); \ + STMT_END + +/* Test that addr_str fails to parse, and: + * - the returned address is null. + */ +#define TEST_ADDR_PARSE_XFAIL(addr_str) \ + STMT_BEGIN \ + r = tor_addr_parse(&addr, addr_str); \ + tt_int_op(r, OP_EQ, -1); \ + tt_assert(tor_addr_is_null(&addr)); \ + STMT_END + +/* Test that addr_port_str and default_port successfully parse, and: + * - the address has family expect_family, + * - the fmt_decorated result of tor_addr_to_str() is expect_str, + * - the port is expect_port. + */ +#define TEST_ADDR_PORT_PARSE_FMT(addr_port_str, default_port, expect_family, \ + fmt_decorated, expect_str, expect_port) \ + STMT_BEGIN \ + r = tor_addr_port_parse(LOG_DEBUG, addr_port_str, &addr, &port, \ + default_port); \ + tt_int_op(r, OP_EQ, 0); \ + tt_int_op(tor_addr_family(&addr), OP_EQ, expect_family); \ + sv = tor_addr_to_str(buf, &addr, sizeof(buf), fmt_decorated); \ + tt_str_op(sv, OP_EQ, buf); \ + tt_str_op(buf, OP_EQ, expect_str); \ + tt_int_op(port, OP_EQ, expect_port); \ + STMT_END + +/* Test that addr_port_str and default_port fail to parse, and: + * - the returned address is null, + * - the returned port is 0. + */ +#define TEST_ADDR_PORT_PARSE_XFAIL(addr_port_str, default_port) \ + STMT_BEGIN \ + r = tor_addr_port_parse(LOG_DEBUG, addr_port_str, &addr, &port, \ + default_port); \ + tt_int_op(r, OP_EQ, -1); \ + tt_assert(tor_addr_is_null(&addr)); \ + tt_int_op(port, OP_EQ, 0); \ + STMT_END + +/* Test that addr_str successfully parses as an IPv4 address using + * tor_lookup_hostname(), and: + * - the fmt_addr32() of the result is expect_str. + */ +#define TEST_ADDR_V4_LOOKUP_HOSTNAME(addr_str, expect_str) \ + STMT_BEGIN \ + r = tor_lookup_hostname(addr_str, &addr32h); \ + tt_int_op(r, OP_EQ, 0); \ + tt_str_op(fmt_addr32(addr32h), OP_EQ, expect_str); \ + STMT_END + +/* Test that bad_str fails to parse using tor_lookup_hostname(), with a + * permanent failure, and: + * - the returned address is 0. + */ +#define TEST_ADDR_V4_LOOKUP_XFAIL(bad_str) \ + STMT_BEGIN \ + r = tor_lookup_hostname(bad_str, &addr32h); \ + tt_int_op(r, OP_EQ, -1); \ + tt_int_op(addr32h, OP_EQ, 0); \ + STMT_END + +/* Test that looking up host_str as an IPv4 address using tor_lookup_hostname() + * does something sensible: + * - the result is -1, 0, or 1. + * - if the result is a failure, the returned address is 0. + * We can't rely on the result of this function, because it depends on the + * network. + */ +#define TEST_HOST_V4_LOOKUP(host_str) \ + STMT_BEGIN \ + r = tor_lookup_hostname(host_str, &addr32h); \ + tt_int_op(r, OP_GE, -1); \ + tt_int_op(r, OP_LE, 1); \ + if (r != 0) \ + tt_int_op(addr32h, OP_EQ, 0); \ + STMT_END + +/* Test that addr_str successfully parses as a require_family IP address using + * tor_addr_lookup(), and: + * - the address has family expect_family, + * - the fmt_decorated result of tor_addr_to_str() is expect_str. + */ +#define TEST_ADDR_LOOKUP_FMT(addr_str, require_family, expect_family, \ + fmt_decorated, expect_str) \ + STMT_BEGIN \ + r = tor_addr_lookup(addr_str, require_family, &addr); \ + tt_int_op(r, OP_EQ, 0); \ + tt_int_op(tor_addr_family(&addr), OP_EQ, expect_family); \ + sv = tor_addr_to_str(buf, &addr, sizeof(buf), fmt_decorated); \ + tt_str_op(sv, OP_EQ, buf); \ + tt_str_op(buf, OP_EQ, expect_str); \ + STMT_END + +/* Test that bad_str fails to parse as a require_family IP address using + * tor_addr_lookup(), with a permanent failure, and: + * - the returned address is null. + */ +#define TEST_ADDR_LOOKUP_XFAIL(bad_str, require_family) \ + STMT_BEGIN \ + r = tor_addr_lookup(bad_str, require_family, &addr); \ + tt_int_op(r, OP_EQ, -1); \ + tt_assert(tor_addr_is_null(&addr)); \ + STMT_END + +/* Test that looking up host_string as a require_family IP address using + * tor_addr_lookup(), does something sensible: + * - the result is -1, 0, or 1. + * - if the result is a failure, the returned address is null. + * We can't rely on the result of this function, because it depends on the + * network. + */ +#define TEST_HOST_LOOKUP(host_str, require_family) \ + STMT_BEGIN \ + r = tor_addr_lookup(host_str, require_family, &addr); \ + tt_int_op(r, OP_GE, -1); \ + tt_int_op(r, OP_LE, 1); \ + if (r != 0) \ + tt_assert(tor_addr_is_null(&addr)); \ + STMT_END + +/* Test that addr_port_str successfully parses as an IP address and port + * using tor_addr_port_lookup(), and: + * - the address has family expect_family, + * - the fmt_decorated result of tor_addr_to_str() is expect_str, + * - the port is expect_port. + */ +#define TEST_ADDR_PORT_LOOKUP_FMT(addr_port_str, expect_family, \ + fmt_decorated, expect_str, expect_port) \ + STMT_BEGIN \ + r = tor_addr_port_lookup(addr_port_str, &addr, &port); \ + tt_int_op(r, OP_EQ, 0); \ + tt_int_op(tor_addr_family(&addr), OP_EQ, expect_family); \ + sv = tor_addr_to_str(buf, &addr, sizeof(buf), fmt_decorated); \ + tt_str_op(sv, OP_EQ, buf); \ + tt_str_op(buf, OP_EQ, expect_str); \ + tt_int_op(port, OP_EQ, expect_port); \ + STMT_END + +/* Test that bad_str fails to parse as an IP address and port + * using tor_addr_port_lookup(), and: + * - the returned address is null, + * - the returned port is 0. + */ +#define TEST_ADDR_PORT_LOOKUP_XFAIL(bad_str) \ + STMT_BEGIN \ + r = tor_addr_port_lookup(bad_str, &addr, &port); \ + tt_int_op(r, OP_EQ, -1); \ + tt_assert(tor_addr_is_null(&addr)); \ + tt_int_op(port, OP_EQ, 0); \ + STMT_END + +/* Test that looking up host_port_str as an IP address using + * tor_addr_port_lookup(), does something sensible: + * - the result is -1 or 0. + * - if the result is a failure, the returned address is null, and the + * returned port is zero, + * - if the result is a success, the returned port is expect_success_port, + * and the returned family is AF_INET or AF_INET6. + * We can't rely on the result of this function, because it depends on the + * network. + */ +#define TEST_HOST_PORT_LOOKUP(host_port_str, expect_success_port) \ + STMT_BEGIN \ + r = tor_addr_port_lookup(host_port_str, &addr, &port); \ + tt_int_op(r, OP_GE, -1); \ + tt_int_op(r, OP_LE, 0); \ + if (r == -1) { \ + tt_assert(tor_addr_is_null(&addr)); \ + tt_int_op(port, OP_EQ, 0); \ + } else { \ + tt_assert(tor_addr_family(&addr) == AF_INET || \ + tor_addr_family(&addr) == AF_INET6); \ + tt_int_op(port, OP_EQ, expect_success_port); \ + } \ + STMT_END + +/* Test that addr_str successfully parses as a canonical IPv4 address. + * Check for successful parsing using: + * - tor_addr_parse(), + * - tor_addr_port_parse() with a default port, + * - tor_lookup_hostname(), + * - tor_addr_lookup() with AF_INET, + * - tor_addr_lookup() with AF_UNSPEC, + * - tor_addr_port_lookup(), with a zero port. + * Check for failures using: + * - tor_addr_port_parse() without a default port, because there is no port, + * - tor_addr_lookup() with AF_INET6, + * - tor_addr_port_lookup(), because there is no port. + */ +#define TEST_ADDR_V4_PARSE_CANONICAL(addr_str) \ + STMT_BEGIN \ + TEST_ADDR_PARSE_FMT(addr_str, AF_INET, 0, addr_str); \ + TEST_ADDR_PORT_PARSE_FMT(addr_str, 111, AF_INET, 0, \ + addr_str, 111); \ + TEST_ADDR_V4_LOOKUP_HOSTNAME(addr_str, addr_str); \ + TEST_ADDR_PORT_LOOKUP_FMT(addr_str, AF_INET, 0, addr_str, 0); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_INET, AF_INET, 0, addr_str); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_UNSPEC, AF_INET, 0, addr_str); \ + TEST_ADDR_PORT_PARSE_XFAIL(addr_str, -1); \ + TEST_ADDR_LOOKUP_XFAIL(addr_str, AF_INET6); \ + STMT_END + +/* Test that addr_str successfully parses as a canonical fmt_decorated + * IPv6 address. + * Check for successful parsing using: + * - tor_addr_parse(), + * - tor_addr_port_parse() with a default port, + * - tor_addr_lookup() with AF_INET6, + * - tor_addr_lookup() with AF_UNSPEC, + * - tor_addr_port_lookup(), with a zero port. + * Check for failures using: + * - tor_addr_port_parse() without a default port, because there is no port, + * - tor_lookup_hostname(), because it only supports IPv4, + * - tor_addr_lookup() with AF_INET. + */ +#define TEST_ADDR_V6_PARSE_CANONICAL(addr_str, fmt_decorated) \ + STMT_BEGIN \ + TEST_ADDR_PARSE_FMT(addr_str, AF_INET6, fmt_decorated, addr_str); \ + TEST_ADDR_PORT_PARSE_FMT(addr_str, 222, AF_INET6, fmt_decorated, \ + addr_str, 222); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_INET6, AF_INET6, fmt_decorated, \ + addr_str); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_UNSPEC, AF_INET6, fmt_decorated, \ + addr_str); \ + TEST_ADDR_PORT_LOOKUP_FMT(addr_str, AF_INET6, fmt_decorated, addr_str, \ + 0); \ + TEST_ADDR_PORT_PARSE_XFAIL(addr_str, -1); \ + TEST_ADDR_V4_LOOKUP_XFAIL(addr_str); \ + TEST_ADDR_LOOKUP_XFAIL(addr_str, AF_INET); \ + STMT_END + +/* Test that addr_str successfully parses, and the fmt_decorated canonical + * IPv6 string is expect_str. + * Check for successful parsing using: + * - tor_addr_parse(), + * - tor_addr_port_parse() with a default port, + * - tor_addr_lookup() with AF_INET6, + * - tor_addr_lookup() with AF_UNSPEC, + * - tor_addr_port_lookup(), with a zero port. + * Check for failures using: + * - tor_addr_port_parse() without a default port, because there is no port. + * - tor_lookup_hostname(), because it only supports IPv4, + * - tor_addr_lookup() with AF_INET. + */ +#define TEST_ADDR_V6_PARSE(addr_str, fmt_decorated, expect_str) \ + STMT_BEGIN \ + TEST_ADDR_PARSE_FMT(addr_str, AF_INET6, fmt_decorated, expect_str); \ + TEST_ADDR_PORT_PARSE_FMT(addr_str, 333, AF_INET6, fmt_decorated, \ + expect_str, 333); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_INET6, AF_INET6, fmt_decorated, \ + expect_str); \ + TEST_ADDR_LOOKUP_FMT(addr_str, AF_UNSPEC, AF_INET6, fmt_decorated, \ + expect_str); \ + TEST_ADDR_PORT_LOOKUP_FMT(addr_str, AF_INET6, fmt_decorated, expect_str, \ + 0); \ + TEST_ADDR_PORT_PARSE_XFAIL(addr_str, -1); \ + TEST_ADDR_V4_LOOKUP_XFAIL(addr_str); \ + TEST_ADDR_LOOKUP_XFAIL(addr_str, AF_INET); \ + STMT_END + +/* Test that addr_port_str successfully parses to the canonical IPv4 address + * string expect_str, and port expect_port. + * Check for successful parsing using: + * - tor_addr_port_parse() without a default port, + * - tor_addr_port_parse() with a default port, + * - tor_addr_port_lookup(). + * Check for failures using: + * - tor_addr_parse(), because there is a port, + * - tor_lookup_hostname(), because there is a port. + * - tor_addr_lookup(), regardless of the address family, because there is a + * port. + */ +#define TEST_ADDR_V4_PORT_PARSE(addr_port_str, expect_str, expect_port) \ + STMT_BEGIN \ + TEST_ADDR_PORT_PARSE_FMT(addr_port_str, -1, AF_INET, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PORT_PARSE_FMT(addr_port_str, 444, AF_INET, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PORT_LOOKUP_FMT(addr_port_str, AF_INET, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PARSE_XFAIL(addr_port_str); \ + TEST_ADDR_V4_LOOKUP_XFAIL(addr_port_str); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_INET); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_UNSPEC); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_INET6); \ + STMT_END + +/* Test that addr_port_str successfully parses to the canonical undecorated + * IPv6 address string expect_str, and port expect_port. + * Check for successful parsing using: + * - tor_addr_port_parse() without a default port, + * - tor_addr_port_parse() with a default port, + * - tor_addr_port_lookup(). + * Check for failures using: + * - tor_addr_parse(), because there is a port, + * - tor_lookup_hostname(), because there is a port, and because it only + * supports IPv4, + * - tor_addr_lookup(), regardless of the address family, because there is a + * port. + */ +#define TEST_ADDR_V6_PORT_PARSE(addr_port_str, expect_str, expect_port) \ + STMT_BEGIN \ + TEST_ADDR_PORT_PARSE_FMT(addr_port_str, -1, AF_INET6, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PORT_PARSE_FMT(addr_port_str, 555, AF_INET6, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PORT_LOOKUP_FMT(addr_port_str, AF_INET6, 0, expect_str, \ + expect_port); \ + TEST_ADDR_PARSE_XFAIL(addr_port_str); \ + TEST_ADDR_V4_LOOKUP_XFAIL(addr_port_str); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_INET6); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_UNSPEC); \ + TEST_ADDR_LOOKUP_XFAIL(addr_port_str, AF_INET); \ + STMT_END + +/* Test that bad_str fails to parse due to a bad address or port. + * Check for failures using: + * - tor_addr_parse(), + * - tor_addr_port_parse() without a default port, + * - tor_addr_port_parse() with a default port, + * - tor_lookup_hostname(), + * - tor_addr_lookup(), regardless of the address family, + * - tor_addr_port_lookup(). + */ +#define TEST_ADDR_PARSE_XFAIL_MALFORMED(bad_str) \ + STMT_BEGIN \ + TEST_ADDR_PARSE_XFAIL(bad_str); \ + TEST_ADDR_PORT_PARSE_XFAIL(bad_str, -1); \ + TEST_ADDR_PORT_PARSE_XFAIL(bad_str, 666); \ + TEST_ADDR_V4_LOOKUP_XFAIL(bad_str); \ + TEST_ADDR_LOOKUP_XFAIL(bad_str, AF_UNSPEC); \ + TEST_ADDR_LOOKUP_XFAIL(bad_str, AF_INET); \ + TEST_ADDR_LOOKUP_XFAIL(bad_str, AF_INET6); \ + TEST_ADDR_PORT_LOOKUP_XFAIL(bad_str); \ + STMT_END + +/* Test that host_str is treated as a hostname, and not an address. + * Check for success or failure using the network-dependent functions: + * - tor_lookup_hostname(), + * - tor_addr_lookup(), regardless of the address family, + * - tor_addr_port_lookup(), expecting a zero port. + * Check for failures using: + * - tor_addr_parse(), + * - tor_addr_port_parse() without a default port, + * - tor_addr_port_parse() with a default port. + */ +#define TEST_HOSTNAME(host_str) \ + STMT_BEGIN \ + TEST_HOST_V4_LOOKUP(host_str); \ + TEST_HOST_LOOKUP(host_str, AF_UNSPEC); \ + TEST_HOST_LOOKUP(host_str, AF_INET); \ + TEST_HOST_LOOKUP(host_str, AF_INET6); \ + TEST_HOST_PORT_LOOKUP(host_str, 0); \ + TEST_ADDR_PARSE_XFAIL(host_str); \ + TEST_ADDR_PORT_PARSE_XFAIL(host_str, -1); \ + TEST_ADDR_PORT_PARSE_XFAIL(host_str, 777); \ + STMT_END + +/* Test that host_port_str is treated as a hostname and port, and not a + * hostname or an address. + * Check for success or failure using the network-dependent function: + * - tor_addr_port_lookup(), expecting expect_success_port if the lookup is + * successful. + * Check for failures using: + * - tor_addr_parse(), + * - tor_addr_port_parse() without a default port, + * - tor_addr_port_parse() with a default port, + * - tor_lookup_hostname(), because it doesn't support ports, + * - tor_addr_lookup(), regardless of the address family, because it doesn't + * support ports. + */ +#define TEST_HOSTNAME_PORT(host_port_str, expect_success_port) \ + STMT_BEGIN \ + TEST_HOST_PORT_LOOKUP(host_port_str, expect_success_port); \ + TEST_ADDR_PARSE_XFAIL(host_port_str); \ + TEST_ADDR_PORT_PARSE_XFAIL(host_port_str, -1); \ + TEST_ADDR_PORT_PARSE_XFAIL(host_port_str, 888); \ + TEST_ADDR_V4_LOOKUP_XFAIL(host_port_str); \ + TEST_ADDR_LOOKUP_XFAIL(host_port_str, AF_UNSPEC); \ + TEST_ADDR_LOOKUP_XFAIL(host_port_str, AF_INET); \ + TEST_ADDR_LOOKUP_XFAIL(host_port_str, AF_INET6); \ + STMT_END + +static void +test_addr_parse_canonical(void *arg) +{ + int r; + tor_addr_t addr; + uint16_t port; + const char *sv; + uint32_t addr32h; + char buf[TOR_ADDR_BUF_LEN]; + + (void)arg; + + /* Correct calls. */ + TEST_ADDR_V4_PARSE_CANONICAL("192.0.2.1"); + TEST_ADDR_V4_PARSE_CANONICAL("192.0.2.2"); + + TEST_ADDR_V6_PARSE_CANONICAL("[11:22::33:44]", 1); + TEST_ADDR_V6_PARSE_CANONICAL("[::1]", 1); + TEST_ADDR_V6_PARSE_CANONICAL("[::]", 1); + TEST_ADDR_V6_PARSE_CANONICAL("[2::]", 1); + TEST_ADDR_V6_PARSE_CANONICAL("[11:22:33:44:55:66:77:88]", 1); + + /* Allow IPv6 without square brackets, when there is no port, but only if + * there is a default port */ + TEST_ADDR_V6_PARSE_CANONICAL("11:22::33:44", 0); + TEST_ADDR_V6_PARSE_CANONICAL("::1", 0); + TEST_ADDR_V6_PARSE_CANONICAL("::", 0); + TEST_ADDR_V6_PARSE_CANONICAL("2::", 0); + TEST_ADDR_V6_PARSE_CANONICAL("11:22:33:44:55:66:77:88", 0); + done: + ; +} + +/** Test tor_addr_parse() and tor_addr_port_parse(). */ static void test_addr_parse(void *arg) { + int r; tor_addr_t addr; + uint16_t port; + const char *sv; + uint32_t addr32h; char buf[TOR_ADDR_BUF_LEN]; - uint16_t port = 0; - /* Correct call. */ (void)arg; - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.1:1234", - &addr, &port, -1); - tt_int_op(r, OP_EQ, 0); - tor_addr_to_str(buf, &addr, sizeof(buf), 0); - tt_str_op(buf,OP_EQ, "192.0.2.1"); - tt_int_op(port,OP_EQ, 1234); - - r= tor_addr_port_parse(LOG_DEBUG, - "[::1]:1234", - &addr, &port, -1); - tt_int_op(r, OP_EQ, 0); - tor_addr_to_str(buf, &addr, sizeof(buf), 0); - tt_str_op(buf,OP_EQ, "::1"); - tt_int_op(port,OP_EQ, 1234); - - /* Domain name. */ - r= tor_addr_port_parse(LOG_DEBUG, - "torproject.org:1234", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); - /* Only IP. */ - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.2", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); + mock_hostname_resolver(); - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.2", - &addr, &port, 200); - tt_int_op(r, OP_EQ, 0); - tt_int_op(port,OP_EQ,200); + /* IPv6-mapped IPv4 addresses. Tor doesn't really use these. */ + TEST_ADDR_V6_PARSE("11:22:33:44:55:66:1.2.3.4", 0, + "11:22:33:44:55:66:102:304"); - r= tor_addr_port_parse(LOG_DEBUG, - "[::1]", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); + TEST_ADDR_V6_PARSE("11:22::33:44:1.2.3.4", 0, + "11:22::33:44:102:304"); - r= tor_addr_port_parse(LOG_DEBUG, - "[::1]", - &addr, &port, 400); - tt_int_op(r, OP_EQ, 0); - tt_int_op(port,OP_EQ,400); + /* Ports. */ + TEST_ADDR_V4_PORT_PARSE("192.0.2.1:1234", "192.0.2.1", 1234); + TEST_ADDR_V6_PORT_PARSE("[::1]:1234", "::1", 1234); - /* Bad port. */ - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.2:66666", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.2:66666", - &addr, &port, 200); - tt_int_op(r, OP_EQ, -1); + /* Host names. */ + TEST_HOSTNAME("localhost"); + TEST_HOSTNAME_PORT("localhost:1234", 1234); + TEST_HOSTNAME_PORT("localhost:0", 0); - /* Only domain name */ - r= tor_addr_port_parse(LOG_DEBUG, - "torproject.org", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); - r= tor_addr_port_parse(LOG_DEBUG, - "torproject.org", - &addr, &port, 200); - tt_int_op(r, OP_EQ, -1); + TEST_HOSTNAME("torproject.org"); + TEST_HOSTNAME_PORT("torproject.org:56", 56); - /* Bad IP address */ - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2:1234", - &addr, &port, -1); - tt_int_op(r, OP_EQ, -1); + TEST_HOSTNAME("probably-not-a-valid-dns.name-tld"); + TEST_HOSTNAME_PORT("probably-not-a-valid-dns.name-tld:789", 789); + + /* Malformed addresses. */ + /* Empty string. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED(""); + + /* Square brackets around IPv4 address. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("[192.0.2.1]"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("[192.0.2.3]:12345"); + + /* Only left square bracket. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("[11:22::33:44"); + + /* Only right square bracket. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("11:22::33:44]"); - /* Make sure that the default port has lower priority than the real - one */ - r= tor_addr_port_parse(LOG_DEBUG, - "192.0.2.2:1337", - &addr, &port, 200); - tt_int_op(r, OP_EQ, 0); - tt_int_op(port,OP_EQ,1337); + /* Leading colon. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED(":11:22::33:44"); - r= tor_addr_port_parse(LOG_DEBUG, - "[::1]:1369", - &addr, &port, 200); - tt_int_op(r, OP_EQ, 0); - tt_int_op(port,OP_EQ,1369); + /* Trailing colon. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("11:22::33:44:"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("[::1]:"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("localhost:"); + + /* Bad port. */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("192.0.2.2:66666"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("[::1]:77777"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("::1:88888"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("localhost:99999"); + + TEST_ADDR_PARSE_XFAIL_MALFORMED("192.0.2.2:-1"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("[::1]:-2"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("::1:-3"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("localhost:-4"); + + TEST_ADDR_PARSE_XFAIL_MALFORMED("192.0.2.2:1 bad"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("192.0.2.2:bad-port"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("[::1]:bad-port-1"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("::1:1-bad-port"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("localhost:1-bad-port"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("localhost:1-bad-port-1"); + + /* Bad hostname */ + TEST_ADDR_PARSE_XFAIL_MALFORMED("definitely invalid"); + TEST_ADDR_PARSE_XFAIL_MALFORMED("definitely invalid:22222"); + + /* Ambiguous cases */ + /* Too many hex words in IPv4-mapped IPv6 address. + * But some OS host lookup routines accept it as a hostname, or + * as an IP address?? (I assume they discard unused characters). */ + TEST_HOSTNAME("11:22:33:44:55:66:77:88:1.2.3.4"); + + /* IPv6 address with port and no brackets + * We reject it, but some OS host lookup routines accept it as an + * IPv6 address:port ? */ + TEST_HOSTNAME_PORT("11:22::33:44:12345", 12345); + /* Is it a port, or are there too many hex words? + * We reject it either way, but some OS host lookup routines accept it as an + * IPv6 address:port */ + TEST_HOSTNAME_PORT("11:22:33:44:55:66:77:88:99", 99); + /* But we accept it if it has square brackets. */ + TEST_ADDR_V6_PORT_PARSE("[11:22:33:44:55:66:77:88]:99", + "11:22:33:44:55:66:77:88",99); + + /* Bad IPv4 address + * We reject it, but some OS host lookup routines accept it as an + * IPv4 address[:port], with a zero last octet */ + TEST_HOSTNAME("192.0.1"); + TEST_HOSTNAME_PORT("192.0.2:1234", 1234); + + /* More bad IPv6 addresses and ports: no brackets + * We reject it, but some OS host lookup routines accept it as an + * IPv6 address[:port] */ + TEST_HOSTNAME_PORT("::1:12345", 12345); + TEST_HOSTNAME_PORT("11:22::33:44:12345", 12345); + + /* And this is an ambiguous case, which is interpreted as an IPv6 address. */ + TEST_ADDR_V6_PARSE_CANONICAL("11:22::88:99", 0); + /* Use square brackets to resolve the ambiguity */ + TEST_ADDR_V6_PARSE_CANONICAL("[11:22::88:99]", 1); + TEST_ADDR_V6_PORT_PARSE("[11:22::88]:99", + "11:22::88",99); done: - ; + unmock_hostname_resolver(); } static void @@ -891,27 +1347,6 @@ test_virtaddrmap(void *data) ; } -static const char *canned_data = NULL; -static size_t canned_data_len = 0; - -/* Mock replacement for crypto_rand() that returns canned data from - * canned_data above. */ -static void -crypto_canned(char *ptr, size_t n) -{ - if (canned_data_len) { - size_t to_copy = MIN(n, canned_data_len); - memcpy(ptr, canned_data, to_copy); - canned_data += to_copy; - canned_data_len -= to_copy; - n -= to_copy; - ptr += to_copy; - } - if (n) { - crypto_rand_unmocked(ptr, n); - } -} - static void test_virtaddrmap_persist(void *data) { @@ -919,6 +1354,8 @@ test_virtaddrmap_persist(void *data) const char *a, *b, *c; tor_addr_t addr; char *ones = NULL; + const char *canned_data; + size_t canned_data_len; addressmap_init(); @@ -937,7 +1374,7 @@ test_virtaddrmap_persist(void *data) "1234567890" // the second call returns this. "abcdefghij"; // the third call returns this. canned_data_len = 30; - MOCK(crypto_rand, crypto_canned); + testing_enable_prefilled_rng(canned_data, canned_data_len); a = addressmap_register_virtual_address(RESOLVED_TYPE_HOSTNAME, tor_strdup("quuxit.baz")); @@ -947,9 +1384,9 @@ test_virtaddrmap_persist(void *data) tt_assert(b); tt_str_op(a, OP_EQ, "gezdgnbvgy3tqojq.virtual"); tt_str_op(b, OP_EQ, "mfrggzdfmztwq2lk.virtual"); + testing_disable_prefilled_rng(); // Now try something to get us an ipv4 address - UNMOCK(crypto_rand); tt_int_op(0,OP_EQ, parse_virtual_addr_network("192.168.0.0/16", AF_INET, 0, NULL)); a = addressmap_register_virtual_address(RESOLVED_TYPE_IPV4, @@ -966,22 +1403,23 @@ test_virtaddrmap_persist(void *data) // Try some canned entropy and verify all the we discard duplicates, // addresses that end with 0, and addresses that end with 255. - MOCK(crypto_rand, crypto_canned); canned_data = "\x01\x02\x03\x04" // okay "\x01\x02\x03\x04" // duplicate "\x03\x04\x00\x00" // bad ending 1 "\x05\x05\x00\xff" // bad ending 2 "\x05\x06\x07\xf0"; // okay canned_data_len = 20; + testing_enable_prefilled_rng(canned_data, canned_data_len); + a = addressmap_register_virtual_address(RESOLVED_TYPE_IPV4, tor_strdup("wumble.onion")); b = addressmap_register_virtual_address(RESOLVED_TYPE_IPV4, tor_strdup("wumpus.onion")); tt_str_op(a, OP_EQ, "192.168.3.4"); tt_str_op(b, OP_EQ, "192.168.7.240"); + testing_disable_prefilled_rng(); // Now try IPv6! - UNMOCK(crypto_rand); tt_int_op(0,OP_EQ, parse_virtual_addr_network("1010:F000::/20", AF_INET6, 0, NULL)); a = addressmap_register_virtual_address(RESOLVED_TYPE_IPV6, @@ -997,7 +1435,7 @@ test_virtaddrmap_persist(void *data) tt_assert(!strcmpstart(b, "[1010:f")); // Try IPv6 with canned entropy, to make sure we detect duplicates. - MOCK(crypto_rand, crypto_canned); + canned_data = "acanthopterygian" // okay "cinematographist" // okay "acanthopterygian" // duplicate @@ -1006,6 +1444,8 @@ test_virtaddrmap_persist(void *data) "cinematographist" // duplicate "coadministration"; // okay canned_data_len = 16 * 7; + testing_enable_prefilled_rng(canned_data, canned_data_len); + a = addressmap_register_virtual_address(RESOLVED_TYPE_IPV6, tor_strdup("wuffle.baz")); b = addressmap_register_virtual_address(RESOLVED_TYPE_IPV6, @@ -1018,9 +1458,11 @@ test_virtaddrmap_persist(void *data) // Try address exhaustion: make sure we can actually fail if we // get too many already-existing addresses. + testing_disable_prefilled_rng(); canned_data_len = 128*1024; canned_data = ones = tor_malloc(canned_data_len); memset(ones, 1, canned_data_len); + testing_enable_prefilled_rng(canned_data, canned_data_len); // There is some chance this one will fail if a previous random // allocation gave out the address already. a = addressmap_register_virtual_address(RESOLVED_TYPE_IPV4, @@ -1037,7 +1479,7 @@ test_virtaddrmap_persist(void *data) expect_single_log_msg_containing("Ran out of virtual addresses!"); done: - UNMOCK(crypto_rand); + testing_disable_prefilled_rng(); tor_free(ones); addressmap_free_all(); teardown_capture_of_logs(); @@ -1206,13 +1648,169 @@ test_addr_rfc6598(void *arg) ; } +#define TEST_ADDR_ATON(a, rv) STMT_BEGIN \ + struct in_addr addr; \ + tt_int_op(tor_inet_aton(a, &addr), OP_EQ, rv); \ + STMT_END; + +static void +test_addr_octal(void *arg) +{ + (void)arg; + + /* Test non-octal IP addresses. */ + TEST_ADDR_ATON("0.1.2.3", 1); + TEST_ADDR_ATON("1.0.2.3", 1); + TEST_ADDR_ATON("1.2.3.0", 1); + + /* Test octal IP addresses. */ + TEST_ADDR_ATON("01.1.2.3", 0); + TEST_ADDR_ATON("1.02.3.4", 0); + TEST_ADDR_ATON("1.2.3.04", 0); + done: + ; +} + +#define get_ipv4(test_addr, str, iprv) STMT_BEGIN \ + test_addr = tor_malloc(sizeof(tor_addr_t)); \ + test_addr->family = AF_INET; \ + iprv = tor_inet_aton(str, &test_addr->addr.in_addr); \ + tor_assert(iprv); \ + STMT_END; + +#define get_ipv6(test_addr, str, iprv) STMT_BEGIN \ + test_addr = tor_malloc(sizeof(tor_addr_t)); \ + test_addr->family = AF_INET6; \ + iprv = tor_inet_pton(AF_INET6, str, &test_addr->addr.in6_addr); \ + tor_assert(iprv); \ + STMT_END; + +#define get_af_unix(test_addr) STMT_BEGIN \ + test_addr = tor_malloc_zero(sizeof(tor_addr_t)); \ + test_addr->family = AF_UNIX; \ + STMT_END; + +#define get_af_unspec(test_addr) STMT_BEGIN \ + test_addr = tor_malloc_zero(sizeof(tor_addr_t)); \ + test_addr->family = AF_UNSPEC; \ + STMT_END; + +#define TEST_ADDR_VALIDITY(a, lis, rv) STMT_BEGIN \ + tor_assert(a); \ + tt_int_op(tor_addr_is_valid(a, lis), OP_EQ, rv); \ + STMT_END; + +/* Here we can change the addresses we are testing for. */ +#define IP4_TEST_ADDR "123.98.45.1" +#define IP6_TEST_ADDR "2001:0DB8:AC10:FE01::" + +static void +test_addr_is_valid(void *arg) +{ + (void)arg; + tor_addr_t *test_addr; + int iprv; + + /* Tests for IPv4 addresses. */ + + /* Test for null IPv4 address. */ + get_ipv4(test_addr, "0.0.0.0", iprv); + TEST_ADDR_VALIDITY(test_addr, 0, 0); + TEST_ADDR_VALIDITY(test_addr, 1, 1); + tor_free(test_addr); + + /* Test for non-null IPv4 address. */ + get_ipv4(test_addr, IP4_TEST_ADDR, iprv); + TEST_ADDR_VALIDITY(test_addr, 0, 1); + TEST_ADDR_VALIDITY(test_addr, 1, 1); + tor_free(test_addr); + + /* Tests for IPv6 addresses. */ + + /* Test for null IPv6 address. */ + get_ipv6(test_addr, "::", iprv); + TEST_ADDR_VALIDITY(test_addr, 0, 0); + TEST_ADDR_VALIDITY(test_addr, 1, 1); + tor_free(test_addr); + + /* Test for non-null IPv6 address. */ + get_ipv6(test_addr, IP6_TEST_ADDR, iprv); + TEST_ADDR_VALIDITY(test_addr, 0, 1); + TEST_ADDR_VALIDITY(test_addr, 1, 1); + tor_free(test_addr); + + /* Test for address of type AF_UNIX. */ + + get_af_unix(test_addr); + TEST_ADDR_VALIDITY(test_addr, 0, 0); + TEST_ADDR_VALIDITY(test_addr, 1, 0); + tor_free(test_addr); + + /* Test for address of type AF_UNSPEC. */ + + get_af_unspec(test_addr); + TEST_ADDR_VALIDITY(test_addr, 0, 0); + TEST_ADDR_VALIDITY(test_addr, 1, 0); + + done: + tor_free(test_addr); +} + +#define TEST_ADDR_IS_NULL(a, rv) STMT_BEGIN \ + tor_assert(a); \ + tt_int_op(tor_addr_is_null(a), OP_EQ, rv); \ + STMT_END; + +static void +test_addr_is_null(void *arg) +{ + (void)arg; + tor_addr_t *test_addr; + int iprv; + + /* Test for null IPv4. */ + get_ipv4(test_addr, "0.0.0.0", iprv); + TEST_ADDR_IS_NULL(test_addr, 1); + tor_free(test_addr); + + /* Test for non-null IPv4. */ + get_ipv4(test_addr, IP4_TEST_ADDR, iprv); + TEST_ADDR_IS_NULL(test_addr, 0); + tor_free(test_addr); + + /* Test for null IPv6. */ + get_ipv6(test_addr, "::", iprv); + TEST_ADDR_IS_NULL(test_addr, 1); + tor_free(test_addr); + + /* Test for non-null IPv6. */ + get_ipv6(test_addr, IP6_TEST_ADDR, iprv); + TEST_ADDR_IS_NULL(test_addr, 0); + tor_free(test_addr); + + /* Test for address family AF_UNIX. */ + get_af_unix(test_addr); + TEST_ADDR_IS_NULL(test_addr, 1); + tor_free(test_addr); + + /* Test for address family AF_UNSPEC. */ + get_af_unspec(test_addr); + TEST_ADDR_IS_NULL(test_addr, 1); + + done: + tor_free(test_addr); +} + +#ifndef COCCI #define ADDR_LEGACY(name) \ { #name, test_addr_ ## name , 0, NULL, NULL } +#endif struct testcase_t addr_tests[] = { ADDR_LEGACY(basic), ADDR_LEGACY(ip6_helpers), ADDR_LEGACY(parse), + ADDR_LEGACY(parse_canonical), { "virtaddr", test_virtaddrmap, 0, NULL, NULL }, { "virtaddr_persist", test_virtaddrmap_persist, TT_FORK, NULL, NULL }, { "localname", test_addr_localname, 0, NULL, NULL }, @@ -1221,5 +1819,8 @@ struct testcase_t addr_tests[] = { { "is_loopback", test_addr_is_loopback, 0, NULL, NULL }, { "make_null", test_addr_make_null, 0, NULL, NULL }, { "rfc6598", test_addr_rfc6598, 0, NULL, NULL }, + { "octal", test_addr_octal, 0, NULL, NULL }, + { "address_validity", test_addr_is_valid, 0, NULL, NULL }, + { "address_is_null", test_addr_is_null, 0, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_address.c b/src/test/test_address.c index c33c30aee5..4cedbda347 100644 --- a/src/test/test_address.c +++ b/src/test/test_address.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define ADDRESS_PRIVATE @@ -24,6 +24,10 @@ #endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */ #include "core/or/or.h" +#include "app/config/config.h" +#include "feature/dirauth/process_descs.h" +#include "feature/nodelist/routerinfo_st.h" +#include "feature/nodelist/node_st.h" #include "feature/nodelist/nodelist.h" #include "lib/net/address.h" #include "test/test.h" @@ -456,7 +460,7 @@ test_address_ifreq_to_smartlist(void *arg) ifc->ifc_len = sizeof(struct ifreq); ifc->ifc_ifcu.ifcu_req = ifr; - results = ifreq_to_smartlist(ifc->ifc_buf,ifc->ifc_len); + results = ifreq_to_smartlist((const uint8_t *)ifc->ifc_buf,ifc->ifc_len); tt_int_op(smartlist_len(results),OP_EQ,1); tor_addr = smartlist_get(results, 0); @@ -479,7 +483,7 @@ test_address_ifreq_to_smartlist(void *arg) SMARTLIST_FOREACH(results, tor_addr_t *, t, tor_free(t)); smartlist_free(results); - results = ifreq_to_smartlist(ifc->ifc_buf,ifc->ifc_len); + results = ifreq_to_smartlist((const uint8_t *)ifc->ifc_buf,ifc->ifc_len); tt_int_op(smartlist_len(results),OP_EQ,2); tor_addr = smartlist_get(results, 0); @@ -1170,8 +1174,167 @@ test_address_tor_addr_in_same_network_family(void *ignored) return; } +static node_t * +helper_create_mock_node(char id_char) +{ + node_t *node = tor_malloc_zero(sizeof(node_t)); + routerinfo_t *ri = tor_malloc_zero(sizeof(routerinfo_t)); + tor_addr_make_null(&ri->ipv6_addr, AF_INET6); + node->ri = ri; + memset(node->identity, id_char, sizeof(node->identity)); + return node; +} + +static void +helper_free_mock_node(node_t *node) +{ + if (!node) + return; + tor_free(node->ri); + tor_free(node); +} + +#define NODE_SET_IPV4(node, ipv4_addr, ipv4_port) { \ + tor_addr_t addr; \ + tor_addr_parse(&addr, ipv4_addr); \ + node->ri->addr = tor_addr_to_ipv4h(&addr); \ + node->ri->or_port = ipv4_port; \ + } + +#define NODE_CLEAR_IPV4(node) { \ + node->ri->addr = 0; \ + node->ri->or_port = 0; \ + } + +#define NODE_SET_IPV6(node, ipv6_addr_str, ipv6_port) { \ + tor_addr_parse(&node->ri->ipv6_addr, ipv6_addr_str); \ + node->ri->ipv6_orport = ipv6_port; \ + } + +static void +test_address_tor_node_in_same_network_family(void *ignored) +{ + (void)ignored; + node_t *node_a = helper_create_mock_node('a'); + node_t *node_b = helper_create_mock_node('b'); + + NODE_SET_IPV4(node_a, "8.8.8.8", 1); + NODE_SET_IPV4(node_b, "8.8.4.4", 1); + + tt_int_op(nodes_in_same_family(node_a, node_b), OP_EQ, 1); + + NODE_SET_IPV4(node_a, "8.8.8.8", 1); + NODE_SET_IPV4(node_b, "1.1.1.1", 1); + + tt_int_op(nodes_in_same_family(node_a, node_b), OP_EQ, 0); + + NODE_CLEAR_IPV4(node_a); + NODE_SET_IPV6(node_a, "2001:470:20::2", 1); + + tt_int_op(nodes_in_same_family(node_a, node_b), OP_EQ, 0); + + NODE_CLEAR_IPV4(node_b); + NODE_SET_IPV6(node_b, "2606:4700:4700::1111", 1); + + tt_int_op(nodes_in_same_family(node_a, node_b), OP_EQ, 0); + + NODE_SET_IPV6(node_a, "2606:4700:4700::1001", 1); + tt_int_op(nodes_in_same_family(node_a, node_b), OP_EQ, 1); + + done: + helper_free_mock_node(node_a); + helper_free_mock_node(node_b); +} + +static or_options_t mock_options; + +static const or_options_t * +mock_get_options(void) +{ + return &mock_options; +} + +/* Test dirserv_router_has_valid_address() on a stub routerinfo, with only its + * address fields set. Use IPv4 ipv4_addr_str and IPv6 ipv6_addr_str. + * Fail if it does not return rv. */ +#define TEST_ROUTER_VALID_ADDRESS_HELPER(ipv4_addr_str, ipv6_addr_str, rv) \ + STMT_BEGIN \ + ri = tor_malloc_zero(sizeof(routerinfo_t)); \ + tor_addr_t addr; \ + tor_addr_parse(&addr, (ipv4_addr_str)); \ + ri->addr = tor_addr_to_ipv4h(&addr); \ + tor_addr_parse(&ri->ipv6_addr, (ipv6_addr_str)); \ + tt_int_op(dirserv_router_has_valid_address(ri), OP_EQ, (rv)); \ + tor_free(ri); \ + STMT_END + +/* Like TEST_ROUTER_VALID_ADDRESS_HELPER(), but always passes a null + * IPv6 address. */ +#define CHECK_RI_ADDR(ipv4_addr_str, rv) \ + TEST_ROUTER_VALID_ADDRESS_HELPER(ipv4_addr_str, "::", rv) + +/* Like TEST_ROUTER_VALID_ADDRESS_HELPER(), but always passes a non-internal + * IPv4 address, so that the IPv6 check is reached. */ +#define CHECK_RI_ADDR6(ipv6_addr_str, rv) \ + TEST_ROUTER_VALID_ADDRESS_HELPER("1.0.0.1", ipv6_addr_str, rv) + +static void +test_address_dirserv_router_addr_private(void *opt_dir_allow_private) +{ + /* A stub routerinfo structure, with only its address fields set. */ + routerinfo_t *ri = NULL; + /* The expected return value for private addresses. + * Modified if DirAllowPrivateAddresses is 1. */ + int private_rv = -1; + + memset(&mock_options, 0, sizeof(or_options_t)); + MOCK(get_options, mock_get_options); + + if (opt_dir_allow_private) { + mock_options.DirAllowPrivateAddresses = 1; + private_rv = 0; + } + + CHECK_RI_ADDR("1.0.0.1", 0); + CHECK_RI_ADDR("10.0.0.1", private_rv); + + CHECK_RI_ADDR6("2600::1", 0); + CHECK_RI_ADDR6("fe80::1", private_rv); + + /* Null addresses */ + /* IPv4 null fails, regardless of IPv6 */ + CHECK_RI_ADDR("0.0.0.0", private_rv); + TEST_ROUTER_VALID_ADDRESS_HELPER("0.0.0.0", "::", private_rv); + + /* IPv6 null succeeds, because IPv4 is not null */ + CHECK_RI_ADDR6("::", 0); + + /* Byte-zeroed null addresses */ + /* IPv4 null fails, regardless of IPv6 */ + { + ri = tor_malloc_zero(sizeof(routerinfo_t)); + tt_int_op(dirserv_router_has_valid_address(ri), OP_EQ, private_rv); + tor_free(ri); + } + + /* IPv6 null succeeds, because IPv4 is not internal */ + { + ri = tor_malloc_zero(sizeof(routerinfo_t)); + ri->addr = 16777217; /* 1.0.0.1 */ + tt_int_op(dirserv_router_has_valid_address(ri), OP_EQ, 0); + tor_free(ri); + } + + done: + tor_free(ri); + UNMOCK(get_options); +} + #define ADDRESS_TEST(name, flags) \ { #name, test_address_ ## name, flags, NULL, NULL } +#define ADDRESS_TEST_STR_ARG(name, flags, str_arg) \ + { #name "/" str_arg, test_address_ ## name, flags, &passthrough_setup, \ + (void *)(str_arg) } struct testcase_t address_tests[] = { ADDRESS_TEST(udp_socket_trick_whitebox, TT_FORK), @@ -1202,5 +1365,8 @@ struct testcase_t address_tests[] = { ADDRESS_TEST(tor_addr_to_mapped_ipv4h, 0), ADDRESS_TEST(tor_addr_eq_ipv4h, 0), ADDRESS_TEST(tor_addr_in_same_network_family, 0), + ADDRESS_TEST(tor_node_in_same_network_family, 0), + ADDRESS_TEST(dirserv_router_addr_private, 0), + ADDRESS_TEST_STR_ARG(dirserv_router_addr_private, 0, "allow_private"), END_OF_TESTCASES }; diff --git a/src/test/test_address_set.c b/src/test/test_address_set.c index 4e55d71ff4..c2fe718935 100644 --- a/src/test/test_address_set.c +++ b/src/test/test_address_set.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" @@ -105,6 +105,8 @@ test_nodelist(void *arg) mock_networkstatus_get_latest_consensus_by_flavor); MOCK(get_estimated_address_per_node, mock_get_estimated_address_per_node); + MOCK(dirlist_add_trusted_dir_addresses, + mock_dirlist_add_trusted_dir_addresses); dummy_ns = tor_malloc_zero(sizeof(*dummy_ns)); dummy_ns->flavor = FLAV_MICRODESC; @@ -120,7 +122,10 @@ test_nodelist(void *arg) * (the_nodelist->node_addrs) so we will fail the contain test rarely. */ addr_per_node = 1024; - /* No node no nothing. The lookups should be empty. */ + /* No node no nothing. The lookups should be empty. We've mocked the + * dirlist_add_trusted_dir_addresses in order for _no_ authorities to be + * added to the filter else it makes this test to trigger many false + * positive. */ nodelist_set_consensus(dummy_ns); /* The address set should be empty. */ @@ -174,6 +179,7 @@ test_nodelist(void *arg) UNMOCK(networkstatus_get_latest_consensus); UNMOCK(networkstatus_get_latest_consensus_by_flavor); UNMOCK(get_estimated_address_per_node); + UNMOCK(dirlist_add_trusted_dir_addresses); } /** Test that the no-reentry exit filter works as intended */ diff --git a/src/test/test_bridges.c b/src/test/test_bridges.c index 879ae6636b..f1624a529d 100644 --- a/src/test/test_bridges.c +++ b/src/test/test_bridges.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -550,8 +550,6 @@ test_bridges_get_transport_by_bridge_addrport_no_ptlist(void *arg) sweep_bridge_list(); } -#define PT_PRIVATE - /** * Calling get_transport_by_bridge_addrport() with the address and port of a * configured bridge which uses a pluggable transport should return 0 and set diff --git a/src/test/test_bt.sh b/src/test/test_bt.sh index df8bcb8eda..312905a4e2 100755 --- a/src/test/test_bt.sh +++ b/src/test/test_bt.sh @@ -3,8 +3,6 @@ exitcode=0 -ulimit -c 0 - export ASAN_OPTIONS="handle_segv=0:allow_user_segv_handler=1" "${builddir:-.}/src/test/test-bt-cl" backtraces || exit $? "${builddir:-.}/src/test/test-bt-cl" assert 2>&1 | "${PYTHON:-python}" "${abs_top_srcdir:-.}/src/test/bt_test.py" || exitcode="$?" diff --git a/src/test/test_bt_cl.c b/src/test/test_bt_cl.c index 0c15a02ee4..5f9a88705c 100644 --- a/src/test/test_bt_cl.c +++ b/src/test/test_bt_cl.c @@ -1,9 +1,12 @@ -/* Copyright (c) 2012-2019, The Tor Project, Inc. */ +/* Copyright (c) 2012-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #include <stdio.h> #include <stdlib.h> +#ifdef HAVE_SYS_RESOURCE_H +#include <sys/resource.h> +#endif /* To prevent 'assert' from going away. */ #undef TOR_COVERAGE @@ -30,7 +33,7 @@ int a_tangled_web(int x) NOINLINE; int we_weave(int x) NOINLINE; #ifdef HAVE_CFLAG_WNULL_DEREFERENCE -DISABLE_GCC_WARNING(null-dereference) +DISABLE_GCC_WARNING("-Wnull-dereference") #endif int crash(int x) @@ -43,7 +46,7 @@ crash(int x) *(volatile int *)0 = 0; #endif /* defined(__clang_analyzer__) || defined(__COVERITY__) */ } else if (crashtype == 1) { - tor_assert(1 == 0); + tor_assertf(1 == 0, "%d != %d", 1, 0); } else if (crashtype == -1) { ; } @@ -52,7 +55,7 @@ crash(int x) return crashtype; } #ifdef HAVE_CFLAG_WNULL_DEREFERENCE -ENABLE_GCC_WARNING(null-dereference) +ENABLE_GCC_WARNING("-Wnull-dereference") #endif int @@ -88,6 +91,11 @@ main(int argc, char **argv) return 1; } +#ifdef HAVE_SYS_RESOURCE_H + struct rlimit rlim = { .rlim_cur = 0, .rlim_max = 0 }; + setrlimit(RLIMIT_CORE, &rlim); +#endif + #if !(defined(HAVE_EXECINFO_H) && defined(HAVE_BACKTRACE) && \ defined(HAVE_BACKTRACE_SYMBOLS_FD) && defined(HAVE_SIGACTION)) puts("Backtrace reporting is not supported on this platform"); diff --git a/src/test/test_btrack.c b/src/test/test_btrack.c new file mode 100644 index 0000000000..2b2f34fc23 --- /dev/null +++ b/src/test/test_btrack.c @@ -0,0 +1,129 @@ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "core/or/or.h" + +#include "test/test.h" +#include "test/test_helpers.h" +#include "test/log_test_helpers.h" + +#define OCIRC_EVENT_PRIVATE +#define ORCONN_EVENT_PRIVATE +#include "core/or/ocirc_event.h" +#include "core/or/orconn_event.h" + +static void +send_state(const orconn_state_msg_t *msg_in) +{ + orconn_state_msg_t *msg = tor_malloc(sizeof(*msg)); + + *msg = *msg_in; + orconn_state_publish(msg); +} + +static void +send_status(const orconn_status_msg_t *msg_in) +{ + orconn_status_msg_t *msg = tor_malloc(sizeof(*msg)); + + *msg = *msg_in; + orconn_status_publish(msg); +} + +static void +send_chan(const ocirc_chan_msg_t *msg_in) +{ + ocirc_chan_msg_t *msg = tor_malloc(sizeof(*msg)); + + *msg = *msg_in; + ocirc_chan_publish(msg); +} + +static void +test_btrack_launch(void *arg) +{ + orconn_state_msg_t conn; + ocirc_chan_msg_t circ; + memset(&conn, 0, sizeof(conn)); + memset(&circ, 0, sizeof(circ)); + + (void)arg; + conn.gid = 1; + conn.chan = 1; + conn.proxy_type = PROXY_NONE; + conn.state = OR_CONN_STATE_CONNECTING; + + setup_full_capture_of_logs(LOG_DEBUG); + send_state(&conn); + expect_log_msg_containing("ORCONN gid=1 chan=1 proxy_type=0 state=1"); + expect_no_log_msg_containing("ORCONN BEST_"); + teardown_capture_of_logs(); + + circ.chan = 1; + circ.onehop = true; + + setup_full_capture_of_logs(LOG_DEBUG); + send_chan(&circ); + expect_log_msg_containing("ORCONN LAUNCH chan=1 onehop=1"); + expect_log_msg_containing("ORCONN BEST_ANY state -1->1 gid=1"); + teardown_capture_of_logs(); + + conn.gid = 2; + conn.chan = 2; + + setup_full_capture_of_logs(LOG_DEBUG); + send_state(&conn); + expect_log_msg_containing("ORCONN gid=2 chan=2 proxy_type=0 state=1"); + expect_no_log_msg_containing("ORCONN BEST_"); + teardown_capture_of_logs(); + + circ.chan = 2; + circ.onehop = false; + + setup_full_capture_of_logs(LOG_DEBUG); + send_chan(&circ); + expect_log_msg_containing("ORCONN LAUNCH chan=2 onehop=0"); + expect_log_msg_containing("ORCONN BEST_AP state -1->1 gid=2"); + teardown_capture_of_logs(); + + done: + ; +} + +static void +test_btrack_delete(void *arg) +{ + orconn_state_msg_t state; + orconn_status_msg_t status; + memset(&state, 0, sizeof(state)); + memset(&status, 0, sizeof(status)); + + (void)arg; + state.gid = 1; + state.chan = 1; + state.proxy_type = PROXY_NONE; + state.state = OR_CONN_STATE_CONNECTING; + + setup_full_capture_of_logs(LOG_DEBUG); + send_state(&state); + expect_log_msg_containing("ORCONN gid=1 chan=1 proxy_type=0"); + teardown_capture_of_logs(); + + status.gid = 1; + status.status = OR_CONN_EVENT_CLOSED; + status.reason = 0; + + setup_full_capture_of_logs(LOG_DEBUG); + send_status(&status); + expect_log_msg_containing("ORCONN DELETE gid=1 status=3 reason=0"); + teardown_capture_of_logs(); + + done: + ; +} + +struct testcase_t btrack_tests[] = { + { "launch", test_btrack_launch, TT_FORK, &helper_pubsub_setup, NULL }, + { "delete", test_btrack_delete, TT_FORK, &helper_pubsub_setup, NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_buffers.c b/src/test/test_buffers.c index 3e7364a5c8..fbaa628fd7 100644 --- a/src/test/test_buffers.c +++ b/src/test/test_buffers.c @@ -1,12 +1,12 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define BUFFERS_PRIVATE #define PROTO_HTTP_PRIVATE #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "lib/tls/buffers_tls.h" #include "lib/tls/tortls.h" #include "lib/compress/compress.h" diff --git a/src/test/test_bwmgt.c b/src/test/test_bwmgt.c index 5a013aa268..117783cafc 100644 --- a/src/test/test_bwmgt.c +++ b/src/test/test_bwmgt.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,18 +6,70 @@ * \brief tests for bandwidth management / token bucket functions */ +#define CONFIG_PRIVATE +#define CONNECTION_PRIVATE +#define DIRAUTH_SYS_PRIVATE #define TOKEN_BUCKET_PRIVATE #include "core/or/or.h" -#include "test/test.h" +#include "app/config/config.h" +#include "core/mainloop/connection.h" +#include "feature/dirauth/dirauth_sys.h" +#include "feature/dircommon/directory.h" +#include "feature/nodelist/microdesc.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/nodelist.h" +#include "feature/nodelist/routerlist.h" +#include "lib/crypt_ops/crypto_rand.h" #include "lib/evloop/token_bucket.h" +#include "test/test.h" +#include "test/test_helpers.h" + +#include "app/config/or_options_st.h" +#include "core/or/connection_st.h" +#include "feature/dirauth/dirauth_options_st.h" +#include "feature/nodelist/microdesc_st.h" +#include "feature/nodelist/networkstatus_st.h" +#include "feature/nodelist/routerinfo_st.h" +#include "feature/nodelist/routerstatus_st.h" // an imaginary time, in timestamp units. Chosen so it will roll over. static const uint32_t START_TS = UINT32_MAX-10; static const int32_t KB = 1024; static const uint32_t GB = (UINT64_C(1) << 30); +static or_options_t mock_options; + +static const or_options_t * +mock_get_options(void) +{ + return &mock_options; +} + +static networkstatus_t *dummy_ns = NULL; +static networkstatus_t * +mock_networkstatus_get_latest_consensus(void) +{ + return dummy_ns; +} + +static networkstatus_t * +mock_networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f) +{ + tor_assert(f == FLAV_MICRODESC); + return dummy_ns; +} + +/* Number of address a single node_t can have. Default to the production + * value. This is to control the size of the bloom filter. */ +static int addr_per_node = 2; +static int +mock_get_estimated_address_per_node(void) +{ + return addr_per_node; +} + static void test_bwmgt_token_buf_init(void *arg) { @@ -220,8 +272,167 @@ test_bwmgt_token_buf_helpers(void *arg) ; } +static void +test_bwmgt_dir_conn_global_write_low(void *arg) +{ + bool ret; + int addr_family; + connection_t *conn = NULL; + routerstatus_t *rs = NULL; microdesc_t *md = NULL; routerinfo_t *ri = NULL; + tor_addr_t relay_addr; + dirauth_options_t *dirauth_opts = NULL; + + (void) arg; + + memset(&mock_options, 0, sizeof(or_options_t)); + MOCK(networkstatus_get_latest_consensus, + mock_networkstatus_get_latest_consensus); + MOCK(networkstatus_get_latest_consensus_by_flavor, + mock_networkstatus_get_latest_consensus_by_flavor); + MOCK(get_estimated_address_per_node, + mock_get_estimated_address_per_node); + + /* + * The following is rather complex but that is what it takes to add a dummy + * consensus with a valid routerlist which will populate our node address + * set that we need to lookup to test the known relay code path. + * + * We MUST do that before we MOCK(get_options) else it is another world of + * complexity. + */ + + /* This will be the address of our relay. */ + tor_addr_parse(&relay_addr, "1.2.3.4"); + + /* We'll now add a relay into our routerlist and see if we let it. */ + dummy_ns = tor_malloc_zero(sizeof(*dummy_ns)); + dummy_ns->flavor = FLAV_MICRODESC; + dummy_ns->routerstatus_list = smartlist_new(); + + md = tor_malloc_zero(sizeof(*md)); + ri = tor_malloc_zero(sizeof(*ri)); + rs = tor_malloc_zero(sizeof(*rs)); + crypto_rand(rs->identity_digest, sizeof(rs->identity_digest)); + crypto_rand(md->digest, sizeof(md->digest)); + memcpy(rs->descriptor_digest, md->digest, DIGEST256_LEN); + + /* Set IP address. */ + rs->addr = tor_addr_to_ipv4h(&relay_addr); + ri->addr = rs->addr; + /* Add the rs to the consensus becoming a node_t. */ + smartlist_add(dummy_ns->routerstatus_list, rs); + + /* Add all configured authorities (hardcoded) before we set the consensus so + * the address set exists. */ + ret = consider_adding_dir_servers(&mock_options, &mock_options); + tt_int_op(ret, OP_EQ, 0); + + /* This will make the nodelist bloom filter very large + * (the_nodelist->node_addrs) so we will fail the contain test rarely. */ + addr_per_node = 1024; + + nodelist_set_consensus(dummy_ns); + + dirauth_opts = tor_malloc_zero(sizeof(dirauth_options_t)); + dirauth_opts->AuthDirRejectRequestsUnderLoad = 0; + dirauth_set_options(dirauth_opts); + + /* Ok, now time to control which options we use. */ + MOCK(get_options, mock_get_options); + + /* Set ourselves as an authoritative dir. */ + mock_options.AuthoritativeDir = 1; + mock_options.V3AuthoritativeDir = 1; + mock_options.UseDefaultFallbackDirs = 0; + + /* This will set our global bucket to 1 byte and thus we will hit the + * banwdith limit in our test. */ + mock_options.BandwidthRate = 1; + mock_options.BandwidthBurst = 1; + + /* Else an IPv4 address screams. */ + mock_options.ClientUseIPv4 = 1; + mock_options.ClientUseIPv6 = 1; + + /* Initialize the global buckets. */ + connection_bucket_init(); + + /* The address "127.0.0.1" is set with this helper. */ + conn = test_conn_get_connection(DIR_CONN_STATE_MIN_, CONN_TYPE_DIR, + DIR_PURPOSE_MIN_); + tt_assert(conn); + + /* First try a non authority non relay IP thus a client but we are not + * configured to reject requests under load so we should get a false value + * that our limit is _not_ low. */ + addr_family = tor_addr_parse(&conn->addr, "1.1.1.1"); + tt_int_op(addr_family, OP_EQ, AF_INET); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 0); + + /* Now, we will reject requests under load so try again a non authority non + * relay IP thus a client. We should get a warning that our limit is too + * low. */ + dirauth_opts->AuthDirRejectRequestsUnderLoad = 1; + + addr_family = tor_addr_parse(&conn->addr, "1.1.1.1"); + tt_int_op(addr_family, OP_EQ, AF_INET); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 1); + + /* Now, lets try with a connection address from moria1. It should always + * pass even though our limit is too low. */ + addr_family = tor_addr_parse(&conn->addr, "128.31.0.39"); + tt_int_op(addr_family, OP_EQ, AF_INET); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 0); + + /* IPv6 testing of gabelmoo. */ + addr_family = tor_addr_parse(&conn->addr, "[2001:638:a000:4140::ffff:189]"); + tt_int_op(addr_family, OP_EQ, AF_INET6); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 0); + + /* Lets retry with a known relay address. It should pass. Possible due to + * our consensus setting above. */ + memcpy(&conn->addr, &relay_addr, sizeof(tor_addr_t)); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 0); + + /* Lets retry with a random IP that is not an authority nor a relay. */ + addr_family = tor_addr_parse(&conn->addr, "1.2.3.4"); + tt_int_op(addr_family, OP_EQ, AF_INET); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 0); + + /* Finally, just make sure it still denies an IP if we are _not_ a v3 + * directory authority. */ + mock_options.V3AuthoritativeDir = 0; + addr_family = tor_addr_parse(&conn->addr, "1.2.3.4"); + tt_int_op(addr_family, OP_EQ, AF_INET); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 1); + + /* Random IPv6 should not be allowed. */ + addr_family = tor_addr_parse(&conn->addr, "[CAFE::ACAB]"); + tt_int_op(addr_family, OP_EQ, AF_INET6); + ret = connection_dir_is_global_write_low(conn, INT_MAX); + tt_int_op(ret, OP_EQ, 1); + + done: + connection_free_minimal(conn); + routerstatus_free(rs); routerinfo_free(ri); microdesc_free(md); + smartlist_clear(dummy_ns->routerstatus_list); + networkstatus_vote_free(dummy_ns); + + UNMOCK(get_estimated_address_per_node); + UNMOCK(networkstatus_get_latest_consensus); + UNMOCK(networkstatus_get_latest_consensus_by_flavor); + UNMOCK(get_options); +} + #define BWMGT(name) \ - { #name, test_bwmgt_ ## name , 0, NULL, NULL } + { #name, test_bwmgt_ ## name , TT_FORK, NULL, NULL } struct testcase_t bwmgt_tests[] = { BWMGT(token_buf_init), @@ -229,5 +440,7 @@ struct testcase_t bwmgt_tests[] = { BWMGT(token_buf_dec), BWMGT(token_buf_refill), BWMGT(token_buf_helpers), + + BWMGT(dir_conn_global_write_low), END_OF_TESTCASES }; diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c index fc5367557d..f9ff101c98 100644 --- a/src/test/test_cell_formats.c +++ b/src/test/test_cell_formats.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -713,16 +713,20 @@ test_cfmt_extend_cells(void *arg) tt_mem_op(cc->onionskin,OP_EQ, b, 99+20); tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); tt_int_op(p2_cmd, OP_EQ, RELAY_COMMAND_EXTEND2); - /* We'll generate it minus the IPv6 address and minus the konami code */ - tt_int_op(p2_len, OP_EQ, 89+99-34-20); + /* We'll generate it minus the konami code */ + tt_int_op(p2_len, OP_EQ, 89+99-34); test_memeq_hex(p2, - /* Two items: one that same darn IP address. */ - "02000612F40001F0F1" - /* The next is a digest : anthropomorphization */ - "0214616e7468726f706f6d6f727068697a6174696f6e" + /* Three items */ + "03" + /* IPv4 address */ + "0006" "12F40001" "F0F1" + /* The next is an RSA digest: anthropomorphization */ + "0214" "616e7468726f706f6d6f727068697a6174696f6e" + /*IPv6 address */ + "0112" "20020000000000000000000000f0c51e" "1112" /* Now the handshake prologue */ "01050063"); - tt_mem_op(p2+1+8+22+4,OP_EQ, b, 99+20); + tt_mem_op(p2+1+8+22+20+4, OP_EQ, b, 99+20); tt_int_op(0, OP_EQ, create_cell_format_relayed(&cell, cc)); /* Now let's add an ed25519 key to that extend2 cell. */ @@ -732,22 +736,31 @@ test_cfmt_extend_cells(void *arg) /* As before, since we aren't extending by ed25519. */ get_options_mutable()->ExtendByEd25519ID = 0; tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); - tt_int_op(p2_len, OP_EQ, 89+99-34-20); + tt_int_op(p2_len, OP_EQ, 89+99-34); test_memeq_hex(p2, - "02000612F40001F0F1" + "03" + "000612F40001F0F1" "0214616e7468726f706f6d6f727068697a6174696f6e" + "011220020000000000000000000000f0c51e1112" "01050063"); /* Now try with the ed25519 ID. */ get_options_mutable()->ExtendByEd25519ID = 1; tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); - tt_int_op(p2_len, OP_EQ, 89+99-34-20 + 34); + tt_int_op(p2_len, OP_EQ, 89+99); test_memeq_hex(p2, - "03000612F40001F0F1" + /* Four items */ + "04" + /* IPv4 address */ + "0006" "12F40001" "F0F1" + /* The next is an RSA digest: anthropomorphization */ "0214616e7468726f706f6d6f727068697a6174696f6e" - // ed digest follows: + /* Then an ed public key: brownshoesdontmakeit/brownshoesd */ "0320" "62726f776e73686f6573646f6e746d616b656" "9742f62726f776e73686f657364" + /*IPv6 address */ + "0112" "20020000000000000000000000f0c51e" "1112" + /* Now the handshake prologue */ "01050063"); /* Can we parse that? Did the key come through right? */ memset(&ec, 0, sizeof(ec)); @@ -756,6 +769,40 @@ test_cfmt_extend_cells(void *arg) tt_mem_op("brownshoesdontmakeit/brownshoesd", OP_EQ, ec.ed_pubkey.pubkey, 32); + /* Now try IPv6 without IPv4 */ + memset(p, 0, sizeof(p)); + memcpy(p, "\x02", 1); + memcpy(p+1, "\x02\x14" "anthropomorphization", 22); + memcpy(p+23, "\x01\x12" "xxxxxxxxxxxxxxxxYY", 20); + memcpy(p+43, "\xff\xff\x00\x20", 4); + tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, + p, sizeof(p))); + tt_int_op(RELAY_COMMAND_EXTEND2, OP_EQ, ec.cell_type); + tt_assert(fast_mem_is_zero((const char *)&ec.orport_ipv4.addr, + sizeof(tor_addr_t))); + tt_int_op(0, OP_EQ, ec.orport_ipv4.port); + tt_str_op("7878:7878:7878:7878:7878:7878:7878:7878", + OP_EQ, fmt_addr(&ec.orport_ipv6.addr)); + tt_int_op(22873, OP_EQ, ec.orport_ipv6.port); + tt_assert(ed25519_public_key_is_zero(&ec.ed_pubkey)); + tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20); + tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); + tt_int_op(cc->handshake_type, OP_EQ, 0xffff); + tt_int_op(cc->handshake_len, OP_EQ, 32); + tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); + tt_int_op(p2_cmd, OP_EQ, RELAY_COMMAND_EXTEND2); + tt_int_op(p2_len, OP_EQ, 47+32); + test_memeq_hex(p2, + /* Two items */ + "02" + /* The next is an RSA digest: anthropomorphization */ + "0214" "616e7468726f706f6d6f727068697a6174696f6e" + /*IPv6 address */ + "0112" "78787878787878787878787878787878" "5959" + /* Now the handshake prologue */ + "ffff0020"); + tt_int_op(0, OP_EQ, create_cell_format_relayed(&cell, cc)); + /* == Now try parsing some junk */ /* Try a too-long handshake */ @@ -811,13 +858,6 @@ test_cfmt_extend_cells(void *arg) memcpy(p+48, "\xff\xff\x00\x20", 4); tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, p, sizeof(p))); - memset(p, 0, sizeof(p)); - memcpy(p, "\x02", 1); - memcpy(p+1, "\x02\x14" "anarchoindividualist", 22); - memcpy(p+23, "\x01\x12" "xxxxxxxxxxxxxxxxYY", 18); - memcpy(p+41, "\xff\xff\x00\x20", 4); - tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, - p, sizeof(p))); /* Running out of space in specifiers */ memset(p,0,sizeof(p)); diff --git a/src/test/test_cell_queue.c b/src/test/test_cell_queue.c index 8fc1da031e..b778c07802 100644 --- a/src/test/test_cell_queue.c +++ b/src/test/test_cell_queue.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CIRCUITLIST_PRIVATE diff --git a/src/test/test_channel.c b/src/test/test_channel.c index afb7db813c..83b69cc80b 100644 --- a/src/test/test_channel.c +++ b/src/test/test_channel.c @@ -1,8 +1,8 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define TOR_CHANNEL_INTERNAL_ -#define CHANNEL_PRIVATE_ +#define CHANNEL_OBJECT_PRIVATE +#define CHANNEL_FILE_PRIVATE #include "core/or/or.h" #include "core/or/channel.h" /* For channel_note_destroy_not_pending */ @@ -34,8 +34,6 @@ static int test_chan_accept_cells = 0; static int test_chan_fixed_cells_recved = 0; static cell_t * test_chan_last_seen_fixed_cell_ptr = NULL; -static int test_chan_var_cells_recved = 0; -static var_cell_t * test_chan_last_seen_var_cell_ptr = NULL; static int test_cells_written = 0; static int test_doesnt_want_writes_count = 0; static int test_dumpstats_calls = 0; @@ -112,24 +110,6 @@ chan_test_dumpstats(channel_t *ch, int severity) return; } -/* - * Handle an incoming variable-size cell for unit tests - */ - -static void -chan_test_var_cell_handler(channel_t *ch, - var_cell_t *var_cell) -{ - tt_assert(ch); - tt_assert(var_cell); - - test_chan_last_seen_var_cell_ptr = var_cell; - ++test_chan_var_cells_recved; - - done: - return; -} - static void chan_test_close(channel_t *ch) { @@ -487,11 +467,8 @@ test_channel_dumpstats(void *arg) /* Receive path */ channel_set_cell_handlers(ch, - chan_test_cell_handler, - chan_test_var_cell_handler); + chan_test_cell_handler); tt_ptr_op(channel_get_cell_handler(ch), OP_EQ, chan_test_cell_handler); - tt_ptr_op(channel_get_var_cell_handler(ch), OP_EQ, - chan_test_var_cell_handler); cell = tor_malloc_zero(sizeof(*cell)); old_count = test_chan_fixed_cells_recved; channel_process_cell(ch, cell); @@ -593,7 +570,6 @@ test_channel_outbound_cell(void *arg) circuit_set_n_circid_chan(TO_CIRCUIT(circ), 42, chan); tt_int_op(channel_num_circuits(chan), OP_EQ, 1); /* Test the cmux state. */ - tt_ptr_op(TO_CIRCUIT(circ)->n_mux, OP_EQ, chan->cmux); tt_int_op(circuitmux_is_circuit_attached(chan->cmux, TO_CIRCUIT(circ)), OP_EQ, 1); @@ -718,7 +694,7 @@ test_channel_inbound_cell(void *arg) /* Setup incoming cell handlers. We don't care about var cell, the channel * layers is not handling those. */ - channel_set_cell_handlers(chan, chan_test_cell_handler, NULL); + channel_set_cell_handlers(chan, chan_test_cell_handler); tt_ptr_op(chan->cell_handler, OP_EQ, chan_test_cell_handler); /* Now process the cell, we should see it. */ old_count = test_chan_fixed_cells_recved; @@ -1345,7 +1321,7 @@ test_channel_for_extend(void *arg) channel_t *ret_chan = NULL; char digest[DIGEST_LEN]; ed25519_public_key_t ed_id; - tor_addr_t addr; + tor_addr_t ipv4_addr, ipv6_addr; const char *msg; int launch; time_t now = time(NULL); @@ -1355,6 +1331,9 @@ test_channel_for_extend(void *arg) memset(digest, 'A', sizeof(digest)); memset(&ed_id, 'B', sizeof(ed_id)); + tor_addr_make_null(&ipv4_addr, AF_INET); + tor_addr_make_null(&ipv6_addr, AF_INET6); + chan1 = new_fake_channel(); tt_assert(chan1); /* Need to be registered to get added to the id map. */ @@ -1388,7 +1367,8 @@ test_channel_for_extend(void *arg) tt_ptr_op(channel_find_by_remote_identity(digest, &ed_id), OP_EQ, chan1); /* The expected result is chan2 because it is older than chan1. */ - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan2); tt_int_op(launch, OP_EQ, 0); @@ -1396,16 +1376,18 @@ test_channel_for_extend(void *arg) /* Switch that around from previous test. */ chan2->timestamp_created = chan1->timestamp_created + 1; - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan1); tt_int_op(launch, OP_EQ, 0); tt_str_op(msg, OP_EQ, "Connection is fine; using it."); /* Same creation time, num circuits will be used and they both have 0 so the - * channel 2 should be picked due to how channel_is_better() work. */ + * channel 2 should be picked due to how channel_is_better() works. */ chan2->timestamp_created = chan1->timestamp_created; - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan1); tt_int_op(launch, OP_EQ, 0); @@ -1416,7 +1398,8 @@ test_channel_for_extend(void *arg) /* Condemned the older channel. */ chan1->state = CHANNEL_STATE_CLOSING; - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan2); tt_int_op(launch, OP_EQ, 0); @@ -1425,7 +1408,8 @@ test_channel_for_extend(void *arg) /* Make the older channel a client one. */ channel_mark_client(chan1); - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan2); tt_int_op(launch, OP_EQ, 0); @@ -1435,8 +1419,9 @@ test_channel_for_extend(void *arg) /* Non matching ed identity with valid digest. */ ed25519_public_key_t dumb_ed_id; memset(&dumb_ed_id, 0, sizeof(dumb_ed_id)); - ret_chan = channel_get_for_extend(digest, &dumb_ed_id, &addr, &msg, - &launch); + ret_chan = channel_get_for_extend(digest, &dumb_ed_id, + &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(!ret_chan); tt_str_op(msg, OP_EQ, "Not connected. Connecting."); tt_int_op(launch, OP_EQ, 1); @@ -1445,7 +1430,8 @@ test_channel_for_extend(void *arg) test_chan_should_match_target = 1; chan1->state = CHANNEL_STATE_OPENING; chan2->state = CHANNEL_STATE_OPENING; - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(!ret_chan); tt_str_op(msg, OP_EQ, "Connection in progress; waiting."); tt_int_op(launch, OP_EQ, 0); @@ -1454,7 +1440,8 @@ test_channel_for_extend(void *arg) /* Mark channel 1 as bad for circuits. */ channel_mark_bad_for_new_circs(chan1); - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(ret_chan); tt_ptr_op(ret_chan, OP_EQ, chan2); tt_int_op(launch, OP_EQ, 0); @@ -1464,7 +1451,8 @@ test_channel_for_extend(void *arg) /* Mark both channels as unusable. */ channel_mark_bad_for_new_circs(chan1); channel_mark_bad_for_new_circs(chan2); - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(!ret_chan); tt_str_op(msg, OP_EQ, "Connections all too old, or too non-canonical. " " Launching a new one."); @@ -1475,7 +1463,8 @@ test_channel_for_extend(void *arg) /* Non canonical channels. */ test_chan_should_be_canonical = 0; test_chan_should_match_target = 0; - ret_chan = channel_get_for_extend(digest, &ed_id, &addr, &msg, &launch); + ret_chan = channel_get_for_extend(digest, &ed_id, &ipv4_addr, &ipv6_addr, + &msg, &launch); tt_assert(!ret_chan); tt_str_op(msg, OP_EQ, "Connections all too old, or too non-canonical. " " Launching a new one."); @@ -1539,6 +1528,10 @@ test_channel_listener(void *arg) channel_listener_dump_statistics(chan, LOG_INFO); done: + if (chan) { + channel_listener_unregister(chan); + tor_free(chan); + } channel_free_all(); } diff --git a/src/test/test_channelpadding.c b/src/test/test_channelpadding.c index 5da2d81377..63a591583d 100644 --- a/src/test/test_channelpadding.c +++ b/src/test/test_channelpadding.c @@ -1,7 +1,7 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define MAINLOOP_PRIVATE #define NETWORKSTATUS_PRIVATE #define TOR_TIMERS_PRIVATE @@ -21,7 +21,7 @@ #include "test/log_test_helpers.h" #include "lib/tls/tortls.h" #include "lib/evloop/timers.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/or/cell_st.h" #include "feature/nodelist/networkstatus_st.h" @@ -289,8 +289,6 @@ test_channelpadding_timers(void *arg) channel_t *chans[CHANNELS_TO_TEST]; (void)arg; - tor_libevent_postfork(); - if (!connection_array) connection_array = smartlist_new(); @@ -393,7 +391,6 @@ test_channelpadding_killonehop(void *arg) channelpadding_decision_t decision; int64_t new_time; (void)arg; - tor_libevent_postfork(); routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t)); monotime_init(); @@ -502,8 +499,6 @@ test_channelpadding_consensus(void *arg) int64_t new_time; (void)arg; - tor_libevent_postfork(); - /* * Params tested: * nf_pad_before_usage @@ -898,8 +893,6 @@ test_channelpadding_decide_to_pad_channel(void *arg) connection_array = smartlist_new(); (void)arg; - tor_libevent_postfork(); - monotime_init(); monotime_enable_test_mocking(); monotime_set_mock_time_nsec(1); diff --git a/src/test/test_channeltls.c b/src/test/test_channeltls.c index 10513e451d..f4f5cb447e 100644 --- a/src/test/test_channeltls.c +++ b/src/test/test_channeltls.c @@ -1,19 +1,20 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #include <math.h> -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #include "core/or/or.h" #include "lib/net/address.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/or/channel.h" #include "core/or/channeltls.h" #include "core/mainloop/connection.h" #include "core/or/connection_or.h" #include "app/config/config.h" +#include "app/config/resolve_addr.h" /* For init/free stuff */ #include "core/or/scheduler.h" #include "lib/tls/tortls.h" diff --git a/src/test/test_checkdir.c b/src/test/test_checkdir.c index 1df74c390a..186a55cc8c 100644 --- a/src/test/test_checkdir.c +++ b/src/test/test_checkdir.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_circuitbuild.c b/src/test/test_circuitbuild.c index 538f20781f..03fd176ead 100644 --- a/src/test/test_circuitbuild.c +++ b/src/test/test_circuitbuild.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CIRCUITBUILD_PRIVATE @@ -8,18 +8,32 @@ #define ENTRYNODES_PRIVATE #include "core/or/or.h" + #include "test/test.h" #include "test/test_helpers.h" #include "test/log_test_helpers.h" + +#define CONFIG_PRIVATE #include "app/config/config.h" + +#include "core/or/channel.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" +#include "core/or/onion.h" +#include "core/or/cell_st.h" #include "core/or/cpath_build_state_st.h" #include "core/or/extend_info_st.h" #include "core/or/origin_circuit_st.h" +#include "core/or/or_circuit_st.h" #include "feature/client/entrynodes.h" +#include "feature/nodelist/nodelist.h" +#include "feature/relay/circuitbuild_relay.h" +#include "feature/relay/router.h" +#include "feature/relay/routermode.h" + +#include "feature/nodelist/node_st.h" /* Dummy nodes smartlist for testing */ static smartlist_t dummy_nodes; @@ -27,11 +41,11 @@ static smartlist_t dummy_nodes; static extend_info_t dummy_ei; static int -mock_count_acceptable_nodes(smartlist_t *nodes) +mock_count_acceptable_nodes(const smartlist_t *nodes, int direct) { (void)nodes; - return DEFAULT_ROUTE_LEN + 1; + return direct ? 1 : DEFAULT_ROUTE_LEN + 1; } /* Test route lengths when the caller of new_route_len() doesn't @@ -114,6 +128,14 @@ test_new_route_len_unhandled_exit(void *arg) int r; (void)arg; +#ifdef ALL_BUGS_ARE_FATAL + /* Coverity (and maybe clang analyser) complain that the code following + * tt_skip() is unconditionally unreachable. */ +#if !defined(__COVERITY__) && !defined(__clang_analyzer__) + tt_skip(); +#endif +#endif /* defined(ALL_BUGS_ARE_FATAL) */ + MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); tor_capture_bugs_(1); @@ -125,10 +147,10 @@ test_new_route_len_unhandled_exit(void *arg) "!(exit_ei && !known_purpose)"); expect_single_log_msg_containing("Unhandled purpose"); expect_single_log_msg_containing("with a chosen exit; assuming routelen"); - teardown_capture_of_logs(); - tor_end_capture_bugs_(); done: + teardown_capture_of_logs(); + tor_end_capture_bugs_(); UNMOCK(count_acceptable_nodes); } @@ -167,16 +189,1366 @@ test_upgrade_from_guard_wait(void *arg) tt_assert(!list); done: + smartlist_free(list); circuit_free(circ); entry_guard_free_(guard); } +static int server = 0; +static int +mock_server_mode(const or_options_t *options) +{ + (void)options; + return server; +} + +/* Test the different cases in circuit_extend_state_valid_helper(). */ +static void +test_circuit_extend_state_valid(void *arg) +{ + (void)arg; + circuit_t *circ = tor_malloc_zero(sizeof(circuit_t)); + + server = 0; + MOCK(server_mode, mock_server_mode); + + setup_full_capture_of_logs(LOG_INFO); + + /* Clients can't extend */ + server = 0; + tt_int_op(circuit_extend_state_valid_helper(NULL), OP_EQ, -1); + expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); + mock_clean_saved_logs(); + +#ifndef ALL_BUGS_ARE_FATAL + /* Circuit must be non-NULL */ + tor_capture_bugs_(1); + server = 1; + tt_int_op(circuit_extend_state_valid_helper(NULL), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* n_chan and n_hop are NULL, this should succeed */ + server = 1; + tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, 0); + mock_clean_saved_logs(); + + /* But clients still can't extend */ + server = 0; + tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); + expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); + mock_clean_saved_logs(); + + /* n_chan must be NULL */ + circ->n_chan = tor_malloc_zero(sizeof(channel_t)); + server = 1; + tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); + expect_log_msg("n_chan already set. Bug/attack. Closing.\n"); + mock_clean_saved_logs(); + tor_free(circ->n_chan); + + /* n_hop must be NULL */ + circ->n_hop = tor_malloc_zero(sizeof(extend_info_t)); + server = 1; + tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); + expect_log_msg("conn to next hop already launched. Bug/attack. Closing.\n"); + mock_clean_saved_logs(); + tor_free(circ->n_hop); + + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + UNMOCK(server_mode); + server = 0; + + tor_free(circ->n_chan); + tor_free(circ->n_hop); + tor_free(circ); +} + +static node_t *mocked_node = NULL; +static const node_t * +mock_node_get_by_id(const char *identity_digest) +{ + (void)identity_digest; + return mocked_node; +} + +static int mocked_supports_ed25519_link_authentication = 0; +static int +mock_node_supports_ed25519_link_authentication(const node_t *node, + int compatible_with_us) +{ + (void)node; + (void)compatible_with_us; + return mocked_supports_ed25519_link_authentication; +} + +static ed25519_public_key_t * mocked_ed25519_id = NULL; +static const ed25519_public_key_t * +mock_node_get_ed25519_id(const node_t *node) +{ + (void)node; + return mocked_ed25519_id; +} + +/* Test the different cases in circuit_extend_add_ed25519_helper(). */ +static void +test_circuit_extend_add_ed25519(void *arg) +{ + (void)arg; + extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); + extend_cell_t *old_ec = tor_malloc_zero(sizeof(extend_cell_t)); + extend_cell_t *zero_ec = tor_malloc_zero(sizeof(extend_cell_t)); + + node_t *fake_node = tor_malloc_zero(sizeof(node_t)); + ed25519_public_key_t *fake_ed25519_id = NULL; + fake_ed25519_id = tor_malloc_zero(sizeof(ed25519_public_key_t)); + + MOCK(node_get_by_id, mock_node_get_by_id); + MOCK(node_supports_ed25519_link_authentication, + mock_node_supports_ed25519_link_authentication); + MOCK(node_get_ed25519_id, mock_node_get_ed25519_id); + + setup_full_capture_of_logs(LOG_INFO); + +#ifndef ALL_BUGS_ARE_FATAL + /* The extend cell must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend_add_ed25519_helper(NULL), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* The node id must be non-zero */ + memcpy(old_ec, ec, sizeof(extend_cell_t)); + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, -1); + expect_log_msg( + "Client asked me to extend without specifying an id_digest.\n"); + /* And nothing should have changed */ + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + mock_clean_saved_logs(); + + /* Fill in fake node_id, and try again */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* There's no node with that id, so the ed pubkey should still be zeroed */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + /* In fact, nothing should have changed */ + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + mock_clean_saved_logs(); + + /* Provide 2 out of 3 of node, supports link auth, and ed_id. + * The ed_id should remain zeroed. */ + + /* Provide node and supports link auth */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + /* Set up the fake variables */ + mocked_node = fake_node; + mocked_supports_ed25519_link_authentication = 1; + /* Do the test */ + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* The ed pubkey should still be zeroed */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + /* In fact, nothing should have changed */ + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + /* Cleanup */ + mock_clean_saved_logs(); + mocked_node = NULL; + mocked_supports_ed25519_link_authentication = 0; + mocked_ed25519_id = NULL; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + + /* Provide supports link auth and ed id */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + /* Set up the fake variables */ + mocked_supports_ed25519_link_authentication = 1; + memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); + mocked_ed25519_id = fake_ed25519_id; + /* Do the test */ + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* The ed pubkey should still be zeroed */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + /* In fact, nothing should have changed */ + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + /* Cleanup */ + mock_clean_saved_logs(); + mocked_node = NULL; + mocked_supports_ed25519_link_authentication = 0; + mocked_ed25519_id = NULL; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + + /* Provide node and ed id */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + /* Set up the fake variables */ + mocked_node = fake_node; + memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); + mocked_ed25519_id = fake_ed25519_id; + /* Do the test */ + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* The ed pubkey should still be zeroed */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + /* In fact, nothing should have changed */ + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + /* Cleanup */ + mock_clean_saved_logs(); + mocked_node = NULL; + mocked_supports_ed25519_link_authentication = 0; + mocked_ed25519_id = NULL; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + + /* Now do the real lookup */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + /* Set up the fake variables */ + mocked_node = fake_node; + mocked_supports_ed25519_link_authentication = 1; + memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); + mocked_ed25519_id = fake_ed25519_id; + /* Do the test */ + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* The ed pubkey should match */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, fake_ed25519_id, sizeof(ec->ed_pubkey)); + /* Nothing else should have changed */ + memcpy(&ec->ed_pubkey, &old_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + /* Cleanup */ + mock_clean_saved_logs(); + mocked_node = NULL; + mocked_supports_ed25519_link_authentication = 0; + mocked_ed25519_id = NULL; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + + /* Now do the real lookup, but with a zeroed ed id */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memcpy(old_ec, ec, sizeof(extend_cell_t)); + /* Set up the fake variables */ + mocked_node = fake_node; + mocked_supports_ed25519_link_authentication = 1; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + mocked_ed25519_id = fake_ed25519_id; + /* Do the test */ + tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); + /* The ed pubkey should match */ + tt_mem_op(&ec->ed_pubkey, OP_EQ, fake_ed25519_id, sizeof(ec->ed_pubkey)); + /* Nothing else should have changed */ + memcpy(&ec->ed_pubkey, &old_ec->ed_pubkey, sizeof(ec->ed_pubkey)); + tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); + /* Cleanup */ + mock_clean_saved_logs(); + mocked_node = NULL; + mocked_supports_ed25519_link_authentication = 0; + mocked_ed25519_id = NULL; + memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); + + done: + UNMOCK(node_get_by_id); + UNMOCK(node_supports_ed25519_link_authentication); + UNMOCK(node_get_ed25519_id); + + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + tor_free(ec); + tor_free(old_ec); + tor_free(zero_ec); + + tor_free(fake_ed25519_id); + tor_free(fake_node); +} + +static or_options_t *mocked_options = NULL; +static const or_options_t * +mock_get_options(void) +{ + return mocked_options; +} + +#define PUBLIC_IPV4 "1.2.3.4" +#define INTERNAL_IPV4 "0.0.0.1" + +#define PUBLIC_IPV6 "1234::cdef" +#define INTERNAL_IPV6 "::1" + +#define VALID_PORT 0x1234 + +/* Test the different cases in circuit_extend_lspec_valid_helper(). */ +static void +test_circuit_extend_lspec_valid(void *arg) +{ + (void)arg; + extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); + channel_t *p_chan = tor_malloc_zero(sizeof(channel_t)); + or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); + circuit_t *circ = TO_CIRCUIT(or_circ); + + or_options_t *fake_options = options_new(); + MOCK(get_options, mock_get_options); + mocked_options = fake_options; + + setup_full_capture_of_logs(LOG_INFO); + +#ifndef ALL_BUGS_ARE_FATAL + /* Extend cell must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(NULL, circ), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Circuit must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(ec, NULL), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Extend cell and circuit must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(NULL, NULL), OP_EQ, -1); + /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* IPv4 and IPv6 addr and port are all zero, this should fail */ + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or unspecified address '[scrubbed]'.\n"); + mock_clean_saved_logs(); + + /* Now ask for the actual address in the logs */ + fake_options->SafeLogging_ = SAFELOG_SCRUB_NONE; + + /* IPv4 port is 0, IPv6 addr and port are both zero, this should fail */ + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or IPv4 address '1.2.3.4:0'.\n"); + mock_clean_saved_logs(); + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* IPv4 addr is 0, IPv6 addr and port are both zero, this should fail */ + ec->orport_ipv4.port = VALID_PORT; + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or IPv4 address '0.0.0.0:4660'.\n"); + mock_clean_saved_logs(); + ec->orport_ipv4.port = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* IPv4 addr is internal, and port is valid. + * (IPv6 addr and port are both zero.) + * Result depends on ExtendAllowPrivateAddresses. */ + tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); + ec->orport_ipv4.port = VALID_PORT; + + fake_options->ExtendAllowPrivateAddresses = 0; + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend " + "to a private IPv4 address '0.0.0.1'.\n"); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* Now do the same tests, but for IPv6 */ + + /* IPv6 port is 0, IPv4 addr and port are both zero, this should fail */ + tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or IPv6 address '[1234::cdef]:0'.\n"); + mock_clean_saved_logs(); + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* IPv6 addr is 0, IPv4 addr and port are both zero, this should fail */ + ec->orport_ipv6.port = VALID_PORT; + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or IPv6 address '[::]:4660'.\n"); + mock_clean_saved_logs(); + ec->orport_ipv4.port = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* IPv6 addr is internal, and port is valid. + * (IPv4 addr and port are both zero.) + * Result depends on ExtendAllowPrivateAddresses. */ + tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); + ec->orport_ipv6.port = VALID_PORT; + + fake_options->ExtendAllowPrivateAddresses = 0; + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend " + "to a private IPv6 address '[::1]'.\n"); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* Both addresses are internal. + * Result depends on ExtendAllowPrivateAddresses. */ + tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); + ec->orport_ipv4.port = VALID_PORT; + tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); + ec->orport_ipv6.port = VALID_PORT; + + fake_options->ExtendAllowPrivateAddresses = 0; + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend " + "to a private IPv4 address '0.0.0.1'.\n"); + expect_log_msg("Client asked me to extend " + "to a private IPv6 address '[::1]'.\n"); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + +#ifndef ALL_BUGS_ARE_FATAL + /* If we pass the private address check, but don't have the right + * OR circuit magic number, we trigger another bug */ + tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); + ec->orport_ipv4.port = VALID_PORT; + tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); + ec->orport_ipv6.port = VALID_PORT; + fake_options->ExtendAllowPrivateAddresses = 1; + + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(circ->magic != 0x98ABC04Fu))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* Fail again, but this time only set an IPv4 address. */ + tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); + ec->orport_ipv4.port = VALID_PORT; + fake_options->ExtendAllowPrivateAddresses = 1; + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + /* Since we're using IF_BUG_ONCE(), expect 0-1 bug logs */ + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 1); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Now set the right magic */ + or_circ->base_.magic = OR_CIRCUIT_MAGIC; + +#ifndef ALL_BUGS_ARE_FATAL + /* If we pass the OR circuit magic check, but don't have p_chan, + * we trigger another bug */ + fake_options->ExtendAllowPrivateAddresses = 1; + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!p_chan))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + + /* We can also pass the OR circuit magic check with a public address */ + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + fake_options->ExtendAllowPrivateAddresses = 0; + tor_capture_bugs_(1); + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + /* Since we're using IF_BUG_ONCE(), expect 0-1 bug logs */ + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 1); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + fake_options->ExtendAllowPrivateAddresses = 0; + + tor_addr_make_null(&ec->orport_ipv4.addr, AF_INET); + ec->orport_ipv4.port = 0x0000; +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Now let's fake a p_chan and the addresses */ + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + ec->orport_ipv4.port = VALID_PORT; + or_circ->p_chan = p_chan; + + /* This is a trivial failure: node_id and p_chan->identity_digest are both + * zeroed */ + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend back to the previous hop.\n"); + mock_clean_saved_logs(); + + /* Let's check with non-zero identities as well */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memset(p_chan->identity_digest, 0xAA, sizeof(p_chan->identity_digest)); + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend back to the previous hop.\n"); + mock_clean_saved_logs(); + + memset(ec->node_id, 0, sizeof(ec->node_id)); + memset(p_chan->identity_digest, 0, sizeof(p_chan->identity_digest)); + + /* Let's pass the node_id test */ + memset(ec->node_id, 0xAA, sizeof(ec->node_id)); + memset(p_chan->identity_digest, 0xBB, sizeof(p_chan->identity_digest)); + + /* ed_pubkey is zero, and that's allowed, so we should succeed */ + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + mock_clean_saved_logs(); + + /* Now let's check that we warn, but succeed, when only one address is + * private */ + tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); + ec->orport_ipv4.port = VALID_PORT; + tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); + ec->orport_ipv6.port = VALID_PORT; + fake_options->ExtendAllowPrivateAddresses = 0; + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + expect_log_msg("Client asked me to extend " + "to a private IPv4 address '0.0.0.1'.\n"); + mock_clean_saved_logs(); + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* Now with private IPv6 */ + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + ec->orport_ipv4.port = VALID_PORT; + tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); + ec->orport_ipv6.port = VALID_PORT; + fake_options->ExtendAllowPrivateAddresses = 0; + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + expect_log_msg("Client asked me to extend " + "to a private IPv6 address '[::1]'.\n"); + mock_clean_saved_logs(); + tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); + tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); + + /* Now reset to public IPv4 and IPv6 */ + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + ec->orport_ipv4.port = VALID_PORT; + tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); + ec->orport_ipv6.port = VALID_PORT; + + /* Fail on matching non-zero identities */ + memset(&ec->ed_pubkey, 0xEE, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); + expect_log_msg("Client asked me to extend back to the previous hop " + "(by Ed25519 ID).\n"); + mock_clean_saved_logs(); + + memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); + + /* Succeed on different, non-zero identities */ + memset(&ec->ed_pubkey, 0xDD, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + mock_clean_saved_logs(); + + memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); + + /* Succeed if the client knows the identity, but we don't */ + memset(&ec->ed_pubkey, 0xDD, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0x00, sizeof(p_chan->ed25519_identity)); + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + mock_clean_saved_logs(); + + memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); + + /* Succeed if we know the identity, but the client doesn't */ + memset(&ec->ed_pubkey, 0x00, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); + + tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); + mock_clean_saved_logs(); + + memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); + memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); + + /* Cleanup the node ids */ + memset(ec->node_id, 0, sizeof(ec->node_id)); + memset(p_chan->identity_digest, 0, sizeof(p_chan->identity_digest)); + + /* Cleanup the p_chan and the addresses */ + tor_addr_make_null(&ec->orport_ipv4.addr, AF_UNSPEC); + ec->orport_ipv4.port = 0; + or_circ->p_chan = NULL; + + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + UNMOCK(get_options); + or_options_free(fake_options); + mocked_options = NULL; + + tor_free(ec); + tor_free(or_circ); + tor_free(p_chan); +} + +static bool can_extend_over_ipv6_result = false; +static int mock_router_can_extend_over_ipv6_calls = 0; +static bool +mock_router_can_extend_over_ipv6(const or_options_t *options) +{ + (void)options; + mock_router_can_extend_over_ipv6_calls++; + return can_extend_over_ipv6_result; +} + +/* Test the different cases in circuit_choose_ip_ap_for_extend(). */ +static void +test_circuit_choose_ip_ap_for_extend(void *arg) +{ + (void)arg; + tor_addr_port_t ipv4_ap; + tor_addr_port_t ipv6_ap; + + /* Set up valid addresses */ + tor_addr_parse(&ipv4_ap.addr, PUBLIC_IPV4); + ipv4_ap.port = VALID_PORT; + tor_addr_parse(&ipv6_ap.addr, PUBLIC_IPV6); + ipv6_ap.port = VALID_PORT; + + or_options_t *fake_options = options_new(); + MOCK(get_options, mock_get_options); + mocked_options = fake_options; + + MOCK(router_can_extend_over_ipv6, + mock_router_can_extend_over_ipv6); + can_extend_over_ipv6_result = true; + mock_router_can_extend_over_ipv6_calls = 0; + + /* No valid addresses */ + can_extend_over_ipv6_result = true; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, NULL), OP_EQ, NULL); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + can_extend_over_ipv6_result = false; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, NULL), OP_EQ, NULL); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + /* One valid address: IPv4 */ + can_extend_over_ipv6_result = true; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, NULL), OP_EQ, &ipv4_ap); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + can_extend_over_ipv6_result = false; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, NULL), OP_EQ, &ipv4_ap); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + /* One valid address: IPv6 */ + can_extend_over_ipv6_result = true; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, &ipv6_ap), OP_EQ, &ipv6_ap); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + can_extend_over_ipv6_result = false; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, &ipv6_ap), OP_EQ, NULL); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + /* Two valid addresses */ + const tor_addr_port_t *chosen_addr = NULL; + + can_extend_over_ipv6_result = true; + mock_router_can_extend_over_ipv6_calls = 0; + chosen_addr = circuit_choose_ip_ap_for_extend(&ipv4_ap, &ipv6_ap); + tt_assert(chosen_addr == &ipv4_ap || chosen_addr == &ipv6_ap); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + can_extend_over_ipv6_result = false; + mock_router_can_extend_over_ipv6_calls = 0; + tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, &ipv6_ap), + OP_EQ, &ipv4_ap); + tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); + + done: + UNMOCK(get_options); + or_options_free(fake_options); + mocked_options = NULL; + + UNMOCK(router_can_extend_over_ipv6); + + tor_free(fake_options); +} + +static int mock_circuit_close_calls = 0; +static void +mock_circuit_mark_for_close_(circuit_t *circ, int reason, + int line, const char *cfile) +{ + (void)circ; + (void)reason; + (void)line; + (void)cfile; + mock_circuit_close_calls++; +} + +static int mock_channel_connect_calls = 0; +static channel_t *mock_channel_connect_nchan = NULL; +static channel_t * +mock_channel_connect_for_circuit(const tor_addr_t *addr, + uint16_t port, + const char *id_digest, + const struct ed25519_public_key_t *ed_id) +{ + (void)addr; + (void)port; + (void)id_digest; + (void)ed_id; + mock_channel_connect_calls++; + return mock_channel_connect_nchan; +} + +/* Test the different cases in circuit_open_connection_for_extend(). + * Chooses different IP addresses depending on the first character in arg: + * - 4: IPv4 + * - 6: IPv6 + * - d: IPv4 and IPv6 (dual-stack) + */ +static void +test_circuit_open_connection_for_extend(void *arg) +{ + const char ip_version = ((const char *)arg)[0]; + const bool use_ipv4 = (ip_version == '4' || ip_version == 'd'); + const bool use_ipv6 = (ip_version == '6' || ip_version == 'd'); + tor_assert(use_ipv4 || use_ipv6); + + extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); + circuit_t *circ = tor_malloc_zero(sizeof(circuit_t)); + channel_t *fake_n_chan = tor_malloc_zero(sizeof(channel_t)); + + or_options_t *fake_options = options_new(); + MOCK(get_options, mock_get_options); + mocked_options = fake_options; + + MOCK(circuit_mark_for_close_, mock_circuit_mark_for_close_); + mock_circuit_close_calls = 0; + MOCK(channel_connect_for_circuit, mock_channel_connect_for_circuit); + mock_channel_connect_calls = 0; + mock_channel_connect_nchan = NULL; + + MOCK(router_can_extend_over_ipv6, + mock_router_can_extend_over_ipv6); + can_extend_over_ipv6_result = true; + + setup_full_capture_of_logs(LOG_INFO); + +#ifndef ALL_BUGS_ARE_FATAL + /* Circuit must be non-NULL */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + tor_capture_bugs_(1); + circuit_open_connection_for_extend(ec, NULL, 0); + /* We can't close a NULL circuit */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 0); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Extend cell must be non-NULL */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + tor_capture_bugs_(1); + circuit_open_connection_for_extend(NULL, circ, 0); + tt_int_op(mock_circuit_close_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Extend cell and circuit must be non-NULL */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + tor_capture_bugs_(1); + circuit_open_connection_for_extend(NULL, NULL, 0); + /* We can't close a NULL circuit */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 0); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Fail, because neither address is valid */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + tor_capture_bugs_(1); + circuit_open_connection_for_extend(ec, circ, 0); + /* Close the circuit, don't connect */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + /* Check state */ + tt_ptr_op(circ->n_hop, OP_EQ, NULL); + tt_ptr_op(circ->n_chan_create_cell, OP_EQ, NULL); + tt_int_op(circ->state, OP_EQ, 0); + /* Cleanup */ + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Set up valid addresses */ + if (use_ipv4) { + tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); + ec->orport_ipv4.port = VALID_PORT; + } + if (use_ipv6) { + tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); + ec->orport_ipv6.port = VALID_PORT; + } + + /* Succeed, but don't try to open a connection */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + circuit_open_connection_for_extend(ec, circ, 0); + /* If we haven't closed the circuit, that's success */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 0); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + /* Check state */ + tt_ptr_op(circ->n_hop, OP_NE, NULL); + tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); + tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); + /* Cleanup */ + mock_clean_saved_logs(); + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + circ->state = 0; + + /* Try to open a connection, but fail with a NULL n_chan */ + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + circuit_open_connection_for_extend(ec, circ, 1); + /* Try to connect, but fail, and close the circuit */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 1); + expect_log_msg("Launching n_chan failed. Closing circuit.\n"); + /* Check state */ + tt_ptr_op(circ->n_hop, OP_NE, NULL); + tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); + tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); + /* Cleanup */ + mock_clean_saved_logs(); + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + circ->state = 0; + + /* Try to open a connection, and succeed, because n_chan is not NULL */ + mock_channel_connect_nchan = fake_n_chan; + mock_circuit_close_calls = 0; + mock_channel_connect_calls = 0; + circuit_open_connection_for_extend(ec, circ, 1); + /* Connection attempt succeeded, leaving the circuit open */ + tt_int_op(mock_circuit_close_calls, OP_EQ, 0); + tt_int_op(mock_channel_connect_calls, OP_EQ, 1); + /* Check state */ + tt_ptr_op(circ->n_hop, OP_NE, NULL); + tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); + tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); + /* Cleanup */ + mock_clean_saved_logs(); + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + circ->state = 0; + mock_channel_connect_nchan = NULL; + + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + UNMOCK(circuit_mark_for_close_); + mock_circuit_close_calls = 0; + UNMOCK(channel_connect_for_circuit); + mock_channel_connect_calls = 0; + + UNMOCK(get_options); + or_options_free(fake_options); + mocked_options = NULL; + + UNMOCK(router_can_extend_over_ipv6); + + tor_free(ec); + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + tor_free(circ); + tor_free(fake_n_chan); +} + +/* Guaranteed to be initialised to zero. */ +static extend_cell_t mock_extend_cell_parse_cell_out; +static int mock_extend_cell_parse_result = 0; +static int mock_extend_cell_parse_calls = 0; + +static int +mock_extend_cell_parse(extend_cell_t *cell_out, + const uint8_t command, + const uint8_t *payload_in, + size_t payload_len) +{ + (void)command; + (void)payload_in; + (void)payload_len; + + mock_extend_cell_parse_calls++; + memcpy(cell_out, &mock_extend_cell_parse_cell_out, + sizeof(extend_cell_t)); + return mock_extend_cell_parse_result; +} + +static int mock_channel_get_for_extend_calls = 0; +static int mock_channel_get_for_extend_launch_out = 0; +static channel_t *mock_channel_get_for_extend_nchan = NULL; +static channel_t * +mock_channel_get_for_extend(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, + const tor_addr_t *target_ipv4_addr, + const tor_addr_t *target_ipv6_addr, + const char **msg_out, + int *launch_out) +{ + (void)rsa_id_digest; + (void)ed_id; + (void)target_ipv4_addr; + (void)target_ipv6_addr; + + /* channel_get_for_extend() requires non-NULL arguments */ + tt_ptr_op(msg_out, OP_NE, NULL); + tt_ptr_op(launch_out, OP_NE, NULL); + + mock_channel_get_for_extend_calls++; + *msg_out = NULL; + *launch_out = mock_channel_get_for_extend_launch_out; + return mock_channel_get_for_extend_nchan; + + done: + return NULL; +} + +static const char * +mock_channel_get_canonical_remote_descr(channel_t *chan) +{ + (void)chan; + return "mock_channel_get_canonical_remote_descr()"; +} + +static int mock_circuit_deliver_create_cell_calls = 0; +static int mock_circuit_deliver_create_cell_result = 0; +static int +mock_circuit_deliver_create_cell(circuit_t *circ, + const struct create_cell_t *create_cell, + int relayed) +{ + (void)create_cell; + + /* circuit_deliver_create_cell() requires non-NULL arguments, + * but we only check circ and circ->n_chan here. */ + tt_ptr_op(circ, OP_NE, NULL); + tt_ptr_op(circ->n_chan, OP_NE, NULL); + + /* We should only ever get relayed cells from extends */ + tt_int_op(relayed, OP_EQ, 1); + + mock_circuit_deliver_create_cell_calls++; + return mock_circuit_deliver_create_cell_result; + + done: + return -1; +} + +/* Test the different cases in circuit_extend(). */ +static void +test_circuit_extend(void *arg) +{ + (void)arg; + cell_t *cell = tor_malloc_zero(sizeof(cell_t)); + channel_t *p_chan = tor_malloc_zero(sizeof(channel_t)); + or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); + circuit_t *circ = TO_CIRCUIT(or_circ); + channel_t *fake_n_chan = tor_malloc_zero(sizeof(channel_t)); + + server = 0; + MOCK(server_mode, mock_server_mode); + + /* Mock a debug function, but otherwise ignore it */ + MOCK(channel_get_canonical_remote_descr, + mock_channel_get_canonical_remote_descr); + + setup_full_capture_of_logs(LOG_INFO); + +#ifndef ALL_BUGS_ARE_FATAL + /* Circuit must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend(cell, NULL), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Cell must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend(NULL, circ), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!cell))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Extend cell and circuit must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(circuit_extend(NULL, NULL), OP_EQ, -1); + /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Clients can't extend */ + server = 0; + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); + mock_clean_saved_logs(); + + /* But servers can. Unpack the cell, but fail parsing. */ + server = 1; + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + expect_log_msg("Can't parse extend cell. Closing circuit.\n"); + mock_clean_saved_logs(); + + /* Now mock parsing */ + MOCK(extend_cell_parse, mock_extend_cell_parse); + + /* And make parsing succeed, but fail on adding ed25519 */ + memset(&mock_extend_cell_parse_cell_out, 0, + sizeof(mock_extend_cell_parse_cell_out)); + mock_extend_cell_parse_result = 0; + mock_extend_cell_parse_calls = 0; + + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + expect_log_msg( + "Client asked me to extend without specifying an id_digest.\n"); + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + + /* Now add a node_id. Fail the lspec check because IPv4 and port are zero. */ + memset(&mock_extend_cell_parse_cell_out.node_id, 0xAA, + sizeof(mock_extend_cell_parse_cell_out.node_id)); + + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + expect_log_msg("Client asked me to extend to a zero destination port " + "or unspecified address '[scrubbed]'.\n"); + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + + /* Now add a valid IPv4 and port. Fail the OR circuit magic check. */ + tor_addr_parse(&mock_extend_cell_parse_cell_out.orport_ipv4.addr, + PUBLIC_IPV4); + mock_extend_cell_parse_cell_out.orport_ipv4.port = VALID_PORT; + +#ifndef ALL_BUGS_ARE_FATAL + tor_capture_bugs_(1); + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(circ->magic != 0x98ABC04Fu))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Now add the right magic and a p_chan. */ + or_circ->base_.magic = OR_CIRCUIT_MAGIC; + or_circ->p_chan = p_chan; + + /* Mock channel_get_for_extend(), so it doesn't crash. */ + mock_channel_get_for_extend_calls = 0; + MOCK(channel_get_for_extend, mock_channel_get_for_extend); + + /* Test circuit not established, but don't launch another one */ + mock_channel_get_for_extend_launch_out = 0; + mock_channel_get_for_extend_nchan = NULL; + tt_int_op(circuit_extend(cell, circ), OP_EQ, 0); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); + + /* cleanup */ + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + mock_channel_get_for_extend_calls = 0; + /* circ and or_circ are the same object */ + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + + /* Mock channel_connect_for_circuit(), so we don't crash */ + mock_channel_connect_calls = 0; + MOCK(channel_connect_for_circuit, mock_channel_connect_for_circuit); + + /* Test circuit not established, and successful launch of a channel */ + mock_channel_get_for_extend_launch_out = 1; + mock_channel_get_for_extend_nchan = NULL; + mock_channel_connect_nchan = fake_n_chan; + tt_int_op(circuit_extend(cell, circ), OP_EQ, 0); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 1); + + /* cleanup */ + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + mock_channel_get_for_extend_calls = 0; + mock_channel_connect_calls = 0; + /* circ and or_circ are the same object */ + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + + /* Mock circuit_deliver_create_cell(), so it doesn't crash */ + mock_circuit_deliver_create_cell_calls = 0; + MOCK(circuit_deliver_create_cell, mock_circuit_deliver_create_cell); + + /* Test circuit established, re-using channel, successful delivery */ + mock_channel_get_for_extend_launch_out = 0; + mock_channel_get_for_extend_nchan = fake_n_chan; + mock_channel_connect_nchan = NULL; + mock_circuit_deliver_create_cell_result = 0; + tt_int_op(circuit_extend(cell, circ), OP_EQ, 0); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + tt_int_op(mock_circuit_deliver_create_cell_calls, OP_EQ, 1); + tt_ptr_op(circ->n_chan, OP_EQ, fake_n_chan); + + /* cleanup */ + circ->n_chan = NULL; + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + mock_channel_get_for_extend_calls = 0; + mock_channel_connect_calls = 0; + mock_circuit_deliver_create_cell_calls = 0; + /* circ and or_circ are the same object */ + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + + /* Test circuit established, re-using channel, failed delivery */ + mock_channel_get_for_extend_launch_out = 0; + mock_channel_get_for_extend_nchan = fake_n_chan; + mock_channel_connect_nchan = NULL; + mock_circuit_deliver_create_cell_result = -1; + tt_int_op(circuit_extend(cell, circ), OP_EQ, -1); + tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); + tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); + tt_int_op(mock_channel_connect_calls, OP_EQ, 0); + tt_int_op(mock_circuit_deliver_create_cell_calls, OP_EQ, 1); + tt_ptr_op(circ->n_chan, OP_EQ, fake_n_chan); + + /* cleanup */ + circ->n_chan = NULL; + mock_clean_saved_logs(); + mock_extend_cell_parse_calls = 0; + mock_channel_get_for_extend_calls = 0; + mock_channel_connect_calls = 0; + mock_circuit_deliver_create_cell_calls = 0; + /* circ and or_circ are the same object */ + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + UNMOCK(server_mode); + server = 0; + + UNMOCK(channel_get_canonical_remote_descr); + + UNMOCK(extend_cell_parse); + memset(&mock_extend_cell_parse_cell_out, 0, + sizeof(mock_extend_cell_parse_cell_out)); + mock_extend_cell_parse_result = 0; + mock_extend_cell_parse_calls = 0; + + UNMOCK(channel_get_for_extend); + mock_channel_get_for_extend_calls = 0; + mock_channel_get_for_extend_launch_out = 0; + mock_channel_get_for_extend_nchan = NULL; + + UNMOCK(channel_connect_for_circuit); + mock_channel_connect_calls = 0; + mock_channel_connect_nchan = NULL; + + UNMOCK(circuit_deliver_create_cell); + mock_circuit_deliver_create_cell_calls = 0; + mock_circuit_deliver_create_cell_result = 0; + + tor_free(cell); + /* circ and or_circ are the same object */ + tor_free(circ->n_hop); + tor_free(circ->n_chan_create_cell); + tor_free(or_circ); + tor_free(p_chan); + tor_free(fake_n_chan); +} + +/* Test the different cases in onionskin_answer(). */ +static void +test_onionskin_answer(void *arg) +{ + (void)arg; + created_cell_t *created_cell = tor_malloc_zero(sizeof(created_cell_t)); + or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); + char keys[CPATH_KEY_MATERIAL_LEN] = {0}; + uint8_t rend_circ_nonce[DIGEST_LEN] = {0}; + + setup_full_capture_of_logs(LOG_INFO); + +#ifndef ALL_BUGS_ARE_FATAL + /* Circuit must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(onionskin_answer(NULL, created_cell, + keys, CPATH_KEY_MATERIAL_LEN, + rend_circ_nonce), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Created cell must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(onionskin_answer(or_circ, NULL, + keys, CPATH_KEY_MATERIAL_LEN, + rend_circ_nonce), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!created_cell))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* Keys must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(onionskin_answer(or_circ, created_cell, + NULL, CPATH_KEY_MATERIAL_LEN, + rend_circ_nonce), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!keys))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); + + /* The rend circuit nonce must be non-NULL */ + tor_capture_bugs_(1); + tt_int_op(onionskin_answer(or_circ, created_cell, + keys, CPATH_KEY_MATERIAL_LEN, + NULL), OP_EQ, -1); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); + tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, + "!(ASSERT_PREDICT_UNLIKELY_(!rend_circ_nonce))"); + tor_end_capture_bugs_(); + mock_clean_saved_logs(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + + /* Also, the keys length must be CPATH_KEY_MATERIAL_LEN, but we can't catch + * asserts in unit tests. */ + + /* Fail when formatting the created cell */ + tt_int_op(onionskin_answer(or_circ, created_cell, + keys, CPATH_KEY_MATERIAL_LEN, + rend_circ_nonce), OP_EQ, -1); + expect_log_msg("couldn't format created cell (type=0, len=0).\n"); + mock_clean_saved_logs(); + + /* TODO: test the rest of onionskin_answer(), see #33860 */ + /* TODO: mock created_cell_format for the next test */ + + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); + + tor_free(created_cell); + tor_free(or_circ); +} + +#define TEST(name, flags, setup, cleanup) \ + { #name, test_ ## name, flags, setup, cleanup } + +#define TEST_NEW_ROUTE_LEN(name, flags) \ + { #name, test_new_route_len_ ## name, flags, NULL, NULL } + +#define TEST_CIRCUIT(name, flags) \ + { #name, test_circuit_ ## name, flags, NULL, NULL } + +#ifndef COCCI +#define TEST_CIRCUIT_PASSTHROUGH(name, flags, arg) \ + { #name "/" arg, test_circuit_ ## name, flags, \ + &passthrough_setup, (void *)(arg) } +#endif + struct testcase_t circuitbuild_tests[] = { - { "noexit", test_new_route_len_noexit, 0, NULL, NULL }, - { "safe_exit", test_new_route_len_safe_exit, 0, NULL, NULL }, - { "unsafe_exit", test_new_route_len_unsafe_exit, 0, NULL, NULL }, - { "unhandled_exit", test_new_route_len_unhandled_exit, 0, NULL, NULL }, - { "upgrade_from_guard_wait", test_upgrade_from_guard_wait, TT_FORK, - NULL, NULL }, + TEST_NEW_ROUTE_LEN(noexit, 0), + TEST_NEW_ROUTE_LEN(safe_exit, 0), + TEST_NEW_ROUTE_LEN(unsafe_exit, 0), + TEST_NEW_ROUTE_LEN(unhandled_exit, 0), + + TEST(upgrade_from_guard_wait, TT_FORK, &helper_pubsub_setup, NULL), + + TEST_CIRCUIT(extend_state_valid, TT_FORK), + TEST_CIRCUIT(extend_add_ed25519, TT_FORK), + TEST_CIRCUIT(extend_lspec_valid, TT_FORK), + TEST_CIRCUIT(choose_ip_ap_for_extend, 0), + TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "4"), + TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "6"), + TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "dual-stack"), + TEST_CIRCUIT(extend, TT_FORK), + + TEST(onionskin_answer, TT_FORK, NULL, NULL), + END_OF_TESTCASES }; diff --git a/src/test/test_circuitlist.c b/src/test/test_circuitlist.c index 5cebdbeda0..63c4418f29 100644 --- a/src/test/test_circuitlist.c +++ b/src/test/test_circuitlist.c @@ -1,7 +1,7 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define CIRCUITBUILD_PRIVATE #define CIRCUITLIST_PRIVATE #define HS_CIRCUITMAP_PRIVATE @@ -136,7 +136,7 @@ test_clist_maps(void *arg) channel_note_destroy_pending(ch2, 200); channel_note_destroy_pending(ch2, 205); channel_note_destroy_pending(ch1, 100); - tt_assert(circuit_id_in_use_on_channel(205, ch2)) + tt_assert(circuit_id_in_use_on_channel(205, ch2)); tt_assert(circuit_id_in_use_on_channel(200, ch2)); tt_assert(circuit_id_in_use_on_channel(100, ch1)); diff --git a/src/test/test_circuitmux.c b/src/test/test_circuitmux.c index a2b3e62fe8..2c11d107d0 100644 --- a/src/test/test_circuitmux.c +++ b/src/test/test_circuitmux.c @@ -1,33 +1,27 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define CIRCUITMUX_PRIVATE #define CIRCUITMUX_EWMA_PRIVATE #define RELAY_PRIVATE + #include "core/or/or.h" #include "core/or/channel.h" #include "core/or/circuitmux.h" #include "core/or/circuitmux_ewma.h" +#include "core/or/destroy_cell_queue_st.h" #include "core/or/relay.h" #include "core/or/scheduler.h" -#include "test/test.h" -#include "core/or/destroy_cell_queue_st.h" +#include "test/fakechans.h" +#include "test/fakecircs.h" +#include "test/test.h" #include <math.h> -/* XXXX duplicated function from test_circuitlist.c */ -static channel_t * -new_fake_channel(void) -{ - channel_t *chan = tor_malloc_zero(sizeof(channel_t)); - channel_init(chan); - return chan; -} - static int -has_queued_writes(channel_t *c) +mock_has_queued_writes_true(channel_t *c) { (void) c; return 1; @@ -44,16 +38,14 @@ test_cmux_destroy_cell_queue(void *arg) packed_cell_t *pc = NULL; destroy_cell_t *dc = NULL; - scheduler_init(); + MOCK(scheduler_release_channel, scheduler_release_channel_mock); (void) arg; - cmux = circuitmux_alloc(); - tt_assert(cmux); ch = new_fake_channel(); - circuitmux_set_policy(cmux, &ewma_policy); - ch->has_queued_writes = has_queued_writes; + ch->has_queued_writes = mock_has_queued_writes_true; ch->wide_circ_ids = 1; + cmux = ch->cmux; circ = circuitmux_get_first_active_circuit(cmux, &cq); tt_ptr_op(circ, OP_EQ, NULL); @@ -78,10 +70,11 @@ test_cmux_destroy_cell_queue(void *arg) tt_int_op(circuitmux_num_cells(cmux), OP_EQ, 2); done: - circuitmux_free(cmux); - channel_free(ch); + free_fake_channel(ch); packed_cell_free(pc); tor_free(dc); + + UNMOCK(scheduler_release_channel); } static void @@ -125,9 +118,363 @@ test_cmux_compute_ticks(void *arg) ; } +static void +test_cmux_allocate(void *arg) +{ + circuitmux_t *cmux = NULL; + + (void) arg; + + cmux = circuitmux_alloc(); + tt_assert(cmux); + tt_assert(cmux->chanid_circid_map); + tt_int_op(HT_SIZE(cmux->chanid_circid_map), OP_EQ, 0); + tt_uint_op(cmux->n_circuits, OP_EQ, 0); + tt_uint_op(cmux->n_active_circuits, OP_EQ, 0); + tt_uint_op(cmux->n_cells, OP_EQ, 0); + tt_uint_op(cmux->last_cell_was_destroy, OP_EQ, 0); + tt_i64_op(cmux->destroy_ctr, OP_EQ, 0); + tt_ptr_op(cmux->policy, OP_EQ, NULL); + tt_ptr_op(cmux->policy_data, OP_EQ, NULL); + + tt_assert(TOR_SIMPLEQ_EMPTY(&cmux->destroy_cell_queue.head)); + + done: + circuitmux_free(cmux); +} + +static void +test_cmux_attach_circuit(void *arg) +{ + circuit_t *circ = NULL; + or_circuit_t *orcirc = NULL; + channel_t *pchan = NULL, *nchan = NULL; + cell_direction_t cdir; + unsigned int n_cells; + + (void) arg; + + pchan = new_fake_channel(); + tt_assert(pchan); + nchan = new_fake_channel(); + tt_assert(nchan); + + orcirc = new_fake_orcirc(nchan, pchan); + tt_assert(orcirc); + circ = TO_CIRCUIT(orcirc); + + /* While assigning a new circuit IDs, the circuitmux_attach_circuit() is + * called for a new channel on the circuit. This means, we should now have + * the created circuit attached on both the pchan and nchan cmux. */ + tt_uint_op(circuitmux_num_circuits(pchan->cmux), OP_EQ, 1); + tt_uint_op(circuitmux_num_circuits(nchan->cmux), OP_EQ, 1); + + /* There should be _no_ active circuit due to no queued cells. */ + tt_uint_op(circuitmux_num_active_circuits(pchan->cmux), OP_EQ, 0); + tt_uint_op(circuitmux_num_active_circuits(nchan->cmux), OP_EQ, 0); + + /* Circuit should not be active on the cmux. */ + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_active(nchan->cmux, circ), OP_EQ, 0); + + /* Not active so no cells. */ + n_cells = circuitmux_num_cells_for_circuit(pchan->cmux, circ); + tt_uint_op(n_cells, OP_EQ, 0); + n_cells = circuitmux_num_cells(pchan->cmux); + tt_uint_op(n_cells, OP_EQ, 0); + n_cells = circuitmux_num_cells_for_circuit(nchan->cmux, circ); + tt_uint_op(n_cells, OP_EQ, 0); + n_cells = circuitmux_num_cells(nchan->cmux); + tt_uint_op(n_cells, OP_EQ, 0); + + /* So it should be attached :) */ + tt_int_op(circuitmux_is_circuit_attached(pchan->cmux, circ), OP_EQ, 1); + tt_int_op(circuitmux_is_circuit_attached(nchan->cmux, circ), OP_EQ, 1); + + /* Query the chanid<->circid map in the cmux subsytem with what we just + * created and validate the cell direction. */ + cdir = circuitmux_attached_circuit_direction(pchan->cmux, circ); + tt_int_op(cdir, OP_EQ, CELL_DIRECTION_IN); + cdir = circuitmux_attached_circuit_direction(nchan->cmux, circ); + tt_int_op(cdir, OP_EQ, CELL_DIRECTION_OUT); + + /* + * We'll activate->deactivate->activate to test all code paths of + * circuitmux_set_num_cells(). + */ + + /* Activate circuit. */ + circuitmux_set_num_cells(pchan->cmux, circ, 4); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 1); + + /* Deactivate. */ + circuitmux_clear_num_cells(pchan->cmux, circ); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 0); + tt_uint_op(circuitmux_num_cells_for_circuit(pchan->cmux, circ), OP_EQ, 0); + + /* Re-activate. */ + circuitmux_set_num_cells(pchan->cmux, circ, 4); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 1); + + /* Once re-attached, it should become inactive because the circuit has no + * cells while the chanid<->circid object has some. The attach code will + * reset the count on the cmux for that circuit: + * + * if (chanid_circid_muxinfo_t->muxinfo.cell_count > 0 && cell_count == 0) { + */ + circuitmux_attach_circuit(pchan->cmux, circ, CELL_DIRECTION_IN); + n_cells = circuitmux_num_cells_for_circuit(pchan->cmux, circ); + tt_uint_op(n_cells, OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 0); + tt_uint_op(circuitmux_num_active_circuits(pchan->cmux), OP_EQ, 0); + + /* Lets queue a cell on the circuit now so it becomes active when + * re-attaching: + * + * else if (chanid_circid_muxinfo_t->muxinfo.cell_count == 0 && + * cell_count > 0) { + */ + orcirc->p_chan_cells.n = 1; + circuitmux_attach_circuit(pchan->cmux, circ, CELL_DIRECTION_IN); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 1); + + done: + free_fake_orcirc(orcirc); + free_fake_channel(pchan); + free_fake_channel(nchan); +} + +static void +test_cmux_detach_circuit(void *arg) +{ + circuit_t *circ = NULL; + or_circuit_t *orcirc = NULL; + channel_t *pchan = NULL, *nchan = NULL; + + (void) arg; + + pchan = new_fake_channel(); + tt_assert(pchan); + nchan = new_fake_channel(); + tt_assert(nchan); + + orcirc = new_fake_orcirc(nchan, pchan); + tt_assert(orcirc); + circ = TO_CIRCUIT(orcirc); + + /* While assigning a new circuit IDs, the circuitmux_attach_circuit() is + * called for a new channel on the circuit. This means, we should now have + * the created circuit attached on both the pchan and nchan cmux. */ + tt_uint_op(circuitmux_num_circuits(pchan->cmux), OP_EQ, 1); + tt_uint_op(circuitmux_num_circuits(nchan->cmux), OP_EQ, 1); + tt_int_op(circuitmux_is_circuit_attached(pchan->cmux, circ), OP_EQ, 1); + tt_int_op(circuitmux_is_circuit_attached(nchan->cmux, circ), OP_EQ, 1); + + /* Now, detach the circuit from pchan and then nchan. */ + circuitmux_detach_circuit(pchan->cmux, circ); + tt_uint_op(circuitmux_num_circuits(pchan->cmux), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_attached(pchan->cmux, circ), OP_EQ, 0); + circuitmux_detach_circuit(nchan->cmux, circ); + tt_uint_op(circuitmux_num_circuits(nchan->cmux), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_attached(nchan->cmux, circ), OP_EQ, 0); + + done: + free_fake_orcirc(orcirc); + free_fake_channel(pchan); + free_fake_channel(nchan); +} + +static void +test_cmux_detach_all_circuits(void *arg) +{ + circuit_t *circ = NULL; + or_circuit_t *orcirc = NULL; + channel_t *pchan = NULL, *nchan = NULL; + smartlist_t *detached_out = smartlist_new(); + + (void) arg; + + /* Channels need to be registered in order for the detach all circuit + * function to find them. */ + pchan = new_fake_channel(); + tt_assert(pchan); + channel_register(pchan); + nchan = new_fake_channel(); + tt_assert(nchan); + channel_register(nchan); + + orcirc = new_fake_orcirc(nchan, pchan); + tt_assert(orcirc); + circ = TO_CIRCUIT(orcirc); + + /* Just make sure it is attached. */ + tt_uint_op(circuitmux_num_circuits(pchan->cmux), OP_EQ, 1); + tt_uint_op(circuitmux_num_circuits(nchan->cmux), OP_EQ, 1); + tt_int_op(circuitmux_is_circuit_attached(pchan->cmux, circ), OP_EQ, 1); + tt_int_op(circuitmux_is_circuit_attached(nchan->cmux, circ), OP_EQ, 1); + + /* Queue some cells so we can test if the circuit becomes inactive on the + * cmux after the mass detach. */ + circuitmux_set_num_cells(pchan->cmux, circ, 4); + circuitmux_set_num_cells(nchan->cmux, circ, 4); + + /* Detach all on pchan and then nchan. */ + circuitmux_detach_all_circuits(pchan->cmux, detached_out); + tt_uint_op(circuitmux_num_circuits(pchan->cmux), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_attached(pchan->cmux, circ), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 0); + tt_int_op(smartlist_len(detached_out), OP_EQ, 1); + circuitmux_detach_all_circuits(nchan->cmux, NULL); + tt_uint_op(circuitmux_num_circuits(nchan->cmux), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_attached(nchan->cmux, circ), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_active(nchan->cmux, circ), OP_EQ, 0); + + done: + smartlist_free(detached_out); + free_fake_orcirc(orcirc); + free_fake_channel(pchan); + free_fake_channel(nchan); +} + +static void +test_cmux_policy(void *arg) +{ + circuit_t *circ = NULL; + or_circuit_t *orcirc = NULL; + channel_t *pchan = NULL, *nchan = NULL; + + (void) arg; + + pchan = new_fake_channel(); + tt_assert(pchan); + channel_register(pchan); + nchan = new_fake_channel(); + tt_assert(nchan); + channel_register(nchan); + + orcirc = new_fake_orcirc(nchan, pchan); + tt_assert(orcirc); + circ = TO_CIRCUIT(orcirc); + + /* Confirm we have the EWMA policy by default for new channels. */ + tt_ptr_op(circuitmux_get_policy(pchan->cmux), OP_EQ, &ewma_policy); + tt_ptr_op(circuitmux_get_policy(nchan->cmux), OP_EQ, &ewma_policy); + + /* Putting cell on the cmux means will make the notify policy code path to + * trigger. */ + circuitmux_set_num_cells(pchan->cmux, circ, 4); + + /* Clear it out. */ + circuitmux_clear_policy(pchan->cmux); + + /* Set back the EWMA policy. */ + circuitmux_set_policy(pchan->cmux, &ewma_policy); + + done: + free_fake_orcirc(orcirc); + free_fake_channel(pchan); + free_fake_channel(nchan); +} + +static void +test_cmux_xmit_cell(void *arg) +{ + circuit_t *circ = NULL; + or_circuit_t *orcirc = NULL; + channel_t *pchan = NULL, *nchan = NULL; + + (void) arg; + + pchan = new_fake_channel(); + tt_assert(pchan); + nchan = new_fake_channel(); + tt_assert(nchan); + + orcirc = new_fake_orcirc(nchan, pchan); + tt_assert(orcirc); + circ = TO_CIRCUIT(orcirc); + + /* Queue 4 cells on the circuit. */ + circuitmux_set_num_cells(pchan->cmux, circ, 4); + tt_uint_op(circuitmux_num_cells_for_circuit(pchan->cmux, circ), OP_EQ, 4); + tt_uint_op(circuitmux_num_cells(pchan->cmux), OP_EQ, 4); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 1); + tt_uint_op(circuitmux_num_active_circuits(pchan->cmux), OP_EQ, 1); + + /* Emit the first cell. Circuit should still be active. */ + circuitmux_notify_xmit_cells(pchan->cmux, circ, 1); + tt_uint_op(circuitmux_num_cells(pchan->cmux), OP_EQ, 3); + tt_uint_op(circuitmux_num_cells_for_circuit(pchan->cmux, circ), OP_EQ, 3); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 1); + tt_uint_op(circuitmux_num_active_circuits(pchan->cmux), OP_EQ, 1); + + /* Emit the last 3 cells. Circuit should become inactive. */ + circuitmux_notify_xmit_cells(pchan->cmux, circ, 3); + tt_uint_op(circuitmux_num_cells(pchan->cmux), OP_EQ, 0); + tt_uint_op(circuitmux_num_cells_for_circuit(pchan->cmux, circ), OP_EQ, 0); + tt_int_op(circuitmux_is_circuit_active(pchan->cmux, circ), OP_EQ, 0); + tt_uint_op(circuitmux_num_active_circuits(pchan->cmux), OP_EQ, 0); + + /* Queue a DESTROY cell. */ + pchan->has_queued_writes = mock_has_queued_writes_true; + circuitmux_append_destroy_cell(pchan, pchan->cmux, orcirc->p_circ_id, 0); + tt_i64_op(pchan->cmux->destroy_ctr, OP_EQ, 1); + tt_int_op(pchan->cmux->destroy_cell_queue.n, OP_EQ, 1); + tt_i64_op(circuitmux_count_queued_destroy_cells(pchan, pchan->cmux), + OP_EQ, 1); + + /* Emit the DESTROY cell. */ + circuitmux_notify_xmit_destroy(pchan->cmux); + tt_i64_op(pchan->cmux->destroy_ctr, OP_EQ, 0); + + done: + free_fake_orcirc(orcirc); + free_fake_channel(pchan); + free_fake_channel(nchan); +} + +static void * +cmux_setup_test(const struct testcase_t *tc) +{ + static int whatever; + + (void) tc; + + cell_ewma_initialize_ticks(); + return &whatever; +} + +static int +cmux_cleanup_test(const struct testcase_t *tc, void *ptr) +{ + (void) tc; + (void) ptr; + + circuitmux_ewma_free_all(); + + return 1; +} + +static struct testcase_setup_t cmux_test_setup = { + .setup_fn = cmux_setup_test, + .cleanup_fn = cmux_cleanup_test, +}; + +#define TEST_CMUX(name) \ + { #name, test_cmux_##name, TT_FORK, &cmux_test_setup, NULL } + struct testcase_t circuitmux_tests[] = { - { "destroy_cell_queue", test_cmux_destroy_cell_queue, TT_FORK, NULL, NULL }, - { "compute_ticks", test_cmux_compute_ticks, TT_FORK, NULL, NULL }, + /* Test circuitmux_t object */ + TEST_CMUX(allocate), + TEST_CMUX(attach_circuit), + TEST_CMUX(detach_circuit), + TEST_CMUX(detach_all_circuits), + TEST_CMUX(policy), + TEST_CMUX(xmit_cell), + + /* Misc. */ + TEST_CMUX(compute_ticks), + TEST_CMUX(destroy_cell_queue), + END_OF_TESTCASES }; - diff --git a/src/test/test_circuitmux_ewma.c b/src/test/test_circuitmux_ewma.c new file mode 100644 index 0000000000..27601e0c7d --- /dev/null +++ b/src/test/test_circuitmux_ewma.c @@ -0,0 +1,228 @@ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define CIRCUITMUX_PRIVATE +#define CIRCUITMUX_EWMA_PRIVATE + +#include "core/or/or.h" +#include "core/or/circuitmux.h" +#include "core/or/circuitmux_ewma.h" + +#include "test/fakechans.h" +#include "test/fakecircs.h" +#include "test/test.h" + +static void +test_cmux_ewma_active_circuit(void *arg) +{ + circuitmux_t cmux; /* garbage */ + circuitmux_policy_data_t *pol_data = NULL; + circuit_t circ; /* garbage */ + circuitmux_policy_circ_data_t *circ_data = NULL; + + (void) arg; + + pol_data = ewma_policy.alloc_cmux_data(&cmux); + tt_assert(pol_data); + circ_data = ewma_policy.alloc_circ_data(&cmux, pol_data, &circ, + CELL_DIRECTION_OUT, 42); + tt_assert(circ_data); + + /* Get EWMA specific objects. */ + + /* Make circuit active. */ + ewma_policy.notify_circ_active(&cmux, pol_data, &circ, circ_data); + + circuit_t *entry = ewma_policy.pick_active_circuit(&cmux, pol_data); + tt_mem_op(entry, OP_EQ, &circ, sizeof(circ)); + + done: + ewma_policy.free_circ_data(&cmux, pol_data, &circ, circ_data); + ewma_policy.free_cmux_data(&cmux, pol_data); +} + +static void +test_cmux_ewma_xmit_cell(void *arg) +{ + circuitmux_t cmux; /* garbage */ + circuitmux_policy_data_t *pol_data = NULL; + circuit_t circ; /* garbage */ + circuitmux_policy_circ_data_t *circ_data = NULL; + ewma_policy_data_t *ewma_pol_data; + ewma_policy_circ_data_t *ewma_data; + double old_cell_count; + + (void) arg; + + pol_data = ewma_policy.alloc_cmux_data(&cmux); + tt_assert(pol_data); + circ_data = ewma_policy.alloc_circ_data(&cmux, pol_data, &circ, + CELL_DIRECTION_OUT, 42); + tt_assert(circ_data); + ewma_pol_data = TO_EWMA_POL_DATA(pol_data); + ewma_data = TO_EWMA_POL_CIRC_DATA(circ_data); + + /* Make circuit active. */ + ewma_policy.notify_circ_active(&cmux, pol_data, &circ, circ_data); + + /* Move back in time the last time we calibrated so we scale the active + * circuit when emitting a cell. */ + ewma_pol_data->active_circuit_pqueue_last_recalibrated -= 100; + ewma_data->cell_ewma.last_adjusted_tick = + ewma_pol_data->active_circuit_pqueue_last_recalibrated; + + /* Grab old cell count. */ + old_cell_count = ewma_data->cell_ewma.cell_count; + + ewma_policy.notify_xmit_cells(&cmux, pol_data, &circ, circ_data, 1); + + /* Our old cell count should be lower to what we have since we just emitted + * a cell and thus we scale. */ + tt_double_op(old_cell_count, OP_LT, ewma_data->cell_ewma.cell_count); + + done: + ewma_policy.free_circ_data(&cmux, pol_data, &circ, circ_data); + ewma_policy.free_cmux_data(&cmux, pol_data); +} + +static void +test_cmux_ewma_notify_circ(void *arg) +{ + circuitmux_t cmux; /* garbage */ + circuitmux_policy_data_t *pol_data = NULL; + circuit_t circ; /* garbage */ + circuitmux_policy_circ_data_t *circ_data = NULL; + const ewma_policy_data_t *ewma_pol_data; + + (void) arg; + + pol_data = ewma_policy.alloc_cmux_data(&cmux); + tt_assert(pol_data); + circ_data = ewma_policy.alloc_circ_data(&cmux, pol_data, &circ, + CELL_DIRECTION_OUT, 42); + tt_assert(circ_data); + + /* Currently, notify_circ_active() ignores cmux and circ. They can not be + * NULL so it is fine to pass garbage. */ + ewma_policy.notify_circ_active(&cmux, pol_data, &circ, circ_data); + + /* We should have an active circuit in the queue so its EWMA value can be + * tracked. */ + ewma_pol_data = TO_EWMA_POL_DATA(pol_data); + tt_int_op(smartlist_len(ewma_pol_data->active_circuit_pqueue), OP_EQ, 1); + tt_uint_op(ewma_pol_data->active_circuit_pqueue_last_recalibrated, OP_NE, 0); + + ewma_policy.notify_circ_inactive(&cmux, pol_data, &circ, circ_data); + /* Should be removed from the active queue. */ + ewma_pol_data = TO_EWMA_POL_DATA(pol_data); + tt_int_op(smartlist_len(ewma_pol_data->active_circuit_pqueue), OP_EQ, 0); + tt_uint_op(ewma_pol_data->active_circuit_pqueue_last_recalibrated, OP_NE, 0); + + done: + ewma_policy.free_circ_data(&cmux, pol_data, &circ, circ_data); + ewma_policy.free_cmux_data(&cmux, pol_data); +} + +static void +test_cmux_ewma_policy_circ_data(void *arg) +{ + circuitmux_t cmux; /* garbage */ + circuitmux_policy_data_t pol_data; /* garbage */ + circuit_t circ; /* garbage */ + circuitmux_policy_circ_data_t *circ_data = NULL; + const ewma_policy_circ_data_t *ewma_data; + + (void) arg; + + /* Currently, alloc_circ_data() ignores every parameter _except_ the cell + * direction so it is OK to pass garbage. They can not be NULL. */ + circ_data = ewma_policy.alloc_circ_data(&cmux, &pol_data, &circ, + CELL_DIRECTION_OUT, 42); + tt_assert(circ_data); + tt_uint_op(circ_data->magic, OP_EQ, EWMA_POL_CIRC_DATA_MAGIC); + + ewma_data = TO_EWMA_POL_CIRC_DATA(circ_data); + tt_mem_op(ewma_data->circ, OP_EQ, &circ, sizeof(circuit_t)); + tt_double_op(ewma_data->cell_ewma.cell_count, OP_LE, 0.0); + tt_int_op(ewma_data->cell_ewma.heap_index, OP_EQ, -1); + tt_uint_op(ewma_data->cell_ewma.is_for_p_chan, OP_EQ, 0); + ewma_policy.free_circ_data(&cmux, &pol_data, &circ, circ_data); + + circ_data = ewma_policy.alloc_circ_data(&cmux, &pol_data, &circ, + CELL_DIRECTION_IN, 42); + tt_assert(circ_data); + tt_uint_op(circ_data->magic, OP_EQ, EWMA_POL_CIRC_DATA_MAGIC); + + ewma_data = TO_EWMA_POL_CIRC_DATA(circ_data); + tt_mem_op(ewma_data->circ, OP_EQ, &circ, sizeof(circuit_t)); + tt_double_op(ewma_data->cell_ewma.cell_count, OP_LE, 0.0); + tt_int_op(ewma_data->cell_ewma.heap_index, OP_EQ, -1); + tt_uint_op(ewma_data->cell_ewma.is_for_p_chan, OP_EQ, 1); + + done: + ewma_policy.free_circ_data(&cmux, &pol_data, &circ, circ_data); +} + +static void +test_cmux_ewma_policy_data(void *arg) +{ + circuitmux_t cmux; /* garbage. */ + circuitmux_policy_data_t *pol_data = NULL; + const ewma_policy_data_t *ewma_pol_data; + + (void) arg; + + pol_data = ewma_policy.alloc_cmux_data(&cmux); + tt_assert(pol_data); + tt_uint_op(pol_data->magic, OP_EQ, EWMA_POL_DATA_MAGIC); + + /* Test EWMA object. */ + ewma_pol_data = TO_EWMA_POL_DATA(pol_data); + tt_assert(ewma_pol_data->active_circuit_pqueue); + tt_uint_op(ewma_pol_data->active_circuit_pqueue_last_recalibrated, OP_NE, 0); + + done: + ewma_policy.free_cmux_data(&cmux, pol_data); +} + +static void * +cmux_ewma_setup_test(const struct testcase_t *tc) +{ + static int whatever; + + (void) tc; + + cell_ewma_initialize_ticks(); + cmux_ewma_set_options(NULL, NULL); + + return &whatever; +} + +static int +cmux_ewma_cleanup_test(const struct testcase_t *tc, void *ptr) +{ + (void) tc; + (void) ptr; + + circuitmux_ewma_free_all(); + + return 1; +} + +static struct testcase_setup_t cmux_ewma_test_setup = { + .setup_fn = cmux_ewma_setup_test, + .cleanup_fn = cmux_ewma_cleanup_test, +}; + +#define TEST_CMUX_EWMA(name) \ + { #name, test_cmux_ewma_##name, TT_FORK, &cmux_ewma_test_setup, NULL } + +struct testcase_t circuitmux_ewma_tests[] = { + TEST_CMUX_EWMA(active_circuit), + TEST_CMUX_EWMA(policy_data), + TEST_CMUX_EWMA(policy_circ_data), + TEST_CMUX_EWMA(notify_circ), + TEST_CMUX_EWMA(xmit_cell), + + END_OF_TESTCASES +}; diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c new file mode 100644 index 0000000000..cfb24c032c --- /dev/null +++ b/src/test/test_circuitpadding.c @@ -0,0 +1,3147 @@ +#define CHANNEL_OBJECT_PRIVATE +#define TOR_TIMERS_PRIVATE +#define CIRCUITPADDING_PRIVATE +#define CIRCUITPADDING_MACHINES_PRIVATE +#define NETWORKSTATUS_PRIVATE +#define CRYPT_PATH_PRIVATE +#define RELAY_PRIVATE + +#include "core/or/or.h" +#include "test/test.h" +#include "test/log_test_helpers.h" +#include "lib/testsupport/testsupport.h" +#include "core/or/connection_or.h" +#include "core/or/channel.h" +#include "core/or/channeltls.h" +#include "core/or/crypt_path.h" +#include <event.h> +#include "lib/evloop/compat_libevent.h" +#include "lib/time/compat_time.h" +#include "lib/defs/time.h" +#include "core/or/relay.h" +#include "core/or/circuitlist.h" +#include "core/or/circuitbuild.h" +#include "core/or/circuitpadding.h" +#include "core/or/circuitpadding_machines.h" +#include "core/mainloop/netstatus.h" +#include "core/crypto/relay_crypto.h" +#include "core/or/protover.h" +#include "feature/nodelist/nodelist.h" +#include "app/config/config.h" + +#include "feature/nodelist/routerstatus_st.h" +#include "feature/nodelist/networkstatus_st.h" +#include "feature/nodelist/node_st.h" +#include "core/or/cell_st.h" +#include "core/or/crypt_path_st.h" +#include "core/or/or_circuit_st.h" +#include "core/or/origin_circuit_st.h" + +#include "test/fakecircs.h" +#include "test/rng_test_helpers.h" + +/* Start our monotime mocking at 1 second past whatever monotime_init() + * thought the actual wall clock time was, for platforms with bad resolution + * and weird timevalues during monotime_init() before mocking. */ +#define MONOTIME_MOCK_START (monotime_absolute_nsec()+\ + TOR_NSEC_PER_USEC*TOR_USEC_PER_SEC) + +extern smartlist_t *connection_array; +void circuit_expire_old_circuits_clientside(void); + +circid_t get_unique_circ_id_by_chan(channel_t *chan); +void helper_create_basic_machine(void); +static void helper_create_conditional_machines(void); + +channel_t *new_fake_channel(void); +void test_circuitpadding_negotiation(void *arg); +void test_circuitpadding_wronghop(void *arg); +void test_circuitpadding_conditions(void *arg); + +void test_circuitpadding_serialize(void *arg); +void test_circuitpadding_rtt(void *arg); +void test_circuitpadding_tokens(void *arg); +void test_circuitpadding_state_length(void *arg); + +static void +simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, + int padding); +void free_fake_origin_circuit(origin_circuit_t *circ); + +static int deliver_negotiated = 1; +static int64_t curr_mocked_time; + +static node_t padding_node; +static node_t non_padding_node; + +static channel_t dummy_channel; +static circpad_machine_spec_t circ_client_machine; + +static void +timers_advance_and_run(int64_t msec_update) +{ + curr_mocked_time += msec_update*TOR_NSEC_PER_MSEC; + monotime_coarse_set_mock_time_nsec(curr_mocked_time); + monotime_set_mock_time_nsec(curr_mocked_time); + timers_run_pending(); +} + +static void +nodes_init(void) +{ + padding_node.rs = tor_malloc_zero(sizeof(routerstatus_t)); + padding_node.rs->pv.supports_hs_setup_padding = 1; + + non_padding_node.rs = tor_malloc_zero(sizeof(routerstatus_t)); + non_padding_node.rs->pv.supports_hs_setup_padding = 0; +} + +static void +nodes_free(void) +{ + tor_free(padding_node.rs); + + tor_free(non_padding_node.rs); +} + +static const node_t * +node_get_by_id_mock(const char *identity_digest) +{ + if (identity_digest[0] == 1) { + return &padding_node; + } else if (identity_digest[0] == 0) { + return &non_padding_node; + } + + return NULL; +} + +static const node_t * +circuit_get_nth_node_mock(origin_circuit_t *circ, int hop) +{ + (void) circ; + (void) hop; + + return &padding_node; +} + +void +free_fake_origin_circuit(origin_circuit_t *circ) +{ + circpad_circuit_free_all_machineinfos(TO_CIRCUIT(circ)); + circuit_clear_cpath(circ); + tor_free(circ); +} + +void dummy_nop_timer(void); + +//static int dont_stop_libevent = 0; + +static circuit_t *client_side; +static circuit_t *relay_side; + +static int n_client_cells = 0; +static int n_relay_cells = 0; + +static int +circuit_package_relay_cell_mock(cell_t *cell, circuit_t *circ, + cell_direction_t cell_direction, + crypt_path_t *layer_hint, streamid_t on_stream, + const char *filename, int lineno); + +static void +circuitmux_attach_circuit_mock(circuitmux_t *cmux, circuit_t *circ, + cell_direction_t direction); + +static void +circuitmux_attach_circuit_mock(circuitmux_t *cmux, circuit_t *circ, + cell_direction_t direction) +{ + (void)cmux; + (void)circ; + (void)direction; + + return; +} + +static int +circuit_package_relay_cell_mock(cell_t *cell, circuit_t *circ, + cell_direction_t cell_direction, + crypt_path_t *layer_hint, streamid_t on_stream, + const char *filename, int lineno) +{ + (void)cell; (void)on_stream; (void)filename; (void)lineno; + + if (circ == client_side) { + if (cell->payload[0] == RELAY_COMMAND_PADDING_NEGOTIATE) { + // Deliver to relay + circpad_handle_padding_negotiate(relay_side, cell); + } else { + + int is_target_hop = circpad_padding_is_from_expected_hop(circ, + layer_hint); + tt_int_op(cell_direction, OP_EQ, CELL_DIRECTION_OUT); + tt_int_op(is_target_hop, OP_EQ, 1); + + // No need to pretend a padding cell was sent: This event is + // now emitted internally when the circuitpadding code sends them. + //circpad_cell_event_padding_sent(client_side); + + // Receive padding cell at middle + circpad_deliver_recognized_relay_cell_events(relay_side, + cell->payload[0], NULL); + } + n_client_cells++; + } else if (circ == relay_side) { + tt_int_op(cell_direction, OP_EQ, CELL_DIRECTION_IN); + + if (cell->payload[0] == RELAY_COMMAND_PADDING_NEGOTIATED) { + // XXX: blah need right layer_hint.. + if (deliver_negotiated) + circpad_handle_padding_negotiated(client_side, cell, + TO_ORIGIN_CIRCUIT(client_side) + ->cpath->next); + } else if (cell->payload[0] == RELAY_COMMAND_PADDING_NEGOTIATE) { + circpad_handle_padding_negotiate(client_side, cell); + } else { + // No need to pretend a padding cell was sent: This event is + // now emitted internally when the circuitpadding code sends them. + //circpad_cell_event_padding_sent(relay_side); + + // Receive padding cell at client + circpad_deliver_recognized_relay_cell_events(client_side, + cell->payload[0], + TO_ORIGIN_CIRCUIT(client_side)->cpath->next); + } + + n_relay_cells++; + } + + done: + timers_advance_and_run(1); + return 0; +} + +// Test reading and writing padding to strings (or options_t + consensus) +void +test_circuitpadding_serialize(void *arg) +{ + (void)arg; +} + +static signed_error_t +circpad_send_command_to_hop_mock(origin_circuit_t *circ, uint8_t hopnum, + uint8_t relay_command, const uint8_t *payload, + ssize_t payload_len) +{ + (void) circ; + (void) hopnum; + (void) relay_command; + (void) payload; + (void) payload_len; + return 0; +} + +void +test_circuitpadding_rtt(void *arg) +{ + /* Test Plan: + * + * 1. Test RTT measurement server side + * a. test usage of measured RTT + * 2. Test termination of RTT measurement + * a. test non-update of RTT + * 3. Test client side circuit and non-application of RTT.. + */ + circpad_delay_t rtt_estimate; + int64_t actual_mocked_monotime_start; + (void)arg; + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + MOCK(circpad_send_command_to_hop, circpad_send_command_to_hop_mock); + testing_enable_reproducible_rng(); + + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + timers_initialize(); + circpad_machines_init(); + helper_create_basic_machine(); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = circpad_circuit_machineinfo_new(client_side, + 0); + + relay_side->padding_machine[0] = &circ_client_machine; + relay_side->padding_info[0] = circpad_circuit_machineinfo_new(client_side,0); + + /* Test 1: Test measuring RTT */ + circpad_cell_event_nonpadding_received(relay_side); + tt_u64_op(relay_side->padding_info[0]->last_received_time_usec, OP_NE, 0); + + timers_advance_and_run(20); + + circpad_cell_event_nonpadding_sent(relay_side); + tt_u64_op(relay_side->padding_info[0]->last_received_time_usec, OP_EQ, 0); + + tt_int_op(relay_side->padding_info[0]->rtt_estimate_usec, OP_GE, 19000); + tt_int_op(relay_side->padding_info[0]->rtt_estimate_usec, OP_LE, 30000); + tt_int_op(circpad_histogram_bin_to_usec(relay_side->padding_info[0], 0), + OP_EQ, + relay_side->padding_info[0]->rtt_estimate_usec+ + circpad_machine_current_state( + relay_side->padding_info[0])->histogram_edges[0]); + + circpad_cell_event_nonpadding_received(relay_side); + circpad_cell_event_nonpadding_received(relay_side); + tt_u64_op(relay_side->padding_info[0]->last_received_time_usec, OP_NE, 0); + timers_advance_and_run(20); + circpad_cell_event_nonpadding_sent(relay_side); + circpad_cell_event_nonpadding_sent(relay_side); + tt_u64_op(relay_side->padding_info[0]->last_received_time_usec, OP_EQ, 0); + + tt_int_op(relay_side->padding_info[0]->rtt_estimate_usec, OP_GE, 20000); + tt_int_op(relay_side->padding_info[0]->rtt_estimate_usec, OP_LE, 21000); + tt_int_op(circpad_histogram_bin_to_usec(relay_side->padding_info[0], 0), + OP_EQ, + relay_side->padding_info[0]->rtt_estimate_usec+ + circpad_machine_current_state( + relay_side->padding_info[0])->histogram_edges[0]); + + /* Test 2: Termination of RTT measurement (from the previous test) */ + tt_int_op(relay_side->padding_info[0]->stop_rtt_update, OP_EQ, 1); + rtt_estimate = relay_side->padding_info[0]->rtt_estimate_usec; + + circpad_cell_event_nonpadding_received(relay_side); + timers_advance_and_run(4); + circpad_cell_event_nonpadding_sent(relay_side); + + tt_int_op(relay_side->padding_info[0]->rtt_estimate_usec, OP_EQ, + rtt_estimate); + tt_u64_op(relay_side->padding_info[0]->last_received_time_usec, OP_EQ, 0); + tt_int_op(relay_side->padding_info[0]->stop_rtt_update, OP_EQ, 1); + tt_int_op(circpad_histogram_bin_to_usec(relay_side->padding_info[0], 0), + OP_EQ, + relay_side->padding_info[0]->rtt_estimate_usec+ + circpad_machine_current_state( + relay_side->padding_info[0])->histogram_edges[0]); + + /* Test 3: Make sure client side machine properly ignores RTT */ + circpad_cell_event_nonpadding_received(client_side); + tt_u64_op(client_side->padding_info[0]->last_received_time_usec, OP_EQ, 0); + + timers_advance_and_run(20); + circpad_cell_event_nonpadding_sent(client_side); + tt_u64_op(client_side->padding_info[0]->last_received_time_usec, OP_EQ, 0); + + tt_int_op(client_side->padding_info[0]->rtt_estimate_usec, OP_EQ, 0); + tt_int_op(circpad_histogram_bin_to_usec(client_side->padding_info[0], 0), + OP_NE, client_side->padding_info[0]->rtt_estimate_usec); + tt_int_op(circpad_histogram_bin_to_usec(client_side->padding_info[0], 0), + OP_EQ, + circpad_machine_current_state( + client_side->padding_info[0])->histogram_edges[0]); + done: + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + timers_shutdown(); + monotime_disable_test_mocking(); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuitmux_attach_circuit); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); + + return; +} + +void +helper_create_basic_machine(void) +{ + /* Start, burst */ + circpad_machine_states_init(&circ_client_machine, 2); + + circ_client_machine.name = "basic"; + + circ_client_machine.states[CIRCPAD_STATE_START]. + next_state[CIRCPAD_EVENT_NONPADDING_RECV] = CIRCPAD_STATE_BURST; + circ_client_machine.states[CIRCPAD_STATE_START].use_rtt_estimate = 1; + + circ_client_machine.states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_PADDING_RECV] = CIRCPAD_STATE_BURST; + circ_client_machine.states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_NONPADDING_RECV] = CIRCPAD_STATE_BURST; + + circ_client_machine.states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_NONPADDING_SENT] = CIRCPAD_STATE_CANCEL; + + circ_client_machine.states[CIRCPAD_STATE_BURST].token_removal = + CIRCPAD_TOKEN_REMOVAL_HIGHER; + + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_len = 5; + + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[0] = 500; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[1] = 2500; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[2] = 5000; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[3] = 10000; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[4] = 20000; + + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram[0] = 1; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram[1] = 0; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram[2] = 2; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram[3] = 2; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram[4] = 2; + + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_total_tokens = 7; + circ_client_machine.states[CIRCPAD_STATE_BURST].use_rtt_estimate = 1; + + return; +} + +#define BIG_HISTOGRAM_LEN 10 + +/** Setup a machine with a big histogram */ +static void +helper_create_machine_with_big_histogram(circpad_removal_t removal_strategy) +{ + const int tokens_per_bin = 2; + + /* Start, burst */ + circpad_machine_states_init(&circ_client_machine, 2); + + circpad_state_t *burst_state = + &circ_client_machine.states[CIRCPAD_STATE_BURST]; + + circ_client_machine.states[CIRCPAD_STATE_START]. + next_state[CIRCPAD_EVENT_NONPADDING_RECV] = CIRCPAD_STATE_BURST; + + burst_state->next_state[CIRCPAD_EVENT_PADDING_RECV] = CIRCPAD_STATE_BURST; + burst_state->next_state[CIRCPAD_EVENT_NONPADDING_RECV] =CIRCPAD_STATE_BURST; + + burst_state->next_state[CIRCPAD_EVENT_NONPADDING_SENT] =CIRCPAD_STATE_CANCEL; + + burst_state->token_removal = CIRCPAD_TOKEN_REMOVAL_HIGHER; + + burst_state->histogram_len = BIG_HISTOGRAM_LEN; + + int n_tokens = 0; + int i; + for (i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + burst_state->histogram[i] = tokens_per_bin; + n_tokens += tokens_per_bin; + } + + burst_state->histogram_edges[0] = 0; + burst_state->histogram_edges[1] = 1; + burst_state->histogram_edges[2] = 7; + burst_state->histogram_edges[3] = 15; + burst_state->histogram_edges[4] = 31; + burst_state->histogram_edges[5] = 62; + burst_state->histogram_edges[6] = 125; + burst_state->histogram_edges[7] = 250; + burst_state->histogram_edges[8] = 500; + burst_state->histogram_edges[9] = 1000; + + burst_state->histogram_total_tokens = n_tokens; + burst_state->length_dist.type = CIRCPAD_DIST_UNIFORM; + burst_state->length_dist.param1 = n_tokens; + burst_state->length_dist.param2 = n_tokens; + burst_state->max_length = n_tokens; + burst_state->length_includes_nonpadding = 1; + burst_state->use_rtt_estimate = 0; + burst_state->token_removal = removal_strategy; +} + +static circpad_decision_t +circpad_machine_schedule_padding_mock(circpad_machine_runtime_t *mi) +{ + (void)mi; + return 0; +} + +static uint64_t +mock_monotime_absolute_usec(void) +{ + return 100; +} + +/** Test higher token removal strategy by bin */ +static void +test_circuitpadding_token_removal_higher(void *arg) +{ + circpad_machine_runtime_t *mi; + (void)arg; + + /* Mock it up */ + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Setup test environment (time etc.) */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + + /* Create test machine */ + helper_create_machine_with_big_histogram(CIRCPAD_TOKEN_REMOVAL_HIGHER); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + + /* move the machine to the right state */ + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + /* Get the machine and setup tokens */ + mi = client_side->padding_info[0]; + tt_assert(mi); + + /*************************************************************************/ + + uint64_t current_time = monotime_absolute_usec(); + + /* Test left boundaries of each histogram bin: */ + const circpad_delay_t bin_left_bounds[] = + {0, 1, 7, 15, 31, 62, 125, 250, 500, 1000, CIRCPAD_DELAY_INFINITE}; + for (int i = 0; i <= BIG_HISTOGRAM_LEN ; i++) { + tt_uint_op(bin_left_bounds[i], OP_EQ, + circpad_histogram_bin_to_usec(mi, i)); + } + + /* Test right boundaries of each histogram bin: */ + const circpad_delay_t bin_right_bounds[] = + {0, 6, 14, 30, 61, 124, 249, 499, 999, CIRCPAD_DELAY_INFINITE-1}; + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_uint_op(bin_right_bounds[i], OP_EQ, + histogram_get_bin_upper_bound(mi, i)); + } + + /* Check that all bins have two tokens right now */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* This is the right order to remove tokens from this histogram. That is, we + * first remove tokens from the 4th bin since 57 usec is nearest to the 4th + * bin midpoint (31 + (62-31)/2 == 46). Then we remove from the 3rd bin for + * the same reason, then from the 5th, etc. */ + const int bin_removal_order[] = {4, 5, 6, 7, 8}; + unsigned i; + + /* Remove all tokens from all bins apart from the infinity bin */ + for (i = 0; i < sizeof(bin_removal_order)/sizeof(int) ; i++) { + int bin_to_remove = bin_removal_order[i]; + log_debug(LD_GENERAL, "Testing that %d attempt removes %d bin", + i, bin_to_remove); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 2); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 1); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + /* Test that we cleaned out this bin. Don't do this in the case of the last + bin since the tokens will get refilled */ + if (i != BIG_HISTOGRAM_LEN - 2) { + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 0); + } + } + + /* Check that all lower bins are not touched */ + for (i=0; i < 4 ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* Test below the lowest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[0] = 100; + mi->padding_scheduled_at_usec = current_time; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[0], OP_EQ, 1); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +/** Test lower token removal strategy by bin */ +static void +test_circuitpadding_token_removal_lower(void *arg) +{ + circpad_machine_runtime_t *mi; + (void)arg; + + /* Mock it up */ + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Setup test environment (time etc.) */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + + /* Create test machine */ + helper_create_machine_with_big_histogram(CIRCPAD_TOKEN_REMOVAL_LOWER); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + + /* move the machine to the right state */ + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + /* Get the machine and setup tokens */ + mi = client_side->padding_info[0]; + tt_assert(mi); + + /*************************************************************************/ + + uint64_t current_time = monotime_absolute_usec(); + + /* Test left boundaries of each histogram bin: */ + const circpad_delay_t bin_left_bounds[] = + {0, 1, 7, 15, 31, 62, 125, 250, 500, 1000, CIRCPAD_DELAY_INFINITE}; + for (int i = 0; i <= BIG_HISTOGRAM_LEN ; i++) { + tt_uint_op(bin_left_bounds[i], OP_EQ, + circpad_histogram_bin_to_usec(mi, i)); + } + + /* Check that all bins have two tokens right now */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* This is the right order to remove tokens from this histogram. That is, we + * first remove tokens from the 4th bin since 57 usec is nearest to the 4th + * bin midpoint (31 + (62-31)/2 == 46). Then we remove from the 3rd bin for + * the same reason, then from the 5th, etc. */ + const int bin_removal_order[] = {4, 3, 2, 1, 0}; + unsigned i; + + /* Remove all tokens from all bins apart from the infinity bin */ + for (i = 0; i < sizeof(bin_removal_order)/sizeof(int) ; i++) { + int bin_to_remove = bin_removal_order[i]; + log_debug(LD_GENERAL, "Testing that %d attempt removes %d bin", + i, bin_to_remove); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 2); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 1); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + /* Test that we cleaned out this bin. Don't do this in the case of the last + bin since the tokens will get refilled */ + if (i != BIG_HISTOGRAM_LEN - 2) { + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 0); + } + } + + /* Check that all higher bins are untouched */ + for (i = 5; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* Test above the highest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + circ_client_machine.states[CIRCPAD_STATE_BURST]. + histogram_edges[BIG_HISTOGRAM_LEN-2] = 100; + mi->padding_scheduled_at_usec = current_time - 29202; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[BIG_HISTOGRAM_LEN-2], OP_EQ, 1); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +/** Test closest token removal strategy by bin */ +static void +test_circuitpadding_closest_token_removal(void *arg) +{ + circpad_machine_runtime_t *mi; + (void)arg; + + /* Mock it up */ + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Setup test environment (time etc.) */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + + /* Create test machine */ + helper_create_machine_with_big_histogram(CIRCPAD_TOKEN_REMOVAL_CLOSEST); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + + /* move the machine to the right state */ + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + /* Get the machine and setup tokens */ + mi = client_side->padding_info[0]; + tt_assert(mi); + + /*************************************************************************/ + + uint64_t current_time = monotime_absolute_usec(); + + /* Test left boundaries of each histogram bin: */ + const circpad_delay_t bin_left_bounds[] = + {0, 1, 7, 15, 31, 62, 125, 250, 500, 1000, CIRCPAD_DELAY_INFINITE}; + for (int i = 0; i <= BIG_HISTOGRAM_LEN ; i++) { + tt_uint_op(bin_left_bounds[i], OP_EQ, + circpad_histogram_bin_to_usec(mi, i)); + } + + /* Check that all bins have two tokens right now */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* This is the right order to remove tokens from this histogram. That is, we + * first remove tokens from the 4th bin since 57 usec is nearest to the 4th + * bin midpoint (31 + (62-31)/2 == 46). Then we remove from the 3rd bin for + * the same reason, then from the 5th, etc. */ + const int bin_removal_order[] = {4, 3, 5, 2, 6, 1, 7, 0, 8, 9}; + + /* Remove all tokens from all bins apart from the infinity bin */ + for (int i = 0; i < BIG_HISTOGRAM_LEN-1 ; i++) { + int bin_to_remove = bin_removal_order[i]; + log_debug(LD_GENERAL, "Testing that %d attempt removes %d bin", + i, bin_to_remove); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 2); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 1); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + /* Test that we cleaned out this bin. Don't do this in the case of the last + bin since the tokens will get refilled */ + if (i != BIG_HISTOGRAM_LEN - 2) { + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 0); + } + } + + /* Check that all bins have been refilled */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* Test below the lowest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[0] = 100; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[1] = 101; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[2] = 120; + mi->padding_scheduled_at_usec = current_time - 102; + mi->histogram[0] = 0; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[1], OP_EQ, 1); + + /* Test above the highest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + mi->padding_scheduled_at_usec = current_time - 29202; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[BIG_HISTOGRAM_LEN-2], OP_EQ, 1); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +/** Test closest token removal strategy with usec */ +static void +test_circuitpadding_closest_token_removal_usec(void *arg) +{ + circpad_machine_runtime_t *mi; + (void)arg; + + /* Mock it up */ + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Setup test environment (time etc.) */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + + /* Create test machine */ + helper_create_machine_with_big_histogram(CIRCPAD_TOKEN_REMOVAL_CLOSEST_USEC); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + + /* move the machine to the right state */ + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + /* Get the machine and setup tokens */ + mi = client_side->padding_info[0]; + tt_assert(mi); + + /*************************************************************************/ + + uint64_t current_time = monotime_absolute_usec(); + + /* Test left boundaries of each histogram bin: */ + const circpad_delay_t bin_left_bounds[] = + {0, 1, 7, 15, 31, 62, 125, 250, 500, 1000, CIRCPAD_DELAY_INFINITE}; + for (int i = 0; i <= BIG_HISTOGRAM_LEN ; i++) { + tt_uint_op(bin_left_bounds[i], OP_EQ, + circpad_histogram_bin_to_usec(mi, i)); + } + + /* XXX we want to test remove_token_exact and + circpad_machine_remove_closest_token() with usec */ + + /* Check that all bins have two tokens right now */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* This is the right order to remove tokens from this histogram. That is, we + * first remove tokens from the 4th bin since 57 usec is nearest to the 4th + * bin midpoint (31 + (62-31)/2 == 46). Then we remove from the 3rd bin for + * the same reason, then from the 5th, etc. */ + const int bin_removal_order[] = {4, 3, 5, 2, 1, 0, 6, 7, 8, 9}; + + /* Remove all tokens from all bins apart from the infinity bin */ + for (int i = 0; i < BIG_HISTOGRAM_LEN-1 ; i++) { + int bin_to_remove = bin_removal_order[i]; + log_debug(LD_GENERAL, "Testing that %d attempt removes %d bin", + i, bin_to_remove); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 2); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 1); + + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + + /* Test that we cleaned out this bin. Don't do this in the case of the last + bin since the tokens will get refilled */ + if (i != BIG_HISTOGRAM_LEN - 2) { + tt_int_op(mi->histogram[bin_to_remove], OP_EQ, 0); + } + } + + /* Check that all bins have been refilled */ + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + + /* Test below the lowest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[0] = 100; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[1] = 101; + circ_client_machine.states[CIRCPAD_STATE_BURST].histogram_edges[2] = 120; + mi->padding_scheduled_at_usec = current_time - 102; + mi->histogram[0] = 0; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[1], OP_EQ, 1); + + /* Test above the highest bin, for coverage */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + circ_client_machine.states[CIRCPAD_STATE_BURST]. + histogram_edges[BIG_HISTOGRAM_LEN-2] = 100; + mi->padding_scheduled_at_usec = current_time - 29202; + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[BIG_HISTOGRAM_LEN-2], OP_EQ, 1); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +/** Test closest token removal strategy with usec */ +static void +test_circuitpadding_token_removal_exact(void *arg) +{ + circpad_machine_runtime_t *mi; + (void)arg; + + /* Mock it up */ + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Setup test environment (time etc.) */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + + /* Create test machine */ + helper_create_machine_with_big_histogram(CIRCPAD_TOKEN_REMOVAL_EXACT); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + + /* move the machine to the right state */ + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + /* Get the machine and setup tokens */ + mi = client_side->padding_info[0]; + tt_assert(mi); + + /**********************************************************************/ + uint64_t current_time = monotime_absolute_usec(); + + /* Ensure that we will clear out bin #4 with this usec */ + mi->padding_scheduled_at_usec = current_time - 57; + tt_int_op(mi->histogram[4], OP_EQ, 2); + circpad_cell_event_nonpadding_sent(client_side); + mi->padding_scheduled_at_usec = current_time - 57; + tt_int_op(mi->histogram[4], OP_EQ, 1); + circpad_cell_event_nonpadding_sent(client_side); + tt_int_op(mi->histogram[4], OP_EQ, 0); + + /* Ensure that we will not remove any other tokens even tho we try to, since + * this is what the exact strategy dictates */ + mi->padding_scheduled_at_usec = current_time - 57; + circpad_cell_event_nonpadding_sent(client_side); + for (int i = 0; i < BIG_HISTOGRAM_LEN ; i++) { + if (i != 4) { + tt_int_op(mi->histogram[i], OP_EQ, 2); + } + } + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +#undef BIG_HISTOGRAM_LEN + +void +test_circuitpadding_tokens(void *arg) +{ + const circpad_state_t *state; + circpad_machine_runtime_t *mi; + int64_t actual_mocked_monotime_start; + (void)arg; + + testing_enable_reproducible_rng(); + + /** Test plan: + * + * 1. Test symmetry between bin_to_usec and usec_to_bin + * a. Test conversion + * b. Test edge transitions (lower, upper) + * 2. Test remove higher on an empty bin + * a. Normal bin + * b. Infinity bin + * c. Bin 0 + * d. No higher + * 3. Test remove lower + * a. Normal bin + * b. Bin 0 + * c. No lower + * 4. Test remove closest + * a. Closest lower + * b. Closest higher + * c. Closest 0 + * d. Closest Infinity + */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + /* This is needed so that we are not considered to be dormant */ + note_user_activity(20); + + timers_initialize(); + + helper_create_basic_machine(); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = circpad_circuit_machineinfo_new(client_side, + 0); + + mi = client_side->padding_info[0]; + + // Pretend a non-padding cell was sent + circpad_cell_event_nonpadding_received(client_side); + circpad_cell_event_nonpadding_sent(client_side); + /* We have to save the infinity bin because one inf delay + * could have been chosen when we transition to burst */ + circpad_hist_token_t inf_bin = mi->histogram[4]; + + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + state = circpad_machine_current_state(client_side->padding_info[0]); + + // Test 0: convert bin->usec->bin + // Bin 0+1 have different semantics + for (int bin = 0; bin < 2; bin++) { + circpad_delay_t usec = + circpad_histogram_bin_to_usec(client_side->padding_info[0], bin); + int bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec); + tt_int_op(bin, OP_EQ, bin2); + } + for (int bin = 2; bin < state->histogram_len-1; bin++) { + circpad_delay_t usec = + circpad_histogram_bin_to_usec(client_side->padding_info[0], bin); + int bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec); + tt_int_op(bin, OP_EQ, bin2); + /* Verify we round down */ + bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec+3); + tt_int_op(bin, OP_EQ, bin2); + + bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec-1); + tt_int_op(bin, OP_EQ, bin2+1); + } + + // Test 1: converting usec->bin->usec->bin + // Bin 0+1 have different semantics. + for (circpad_delay_t i = 0; i <= state->histogram_edges[0]; i++) { + int bin = circpad_histogram_usec_to_bin(client_side->padding_info[0], + i); + circpad_delay_t usec = + circpad_histogram_bin_to_usec(client_side->padding_info[0], bin); + int bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec); + tt_int_op(bin, OP_EQ, bin2); + tt_int_op(i, OP_LE, usec); + } + for (circpad_delay_t i = state->histogram_edges[0]+1; + i <= state->histogram_edges[0] + + state->histogram_edges[state->histogram_len-2]; i++) { + int bin = circpad_histogram_usec_to_bin(client_side->padding_info[0], + i); + circpad_delay_t usec = + circpad_histogram_bin_to_usec(client_side->padding_info[0], bin); + int bin2 = circpad_histogram_usec_to_bin(client_side->padding_info[0], + usec); + tt_int_op(bin, OP_EQ, bin2); + tt_int_op(i, OP_GE, usec); + } + + /* 2.a. Normal higher bin */ + { + tt_int_op(mi->histogram[2], OP_EQ, 2); + tt_int_op(mi->histogram[3], OP_EQ, 2); + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + tt_int_op(mi->histogram[3], OP_EQ, 2); + tt_int_op(mi->histogram[2], OP_EQ, 1); + + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + tt_int_op(mi->histogram[2], OP_EQ, 0); + + tt_int_op(mi->histogram[3], OP_EQ, 2); + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + tt_int_op(mi->histogram[3], OP_EQ, 0); + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + tt_int_op(mi->histogram[3], OP_EQ, 0); + } + + /* 2.b. Higher Infinity bin */ + { + tt_int_op(mi->histogram[4], OP_EQ, inf_bin); + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1); + tt_int_op(mi->histogram[4], OP_EQ, inf_bin); + + /* Test past the infinity bin */ + circpad_machine_remove_higher_token(mi, + circpad_histogram_bin_to_usec(mi, 5)+1000000); + + tt_int_op(mi->histogram[4], OP_EQ, inf_bin); + } + + /* 2.c. Bin 0 */ + { + tt_int_op(mi->histogram[0], OP_EQ, 0); + mi->histogram[0] = 1; + circpad_machine_remove_higher_token(mi, state->histogram_edges[0]/2); + tt_int_op(mi->histogram[0], OP_EQ, 0); + } + + /* Drain the infinity bin and cause a refill */ + while (inf_bin != 0) { + tt_int_op(mi->histogram[4], OP_EQ, inf_bin); + circpad_cell_event_nonpadding_received(client_side); + inf_bin--; + } + + circpad_cell_event_nonpadding_sent(client_side); + + // We should have refilled here. + tt_int_op(mi->histogram[4], OP_EQ, 2); + + /* 3.a. Bin 0 */ + { + tt_int_op(mi->histogram[0], OP_EQ, 1); + circpad_machine_remove_higher_token(mi, state->histogram_edges[0]/2); + tt_int_op(mi->histogram[0], OP_EQ, 0); + } + + /* 3.b. Test remove lower normal bin */ + { + tt_int_op(mi->histogram[3], OP_EQ, 2); + circpad_machine_remove_lower_token(mi, + circpad_histogram_bin_to_usec(mi, 3)+1); + circpad_machine_remove_lower_token(mi, + circpad_histogram_bin_to_usec(mi, 3)+1); + tt_int_op(mi->histogram[3], OP_EQ, 0); + tt_int_op(mi->histogram[2], OP_EQ, 2); + circpad_machine_remove_lower_token(mi, + circpad_histogram_bin_to_usec(mi, 3)+1); + circpad_machine_remove_lower_token(mi, + circpad_histogram_bin_to_usec(mi, 3)+1); + /* 3.c. No lower */ + circpad_machine_remove_lower_token(mi, + circpad_histogram_bin_to_usec(mi, 3)+1); + tt_int_op(mi->histogram[2], OP_EQ, 0); + } + + /* 4. Test remove closest + * a. Closest lower + * b. Closest higher + * c. Closest 0 + * d. Closest Infinity + */ + circpad_machine_setup_tokens(mi); + tt_int_op(mi->histogram[2], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + tt_int_op(mi->histogram[2], OP_EQ, 0); + tt_int_op(mi->histogram[3], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + tt_int_op(mi->histogram[3], OP_EQ, 0); + tt_int_op(mi->histogram[0], OP_EQ, 1); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + tt_int_op(mi->histogram[0], OP_EQ, 0); + tt_int_op(mi->histogram[4], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 2)+1, 0); + tt_int_op(mi->histogram[4], OP_EQ, 2); + + /* 5. Test remove closest usec + * a. Closest 0 + * b. Closest lower (below midpoint) + * c. Closest higher (above midpoint) + * d. Closest Infinity + */ + circpad_machine_setup_tokens(mi); + + tt_int_op(mi->histogram[0], OP_EQ, 1); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 0)/3, 1); + tt_int_op(mi->histogram[0], OP_EQ, 0); + tt_int_op(mi->histogram[2], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 0)/3, 1); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 0)/3, 1); + tt_int_op(mi->histogram[2], OP_EQ, 0); + tt_int_op(mi->histogram[3], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 4), 1); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 4), 1); + tt_int_op(mi->histogram[3], OP_EQ, 0); + tt_int_op(mi->histogram[4], OP_EQ, 2); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 4), 1); + circpad_machine_remove_closest_token(mi, + circpad_histogram_bin_to_usec(mi, 4), 1); + tt_int_op(mi->histogram[4], OP_EQ, 2); + + // XXX: Need more coverage of the actual usec branches + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + monotime_disable_test_mocking(); + tor_free(circ_client_machine.states); + testing_disable_reproducible_rng(); +} + +void +test_circuitpadding_wronghop(void *arg) +{ + /** + * Test plan: + * 1. Padding sent from hop 1 and 3 to client + * 2. Send negotiated from hop 1 and 3 to client + * 3. Garbled negotiated cell + * 4. Padding negotiate sent to client + * 5. Send negotiate stop command for unknown machine + * 6. Send negotiated to relay + * 7. Garbled padding negotiate cell + */ + (void)arg; + uint32_t read_bw = 0, overhead_bw = 0; + cell_t cell; + signed_error_t ret; + origin_circuit_t *orig_client; + int64_t actual_mocked_monotime_start; + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + + /* Mock this function so that our cell counting tests don't get confused by + * padding that gets sent by scheduled timers. */ + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + client_side = TO_CIRCUIT(origin_circuit_new()); + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, + &dummy_channel)); + orig_client = TO_ORIGIN_CIRCUIT(client_side); + + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + nodes_init(); + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + timers_initialize(); + circpad_machines_init(); + + MOCK(node_get_by_id, + node_get_by_id_mock); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + + /* Build three hops */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* verify padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_NE, NULL); + + /* verify echo was sent */ + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(n_client_cells, OP_EQ, 1); + + read_bw = orig_client->n_delivered_read_circ_bw; + overhead_bw = orig_client->n_overhead_read_circ_bw; + + /* 1. Test padding from first and third hop */ + circpad_deliver_recognized_relay_cell_events(client_side, + RELAY_COMMAND_DROP, + TO_ORIGIN_CIRCUIT(client_side)->cpath); + tt_int_op(read_bw, OP_EQ, + orig_client->n_delivered_read_circ_bw); + tt_int_op(overhead_bw, OP_EQ, + orig_client->n_overhead_read_circ_bw); + + circpad_deliver_recognized_relay_cell_events(client_side, + RELAY_COMMAND_DROP, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next->next); + tt_int_op(read_bw, OP_EQ, + orig_client->n_delivered_read_circ_bw); + tt_int_op(overhead_bw, OP_EQ, + orig_client->n_overhead_read_circ_bw); + + circpad_deliver_recognized_relay_cell_events(client_side, + RELAY_COMMAND_DROP, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next); + tt_int_op(read_bw, OP_EQ, + orig_client->n_delivered_read_circ_bw); + tt_int_op(overhead_bw, OP_LT, + orig_client->n_overhead_read_circ_bw); + + /* 2. Test padding negotiated not handled from hops 1,3 */ + ret = circpad_handle_padding_negotiated(client_side, &cell, + TO_ORIGIN_CIRCUIT(client_side)->cpath); + tt_int_op(ret, OP_EQ, -1); + + ret = circpad_handle_padding_negotiated(client_side, &cell, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next->next); + tt_int_op(ret, OP_EQ, -1); + + /* 3. Garbled negotiated cell */ + memset(&cell, 255, sizeof(cell)); + ret = circpad_handle_padding_negotiated(client_side, &cell, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next); + tt_int_op(ret, OP_EQ, -1); + + /* 4. Test that negotiate is dropped at origin */ + read_bw = orig_client->n_delivered_read_circ_bw; + overhead_bw = orig_client->n_overhead_read_circ_bw; + relay_send_command_from_edge(0, relay_side, + RELAY_COMMAND_PADDING_NEGOTIATE, + (void*)cell.payload, + (size_t)3, NULL); + tt_int_op(read_bw, OP_EQ, + orig_client->n_delivered_read_circ_bw); + tt_int_op(overhead_bw, OP_EQ, + orig_client->n_overhead_read_circ_bw); + + tt_int_op(n_relay_cells, OP_EQ, 2); + tt_int_op(n_client_cells, OP_EQ, 1); + + /* 5. Test that asking to stop the wrong machine does nothing */ + circpad_negotiate_padding(TO_ORIGIN_CIRCUIT(client_side), + 255, 2, CIRCPAD_COMMAND_STOP); + tt_ptr_op(client_side->padding_machine[0], OP_NE, NULL); + tt_ptr_op(client_side->padding_info[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_NE, NULL); + tt_int_op(n_relay_cells, OP_EQ, 3); + tt_int_op(n_client_cells, OP_EQ, 2); + + /* 6. Sending negotiated command to relay does nothing */ + ret = circpad_handle_padding_negotiated(relay_side, &cell, NULL); + tt_int_op(ret, OP_EQ, -1); + + /* 7. Test garbled negotated cell (bad command 255) */ + memset(&cell, 0, sizeof(cell)); + ret = circpad_handle_padding_negotiate(relay_side, &cell); + tt_int_op(ret, OP_EQ, -1); + tt_int_op(n_client_cells, OP_EQ, 2); + + /* Test 2: Test no padding */ + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, + &dummy_channel)); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 0); + + /* verify no padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + tt_int_op(n_relay_cells, OP_EQ, 3); + tt_int_op(n_client_cells, OP_EQ, 2); + + /* verify no echo was sent */ + tt_int_op(n_relay_cells, OP_EQ, 3); + tt_int_op(n_client_cells, OP_EQ, 2); + + /* Finish circuit */ + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Spoof padding negotiated on circuit with no padding */ + circpad_padding_negotiated(relay_side, + CIRCPAD_MACHINE_CIRC_SETUP, + CIRCPAD_COMMAND_START, + CIRCPAD_RESPONSE_OK); + + /* verify no padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + circpad_padding_negotiated(relay_side, + CIRCPAD_MACHINE_CIRC_SETUP, + CIRCPAD_COMMAND_START, + CIRCPAD_RESPONSE_ERR); + + /* verify no padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + monotime_disable_test_mocking(); + UNMOCK(node_get_by_id); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuitmux_attach_circuit); + nodes_free(); + testing_disable_reproducible_rng(); +} + +void +test_circuitpadding_negotiation(void *arg) +{ + /** + * Test plan: + * 1. Test circuit where padding is supported by middle + * a. Make sure padding negotiation is sent + * b. Test padding negotiation delivery and parsing + * 2. Test circuit where padding is unsupported by middle + * a. Make sure padding negotiation is not sent + * 3. Test failure to negotiate a machine due to desync. + */ + int64_t actual_mocked_monotime_start; + (void)arg; + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + + client_side = TO_CIRCUIT(origin_circuit_new()); + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + nodes_init(); + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + timers_initialize(); + circpad_machines_init(); + + MOCK(node_get_by_id, + node_get_by_id_mock); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + + /* Build two hops */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* verify padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_NE, NULL); + + /* verify echo was sent */ + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(n_client_cells, OP_EQ, 1); + + /* Finish circuit */ + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Test 2: Test no padding */ + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 0); + + /* verify no padding was negotiated */ + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(n_client_cells, OP_EQ, 1); + + /* verify no echo was sent */ + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(n_client_cells, OP_EQ, 1); + + /* Finish circuit */ + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Force negotiate padding. */ + circpad_negotiate_padding(TO_ORIGIN_CIRCUIT(client_side), + CIRCPAD_MACHINE_CIRC_SETUP, + 2, CIRCPAD_COMMAND_START); + + /* verify no padding was negotiated */ + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + /* verify no echo was sent */ + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(n_client_cells, OP_EQ, 1); + + /* 3. Test failure to negotiate a machine due to desync */ + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + SMARTLIST_FOREACH(relay_padding_machines, + circpad_machine_spec_t *, + m, tor_free(m->states); tor_free(m)); + smartlist_free(relay_padding_machines); + relay_padding_machines = smartlist_new(); + + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* verify echo was sent */ + tt_int_op(n_client_cells, OP_EQ, 2); + tt_int_op(n_relay_cells, OP_EQ, 2); + + /* verify no padding was negotiated */ + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + monotime_disable_test_mocking(); + UNMOCK(node_get_by_id); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuitmux_attach_circuit); + nodes_free(); +} + +static void +simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, + int padding) +{ + char whatevs_key[CPATH_KEY_MATERIAL_LEN]; + char digest[DIGEST_LEN]; + tor_addr_t addr; + + // Pretend a non-padding cell was sent + circpad_cell_event_nonpadding_sent(client); + + // Receive extend cell at middle + circpad_cell_event_nonpadding_received(mid_relay); + + // Advance time a tiny bit so we can calculate an RTT + curr_mocked_time += 10 * TOR_NSEC_PER_MSEC; + monotime_coarse_set_mock_time_nsec(curr_mocked_time); + monotime_set_mock_time_nsec(curr_mocked_time); + + // Receive extended cell at middle + circpad_cell_event_nonpadding_sent(mid_relay); + + // Receive extended cell at first hop + circpad_cell_event_nonpadding_received(client); + + // Add a hop to cpath + crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); + cpath_extend_linked_list(&TO_ORIGIN_CIRCUIT(client)->cpath, hop); + + hop->magic = CRYPT_PATH_MAGIC; + hop->state = CPATH_STATE_OPEN; + + // add an extend info to indicate if this node supports padding or not. + // (set the first byte of the digest for our mocked node_get_by_id) + digest[0] = padding; + + hop->extend_info = extend_info_new( + padding ? "padding" : "non-padding", + digest, NULL, NULL, NULL, + &addr, padding); + + cpath_init_circuit_crypto(hop, whatevs_key, sizeof(whatevs_key), 0, 0); + + hop->package_window = circuit_initial_package_window(); + hop->deliver_window = CIRCWINDOW_START; + + // Signal that the hop was added + circpad_machine_event_circ_added_hop(TO_ORIGIN_CIRCUIT(client)); +} + +static circpad_machine_spec_t * +helper_create_length_machine(void) +{ + circpad_machine_spec_t *ret = + tor_malloc_zero(sizeof(circpad_machine_spec_t)); + + /* Start, burst */ + circpad_machine_states_init(ret, 2); + + ret->states[CIRCPAD_STATE_START]. + next_state[CIRCPAD_EVENT_PADDING_SENT] = CIRCPAD_STATE_BURST; + + ret->states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_PADDING_SENT] = CIRCPAD_STATE_BURST; + + ret->states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_LENGTH_COUNT] = CIRCPAD_STATE_END; + + ret->states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_BINS_EMPTY] = CIRCPAD_STATE_END; + + /* No token removal.. end via state_length only */ + ret->states[CIRCPAD_STATE_BURST].token_removal = + CIRCPAD_TOKEN_REMOVAL_NONE; + + /* Let's have this one end after 12 packets */ + ret->states[CIRCPAD_STATE_BURST].length_dist.type = CIRCPAD_DIST_UNIFORM; + ret->states[CIRCPAD_STATE_BURST].length_dist.param1 = 12; + ret->states[CIRCPAD_STATE_BURST].length_dist.param2 = 13; + ret->states[CIRCPAD_STATE_BURST].max_length = 12; + + ret->states[CIRCPAD_STATE_BURST].histogram_len = 4; + + ret->states[CIRCPAD_STATE_BURST].histogram_edges[0] = 0; + ret->states[CIRCPAD_STATE_BURST].histogram_edges[1] = 1; + ret->states[CIRCPAD_STATE_BURST].histogram_edges[2] = 1000000; + ret->states[CIRCPAD_STATE_BURST].histogram_edges[3] = 10000000; + + ret->states[CIRCPAD_STATE_BURST].histogram[0] = 0; + ret->states[CIRCPAD_STATE_BURST].histogram[1] = 0; + ret->states[CIRCPAD_STATE_BURST].histogram[2] = 6; + + ret->states[CIRCPAD_STATE_BURST].histogram_total_tokens = 6; + ret->states[CIRCPAD_STATE_BURST].use_rtt_estimate = 0; + ret->states[CIRCPAD_STATE_BURST].length_includes_nonpadding = 0; + + return ret; +} + +static circpad_machine_spec_t * +helper_create_conditional_machine(void) +{ + circpad_machine_spec_t *ret = + tor_malloc_zero(sizeof(circpad_machine_spec_t)); + + /* Start, burst */ + circpad_machine_states_init(ret, 2); + + ret->states[CIRCPAD_STATE_START]. + next_state[CIRCPAD_EVENT_PADDING_SENT] = CIRCPAD_STATE_BURST; + + ret->states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_PADDING_SENT] = CIRCPAD_STATE_BURST; + + ret->states[CIRCPAD_STATE_BURST]. + next_state[CIRCPAD_EVENT_LENGTH_COUNT] = CIRCPAD_STATE_END; + + /* Use EXACT removal strategy, otherwise setup_tokens() does not work */ + ret->states[CIRCPAD_STATE_BURST].token_removal = + CIRCPAD_TOKEN_REMOVAL_EXACT; + + ret->states[CIRCPAD_STATE_BURST].histogram_len = 3; + + ret->states[CIRCPAD_STATE_BURST].histogram_edges[0] = 0; + ret->states[CIRCPAD_STATE_BURST].histogram_edges[1] = 1; + ret->states[CIRCPAD_STATE_BURST].histogram_edges[2] = 1000000; + + ret->states[CIRCPAD_STATE_BURST].histogram[0] = 6; + ret->states[CIRCPAD_STATE_BURST].histogram[1] = 0; + ret->states[CIRCPAD_STATE_BURST].histogram[2] = 0; + + ret->states[CIRCPAD_STATE_BURST].histogram_total_tokens = 6; + ret->states[CIRCPAD_STATE_BURST].use_rtt_estimate = 0; + ret->states[CIRCPAD_STATE_BURST].length_includes_nonpadding = 1; + + return ret; +} + +static void +helper_create_conditional_machines(void) +{ + circpad_machine_spec_t *add = helper_create_conditional_machine(); + + if (!origin_padding_machines) + origin_padding_machines = smartlist_new(); + if (!relay_padding_machines) + relay_padding_machines = smartlist_new(); + + add->machine_num = 2; + add->is_origin_side = 1; + add->should_negotiate_end = 1; + add->target_hopnum = 2; + + /* Let's have this one end after 4 packets */ + add->states[CIRCPAD_STATE_BURST].length_dist.type = CIRCPAD_DIST_UNIFORM; + add->states[CIRCPAD_STATE_BURST].length_dist.param1 = 4; + add->states[CIRCPAD_STATE_BURST].length_dist.param2 = 4; + add->states[CIRCPAD_STATE_BURST].max_length = 4; + + add->conditions.requires_vanguards = 0; + add->conditions.min_hops = 2; + add->conditions.state_mask = CIRCPAD_CIRC_BUILDING| + CIRCPAD_CIRC_NO_STREAMS|CIRCPAD_CIRC_HAS_RELAY_EARLY; + add->conditions.purpose_mask = CIRCPAD_PURPOSE_ALL; + circpad_register_padding_machine(add, origin_padding_machines); + + add = helper_create_conditional_machine(); + add->machine_num = 3; + add->is_origin_side = 1; + add->should_negotiate_end = 1; + add->target_hopnum = 2; + + /* Let's have this one end after 4 packets */ + add->states[CIRCPAD_STATE_BURST].length_dist.type = CIRCPAD_DIST_UNIFORM; + add->states[CIRCPAD_STATE_BURST].length_dist.param1 = 4; + add->states[CIRCPAD_STATE_BURST].length_dist.param2 = 4; + add->states[CIRCPAD_STATE_BURST].max_length = 4; + + add->conditions.requires_vanguards = 1; + add->conditions.min_hops = 3; + add->conditions.state_mask = CIRCPAD_CIRC_OPENED| + CIRCPAD_CIRC_STREAMS|CIRCPAD_CIRC_HAS_NO_RELAY_EARLY; + add->conditions.purpose_mask = CIRCPAD_PURPOSE_ALL; + circpad_register_padding_machine(add, origin_padding_machines); + + add = helper_create_conditional_machine(); + add->machine_num = 2; + circpad_register_padding_machine(add, relay_padding_machines); + + add = helper_create_conditional_machine(); + add->machine_num = 3; + circpad_register_padding_machine(add, relay_padding_machines); +} + +void +test_circuitpadding_state_length(void *arg) +{ + /** + * Test plan: + * * Explicitly test that with no token removal enabled, we hit + * the state length limit due to either padding, or non-padding. + * * Repeat test with an arbitrary token removal strategy, and + * verify that if we run out of tokens due to padding before we + * hit the state length, we still go to state end (all our + * token removal tests only test nonpadding token removal). + */ + int64_t actual_mocked_monotime_start; + (void)arg; + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + MOCK(circpad_send_command_to_hop, circpad_send_command_to_hop_mock); + + nodes_init(); + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, + &dummy_channel)); + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + /* This is needed so that we are not considered to be dormant */ + note_user_activity(20); + + timers_initialize(); + circpad_machine_spec_t *client_machine = + helper_create_length_machine(); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + MOCK(node_get_by_id, + node_get_by_id_mock); + + client_side->padding_machine[0] = client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + circpad_machine_runtime_t *mi = client_side->padding_info[0]; + + circpad_cell_event_padding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, 12); + tt_ptr_op(mi->histogram, OP_EQ, NULL); + + /* Verify that non-padding does not change our state length */ + circpad_cell_event_nonpadding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, 12); + + /* verify that sending padding changes our state length */ + for (uint64_t i = mi->state_length-1; i > 0; i--) { + circpad_send_padding_cell_for_callback(mi); + tt_i64_op(mi->state_length, OP_EQ, i); + } + circpad_send_padding_cell_for_callback(mi); + + tt_i64_op(mi->state_length, OP_EQ, -1); + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_END); + + /* Restart machine */ + mi->current_state = CIRCPAD_STATE_START; + + /* Now, count nonpadding as part of the state length */ + client_machine->states[CIRCPAD_STATE_BURST].length_includes_nonpadding = 1; + + circpad_cell_event_padding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, 12); + + /* Verify that non-padding does change our state length now */ + for (uint64_t i = mi->state_length-1; i > 0; i--) { + circpad_cell_event_nonpadding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, i); + } + + circpad_cell_event_nonpadding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, -1); + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_END); + + /* Now, just test token removal when we send padding */ + client_machine->states[CIRCPAD_STATE_BURST].token_removal = + CIRCPAD_TOKEN_REMOVAL_EXACT; + + /* Restart machine */ + mi->current_state = CIRCPAD_STATE_START; + circpad_cell_event_padding_sent(client_side); + tt_i64_op(mi->state_length, OP_EQ, 12); + tt_ptr_op(mi->histogram, OP_NE, NULL); + tt_int_op(mi->chosen_bin, OP_EQ, 2); + + /* verify that sending padding changes our state length and + * our histogram now */ + for (uint32_t i = mi->histogram[2]-1; i > 0; i--) { + circpad_send_padding_cell_for_callback(mi); + tt_int_op(mi->chosen_bin, OP_EQ, 2); + tt_int_op(mi->histogram[2], OP_EQ, i); + } + + tt_i64_op(mi->state_length, OP_EQ, 7); + tt_int_op(mi->histogram[2], OP_EQ, 1); + + circpad_send_padding_cell_for_callback(mi); + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_END); + + done: + tor_free(client_machine->states); + tor_free(client_machine); + + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + timers_shutdown(); + monotime_disable_test_mocking(); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuitmux_attach_circuit); + UNMOCK(node_get_by_id); + + return; +} + +void +test_circuitpadding_conditions(void *arg) +{ + /** + * Test plan: + * 0. Make a few origin and client machines with diff conditions + * * vanguards, purposes, has_opened circs, no relay early + * * Client side should_negotiate_end + * * Length limits + * 1. Test STATE_END transitions + * 2. Test new machine after end with same conditions + * 3. Test new machine due to changed conditions + * * Esp: built event, no relay early, no streams + * XXX: Diff test: + * 1. Test STATE_END with pending timers + * 2. Test marking a circuit before padding callback fires + * 3. Test freeing a circuit before padding callback fires + */ + int64_t actual_mocked_monotime_start; + (void)arg; + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + testing_enable_reproducible_rng(); + + nodes_init(); + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, + &dummy_channel)); + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + /* This is needed so that we are not considered to be dormant */ + note_user_activity(20); + + timers_initialize(); + helper_create_conditional_machines(); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + MOCK(node_get_by_id, + node_get_by_id_mock); + + /* Simulate extend. This should result in the original machine getting + * added, since the circuit is not built */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Verify that machine #2 is added */ + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + /* Deliver a padding cell to the client, to trigger burst state */ + circpad_cell_event_padding_sent(client_side); + + /* This should have trigger length shutdown condition on client.. */ + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + /* Verify machine is gone from both sides */ + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + /* Send another event.. verify machine gets re-added properly + * (test race with shutdown) */ + simulate_single_hop_extend(client_side, relay_side, 1); + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + TO_ORIGIN_CIRCUIT(client_side)->p_streams = 0; + circpad_machine_event_circ_has_no_streams(TO_ORIGIN_CIRCUIT(client_side)); + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + /* Now make the circuit opened and send built event */ + TO_ORIGIN_CIRCUIT(client_side)->has_opened = 1; + circpad_machine_event_circ_built(TO_ORIGIN_CIRCUIT(client_side)); + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + TO_ORIGIN_CIRCUIT(client_side)->remaining_relay_early_cells = 0; + circpad_machine_event_circ_has_no_relay_early( + TO_ORIGIN_CIRCUIT(client_side)); + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + get_options_mutable()->HSLayer2Nodes = (void*)1; + TO_ORIGIN_CIRCUIT(client_side)->p_streams = (void*)1; + circpad_machine_event_circ_has_streams(TO_ORIGIN_CIRCUIT(client_side)); + + /* Verify different machine is added */ + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 3); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 3); + + /* Hold off on negotiated */ + deliver_negotiated = 0; + + /* Deliver a padding cell to the client, to trigger burst state */ + circpad_cell_event_padding_sent(client_side); + + /* This should have trigger length shutdown condition on client + * but not the response for the padding machine */ + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_NE, NULL); + + /* Verify machine is gone from the relay (but negotiated not back yet */ + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + /* Add another hop and verify it's back */ + simulate_single_hop_extend(client_side, relay_side, 1); + + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 3); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 3); + + tt_ptr_op(client_side->padding_info[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_NE, NULL); + + done: + /* XXX: Free everything */ + testing_disable_reproducible_rng(); + return; +} + +/** Disabled unstable test until #29298 is implemented (see #29122) */ +#if 0 +void +test_circuitpadding_circuitsetup_machine(void *arg) +{ + int64_t actual_mocked_monotime_start; + /** + * Test case plan: + * + * 1. Simulate a normal circuit setup pattern + * a. Application traffic + * + * FIXME: This should focus more on exercising the machine + * features rather than actual traffic patterns. For example, + * test cancellation and bins empty/refill + */ + (void)arg; + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + + dummy_channel.cmux = circuitmux_alloc(); + client_side = TO_CIRCUIT(origin_circuit_new()); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + nodes_init(); + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + + timers_initialize(); + circpad_machines_init(); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + MOCK(node_get_by_id, + node_get_by_id_mock); + + /* Test case #1: Build a 3 hop circuit, then wait and let pad */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + tt_int_op(n_client_cells, OP_EQ, 1); + tt_int_op(n_relay_cells, OP_EQ, 1); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_int_op(relay_side->padding_info[0]->is_padding_timer_scheduled, + OP_EQ, 0); + timers_advance_and_run(2000); + tt_int_op(n_client_cells, OP_EQ, 2); + tt_int_op(n_relay_cells, OP_EQ, 1); + + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_GAP); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + timers_advance_and_run(5000); + tt_int_op(n_client_cells, OP_EQ, 2); + tt_int_op(n_relay_cells, OP_EQ, 2); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + timers_advance_and_run(2000); + tt_int_op(n_client_cells, OP_EQ, 3); + tt_int_op(n_relay_cells, OP_EQ, 2); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + timers_advance_and_run(5000); + tt_int_op(n_client_cells, OP_EQ, 3); + tt_int_op(n_relay_cells, OP_EQ, 3); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + timers_advance_and_run(2000); + tt_int_op(n_client_cells, OP_EQ, 4); + tt_int_op(n_relay_cells, OP_EQ, 3); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + timers_advance_and_run(5000); + tt_int_op(n_client_cells, OP_EQ, 4); + tt_int_op(n_relay_cells, OP_EQ, 4); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + timers_advance_and_run(2000); + tt_int_op(n_client_cells, OP_EQ, 5); + tt_int_op(n_relay_cells, OP_EQ, 4); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + timers_advance_and_run(5000); + tt_int_op(n_client_cells, OP_EQ, 5); + tt_int_op(n_relay_cells, OP_EQ, 5); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + timers_advance_and_run(2000); + tt_int_op(n_client_cells, OP_EQ, 6); + tt_int_op(n_relay_cells, OP_EQ, 5); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + timers_advance_and_run(5000); + tt_int_op(n_client_cells, OP_EQ, 6); + tt_int_op(n_relay_cells, OP_EQ, 6); + + tt_int_op(client_side->padding_info[0]->current_state, + OP_EQ, CIRCPAD_STATE_END); + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + tt_int_op(relay_side->padding_info[0]->current_state, + OP_EQ, CIRCPAD_STATE_GAP); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + + /* Verify we can't schedule padding in END state */ + circpad_decision_t ret = + circpad_machine_schedule_padding(client_side->padding_info[0]); + tt_int_op(ret, OP_EQ, CIRCPAD_STATE_UNCHANGED); + + /* Simulate application traffic */ + circpad_cell_event_nonpadding_sent(client_side); + circpad_deliver_unrecognized_cell_events(relay_side, CELL_DIRECTION_OUT); + circpad_deliver_unrecognized_cell_events(relay_side, CELL_DIRECTION_IN); + circpad_deliver_recognized_relay_cell_events(client_side, RELAY_COMMAND_DATA, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next); + + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + tt_int_op(n_client_cells, OP_EQ, 6); + tt_int_op(n_relay_cells, OP_EQ, 7); + + // Test timer cancellation + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + timers_advance_and_run(5000); + circpad_cell_event_padding_received(client_side); + + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_GAP); + + tt_int_op(n_client_cells, OP_EQ, 8); + tt_int_op(n_relay_cells, OP_EQ, 8); + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + + /* Test timer cancel due to state rules */ + circpad_cell_event_nonpadding_sent(client_side); + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_EQ, 0); + circpad_cell_event_padding_received(client_side); + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + + /* Simulate application traffic to cancel timer */ + circpad_cell_event_nonpadding_sent(client_side); + circpad_deliver_unrecognized_cell_events(relay_side, CELL_DIRECTION_OUT); + circpad_deliver_unrecognized_cell_events(relay_side, CELL_DIRECTION_IN); + circpad_deliver_recognized_relay_cell_events(client_side, RELAY_COMMAND_DATA, + TO_ORIGIN_CIRCUIT(client_side)->cpath->next); + + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + /* No cells sent, except negotiate end from relay */ + tt_int_op(n_client_cells, OP_EQ, 8); + tt_int_op(n_relay_cells, OP_EQ, 9); + + /* Test mark for close and free */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + timers_advance_and_run(5000); + circpad_cell_event_padding_received(client_side); + + tt_int_op(n_client_cells, OP_EQ, 10); + tt_int_op(n_relay_cells, OP_EQ, 10); + + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_BURST); + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_GAP); + + tt_u64_op(client_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + tt_u64_op(relay_side->padding_info[0]->padding_scheduled_at_usec, + OP_NE, 0); + circuit_mark_for_close(client_side, END_CIRC_REASON_FLAG_REMOTE); + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + timers_advance_and_run(5000); + + /* No cells sent */ + tt_int_op(n_client_cells, OP_EQ, 10); + tt_int_op(n_relay_cells, OP_EQ, 10); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + timers_shutdown(); + monotime_disable_test_mocking(); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuitmux_attach_circuit); + + return; +} +#endif /* 0 */ + +/** Helper function: Initializes a padding machine where every state uses the + * uniform probability distribution. */ +static void +helper_circpad_circ_distribution_machine_setup(int min, int max) +{ + circpad_machine_states_init(&circ_client_machine, 7); + + circpad_state_t *zero_st = &circ_client_machine.states[0]; + zero_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 1; + zero_st->iat_dist.type = CIRCPAD_DIST_UNIFORM; + /* param2 is upper bound, param1 is lower */ + zero_st->iat_dist.param1 = min; + zero_st->iat_dist.param2 = max; + zero_st->dist_added_shift_usec = min; + zero_st->dist_max_sample_usec = max; + + circpad_state_t *first_st = &circ_client_machine.states[1]; + first_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 2; + first_st->iat_dist.type = CIRCPAD_DIST_LOGISTIC; + /* param1 is Mu, param2 is sigma. */ + first_st->iat_dist.param1 = 9; + first_st->iat_dist.param2 = 3; + first_st->dist_added_shift_usec = min; + first_st->dist_max_sample_usec = max; + + circpad_state_t *second_st = &circ_client_machine.states[2]; + second_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 3; + second_st->iat_dist.type = CIRCPAD_DIST_LOG_LOGISTIC; + /* param1 is Alpha, param2 is 1.0/Beta */ + second_st->iat_dist.param1 = 1; + second_st->iat_dist.param2 = 0.5; + second_st->dist_added_shift_usec = min; + second_st->dist_max_sample_usec = max; + + circpad_state_t *third_st = &circ_client_machine.states[3]; + third_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 4; + third_st->iat_dist.type = CIRCPAD_DIST_GEOMETRIC; + /* param1 is 'p' (success probability) */ + third_st->iat_dist.param1 = 0.2; + third_st->dist_added_shift_usec = min; + third_st->dist_max_sample_usec = max; + + circpad_state_t *fourth_st = &circ_client_machine.states[4]; + fourth_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 5; + fourth_st->iat_dist.type = CIRCPAD_DIST_WEIBULL; + /* param1 is k, param2 is Lambda */ + fourth_st->iat_dist.param1 = 1.5; + fourth_st->iat_dist.param2 = 1; + fourth_st->dist_added_shift_usec = min; + fourth_st->dist_max_sample_usec = max; + + circpad_state_t *fifth_st = &circ_client_machine.states[5]; + fifth_st->next_state[CIRCPAD_EVENT_NONPADDING_RECV] = 6; + fifth_st->iat_dist.type = CIRCPAD_DIST_PARETO; + /* param1 is sigma, param2 is xi */ + fifth_st->iat_dist.param1 = 1; + fifth_st->iat_dist.param2 = 5; + fifth_st->dist_added_shift_usec = min; + fifth_st->dist_max_sample_usec = max; +} + +/** Simple test that the padding delays sampled from a uniform distribution + * actually faill within the uniform distribution range. */ +static void +test_circuitpadding_sample_distribution(void *arg) +{ + circpad_machine_runtime_t *mi; + int n_samples; + int n_states; + + (void) arg; + + /* mock this function so that we dont actually schedule any padding */ + MOCK(circpad_machine_schedule_padding, + circpad_machine_schedule_padding_mock); + testing_enable_reproducible_rng(); + + /* Initialize a machine with multiple probability distributions */ + circpad_machines_init(); + helper_circpad_circ_distribution_machine_setup(0, 10); + + /* Initialize machine and circuits */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + mi = client_side->padding_info[0]; + + /* For every state, sample a bunch of values from the distribution and ensure + * they fall within range. */ + for (n_states = 0 ; n_states < 6; n_states++) { + /* Make sure we in the right state */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, n_states); + + for (n_samples = 0; n_samples < 100; n_samples++) { + circpad_delay_t delay = circpad_machine_sample_delay(mi); + tt_int_op(delay, OP_GE, 0); + tt_int_op(delay, OP_LE, 10); + } + + /* send a non-padding cell to move to the next machine state */ + circpad_cell_event_nonpadding_received(client_side); + } + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + UNMOCK(circpad_machine_schedule_padding); + testing_disable_reproducible_rng(); +} + +static circpad_decision_t +circpad_machine_spec_transition_mock(circpad_machine_runtime_t *mi, + circpad_event_t event) +{ + (void) mi; + (void) event; + + return CIRCPAD_STATE_UNCHANGED; +} + +/* Test per-machine padding rate limits */ +static void +test_circuitpadding_machine_rate_limiting(void *arg) +{ + (void) arg; + bool retval; + circpad_machine_runtime_t *mi; + int i; + + /* Ignore machine transitions for the purposes of this function, we only + * really care about padding counts */ + MOCK(circpad_machine_spec_transition, circpad_machine_spec_transition_mock); + MOCK(circpad_send_command_to_hop, circpad_send_command_to_hop_mock); + testing_enable_reproducible_rng(); + + /* Setup machine and circuits */ + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + helper_create_basic_machine(); + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + mi = client_side->padding_info[0]; + /* Set up the machine info so that we can get through the basic functions */ + mi->state_length = CIRCPAD_STATE_LENGTH_INFINITE; + + /* First we are going to test the per-machine rate limits */ + circ_client_machine.max_padding_percent = 50; + circ_client_machine.allowed_padding_count = 100; + + /* Check padding limit, should be fine since we haven't sent anything yet. */ + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 0); + + /* Send 99 padding cells which is below circpad_global_allowed_cells=100, so + * the rate limit will not trigger */ + for (i=0;i<99;i++) { + circpad_send_padding_cell_for_callback(mi); + } + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 0); + + /* Now send another padding cell to pass circpad_global_allowed_cells=100, + and see that the limit will trigger */ + circpad_send_padding_cell_for_callback(mi); + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 1); + + retval = circpad_machine_schedule_padding(mi); + tt_int_op(retval, OP_EQ, CIRCPAD_STATE_UNCHANGED); + + /* Cover wrap */ + for (;i<UINT16_MAX;i++) { + circpad_send_padding_cell_for_callback(mi); + } + tt_int_op(mi->padding_sent, OP_EQ, UINT16_MAX/2+1); + + tt_ptr_op(client_side->padding_info[0], OP_EQ, mi); + for (i=0;i<UINT16_MAX;i++) { + circpad_cell_event_nonpadding_sent(client_side); + } + + tt_int_op(mi->nonpadding_sent, OP_EQ, UINT16_MAX/2); + tt_int_op(mi->padding_sent, OP_EQ, UINT16_MAX/4+1); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + testing_disable_reproducible_rng(); +} + +/* Test global padding rate limits */ +static void +test_circuitpadding_global_rate_limiting(void *arg) +{ + (void) arg; + bool retval; + circpad_machine_runtime_t *mi; + int i; + int64_t actual_mocked_monotime_start; + + /* Ignore machine transitions for the purposes of this function, we only + * really care about padding counts */ + MOCK(circpad_machine_spec_transition, circpad_machine_spec_transition_mock); + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + MOCK(monotime_absolute_usec, mock_monotime_absolute_usec); + testing_enable_reproducible_rng(); + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + timers_initialize(); + + client_side = TO_CIRCUIT(origin_circuit_new()); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + dummy_channel.cmux = circuitmux_alloc(); + + /* Setup machine and circuits */ + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + helper_create_basic_machine(); + relay_side->padding_machine[0] = &circ_client_machine; + relay_side->padding_info[0] = + circpad_circuit_machineinfo_new(relay_side, 0); + mi = relay_side->padding_info[0]; + /* Set up the machine info so that we can get through the basic functions */ + mi->state_length = CIRCPAD_STATE_LENGTH_INFINITE; + + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Now test the global limits by setting up the consensus */ + networkstatus_t vote1; + vote1.net_params = smartlist_new(); + smartlist_split_string(vote1.net_params, + "circpad_global_allowed_cells=100 circpad_global_max_padding_pct=50", + NULL, 0, 0); + /* Register global limits with the padding subsystem */ + circpad_new_consensus_params(&vote1); + + /* Check padding limit, should be fine since we haven't sent anything yet. */ + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 0); + + /* Send 99 padding cells which is below circpad_global_allowed_cells=100, so + * the rate limit will not trigger */ + for (i=0;i<99;i++) { + circpad_send_padding_cell_for_callback(mi); + } + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 0); + + /* Now send another padding cell to pass circpad_global_allowed_cells=100, + and see that the limit will trigger */ + circpad_send_padding_cell_for_callback(mi); + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 1); + + retval = circpad_machine_schedule_padding(mi); + tt_int_op(retval, OP_EQ, CIRCPAD_STATE_UNCHANGED); + + /* Now send 92 non-padding cells to get near the + * circpad_global_max_padding_pct=50 limit; in particular with 96 non-padding + * cells, the padding traffic is still 51% of total traffic so limit should + * trigger */ + for (i=0;i<92;i++) { + circpad_cell_event_nonpadding_sent(relay_side); + } + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 1); + + /* Send another non-padding cell to bring the padding traffic to 50% of total + * traffic and get past the limit */ + circpad_cell_event_nonpadding_sent(relay_side); + retval = circpad_machine_reached_padding_limit(mi); + tt_int_op(retval, OP_EQ, 0); + + done: + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + SMARTLIST_FOREACH(vote1.net_params, char *, cp, tor_free(cp)); + smartlist_free(vote1.net_params); + testing_disable_reproducible_rng(); +} + +/* Test reduced and disabled padding */ +static void +test_circuitpadding_reduce_disable(void *arg) +{ + (void) arg; + int64_t actual_mocked_monotime_start; + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + testing_enable_reproducible_rng(); + + nodes_init(); + dummy_channel.cmux = circuitmux_alloc(); + relay_side = (circuit_t *)new_fake_orcirc(&dummy_channel, + &dummy_channel); + client_side = (circuit_t *)origin_circuit_new(); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + circpad_machines_init(); + helper_create_conditional_machines(); + + monotime_init(); + monotime_enable_test_mocking(); + actual_mocked_monotime_start = MONOTIME_MOCK_START; + monotime_set_mock_time_nsec(actual_mocked_monotime_start); + monotime_coarse_set_mock_time_nsec(actual_mocked_monotime_start); + curr_mocked_time = actual_mocked_monotime_start; + timers_initialize(); + + /* This is needed so that we are not considered to be dormant */ + note_user_activity(20); + + MOCK(circuit_package_relay_cell, + circuit_package_relay_cell_mock); + MOCK(node_get_by_id, + node_get_by_id_mock); + + /* Simulate extend. This should result in the original machine getting + * added, since the circuit is not built */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Verify that machine #2 is added */ + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + /* Deliver a padding cell to the client, to trigger burst state */ + circpad_cell_event_padding_sent(client_side); + + /* This should have trigger length shutdown condition on client.. */ + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + + /* Verify machine is gone from both sides */ + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + /* Now test the reduced padding machine by setting up the consensus */ + networkstatus_t vote1; + vote1.net_params = smartlist_new(); + smartlist_split_string(vote1.net_params, + "circpad_padding_reduced=1", NULL, 0, 0); + + /* Register reduced padding machine with the padding subsystem */ + circpad_new_consensus_params(&vote1); + + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Verify that machine #0 is added */ + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + tt_int_op( + circpad_machine_reached_padding_limit(client_side->padding_info[0]), + OP_EQ, 0); + tt_int_op( + circpad_machine_reached_padding_limit(relay_side->padding_info[0]), + OP_EQ, 0); + + /* Test that machines get torn down when padding is disabled */ + SMARTLIST_FOREACH(vote1.net_params, char *, cp, tor_free(cp)); + smartlist_free(vote1.net_params); + vote1.net_params = smartlist_new(); + smartlist_split_string(vote1.net_params, + "circpad_padding_disabled=1", NULL, 0, 0); + + /* Register reduced padding machine with the padding subsystem */ + circpad_new_consensus_params(&vote1); + + tt_int_op( + circpad_machine_schedule_padding(client_side->padding_info[0]), + OP_EQ, CIRCPAD_STATE_UNCHANGED); + tt_int_op( + circpad_machine_schedule_padding(relay_side->padding_info[0]), + OP_EQ, CIRCPAD_STATE_UNCHANGED); + + /* Signal that circuit is built: this event causes us to re-evaluate + * machine conditions (which don't apply because padding is disabled). */ + circpad_machine_event_circ_built(TO_ORIGIN_CIRCUIT(client_side)); + + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + SMARTLIST_FOREACH(vote1.net_params, char *, cp, tor_free(cp)); + smartlist_free(vote1.net_params); + vote1.net_params = NULL; + circpad_new_consensus_params(&vote1); + + get_options_mutable()->ReducedCircuitPadding = 1; + + simulate_single_hop_extend(client_side, relay_side, 1); + + /* Verify that machine #0 is added */ + tt_int_op(client_side->padding_machine[0]->machine_num, OP_EQ, 2); + tt_int_op(relay_side->padding_machine[0]->machine_num, OP_EQ, 2); + + tt_int_op( + circpad_machine_reached_padding_limit(client_side->padding_info[0]), + OP_EQ, 0); + tt_int_op( + circpad_machine_reached_padding_limit(relay_side->padding_info[0]), + OP_EQ, 0); + + get_options_mutable()->CircuitPadding = 0; + + tt_int_op( + circpad_machine_schedule_padding(client_side->padding_info[0]), + OP_EQ, CIRCPAD_STATE_UNCHANGED); + tt_int_op( + circpad_machine_schedule_padding(relay_side->padding_info[0]), + OP_EQ, CIRCPAD_STATE_UNCHANGED); + + /* Signal that circuit is built: this event causes us to re-evaluate + * machine conditions (which don't apply because padding is disabled). */ + + circpad_machine_event_circ_built(TO_ORIGIN_CIRCUIT(client_side)); + + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_EQ, NULL); + + done: + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + testing_disable_reproducible_rng(); +} + +/** Just a basic machine whose whole purpose is to reach the END state */ +static void +helper_create_ender_machine(void) +{ + /* Start, burst */ + circpad_machine_states_init(&circ_client_machine, 2); + + circ_client_machine.states[CIRCPAD_STATE_START]. + next_state[CIRCPAD_EVENT_NONPADDING_RECV] = CIRCPAD_STATE_END; + + circ_client_machine.conditions.state_mask = CIRCPAD_STATE_ALL; + circ_client_machine.conditions.purpose_mask = CIRCPAD_PURPOSE_ALL; +} + +static time_t mocked_timeofday; +/** Set timeval to a mock date and time. This is necessary + * to make tor_gettimeofday() mockable. */ +static void +mock_tor_gettimeofday(struct timeval *timeval) +{ + timeval->tv_sec = mocked_timeofday; + timeval->tv_usec = 0; +} + +/** Test manual managing of circuit lifetimes by the circuitpadding + * subsystem. In particular this test goes through all the cases of the + * circpad_marked_circuit_for_padding() function, via + * circuit_mark_for_close() as well as + * circuit_expire_old_circuits_clientside(). */ +static void +test_circuitpadding_manage_circuit_lifetime(void *arg) +{ + circpad_machine_runtime_t *mi; + + (void) arg; + + client_side = (circuit_t *)origin_circuit_new(); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + monotime_enable_test_mocking(); + MOCK(tor_gettimeofday, mock_tor_gettimeofday); + mocked_timeofday = 23; + + helper_create_ender_machine(); + + /* Enable manual circuit lifetime manage for this test */ + circ_client_machine.manage_circ_lifetime = 1; + + /* Test setup */ + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + mi = client_side->padding_info[0]; + + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_START); + + /* Check that the circuit is not marked for close */ + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_GENERAL); + + /* Mark this circuit for close due to a remote reason */ + circuit_mark_for_close(client_side, + END_CIRC_REASON_FLAG_REMOTE|END_CIRC_REASON_NONE); + tt_ptr_op(client_side->padding_info[0], OP_NE, NULL); + tt_int_op(client_side->marked_for_close, OP_NE, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_GENERAL); + client_side->marked_for_close = 0; + + /* Mark this circuit for close due to a protocol issue */ + circuit_mark_for_close(client_side, END_CIRC_REASON_TORPROTOCOL); + tt_int_op(client_side->marked_for_close, OP_NE, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_GENERAL); + client_side->marked_for_close = 0; + + /* Mark a measurement circuit for close */ + client_side->purpose = CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT; + circuit_mark_for_close(client_side, END_CIRC_REASON_NONE); + tt_int_op(client_side->marked_for_close, OP_NE, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT); + client_side->marked_for_close = 0; + + /* Mark a general circuit for close */ + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + circuit_mark_for_close(client_side, END_CIRC_REASON_NONE); + + /* Check that this circuit is still not marked for close since we are + * managing the lifetime manually, but the circuit was tagged as such by the + * circpadding subsystem */ + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_CIRCUIT_PADDING); + + /* We just tested case (1) from the comments of + * circpad_circuit_should_be_marked_for_close() */ + + /* Transition the machine to the END state but did not delete its machine */ + tt_ptr_op(client_side->padding_info[0], OP_NE, NULL); + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_END); + + /* We just tested case (3) from the comments of + * circpad_circuit_should_be_marked_for_close(). + * Now let's go for case (2). */ + + /* Reset the close mark */ + client_side->marked_for_close = 0; + + /* Mark this circuit for close */ + circuit_mark_for_close(client_side, 0); + + /* See that the circ got closed since we are already in END state */ + tt_int_op(client_side->marked_for_close, OP_NE, 0); + + /* We just tested case (2). Now let's see that case (4) is unreachable as + that comment claims */ + + /* First, reset all close marks and tags */ + client_side->marked_for_close = 0; + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + /* Now re-create the ender machine so that we can transition to END again */ + /* Free up some stuff first */ + circpad_circuit_free_all_machineinfos(client_side); + tor_free(circ_client_machine.states); + helper_create_ender_machine(); + + client_side->padding_machine[0] = &circ_client_machine; + client_side->padding_info[0] = + circpad_circuit_machineinfo_new(client_side, 0); + mi = client_side->padding_info[0]; + + /* Check we are in START. */ + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_START); + + /* Test that we don't expire this circuit yet */ + client_side->timestamp_dirty = 0; + client_side->state = CIRCUIT_STATE_OPEN; + tor_gettimeofday(&client_side->timestamp_began); + TO_ORIGIN_CIRCUIT(client_side)->circuit_idle_timeout = 23; + mocked_timeofday += 24; + circuit_expire_old_circuits_clientside(); + circuit_expire_old_circuits_clientside(); + circuit_expire_old_circuits_clientside(); + tt_int_op(client_side->timestamp_dirty, OP_NE, 0); + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + tt_int_op(client_side->purpose, OP_EQ, CIRCUIT_PURPOSE_C_CIRCUIT_PADDING); + + /* Runaway circpad test: if the machine does not transition to end, + * test that after CIRCPAD_DELAY_MAX_SECS, we get marked anyway */ + mocked_timeofday = client_side->timestamp_dirty + + get_options()->MaxCircuitDirtiness + 2; + client_side->padding_info[0]->last_cell_time_sec = + approx_time()-(CIRCPAD_DELAY_MAX_SECS+10); + circuit_expire_old_circuits_clientside(); + tt_int_op(client_side->marked_for_close, OP_NE, 0); + + /* Test back to normal: if we had activity, we won't close */ + client_side->padding_info[0]->last_cell_time_sec = approx_time(); + client_side->marked_for_close = 0; + circuit_expire_old_circuits_clientside(); + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + + /* Transition to END, but before we're past the dirty timer */ + mocked_timeofday = client_side->timestamp_dirty; + circpad_cell_event_nonpadding_received(client_side); + tt_int_op(mi->current_state, OP_EQ, CIRCPAD_STATE_END); + + /* Verify that the circuit was not closed. */ + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + + /* Now that we are in END state, we can be closed by expiry, but via + * the timestamp_dirty path, not the idle path. So first test not dirty + * enough. */ + mocked_timeofday = client_side->timestamp_dirty; + circuit_expire_old_circuits_clientside(); + tt_int_op(client_side->marked_for_close, OP_EQ, 0); + mocked_timeofday = client_side->timestamp_dirty + + get_options()->MaxCircuitDirtiness + 2; + circuit_expire_old_circuits_clientside(); + tt_int_op(client_side->marked_for_close, OP_NE, 0); + + done: + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); + tor_free(circ_client_machine.states); + monotime_disable_test_mocking(); + UNMOCK(tor_gettimeofday); +} + +/** Helper for the test_circuitpadding_hs_machines test: + * + * - Create a client and relay circuit. + * - Setup right circuit purpose and attach a machine to the client circuit. + * - Verify that state transitions work as intended and state length gets + * enforced. + * + * This function is able to do this test both for intro and rend circuits + * depending on the value of <b>test_intro_circs</b>. + */ +static void +helper_test_hs_machines(bool test_intro_circs) +{ + /* Setup the circuits */ + origin_circuit_t *origin_client_side = origin_circuit_new(); + client_side = TO_CIRCUIT(origin_client_side); + client_side->purpose = CIRCUIT_PURPOSE_C_GENERAL; + + dummy_channel.cmux = circuitmux_alloc(); + relay_side = TO_CIRCUIT(new_fake_orcirc(&dummy_channel, &dummy_channel)); + relay_side->purpose = CIRCUIT_PURPOSE_OR; + + /* extend the client circ to two hops */ + simulate_single_hop_extend(client_side, relay_side, 1); + simulate_single_hop_extend(client_side, relay_side, 1); + + /* machines only apply on opened circuits */ + origin_client_side->has_opened = 1; + + /************************************/ + + /* Attaching the client machine now won't work here because of a wrong + * purpose */ + tt_assert(!client_side->padding_machine[0]); + circpad_add_matching_machines(origin_client_side, origin_padding_machines); + tt_assert(!client_side->padding_machine[0]); + + /* Change the purpose, see the machine getting attached */ + client_side->purpose = test_intro_circs ? + CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT : CIRCUIT_PURPOSE_C_REND_JOINED; + circpad_add_matching_machines(origin_client_side, origin_padding_machines); + tt_ptr_op(client_side->padding_info[0], OP_NE, NULL); + tt_ptr_op(client_side->padding_machine[0], OP_NE, NULL); + + tt_ptr_op(relay_side->padding_info[0], OP_NE, NULL); + tt_ptr_op(relay_side->padding_machine[0], OP_NE, NULL); + + /* Verify that the right machine is attached */ + tt_str_op(client_side->padding_machine[0]->name, OP_EQ, + test_intro_circs ? "client_ip_circ" : "client_rp_circ"); + tt_str_op(relay_side->padding_machine[0]->name, OP_EQ, + test_intro_circs ? "relay_ip_circ": "relay_rp_circ"); + + /***********************************/ + + /* Intro machines are at START state, but rend machines have already skipped + * to OBFUSCATE_CIRC_SETUP because of the sent PADDING_NEGOTIATE. */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_OBFUSCATE_CIRC_SETUP); + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_OBFUSCATE_CIRC_SETUP); + + /*Send non-padding to move the machines from START to OBFUSCATE_CIRC_SETUP */ + circpad_cell_event_nonpadding_received(client_side); + circpad_cell_event_nonpadding_received(relay_side); + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_OBFUSCATE_CIRC_SETUP); + tt_int_op(relay_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_OBFUSCATE_CIRC_SETUP); + + /* Check that the state lengths have been sampled and are within range */ + circpad_machine_runtime_t *client_machine_runtime = + client_side->padding_info[0]; + circpad_machine_runtime_t *relay_machine_runtime = + relay_side->padding_info[0]; + + if (test_intro_circs) { + /* on the client side, we don't send any padding so + * state length is not set */ + tt_i64_op(client_machine_runtime->state_length, OP_EQ, -1); + /* relay side has state limits. check them */ + tt_i64_op(relay_machine_runtime->state_length, OP_GE, + INTRO_MACHINE_MINIMUM_PADDING); + tt_i64_op(relay_machine_runtime->state_length, OP_LT, + INTRO_MACHINE_MAXIMUM_PADDING); + } else { + tt_i64_op(client_machine_runtime->state_length, OP_EQ, 1); + tt_i64_op(relay_machine_runtime->state_length, OP_EQ, 1); + } + + if (test_intro_circs) { + int i; + /* Send state_length worth of padding from the relay and see that the + * client state goes to END */ + for (i = (int) relay_machine_runtime->state_length ; i > 0 ; i--) { + circpad_send_padding_cell_for_callback(relay_machine_runtime); + } + /* See that the machine has been teared down after all the length has been + * exhausted (the padding info should now be null on both sides) */ + tt_ptr_op(relay_side->padding_info[0], OP_EQ, NULL); + tt_ptr_op(client_side->padding_info[0], OP_EQ, NULL); + } else { + int i; + /* Send state_length worth of padding and see that the state goes to END */ + for (i = (int) client_machine_runtime->state_length ; i > 0 ; i--) { + circpad_send_padding_cell_for_callback(client_machine_runtime); + } + /* See that the machine has been teared down after all the length has been + * exhausted. */ + tt_int_op(client_side->padding_info[0]->current_state, OP_EQ, + CIRCPAD_STATE_END); + } + + done: + free_fake_orcirc(TO_OR_CIRCUIT(relay_side)); + circuitmux_detach_all_circuits(dummy_channel.cmux, NULL); + circuitmux_free(dummy_channel.cmux); + free_fake_origin_circuit(TO_ORIGIN_CIRCUIT(client_side)); +} + +/** Test that the HS circuit padding machines work as intended. */ +static void +test_circuitpadding_hs_machines(void *arg) +{ + (void)arg; + + /* Test logic: + * + * 1) Register the HS machines, which aim to hide the presense of + * onion service traffic on the client-side + * + * 2) Call helper_test_hs_machines() to perform tests for the intro circuit + * machines and for the rend circuit machines. + */ + + MOCK(circuitmux_attach_circuit, circuitmux_attach_circuit_mock); + MOCK(circuit_package_relay_cell, circuit_package_relay_cell_mock); + MOCK(circuit_get_nth_node, circuit_get_nth_node_mock); + MOCK(circpad_machine_schedule_padding,circpad_machine_schedule_padding_mock); + + origin_padding_machines = smartlist_new(); + relay_padding_machines = smartlist_new(); + + nodes_init(); + + monotime_init(); + monotime_enable_test_mocking(); + monotime_set_mock_time_nsec(1*TOR_NSEC_PER_USEC); + monotime_coarse_set_mock_time_nsec(1*TOR_NSEC_PER_USEC); + curr_mocked_time = 1*TOR_NSEC_PER_USEC; + + timers_initialize(); + + /* This is needed so that we are not considered to be dormant */ + note_user_activity(20); + + /************************************/ + + /* Register the HS machines */ + circpad_machine_client_hide_intro_circuits(origin_padding_machines); + circpad_machine_client_hide_rend_circuits(origin_padding_machines); + circpad_machine_relay_hide_intro_circuits(relay_padding_machines); + circpad_machine_relay_hide_rend_circuits(relay_padding_machines); + + /***********************************/ + + /* Do the tests for the intro circuit machines */ + helper_test_hs_machines(true); + /* Do the tests for the rend circuit machines */ + helper_test_hs_machines(false); + + timers_shutdown(); + monotime_disable_test_mocking(); + + SMARTLIST_FOREACH_BEGIN(origin_padding_machines, + circpad_machine_spec_t *, m) { + machine_spec_free(m); + } SMARTLIST_FOREACH_END(m); + + SMARTLIST_FOREACH_BEGIN(relay_padding_machines, + circpad_machine_spec_t *, m) { + machine_spec_free(m); + } SMARTLIST_FOREACH_END(m); + + smartlist_free(origin_padding_machines); + smartlist_free(relay_padding_machines); + + UNMOCK(circuitmux_attach_circuit); + UNMOCK(circuit_package_relay_cell); + UNMOCK(circuit_get_nth_node); + UNMOCK(circpad_machine_schedule_padding); +} + +/** Test that we effectively ignore non-padding cells in padding circuits. */ +static void +test_circuitpadding_ignore_non_padding_cells(void *arg) +{ + int retval; + relay_header_t rh; + + (void) arg; + + client_side = (circuit_t *)origin_circuit_new(); + client_side->purpose = CIRCUIT_PURPOSE_C_CIRCUIT_PADDING; + + rh.command = RELAY_COMMAND_BEGIN; + + setup_full_capture_of_logs(LOG_INFO); + retval = handle_relay_cell_command(NULL, client_side, NULL, NULL, &rh, 0); + tt_int_op(retval, OP_EQ, 0); + expect_log_msg_containing("Ignored cell"); + + done: + ; +} + +#define TEST_CIRCUITPADDING(name, flags) \ + { #name, test_##name, (flags), NULL, NULL } + +struct testcase_t circuitpadding_tests[] = { + TEST_CIRCUITPADDING(circuitpadding_tokens, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_state_length, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_negotiation, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_wronghop, TT_FORK), + /** Disabled unstable test until #29298 is implemented (see #29122) */ + // TEST_CIRCUITPADDING(circuitpadding_circuitsetup_machine, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_conditions, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_rtt, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_sample_distribution, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_machine_rate_limiting, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_global_rate_limiting, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_reduce_disable, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_token_removal_lower, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_token_removal_higher, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_closest_token_removal, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_closest_token_removal_usec, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_token_removal_exact, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_manage_circuit_lifetime, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_hs_machines, TT_FORK), + TEST_CIRCUITPADDING(circuitpadding_ignore_non_padding_cells, TT_FORK), + END_OF_TESTCASES +}; diff --git a/src/test/test_circuitstats.c b/src/test/test_circuitstats.c index 1cbcb14f2b..e15dec5a01 100644 --- a/src/test/test_circuitstats.c +++ b/src/test/test_circuitstats.c @@ -1,10 +1,10 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CIRCUITBUILD_PRIVATE #define CIRCUITSTATS_PRIVATE #define CIRCUITLIST_PRIVATE -#define CHANNEL_PRIVATE_ +#define CHANNEL_FILE_PRIVATE #include "core/or/or.h" #include "test/test.h" @@ -28,7 +28,7 @@ origin_circuit_t *subtest_fourhop_circuit(struct timeval, int); origin_circuit_t *add_opened_threehop(void); origin_circuit_t *build_unopened_fourhop(struct timeval); -int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); +int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); static int marked_for_close; /* Mock function because we are not trying to test the close circuit that does @@ -57,9 +57,9 @@ add_opened_threehop(void) or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); or_circ->build_state->desired_path_len = DEFAULT_ROUTE_LEN; - onion_append_hop(&or_circ->cpath, &fakehop); - onion_append_hop(&or_circ->cpath, &fakehop); - onion_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); or_circ->has_opened = 1; TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN; @@ -82,10 +82,10 @@ build_unopened_fourhop(struct timeval circ_start_time) or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); or_circ->build_state->desired_path_len = 4; - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); tor_free(fakehop); @@ -197,7 +197,7 @@ test_circuitstats_hoplen(void *arg) } #define TEST_CIRCUITSTATS(name, flags) \ - { #name, test_##name, (flags), NULL, NULL } + { #name, test_##name, (flags), &helper_pubsub_setup, NULL } struct testcase_t circuitstats_tests[] = { TEST_CIRCUITSTATS(circuitstats_hoplen, TT_FORK), diff --git a/src/test/test_circuituse.c b/src/test/test_circuituse.c index 3acfc12044..49438d9d3b 100644 --- a/src/test/test_circuituse.c +++ b/src/test/test_circuituse.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CIRCUITLIST_PRIVATE diff --git a/src/test/test_cmdline.sh b/src/test/test_cmdline.sh new file mode 100755 index 0000000000..ded58af63d --- /dev/null +++ b/src/test/test_cmdline.sh @@ -0,0 +1,65 @@ +#!/bin/sh + +umask 077 +set -e + +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if [ -d "$f" ]; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + +# find the tor binary +if [ $# -ge 1 ]; then + TOR_BINARY="${1}" + shift +else + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" +fi + +TOR_BINARY="$(abspath "$TOR_BINARY")" + +echo "TOR BINARY IS ${TOR_BINARY}" + +die() { echo "$1" >&2 ; exit 5; } + +echo "A" + +DATA_DIR=$(mktemp -d -t tor_cmdline_tests.XXXXXX) +trap 'rm -rf "$DATA_DIR"' 0 + +# 1. Test list-torrc-options. +OUT="${DATA_DIR}/output" + +echo "B" +"${TOR_BINARY}" --list-torrc-options > "$OUT" + +echo "C" + +# regular options are given. +grep -i "SocksPort" "$OUT" >/dev/null || die "Did not find SocksPort" + + +echo "D" + +# unlisted options are given, since they do not have the NOSET flag. +grep -i "__SocksPort" "$OUT" > /dev/null || die "Did not find __SocksPort" + +echo "E" + +# unsettable options are not given. +if grep -i "DisableIOCP" "$OUT" /dev/null; then + die "Found DisableIOCP" +fi +if grep -i "HiddenServiceOptions" "$OUT" /dev/null ; then + die "Found HiddenServiceOptions" +fi +echo "OK" diff --git a/src/test/test_compat_libevent.c b/src/test/test_compat_libevent.c index 2f8646e897..5376e08fb3 100644 --- a/src/test/test_compat_libevent.c +++ b/src/test/test_compat_libevent.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define COMPAT_LIBEVENT_PRIVATE @@ -13,8 +13,6 @@ #include "test/log_test_helpers.h" -#define NS_MODULE compat_libevent - static void test_compat_libevent_logging_callback(void *ignored) { @@ -151,8 +149,6 @@ test_compat_libevent_postloop_events(void *arg) mainloop_event_t *a = NULL, *b = NULL; periodic_timer_t *timed = NULL; - tor_libevent_postfork(); - /* If postloop events don't work, then these events will activate one * another ad infinitum and, and the periodic event will never occur. */ b = mainloop_event_postloop_new(activate_event_cb, &a); @@ -187,4 +183,3 @@ struct testcase_t compat_libevent_tests[] = { TT_FORK, NULL, NULL }, END_OF_TESTCASES }; - diff --git a/src/test/test_config.c b/src/test/test_config.c index d648666f6e..71beb93f67 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -1,11 +1,13 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #define CONFIG_PRIVATE +#define RELAY_CONFIG_PRIVATE +#define RELAY_TRANSPORT_CONFIG_PRIVATE #define PT_PRIVATE #define ROUTERSET_PRIVATE #include "core/or/or.h" @@ -16,7 +18,10 @@ #include "core/or/circuitmux_ewma.h" #include "core/or/circuitbuild.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "app/config/resolve_addr.h" +#include "feature/relay/relay_config.h" +#include "feature/relay/transport_config.h" +#include "lib/confmgt/confmgt.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" #include "test/test.h" @@ -24,6 +29,7 @@ #include "feature/control/control.h" #include "core/mainloop/cpuworker.h" #include "feature/dircache/dirserv.h" +#include "feature/dirclient/dirclient_modes.h" #include "feature/dirauth/dirvote.h" #include "feature/relay/dns.h" #include "feature/client/entrynodes.h" @@ -37,6 +43,7 @@ #include "core/or/policies.h" #include "feature/rend/rendclient.h" #include "feature/rend/rendservice.h" +#include "feature/relay/relay_find_addr.h" #include "feature/relay/router.h" #include "feature/relay/routermode.h" #include "feature/nodelist/dirlist.h" @@ -45,6 +52,7 @@ #include "app/config/statefile.h" #include "test/test_helpers.h" +#include "test/resolve_test_helpers.h" #include "feature/dirclient/dir_server_st.h" #include "core/or/port_cfg_st.h" @@ -54,6 +62,7 @@ #include "lib/meminfo/meminfo.h" #include "lib/net/gethostname.h" #include "lib/encoding/confline.h" +#include "lib/encoding/kvline.h" #ifdef HAVE_UNISTD_H #include <unistd.h> @@ -670,6 +679,54 @@ transport_is_needed_mock(const char *transport_name) return transport_is_needed_mock_return; } +static void +test_config_parse_tcp_proxy_line(void *arg) +{ + (void)arg; + + int ret; + char *msg = NULL; + or_options_t *options = get_options_mutable(); + + /* Bad TCPProxy line - too short. */ + ret = parse_tcp_proxy_line("haproxy", options, &msg); + /* Return error. */ + tt_int_op(ret, OP_EQ, -1); + /* Correct error message. */ + tt_str_op(msg, OP_EQ, "TCPProxy has no address/port. Please fix."); + /* Free error message. */ + tor_free(msg); + + /* Bad TCPProxy line - unsupported protocol. */ + ret = parse_tcp_proxy_line("unsupported 95.216.163.36:443", options, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, "TCPProxy protocol is not supported. Currently the " + "only supported protocol is 'haproxy'. Please fix."); + tor_free(msg); + + /* Bad TCPProxy line - unparsable address/port. */ + MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs); + ret = parse_tcp_proxy_line("haproxy bogus_address!/300", options, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, "TCPProxy address/port failed to parse or resolve. " + "Please fix."); + tor_free(msg); + UNMOCK(tor_addr_lookup); + + /* Good TCPProxy line - ipv4. */ + ret = parse_tcp_proxy_line("haproxy 95.216.163.36:443", options, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(options->TCPProxyProtocol, OP_EQ, TCP_PROXY_PROTOCOL_HAPROXY); + /* Correct the address. */ + tt_assert(tor_addr_eq_ipv4h(&options->TCPProxyAddr, 0x5fd8a324)); + tt_int_op(options->TCPProxyPort, OP_EQ, 443); + tor_free(msg); + + done: + UNMOCK(tor_addr_lookup); +} + /** * Test parsing for the ClientTransportPlugin and ServerTransportPlugin config * options. @@ -687,84 +744,84 @@ test_config_parse_transport_plugin_line(void *arg) int old_transport_is_needed_mock_call_count; /* Bad transport lines - too short */ - r = parse_transport_line(options, "bad", 1, 0); + r = pt_parse_transport_line(options, "bad", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, "bad", 1, 1); + r = pt_parse_transport_line(options, "bad", 1, 1); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, "bad bad", 1, 0); + r = pt_parse_transport_line(options, "bad bad", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, "bad bad", 1, 1); + r = pt_parse_transport_line(options, "bad bad", 1, 1); tt_int_op(r, OP_LT, 0); /* Test transport list parsing */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 1, 0); tt_int_op(r, OP_EQ, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 1, 1); tt_int_op(r, OP_EQ, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1,transport_2 exec /usr/bin/fake-transport", 1, 0); tt_int_op(r, OP_EQ, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1,transport_2 exec /usr/bin/fake-transport", 1, 1); tt_int_op(r, OP_EQ, 0); /* Bad transport identifiers */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_* exec /usr/bin/fake-transport", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_* exec /usr/bin/fake-transport", 1, 1); tt_int_op(r, OP_LT, 0); /* Check SOCKS cases for client transport */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 socks4 1.2.3.4:567", 1, 0); tt_int_op(r, OP_EQ, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 socks5 1.2.3.4:567", 1, 0); tt_int_op(r, OP_EQ, 0); /* Proxy case for server transport */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 proxy 1.2.3.4:567", 1, 1); tt_int_op(r, OP_EQ, 0); /* Multiple-transport error exit */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1,transport_2 socks5 1.2.3.4:567", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1,transport_2 proxy 1.2.3.4:567", 1, 1); tt_int_op(r, OP_LT, 0); /* No port error exit */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 socks5 1.2.3.4", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 proxy 1.2.3.4", 1, 1); tt_int_op(r, OP_LT, 0); /* Unparsable address error exit */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 socks5 1.2.3:6x7", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 proxy 1.2.3:6x7", 1, 1); tt_int_op(r, OP_LT, 0); /* "Strange {Client|Server}TransportPlugin field" error exit */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 foo bar", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 foo bar", 1, 1); tt_int_op(r, OP_LT, 0); /* No sandbox mode error exit */ tmp = options->Sandbox; options->Sandbox = 1; - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 1, 0); tt_int_op(r, OP_LT, 0); - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 1, 1); tt_int_op(r, OP_LT, 0); options->Sandbox = tmp; @@ -776,7 +833,7 @@ test_config_parse_transport_plugin_line(void *arg) MOCK(pt_kickstart_proxy, pt_kickstart_proxy_mock); old_pt_kickstart_proxy_mock_call_count = pt_kickstart_proxy_mock_call_count; - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 0, 1); tt_int_op(r, OP_EQ, 0); tt_assert(pt_kickstart_proxy_mock_call_count == @@ -784,7 +841,7 @@ test_config_parse_transport_plugin_line(void *arg) UNMOCK(pt_kickstart_proxy); /* This one hits a log line in the !validate_only case only */ - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 proxy 1.2.3.4:567", 0, 1); tt_int_op(r, OP_EQ, 0); @@ -801,7 +858,7 @@ test_config_parse_transport_plugin_line(void *arg) transport_add_from_config_mock_call_count; old_transport_is_needed_mock_call_count = transport_is_needed_mock_call_count; - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 0, 0); /* Should have succeeded */ tt_int_op(r, OP_EQ, 0); @@ -825,7 +882,7 @@ test_config_parse_transport_plugin_line(void *arg) transport_add_from_config_mock_call_count; old_transport_is_needed_mock_call_count = transport_is_needed_mock_call_count; - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 exec /usr/bin/fake-transport", 0, 0); /* Should have succeeded */ tt_int_op(r, OP_EQ, 0); @@ -849,7 +906,7 @@ test_config_parse_transport_plugin_line(void *arg) transport_add_from_config_mock_call_count; old_transport_is_needed_mock_call_count = transport_is_needed_mock_call_count; - r = parse_transport_line(options, + r = pt_parse_transport_line(options, "transport_1 socks5 1.2.3.4:567", 0, 0); /* Should have succeeded */ tt_int_op(r, OP_EQ, 0); @@ -904,14 +961,12 @@ test_config_fix_my_family(void *arg) family3->next = NULL; or_options_t* options = options_new(); - or_options_t* defaults = options_new(); (void) arg; options_init(options); - options_init(defaults); options->MyFamily_lines = family; - options_validate(NULL, options, defaults, 0, &err) ; + options_validate(NULL, options, &err) ; if (err != NULL) { TT_FAIL(("options_validate failed: %s", err)); @@ -933,7 +988,6 @@ test_config_fix_my_family(void *arg) done: tor_free(err); or_options_free(options); - or_options_free(defaults); } static int n_hostname_01010101 = 0; @@ -1754,6 +1808,18 @@ add_default_fallback_dir_servers_known_default(void) n_add_default_fallback_dir_servers_known_default++; } +/* Helper for test_config_adding_dir_servers(), which should be + * refactored: clear the fields in the options which the options object + * does not really own. */ +static void +ads_clear_helper(or_options_t *options) +{ + options->DirAuthorities = NULL; + options->AlternateBridgeAuthority = NULL; + options->AlternateDirAuthority = NULL; + options->FallbackDir = NULL; +} + /* Test all the different combinations of adding dir servers */ static void test_config_adding_dir_servers(void *arg) @@ -1761,7 +1827,7 @@ test_config_adding_dir_servers(void *arg) (void)arg; /* allocate options */ - or_options_t *options = tor_malloc_zero(sizeof(or_options_t)); + or_options_t *options = options_new(); /* Allocate and populate configuration lines: * @@ -1884,7 +1950,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -1966,7 +2034,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2107,7 +2177,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2248,7 +2320,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2390,7 +2464,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2542,7 +2618,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2696,7 +2774,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -2859,7 +2939,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -3016,7 +3098,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -3182,7 +3266,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -3345,7 +3431,9 @@ test_config_adding_dir_servers(void *arg) n_add_default_fallback_dir_servers_known_default = 0; /* clear options*/ - memset(options, 0, sizeof(or_options_t)); + ads_clear_helper(options); + or_options_free(options); + options = options_new(); /* clear any previous dir servers: consider_adding_dir_servers() should do this anyway */ @@ -3514,10 +3602,7 @@ test_config_adding_dir_servers(void *arg) tor_free(test_fallback_directory->value); tor_free(test_fallback_directory); - options->DirAuthorities = NULL; - options->AlternateBridgeAuthority = NULL; - options->AlternateDirAuthority = NULL; - options->FallbackDir = NULL; + ads_clear_helper(options); or_options_free(options); UNMOCK(add_default_fallback_dir_servers); @@ -3532,7 +3617,7 @@ test_config_default_dir_servers(void *arg) int fallback_count = 0; /* new set of options should stop fallback parsing */ - opts = tor_malloc_zero(sizeof(or_options_t)); + opts = options_new(); opts->UseDefaultFallbackDirs = 0; /* set old_options to NULL to force dir update */ consider_adding_dir_servers(opts, NULL); @@ -3546,7 +3631,7 @@ test_config_default_dir_servers(void *arg) /* if we disable the default fallbacks, there must not be any extra */ tt_assert(fallback_count == trusted_count); - opts = tor_malloc_zero(sizeof(or_options_t)); + opts = options_new(); opts->UseDefaultFallbackDirs = 1; consider_adding_dir_servers(opts, opts); trusted_count = smartlist_len(router_get_trusted_dir_servers()); @@ -3606,7 +3691,7 @@ test_config_directory_fetch(void *arg) (void)arg; /* Test Setup */ - or_options_t *options = tor_malloc_zero(sizeof(or_options_t)); + or_options_t *options = options_new(); routerinfo_t routerinfo; memset(&routerinfo, 0, sizeof(routerinfo)); mock_router_pick_published_address_result = -1; @@ -3618,70 +3703,76 @@ test_config_directory_fetch(void *arg) mock_router_my_exit_policy_is_reject_star); MOCK(advertised_server_mode, mock_advertised_server_mode); MOCK(router_get_my_routerinfo, mock_router_get_my_routerinfo); + or_options_free(options); + options = options_new(); /* Clients can use multiple directory mirrors for bootstrap */ - memset(options, 0, sizeof(or_options_t)); options->ClientOnly = 1; tt_assert(server_mode(options) == 0); tt_assert(public_server_mode(options) == 0); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 1); /* Bridge Clients can use multiple directory mirrors for bootstrap */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->UseBridges = 1; tt_assert(server_mode(options) == 0); tt_assert(public_server_mode(options) == 0); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 1); /* Bridge Relays (Bridges) must act like clients, and use multiple * directory mirrors for bootstrap */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->BridgeRelay = 1; options->ORPort_set = 1; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 0); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 1); /* Clients set to FetchDirInfoEarly must fetch it from the authorities, * but can use multiple authorities for bootstrap */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->FetchDirInfoEarly = 1; tt_assert(server_mode(options) == 0); tt_assert(public_server_mode(options) == 0); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 1); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 1); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 1); /* OR servers only fetch the consensus from the authorities when they don't * know their own address, but never use multiple directories for bootstrap */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->ORPort_set = 1; mock_router_pick_published_address_result = -1; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 1); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 1); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); mock_router_pick_published_address_result = 0; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); /* Exit OR servers only fetch the consensus from the authorities when they * refuse unknown exits, but never use multiple directories for bootstrap */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->ORPort_set = 1; options->ExitRelay = 1; mock_router_pick_published_address_result = 0; @@ -3694,7 +3785,7 @@ test_config_directory_fetch(void *arg) options->RefuseUnknownExits = 1; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 1); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 1); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3702,7 +3793,7 @@ test_config_directory_fetch(void *arg) mock_router_pick_published_address_result = 0; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3711,7 +3802,8 @@ test_config_directory_fetch(void *arg) * advertising their dirport, and never use multiple directories for * bootstrap. This only applies if they are also OR servers. * (We don't care much about the behaviour of non-OR directory servers.) */ - memset(options, 0, sizeof(or_options_t)); + or_options_free(options); + options = options_new(); options->DirPort_set = 1; options->ORPort_set = 1; options->DirCache = 1; @@ -3723,7 +3815,7 @@ test_config_directory_fetch(void *arg) mock_router_get_my_routerinfo_result = &routerinfo; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 1); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 1); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3732,7 +3824,7 @@ test_config_directory_fetch(void *arg) mock_router_get_my_routerinfo_result = &routerinfo; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3740,7 +3832,7 @@ test_config_directory_fetch(void *arg) mock_router_get_my_routerinfo_result = NULL; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3750,7 +3842,7 @@ test_config_directory_fetch(void *arg) mock_router_get_my_routerinfo_result = &routerinfo; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 0); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 0); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); @@ -3760,12 +3852,12 @@ test_config_directory_fetch(void *arg) mock_router_get_my_routerinfo_result = &routerinfo; tt_assert(server_mode(options) == 1); tt_assert(public_server_mode(options) == 1); - tt_int_op(directory_fetches_from_authorities(options), OP_EQ, 1); + tt_int_op(dirclient_fetches_from_authorities(options), OP_EQ, 1); tt_int_op(networkstatus_consensus_can_use_multiple_directories(options), OP_EQ, 0); done: - tor_free(options); + or_options_free(options); UNMOCK(router_pick_published_address); UNMOCK(router_get_my_routerinfo); UNMOCK(advertised_server_mode); @@ -3776,7 +3868,9 @@ static void test_config_default_fallback_dirs(void *arg) { const char *fallback[] = { +#ifndef COCCI #include "app/config/fallback_dirs.inc" +#endif NULL }; @@ -3958,40 +4052,40 @@ test_config_parse_port_config__ports__no_ports_given(void *data) slout = smartlist_new(); // Test no defaultport, no defaultaddress and no out - ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 0, 0); + ret = port_parse_config(NULL, NULL, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, 0); // Test with defaultport, no defaultaddress and no out - ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 42, 0); + ret = port_parse_config(NULL, NULL, "DNS", 0, NULL, 42, 0); tt_int_op(ret, OP_EQ, 0); // Test no defaultport, with defaultaddress and no out - ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0); + ret = port_parse_config(NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0); tt_int_op(ret, OP_EQ, 0); // Test with defaultport, with defaultaddress and no out - ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0); + ret = port_parse_config(NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0); tt_int_op(ret, OP_EQ, 0); // Test no defaultport, no defaultaddress and with out - ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 0, 0); + ret = port_parse_config(slout, NULL, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test with defaultport, no defaultaddress and with out - ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 42, 0); + ret = port_parse_config(slout, NULL, "DNS", 0, NULL, 42, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test no defaultport, with defaultaddress and with out - ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 0, 0); + ret = port_parse_config(slout, NULL, "DNS", 0, "127.0.0.2", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test with defaultport, with defaultaddress and out, adds a new port cfg SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 42, 0); + ret = port_parse_config(slout, NULL, "DNS", 0, "127.0.0.2", 42, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); @@ -4002,7 +4096,7 @@ test_config_parse_port_config__ports__no_ports_given(void *data) // for a unix address SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, NULL, "DNS", 0, "/foo/bar/unixdomain", + ret = port_parse_config(slout, NULL, "DNS", 0, "/foo/bar/unixdomain", 42, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4029,30 +4123,32 @@ test_config_parse_port_config__ports__ports_given(void *data) slout = smartlist_new(); + mock_hostname_resolver(); + // Test error when encounters an invalid Port specification config_port_invalid = mock_config_line("DNSPort", ""); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test error when encounters an empty unix domain specification config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "unix:"); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test error when encounters a unix domain specification but the listener // doesn't support domain sockets config_port_valid = mock_config_line("DNSPort", "unix:/tmp/foo/bar"); - ret = parse_port_config(NULL, config_port_valid, "DNS", + ret = port_parse_config(NULL, config_port_valid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test valid unix domain SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, 0); #ifdef _WIN32 tt_int_op(ret, OP_EQ, -1); @@ -4063,7 +4159,7 @@ test_config_parse_port_config__ports__ports_given(void *data) tt_int_op(port_cfg->port, OP_EQ, 0); tt_int_op(port_cfg->is_unix_addr, OP_EQ, 1); tt_str_op(port_cfg->unix_addr, OP_EQ, "/tmp/foo/bar"); - /* Test entry port defaults as initialised in parse_port_config */ + /* Test entry port defaults as initialised in port_parse_config */ tt_int_op(port_cfg->entry_cfg.dns_request, OP_EQ, 1); tt_int_op(port_cfg->entry_cfg.ipv4_traffic, OP_EQ, 1); tt_int_op(port_cfg->entry_cfg.onion_traffic, OP_EQ, 1); @@ -4077,7 +4173,7 @@ test_config_parse_port_config__ports__ports_given(void *data) "unix:/tmp/foo/bar NoIPv4Traffic " "NoIPv6Traffic " "NoOnionTraffic"); - ret = parse_port_config(NULL, config_port_invalid, "SOCKS", + ret = port_parse_config(NULL, config_port_invalid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4086,7 +4182,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "127.0.0.1:80 NoDNSRequest"); - ret = parse_port_config(NULL, config_port_invalid, "DNS", + ret = port_parse_config(NULL, config_port_invalid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4099,7 +4195,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("DNSPort", "127.0.0.1:80 " "NoIPv6Traffic " "NoIPv4Traffic NoOnionTraffic"); - ret = parse_port_config(slout, config_port_valid, "DNS", + ret = port_parse_config(slout, config_port_valid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); @@ -4115,7 +4211,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_invalid = mock_config_line("SOCKSPort", "NoIPv6Traffic " "unix:/tmp/foo/bar NoIPv4Traffic"); - ret = parse_port_config(NULL, config_port_invalid, "SOCKS", + ret = port_parse_config(NULL, config_port_invalid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4128,7 +4224,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4150,7 +4246,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar\" " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4172,7 +4268,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4184,7 +4280,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"\" " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4195,7 +4291,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "OnionTrafficOnly"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4216,7 +4312,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "NoIPv4Traffic IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4235,7 +4331,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "IPv4Traffic IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4251,28 +4347,28 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test failure if we specify world writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 WorldWritable"); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test failure if we specify group writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 GroupWritable"); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test failure if we specify group writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 RelaxDirModeCheck"); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test success with only a port (this will fail without a default address) config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "42"); - ret = parse_port_config(NULL, config_port_valid, "DNS", 0, + ret = port_parse_config(NULL, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); @@ -4281,7 +4377,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateDestPort"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4294,7 +4390,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoIsolateDestPorts"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4307,7 +4403,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateDestAddr"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4320,7 +4416,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateSOCKSAuth"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4333,7 +4429,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateClientProtocol"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4346,7 +4442,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateClientAddr"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4357,7 +4453,7 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with ignored unknown options config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "42 ThisOptionDoesntExist"); - ret = parse_port_config(NULL, config_port_valid, "DNS", 0, + ret = port_parse_config(NULL, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); @@ -4366,7 +4462,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoIsolateSOCKSAuth"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4379,7 +4475,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "42 IPv6Traffic PreferIPv6"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, "127.0.0.42", 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); @@ -4392,7 +4488,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheIPv4DNS"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4405,7 +4501,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheIPv6DNS"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4418,7 +4514,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoCacheIPv4DNS"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4431,7 +4527,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheDNS"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4444,7 +4540,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseIPv4Cache"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4457,7 +4553,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseIPv6Cache"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4470,7 +4566,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseDNSCache"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4483,7 +4579,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoPreferIPv6Automap"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4495,7 +4591,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 PreferSOCKSNoAuth"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4510,14 +4606,14 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_invalid = mock_config_line("DNSPort", "0"); config_port_valid = mock_config_line("DNSPort", "42"); config_port_invalid->next = config_port_valid; - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test success with warn non-local control SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, "Control", + ret = port_parse_config(slout, config_port_valid, "Control", CONN_TYPE_CONTROL_LISTENER, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4525,7 +4621,7 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with warn non-local listener SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, "ExtOR", + ret = port_parse_config(slout, config_port_valid, "ExtOR", CONN_TYPE_EXT_OR_LISTENER, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4533,12 +4629,12 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with warn non-local other SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); // Test success with warn non-local other without out - ret = parse_port_config(NULL, config_port_valid, "DNS", 0, + ret = port_parse_config(NULL, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4549,7 +4645,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IPv4Traffic " "IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.44", 0, CL_PORT_TAKES_HOSTNAMES | CL_PORT_NO_STREAM_OPTIONS); @@ -4564,7 +4660,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=invalid"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4574,7 +4670,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4584,7 +4680,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123 " "SessionGroup=321"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4593,7 +4689,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 SessionGroup=1111122"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.44", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4605,7 +4701,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "0"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); @@ -4615,7 +4711,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "something"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4628,48 +4724,48 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "auto"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); tt_int_op(port_cfg->port, OP_EQ, CFG_AUTO_PORT); tor_addr_parse(&addr, "127.0.0.46"); - tt_assert(tor_addr_eq(&port_cfg->addr, &addr)) + tt_assert(tor_addr_eq(&port_cfg->addr, &addr)); // Test success with a port of auto in mixed case config_free_lines(config_port_valid); config_port_valid = NULL; SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "AuTo"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); tt_int_op(port_cfg->port, OP_EQ, CFG_AUTO_PORT); tor_addr_parse(&addr, "127.0.0.46"); - tt_assert(tor_addr_eq(&port_cfg->addr, &addr)) + tt_assert(tor_addr_eq(&port_cfg->addr, &addr)); // Test success with parsing both an address and an auto port config_free_lines(config_port_valid); config_port_valid = NULL; SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.122:auto"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); tt_int_op(port_cfg->port, OP_EQ, CFG_AUTO_PORT); tor_addr_parse(&addr, "127.0.0.122"); - tt_assert(tor_addr_eq(&port_cfg->addr, &addr)) + tt_assert(tor_addr_eq(&port_cfg->addr, &addr)); // Test failure when asked to parse an invalid address followed by auto config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "invalidstuff!!:auto"); MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs); - ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, + ret = port_parse_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); UNMOCK(tor_addr_lookup); tt_int_op(ret, OP_EQ, -1); @@ -4679,21 +4775,21 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.123:656"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); tt_int_op(port_cfg->port, OP_EQ, 656); tor_addr_parse(&addr, "127.0.0.123"); - tt_assert(tor_addr_eq(&port_cfg->addr, &addr)) + tt_assert(tor_addr_eq(&port_cfg->addr, &addr)); // Test failure if we can't parse anything at all config_free_lines(config_port_invalid); config_port_invalid = NULL; SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "something wrong"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4702,7 +4798,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.1.0:123:auto"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4712,7 +4808,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/somewhere"); - ret = parse_port_config(slout, config_port_valid, "SOCKS", + ret = port_parse_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, "127.0.0.46", 0, CL_PORT_DFLT_GROUP_WRITABLE); #ifdef _WIN32 @@ -4725,6 +4821,7 @@ test_config_parse_port_config__ports__ports_given(void *data) #endif /* defined(_WIN32) */ done: + unmock_hostname_resolver(); if (slout) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_free(slout); @@ -4747,7 +4844,7 @@ test_config_parse_port_config__ports__server_options(void *data) config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 NoAdvertise"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4760,7 +4857,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4774,7 +4871,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen " "NoAdvertise"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4783,7 +4880,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 IPv4Only"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4796,7 +4893,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "[::1]:656 IPv6Only"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4810,7 +4907,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 IPv6Only " "IPv4Only"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4819,7 +4916,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 unknown"); - ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, + ret = port_parse_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4830,7 +4927,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 IPv6Only"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4839,7 +4936,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "[::1]:656 IPv4Only"); - ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, + ret = port_parse_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4848,7 +4945,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("ORPort", "unix:\"\""); - ret = parse_port_config(slout, config_port_invalid, "ORPort", 0, NULL, + ret = port_parse_config(slout, config_port_invalid, "ORPort", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -5128,7 +5225,7 @@ test_config_include_no_permission(void *data) chmod(dir, 0700); tor_free(dir); } -#endif +#endif /* !defined(_WIN32) */ static void test_config_include_recursion_before_after(void *data) @@ -5662,7 +5759,6 @@ test_config_check_bridge_distribution_setting_not_a_bridge(void *arg) { or_options_t* options = get_options_mutable(); or_options_t* old_options = options; - or_options_t* default_options = options; char* message = NULL; int ret; @@ -5671,7 +5767,7 @@ test_config_check_bridge_distribution_setting_not_a_bridge(void *arg) options->BridgeRelay = 0; options->BridgeDistribution = (char*)("https"); - ret = options_validate(old_options, options, default_options, 0, &message); + ret = options_validate(old_options, options, &message); tt_int_op(ret, OP_EQ, -1); tt_str_op(message, OP_EQ, "You set BridgeDistribution, but you " @@ -5843,7 +5939,7 @@ test_config_compute_max_mem_in_queues(void *data) #else /* We are on a 32-bit system. */ tt_u64_op(compute_real_max_mem_in_queues(0, 0), OP_EQ, GIGABYTE(1)); -#endif +#endif /* SIZEOF_VOID_P >= 8 */ /* We are able to detect the amount of RAM on the system. */ total_system_memory_return = 0; @@ -5884,7 +5980,7 @@ test_config_compute_max_mem_in_queues(void *data) /* We will at maximum get MAX_DEFAULT_MEMORY_QUEUE_SIZE here. */ tt_u64_op(compute_real_max_mem_in_queues(0, 0), OP_EQ, MAX_DEFAULT_MEMORY_QUEUE_SIZE); -#endif +#endif /* SIZEOF_SIZE_T > 4 */ done: UNMOCK(get_total_system_memory); @@ -5928,6 +6024,7 @@ test_config_extended_fmt(void *arg) tt_str_op(lp->value, OP_EQ, "is back here"); tt_int_op(lp->command, OP_EQ, CONFIG_LINE_NORMAL); lp = lp->next; + tt_assert(!lp); config_free_lines(lines); /* Try with the "extended" flag enabled. */ @@ -5954,11 +6051,198 @@ test_config_extended_fmt(void *arg) tt_str_op(lp->value, OP_EQ, ""); tt_int_op(lp->command, OP_EQ, CONFIG_LINE_CLEAR); lp = lp->next; + tt_assert(!lp); done: config_free_lines(lines); } +static void +test_config_kvline_parse(void *arg) +{ + (void)arg; + + config_line_t *lines = NULL; + char *enc = NULL; + + lines = kvline_parse("A=B CD=EF", 0); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "A"); + tt_str_op(lines->value, OP_EQ, "B"); + tt_str_op(lines->next->key, OP_EQ, "CD"); + tt_str_op(lines->next->value, OP_EQ, "EF"); + enc = kvline_encode(lines, 0); + tt_str_op(enc, OP_EQ, "A=B CD=EF"); + tor_free(enc); + enc = kvline_encode(lines, KV_QUOTED|KV_OMIT_KEYS); + tt_str_op(enc, OP_EQ, "A=B CD=EF"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB CDE=F", 0); + tt_assert(! lines); + + lines = kvline_parse("AB CDE=F", KV_OMIT_KEYS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, ""); + tt_str_op(lines->value, OP_EQ, "AB"); + tt_str_op(lines->next->key, OP_EQ, "CDE"); + tt_str_op(lines->next->value, OP_EQ, "F"); + tt_assert(lines); + enc = kvline_encode(lines, 0); + tt_assert(!enc); + enc = kvline_encode(lines, KV_QUOTED|KV_OMIT_KEYS); + tt_str_op(enc, OP_EQ, "AB CDE=F"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB=C CDE=\"F G\"", 0); + tt_assert(!lines); + + lines = kvline_parse("AB=C CDE=\"F G\" \"GHI\" ", KV_QUOTED|KV_OMIT_KEYS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, "C"); + tt_str_op(lines->next->key, OP_EQ, "CDE"); + tt_str_op(lines->next->value, OP_EQ, "F G"); + tt_str_op(lines->next->next->key, OP_EQ, ""); + tt_str_op(lines->next->next->value, OP_EQ, "GHI"); + enc = kvline_encode(lines, 0); + tt_assert(!enc); + enc = kvline_encode(lines, KV_QUOTED|KV_OMIT_KEYS); + tt_str_op(enc, OP_EQ, "AB=C CDE=\"F G\" GHI"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("A\"B=C CDE=\"F\" \"GHI\" ", KV_QUOTED|KV_OMIT_KEYS); + tt_assert(! lines); + + lines = kvline_parse("AB=", KV_QUOTED); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, ""); + config_free_lines(lines); + + lines = kvline_parse("AB=", 0); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, ""); + config_free_lines(lines); + + lines = kvline_parse("AB=", KV_OMIT_VALS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, ""); + config_free_lines(lines); + + lines = kvline_parse(" AB ", KV_OMIT_VALS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, ""); + config_free_lines(lines); + + lines = kvline_parse("AB", KV_OMIT_VALS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, ""); + enc = kvline_encode(lines, KV_OMIT_VALS); + tt_str_op(enc, OP_EQ, "AB"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB=CD", KV_OMIT_VALS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, "CD"); + enc = kvline_encode(lines, KV_OMIT_VALS); + tt_str_op(enc, OP_EQ, "AB=CD"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB=CD DE FGH=I", KV_OMIT_VALS); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, "CD"); + tt_str_op(lines->next->key, OP_EQ, "DE"); + tt_str_op(lines->next->value, OP_EQ, ""); + tt_str_op(lines->next->next->key, OP_EQ, "FGH"); + tt_str_op(lines->next->next->value, OP_EQ, "I"); + enc = kvline_encode(lines, KV_OMIT_VALS); + tt_str_op(enc, OP_EQ, "AB=CD DE FGH=I"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB=\"CD E\" DE FGH=\"I\"", KV_OMIT_VALS|KV_QUOTED); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, "CD E"); + tt_str_op(lines->next->key, OP_EQ, "DE"); + tt_str_op(lines->next->value, OP_EQ, ""); + tt_str_op(lines->next->next->key, OP_EQ, "FGH"); + tt_str_op(lines->next->next->value, OP_EQ, "I"); + enc = kvline_encode(lines, KV_OMIT_VALS|KV_QUOTED); + tt_str_op(enc, OP_EQ, "AB=\"CD E\" DE FGH=I"); + tor_free(enc); + config_free_lines(lines); + + lines = kvline_parse("AB=CD \"EF=GH\"", KV_OMIT_KEYS|KV_QUOTED); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "AB"); + tt_str_op(lines->value, OP_EQ, "CD"); + tt_str_op(lines->next->key, OP_EQ, ""); + tt_str_op(lines->next->value, OP_EQ, "EF=GH"); + enc = kvline_encode(lines, KV_OMIT_KEYS); + tt_assert(!enc); + enc = kvline_encode(lines, KV_OMIT_KEYS|KV_QUOTED); + tt_assert(enc); + tt_str_op(enc, OP_EQ, "AB=CD \"EF=GH\""); + tor_free(enc); + config_free_lines(lines); + + lines = tor_malloc_zero(sizeof(*lines)); + lines->key = tor_strdup("A=B"); + lines->value = tor_strdup("CD"); + enc = kvline_encode(lines, 0); + tt_assert(!enc); + config_free_lines(lines); + + config_line_append(&lines, "A", "B C"); + enc = kvline_encode(lines, 0); + tt_assert(!enc); + enc = kvline_encode(lines, KV_RAW); + tt_assert(enc); + tt_str_op(enc, OP_EQ, "A=B C"); + + done: + config_free_lines(lines); + tor_free(enc); +} + +static void +test_config_getinfo_config_names(void *arg) +{ + (void)arg; + char *answer = NULL; + const char *error = NULL; + int rv; + + rv = getinfo_helper_config(NULL, "config/names", &answer, &error); + tt_int_op(rv, OP_EQ, 0); + tt_ptr_op(error, OP_EQ, NULL); + + // ContactInfo should be listed. + tt_assert(strstr(answer, "\nContactInfo String\n")); + + // V1AuthoritativeDirectory should not be listed, since it is obsolete. + tt_assert(! strstr(answer, "V1AuthoritativeDirectory")); + + // ___UsingTestNetworkDefaults should not be listed, since it is invisible. + tt_assert(! strstr(answer, "UsingTestNetworkDefaults")); + + done: + tor_free(answer); +} + #define CONFIG_TEST(name, flags) \ { #name, test_config_ ## name, flags, NULL, NULL } @@ -5977,6 +6261,7 @@ struct testcase_t config_tests[] = { CONFIG_TEST(parse_bridge_line, 0), CONFIG_TEST(parse_transport_options_line, 0), CONFIG_TEST(parse_transport_plugin_line, TT_FORK), + CONFIG_TEST(parse_tcp_proxy_line, TT_FORK), CONFIG_TEST(check_or_create_data_subdir, TT_FORK), CONFIG_TEST(write_to_data_subdir, TT_FORK), CONFIG_TEST(fix_my_family, 0), @@ -6012,5 +6297,7 @@ struct testcase_t config_tests[] = { CONFIG_TEST(include_opened_file_list, 0), CONFIG_TEST(compute_max_mem_in_queues, 0), CONFIG_TEST(extended_fmt, 0), + CONFIG_TEST(kvline_parse, 0), + CONFIG_TEST(getinfo_config_names, 0), END_OF_TESTCASES }; diff --git a/src/test/test_confmgr.c b/src/test/test_confmgr.c new file mode 100644 index 0000000000..a647b92e0a --- /dev/null +++ b/src/test/test_confmgr.c @@ -0,0 +1,499 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/* + * Tests for confmgt.c's features that support multiple configuration + * formats and configuration objects. + */ + +#define CONFMGT_PRIVATE +#include "orconfig.h" + +#include "core/or/or.h" +#include "lib/encoding/confline.h" +#include "lib/confmgt/confmgt.h" +#include "test/test.h" +#include "test/log_test_helpers.h" + +/* + * Set up a few objects: a pasture_cfg is toplevel; it has a llama_cfg and an + * alpaca_cfg. + */ + +typedef struct { + uint32_t magic; + char *address; + int opentopublic; + config_suite_t *subobjs; +} pasture_cfg_t; + +typedef struct { + char *llamaname; + int cuteness; + uint32_t magic; + int eats_meat; /* deprecated; llamas are never carnivorous. */ + + char *description; // derived from other fields. +} llama_cfg_t; + +typedef struct { + uint32_t magic; + int fuzziness; + char *alpacaname; + int n_wings; /* deprecated; alpacas don't have wings. */ + + int square_fuzziness; /* Derived from fuzziness. */ +} alpaca_cfg_t; + +/* + * Make the above into configuration objects. + */ + +static pasture_cfg_t pasture_cfg_t_dummy; +static llama_cfg_t llama_cfg_t_dummy; +static alpaca_cfg_t alpaca_cfg_t_dummy; + +#define PV(name, type, dflt) \ + CONFIG_VAR_ETYPE(pasture_cfg_t, #name, type, name, 0, dflt) +#define LV(name, type, dflt) \ + CONFIG_VAR_ETYPE(llama_cfg_t, #name, type, name, 0, dflt) +#define AV(name, type, dflt) \ + CONFIG_VAR_ETYPE(alpaca_cfg_t, #name, type, name, 0, dflt) +static const config_var_t pasture_vars[] = { + PV(address, STRING, NULL), + PV(opentopublic, BOOL, "1"), + END_OF_CONFIG_VARS +}; +static const config_var_t llama_vars[] = +{ + LV(llamaname, STRING, NULL), + LV(eats_meat, BOOL, NULL), + LV(cuteness, POSINT, "100"), + END_OF_CONFIG_VARS +}; +static const config_var_t alpaca_vars[] = +{ + AV(alpacaname, STRING, NULL), + AV(fuzziness, POSINT, "50"), + AV(n_wings, POSINT, "0"), + END_OF_CONFIG_VARS +}; + +static config_deprecation_t llama_deprecations[] = { + { "eats_meat", "Llamas are herbivores." }, + {NULL,NULL} +}; + +static config_deprecation_t alpaca_deprecations[] = { + { "n_wings", "Alpacas are quadrupeds." }, + {NULL,NULL} +}; + +static int clear_llama_cfg_called = 0; +static void +clear_llama_cfg(const config_mgr_t *mgr, void *llamacfg) +{ + (void)mgr; + llama_cfg_t *lc = llamacfg; + tor_free(lc->description); + ++clear_llama_cfg_called; +} + +static config_abbrev_t llama_abbrevs[] = { + { "gracia", "cuteness", 0, 0 }, + { "gentillesse", "cuteness", 0, 0 }, + { NULL, NULL, 0, 0 }, +}; + +static int +legacy_validate_pasture(const void *old_, void *obj, char **msg_out) +{ + const pasture_cfg_t *old = old_; + pasture_cfg_t *p = obj; + + // llamas can't find their way home if the letters are lowercase. + if (p->address) + tor_strupper(p->address); + + if (old && old->address && + (!p->address || strcmp(old->address, p->address))) { + *msg_out = tor_strdup("You can't move a pasture."); + return -1; + } + + return 0; +} + +static int +validate_llama(const void *obj, char **msg_out) +{ + const llama_cfg_t *llama = obj; + tor_assert(llama->magic == 0x11aa11); + + if (! llama->llamaname || strlen(llama->llamaname) == 0) { + *msg_out = tor_strdup("A llama has no name!?"); + return -1; + } + + if (strspn(llama->llamaname, "0123456789") == strlen(llama->llamaname)) { + *msg_out = tor_strdup("It is not a number; it is a free llama!"); + return -1; + } + + return 0; +} + +static int +check_transition_alpaca(const void *old_, const void *new_, char **msg_out) +{ + const alpaca_cfg_t *old_alpaca = old_; + const alpaca_cfg_t *new_alpaca = new_; + + tor_assert(old_alpaca && new_alpaca); + tor_assert(old_alpaca->magic == 0xa15aca); + tor_assert(new_alpaca->magic == 0xa15aca); + + if (old_alpaca->fuzziness > new_alpaca->fuzziness) { + *msg_out = tor_strdup("An alpaca only becomes more fuzzy over time."); + return -1; + } + + return 0; +} + +static int +post_normalize_llama(void *obj, char **msg_out) +{ + (void)msg_out; + llama_cfg_t *llama = obj; + tor_assert(llama->magic == 0x11aa11); + tor_assert(llama->llamaname); // we have already checked for a NULL name. + tor_free(llama->description); + tor_asprintf(&llama->description, "A llama called %s.", llama->llamaname); + return 0; +} + +static int +pre_normalize_alpaca(void *obj, char **msg_out) +{ + (void)msg_out; + alpaca_cfg_t *alpaca = obj; + tor_assert(alpaca->magic == 0xa15aca); + alpaca->square_fuzziness = alpaca->fuzziness * alpaca->fuzziness; + return 0; +} + +static const config_format_t pasture_fmt = { + sizeof(pasture_cfg_t), + { + "pasture_cfg_t", + 8989, + offsetof(pasture_cfg_t, magic) + }, + .vars = pasture_vars, + .has_config_suite = true, + .config_suite_offset = offsetof(pasture_cfg_t, subobjs), + .legacy_validate_fn = legacy_validate_pasture, +}; + +static const config_format_t llama_fmt = { + sizeof(llama_cfg_t), + { + "llama_cfg_t", + 0x11aa11, + offsetof(llama_cfg_t, magic) + }, + .vars = llama_vars, + .deprecations = llama_deprecations, + .abbrevs = llama_abbrevs, + .clear_fn = clear_llama_cfg, + .validate_fn = validate_llama, + .post_normalize_fn = post_normalize_llama, +}; + +static const config_format_t alpaca_fmt = { + sizeof(alpaca_cfg_t), + { + "alpaca_cfg_t", + 0xa15aca, + offsetof(alpaca_cfg_t, magic) + }, + .vars = alpaca_vars, + .deprecations = alpaca_deprecations, + .pre_normalize_fn = pre_normalize_alpaca, + .check_transition_fn = check_transition_alpaca, +}; + +#define LLAMA_IDX 0 +#define ALPACA_IDX 1 + +static config_mgr_t * +get_mgr(bool freeze) +{ + config_mgr_t *mgr = config_mgr_new(&pasture_fmt); + tt_int_op(LLAMA_IDX, OP_EQ, config_mgr_add_format(mgr, &llama_fmt)); + tt_int_op(ALPACA_IDX, OP_EQ, config_mgr_add_format(mgr, &alpaca_fmt)); + if (freeze) + config_mgr_freeze(mgr); + return mgr; + + done: + config_mgr_free(mgr); + return NULL; +} + +static void +test_confmgr_init(void *arg) +{ + (void)arg; + config_mgr_t *mgr = get_mgr(true); + smartlist_t *vars = NULL; + tt_ptr_op(mgr, OP_NE, NULL); + + vars = config_mgr_list_vars(mgr); + tt_int_op(smartlist_len(vars), OP_EQ, 8); // 8 vars total. + + tt_str_op("cuteness", OP_EQ, config_find_option_name(mgr, "CUTENESS")); + tt_str_op("cuteness", OP_EQ, config_find_option_name(mgr, "GRACIA")); + smartlist_free(vars); + + vars = config_mgr_list_deprecated_vars(mgr); // 2 deprecated vars. + tt_int_op(smartlist_len(vars), OP_EQ, 2); + tt_assert(smartlist_contains_string(vars, "eats_meat")); + tt_assert(smartlist_contains_string(vars, "n_wings")); + + tt_str_op("Llamas are herbivores.", OP_EQ, + config_find_deprecation(mgr, "EATS_MEAT")); + tt_str_op("Alpacas are quadrupeds.", OP_EQ, + config_find_deprecation(mgr, "N_WINGS")); + + done: + smartlist_free(vars); + config_mgr_free(mgr); +} + +static void +test_confmgr_magic(void *args) +{ + (void)args; + // Every time we build a manager, it is supposed to get a different magic + // number. Let's test that. + config_mgr_t *mgr1 = get_mgr(true); + config_mgr_t *mgr2 = get_mgr(true); + config_mgr_t *mgr3 = get_mgr(true); + + pasture_cfg_t *p1 = NULL, *p2 = NULL, *p3 = NULL; + + tt_assert(mgr1); + tt_assert(mgr2); + tt_assert(mgr3); + + p1 = config_new(mgr1); + p2 = config_new(mgr2); + p3 = config_new(mgr3); + + tt_assert(p1); + tt_assert(p2); + tt_assert(p3); + + // By chance, two managers get the same magic with P=2^-32. Let's + // make sure that at least two of them are different, so that our + // odds of a false positive are 1/2^-64. + tt_assert((p1->magic != p2->magic) || (p2->magic != p3->magic)); + + done: + config_free(mgr1, p1); + config_free(mgr2, p2); + config_free(mgr3, p3); + + config_mgr_free(mgr1); + config_mgr_free(mgr2); + config_mgr_free(mgr3); +} + +static const char *simple_pasture = + "LLamaname hugo\n" + "Alpacaname daphne\n" + "gentillesse 42\n" + "address 123 Camelid ave\n"; + +static void +test_confmgr_parse(void *arg) +{ + (void)arg; + config_mgr_t *mgr = get_mgr(true); + pasture_cfg_t *p = config_new(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, p); // set defaults. + + int r = config_get_lines(simple_pasture, &lines, 0); + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, p, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + + tt_int_op(p->opentopublic, OP_EQ, 1); + tt_str_op(p->address, OP_EQ, "123 Camelid ave"); + + // We are using this API directly; modules outside confparse will, in the + // future, not. + const alpaca_cfg_t *ac = config_mgr_get_obj(mgr, p, ALPACA_IDX); + const llama_cfg_t *lc = config_mgr_get_obj(mgr, p, LLAMA_IDX); + tt_str_op(lc->llamaname, OP_EQ, "hugo"); + tt_str_op(ac->alpacaname, OP_EQ, "daphne"); + tt_int_op(lc->cuteness, OP_EQ, 42); + tt_int_op(ac->fuzziness, OP_EQ, 50); + + // We set the description for the llama here, so that the clear function + // can clear it. (Later we can do this in a verification function.) + clear_llama_cfg_called = 0; + llama_cfg_t *mut_lc = config_mgr_get_obj_mutable(mgr, p, LLAMA_IDX); + mut_lc->description = tor_strdup("A llama named Hugo."); + config_free(mgr, p); + tt_int_op(clear_llama_cfg_called, OP_EQ, 1); + + done: + config_free_lines(lines); + config_free(mgr, p); + config_mgr_free(mgr); + tor_free(msg); +} + +static void +test_confmgr_dump(void *arg) +{ + (void)arg; + config_mgr_t *mgr = get_mgr(true); + pasture_cfg_t *p = config_new(mgr); + pasture_cfg_t *defaults = config_new(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + char *s = NULL; + + config_init(mgr, p); // set defaults. + config_init(mgr, defaults); // set defaults. + + int r = config_get_lines(simple_pasture, &lines, 0); + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, p, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + + s = config_dump(mgr, defaults, p, 1, 0); + tt_str_op("address 123 Camelid ave\n" + "alpacaname daphne\n" + "cuteness 42\n" + "llamaname hugo\n", OP_EQ, s); + + done: + config_free_lines(lines); + config_free(mgr, p); + config_free(mgr, defaults); + config_mgr_free(mgr); + + tor_free(msg); + tor_free(s); +} + +static pasture_cfg_t * +parse_and_validate(config_mgr_t *mgr, + const char *inp, const pasture_cfg_t *old, char **msg_out) +{ + pasture_cfg_t *p = config_new(mgr); + pasture_cfg_t *result = NULL; + config_line_t *lines = NULL; + + config_init(mgr, p); // set defaults. + int r = config_get_lines(inp, &lines, 0); + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, p, lines, 0, msg_out); + tt_int_op(r, OP_EQ, 0); + tor_free(*msg_out); // sets it to NULL + r = config_validate(mgr, old, p, msg_out); + if (r < 0) + goto done; + + tt_ptr_op(*msg_out, OP_EQ, NULL); + result = p; + p = NULL; // prevent free + done: + config_free(mgr, p); + config_free_lines(lines); + return result; +} + +static void +test_confmgr_validate(void *arg) +{ + (void)arg; + char *msg = NULL; + config_mgr_t *mgr = get_mgr(true); + pasture_cfg_t *p_orig, *p=NULL; + + p_orig = parse_and_validate(mgr, "Llamaname Quest\n" + "Address 99 camelid way\n" + "Fuzziness 8\n", NULL, &msg); + tt_assert(p_orig); + + // Make sure normalization code was run. + const alpaca_cfg_t *ac0 = config_mgr_get_obj(mgr, p_orig, ALPACA_IDX); + const llama_cfg_t *lc0 = config_mgr_get_obj(mgr, p_orig, LLAMA_IDX); + tt_int_op(ac0->fuzziness, OP_EQ, 8); + tt_int_op(ac0->square_fuzziness, OP_EQ, 64); + tt_str_op(lc0->description, OP_EQ, "A llama called Quest."); + tt_str_op(p_orig->address, OP_EQ, "99 CAMELID WAY"); + + // try a bad llamaname. + p = parse_and_validate(mgr, "llamaname 123", p_orig, &msg); + tt_assert(!p); + tt_str_op(msg, OP_EQ, "It is not a number; it is a free llama!"); + tor_free(msg); + + // try a llamaname that would crash the post_normalize step, if it ran. + p = parse_and_validate(mgr, "", p_orig, &msg); + tt_assert(!p); + tt_str_op(msg, OP_EQ, "A llama has no name!?"); + tor_free(msg); + + // Verify that a transition to a less fuzzy alpaca fails. + p = parse_and_validate(mgr, "Llamaname Quest\n" + "Address 99 camelid way\n" + "Fuzziness 4\n", p_orig, &msg); + tt_assert(!p); + tt_str_op(msg, OP_EQ, "An alpaca only becomes more fuzzy over time."); + tor_free(msg); + + // Try a transition to a more fuzzy alpaca; it should work fine. + p = parse_and_validate(mgr, "Llamaname Mercutio\n" + // the default fuzziness is 50 + "Address 99 camelid way\n", p_orig, &msg); + tt_assert(p); + config_free(mgr, p); + + // Verify that we can't move the pasture. + p = parse_and_validate(mgr, "Llamaname Montague\n" + // the default fuzziness is 50 + "Address 99 ungulate st\n", p_orig, &msg); + tt_assert(!p); + tt_str_op(msg, OP_EQ, "You can't move a pasture."); + + done: + config_free(mgr, p); + config_free(mgr, p_orig); + config_mgr_free(mgr); + tor_free(msg); +} + +#define CONFMGR_TEST(name, flags) \ + { #name, test_confmgr_ ## name, flags, NULL, NULL } + +struct testcase_t confmgr_tests[] = { + CONFMGR_TEST(init, 0), + CONFMGR_TEST(magic, 0), + CONFMGR_TEST(parse, 0), + CONFMGR_TEST(dump, 0), + CONFMGR_TEST(validate, 0), + END_OF_TESTCASES +}; diff --git a/src/test/test_confparse.c b/src/test/test_confparse.c new file mode 100644 index 0000000000..21301ce75e --- /dev/null +++ b/src/test/test_confparse.c @@ -0,0 +1,1091 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/* + * Tests for confmgt.c module that we use to parse various + * configuration/state file types. + */ + +#define CONFMGT_PRIVATE +#include "orconfig.h" + +#include "core/or/or.h" +#include "lib/encoding/confline.h" +#include "feature/nodelist/routerset.h" +#include "lib/confmgt/confmgt.h" +#include "test/test.h" +#include "test/log_test_helpers.h" + +#include "lib/confmgt/unitparse.h" + +typedef struct test_struct_t { + uint32_t magic; + char *s; + char *fn; + int pos; + int i; + int deprecated_int; + uint64_t u64; + int interval; + int msec_interval; + uint64_t mem; + double dbl; + int boolean; + int autobool; + time_t time; + smartlist_t *csv; + int csv_interval; + config_line_t *lines; + config_line_t *mixed_lines; + routerset_t *routerset; + int hidden_int; + config_line_t *mixed_hidden_lines; + + config_line_t *extra_lines; +} test_struct_t; + +static test_struct_t test_struct_t_dummy; + +#define VAR(varname,conftype,member,initvalue) \ + CONFIG_VAR_ETYPE(test_struct_t, varname, conftype, member, 0, initvalue) +#define V(member,conftype,initvalue) \ + VAR(#member, conftype, member, initvalue) +#define OBSOLETE(varname) \ + CONFIG_VAR_OBSOLETE(varname) + +static const config_var_t test_vars[] = { + V(s, STRING, "hello"), + V(fn, FILENAME, NULL), + V(pos, POSINT, NULL), + V(i, INT, "-10"), + V(deprecated_int, INT, "3"), + V(u64, UINT64, NULL), + V(interval, INTERVAL, "10 seconds"), + V(msec_interval, MSEC_INTERVAL, "150 msec"), + V(mem, MEMUNIT, "10 MB"), + V(dbl, DOUBLE, NULL), + V(boolean, BOOL, "0"), + V(autobool, AUTOBOOL, "auto"), + V(time, ISOTIME, NULL), + V(csv, CSV, NULL), + V(csv_interval, CSV_INTERVAL, "5 seconds"), + V(lines, LINELIST, NULL), + VAR("MixedLines", LINELIST_V, mixed_lines, NULL), + VAR("LineTypeA", LINELIST_S, mixed_lines, NULL), + VAR("LineTypeB", LINELIST_S, mixed_lines, NULL), + OBSOLETE("obsolete"), + { + .member = { .name = "routerset", + .type = CONFIG_TYPE_EXTENDED, + .type_def = &ROUTERSET_type_defn, + .offset = offsetof(test_struct_t, routerset), + }, + }, + VAR("__HiddenInt", POSINT, hidden_int, "0"), + VAR("MixedHiddenLines", LINELIST_V, mixed_hidden_lines, NULL), + VAR("__HiddenLineA", LINELIST_S, mixed_hidden_lines, NULL), + VAR("VisibleLineB", LINELIST_S, mixed_hidden_lines, NULL), + + END_OF_CONFIG_VARS, +}; + +static config_abbrev_t test_abbrevs[] = { + { "uint", "pos", 0, 0 }, + { "float", "dbl", 0, 1 }, + { NULL, NULL, 0, 0 } +}; + +static config_deprecation_t test_deprecation_notes[] = { + { "deprecated_int", "This integer is deprecated." }, + { NULL, NULL } +}; + +static int +test_validate_cb(const void *old_options, void *options, char **msg) +{ + (void)old_options; + (void)msg; + test_struct_t *ts = options; + + if (ts->i == 0xbad) { + *msg = tor_strdup("bad value for i"); + return -1; + } + return 0; +} + +#define TEST_MAGIC 0x1337 + +static const config_format_t test_fmt = { + .size = sizeof(test_struct_t), + .magic = { + "test_struct_t", + TEST_MAGIC, + offsetof(test_struct_t, magic), + }, + .abbrevs = test_abbrevs, + .deprecations = test_deprecation_notes, + .vars = test_vars, + .legacy_validate_fn = test_validate_cb, +}; + +/* Make sure that config_init sets everything to the right defaults. */ +static void +test_confparse_init(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = config_new(mgr); + config_init(mgr, tst); + + // Make sure that options are initialized right. */ + tt_str_op(tst->s, OP_EQ, "hello"); + tt_ptr_op(tst->fn, OP_EQ, NULL); + tt_int_op(tst->pos, OP_EQ, 0); + tt_int_op(tst->i, OP_EQ, -10); + tt_int_op(tst->deprecated_int, OP_EQ, 3); + tt_u64_op(tst->u64, OP_EQ, 0); + tt_int_op(tst->interval, OP_EQ, 10); + tt_int_op(tst->msec_interval, OP_EQ, 150); + tt_u64_op(tst->mem, OP_EQ, 10 * 1024 * 1024); + tt_double_op(tst->dbl, OP_LT, .0000000001); + tt_double_op(tst->dbl, OP_GT, -0.0000000001); + tt_int_op(tst->boolean, OP_EQ, 0); + tt_int_op(tst->autobool, OP_EQ, -1); + tt_i64_op(tst->time, OP_EQ, 0); + tt_ptr_op(tst->csv, OP_EQ, NULL); + tt_int_op(tst->csv_interval, OP_EQ, 5); + tt_ptr_op(tst->lines, OP_EQ, NULL); + tt_ptr_op(tst->mixed_lines, OP_EQ, NULL); + tt_int_op(tst->hidden_int, OP_EQ, 0); + + done: + config_free(mgr, tst); + config_mgr_free(mgr); +} + +static const char simple_settings[] = + "s this is a \n" + "fn /simple/test of the\n" + "uint 77\n" // this is an abbrev + "i 3\n" + "u64 1000000000000 \n" + "interval 5 minutes \n" + "msec_interval 5 minutes \n" + "mem 10\n" + "dbl 6.060842\n" + "BOOLEAN 1\n" + "aUtObOOl 0\n" + "time 2019-06-14 13:58:51\n" + "csv configuration, parsing , system \n" + "csv_interval 10 seconds, 5 seconds, 10 hours\n" + "lines hello\n" + "LINES world\n" + "linetypea i d\n" + "linetypeb i c\n" + "routerset $FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF\n" + "__hiddenint 11\n" + "__hiddenlineA XYZ\n" + "visiblelineB ABC\n"; + +/* Return a configuration object set up from simple_settings above. */ +static test_struct_t * +get_simple_config(const config_mgr_t *mgr) +{ + test_struct_t *result = NULL; + test_struct_t *tst = config_new(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines(simple_settings, &lines, 0); + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + result = tst; + tst = NULL; // prevent free + done: + tor_free(msg); + config_free_lines(lines); + config_free(mgr, tst); + return result; +} + +/* Make sure that config_assign can parse things. */ +static void +test_confparse_assign_simple(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + + tt_str_op(tst->s, OP_EQ, "this is a"); + tt_str_op(tst->fn, OP_EQ, "/simple/test of the"); + tt_int_op(tst->pos, OP_EQ, 77); + tt_int_op(tst->i, OP_EQ, 3); + tt_int_op(tst->deprecated_int, OP_EQ, 3); + tt_u64_op(tst->u64, OP_EQ, UINT64_C(1000000000000)); + tt_int_op(tst->interval, OP_EQ, 5 * 60); + tt_int_op(tst->msec_interval, OP_EQ, 5 * 60 * 1000); + tt_u64_op(tst->mem, OP_EQ, 10); + tt_double_op(tst->dbl, OP_LT, 6.060843); + tt_double_op(tst->dbl, OP_GT, 6.060841); + tt_int_op(tst->boolean, OP_EQ, 1); + tt_int_op(tst->autobool, OP_EQ, 0); + tt_i64_op(tst->time, OP_EQ, 1560520731); + tt_ptr_op(tst->csv, OP_NE, NULL); + tt_int_op(smartlist_len(tst->csv), OP_EQ, 3); + tt_str_op(smartlist_get(tst->csv, 0), OP_EQ, "configuration"); + tt_str_op(smartlist_get(tst->csv, 1), OP_EQ, "parsing"); + tt_str_op(smartlist_get(tst->csv, 2), OP_EQ, "system"); + tt_int_op(tst->csv_interval, OP_EQ, 10); + tt_int_op(tst->hidden_int, OP_EQ, 11); + + tt_assert(tst->lines); + tt_str_op(tst->lines->key, OP_EQ, "lines"); + tt_str_op(tst->lines->value, OP_EQ, "hello"); + tt_assert(tst->lines->next); + tt_str_op(tst->lines->next->key, OP_EQ, "lines"); + tt_str_op(tst->lines->next->value, OP_EQ, "world"); + tt_assert(!tst->lines->next->next); + + tt_assert(tst->mixed_lines); + tt_str_op(tst->mixed_lines->key, OP_EQ, "LineTypeA"); + tt_str_op(tst->mixed_lines->value, OP_EQ, "i d"); + tt_assert(tst->mixed_lines->next); + tt_str_op(tst->mixed_lines->next->key, OP_EQ, "LineTypeB"); + tt_str_op(tst->mixed_lines->next->value, OP_EQ, "i c"); + tt_assert(!tst->mixed_lines->next->next); + + tt_assert(tst->mixed_hidden_lines); + tt_str_op(tst->mixed_hidden_lines->key, OP_EQ, "__HiddenLineA"); + tt_str_op(tst->mixed_hidden_lines->value, OP_EQ, "XYZ"); + tt_assert(tst->mixed_hidden_lines->next); + tt_str_op(tst->mixed_hidden_lines->next->key, OP_EQ, "VisibleLineB"); + tt_str_op(tst->mixed_hidden_lines->next->value, OP_EQ, "ABC"); + tt_assert(!tst->mixed_hidden_lines->next->next); + + tt_assert(config_check_ok(mgr, tst, LOG_ERR)); + + done: + config_free(mgr, tst); + config_mgr_free(mgr); +} + +/* Try to assign to an obsolete option, and make sure we get a warning. */ +static void +test_confparse_assign_obsolete(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines("obsolete option here", + &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + expect_single_log_msg_containing("Skipping obsolete configuration option"); + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Try to assign to an deprecated option, and make sure we get a warning + * but the assignment works anyway. */ +static void +test_confparse_assign_deprecated(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines("deprecated_int 7", + &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, CAL_WARN_DEPRECATIONS, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + expect_single_log_msg_containing("This integer is deprecated."); + + tt_int_op(tst->deprecated_int, OP_EQ, 7); + + tt_assert(config_check_ok(mgr, tst, LOG_ERR)); + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Try to re-assign an option name that has been depreacted in favor of + * another. */ +static void +test_confparse_assign_replaced(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines("float 1000\n", &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, CAL_WARN_DEPRECATIONS, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + expect_single_log_msg_containing("use 'dbl' instead."); + + tt_double_op(tst->dbl, OP_GT, 999.999); + tt_double_op(tst->dbl, OP_LT, 1000.001); + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Try to set a linelist value with no option. */ +static void +test_confparse_assign_emptystring(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines("lines\n", &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + expect_single_log_msg_containing("has no value"); + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Try to set a the same option twice; make sure we get a warning. */ +static void +test_confparse_assign_twice(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines("pos 10\n" + "pos 99\n", &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + expect_single_log_msg_containing("used more than once"); + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +typedef struct badval_test_t { + const char *cfg; + const char *expect_msg; +} badval_test_t; + +/* Try to set an option and make sure that we get a failure and an expected + * warning. */ +static void +test_confparse_assign_badval(void *arg) +{ + const badval_test_t *bt = arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + config_init(mgr, tst); + + int r = config_get_lines(bt->cfg, &lines, 0); + tt_int_op(r, OP_EQ, 0); + setup_capture_of_logs(LOG_WARN); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_LT, 0); + tt_ptr_op(msg, OP_NE, NULL); + if (! strstr(msg, bt->expect_msg)) { + TT_DIE(("'%s' did not contain '%s'" , msg, bt->expect_msg)); + } + + done: + teardown_capture_of_logs(); + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Various arguments for badval test. + * + * Note that the expected warnings here are _very_ truncated, since we + * are writing these tests before a refactoring that we expect will + * change them. + */ +static const badval_test_t bv_notint = { "pos X\n", "malformed" }; +static const badval_test_t bv_negint = { "pos -10\n", "out of bounds" }; +static const badval_test_t bv_badu64 = { "u64 u64\n", "malformed" }; +static const badval_test_t bv_dbl1 = { "dbl xxx\n", "Could not convert" }; +static const badval_test_t bv_dbl2 = { "dbl 1.0 xx\n", "Could not convert" }; +static const badval_test_t bv_dbl3 = { + "dbl 1e-10000\n", "too small to express" }; +static const badval_test_t bv_dbl4 = { + "dbl 1e1000\n", "too large to express" }; +static const badval_test_t bv_dbl5 = { + "dbl -1e-10000\n", "too small to express" }; +static const badval_test_t bv_dbl6 = { + "dbl -1e1000\n", "too large to express" }; +static const badval_test_t bv_badcsvi1 = + { "csv_interval 10 wl\n", "malformed" }; +static const badval_test_t bv_badcsvi2 = + { "csv_interval cl,10\n", "malformed" }; +static const badval_test_t bv_nonoption = { "fnord 10\n", "Unknown option" }; +static const badval_test_t bv_badmem = { "mem 3 trits\n", "malformed" }; +static const badval_test_t bv_badbool = { "boolean 7\n", "Unrecognized value"}; +static const badval_test_t bv_badabool = + { "autobool 7\n", "Unrecognized value" }; +static const badval_test_t bv_badtime = { "time lunchtime\n", "Invalid time" }; +static const badval_test_t bv_virt = { "MixedLines 7\n", "virtual option" }; +static const badval_test_t bv_rs = { "Routerset 2.2.2.2.2\n", "Invalid" }; +static const badval_test_t bv_big_interval = + { "interval 1000 months", "too large" }; + +/* Try config_dump(), and make sure it behaves correctly */ +static void +test_confparse_dump(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + char *dumped = NULL; + + /* Minimal version. */ + dumped = config_dump(mgr, NULL, tst, 1, 0); + tt_str_op(dumped, OP_EQ, + "autobool 0\n" + "boolean 1\n" + "csv configuration,parsing,system\n" + "csv_interval 10\n" + "dbl 6.060842\n" + "fn /simple/test of the\n" + "i 3\n" + "interval 300\n" + "lines hello\n" + "lines world\n" + "mem 10\n" + "VisibleLineB ABC\n" + "LineTypeA i d\n" + "LineTypeB i c\n" + "msec_interval 300000\n" + "pos 77\n" + "routerset $FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF\n" + "s this is a\n" + "time 2019-06-14 13:58:51\n" + "u64 1000000000000\n"); + + tor_free(dumped); + dumped = config_dump(mgr, NULL, tst, 0, 0); + tt_str_op(dumped, OP_EQ, + "autobool 0\n" + "boolean 1\n" + "csv configuration,parsing,system\n" + "csv_interval 10\n" + "dbl 6.060842\n" + "deprecated_int 3\n" + "fn /simple/test of the\n" + "i 3\n" + "interval 300\n" + "lines hello\n" + "lines world\n" + "mem 10\n" + "VisibleLineB ABC\n" + "LineTypeA i d\n" + "LineTypeB i c\n" + "msec_interval 300000\n" + "pos 77\n" + "routerset $FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF\n" + "s this is a\n" + "time 2019-06-14 13:58:51\n" + "u64 1000000000000\n"); + + /* commented */ + tor_free(dumped); + dumped = config_dump(mgr, NULL, tst, 0, 1); + tt_str_op(dumped, OP_EQ, + "autobool 0\n" + "boolean 1\n" + "csv configuration,parsing,system\n" + "csv_interval 10\n" + "dbl 6.060842\n" + "# deprecated_int 3\n" + "fn /simple/test of the\n" + "i 3\n" + "interval 300\n" + "lines hello\n" + "lines world\n" + "mem 10\n" + "VisibleLineB ABC\n" + "LineTypeA i d\n" + "LineTypeB i c\n" + "msec_interval 300000\n" + "pos 77\n" + "routerset $FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF\n" + "s this is a\n" + "time 2019-06-14 13:58:51\n" + "u64 1000000000000\n"); + + done: + config_free(mgr, tst); + tor_free(dumped); + config_mgr_free(mgr); +} + +/* Try confparse_reset_line(), and make sure it behaves correctly */ +static void +test_confparse_reset(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + + config_reset_line(mgr, tst, "interval", 0); + tt_int_op(tst->interval, OP_EQ, 0); + + config_reset_line(mgr, tst, "interval", 1); + tt_int_op(tst->interval, OP_EQ, 10); + + tt_ptr_op(tst->routerset, OP_NE, NULL); + config_reset_line(mgr, tst, "routerset", 0); + tt_ptr_op(tst->routerset, OP_EQ, NULL); + + done: + config_free(mgr, tst); + config_mgr_free(mgr); +} + +/* Try setting options a second time on a config object, and make sure + * it behaves correctly. */ +static void +test_confparse_reassign(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL, *rs = NULL; + + int r = config_get_lines( + "s eleven\n" + "i 12\n" + "lines 13\n" + "csv 14,15\n" + "routerset 127.0.0.1\n", + &lines, 0); + r = config_assign(mgr, tst,lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + tt_str_op(tst->s, OP_EQ, "eleven"); + tt_str_op(tst->fn, OP_EQ, "/simple/test of the"); // unchanged + tt_int_op(tst->pos, OP_EQ, 77); // unchanged + tt_int_op(tst->i, OP_EQ, 12); + tt_ptr_op(tst->lines, OP_NE, NULL); + tt_str_op(tst->lines->key, OP_EQ, "lines"); + tt_str_op(tst->lines->value, OP_EQ, "13"); + tt_ptr_op(tst->lines->next, OP_EQ, NULL); + tt_int_op(smartlist_len(tst->csv), OP_EQ, 2); + tt_str_op(smartlist_get(tst->csv, 0), OP_EQ, "14"); + tt_str_op(smartlist_get(tst->csv, 1), OP_EQ, "15"); + + rs = routerset_to_string(tst->routerset); + tt_str_op(rs, OP_EQ, "127.0.0.1"); + + // Try again with the CLEAR_FIRST and USE_DEFAULTS flags + r = config_assign(mgr, tst, lines, + CAL_CLEAR_FIRST|CAL_USE_DEFAULTS, &msg); + tt_int_op(r, OP_EQ, 0); + + tt_ptr_op(msg, OP_EQ, NULL); + tt_str_op(tst->s, OP_EQ, "eleven"); + // tt_ptr_op(tst->fn, OP_EQ, NULL); //XXXX why is this not cleared? + // tt_int_op(tst->pos, OP_EQ, 0); //XXXX why is this not cleared? + tt_int_op(tst->i, OP_EQ, 12); + + done: + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + tor_free(rs); + config_mgr_free(mgr); +} + +/* Try setting options a second time on a config object, using the +foo + * linelist-extending syntax. */ +static void +test_confparse_reassign_extend(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + char *msg = NULL; + + int r = config_get_lines( + "+lines 13\n", + &lines, 1); // allow extended format. + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, tst,lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + tt_assert(tst->lines); + tt_str_op(tst->lines->key, OP_EQ, "lines"); + tt_str_op(tst->lines->value, OP_EQ, "hello"); + tt_assert(tst->lines->next); + tt_str_op(tst->lines->next->key, OP_EQ, "lines"); + tt_str_op(tst->lines->next->value, OP_EQ, "world"); + tt_assert(tst->lines->next->next); + tt_str_op(tst->lines->next->next->key, OP_EQ, "lines"); + tt_str_op(tst->lines->next->next->value, OP_EQ, "13"); + tt_assert(tst->lines->next->next->next == NULL); + config_free_lines(lines); + + r = config_get_lines( + "/lines\n", + &lines, 1); // allow extended format. + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_assert(tst->lines == NULL); + config_free_lines(lines); + + config_free(mgr, tst); + tst = get_simple_config(mgr); + r = config_get_lines( + "/lines away!\n", + &lines, 1); // allow extended format. + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_assert(tst->lines == NULL); + + done: + config_free(mgr, tst); + config_free_lines(lines); + tor_free(msg); + config_mgr_free(mgr); +} + +/* Test out confparse_get_assigned(). */ +static void +test_confparse_get_assigned(void *arg) +{ + (void)arg; + + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = get_simple_config(mgr); + config_line_t *lines = NULL; + + lines = config_get_assigned_option(mgr, tst, "I", 1); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "i"); + tt_str_op(lines->value, OP_EQ, "3"); + tt_assert(lines->next == NULL); + config_free_lines(lines); + + lines = config_get_assigned_option(mgr, tst, "s", 1); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "s"); + tt_str_op(lines->value, OP_EQ, "this is a"); + tt_assert(lines->next == NULL); + config_free_lines(lines); + + lines = config_get_assigned_option(mgr, tst, "obsolete", 1); + tt_assert(!lines); + + lines = config_get_assigned_option(mgr, tst, "nonesuch", 1); + tt_assert(!lines); + + lines = config_get_assigned_option(mgr, tst, "mixedlines", 1); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "LineTypeA"); + tt_str_op(lines->value, OP_EQ, "i d"); + tt_assert(lines->next); + tt_str_op(lines->next->key, OP_EQ, "LineTypeB"); + tt_str_op(lines->next->value, OP_EQ, "i c"); + tt_assert(lines->next->next == NULL); + config_free_lines(lines); + + lines = config_get_assigned_option(mgr, tst, "linetypeb", 1); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "LineTypeB"); + tt_str_op(lines->value, OP_EQ, "i c"); + tt_assert(lines->next == NULL); + config_free_lines(lines); + + tor_free(tst->s); + tst->s = tor_strdup("Hello\nWorld"); + lines = config_get_assigned_option(mgr, tst, "s", 1); + tt_assert(lines); + tt_str_op(lines->key, OP_EQ, "s"); + tt_str_op(lines->value, OP_EQ, "\"Hello\\nWorld\""); + tt_assert(lines->next == NULL); + config_free_lines(lines); + + done: + config_free(mgr, tst); + config_free_lines(lines); + config_mgr_free(mgr); +} + +/* Another variant, which accepts and stores unrecognized lines.*/ +#define ETEST_MAGIC 13371337 + +static struct_member_t extra = { + .name = "__extra", + .type = CONFIG_TYPE_LINELIST, + .offset = offsetof(test_struct_t, extra_lines), +}; + +static config_format_t etest_fmt = { + .size = sizeof(test_struct_t), + .magic = { + "test_struct_t (with extra lines)", + ETEST_MAGIC, + offsetof(test_struct_t, magic), + }, + .abbrevs = test_abbrevs, + .deprecations = test_deprecation_notes, + .vars = test_vars, + .legacy_validate_fn = test_validate_cb, + .extra = &extra, +}; + +/* Try out the feature where we can store unrecognized lines and dump them + * again. (State files use this.) */ +static void +test_confparse_extra_lines(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&etest_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = config_new(mgr); + config_line_t *lines = NULL; + char *msg = NULL, *dump = NULL; + + config_init(mgr, tst); + + int r = config_get_lines( + "unknotty addita\n" + "pos 99\n" + "wombat knish\n", &lines, 0); + tt_int_op(r, OP_EQ, 0); + r = config_assign(mgr, tst, lines, 0, &msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + + tt_assert(tst->extra_lines); + + dump = config_dump(mgr, NULL, tst, 1, 0); + tt_str_op(dump, OP_EQ, + "pos 99\n" + "unknotty addita\n" + "wombat knish\n"); + + done: + tor_free(msg); + tor_free(dump); + config_free_lines(lines); + config_free(mgr, tst); + config_mgr_free(mgr); +} + +static void +test_confparse_unitparse(void *args) +{ + (void)args; + /* spot-check a few memunit values. */ + int ok = 3; + tt_u64_op(config_parse_memunit("100 MB", &ok), OP_EQ, 100<<20); + tt_assert(ok); + tt_u64_op(config_parse_memunit("100 TB", &ok), OP_EQ, UINT64_C(100)<<40); + tt_assert(ok); + // This is a floating-point value, but note that 1.5 can be represented + // precisely. + tt_u64_op(config_parse_memunit("1.5 MB", &ok), OP_EQ, 3<<19); + tt_assert(ok); + + /* Try some good intervals and msec intervals */ + tt_int_op(config_parse_interval("2 days", &ok), OP_EQ, 48*3600); + tt_assert(ok); + tt_int_op(config_parse_interval("1.5 hour", &ok), OP_EQ, 5400); + tt_assert(ok); + tt_u64_op(config_parse_interval("1 minute", &ok), OP_EQ, 60); + tt_assert(ok); + tt_int_op(config_parse_msec_interval("2 days", &ok), OP_EQ, 48*3600*1000); + tt_assert(ok); + tt_int_op(config_parse_msec_interval("10 msec", &ok), OP_EQ, 10); + tt_assert(ok); + + /* Try a couple of unitless values. */ + tt_int_op(config_parse_interval("10", &ok), OP_EQ, 10); + tt_assert(ok); + tt_u64_op(config_parse_interval("15.0", &ok), OP_EQ, 15); + tt_assert(ok); + + /* u64 overflow */ + tt_u64_op(config_parse_memunit("20000000 TB", &ok), OP_EQ, 0); + tt_assert(!ok); + // This test fails the double check as the float representing 15000000.5 TB + // is greater than (double) INT64_MAX + tt_u64_op(config_parse_memunit("15000000.5 TB", &ok), OP_EQ, 0); + tt_assert(!ok); + // 8388608.1 TB passes double check because it falls in the same float + // value as (double)INT64_MAX (which is 2^63) due to precision. + // But will fail the int check because the unsigned representation of + // the float, which is 2^63, is strictly greater than INT64_MAX (2^63-1) + tt_u64_op(config_parse_memunit("8388608.1 TB", &ok), OP_EQ, 0); + tt_assert(!ok); + + /* negative float */ + tt_u64_op(config_parse_memunit("-1.5 GB", &ok), OP_EQ, 0); + tt_assert(!ok); + + /* i32 overflow */ + tt_int_op(config_parse_interval("1000 months", &ok), OP_EQ, -1); + tt_assert(!ok); + tt_int_op(config_parse_msec_interval("4 weeks", &ok), OP_EQ, -1); + tt_assert(!ok); + + /* bad units */ + tt_u64_op(config_parse_memunit("7 nybbles", &ok), OP_EQ, 0); + tt_assert(!ok); + // XXXX these next two should return -1 according to the documentation. + tt_int_op(config_parse_interval("7 cowznofski", &ok), OP_EQ, 0); + tt_assert(!ok); + tt_int_op(config_parse_msec_interval("1 kalpa", &ok), OP_EQ, 0); + tt_assert(!ok); + + done: + ; +} + +static void +test_confparse_check_ok_fail(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + config_mgr_freeze(mgr); + test_struct_t *tst = config_new(mgr); + tst->pos = -10; + tt_assert(! config_check_ok(mgr, tst, LOG_INFO)); + + done: + config_free(mgr, tst); + config_mgr_free(mgr); +} + +static void +test_confparse_list_vars(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + smartlist_t *vars = config_mgr_list_vars(mgr); + smartlist_t *varnames = smartlist_new(); + char *joined = NULL; + + tt_assert(vars); + SMARTLIST_FOREACH(vars, config_var_t *, cv, + smartlist_add(varnames, (void*)cv->member.name)); + smartlist_sort_strings(varnames); + joined = smartlist_join_strings(varnames, "::", 0, NULL); + tt_str_op(joined, OP_EQ, + "LineTypeA::" + "LineTypeB::" + "MixedHiddenLines::" + "MixedLines::" + "VisibleLineB::" + "__HiddenInt::" + "__HiddenLineA::" + "autobool::" + "boolean::" + "csv::" + "csv_interval::" + "dbl::" + "deprecated_int::" + "fn::" + "i::" + "interval::" + "lines::" + "mem::" + "msec_interval::" + "obsolete::" + "pos::" + "routerset::" + "s::" + "time::" + "u64"); + + done: + tor_free(joined); + smartlist_free(varnames); + smartlist_free(vars); + config_mgr_free(mgr); +} + +static void +test_confparse_list_deprecated(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + smartlist_t *vars = config_mgr_list_deprecated_vars(mgr); + char *joined = NULL; + + tt_assert(vars); + smartlist_sort_strings(vars); + joined = smartlist_join_strings(vars, "::", 0, NULL); + + tt_str_op(joined, OP_EQ, "deprecated_int"); + + done: + tor_free(joined); + smartlist_free(vars); + config_mgr_free(mgr); +} + +static void +test_confparse_find_option_name(void *arg) +{ + (void)arg; + config_mgr_t *mgr = config_mgr_new(&test_fmt); + + // exact match + tt_str_op(config_find_option_name(mgr, "u64"), OP_EQ, "u64"); + // case-insensitive match + tt_str_op(config_find_option_name(mgr, "S"), OP_EQ, "s"); + tt_str_op(config_find_option_name(mgr, "linetypea"), OP_EQ, "LineTypeA"); + // prefix match + tt_str_op(config_find_option_name(mgr, "deprec"), OP_EQ, "deprecated_int"); + // explicit abbreviation + tt_str_op(config_find_option_name(mgr, "uint"), OP_EQ, "pos"); + tt_str_op(config_find_option_name(mgr, "UINT"), OP_EQ, "pos"); + // no match + tt_ptr_op(config_find_option_name(mgr, "absent"), OP_EQ, NULL); + + done: + config_mgr_free(mgr); +} + +#ifndef COCCI +#define CONFPARSE_TEST(name, flags) \ + { #name, test_confparse_ ## name, flags, NULL, NULL } + +#define BADVAL_TEST(name) \ + { "badval_" #name, test_confparse_assign_badval, 0, \ + &passthrough_setup, (void*)&bv_ ## name } +#endif /* !defined(COCCI) */ + +struct testcase_t confparse_tests[] = { + CONFPARSE_TEST(init, 0), + CONFPARSE_TEST(assign_simple, 0), + CONFPARSE_TEST(assign_obsolete, 0), + CONFPARSE_TEST(assign_deprecated, 0), + CONFPARSE_TEST(assign_replaced, 0), + CONFPARSE_TEST(assign_emptystring, 0), + CONFPARSE_TEST(assign_twice, 0), + BADVAL_TEST(notint), + BADVAL_TEST(negint), + BADVAL_TEST(badu64), + BADVAL_TEST(dbl1), + BADVAL_TEST(dbl2), + BADVAL_TEST(dbl3), + BADVAL_TEST(dbl4), + BADVAL_TEST(dbl5), + BADVAL_TEST(dbl6), + BADVAL_TEST(badcsvi1), + BADVAL_TEST(badcsvi2), + BADVAL_TEST(nonoption), + BADVAL_TEST(badmem), + BADVAL_TEST(badbool), + BADVAL_TEST(badabool), + BADVAL_TEST(badtime), + BADVAL_TEST(virt), + BADVAL_TEST(rs), + BADVAL_TEST(big_interval), + CONFPARSE_TEST(dump, 0), + CONFPARSE_TEST(reset, 0), + CONFPARSE_TEST(reassign, 0), + CONFPARSE_TEST(reassign_extend, 0), + CONFPARSE_TEST(get_assigned, 0), + CONFPARSE_TEST(extra_lines, 0), + CONFPARSE_TEST(unitparse, 0), + CONFPARSE_TEST(check_ok_fail, 0), + CONFPARSE_TEST(list_vars, 0), + CONFPARSE_TEST(list_deprecated, 0), + CONFPARSE_TEST(find_option_name, 0), + END_OF_TESTCASES +}; diff --git a/src/test/test_connection.c b/src/test/test_connection.c index 7234d01627..b1252864f5 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -10,6 +10,7 @@ #include "core/or/or.h" #include "test/test.h" +#include "app/config/or_options_st.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" #include "feature/hs/hs_common.h" @@ -312,6 +313,25 @@ test_conn_download_status_teardown(const struct testcase_t *tc, void *arg) return rv; } +static void * +test_conn_proxy_connect_setup(const struct testcase_t *tc) +{ + return test_conn_get_proxy_or_connection(*(unsigned int *)tc->setup_data); +} + +static int +test_conn_proxy_connect_teardown(const struct testcase_t *tc, void *arg) +{ + (void)tc; + or_connection_t *conn = arg; + + tt_assert(conn); + assert_connection_ok(&conn->base_, time(NULL)); + + done: + return 1; +} + /* Like connection_ap_make_link(), but does much less */ static connection_t * test_conn_get_linked_connection(connection_t *l_conn, uint8_t state) @@ -360,6 +380,10 @@ static struct testcase_setup_t test_conn_download_status_st = { test_conn_download_status_setup, test_conn_download_status_teardown }; +static struct testcase_setup_t test_conn_proxy_connect_st = { + test_conn_proxy_connect_setup, test_conn_proxy_connect_teardown +}; + static void test_conn_get_basic(void *arg) { @@ -789,6 +813,64 @@ test_conn_download_status(void *arg) /* the teardown function removes all the connections in the global list*/; } +static void +test_conn_https_proxy_connect(void *arg) +{ + size_t sz; + char *buf = NULL; + or_connection_t *conn = arg; + + MOCK(connection_or_change_state, mock_connection_or_change_state); + + tt_int_op(conn->base_.proxy_state, OP_EQ, PROXY_HTTPS_WANT_CONNECT_OK); + + buf = buf_get_contents(conn->base_.outbuf, &sz); + tt_str_op(buf, OP_EQ, "CONNECT 127.0.0.1:12345 HTTP/1.0\r\n\r\n"); + + done: + UNMOCK(connection_or_change_state); + tor_free(buf); +} + +static int handshake_start_called = 0; + +static int +handshake_start(or_connection_t *conn, int receiving) +{ + (void)receiving; + + tor_assert(conn); + + handshake_start_called = 1; + return 0; +} + +static void +test_conn_haproxy_proxy_connect(void *arg) +{ + size_t sz; + char *buf = NULL; + or_connection_t *conn = arg; + + MOCK(connection_or_change_state, mock_connection_or_change_state); + MOCK(connection_tls_start_handshake, handshake_start); + + tt_int_op(conn->base_.proxy_state, OP_EQ, PROXY_HAPROXY_WAIT_FOR_FLUSH); + + buf = buf_get_contents(conn->base_.outbuf, &sz); + tt_str_op(buf, OP_EQ, "PROXY TCP4 0.0.0.0 127.0.0.1 0 12345\r\n"); + + connection_or_finished_flushing(conn); + + tt_int_op(conn->base_.proxy_state, OP_EQ, PROXY_CONNECTED); + tt_int_op(handshake_start_called, OP_EQ, 1); + + done: + UNMOCK(connection_or_change_state); + UNMOCK(connection_tls_start_handshake); + tor_free(buf); +} + static node_t test_node; static node_t * @@ -882,22 +964,39 @@ test_failed_orconn_tracker(void *arg) ; } +#ifndef COCCI #define CONNECTION_TESTCASE(name, fork, setup) \ { #name, test_conn_##name, fork, &setup, NULL } -/* where arg is a string. */ -#define CONNECTION_TESTCASE_ARG(name, fork, setup, arg) \ - { #name "_" arg, test_conn_##name, fork, &setup, (void *)arg } +#define STR(x) #x +/* where arg is an expression (constant, variable, compound expression) */ +#define CONNECTION_TESTCASE_ARG(name, fork, setup, arg) \ + { #name "_" STR(x), \ + test_conn_##name, \ + fork, \ + &setup, \ + (void *)arg } +#endif /* !defined(COCCI) */ + +static const unsigned int PROXY_CONNECT_ARG = PROXY_CONNECT; +static const unsigned int PROXY_HAPROXY_ARG = PROXY_HAPROXY; struct testcase_t connection_tests[] = { CONNECTION_TESTCASE(get_basic, TT_FORK, test_conn_get_basic_st), CONNECTION_TESTCASE(get_rend, TT_FORK, test_conn_get_rend_st), CONNECTION_TESTCASE(get_rsrc, TT_FORK, test_conn_get_rsrc_st), + CONNECTION_TESTCASE_ARG(download_status, TT_FORK, test_conn_download_status_st, "microdesc"), CONNECTION_TESTCASE_ARG(download_status, TT_FORK, test_conn_download_status_st, "ns"), -//CONNECTION_TESTCASE(func_suffix, TT_FORK, setup_func_pair), + + CONNECTION_TESTCASE_ARG(https_proxy_connect, TT_FORK, + test_conn_proxy_connect_st, &PROXY_CONNECT_ARG), + CONNECTION_TESTCASE_ARG(haproxy_proxy_connect, TT_FORK, + test_conn_proxy_connect_st, &PROXY_HAPROXY_ARG), + + //CONNECTION_TESTCASE(func_suffix, TT_FORK, setup_func_pair), { "failed_orconn_tracker", test_failed_orconn_tracker, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_connection.h b/src/test/test_connection.h index 47a5599e5f..bf327c0a3d 100644 --- a/src/test/test_connection.h +++ b/src/test/test_connection.h @@ -1,13 +1,18 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#ifndef TOR_TEST_CONNECTION_H +#define TOR_TEST_CONNECTION_H + /** Some constants used by test_connection and helpers */ #define TEST_CONN_FAMILY (AF_INET) #define TEST_CONN_ADDRESS "127.0.0.1" +#define TEST_CONN_ADDRESS_2 "127.0.0.2" #define TEST_CONN_PORT (12345) #define TEST_CONN_ADDRESS_PORT "127.0.0.1:12345" -#define TEST_CONN_FD_INIT 50 +#define TEST_CONN_FD_INIT 0x10000 void test_conn_lookup_addr_helper(const char *address, int family, tor_addr_t *addr); +#endif /* !defined(TOR_TEST_CONNECTION_H) */ diff --git a/src/test/test_conscache.c b/src/test/test_conscache.c index 095ff09350..c805774fa3 100644 --- a/src/test/test_conscache.c +++ b/src/test/test_conscache.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/test_consdiff.c b/src/test/test_consdiff.c index 682ba5b970..242e2f7818 100644 --- a/src/test/test_consdiff.c +++ b/src/test/test_consdiff.c @@ -1,5 +1,5 @@ /* Copyright (c) 2014, Daniel Martà - * Copyright (c) 2014-2019, The Tor Project, Inc. */ + * Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONSDIFF_PRIVATE @@ -14,6 +14,39 @@ #define tt_str_eq_line(a,b) \ tt_assert(line_str_eq((b),(a))) +static int +consensus_split_lines_(smartlist_t *out, const char *s, memarea_t *area) +{ + size_t len = strlen(s); + return consensus_split_lines(out, s, len, area); +} + +static int +consensus_compute_digest_(const char *cons, + consensus_digest_t *digest_out) +{ + size_t len = strlen(cons); + char *tmp = tor_memdup(cons, len); + // We use memdup here to ensure that the input is NOT nul-terminated. + // This makes it likelier for us to spot bugs. + int r = consensus_compute_digest(tmp, len, digest_out); + tor_free(tmp); + return r; +} + +static int +consensus_compute_digest_as_signed_(const char *cons, + consensus_digest_t *digest_out) +{ + size_t len = strlen(cons); + char *tmp = tor_memdup(cons, len); + // We use memdup here to ensure that the input is NOT nul-terminated. + // This makes it likelier for us to spot bugs. + int r = consensus_compute_digest_as_signed(tmp, len, digest_out); + tor_free(tmp); + return r; +} + static void test_consdiff_smartlist_slice(void *arg) { @@ -58,7 +91,7 @@ test_consdiff_smartlist_slice_string_pos(void *arg) /* Create a regular smartlist. */ (void)arg; - consensus_split_lines(sl, "a\nd\nc\na\nb\n", area); + consensus_split_lines_(sl, "a\nd\nc\na\nb\n", area); /* See that smartlist_slice_string_pos respects the bounds of the slice. */ sls = smartlist_slice(sl, 2, 5); @@ -87,8 +120,8 @@ test_consdiff_lcs_lengths(void *arg) int e_lengths2[] = { 0, 1, 1, 2, 3, 4 }; (void)arg; - consensus_split_lines(sl1, "a\nb\nc\nd\ne\n", area); - consensus_split_lines(sl2, "a\nc\nd\ni\ne\n", area); + consensus_split_lines_(sl1, "a\nb\nc\nd\ne\n", area); + consensus_split_lines_(sl2, "a\nc\nd\ni\ne\n", area); sls1 = smartlist_slice(sl1, 0, -1); sls2 = smartlist_slice(sl2, 0, -1); @@ -119,10 +152,10 @@ test_consdiff_trim_slices(void *arg) memarea_t *area = memarea_new(); (void)arg; - consensus_split_lines(sl1, "a\nb\nb\nb\nd\n", area); - consensus_split_lines(sl2, "a\nc\nc\nc\nd\n", area); - consensus_split_lines(sl3, "a\nb\nb\nb\na\n", area); - consensus_split_lines(sl4, "c\nb\nb\nb\nc\n", area); + consensus_split_lines_(sl1, "a\nb\nb\nb\nd\n", area); + consensus_split_lines_(sl2, "a\nc\nc\nc\nd\n", area); + consensus_split_lines_(sl3, "a\nb\nb\nb\na\n", area); + consensus_split_lines_(sl4, "c\nb\nb\nb\nc\n", area); sls1 = smartlist_slice(sl1, 0, -1); sls2 = smartlist_slice(sl2, 0, -1); sls3 = smartlist_slice(sl3, 0, -1); @@ -165,8 +198,8 @@ test_consdiff_set_changed(void *arg) memarea_t *area = memarea_new(); (void)arg; - consensus_split_lines(sl1, "a\nb\na\na\n", area); - consensus_split_lines(sl2, "a\na\na\na\n", area); + consensus_split_lines_(sl1, "a\nb\na\na\n", area); + consensus_split_lines_(sl2, "a\na\na\na\n", area); /* Length of sls1 is 0. */ sls1 = smartlist_slice(sl1, 0, 0); @@ -240,8 +273,8 @@ test_consdiff_calc_changes(void *arg) memarea_t *area = memarea_new(); (void)arg; - consensus_split_lines(sl1, "a\na\na\na\n", area); - consensus_split_lines(sl2, "a\na\na\na\n", area); + consensus_split_lines_(sl1, "a\na\na\na\n", area); + consensus_split_lines_(sl2, "a\na\na\na\n", area); sls1 = smartlist_slice(sl1, 0, -1); sls2 = smartlist_slice(sl2, 0, -1); @@ -259,7 +292,7 @@ test_consdiff_calc_changes(void *arg) tt_assert(!bitarray_is_set(changed2, 3)); smartlist_clear(sl2); - consensus_split_lines(sl2, "a\nb\na\nb\n", area); + consensus_split_lines_(sl2, "a\nb\na\nb\n", area); tor_free(sls1); tor_free(sls2); sls1 = smartlist_slice(sl1, 0, -1); @@ -282,7 +315,7 @@ test_consdiff_calc_changes(void *arg) bitarray_clear(changed1, 3); smartlist_clear(sl2); - consensus_split_lines(sl2, "b\nb\nb\nb\n", area); + consensus_split_lines_(sl2, "b\nb\nb\nb\n", area); tor_free(sls1); tor_free(sls2); sls1 = smartlist_slice(sl1, 0, -1); @@ -610,8 +643,8 @@ test_consdiff_gen_ed_diff(void *arg) /* Test 'a', 'c' and 'd' together. See that it is done in reverse order. */ smartlist_clear(cons1); smartlist_clear(cons2); - consensus_split_lines(cons1, "A\nB\nC\nD\nE\n", area); - consensus_split_lines(cons2, "A\nC\nO\nE\nU\n", area); + consensus_split_lines_(cons1, "A\nB\nC\nD\nE\n", area); + consensus_split_lines_(cons2, "A\nC\nO\nE\nU\n", area); diff = gen_ed_diff(cons1, cons2, area); tt_ptr_op(NULL, OP_NE, diff); tt_int_op(7, OP_EQ, smartlist_len(diff)); @@ -627,8 +660,8 @@ test_consdiff_gen_ed_diff(void *arg) smartlist_clear(cons1); smartlist_clear(cons2); - consensus_split_lines(cons1, "B\n", area); - consensus_split_lines(cons2, "A\nB\n", area); + consensus_split_lines_(cons1, "B\n", area); + consensus_split_lines_(cons2, "A\nB\n", area); diff = gen_ed_diff(cons1, cons2, area); tt_ptr_op(NULL, OP_NE, diff); tt_int_op(3, OP_EQ, smartlist_len(diff)); @@ -656,7 +689,7 @@ test_consdiff_apply_ed_diff(void *arg) diff = smartlist_new(); setup_capture_of_logs(LOG_WARN); - consensus_split_lines(cons1, "A\nB\nC\nD\nE\n", area); + consensus_split_lines_(cons1, "A\nB\nC\nD\nE\n", area); /* Command without range. */ smartlist_add_linecpy(diff, area, "a"); @@ -829,7 +862,7 @@ test_consdiff_apply_ed_diff(void *arg) smartlist_clear(diff); /* Test appending text, 'a'. */ - consensus_split_lines(diff, "3a\nU\nO\n.\n0a\nV\n.\n", area); + consensus_split_lines_(diff, "3a\nU\nO\n.\n0a\nV\n.\n", area); cons2 = apply_ed_diff(cons1, diff, 0); tt_ptr_op(NULL, OP_NE, cons2); tt_int_op(8, OP_EQ, smartlist_len(cons2)); @@ -846,7 +879,7 @@ test_consdiff_apply_ed_diff(void *arg) smartlist_free(cons2); /* Test deleting text, 'd'. */ - consensus_split_lines(diff, "4d\n1,2d\n", area); + consensus_split_lines_(diff, "4d\n1,2d\n", area); cons2 = apply_ed_diff(cons1, diff, 0); tt_ptr_op(NULL, OP_NE, cons2); tt_int_op(2, OP_EQ, smartlist_len(cons2)); @@ -857,7 +890,7 @@ test_consdiff_apply_ed_diff(void *arg) smartlist_free(cons2); /* Test changing text, 'c'. */ - consensus_split_lines(diff, "4c\nT\nX\n.\n1,2c\nM\n.\n", area); + consensus_split_lines_(diff, "4c\nT\nX\n.\n1,2c\nM\n.\n", area); cons2 = apply_ed_diff(cons1, diff, 0); tt_ptr_op(NULL, OP_NE, cons2); tt_int_op(5, OP_EQ, smartlist_len(cons2)); @@ -871,7 +904,7 @@ test_consdiff_apply_ed_diff(void *arg) smartlist_free(cons2); /* Test 'a', 'd' and 'c' together. */ - consensus_split_lines(diff, "4c\nT\nX\n.\n2d\n0a\nM\n.\n", area); + consensus_split_lines_(diff, "4c\nT\nX\n.\n2d\n0a\nM\n.\n", area); cons2 = apply_ed_diff(cons1, diff, 0); tt_ptr_op(NULL, OP_NE, cons2); tt_int_op(6, OP_EQ, smartlist_len(cons2)); @@ -918,12 +951,12 @@ test_consdiff_gen_diff(void *arg) ); tt_int_op(0, OP_EQ, - consensus_compute_digest_as_signed(cons1_str, &digests1)); + consensus_compute_digest_as_signed_(cons1_str, &digests1)); tt_int_op(0, OP_EQ, - consensus_compute_digest(cons2_str, &digests2)); + consensus_compute_digest_(cons2_str, &digests2)); - consensus_split_lines(cons1, cons1_str, area); - consensus_split_lines(cons2, cons2_str, area); + consensus_split_lines_(cons1, cons1_str, area); + consensus_split_lines_(cons2, cons2_str, area); diff = consdiff_gen_diff(cons1, cons2, &digests1, &digests2, area); tt_ptr_op(NULL, OP_EQ, diff); @@ -937,9 +970,9 @@ test_consdiff_gen_diff(void *arg) "directory-signature foo bar\nbar\n" ); tt_int_op(0, OP_EQ, - consensus_compute_digest_as_signed(cons1_str, &digests1)); + consensus_compute_digest_as_signed_(cons1_str, &digests1)); smartlist_clear(cons1); - consensus_split_lines(cons1, cons1_str, area); + consensus_split_lines_(cons1, cons1_str, area); diff = consdiff_gen_diff(cons1, cons2, &digests1, &digests2, area); tt_ptr_op(NULL, OP_NE, diff); tt_int_op(11, OP_EQ, smartlist_len(diff)); @@ -991,13 +1024,13 @@ test_consdiff_apply_diff(void *arg) "directory-signature foo bar\nbar\n" ); tt_int_op(0, OP_EQ, - consensus_compute_digest(cons1_str, &digests1)); - consensus_split_lines(cons1, cons1_str, area); + consensus_compute_digest_(cons1_str, &digests1)); + consensus_split_lines_(cons1, cons1_str, area); /* diff doesn't have enough lines. */ cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); - expect_single_log_msg_containing("too short") + expect_single_log_msg_containing("too short"); /* first line doesn't match format-version string. */ smartlist_add_linecpy(diff, area, "foo-bar"); @@ -1005,7 +1038,7 @@ test_consdiff_apply_diff(void *arg) mock_clean_saved_logs(); cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); - expect_single_log_msg_containing("format is not known") + expect_single_log_msg_containing("format is not known"); /* The first word of the second header line is not "hash". */ smartlist_clear(diff); @@ -1015,7 +1048,7 @@ test_consdiff_apply_diff(void *arg) mock_clean_saved_logs(); cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); - expect_single_log_msg_containing("does not include the necessary digests") + expect_single_log_msg_containing("does not include the necessary digests"); /* Wrong number of words after "hash". */ smartlist_clear(diff); @@ -1024,7 +1057,7 @@ test_consdiff_apply_diff(void *arg) mock_clean_saved_logs(); cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); - expect_single_log_msg_containing("does not include the necessary digests") + expect_single_log_msg_containing("does not include the necessary digests"); /* base16 digests do not have the expected length. */ smartlist_clear(diff); @@ -1034,7 +1067,7 @@ test_consdiff_apply_diff(void *arg) cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); expect_single_log_msg_containing("includes base16-encoded digests of " - "incorrect size") + "incorrect size"); /* base16 digests contain non-base16 characters. */ smartlist_clear(diff); @@ -1045,7 +1078,7 @@ test_consdiff_apply_diff(void *arg) mock_clean_saved_logs(); cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); - expect_single_log_msg_containing("includes malformed digests") + expect_single_log_msg_containing("includes malformed digests"); /* Invalid ed diff. * As tested in apply_ed_diff, but check that apply_diff does return NULL if @@ -1062,7 +1095,7 @@ test_consdiff_apply_diff(void *arg) cons2 = consdiff_apply_diff(cons1, diff, &digests1); tt_ptr_op(NULL, OP_EQ, cons2); expect_single_log_msg_containing("because an ed command was missing a line " - "number") + "number"); /* Base consensus doesn't match its digest as found in the diff. */ smartlist_clear(diff); @@ -1182,4 +1215,3 @@ struct testcase_t consdiff_tests[] = { CONSDIFF_LEGACY(apply_diff), END_OF_TESTCASES }; - diff --git a/src/test/test_consdiffmgr.c b/src/test/test_consdiffmgr.c index 254a5ba5d0..4bec6baeb0 100644 --- a/src/test/test_consdiffmgr.c +++ b/src/test/test_consdiffmgr.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONSDIFFMGR_PRIVATE @@ -21,6 +21,23 @@ #include "test/test.h" #include "test/log_test_helpers.h" +#define consdiffmgr_add_consensus consdiffmgr_add_consensus_nulterm + +static char * +consensus_diff_apply_(const char *c, const char *d) +{ + size_t c_len = strlen(c); + size_t d_len = strlen(d); + // We use memdup here to ensure that the input is NOT nul-terminated. + // This makes it likelier for us to spot bugs. + char *c_tmp = tor_memdup(c, c_len); + char *d_tmp = tor_memdup(d, d_len); + char *result = consensus_diff_apply(c_tmp, c_len, d_tmp, d_len); + tor_free(c_tmp); + tor_free(d_tmp); + return result; +} + // ============================== Setup/teardown the consdiffmgr // These functions get run before/after each test in this module @@ -102,7 +119,7 @@ typedef struct fake_work_queue_ent_t { void (*reply_fn)(void *); void *arg; } fake_work_queue_ent_t; -static struct workqueue_entry_s * +static struct workqueue_entry_t * mock_cpuworker_queue_work(workqueue_priority_t prio, enum workqueue_reply_t (*fn)(void *, void *), void (*reply_fn)(void *), @@ -118,7 +135,7 @@ mock_cpuworker_queue_work(workqueue_priority_t prio, ent->reply_fn = reply_fn; ent->arg = arg; smartlist_add(fake_cpuworker_queue, ent); - return (struct workqueue_entry_s *)ent; + return (struct workqueue_entry_t *)ent; } static int mock_cpuworker_run_work(void) @@ -153,7 +170,8 @@ lookup_diff_from(consensus_cache_entry_t **out, const char *str1) { uint8_t digest[DIGEST256_LEN]; - if (router_get_networkstatus_v3_sha3_as_signed(digest, str1)<0) { + if (router_get_networkstatus_v3_sha3_as_signed(digest, + str1, strlen(str1))<0) { TT_FAIL(("Unable to compute sha3-as-signed")); return CONSDIFF_NOT_FOUND; } @@ -175,14 +193,15 @@ lookup_apply_and_verify_diff(consensus_flavor_t flav, consensus_cache_entry_incref(ent); size_t size; - char *diff_string = NULL; - int r = uncompress_or_copy(&diff_string, &size, ent); + const char *diff_string = NULL; + char *diff_owned = NULL; + int r = uncompress_or_set_ptr(&diff_string, &size, &diff_owned, ent); consensus_cache_entry_decref(ent); if (diff_string == NULL || r < 0) return -1; - char *applied = consensus_diff_apply(str1, diff_string); - tor_free(diff_string); + char *applied = consensus_diff_apply(str1, strlen(str1), diff_string, size); + tor_free(diff_owned); if (applied == NULL) return -1; @@ -282,7 +301,8 @@ test_consdiffmgr_add(void *arg) (void) arg; time_t now = approx_time(); - char *body = NULL; + const char *body = NULL; + char *body_owned = NULL; consensus_cache_entry_t *ent = NULL; networkstatus_t *ns_tmp = fake_ns_new(FLAV_NS, now); @@ -324,7 +344,7 @@ test_consdiffmgr_add(void *arg) tt_assert(ent); consensus_cache_entry_incref(ent); size_t s; - r = uncompress_or_copy(&body, &s, ent); + r = uncompress_or_set_ptr(&body, &s, &body_owned, ent); tt_int_op(r, OP_EQ, 0); tt_int_op(s, OP_EQ, 4); tt_mem_op(body, OP_EQ, "quux", 4); @@ -337,7 +357,7 @@ test_consdiffmgr_add(void *arg) networkstatus_vote_free(ns_tmp); teardown_capture_of_logs(); consensus_cache_entry_decref(ent); - tor_free(body); + tor_free(body_owned); } static void @@ -370,7 +390,8 @@ test_consdiffmgr_make_diffs(void *arg) ns = fake_ns_new(FLAV_MICRODESC, now-3600); md_ns_body = fake_ns_body_new(FLAV_MICRODESC, now-3600); r = consdiffmgr_add_consensus(md_ns_body, ns); - router_get_networkstatus_v3_sha3_as_signed(md_ns_sha3, md_ns_body); + router_get_networkstatus_v3_sha3_as_signed(md_ns_sha3, md_ns_body, + strlen(md_ns_body)); networkstatus_vote_free(ns); tt_int_op(r, OP_EQ, 0); @@ -414,7 +435,7 @@ test_consdiffmgr_make_diffs(void *arg) r = consensus_cache_entry_get_body(diff, &diff_body, &diff_size); tt_int_op(r, OP_EQ, 0); diff_text = tor_memdup_nulterm(diff_body, diff_size); - applied = consensus_diff_apply(md_ns_body, diff_text); + applied = consensus_diff_apply_(md_ns_body, diff_text); tt_assert(applied); tt_str_op(applied, OP_EQ, md_ns_body_2); diff --git a/src/test/test_containers.c b/src/test/test_containers.c index aedd2f7a89..6072148d1b 100644 --- a/src/test/test_containers.c +++ b/src/test/test_containers.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -96,6 +96,30 @@ test_container_smartlist_basic(void *arg) tor_free(v555); } +/** Test SMARTLIST_FOREACH_REVERSE_BEGIN loop macro */ +static void +test_container_smartlist_foreach_reverse(void *arg) +{ + smartlist_t *sl = smartlist_new(); + int i; + + (void) arg; + + /* Add integers to smartlist in increasing order */ + for (i=0;i<100;i++) { + smartlist_add(sl, (void*)(uintptr_t)i); + } + + /* Pop them out in reverse and test their value */ + SMARTLIST_FOREACH_REVERSE_BEGIN(sl, void*, k) { + i--; + tt_ptr_op(k, OP_EQ, (void*)(uintptr_t)i); + } SMARTLIST_FOREACH_END(k); + + done: + smartlist_free(sl); +} + /** Run unit tests for smartlist-of-strings functionality. */ static void test_container_smartlist_strings(void *arg) @@ -582,6 +606,66 @@ test_container_smartlist_ints_eq(void *arg) smartlist_free(sl2); } +static void +test_container_smartlist_grow(void *arg) +{ + (void)arg; + smartlist_t *sl = smartlist_new(); + int i; + const char *s[] = { "first", "2nd", "3rd" }; + + /* case 1: starting from empty. */ + smartlist_grow(sl, 10); + tt_int_op(10, OP_EQ, smartlist_len(sl)); + for (i = 0; i < 10; ++i) { + tt_ptr_op(smartlist_get(sl, i), OP_EQ, NULL); + } + + /* case 2: starting with a few elements, probably not reallocating. */ + smartlist_free(sl); + sl = smartlist_new(); + smartlist_add(sl, (char*)s[0]); + smartlist_add(sl, (char*)s[1]); + smartlist_add(sl, (char*)s[2]); + smartlist_grow(sl, 5); + tt_int_op(5, OP_EQ, smartlist_len(sl)); + for (i = 0; i < 3; ++i) { + tt_ptr_op(smartlist_get(sl, i), OP_EQ, s[i]); + } + tt_ptr_op(smartlist_get(sl, 3), OP_EQ, NULL); + tt_ptr_op(smartlist_get(sl, 4), OP_EQ, NULL); + + /* case 3: starting with a few elements, but reallocating. */ + smartlist_free(sl); + sl = smartlist_new(); + smartlist_add(sl, (char*)s[0]); + smartlist_add(sl, (char*)s[1]); + smartlist_add(sl, (char*)s[2]); + smartlist_grow(sl, 100); + tt_int_op(100, OP_EQ, smartlist_len(sl)); + for (i = 0; i < 3; ++i) { + tt_ptr_op(smartlist_get(sl, i), OP_EQ, s[i]); + } + for (i = 3; i < 100; ++i) { + tt_ptr_op(smartlist_get(sl, i), OP_EQ, NULL); + } + + /* case 4: shrinking doesn't happen. */ + smartlist_free(sl); + sl = smartlist_new(); + smartlist_add(sl, (char*)s[0]); + smartlist_add(sl, (char*)s[1]); + smartlist_add(sl, (char*)s[2]); + smartlist_grow(sl, 1); + tt_int_op(3, OP_EQ, smartlist_len(sl)); + for (i = 0; i < 3; ++i) { + tt_ptr_op(smartlist_get(sl, i), OP_EQ, s[i]); + } + + done: + smartlist_free(sl); +} + /** Run unit tests for bitarray code */ static void test_container_bitarray(void *arg) @@ -922,6 +1006,10 @@ test_container_smartlist_remove(void *arg) tt_ptr_op(smartlist_get(sl, 1), OP_EQ, &array[2]); tt_ptr_op(smartlist_get(sl, 2), OP_EQ, &array[1]); tt_ptr_op(smartlist_get(sl, 3), OP_EQ, &array[2]); + /* Ordinary code should never look at this pointer; we're doing it here + * to make sure that we really cleared the pointer we removed. + */ + tt_ptr_op(sl->list[4], OP_EQ, NULL); done: smartlist_free(sl); @@ -1281,12 +1369,14 @@ test_container_smartlist_strings_eq(void *arg) struct testcase_t container_tests[] = { CONTAINER_LEGACY(smartlist_basic), CONTAINER_LEGACY(smartlist_strings), + CONTAINER_LEGACY(smartlist_foreach_reverse), CONTAINER_LEGACY(smartlist_overlap), CONTAINER_LEGACY(smartlist_digests), CONTAINER_LEGACY(smartlist_join), CONTAINER_LEGACY(smartlist_pos), CONTAINER(smartlist_remove, 0), CONTAINER(smartlist_ints_eq, 0), + CONTAINER(smartlist_grow, 0), CONTAINER_LEGACY(bitarray), CONTAINER_LEGACY(digestset), CONTAINER_LEGACY(strmap), diff --git a/src/test/test_controller.c b/src/test/test_controller.c index 5b406e159b..a69ec17db8 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -1,12 +1,19 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define CONTROL_PRIVATE +#define CONTROL_CMD_PRIVATE +#define CONTROL_GETINFO_PRIVATE #include "core/or/or.h" +#include "app/config/config.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "feature/client/bridges.h" #include "feature/control/control.h" +#include "feature/control/control_cmd.h" +#include "feature/control/control_getinfo.h" +#include "feature/control/control_proto.h" #include "feature/client/entrynodes.h" +#include "feature/dircache/cached_dir_st.h" +#include "feature/dircache/dirserv.h" #include "feature/hs/hs_common.h" #include "feature/nodelist/networkstatus.h" #include "feature/rend/rendservice.h" @@ -15,48 +22,257 @@ #include "test/test.h" #include "test/test_helpers.h" #include "lib/net/resolve.h" +#include "lib/encoding/confline.h" +#include "lib/encoding/kvline.h" #include "feature/control/control_connection_st.h" +#include "feature/control/control_cmd_args_st.h" #include "feature/dirclient/download_status_st.h" #include "feature/nodelist/microdesc_st.h" #include "feature/nodelist/node_st.h" +typedef struct { + const char *input; + const char *expected_parse; + const char *expected_error; +} parser_testcase_t; + +typedef struct { + const control_cmd_syntax_t *syntax; + size_t n_testcases; + const parser_testcase_t *testcases; +} parse_test_params_t; + +static char * +control_cmd_dump_args(const control_cmd_args_t *result) +{ + buf_t *buf = buf_new(); + buf_add_string(buf, "{ args=["); + if (result->args) { + if (smartlist_len(result->args)) { + buf_add_string(buf, " "); + } + SMARTLIST_FOREACH_BEGIN(result->args, const char *, s) { + const bool last = (s_sl_idx == smartlist_len(result->args)-1); + buf_add_printf(buf, "%s%s ", + escaped(s), + last ? "" : ","); + } SMARTLIST_FOREACH_END(s); + } + buf_add_string(buf, "]"); + if (result->cmddata) { + buf_add_string(buf, ", obj="); + buf_add_string(buf, escaped(result->cmddata)); + } + if (result->kwargs) { + buf_add_string(buf, ", { "); + const config_line_t *line; + for (line = result->kwargs; line; line = line->next) { + const bool last = (line->next == NULL); + buf_add_printf(buf, "%s=%s%s ", line->key, escaped(line->value), + last ? "" : ","); + } + buf_add_string(buf, "}"); + } + buf_add_string(buf, " }"); + + char *encoded = buf_extract(buf, NULL); + buf_free(buf); + return encoded; +} + +static void +test_controller_parse_cmd(void *arg) +{ + const parse_test_params_t *params = arg; + control_cmd_args_t *result = NULL; + char *error = NULL; + char *encoded = NULL; + + for (size_t i = 0; i < params->n_testcases; ++i) { + const parser_testcase_t *t = ¶ms->testcases[i]; + result = control_cmd_parse_args("EXAMPLE", + params->syntax, + strlen(t->input), + t->input, + &error); + // A valid test should expect exactly one parse or error. + tt_int_op((t->expected_parse == NULL), OP_NE, + (t->expected_error == NULL)); + // We get a result or an error, not both. + tt_int_op((result == NULL), OP_EQ, (error != NULL)); + // We got the one we expected. + tt_int_op((result == NULL), OP_EQ, (t->expected_parse == NULL)); + + if (result) { + encoded = control_cmd_dump_args(result); + tt_str_op(encoded, OP_EQ, t->expected_parse); + } else { + tt_str_op(error, OP_EQ, t->expected_error); + } + + tor_free(error); + tor_free(encoded); + control_cmd_args_free(result); + } + + done: + tor_free(error); + tor_free(encoded); + control_cmd_args_free(result); +} + +#ifndef COCCI +#define OK(inp, out) \ + { inp "\r\n", out, NULL } +#define ERR(inp, err) \ + { inp "\r\n", NULL, err } + +#define TESTPARAMS(syntax, array) \ + { &syntax, \ + ARRAY_LENGTH(array), \ + array } +#endif /* !defined(COCCI) */ + +static const parser_testcase_t one_to_three_tests[] = { + ERR("", "Need at least 1 argument(s)"), + ERR(" \t", "Need at least 1 argument(s)"), + OK("hello", "{ args=[ \"hello\" ] }"), + OK("hello world", "{ args=[ \"hello\", \"world\" ] }"), + OK("hello world", "{ args=[ \"hello\", \"world\" ] }"), + OK(" hello world", "{ args=[ \"hello\", \"world\" ] }"), + OK(" hello world ", "{ args=[ \"hello\", \"world\" ] }"), + OK("hello there world", "{ args=[ \"hello\", \"there\", \"world\" ] }"), + ERR("why hello there world", "Cannot accept more than 3 argument(s)"), + ERR("hello\r\nworld.\r\n.", "Unexpected body"), +}; + +static const control_cmd_syntax_t one_to_three_syntax = { + .min_args=1, .max_args=3 +}; + +static const parse_test_params_t parse_one_to_three_params = + TESTPARAMS( one_to_three_syntax, one_to_three_tests ); + +// = +static const parser_testcase_t no_args_one_obj_tests[] = { + ERR("Hi there!\r\n.", "Cannot accept more than 0 argument(s)"), + ERR("", "Empty body"), + OK("\r\n", "{ args=[], obj=\"\\n\" }"), + OK("\r\nHello world\r\n", "{ args=[], obj=\"Hello world\\n\\n\" }"), + OK("\r\nHello\r\nworld\r\n", "{ args=[], obj=\"Hello\\nworld\\n\\n\" }"), + OK("\r\nHello\r\n..\r\nworld\r\n", + "{ args=[], obj=\"Hello\\n.\\nworld\\n\\n\" }"), +}; +static const control_cmd_syntax_t no_args_one_obj_syntax = { + .min_args=0, .max_args=0, + .want_cmddata=true, +}; +static const parse_test_params_t parse_no_args_one_obj_params = + TESTPARAMS( no_args_one_obj_syntax, no_args_one_obj_tests ); + +static const parser_testcase_t no_args_kwargs_tests[] = { + OK("", "{ args=[] }"), + OK(" ", "{ args=[] }"), + OK("hello there=world", "{ args=[], { hello=\"\", there=\"world\" } }"), + OK("hello there=world today", + "{ args=[], { hello=\"\", there=\"world\", today=\"\" } }"), + ERR("=Foo", "Cannot parse keyword argument(s)"), +}; +static const control_cmd_syntax_t no_args_kwargs_syntax = { + .min_args=0, .max_args=0, + .accept_keywords=true, + .kvline_flags=KV_OMIT_VALS +}; +static const parse_test_params_t parse_no_args_kwargs_params = + TESTPARAMS( no_args_kwargs_syntax, no_args_kwargs_tests ); + +static const char *one_arg_kwargs_allow_keywords[] = { + "Hello", "world", NULL +}; +static const parser_testcase_t one_arg_kwargs_tests[] = { + ERR("", "Need at least 1 argument(s)"), + OK("Hi", "{ args=[ \"Hi\" ] }"), + ERR("hello there=world", "Unrecognized keyword argument \"there\""), + OK("Hi HELLO=foo", "{ args=[ \"Hi\" ], { HELLO=\"foo\" } }"), + OK("Hi world=\"bar baz\" hello ", + "{ args=[ \"Hi\" ], { world=\"bar baz\", hello=\"\" } }"), +}; +static const control_cmd_syntax_t one_arg_kwargs_syntax = { + .min_args=1, .max_args=1, + .accept_keywords=true, + .allowed_keywords=one_arg_kwargs_allow_keywords, + .kvline_flags=KV_OMIT_VALS|KV_QUOTED, +}; +static const parse_test_params_t parse_one_arg_kwargs_params = + TESTPARAMS( one_arg_kwargs_syntax, one_arg_kwargs_tests ); + +static char *reply_str = NULL; +/* Mock for control_write_reply that copies the string for inspection + * by tests */ +static void +mock_control_write_reply(control_connection_t *conn, int code, int c, + const char *s) +{ + (void)conn; + (void)code; + (void)c; + tor_free(reply_str); + reply_str = tor_strdup(s); +} + static void test_add_onion_helper_keyarg_v3(void *arg) { int ret, hs_version; add_onion_secret_key_t pk; char *key_new_blob = NULL; - char *err_msg = NULL; const char *key_new_alg = NULL; (void) arg; + MOCK(control_write_reply, mock_control_write_reply); memset(&pk, 0, sizeof(pk)); /* Test explicit ED25519-V3 key generation. */ + tor_free(reply_str); ret = add_onion_helper_keyarg("NEW:ED25519-V3", 0, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); tt_assert(pk.v3); tt_str_op(key_new_alg, OP_EQ, "ED25519-V3"); tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); + /* Test "BEST" key generation (Assumes BEST = ED25519-V3). */ + tor_free(pk.v3); pk.v3 = NULL; + tor_free(key_new_blob); + ret = add_onion_helper_keyarg("NEW:BEST", 0, &key_new_alg, &key_new_blob, + &pk, &hs_version, NULL); + tt_int_op(ret, OP_EQ, 0); + tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); + tt_assert(pk.v3); + tt_str_op(key_new_alg, OP_EQ, "ED25519-V3"); + tt_assert(key_new_blob); + tt_ptr_op(reply_str, OP_EQ, NULL); + /* Test discarding the private key. */ + tor_free(reply_str); + tor_free(pk.v3); pk.v3 = NULL; + tor_free(key_new_blob); ret = add_onion_helper_keyarg("NEW:ED25519-V3", 1, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); tt_assert(pk.v3); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); @@ -76,9 +292,10 @@ test_add_onion_helper_keyarg_v3(void *arg) tor_asprintf(&key_blob, "ED25519-V3:%s", base64_sk); tt_assert(key_blob); + tor_free(reply_str); ret = add_onion_helper_keyarg(key_blob, 1, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tor_free(key_blob); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); @@ -86,7 +303,7 @@ test_add_onion_helper_keyarg_v3(void *arg) tt_mem_op(pk.v3, OP_EQ, hex_sk, 64); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); } @@ -94,7 +311,8 @@ test_add_onion_helper_keyarg_v3(void *arg) done: tor_free(pk.v3); tor_free(key_new_blob); - tor_free(err_msg); + tor_free(reply_str); + UNMOCK(control_write_reply); } static void @@ -105,72 +323,61 @@ test_add_onion_helper_keyarg_v2(void *arg) crypto_pk_t *pk1 = NULL; const char *key_new_alg = NULL; char *key_new_blob = NULL; - char *err_msg = NULL; char *encoded = NULL; char *arg_str = NULL; (void) arg; + MOCK(control_write_reply, mock_control_write_reply); memset(&pk, 0, sizeof(pk)); /* Test explicit RSA1024 key generation. */ + tor_free(reply_str); ret = add_onion_helper_keyarg("NEW:RSA1024", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_str_op(key_new_alg, OP_EQ, "RSA1024"); tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); - - /* Test "BEST" key generation (Assumes BEST = RSA1024). */ - crypto_pk_free(pk.v2); pk.v2 = NULL; - tor_free(key_new_blob); - ret = add_onion_helper_keyarg("NEW:BEST", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); - tt_int_op(ret, OP_EQ, 0); - tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); - tt_assert(pk.v2); - tt_str_op(key_new_alg, OP_EQ, "RSA1024"); - tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); /* Test discarding the private key. */ crypto_pk_free(pk.v2); pk.v2 = NULL; tor_free(key_new_blob); - ret = add_onion_helper_keyarg("NEW:BEST", 1, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + ret = add_onion_helper_keyarg("NEW:RSA1024", 1, &key_new_alg, &key_new_blob, + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); /* Test generating a invalid key type. */ crypto_pk_free(pk.v2); pk.v2 = NULL; ret = add_onion_helper_keyarg("NEW:RSA512", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); /* Test loading a RSA1024 key. */ - tor_free(err_msg); + tor_free(reply_str); pk1 = pk_generate(0); tt_int_op(0, OP_EQ, crypto_pk_base64_encode_private(pk1, &encoded)); tor_asprintf(&arg_str, "RSA1024:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tt_int_op(crypto_pk_cmp_keys(pk1, pk.v2), OP_EQ, 0); /* Test loading a invalid key type. */ @@ -179,36 +386,37 @@ test_add_onion_helper_keyarg_v2(void *arg) crypto_pk_free(pk.v2); pk.v2 = NULL; tor_asprintf(&arg_str, "RSA512:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); /* Test loading a invalid key. */ tor_free(arg_str); crypto_pk_free(pk.v2); pk.v2 = NULL; - tor_free(err_msg); + tor_free(reply_str); encoded[strlen(encoded)/2] = '\0'; tor_asprintf(&arg_str, "RSA1024:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); done: crypto_pk_free(pk1); crypto_pk_free(pk.v2); tor_free(key_new_blob); - tor_free(err_msg); + tor_free(reply_str); tor_free(encoded); tor_free(arg_str); + UNMOCK(control_write_reply); } static void @@ -362,49 +570,52 @@ static void test_add_onion_helper_clientauth(void *arg) { rend_authorized_client_t *client = NULL; - char *err_msg = NULL; int created = 0; (void)arg; + MOCK(control_write_reply, mock_control_write_reply); /* Test "ClientName" only. */ - client = add_onion_helper_clientauth("alice", &created, &err_msg); + tor_free(reply_str); + client = add_onion_helper_clientauth("alice", &created, NULL); tt_assert(client); tt_assert(created); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); rend_authorized_client_free(client); /* Test "ClientName:Blob" */ + tor_free(reply_str); client = add_onion_helper_clientauth("alice:475hGBHPlq7Mc0cRZitK/B", - &created, &err_msg); + &created, NULL); tt_assert(client); tt_assert(!created); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); rend_authorized_client_free(client); /* Test invalid client names */ + tor_free(reply_str); client = add_onion_helper_clientauth("no*asterisks*allowed", &created, - &err_msg); + NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); /* Test invalid auth cookie */ - client = add_onion_helper_clientauth("alice:12345", &created, &err_msg); + tor_free(reply_str); + client = add_onion_helper_clientauth("alice:12345", &created, NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); /* Test invalid syntax */ + tor_free(reply_str); client = add_onion_helper_clientauth(":475hGBHPlq7Mc0cRZitK/B", &created, - &err_msg); + NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); done: rend_authorized_client_free(client); - tor_free(err_msg); + tor_free(reply_str); + UNMOCK(control_write_reply); } /* Mocks and data/variables used for GETINFO download status tests */ @@ -1485,6 +1696,138 @@ test_download_status_bridge(void *arg) return; } +/** Mock cached consensus */ +static cached_dir_t *mock_ns_consensus_cache; +static cached_dir_t *mock_microdesc_consensus_cache; + +/** Mock the function that retrieves consensus from cache. These use a + * global variable so that they can be cleared from within the test. + * The actual code retains the pointer to the consensus data, but + * we are doing this here, to prevent memory leaks + * from within the tests */ +static cached_dir_t * +mock_dirserv_get_consensus(const char *flavor_name) +{ + if (!strcmp(flavor_name, "ns")) { + mock_ns_consensus_cache = tor_malloc_zero(sizeof(cached_dir_t)); + mock_ns_consensus_cache->dir = tor_strdup("mock_ns_consensus"); + return mock_ns_consensus_cache; + } else { + mock_microdesc_consensus_cache = tor_malloc_zero(sizeof(cached_dir_t)); + mock_microdesc_consensus_cache->dir = tor_strdup( + "mock_microdesc_consensus"); + return mock_microdesc_consensus_cache; + } +} + +/** Mock the function that retrieves consensuses + * from a files in the directory. */ +static tor_mmap_t * +mock_tor_mmap_file(const char* filename) +{ + tor_mmap_t *res; + res = tor_malloc_zero(sizeof(tor_mmap_t)); + if (strstr(filename, "cached-consensus") != NULL) { + res->data = "mock_ns_consensus"; + } else if (strstr(filename, "cached-microdesc-consensus") != NULL) { + res->data = "mock_microdesc_consensus"; + } else { + res->data = "."; + } + res->size = strlen(res->data); + return res; +} + +/** Mock the function that clears file data + * loaded into the memory */ +static int +mock_tor_munmap_file(tor_mmap_t *handle) +{ + tor_free(handle); + return 0; +} + +static void +test_getinfo_helper_current_consensus_from_file(void *arg) +{ + /* We just need one of these to pass, it doesn't matter what's in it */ + control_connection_t dummy; + /* Get results out */ + char *answer = NULL; + const char *errmsg = NULL; + + (void)arg; + + MOCK(tor_mmap_file, mock_tor_mmap_file); + MOCK(tor_munmap_file, mock_tor_munmap_file); + + getinfo_helper_dir(&dummy, + "dir/status-vote/current/consensus", + &answer, + &errmsg); + tt_str_op(answer, OP_EQ, "mock_ns_consensus"); + tt_ptr_op(errmsg, OP_EQ, NULL); + tor_free(answer); + errmsg = NULL; + + getinfo_helper_dir(&dummy, + "dir/status-vote/current/consensus-microdesc", + &answer, + &errmsg); + tt_str_op(answer, OP_EQ, "mock_microdesc_consensus"); + tt_ptr_op(errmsg, OP_EQ, NULL); + errmsg = NULL; + + done: + tor_free(answer); + UNMOCK(tor_mmap_file); + UNMOCK(tor_munmap_file); + return; +} + +static void +test_getinfo_helper_current_consensus_from_cache(void *arg) +{ + /* We just need one of these to pass, it doesn't matter what's in it */ + control_connection_t dummy; + /* Get results out */ + char *answer = NULL; + const char *errmsg = NULL; + + (void)arg; + or_options_t *options = get_options_mutable(); + options->FetchUselessDescriptors = 1; + MOCK(dirserv_get_consensus, mock_dirserv_get_consensus); + + getinfo_helper_dir(&dummy, + "dir/status-vote/current/consensus", + &answer, + &errmsg); + tt_str_op(answer, OP_EQ, "mock_ns_consensus"); + tt_ptr_op(errmsg, OP_EQ, NULL); + tor_free(answer); + tor_free(mock_ns_consensus_cache->dir); + tor_free(mock_ns_consensus_cache); + errmsg = NULL; + + getinfo_helper_dir(&dummy, + "dir/status-vote/current/consensus-microdesc", + &answer, + &errmsg); + tt_str_op(answer, OP_EQ, "mock_microdesc_consensus"); + tt_ptr_op(errmsg, OP_EQ, NULL); + tor_free(mock_microdesc_consensus_cache->dir); + tor_free(answer); + errmsg = NULL; + + done: + options->FetchUselessDescriptors = 0; + tor_free(answer); + tor_free(mock_microdesc_consensus_cache); + UNMOCK(dirserv_get_consensus); + return; +} + /** Set timeval to a mock date and time. This is necessary * to make tor_gettimeofday() mockable. */ static void @@ -1543,7 +1886,7 @@ test_current_time(void *arg) static size_t n_nodelist_get_list = 0; static smartlist_t *nodes = NULL; -static smartlist_t * +static const smartlist_t * mock_nodelist_get_list(void) { n_nodelist_get_list++; @@ -1614,7 +1957,172 @@ test_getinfo_md_all(void *arg) return; } +static smartlist_t *reply_strs; + +static void +mock_control_write_reply_list(control_connection_t *conn, int code, int c, + const char *s) +{ + (void)conn; + /* To make matching easier, don't append "\r\n" */ + smartlist_add_asprintf(reply_strs, "%03d%c%s", code, c, s); +} + +static void +test_control_reply(void *arg) +{ + (void)arg; + smartlist_t *lines = smartlist_new(); + + MOCK(control_write_reply, mock_control_write_reply); + + tor_free(reply_str); + control_reply_clear(lines); + control_reply_add_str(lines, 250, "FOO"); + control_write_reply_lines(NULL, lines); + tt_str_op(reply_str, OP_EQ, "FOO"); + + tor_free(reply_str); + control_reply_clear(lines); + control_reply_add_done(lines); + control_write_reply_lines(NULL, lines); + tt_str_op(reply_str, OP_EQ, "OK"); + + tor_free(reply_str); + control_reply_clear(lines); + UNMOCK(control_write_reply); + MOCK(control_write_reply, mock_control_write_reply_list); + reply_strs = smartlist_new(); + control_reply_add_one_kv(lines, 250, 0, "A", "B"); + control_reply_add_one_kv(lines, 250, 0, "C", "D"); + control_write_reply_lines(NULL, lines); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 2); + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, "250-A=B"); + tt_str_op((char *)smartlist_get(reply_strs, 1), OP_EQ, "250 C=D"); + + control_reply_clear(lines); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + control_reply_add_printf(lines, 250, "PROTOCOLINFO %d", 1); + control_reply_add_one_kv(lines, 250, KV_OMIT_VALS|KV_RAW, "AUTH", ""); + control_reply_append_kv(lines, "METHODS", "COOKIE"); + control_reply_append_kv(lines, "COOKIEFILE", escaped("/tmp/cookie")); + control_reply_add_done(lines); + control_write_reply_lines(NULL, lines); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 3); + tt_str_op((char *)smartlist_get(reply_strs, 0), + OP_EQ, "250-PROTOCOLINFO 1"); + tt_str_op((char *)smartlist_get(reply_strs, 1), + OP_EQ, "250-AUTH METHODS=COOKIE COOKIEFILE=\"/tmp/cookie\""); + tt_str_op((char *)smartlist_get(reply_strs, 2), + OP_EQ, "250 OK"); + + done: + UNMOCK(control_write_reply); + tor_free(reply_str); + control_reply_free(lines); + if (reply_strs) + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_free(reply_strs); + return; +} + +static void +test_control_getconf(void *arg) +{ + (void)arg; + control_connection_t conn; + char *args = NULL; + int r = -1; + + memset(&conn, 0, sizeof(conn)); + conn.current_cmd = tor_strdup("GETCONF"); + + MOCK(control_write_reply, mock_control_write_reply_list); + reply_strs = smartlist_new(); + + args = tor_strdup(""); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 1); + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, "250 OK"); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + tor_free(args); + + args = tor_strdup("NoSuch"); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 1); + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, + "552 Unrecognized configuration key \"NoSuch\""); + tor_free(args); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + + args = tor_strdup("NoSuch1 NoSuch2"); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 2); + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, + "552-Unrecognized configuration key \"NoSuch1\""); + tt_str_op((char *)smartlist_get(reply_strs, 1), OP_EQ, + "552 Unrecognized configuration key \"NoSuch2\""); + tor_free(args); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + + args = tor_strdup("ControlPort NoSuch"); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + /* Valid keys ignored if there are any invalid ones */ + tt_int_op(smartlist_len(reply_strs), OP_EQ, 1); + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, + "552 Unrecognized configuration key \"NoSuch\""); + tor_free(args); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + + args = tor_strdup("ClientOnly"); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 1); + /* According to config.c, this is an exception for the unit tests */ + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, "250 ClientOnly=0"); + tor_free(args); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + + args = tor_strdup("BridgeRelay ClientOnly"); + r = handle_control_command(&conn, (uint32_t)strlen(args), args); + tt_int_op(r, OP_EQ, 0); + tt_int_op(smartlist_len(reply_strs), OP_EQ, 2); + /* Change if config.c changes BridgeRelay default (unlikely) */ + tt_str_op((char *)smartlist_get(reply_strs, 0), OP_EQ, "250-BridgeRelay=0"); + tt_str_op((char *)smartlist_get(reply_strs, 1), OP_EQ, "250 ClientOnly=0"); + tor_free(args); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_clear(reply_strs); + + done: + tor_free(conn.current_cmd); + tor_free(args); + UNMOCK(control_write_reply); + SMARTLIST_FOREACH(reply_strs, char *, p, tor_free(p)); + smartlist_free(reply_strs); +} + +#ifndef COCCI +#define PARSER_TEST(type) \ + { "parse/" #type, test_controller_parse_cmd, 0, &passthrough_setup, \ + (void*)&parse_ ## type ## _params } +#endif + struct testcase_t controller_tests[] = { + PARSER_TEST(one_to_three), + PARSER_TEST(no_args_one_obj), + PARSER_TEST(no_args_kwargs), + PARSER_TEST(one_arg_kwargs), { "add_onion_helper_keyarg_v2", test_add_onion_helper_keyarg_v2, 0, NULL, NULL }, { "add_onion_helper_keyarg_v3", test_add_onion_helper_keyarg_v3, 0, @@ -1626,11 +2134,17 @@ struct testcase_t controller_tests[] = { NULL }, { "download_status_consensus", test_download_status_consensus, 0, NULL, NULL }, + {"getinfo_helper_current_consensus_from_cache", + test_getinfo_helper_current_consensus_from_cache, 0, NULL, NULL }, + {"getinfo_helper_current_consensus_from_file", + test_getinfo_helper_current_consensus_from_file, 0, NULL, NULL }, { "download_status_cert", test_download_status_cert, 0, NULL, NULL }, { "download_status_desc", test_download_status_desc, 0, NULL, NULL }, { "download_status_bridge", test_download_status_bridge, 0, NULL, NULL }, { "current_time", test_current_time, 0, NULL, NULL }, { "getinfo_md_all", test_getinfo_md_all, 0, NULL, NULL }, + { "control_reply", test_control_reply, 0, NULL, NULL }, + { "control_getconf", test_control_getconf, 0, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_controller_events.c b/src/test/test_controller_events.c index 70d36e53d4..60dfbd630a 100644 --- a/src/test/test_controller_events.c +++ b/src/test/test_controller_events.c @@ -1,19 +1,30 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONNECTION_PRIVATE -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define CONTROL_PRIVATE +#define CONTROL_EVENTS_PRIVATE +#define OCIRC_EVENT_PRIVATE +#define ORCONN_EVENT_PRIVATE +#include "app/main/subsysmgr.h" #include "core/or/or.h" #include "core/or/channel.h" #include "core/or/channeltls.h" #include "core/or/circuitlist.h" +#include "core/or/ocirc_event.h" +#include "core/or/orconn_event.h" #include "core/mainloop/connection.h" -#include "feature/control/control.h" +#include "feature/control/control_events.h" +#include "feature/control/control_fmt.h" #include "test/test.h" +#include "test/test_helpers.h" +#include "test/log_test_helpers.h" +#include "core/or/entry_connection_st.h" #include "core/or/or_circuit_st.h" #include "core/or/origin_circuit_st.h" +#include "core/or/socks_request_st.h" static void add_testing_cell_stats_entry(circuit_t *circ, uint8_t command, @@ -351,10 +362,10 @@ test_cntev_dirboot_defer_desc(void *arg) /* This event should get deferred */ control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0); assert_bootmsg("0 TAG=starting"); - control_event_bootstrap(BOOTSTRAP_STATUS_CONN_DIR, 0); - assert_bootmsg("5 TAG=conn_dir"); + control_event_bootstrap(BOOTSTRAP_STATUS_CONN, 0); + assert_bootmsg("5 TAG=conn"); control_event_bootstrap(BOOTSTRAP_STATUS_HANDSHAKE, 0); - assert_bootmsg("10 TAG=handshake_dir"); + assert_bootmsg("14 TAG=handshake"); /* The deferred event should appear */ control_event_boot_first_orconn(); assert_bootmsg("45 TAG=requesting_descriptors"); @@ -374,29 +385,343 @@ test_cntev_dirboot_defer_orconn(void *arg) control_event_bootstrap(BOOTSTRAP_STATUS_STARTING, 0); assert_bootmsg("0 TAG=starting"); /* This event should get deferred */ - control_event_boot_dir(BOOTSTRAP_STATUS_CONN_OR, 0); + control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0); assert_bootmsg("0 TAG=starting"); - control_event_bootstrap(BOOTSTRAP_STATUS_CONN_DIR, 0); - assert_bootmsg("5 TAG=conn_dir"); + control_event_bootstrap(BOOTSTRAP_STATUS_CONN, 0); + assert_bootmsg("5 TAG=conn"); control_event_bootstrap(BOOTSTRAP_STATUS_HANDSHAKE, 0); - assert_bootmsg("10 TAG=handshake_dir"); + assert_bootmsg("14 TAG=handshake"); /* The deferred event should appear */ control_event_boot_first_orconn(); - assert_bootmsg("80 TAG=conn_or"); + assert_bootmsg("75 TAG=enough_dirinfo"); done: tor_free(saved_event_str); UNMOCK(queue_control_event_string); } -#define TEST(name, flags) \ +static void +test_cntev_signal(void *arg) +{ + (void)arg; + int rv; + + MOCK(queue_control_event_string, mock_queue_control_event_string); + + /* Nothing is listening for signals, so no event should be queued. */ + rv = control_event_signal(SIGHUP); + tt_int_op(0, OP_EQ, rv); + tt_ptr_op(saved_event_str, OP_EQ, NULL); + + /* Now try with signals included in the event mask. */ + control_testing_set_global_event_mask(EVENT_MASK_(EVENT_GOT_SIGNAL)); + rv = control_event_signal(SIGHUP); + tt_int_op(0, OP_EQ, rv); + tt_str_op(saved_event_str, OP_EQ, "650 SIGNAL RELOAD\r\n"); + + rv = control_event_signal(SIGACTIVE); + tt_int_op(0, OP_EQ, rv); + tt_str_op(saved_event_str, OP_EQ, "650 SIGNAL ACTIVE\r\n"); + + /* Try a signal that doesn't exist. */ + setup_full_capture_of_logs(LOG_WARN); + tor_free(saved_event_str); + rv = control_event_signal(99999); + tt_int_op(-1, OP_EQ, rv); + tt_ptr_op(saved_event_str, OP_EQ, NULL); + expect_single_log_msg_containing("Unrecognized signal 99999"); + + done: + tor_free(saved_event_str); + teardown_capture_of_logs(); + UNMOCK(queue_control_event_string); +} + +static void +setup_orconn_state(orconn_state_msg_t *msg, uint64_t gid, uint64_t chan, + int proxy_type) +{ + msg->gid = gid; + msg->chan = chan; + msg->proxy_type = proxy_type; +} + +static void +send_orconn_state(const orconn_state_msg_t *msg_in, uint8_t state) +{ + orconn_state_msg_t *msg = tor_malloc(sizeof(*msg)); + + *msg = *msg_in; + msg->state = state; + orconn_state_publish(msg); +} + +static void +send_ocirc_chan(uint32_t gid, uint64_t chan, bool onehop) +{ + ocirc_chan_msg_t *msg = tor_malloc(sizeof(*msg)); + + msg->gid = gid; + msg->chan = chan; + msg->onehop = onehop; + ocirc_chan_publish(msg); +} + +static void +test_cntev_orconn_state(void *arg) +{ + orconn_state_msg_t conn; + memset(&conn, 0, sizeof(conn)); + + (void)arg; + MOCK(queue_control_event_string, mock_queue_control_event_string); + control_testing_set_global_event_mask(EVENT_MASK_(EVENT_STATUS_CLIENT)); + setup_orconn_state(&conn, 1, 1, PROXY_NONE); + + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + send_ocirc_chan(1, 1, true); + assert_bootmsg("5 TAG=conn"); + send_orconn_state(&conn, OR_CONN_STATE_TLS_HANDSHAKING); + assert_bootmsg("10 TAG=conn_done"); + send_orconn_state(&conn, OR_CONN_STATE_OR_HANDSHAKING_V3); + assert_bootmsg("14 TAG=handshake"); + send_orconn_state(&conn, OR_CONN_STATE_OPEN); + assert_bootmsg("15 TAG=handshake_done"); + + conn.gid = 2; + conn.chan = 2; + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + /* It doesn't know it's an origin circuit yet */ + assert_bootmsg("15 TAG=handshake_done"); + send_ocirc_chan(2, 2, false); + assert_bootmsg("80 TAG=ap_conn"); + send_orconn_state(&conn, OR_CONN_STATE_TLS_HANDSHAKING); + assert_bootmsg("85 TAG=ap_conn_done"); + send_orconn_state(&conn, OR_CONN_STATE_OR_HANDSHAKING_V3); + assert_bootmsg("89 TAG=ap_handshake"); + send_orconn_state(&conn, OR_CONN_STATE_OPEN); + assert_bootmsg("90 TAG=ap_handshake_done"); + + done: + tor_free(saved_event_str); + UNMOCK(queue_control_event_string); +} + +static void +test_cntev_orconn_state_pt(void *arg) +{ + orconn_state_msg_t conn; + memset(&conn, 0, sizeof(conn)); + + (void)arg; + MOCK(queue_control_event_string, mock_queue_control_event_string); + control_testing_set_global_event_mask(EVENT_MASK_(EVENT_STATUS_CLIENT)); + setup_orconn_state(&conn, 1, 1, PROXY_PLUGGABLE); + send_ocirc_chan(1, 1, true); + + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + assert_bootmsg("1 TAG=conn_pt"); + send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING); + assert_bootmsg("2 TAG=conn_done_pt"); + send_orconn_state(&conn, OR_CONN_STATE_TLS_HANDSHAKING); + assert_bootmsg("10 TAG=conn_done"); + send_orconn_state(&conn, OR_CONN_STATE_OR_HANDSHAKING_V3); + assert_bootmsg("14 TAG=handshake"); + send_orconn_state(&conn, OR_CONN_STATE_OPEN); + assert_bootmsg("15 TAG=handshake_done"); + + send_ocirc_chan(2, 2, false); + conn.gid = 2; + conn.chan = 2; + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + assert_bootmsg("76 TAG=ap_conn_pt"); + send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING); + assert_bootmsg("77 TAG=ap_conn_done_pt"); + + done: + tor_free(saved_event_str); + UNMOCK(queue_control_event_string); +} + +static void +test_cntev_orconn_state_proxy(void *arg) +{ + orconn_state_msg_t conn; + memset(&conn, 0, sizeof(conn)); + + (void)arg; + MOCK(queue_control_event_string, mock_queue_control_event_string); + control_testing_set_global_event_mask(EVENT_MASK_(EVENT_STATUS_CLIENT)); + setup_orconn_state(&conn, 1, 1, PROXY_CONNECT); + send_ocirc_chan(1, 1, true); + + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + assert_bootmsg("3 TAG=conn_proxy"); + send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING); + assert_bootmsg("4 TAG=conn_done_proxy"); + send_orconn_state(&conn, OR_CONN_STATE_TLS_HANDSHAKING); + assert_bootmsg("10 TAG=conn_done"); + send_orconn_state(&conn, OR_CONN_STATE_OR_HANDSHAKING_V3); + assert_bootmsg("14 TAG=handshake"); + send_orconn_state(&conn, OR_CONN_STATE_OPEN); + assert_bootmsg("15 TAG=handshake_done"); + + send_ocirc_chan(2, 2, false); + conn.gid = 2; + conn.chan = 2; + send_orconn_state(&conn, OR_CONN_STATE_CONNECTING); + assert_bootmsg("78 TAG=ap_conn_proxy"); + send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING); + assert_bootmsg("79 TAG=ap_conn_done_proxy"); + + done: + tor_free(saved_event_str); + UNMOCK(queue_control_event_string); +} + +static void +test_cntev_format_stream(void *arg) +{ + entry_connection_t *ec = NULL; + char *conndesc = NULL; + (void)arg; + + ec = entry_connection_new(CONN_TYPE_AP, AF_INET); + + char *username = tor_strdup("jeremy"); + char *password = tor_strdup("letmein"); + ec->socks_request->username = username; // steal reference + ec->socks_request->usernamelen = strlen(username); + ec->socks_request->password = password; // steal reference + ec->socks_request->passwordlen = strlen(password); + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "SOCKS_USERNAME=\"jeremy\"")); + tt_assert(strstr(conndesc, "SOCKS_PASSWORD=\"letmein\"")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_LISTENER; + ec->socks_request->socks_version = 4; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=SOCKS4")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_LISTENER; + ec->socks_request->socks_version = 5; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=SOCKS5")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_LISTENER; + ec->socks_request->socks_version = 6; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=UNKNOWN")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_TRANS_LISTENER; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=TRANS")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_NATD_LISTENER; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=NATD")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_DNS_LISTENER; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=DNS")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_AP_HTTP_CONNECT_LISTENER; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=HTTPCONNECT")); + tor_free(conndesc); + + ec->socks_request->listener_type = CONN_TYPE_OR; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "CLIENT_PROTOCOL=UNKNOWN")); + tor_free(conndesc); + + ec->nym_epoch = 1337; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "NYM_EPOCH=1337")); + tor_free(conndesc); + + ec->entry_cfg.session_group = 4321; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "SESSION_GROUP=4321")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_DESTPORT; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=DESTPORT")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=DESTPORT,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_DESTADDR; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=DESTADDR")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=DESTADDR,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_SOCKSAUTH; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_CLIENTPROTO; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=CLIENT_PROTOCOL")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=CLIENT_PROTOCOL,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_CLIENTADDR; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=CLIENTADDR")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=CLIENTADDR,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_SESSIONGRP; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=SESSION_GROUP")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=SESSION_GROUP,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_NYM_EPOCH; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, "ISO_FIELDS=NYM_EPOCH")); + tt_assert(!strstr(conndesc, "ISO_FIELDS=NYM_EPOCH,")); + tor_free(conndesc); + + ec->entry_cfg.isolation_flags = ISO_DESTPORT | ISO_SOCKSAUTH | ISO_NYM_EPOCH; + conndesc = entry_connection_describe_status_for_controller(ec); + tt_assert(strstr(conndesc, + "ISO_FIELDS=DESTPORT,SOCKS_USERNAME,SOCKS_PASSWORD,NYM_EPOCH")); + tt_assert(!strstr(conndesc, + "ISO_FIELDS=DESTPORT,SOCKS_USERNAME,SOCKS_PASSWORD,NYM_EPOCH,")); + + done: + tor_free(conndesc); + connection_free_minimal(ENTRY_TO_CONN(ec)); +} + +#define TEST(name, flags) \ { #name, test_cntev_ ## name, flags, 0, NULL } +#define T_PUBSUB(name, setup) \ + { #name, test_cntev_ ## name, TT_FORK, &helper_pubsub_setup, NULL } + struct testcase_t controller_event_tests[] = { TEST(sum_up_cell_stats, TT_FORK), TEST(append_cell_stats, TT_FORK), TEST(format_cell_stats, TT_FORK), TEST(event_mask, TT_FORK), - TEST(dirboot_defer_desc, TT_FORK), - TEST(dirboot_defer_orconn, TT_FORK), + TEST(format_stream, TT_FORK), + TEST(signal, TT_FORK), + T_PUBSUB(dirboot_defer_desc, TT_FORK), + T_PUBSUB(dirboot_defer_orconn, TT_FORK), + T_PUBSUB(orconn_state, TT_FORK), + T_PUBSUB(orconn_state_pt, TT_FORK), + T_PUBSUB(orconn_state_proxy, TT_FORK), END_OF_TESTCASES }; diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index 5af0cce130..0d75a212e9 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -29,10 +29,10 @@ #if defined(ENABLE_OPENSSL) #include "lib/crypt_ops/compat_openssl.h" -DISABLE_GCC_WARNING(redundant-decls) +DISABLE_GCC_WARNING("-Wredundant-decls") #include <openssl/dh.h> -ENABLE_GCC_WARNING(redundant-decls) -#endif +ENABLE_GCC_WARNING("-Wredundant-decls") +#endif /* defined(ENABLE_OPENSSL) */ /** Run unit tests for Diffie-Hellman functionality. */ static void @@ -190,7 +190,7 @@ test_crypto_dh(void *arg) DH_get0_key(dh4, &pk, &sk); #else pk = dh4->pub_key; -#endif +#endif /* defined(OPENSSL_1_1_API) */ tt_assert(pk); tt_int_op(BN_num_bytes(pk), OP_LE, DH1024_KEY_LEN); tt_int_op(BN_num_bytes(pk), OP_GT, 0); @@ -207,7 +207,7 @@ test_crypto_dh(void *arg) tt_int_op(s1len, OP_GT, 0); tt_mem_op(s1, OP_EQ, s2, s1len); } -#endif +#endif /* defined(ENABLE_OPENSSL) */ done: crypto_dh_free(dh1); @@ -219,7 +219,7 @@ test_crypto_dh(void *arg) DH_free(dh4); if (pubkey_tmp) BN_free(pubkey_tmp); -#endif +#endif /* defined(ENABLE_OPENSSL) */ } static void @@ -248,174 +248,12 @@ test_crypto_openssl_version(void *arg) tt_int_op(a, OP_GE, 0); tt_int_op(b, OP_GE, 0); tt_int_op(c, OP_GE, 0); -#endif +#endif /* defined(ENABLE_NSS) */ done: ; } -/** Run unit tests for our random number generation function and its wrappers. - */ -static void -test_crypto_rng(void *arg) -{ - int i, j, allok; - char data1[100], data2[100]; - double d; - char *h=NULL; - - /* Try out RNG. */ - (void)arg; - tt_assert(! crypto_seed_rng()); - crypto_rand(data1, 100); - crypto_rand(data2, 100); - tt_mem_op(data1,OP_NE, data2,100); - allok = 1; - for (i = 0; i < 100; ++i) { - uint64_t big; - char *host; - j = crypto_rand_int(100); - if (j < 0 || j >= 100) - allok = 0; - big = crypto_rand_uint64(UINT64_C(1)<<40); - if (big >= (UINT64_C(1)<<40)) - allok = 0; - big = crypto_rand_uint64(UINT64_C(5)); - if (big >= 5) - allok = 0; - d = crypto_rand_double(); - tt_assert(d >= 0); - tt_assert(d < 1.0); - host = crypto_random_hostname(3,8,"www.",".onion"); - if (strcmpstart(host,"www.") || - strcmpend(host,".onion") || - strlen(host) < 13 || - strlen(host) > 18) - allok = 0; - tor_free(host); - } - - /* Make sure crypto_random_hostname clips its inputs properly. */ - h = crypto_random_hostname(20000, 9000, "www.", ".onion"); - tt_assert(! strcmpstart(h,"www.")); - tt_assert(! strcmpend(h,".onion")); - tt_int_op(63+4+6, OP_EQ, strlen(h)); - - tt_assert(allok); - done: - tor_free(h); -} - -static void -test_crypto_rng_range(void *arg) -{ - int got_smallest = 0, got_largest = 0; - int i; - - (void)arg; - for (i = 0; i < 1000; ++i) { - int x = crypto_rand_int_range(5,9); - tt_int_op(x, OP_GE, 5); - tt_int_op(x, OP_LT, 9); - if (x == 5) - got_smallest = 1; - if (x == 8) - got_largest = 1; - } - /* These fail with probability 1/10^603. */ - tt_assert(got_smallest); - tt_assert(got_largest); - - got_smallest = got_largest = 0; - const uint64_t ten_billion = 10 * ((uint64_t)1000000000000); - for (i = 0; i < 1000; ++i) { - uint64_t x = crypto_rand_uint64_range(ten_billion, ten_billion+10); - tt_u64_op(x, OP_GE, ten_billion); - tt_u64_op(x, OP_LT, ten_billion+10); - if (x == ten_billion) - got_smallest = 1; - if (x == ten_billion+9) - got_largest = 1; - } - - tt_assert(got_smallest); - tt_assert(got_largest); - - const time_t now = time(NULL); - for (i = 0; i < 2000; ++i) { - time_t x = crypto_rand_time_range(now, now+60); - tt_i64_op(x, OP_GE, now); - tt_i64_op(x, OP_LT, now+60); - if (x == now) - got_smallest = 1; - if (x == now+59) - got_largest = 1; - } - - tt_assert(got_smallest); - tt_assert(got_largest); - done: - ; -} - -static void -test_crypto_rng_strongest(void *arg) -{ - const char *how = arg; - int broken = 0; - - if (how == NULL) { - ; - } else if (!strcmp(how, "nosyscall")) { - break_strongest_rng_syscall = 1; - } else if (!strcmp(how, "nofallback")) { - break_strongest_rng_fallback = 1; - } else if (!strcmp(how, "broken")) { - broken = break_strongest_rng_syscall = break_strongest_rng_fallback = 1; - } - -#define N 128 - uint8_t combine_and[N]; - uint8_t combine_or[N]; - int i, j; - - memset(combine_and, 0xff, N); - memset(combine_or, 0, N); - - for (i = 0; i < 100; ++i) { /* 2^-100 chances just don't happen. */ - uint8_t output[N]; - memset(output, 0, N); - if (how == NULL) { - /* this one can't fail. */ - crypto_strongest_rand(output, sizeof(output)); - } else { - int r = crypto_strongest_rand_raw(output, sizeof(output)); - if (r == -1) { - if (broken) { - goto done; /* we're fine. */ - } - /* This function is allowed to break, but only if it always breaks. */ - tt_int_op(i, OP_EQ, 0); - tt_skip(); - } else { - tt_assert(! broken); - } - } - for (j = 0; j < N; ++j) { - combine_and[j] &= output[j]; - combine_or[j] |= output[j]; - } - } - - for (j = 0; j < N; ++j) { - tt_int_op(combine_and[j], OP_EQ, 0); - tt_int_op(combine_or[j], OP_EQ, 0xff); - } - done: - ; -#undef N -} - /** Run unit tests for our AES128 functionality */ static void test_crypto_aes128(void *arg) @@ -551,7 +389,7 @@ test_crypto_aes128(void *arg) "\xff\xff\xff\xff\xff\xff\xff\xff" "\xff\xff\xff\xff\xff\xff\xff\xff"); crypto_cipher_crypt_inplace(env1, data2, 64); - tt_assert(tor_mem_is_zero(data2, 64)); + tt_assert(fast_mem_is_zero(data2, 64)); done: tor_free(mem_op_hex_tmp); @@ -1173,13 +1011,19 @@ test_crypto_sha3_xof(void *arg) crypto_xof_free(xof); memset(out, 0, sizeof(out)); + /* Test one-function absorb/squeeze. */ + crypto_xof(out, sizeof(out), msg, sizeof(msg)); + test_memeq_hex(out, squeezed_hex); + memset(out, 0, sizeof(out)); + /* Test incremental absorb/squeeze. */ xof = crypto_xof_new(); tt_assert(xof); for (size_t i = 0; i < sizeof(msg); i++) crypto_xof_add_bytes(xof, msg + i, 1); - for (size_t i = 0; i < sizeof(out); i++) + for (size_t i = 0; i < sizeof(out); i++) { crypto_xof_squeeze_bytes(xof, out + i, 1); + } test_memeq_hex(out, squeezed_hex); done: @@ -1903,13 +1747,13 @@ test_crypto_base32_decode(void *arg) /* Encode and decode a random string. */ base32_encode(encoded, 96 + 1, plain, 60); res = base32_decode(decoded, 60, encoded, 96); - tt_int_op(res,OP_EQ, 0); + tt_int_op(res, OP_EQ, 60); tt_mem_op(plain,OP_EQ, decoded, 60); /* Encode, uppercase, and decode a random string. */ base32_encode(encoded, 96 + 1, plain, 60); tor_strupper(encoded); res = base32_decode(decoded, 60, encoded, 96); - tt_int_op(res,OP_EQ, 0); + tt_int_op(res, OP_EQ, 60); tt_mem_op(plain,OP_EQ, decoded, 60); /* Change encoded string and decode. */ if (encoded[0] == 'A' || encoded[0] == 'a') @@ -1917,12 +1761,12 @@ test_crypto_base32_decode(void *arg) else encoded[0] = 'A'; res = base32_decode(decoded, 60, encoded, 96); - tt_int_op(res,OP_EQ, 0); + tt_int_op(res, OP_EQ, 60); tt_mem_op(plain,OP_NE, decoded, 60); /* Bad encodings. */ encoded[0] = '!'; res = base32_decode(decoded, 60, encoded, 96); - tt_int_op(0, OP_GT, res); + tt_int_op(res, OP_LT, 0); done: ; @@ -2117,7 +1961,7 @@ test_crypto_curve25519_impl(void *arg) "e0544770bc7de853b38f9100489e3e79"; const char e1e2k_expected[] = "cd6e8269104eb5aaee886bd2071fba88" "bd13861475516bc2cd2b6e005e805064"; -#else /* !(defined(SLOW_CURVE25519_TEST)) */ +#else /* !defined(SLOW_CURVE25519_TEST) */ const int loop_max=200; const char e1_expected[] = "bc7112cde03f97ef7008cad1bdc56be3" "c6a1037d74cceb3712e9206871dcf654"; @@ -2269,7 +2113,7 @@ test_crypto_curve25519_encode(void *arg) curve25519_secret_key_generate(&seckey, 0); curve25519_public_key_generate(&key1, &seckey); - tt_int_op(0, OP_EQ, curve25519_public_to_base64(buf, &key1)); + curve25519_public_to_base64(buf, &key1); tt_int_op(CURVE25519_BASE64_PADDED_LEN, OP_EQ, strlen(buf)); tt_int_op(0, OP_EQ, curve25519_public_from_base64(&key2, buf)); @@ -2328,7 +2172,7 @@ test_crypto_curve25519_persist(void *arg) tt_u64_op((uint64_t)st.st_size, OP_EQ, 32+CURVE25519_PUBKEY_LEN+CURVE25519_SECKEY_LEN); tt_assert(fast_memeq(content, "== c25519v1: testing ==", taglen)); - tt_assert(tor_mem_is_zero(content+taglen, 32-taglen)); + tt_assert(fast_mem_is_zero(content+taglen, 32-taglen)); cp = content + 32; tt_mem_op(keypair.seckey.secret_key,OP_EQ, cp, @@ -2649,13 +2493,13 @@ test_crypto_ed25519_encode(void *arg) /* Test roundtrip. */ tt_int_op(0, OP_EQ, ed25519_keypair_generate(&kp, 0)); - tt_int_op(0, OP_EQ, ed25519_public_to_base64(buf, &kp.pubkey)); + ed25519_public_to_base64(buf, &kp.pubkey); tt_int_op(ED25519_BASE64_LEN, OP_EQ, strlen(buf)); tt_int_op(0, OP_EQ, ed25519_public_from_base64(&pk, buf)); tt_mem_op(kp.pubkey.pubkey, OP_EQ, pk.pubkey, ED25519_PUBKEY_LEN); tt_int_op(0, OP_EQ, ed25519_sign(&sig1, (const uint8_t*)"ABC", 3, &kp)); - tt_int_op(0, OP_EQ, ed25519_signature_to_base64(buf, &sig1)); + ed25519_signature_to_base64(buf, &sig1); tt_int_op(0, OP_EQ, ed25519_signature_from_base64(&sig2, buf)); tt_mem_op(sig1.sig, OP_EQ, sig2.sig, ED25519_SIG_LEN); @@ -3165,6 +3009,7 @@ test_crypto_failure_modes(void *arg) ; } +#ifndef COCCI #define CRYPTO_LEGACY(name) \ { #name, test_crypto_ ## name , 0, NULL, NULL } @@ -3175,18 +3020,10 @@ test_crypto_failure_modes(void *arg) #define ED25519_TEST(name, fl) \ ED25519_TEST_ONE(name, (fl), "donna"), \ ED25519_TEST_ONE(name, (fl), "ref10") +#endif /* !defined(COCCI) */ struct testcase_t crypto_tests[] = { CRYPTO_LEGACY(formats), - CRYPTO_LEGACY(rng), - { "rng_range", test_crypto_rng_range, 0, NULL, NULL }, - { "rng_strongest", test_crypto_rng_strongest, TT_FORK, NULL, NULL }, - { "rng_strongest_nosyscall", test_crypto_rng_strongest, TT_FORK, - &passthrough_setup, (void*)"nosyscall" }, - { "rng_strongest_nofallback", test_crypto_rng_strongest, TT_FORK, - &passthrough_setup, (void*)"nofallback" }, - { "rng_strongest_broken", test_crypto_rng_strongest, TT_FORK, - &passthrough_setup, (void*)"broken" }, { "openssl_version", test_crypto_openssl_version, TT_FORK, NULL, NULL }, { "aes_AES", test_crypto_aes128, TT_FORK, &passthrough_setup, (void*)"aes" }, { "aes_EVP", test_crypto_aes128, TT_FORK, &passthrough_setup, (void*)"evp" }, diff --git a/src/test/test_crypto_ope.c b/src/test/test_crypto_ope.c index dc67c02676..119ebc114a 100644 --- a/src/test/test_crypto_ope.c +++ b/src/test/test_crypto_ope.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_crypto_openssl.c b/src/test/test_crypto_openssl.c index 42dc3f6be2..989f4a56ca 100644 --- a/src/test/test_crypto_openssl.c +++ b/src/test/test_crypto_openssl.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_crypto_rng.c b/src/test/test_crypto_rng.c new file mode 100644 index 0000000000..b0dc4c117c --- /dev/null +++ b/src/test/test_crypto_rng.c @@ -0,0 +1,332 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" +#define CRYPTO_RAND_PRIVATE +#include "core/or/or.h" +#include "test/test.h" +#include "lib/crypt_ops/aes.h" +#include "lib/crypt_ops/crypto_format.h" +#include "lib/crypt_ops/crypto_rand.h" + +/** Run unit tests for our random number generation function and its wrappers. + */ +static void +test_crypto_rng(void *arg) +{ + int i, j, allok; + char data1[100], data2[100]; + double d; + char *h=NULL; + + /* Try out RNG. */ + (void)arg; + tt_assert(! crypto_seed_rng()); + crypto_rand(data1, 100); + crypto_rand(data2, 100); + tt_mem_op(data1,OP_NE, data2,100); + allok = 1; + for (i = 0; i < 100; ++i) { + uint64_t big; + char *host; + j = crypto_rand_int(100); + if (j < 0 || j >= 100) + allok = 0; + big = crypto_rand_uint64(UINT64_C(1)<<40); + if (big >= (UINT64_C(1)<<40)) + allok = 0; + big = crypto_rand_uint64(UINT64_C(5)); + if (big >= 5) + allok = 0; + d = crypto_rand_double(); + tt_assert(d >= 0); + tt_assert(d < 1.0); + host = crypto_random_hostname(3,8,"www.",".onion"); + if (strcmpstart(host,"www.") || + strcmpend(host,".onion") || + strlen(host) < 13 || + strlen(host) > 18) + allok = 0; + tor_free(host); + } + + /* Make sure crypto_random_hostname clips its inputs properly. */ + h = crypto_random_hostname(20000, 9000, "www.", ".onion"); + tt_assert(! strcmpstart(h,"www.")); + tt_assert(! strcmpend(h,".onion")); + tt_int_op(63+4+6, OP_EQ, strlen(h)); + + tt_assert(allok); + done: + tor_free(h); +} + +static void +test_crypto_rng_range(void *arg) +{ + int got_smallest = 0, got_largest = 0; + int i; + + (void)arg; + for (i = 0; i < 1000; ++i) { + int x = crypto_rand_int_range(5,9); + tt_int_op(x, OP_GE, 5); + tt_int_op(x, OP_LT, 9); + if (x == 5) + got_smallest = 1; + if (x == 8) + got_largest = 1; + } + /* These fail with probability 1/10^603. */ + tt_assert(got_smallest); + tt_assert(got_largest); + + got_smallest = got_largest = 0; + const uint64_t ten_billion = 10 * ((uint64_t)1000000000000); + for (i = 0; i < 1000; ++i) { + uint64_t x = crypto_rand_uint64_range(ten_billion, ten_billion+10); + tt_u64_op(x, OP_GE, ten_billion); + tt_u64_op(x, OP_LT, ten_billion+10); + if (x == ten_billion) + got_smallest = 1; + if (x == ten_billion+9) + got_largest = 1; + } + + tt_assert(got_smallest); + tt_assert(got_largest); + + const time_t now = time(NULL); + for (i = 0; i < 2000; ++i) { + time_t x = crypto_rand_time_range(now, now+60); + tt_i64_op(x, OP_GE, now); + tt_i64_op(x, OP_LT, now+60); + if (x == now) + got_smallest = 1; + if (x == now+59) + got_largest = 1; + } + + tt_assert(got_smallest); + tt_assert(got_largest); + done: + ; +} + +static void +test_crypto_rng_strongest(void *arg) +{ + const char *how = arg; + int broken = 0; + + if (how == NULL) { + ; + } else if (!strcmp(how, "nosyscall")) { + break_strongest_rng_syscall = 1; + } else if (!strcmp(how, "nofallback")) { + break_strongest_rng_fallback = 1; + } else if (!strcmp(how, "broken")) { + broken = break_strongest_rng_syscall = break_strongest_rng_fallback = 1; + } + +#define N 128 + uint8_t combine_and[N]; + uint8_t combine_or[N]; + int i, j; + + memset(combine_and, 0xff, N); + memset(combine_or, 0, N); + + for (i = 0; i < 100; ++i) { /* 2^-100 chances just don't happen. */ + uint8_t output[N]; + memset(output, 0, N); + if (how == NULL) { + /* this one can't fail. */ + crypto_strongest_rand(output, sizeof(output)); + } else { + int r = crypto_strongest_rand_raw(output, sizeof(output)); + if (r == -1) { + if (broken) { + goto done; /* we're fine. */ + } + /* This function is allowed to break, but only if it always breaks. */ + tt_int_op(i, OP_EQ, 0); + tt_skip(); + } else { + tt_assert(! broken); + } + } + for (j = 0; j < N; ++j) { + combine_and[j] &= output[j]; + combine_or[j] |= output[j]; + } + } + + for (j = 0; j < N; ++j) { + tt_int_op(combine_and[j], OP_EQ, 0); + tt_int_op(combine_or[j], OP_EQ, 0xff); + } + done: + ; +#undef N +} + +static void +test_crypto_rng_fast(void *arg) +{ + (void)arg; + crypto_fast_rng_t *rng = crypto_fast_rng_new(); + tt_assert(rng); + + /* Rudimentary black-block test to make sure that our prng outputs + * have all bits sometimes on and all bits sometimes off. */ + uint64_t m1 = 0, m2 = ~(uint64_t)0; + const int N = 128; + + for (int i=0; i < N; ++i) { + uint64_t v; + crypto_fast_rng_getbytes(rng, (void*)&v, sizeof(v)); + m1 |= v; + m2 &= v; + } + + tt_u64_op(m1, OP_EQ, ~(uint64_t)0); + tt_u64_op(m2, OP_EQ, 0); + + /* Check range functions. */ + int counts[5]; + memset(counts, 0, sizeof(counts)); + for (int i=0; i < N; ++i) { + unsigned u = crypto_fast_rng_get_uint(rng, 5); + tt_int_op(u, OP_GE, 0); + tt_int_op(u, OP_LT, 5); + counts[u]++; + + uint64_t u64 = crypto_fast_rng_get_uint64(rng, UINT64_C(1)<<40); + tt_u64_op(u64, OP_GE, 0); + tt_u64_op(u64, OP_LT, UINT64_C(1)<<40); + + double d = crypto_fast_rng_get_double(rng); + tt_assert(d >= 0.0); + tt_assert(d < 1.0); + } + + /* All values should have come up once. */ + for (int i=0; i<5; ++i) { + tt_int_op(counts[i], OP_GT, 0); + } + + /* per-thread rand_fast shouldn't crash or leak. */ + crypto_fast_rng_t *t_rng = get_thread_fast_rng(); + for (int i = 0; i < N; ++i) { + uint64_t u64 = crypto_fast_rng_get_uint64(t_rng, UINT64_C(1)<<40); + tt_u64_op(u64, OP_GE, 0); + tt_u64_op(u64, OP_LT, UINT64_C(1)<<40); + } + + done: + crypto_fast_rng_free(rng); +} + +static void +test_crypto_rng_fast_whitebox(void *arg) +{ + (void)arg; + const size_t buflen = crypto_fast_rng_get_bytes_used_per_stream(); + char *buf = tor_malloc_zero(buflen); + char *buf2 = tor_malloc_zero(buflen); + char *buf3 = NULL, *buf4 = NULL; + + crypto_cipher_t *cipher = NULL, *cipher2 = NULL; + uint8_t seed[CRYPTO_FAST_RNG_SEED_LEN]; + memset(seed, 0, sizeof(seed)); + + /* Start with a prng with zero key and zero IV. */ + crypto_fast_rng_t *rng = crypto_fast_rng_new_from_seed(seed); + tt_assert(rng); + + /* We'll use a stream cipher to keep in sync */ + cipher = crypto_cipher_new_with_iv_and_bits(seed, seed+32, 256); + + /* The first 48 bytes are used for the next seed -- let's make sure we have + * them. + */ + memset(seed, 0, sizeof(seed)); + crypto_cipher_crypt_inplace(cipher, (char*)seed, sizeof(seed)); + + /* if we get 128 bytes, they should match the bytes from the aes256-counter + * stream, starting at position 48. + */ + crypto_fast_rng_getbytes(rng, (uint8_t*)buf, 128); + memset(buf2, 0, 128); + crypto_cipher_crypt_inplace(cipher, buf2, 128); + tt_mem_op(buf, OP_EQ, buf2, 128); + + /* Try that again, with an odd number of bytes. */ + crypto_fast_rng_getbytes(rng, (uint8_t*)buf, 199); + memset(buf2, 0, 199); + crypto_cipher_crypt_inplace(cipher, buf2, 199); + tt_mem_op(buf, OP_EQ, buf2, 199); + + /* Make sure that refilling works as expected: skip all but the last 5 bytes + * of this steam. */ + size_t skip = buflen - (199+128) - 5; + crypto_fast_rng_getbytes(rng, (uint8_t*)buf, skip); + crypto_cipher_crypt_inplace(cipher, buf2, skip); + + /* Now get the next 128 bytes. The first 5 will come from this stream, and + * the next 5 will come from the stream keyed by the new value of 'seed'. */ + crypto_fast_rng_getbytes(rng, (uint8_t*)buf, 128); + memset(buf2, 0, 128); + crypto_cipher_crypt_inplace(cipher, buf2, 5); + crypto_cipher_free(cipher); + cipher = crypto_cipher_new_with_iv_and_bits(seed, seed+32, 256); + memset(seed, 0, sizeof(seed)); + crypto_cipher_crypt_inplace(cipher, (char*)seed, sizeof(seed)); + crypto_cipher_crypt_inplace(cipher, buf2+5, 128-5); + tt_mem_op(buf, OP_EQ, buf2, 128); + + /* And check the next 7 bytes to make sure we didn't discard anything. */ + crypto_fast_rng_getbytes(rng, (uint8_t*)buf, 7); + memset(buf2, 0, 7); + crypto_cipher_crypt_inplace(cipher, buf2, 7); + tt_mem_op(buf, OP_EQ, buf2, 7); + + /* Now try the optimization for long outputs. */ + buf3 = tor_malloc(65536); + crypto_fast_rng_getbytes(rng, (uint8_t*)buf3, 65536); + + buf4 = tor_malloc_zero(65536); + uint8_t seed2[CRYPTO_FAST_RNG_SEED_LEN]; + memset(seed2, 0, sizeof(seed2)); + crypto_cipher_crypt_inplace(cipher, (char*)seed2, sizeof(seed2)); + cipher2 = crypto_cipher_new_with_iv_and_bits(seed2, seed2+32, 256); + crypto_cipher_crypt_inplace(cipher2, buf4, 65536); + tt_mem_op(buf3, OP_EQ, buf4, 65536); + + done: + crypto_fast_rng_free(rng); + crypto_cipher_free(cipher); + crypto_cipher_free(cipher2); + tor_free(buf); + tor_free(buf2); + tor_free(buf3); + tor_free(buf4); +} + +struct testcase_t crypto_rng_tests[] = { + { "rng", test_crypto_rng, 0, NULL, NULL }, + { "rng_range", test_crypto_rng_range, 0, NULL, NULL }, + { "rng_strongest", test_crypto_rng_strongest, TT_FORK, NULL, NULL }, + { "rng_strongest_nosyscall", test_crypto_rng_strongest, TT_FORK, + &passthrough_setup, (void*)"nosyscall" }, + { "rng_strongest_nofallback", test_crypto_rng_strongest, TT_FORK, + &passthrough_setup, (void*)"nofallback" }, + { "rng_strongest_broken", test_crypto_rng_strongest, TT_FORK, + &passthrough_setup, (void*)"broken" }, + { "fast", test_crypto_rng_fast, 0, NULL, NULL }, + { "fast_whitebox", test_crypto_rng_fast_whitebox, 0, NULL, NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c index e24aee8930..1702427b08 100644 --- a/src/test/test_crypto_slow.c +++ b/src/test/test_crypto_slow.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -109,7 +109,7 @@ run_s2k_tests(const unsigned flags, const unsigned type, secret_to_key_derivekey(buf3, sizeof(buf3), buf, speclen, pw1, strlen(pw1))); tt_mem_op(buf2, OP_EQ, buf3, sizeof(buf3)); - tt_assert(!tor_mem_is_zero((char*)buf2+keylen, sizeof(buf2)-keylen)); + tt_assert(!fast_mem_is_zero((char*)buf2+keylen, sizeof(buf2)-keylen)); done: ; @@ -342,7 +342,7 @@ test_crypto_scrypt_vectors(void *arg) #endif /* Test vectors from - http://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00 section 11. + https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00 section 11. Note that the names of 'r' and 'N' are switched in that section. Or possibly in libscrypt. @@ -584,6 +584,7 @@ test_crypto_ed25519_fuzz_donna(void *arg) ; } +#ifndef COCCI #define CRYPTO_LEGACY(name) \ { #name, test_crypto_ ## name , 0, NULL, NULL } @@ -594,6 +595,7 @@ test_crypto_ed25519_fuzz_donna(void *arg) #define ED25519_TEST(name, fl) \ ED25519_TEST_ONE(name, (fl), "donna"), \ ED25519_TEST_ONE(name, (fl), "ref10") +#endif /* !defined(COCCI) */ struct testcase_t slow_crypto_tests[] = { CRYPTO_LEGACY(s2k_rfc2440), diff --git a/src/test/test_data.c b/src/test/test_data.c index fe1190ea77..30c14fcfff 100644 --- a/src/test/test_data.c +++ b/src/test/test_data.c @@ -1,6 +1,6 @@ /* Copyright 2001-2004 Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "test/test.h" diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 0e44c47f3f..3a0b8237cb 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -8,10 +8,10 @@ #define BWAUTH_PRIVATE #define CONFIG_PRIVATE -#define CONTROL_PRIVATE +#define CONTROL_GETINFO_PRIVATE +#define DIRAUTH_SYS_PRIVATE #define DIRCACHE_PRIVATE #define DIRCLIENT_PRIVATE -#define DIRSERV_PRIVATE #define DIRVOTE_PRIVATE #define DLSTATUS_PRIVATE #define HIBERNATE_PRIVATE @@ -26,14 +26,15 @@ #include "core/or/or.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" #include "core/mainloop/connection.h" #include "core/or/relay.h" #include "core/or/versions.h" #include "feature/client/bridges.h" #include "feature/client/entrynodes.h" -#include "feature/control/control.h" +#include "feature/control/control_getinfo.h" #include "feature/dirauth/bwauth.h" +#include "feature/dirauth/dirauth_sys.h" #include "feature/dirauth/dirvote.h" #include "feature/dirauth/dsigs_parse.h" #include "feature/dirauth/process_descs.h" @@ -46,10 +47,11 @@ #include "feature/dirclient/dlstatus.h" #include "feature/dircommon/directory.h" #include "feature/dircommon/fp_pair.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/hibernate/hibernate.h" #include "feature/nodelist/authcert.h" #include "feature/nodelist/dirlist.h" +#include "feature/nodelist/microdesc.h" #include "feature/nodelist/networkstatus.h" #include "feature/nodelist/nickname.h" #include "feature/nodelist/node_select.h" @@ -71,13 +73,16 @@ #include "lib/memarea/memarea.h" #include "lib/osinfo/uname.h" #include "test/log_test_helpers.h" +#include "test/opts_test_helpers.h" #include "test/test.h" #include "test/test_dir_common.h" #include "core/or/addr_policy_st.h" +#include "feature/dirauth/dirauth_options_st.h" #include "feature/nodelist/authority_cert_st.h" #include "feature/nodelist/document_signature_st.h" #include "feature/nodelist/extrainfo_st.h" +#include "feature/nodelist/microdesc_st.h" #include "feature/nodelist/networkstatus_st.h" #include "feature/nodelist/networkstatus_voter_info_st.h" #include "feature/dirauth/ns_detached_signatures_st.h" @@ -91,8 +96,26 @@ #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> #endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif -#define NS_MODULE dir +static networkstatus_t * +networkstatus_parse_vote_from_string_(const char *s, + const char **eos_out, + enum networkstatus_type_t ns_type) +{ + size_t len = strlen(s); + // memdup so that it won't be nul-terminated. + char *tmp = tor_memdup(s, len); + networkstatus_t *result = + networkstatus_parse_vote_from_string(tmp, len, eos_out, ns_type); + if (eos_out && *eos_out) { + *eos_out = s + (*eos_out - tmp); + } + tor_free(tmp); + return result; +} static void test_dir_nicknames(void *arg) @@ -142,6 +165,269 @@ test_dir_nicknames(void *arg) ; } +/* Allocate and return a new routerinfo, with the fields set from the + * arguments to this function. + * + * Also sets: + * - random RSA identity and onion keys, + * - the platform field using get_platform_str(), and + * - supports_tunnelled_dir_requests to 1. + * + * If rsa_onion_keypair_out is not NULL, it is set to the onion keypair. + * The caller must free this keypair. + */ +static routerinfo_t * +basic_routerinfo_new(const char *nickname, uint32_t ipv4_addr, + uint16_t or_port, uint16_t dir_port, + uint32_t bandwidthrate, uint32_t bandwidthburst, + uint32_t bandwidthcapacity, + time_t published_on, + crypto_pk_t **rsa_onion_keypair_out) +{ + char platform[256]; + + tor_assert(nickname); + + crypto_pk_t *pk1 = NULL, *pk2 = NULL; + /* These keys are random: idx is ignored. */ + pk1 = pk_generate(0); + pk2 = pk_generate(1); + + tor_assert(pk1); + tor_assert(pk2); + + get_platform_str(platform, sizeof(platform)); + + routerinfo_t *r1 = tor_malloc_zero(sizeof(routerinfo_t)); + + r1->nickname = tor_strdup(nickname); + r1->platform = tor_strdup(platform); + + r1->addr = ipv4_addr; + r1->or_port = or_port; + r1->dir_port = dir_port; + r1->supports_tunnelled_dir_requests = 1; + + router_set_rsa_onion_pkey(pk1, &r1->onion_pkey, &r1->onion_pkey_len); + r1->identity_pkey = pk2; + + r1->bandwidthrate = bandwidthrate; + r1->bandwidthburst = bandwidthburst; + r1->bandwidthcapacity = bandwidthcapacity; + + r1->cache_info.published_on = published_on; + + if (rsa_onion_keypair_out) { + *rsa_onion_keypair_out = pk1; + } else { + crypto_pk_free(pk1); + } + + return r1; +} + +/* Allocate and return a new string containing a "router" line for r1. */ +static char * +get_new_router_line(const routerinfo_t *r1) +{ + char *line = NULL; + + tor_assert(r1); + + tor_asprintf(&line, + "router %s %s %d 0 %d\n", + r1->nickname, fmt_addr32(r1->addr), + r1->or_port, r1->dir_port); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing a "platform" line for the + * current Tor version and OS. */ +static char * +get_new_platform_line(void) +{ + char *line = NULL; + + tor_asprintf(&line, + "platform Tor %s on %s\n", + VERSION, get_uname()); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing a "published" line for r1. + * r1->cache_info.published_on must be between 0 and 59 seconds. */ +static char * +get_new_published_line(const routerinfo_t *r1) +{ + char *line = NULL; + + tor_assert(r1); + + tor_assert(r1->cache_info.published_on >= 0); + tor_assert(r1->cache_info.published_on <= 59); + + tor_asprintf(&line, + "published 1970-01-01 00:00:%02u\n", + (unsigned)r1->cache_info.published_on); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing a "fingerprint" line for r1. */ +static char * +get_new_fingerprint_line(const routerinfo_t *r1) +{ + char *line = NULL; + char fingerprint[FINGERPRINT_LEN+1]; + + tor_assert(r1); + + tor_assert(!crypto_pk_get_fingerprint(r1->identity_pkey, fingerprint, 1)); + tor_assert(strlen(fingerprint) > 0); + + tor_asprintf(&line, + "fingerprint %s\n", + fingerprint); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing an "uptime" line with uptime t. + * + * You should pass a hard-coded value to this function, because even if we made + * it reflect uptime, that still wouldn't make it right, because the two + * descriptors might be made on different seconds. + */ +static char * +get_new_uptime_line(time_t t) +{ + char *line = NULL; + + tor_asprintf(&line, + "uptime %u\n", + (unsigned)t); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing an "bandwidth" line for r1. + */ +static char * +get_new_bandwidth_line(const routerinfo_t *r1) +{ + char *line = NULL; + + tor_assert(r1); + + tor_asprintf(&line, + "bandwidth %u %u %u\n", + r1->bandwidthrate, + r1->bandwidthburst, + r1->bandwidthcapacity); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing a key_name block for the + * RSA key pk1. + */ +static char * +get_new_rsa_key_block(const char *key_name, crypto_pk_t *pk1) +{ + char *block = NULL; + char *pk1_str = NULL; + size_t pk1_str_len = 0; + + tor_assert(key_name); + tor_assert(pk1); + + tor_assert(!crypto_pk_write_public_key_to_string(pk1, &pk1_str, + &pk1_str_len)); + tor_assert(pk1_str); + tor_assert(pk1_str_len); + + tor_asprintf(&block, + "%s\n%s", + key_name, + pk1_str); + tor_free(pk1_str); + + tor_assert(block); + return block; +} + +/* Allocate and return a new string containing an "onion-key" block for the + * router r1. + */ +static char * +get_new_onion_key_block(const routerinfo_t *r1) +{ + char *block = NULL; + tor_assert(r1); + crypto_pk_t *pk_tmp = router_get_rsa_onion_pkey(r1->onion_pkey, + r1->onion_pkey_len); + block = get_new_rsa_key_block("onion-key", pk_tmp); + crypto_pk_free(pk_tmp); + return block; +} + +/* Allocate and return a new string containing an "signing-key" block for the + * router r1. + */ +static char * +get_new_signing_key_block(const routerinfo_t *r1) +{ + tor_assert(r1); + return get_new_rsa_key_block("signing-key", r1->identity_pkey); +} + +/* Allocate and return a new string containing an "ntor-onion-key" line for + * the curve25519 public key ntor_onion_pubkey. + */ +static char * +get_new_ntor_onion_key_line(const curve25519_public_key_t *ntor_onion_pubkey) +{ + char *line = NULL; + char cert_buf[256]; + int rv = 0; + + tor_assert(ntor_onion_pubkey); + + rv = base64_encode(cert_buf, sizeof(cert_buf), + (const char*)ntor_onion_pubkey->public_key, 32, + BASE64_ENCODE_MULTILINE); + tor_assert(rv > 0); + tor_assert(strlen(cert_buf) > 0); + + tor_asprintf(&line, + "ntor-onion-key %s", + cert_buf); + tor_assert(line); + + return line; +} + +/* Allocate and return a new string containing a "bridge-distribution-request" + * line for options. + */ +static char * +get_new_bridge_distribution_request_line(const or_options_t *options) +{ + if (options->BridgeRelay) { + return tor_strdup("bridge-distribution-request any\n"); + } else { + return tor_strdup(""); + } +} + static smartlist_t *mocked_configured_ports = NULL; /** Returns mocked_configured_ports */ @@ -151,71 +437,509 @@ mock_get_configured_ports(void) return mocked_configured_ports; } -/** Run unit tests for router descriptor generation logic. */ +static tor_cert_t * +mock_tor_cert_dup_null(const tor_cert_t *cert) +{ + (void)cert; + return NULL; +} + +static crypto_pk_t *mocked_server_identitykey = NULL; + +/* Returns mocked_server_identitykey with no checks. */ +static crypto_pk_t * +mock_get_server_identity_key(void) +{ + return mocked_server_identitykey; +} + +static crypto_pk_t *mocked_onionkey = NULL; + +/* Returns mocked_onionkey with no checks. */ +static crypto_pk_t * +mock_get_onion_key(void) +{ + return mocked_onionkey; +} + +static routerinfo_t *mocked_routerinfo = NULL; + +/* Returns 0 and sets ri_out to mocked_routerinfo. + * ri_out must not be NULL. There are no other checks. */ +static int +mock_router_build_fresh_unsigned_routerinfo(routerinfo_t **ri_out) +{ + tor_assert(ri_out); + *ri_out = mocked_routerinfo; + return 0; +} + +static ed25519_keypair_t *mocked_master_signing_key = NULL; + +/* Returns mocked_master_signing_key with no checks. */ +static const ed25519_keypair_t * +mock_get_master_signing_keypair(void) +{ + return mocked_master_signing_key; +} + +static struct tor_cert_st *mocked_signing_key_cert = NULL; + +/* Returns mocked_signing_key_cert with no checks. */ +static const struct tor_cert_st * +mock_get_master_signing_key_cert(void) +{ + return mocked_signing_key_cert; +} + +static curve25519_keypair_t *mocked_curve25519_onion_key = NULL; + +/* Returns mocked_curve25519_onion_key with no checks. */ +static const curve25519_keypair_t * +mock_get_current_curve25519_keypair(void) +{ + return mocked_curve25519_onion_key; +} + +/* Unmock get_configured_ports() and free mocked_configured_ports. */ static void -test_dir_formats(void *arg) +cleanup_mock_configured_ports(void) +{ + UNMOCK(get_configured_ports); + + if (mocked_configured_ports) { + SMARTLIST_FOREACH(mocked_configured_ports, port_cfg_t *, p, tor_free(p)); + smartlist_free(mocked_configured_ports); + } +} + +/* Mock get_configured_ports() with a list containing or_port and dir_port. + * If a port is 0, don't set it. + * Only sets the minimal data required for the tests to pass. */ +static void +setup_mock_configured_ports(uint16_t or_port, uint16_t dir_port) +{ + cleanup_mock_configured_ports(); + + /* Fake just enough of an ORPort and DirPort to get by */ + MOCK(get_configured_ports, mock_get_configured_ports); + mocked_configured_ports = smartlist_new(); + + if (or_port) { + port_cfg_t *or_port_cfg = tor_malloc_zero(sizeof(*or_port_cfg)); + or_port_cfg->type = CONN_TYPE_OR_LISTENER; + or_port_cfg->addr.family = AF_INET; + or_port_cfg->port = or_port; + smartlist_add(mocked_configured_ports, or_port_cfg); + } + + if (dir_port) { + port_cfg_t *dir_port_cfg = tor_malloc_zero(sizeof(*dir_port_cfg)); + dir_port_cfg->type = CONN_TYPE_DIR_LISTENER; + dir_port_cfg->addr.family = AF_INET; + dir_port_cfg->port = dir_port; + smartlist_add(mocked_configured_ports, dir_port_cfg); + } +} + +/* Clean up the data structures and unmock the functions needed for generating + * a fresh descriptor. */ +static void +cleanup_mocks_for_fresh_descriptor(void) +{ + tor_free(get_options_mutable()->Nickname); + + mocked_server_identitykey = NULL; + UNMOCK(get_server_identity_key); + + crypto_pk_free(mocked_onionkey); + UNMOCK(get_onion_key); +} + +/* Mock the data structures and functions needed for generating a fresh + * descriptor. + * + * Sets options->Nickname from r1->nickname. + * Mocks get_server_identity_key() with r1->identity_pkey. + * + * If rsa_onion_keypair is not NULL, it is used to mock get_onion_key(). + * Otherwise, the public key in r1->onion_pkey is used to mock get_onion_key(). + */ +static void +setup_mocks_for_fresh_descriptor(const routerinfo_t *r1, + crypto_pk_t *rsa_onion_keypair) +{ + cleanup_mocks_for_fresh_descriptor(); + + tor_assert(r1); + + /* router_build_fresh_signed_extrainfo() requires options->Nickname */ + get_options_mutable()->Nickname = tor_strdup(r1->nickname); + + /* router_build_fresh_signed_extrainfo() requires get_server_identity_key(). + * Use the same one as the call to router_dump_router_to_string() above. + */ + mocked_server_identitykey = r1->identity_pkey; + MOCK(get_server_identity_key, mock_get_server_identity_key); + + /* router_dump_and_sign_routerinfo_descriptor_body() requires + * get_onion_key(). Use the same one as r1. + */ + if (rsa_onion_keypair) { + mocked_onionkey = crypto_pk_dup_key(rsa_onion_keypair); + } else { + mocked_onionkey = router_get_rsa_onion_pkey(r1->onion_pkey, + r1->onion_pkey_len); + } + MOCK(get_onion_key, mock_get_onion_key); +} + +/* Set options based on arg. + * + * b: BridgeRelay 1 + * e: ExtraInfoStatistics 1 + * s: sets all the individual statistics options to 1 + * + * Always sets AssumeReachable to 1. + * + * Does not set ServerTransportPlugin, because it's parsed before use. + * + * Does not set BridgeRecordUsageByCountry, because the tests don't have access + * to a GeoIPFile or GeoIPv6File. */ +static void +setup_dir_formats_options(const char *arg, or_options_t *options) +{ + /* Skip reachability checks for DirPort, ORPort, and tunnelled-dir-server */ + options->AssumeReachable = 1; + + if (strchr(arg, 'b')) { + options->BridgeRelay = 1; + } + + if (strchr(arg, 'e')) { + options->ExtraInfoStatistics = 1; + } + + if (strchr(arg, 's')) { + options->DirReqStatistics = 1; + options->HiddenServiceStatistics = 1; + options->EntryStatistics = 1; + options->CellStatistics = 1; + options->ExitPortStatistics = 1; + options->ConnDirectionStatistics = 1; + options->PaddingStatistics = 1; + } +} + +/* Check that routerinfos r1 and rp1 are consistent. + * Only performs some basic checks. + */ +#define CHECK_ROUTERINFO_CONSISTENCY(r1, rp1) \ +STMT_BEGIN \ + tt_assert(r1); \ + tt_assert(rp1); \ + tt_int_op(rp1->addr,OP_EQ, r1->addr); \ + tt_int_op(rp1->or_port,OP_EQ, r1->or_port); \ + tt_int_op(rp1->dir_port,OP_EQ, r1->dir_port); \ + tt_int_op(rp1->bandwidthrate,OP_EQ, r1->bandwidthrate); \ + tt_int_op(rp1->bandwidthburst,OP_EQ, r1->bandwidthburst); \ + tt_int_op(rp1->bandwidthcapacity,OP_EQ, r1->bandwidthcapacity); \ + crypto_pk_t *rp1_onion_pkey = router_get_rsa_onion_pkey(rp1->onion_pkey, \ + rp1->onion_pkey_len); \ + crypto_pk_t *r1_onion_pkey = router_get_rsa_onion_pkey(r1->onion_pkey, \ + r1->onion_pkey_len); \ + tt_int_op(crypto_pk_cmp_keys(rp1_onion_pkey, r1_onion_pkey), OP_EQ, 0); \ + crypto_pk_free(rp1_onion_pkey); \ + crypto_pk_free(r1_onion_pkey); \ + tt_int_op(crypto_pk_cmp_keys(rp1->identity_pkey, r1->identity_pkey), \ + OP_EQ, 0); \ + tt_int_op(rp1->supports_tunnelled_dir_requests, OP_EQ, \ + r1->supports_tunnelled_dir_requests); \ +STMT_END + +/* Check that routerinfo r1 and extrainfo e1 are consistent. + * Only performs some basic checks. + */ +#define CHECK_EXTRAINFO_CONSISTENCY(r1, e1) \ +STMT_BEGIN \ + tt_assert(r1); \ + tt_assert(e1); \ +\ + tt_str_op(e1->nickname, OP_EQ, r1->nickname); \ +STMT_END + +/** Run unit tests for router descriptor generation logic for a RSA-only + * router. Tor versions without ed25519 (0.2.6 and earlier) are no longer + * officially supported, but the authorities still accept their descriptors. + */ +static void +test_dir_formats_rsa(void *arg) { char *buf = NULL; - char buf2[8192]; - char platform[256]; - char fingerprint[FINGERPRINT_LEN+1]; - char *pk1_str = NULL, *pk2_str = NULL, *cp; - size_t pk1_str_len, pk2_str_len; - routerinfo_t *r1=NULL, *r2=NULL; - crypto_pk_t *pk1 = NULL, *pk2 = NULL; - routerinfo_t *rp1 = NULL, *rp2 = NULL; - addr_policy_t *ex1, *ex2; - routerlist_t *dir1 = NULL, *dir2 = NULL; + char *buf2 = NULL; + char *cp = NULL; + uint8_t *rsa_cc = NULL; - or_options_t *options = get_options_mutable(); - const addr_policy_t *p; - time_t now = time(NULL); - port_cfg_t orport, dirport; - char cert_buf[256]; - (void)arg; - pk1 = pk_generate(0); - pk2 = pk_generate(1); + routerinfo_t *r1 = NULL; + extrainfo_t *e1 = NULL; + routerinfo_t *rp1 = NULL; + extrainfo_t *ep1 = NULL; - tt_assert(pk1 && pk2); + smartlist_t *chunks = NULL; + const char *msg = NULL; + int rv = -1; + + or_options_t *options = get_options_mutable(); + setup_dir_formats_options((const char *)arg, options); hibernate_set_state_for_testing_(HIBERNATE_STATE_LIVE); - get_platform_str(platform, sizeof(platform)); - r1 = tor_malloc_zero(sizeof(routerinfo_t)); - r1->addr = 0xc0a80001u; /* 192.168.0.1 */ - r1->cache_info.published_on = 0; - r1->or_port = 9000; - r1->dir_port = 9003; - r1->supports_tunnelled_dir_requests = 1; - tor_addr_parse(&r1->ipv6_addr, "1:2:3:4::"); - r1->ipv6_orport = 9999; - router_set_rsa_onion_pkey(pk1, &r1->onion_pkey, &r1->onion_pkey_len); - /* Fake just enough of an ntor key to get by */ + /* r1 is a minimal, RSA-only descriptor, with DirPort and IPv6 */ + r1 = basic_routerinfo_new("Magri", 0xc0a80001u /* 192.168.0.1 */, + 9000, 9003, + 1000, 5000, 10000, + 0, + NULL); + + /* Fake just enough of an ntor key to get by */ curve25519_keypair_t r1_onion_keypair; curve25519_keypair_generate(&r1_onion_keypair, 0); r1->onion_curve25519_pkey = tor_memdup(&r1_onion_keypair.pubkey, sizeof(curve25519_public_key_t)); - r1->identity_pkey = crypto_pk_dup_key(pk2); - r1->bandwidthrate = 1000; - r1->bandwidthburst = 5000; - r1->bandwidthcapacity = 10000; + + /* Now add IPv6 */ + tor_addr_parse(&r1->ipv6_addr, "1:2:3:4::"); + r1->ipv6_orport = 9999; + r1->exit_policy = NULL; - r1->nickname = tor_strdup("Magri"); - r1->platform = tor_strdup(platform); - ex1 = tor_malloc_zero(sizeof(addr_policy_t)); - ex2 = tor_malloc_zero(sizeof(addr_policy_t)); - ex1->policy_type = ADDR_POLICY_ACCEPT; - tor_addr_from_ipv4h(&ex1->addr, 0); - ex1->maskbits = 0; - ex1->prt_min = ex1->prt_max = 80; - ex2->policy_type = ADDR_POLICY_REJECT; - tor_addr_from_ipv4h(&ex2->addr, 18<<24); - ex2->maskbits = 8; - ex2->prt_min = ex2->prt_max = 24; - r2 = tor_malloc_zero(sizeof(routerinfo_t)); - r2->addr = 0x0a030201u; /* 10.3.2.1 */ + /* XXXX+++ router_dump_to_string should really take this from ri. */ + options->ContactInfo = tor_strdup("Magri White " + "<magri@elsewhere.example.com>"); + + setup_mock_configured_ports(r1->or_port, r1->dir_port); + + buf = router_dump_router_to_string(r1, r1->identity_pkey, NULL, NULL, NULL); + tt_assert(buf); + + tor_free(options->ContactInfo); + cleanup_mock_configured_ports(); + + /* Synthesise a router descriptor, without the signature */ + chunks = smartlist_new(); + + smartlist_add(chunks, get_new_router_line(r1)); + smartlist_add_strdup(chunks, "or-address [1:2:3:4::]:9999\n"); + + smartlist_add(chunks, get_new_platform_line()); + smartlist_add(chunks, get_new_published_line(r1)); + smartlist_add(chunks, get_new_fingerprint_line(r1)); + + smartlist_add(chunks, get_new_uptime_line(0)); + smartlist_add(chunks, get_new_bandwidth_line(r1)); + + smartlist_add(chunks, get_new_onion_key_block(r1)); + smartlist_add(chunks, get_new_signing_key_block(r1)); + + smartlist_add_strdup(chunks, "hidden-service-dir\n"); + + smartlist_add_strdup(chunks, "contact Magri White " + "<magri@elsewhere.example.com>\n"); + + smartlist_add(chunks, get_new_bridge_distribution_request_line(options)); + smartlist_add(chunks, get_new_ntor_onion_key_line(&r1_onion_keypair.pubkey)); + smartlist_add_strdup(chunks, "reject *:*\n"); + smartlist_add_strdup(chunks, "tunnelled-dir-server\n"); + + smartlist_add_strdup(chunks, "router-signature\n"); + + size_t len_out = 0; + buf2 = smartlist_join_strings(chunks, "", 0, &len_out); + SMARTLIST_FOREACH(chunks, char *, s, tor_free(s)); + smartlist_free(chunks); + + tt_assert(len_out > 0); + + buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same + * twice */ + + tt_str_op(buf,OP_EQ, buf2); + tor_free(buf); + + setup_mock_configured_ports(r1->or_port, r1->dir_port); + + buf = router_dump_router_to_string(r1, r1->identity_pkey, NULL, NULL, NULL); + tt_assert(buf); + + cleanup_mock_configured_ports(); + + /* Now, try to parse buf */ + cp = buf; + rp1 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); + + CHECK_ROUTERINFO_CONSISTENCY(r1, rp1); + + tt_assert(rp1->policy_is_reject_star); + + tor_free(buf); + routerinfo_free(rp1); + + /* Test extrainfo creation. + * We avoid calling router_build_fresh_unsigned_routerinfo(), because it's + * too complex. Instead, we re-use the manually-created routerinfos. + */ + + /* Set up standard mocks and data */ + setup_mocks_for_fresh_descriptor(r1, NULL); + + /* router_build_fresh_signed_extrainfo() passes the result of + * get_master_signing_key_cert() directly to tor_cert_dup(), which fails on + * NULL. But we want a NULL ei->cache_info.signing_key_cert to test the + * non-ed key path. + */ + MOCK(tor_cert_dup, mock_tor_cert_dup_null); + + /* Fake just enough of an ORPort and DirPort to get by */ + setup_mock_configured_ports(r1->or_port, r1->dir_port); + + /* Test some of the low-level static functions. */ + e1 = router_build_fresh_signed_extrainfo(r1); + tt_assert(e1); + router_update_routerinfo_from_extrainfo(r1, e1); + rv = router_dump_and_sign_routerinfo_descriptor_body(r1); + tt_assert(rv == 0); + msg = ""; + rv = routerinfo_incompatible_with_extrainfo(r1->identity_pkey, e1, + &r1->cache_info, &msg); + /* If they are incompatible, fail and show the msg string */ + tt_str_op(msg, OP_EQ, ""); + tt_assert(rv == 0); + + /* Now cleanup */ + cleanup_mocks_for_fresh_descriptor(); + + UNMOCK(tor_cert_dup); + + cleanup_mock_configured_ports(); + + CHECK_EXTRAINFO_CONSISTENCY(r1, e1); + + /* Test that the signed ri is parseable */ + tt_assert(r1->cache_info.signed_descriptor_body); + cp = r1->cache_info.signed_descriptor_body; + rp1 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); + + CHECK_ROUTERINFO_CONSISTENCY(r1, rp1); + + tt_assert(rp1->policy_is_reject_star); + + routerinfo_free(rp1); + + /* Test that the signed ei is parseable */ + tt_assert(e1->cache_info.signed_descriptor_body); + cp = e1->cache_info.signed_descriptor_body; + ep1 = extrainfo_parse_entry_from_string((const char*)cp,NULL,1,NULL,NULL); + + CHECK_EXTRAINFO_CONSISTENCY(r1, ep1); + + /* In future tests, we could check the actual extrainfo statistics. */ + + extrainfo_free(ep1); + + done: + dirserv_free_fingerprint_list(); + + tor_free(options->ContactInfo); + tor_free(options->Nickname); + + cleanup_mock_configured_ports(); + cleanup_mocks_for_fresh_descriptor(); + + if (chunks) { + SMARTLIST_FOREACH(chunks, char *, s, tor_free(s)); + smartlist_free(chunks); + } + + routerinfo_free(r1); + routerinfo_free(rp1); + + extrainfo_free(e1); + extrainfo_free(ep1); + + tor_free(rsa_cc); + + tor_free(buf); + tor_free(buf2); +} + +/* Check that the exit policy in rp2 is as expected. */ +#define CHECK_PARSED_EXIT_POLICY(rp2) \ +STMT_BEGIN \ + tt_int_op(smartlist_len(rp2->exit_policy),OP_EQ, 2); \ + \ + p = smartlist_get(rp2->exit_policy, 0); \ + tt_int_op(p->policy_type,OP_EQ, ADDR_POLICY_ACCEPT); \ + tt_assert(tor_addr_is_null(&p->addr)); \ + tt_int_op(p->maskbits,OP_EQ, 0); \ + tt_int_op(p->prt_min,OP_EQ, 80); \ + tt_int_op(p->prt_max,OP_EQ, 80); \ + \ + p = smartlist_get(rp2->exit_policy, 1); \ + tt_int_op(p->policy_type,OP_EQ, ADDR_POLICY_REJECT); \ + tt_assert(tor_addr_eq(&p->addr, &ex2->addr)); \ + tt_int_op(p->maskbits,OP_EQ, 8); \ + tt_int_op(p->prt_min,OP_EQ, 24); \ + tt_int_op(p->prt_max,OP_EQ, 24); \ +STMT_END + +/** Run unit tests for router descriptor generation logic for a RSA + ed25519 + * router. + */ +static void +test_dir_formats_rsa_ed25519(void *arg) +{ + char *buf = NULL; + char *buf2 = NULL; + char *cp = NULL; + + crypto_pk_t *r2_onion_pkey = NULL; + char cert_buf[256]; + uint8_t *rsa_cc = NULL; + time_t now = time(NULL); + + routerinfo_t *r2 = NULL; + extrainfo_t *e2 = NULL; + routerinfo_t *r2_out = NULL; + routerinfo_t *rp2 = NULL; + extrainfo_t *ep2 = NULL; + addr_policy_t *ex1, *ex2; + const addr_policy_t *p; + + smartlist_t *chunks = NULL; + int rv = -1; + + or_options_t *options = get_options_mutable(); + setup_dir_formats_options((const char *)arg, options); + + hibernate_set_state_for_testing_(HIBERNATE_STATE_LIVE); + + /* r2 is a RSA + ed25519 descriptor, with an exit policy, but no DirPort or + * IPv6 */ + r2 = basic_routerinfo_new("Fred", 0x0a030201u /* 10.3.2.1 */, + 9005, 0, + 3000, 3000, 3000, + 5, + &r2_onion_pkey); + + /* Fake just enough of an ntor key to get by */ + curve25519_keypair_t r2_onion_keypair; + curve25519_keypair_generate(&r2_onion_keypair, 0); + r2->onion_curve25519_pkey = tor_memdup(&r2_onion_keypair.pubkey, + sizeof(curve25519_public_key_t)); + + /* Now add relay ed25519 keys + * We can't use init_mock_ed_keys() here, because the keys are seeded */ ed25519_keypair_t kp1, kp2; ed25519_secret_key_from_seed(&kp1.seckey, (const uint8_t*)"YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"); @@ -228,157 +952,78 @@ test_dir_formats(void *arg) &kp2.pubkey, now, 86400, CERT_FLAG_INCLUDE_SIGNING_KEY); - r2->platform = tor_strdup(platform); - r2->cache_info.published_on = 5; - r2->or_port = 9005; - r2->dir_port = 0; - r2->supports_tunnelled_dir_requests = 1; - router_set_rsa_onion_pkey(pk2, &r2->onion_pkey, &r2->onion_pkey_len); - curve25519_keypair_t r2_onion_keypair; - curve25519_keypair_generate(&r2_onion_keypair, 0); - r2->onion_curve25519_pkey = tor_memdup(&r2_onion_keypair.pubkey, - sizeof(curve25519_public_key_t)); - r2->identity_pkey = crypto_pk_dup_key(pk1); - r2->bandwidthrate = r2->bandwidthburst = r2->bandwidthcapacity = 3000; + + /* Now add an exit policy */ + ex1 = tor_malloc_zero(sizeof(addr_policy_t)); + ex2 = tor_malloc_zero(sizeof(addr_policy_t)); + ex1->policy_type = ADDR_POLICY_ACCEPT; + tor_addr_from_ipv4h(&ex1->addr, 0); + ex1->maskbits = 0; + ex1->prt_min = ex1->prt_max = 80; + ex2->policy_type = ADDR_POLICY_REJECT; + tor_addr_from_ipv4h(&ex2->addr, 18<<24); + ex2->maskbits = 8; + ex2->prt_min = ex2->prt_max = 24; + r2->exit_policy = smartlist_new(); smartlist_add(r2->exit_policy, ex1); smartlist_add(r2->exit_policy, ex2); - r2->nickname = tor_strdup("Fred"); - - tt_assert(!crypto_pk_write_public_key_to_string(pk1, &pk1_str, - &pk1_str_len)); - tt_assert(!crypto_pk_write_public_key_to_string(pk2 , &pk2_str, - &pk2_str_len)); - - /* XXXX+++ router_dump_to_string should really take this from ri.*/ - options->ContactInfo = tor_strdup("Magri White " - "<magri@elsewhere.example.com>"); - /* Skip reachability checks for DirPort and tunnelled-dir-server */ - options->AssumeReachable = 1; - - /* Fake just enough of an ORPort and DirPort to get by */ - MOCK(get_configured_ports, mock_get_configured_ports); - mocked_configured_ports = smartlist_new(); - memset(&orport, 0, sizeof(orport)); - orport.type = CONN_TYPE_OR_LISTENER; - orport.addr.family = AF_INET; - orport.port = 9000; - smartlist_add(mocked_configured_ports, &orport); - - memset(&dirport, 0, sizeof(dirport)); - dirport.type = CONN_TYPE_DIR_LISTENER; - dirport.addr.family = AF_INET; - dirport.port = 9003; - smartlist_add(mocked_configured_ports, &dirport); - - buf = router_dump_router_to_string(r1, pk2, NULL, NULL, NULL); - - UNMOCK(get_configured_ports); - smartlist_free(mocked_configured_ports); - mocked_configured_ports = NULL; + /* Fake just enough of an ORPort to get by */ + setup_mock_configured_ports(r2->or_port, 0); - tor_free(options->ContactInfo); + buf = router_dump_router_to_string(r2, + r2->identity_pkey, r2_onion_pkey, + &r2_onion_keypair, &kp2); tt_assert(buf); - strlcpy(buf2, "router Magri 192.168.0.1 9000 0 9003\n" - "or-address [1:2:3:4::]:9999\n" - "platform Tor "VERSION" on ", sizeof(buf2)); - strlcat(buf2, get_uname(), sizeof(buf2)); - strlcat(buf2, "\n" - "published 1970-01-01 00:00:00\n" - "fingerprint ", sizeof(buf2)); - tt_assert(!crypto_pk_get_fingerprint(pk2, fingerprint, 1)); - strlcat(buf2, fingerprint, sizeof(buf2)); - strlcat(buf2, "\nuptime 0\n" - /* XXX the "0" above is hard-coded, but even if we made it reflect - * uptime, that still wouldn't make it right, because the two - * descriptors might be made on different seconds... hm. */ - "bandwidth 1000 5000 10000\n" - "onion-key\n", sizeof(buf2)); - strlcat(buf2, pk1_str, sizeof(buf2)); - strlcat(buf2, "signing-key\n", sizeof(buf2)); - strlcat(buf2, pk2_str, sizeof(buf2)); - strlcat(buf2, "hidden-service-dir\n", sizeof(buf2)); - strlcat(buf2, "contact Magri White <magri@elsewhere.example.com>\n", - sizeof(buf2)); - strlcat(buf2, "ntor-onion-key ", sizeof(buf2)); - base64_encode(cert_buf, sizeof(cert_buf), - (const char*)r1_onion_keypair.pubkey.public_key, 32, - BASE64_ENCODE_MULTILINE); - strlcat(buf2, cert_buf, sizeof(buf2)); - strlcat(buf2, "reject *:*\n", sizeof(buf2)); - strlcat(buf2, "tunnelled-dir-server\nrouter-signature\n", sizeof(buf2)); - buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same - * twice */ + cleanup_mock_configured_ports(); - tt_str_op(buf,OP_EQ, buf2); - tor_free(buf); + chunks = smartlist_new(); - buf = router_dump_router_to_string(r1, pk2, NULL, NULL, NULL); - tt_assert(buf); - cp = buf; - rp1 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); - tt_assert(rp1); - tt_int_op(rp1->addr,OP_EQ, r1->addr); - tt_int_op(rp1->or_port,OP_EQ, r1->or_port); - tt_int_op(rp1->dir_port,OP_EQ, r1->dir_port); - tt_int_op(rp1->bandwidthrate,OP_EQ, r1->bandwidthrate); - tt_int_op(rp1->bandwidthburst,OP_EQ, r1->bandwidthburst); - tt_int_op(rp1->bandwidthcapacity,OP_EQ, r1->bandwidthcapacity); - crypto_pk_t *onion_pkey = router_get_rsa_onion_pkey(rp1->onion_pkey, - rp1->onion_pkey_len); - tt_int_op(crypto_pk_cmp_keys(onion_pkey, pk1), OP_EQ, 0); - crypto_pk_free(onion_pkey); - tt_int_op(crypto_pk_cmp_keys(rp1->identity_pkey, pk2), OP_EQ, 0); - tt_assert(rp1->supports_tunnelled_dir_requests); - //tt_assert(rp1->exit_policy == NULL); - tor_free(buf); + /* Synthesise a router descriptor, without the signatures */ + smartlist_add(chunks, get_new_router_line(r2)); - strlcpy(buf2, - "router Fred 10.3.2.1 9005 0 0\n" - "identity-ed25519\n" - "-----BEGIN ED25519 CERT-----\n", sizeof(buf2)); + smartlist_add_strdup(chunks, + "identity-ed25519\n" + "-----BEGIN ED25519 CERT-----\n"); base64_encode(cert_buf, sizeof(cert_buf), (const char*)r2->cache_info.signing_key_cert->encoded, r2->cache_info.signing_key_cert->encoded_len, BASE64_ENCODE_MULTILINE); - strlcat(buf2, cert_buf, sizeof(buf2)); - strlcat(buf2, "-----END ED25519 CERT-----\n", sizeof(buf2)); - strlcat(buf2, "master-key-ed25519 ", sizeof(buf2)); + smartlist_add_strdup(chunks, cert_buf); + smartlist_add_strdup(chunks, "-----END ED25519 CERT-----\n"); + + smartlist_add_strdup(chunks, "master-key-ed25519 "); { char k[ED25519_BASE64_LEN+1]; - tt_int_op(ed25519_public_to_base64(k, - &r2->cache_info.signing_key_cert->signing_key), - OP_GE, 0); - strlcat(buf2, k, sizeof(buf2)); - strlcat(buf2, "\n", sizeof(buf2)); + ed25519_public_to_base64(k, &r2->cache_info.signing_key_cert->signing_key); + smartlist_add_strdup(chunks, k); + smartlist_add_strdup(chunks, "\n"); } - strlcat(buf2, "platform Tor "VERSION" on ", sizeof(buf2)); - strlcat(buf2, get_uname(), sizeof(buf2)); - strlcat(buf2, "\n" - "published 1970-01-01 00:00:05\n" - "fingerprint ", sizeof(buf2)); - tt_assert(!crypto_pk_get_fingerprint(pk1, fingerprint, 1)); - strlcat(buf2, fingerprint, sizeof(buf2)); - strlcat(buf2, "\nuptime 0\n" - "bandwidth 3000 3000 3000\n", sizeof(buf2)); - strlcat(buf2, "onion-key\n", sizeof(buf2)); - strlcat(buf2, pk2_str, sizeof(buf2)); - strlcat(buf2, "signing-key\n", sizeof(buf2)); - strlcat(buf2, pk1_str, sizeof(buf2)); + + smartlist_add(chunks, get_new_platform_line()); + smartlist_add(chunks, get_new_published_line(r2)); + smartlist_add(chunks, get_new_fingerprint_line(r2)); + + smartlist_add(chunks, get_new_uptime_line(0)); + smartlist_add(chunks, get_new_bandwidth_line(r2)); + + smartlist_add(chunks, get_new_onion_key_block(r2)); + smartlist_add(chunks, get_new_signing_key_block(r2)); + int rsa_cc_len; - rsa_cc = make_tap_onion_key_crosscert(pk2, + rsa_cc = make_tap_onion_key_crosscert(r2_onion_pkey, &kp1.pubkey, - pk1, + r2->identity_pkey, &rsa_cc_len); tt_assert(rsa_cc); base64_encode(cert_buf, sizeof(cert_buf), (char*)rsa_cc, rsa_cc_len, BASE64_ENCODE_MULTILINE); - strlcat(buf2, "onion-key-crosscert\n" - "-----BEGIN CROSSCERT-----\n", sizeof(buf2)); - strlcat(buf2, cert_buf, sizeof(buf2)); - strlcat(buf2, "-----END CROSSCERT-----\n", sizeof(buf2)); + smartlist_add_strdup(chunks, "onion-key-crosscert\n" + "-----BEGIN CROSSCERT-----\n"); + smartlist_add_strdup(chunks, cert_buf); + smartlist_add_strdup(chunks, "-----END CROSSCERT-----\n"); int ntor_cc_sign; { tor_cert_t *ntor_cc = NULL; @@ -393,112 +1038,165 @@ test_dir_formats(void *arg) BASE64_ENCODE_MULTILINE); tor_cert_free(ntor_cc); } - tor_snprintf(buf2+strlen(buf2), sizeof(buf2)-strlen(buf2), + smartlist_add_asprintf(chunks, "ntor-onion-key-crosscert %d\n" "-----BEGIN ED25519 CERT-----\n" "%s" "-----END ED25519 CERT-----\n", ntor_cc_sign, cert_buf); - strlcat(buf2, "hidden-service-dir\n", sizeof(buf2)); - strlcat(buf2, "ntor-onion-key ", sizeof(buf2)); - base64_encode(cert_buf, sizeof(cert_buf), - (const char*)r2_onion_keypair.pubkey.public_key, 32, - BASE64_ENCODE_MULTILINE); - strlcat(buf2, cert_buf, sizeof(buf2)); - strlcat(buf2, "accept *:80\nreject 18.0.0.0/8:24\n", sizeof(buf2)); - strlcat(buf2, "tunnelled-dir-server\n", sizeof(buf2)); - strlcat(buf2, "router-sig-ed25519 ", sizeof(buf2)); + smartlist_add_strdup(chunks, "hidden-service-dir\n"); - /* Fake just enough of an ORPort to get by */ - MOCK(get_configured_ports, mock_get_configured_ports); - mocked_configured_ports = smartlist_new(); + smartlist_add(chunks, get_new_bridge_distribution_request_line(options)); + smartlist_add(chunks, get_new_ntor_onion_key_line(&r2_onion_keypair.pubkey)); + smartlist_add_strdup(chunks, "accept *:80\nreject 18.0.0.0/8:24\n"); + smartlist_add_strdup(chunks, "tunnelled-dir-server\n"); - memset(&orport, 0, sizeof(orport)); - orport.type = CONN_TYPE_OR_LISTENER; - orport.addr.family = AF_INET; - orport.port = 9005; - smartlist_add(mocked_configured_ports, &orport); + smartlist_add_strdup(chunks, "router-sig-ed25519 "); - buf = router_dump_router_to_string(r2, pk1, pk2, &r2_onion_keypair, &kp2); - tt_assert(buf); - buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same + size_t len_out = 0; + buf2 = smartlist_join_strings(chunks, "", 0, &len_out); + SMARTLIST_FOREACH(chunks, char *, s, tor_free(s)); + smartlist_free(chunks); + + tt_assert(len_out > 0); + + buf[strlen(buf2)] = '\0'; /* Don't compare either sig; they're never the same * twice */ tt_str_op(buf, OP_EQ, buf2); tor_free(buf); - buf = router_dump_router_to_string(r2, pk1, NULL, NULL, NULL); + setup_mock_configured_ports(r2->or_port, 0); - UNMOCK(get_configured_ports); - smartlist_free(mocked_configured_ports); - mocked_configured_ports = NULL; + buf = router_dump_router_to_string(r2, r2->identity_pkey, NULL, NULL, NULL); + tt_assert(buf); - /* Reset for later */ + cleanup_mock_configured_ports(); + + /* Now, try to parse buf */ cp = buf; rp2 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); - tt_assert(rp2); - tt_int_op(rp2->addr,OP_EQ, r2->addr); - tt_int_op(rp2->or_port,OP_EQ, r2->or_port); - tt_int_op(rp2->dir_port,OP_EQ, r2->dir_port); - tt_int_op(rp2->bandwidthrate,OP_EQ, r2->bandwidthrate); - tt_int_op(rp2->bandwidthburst,OP_EQ, r2->bandwidthburst); - tt_int_op(rp2->bandwidthcapacity,OP_EQ, r2->bandwidthcapacity); + + CHECK_ROUTERINFO_CONSISTENCY(r2, rp2); + tt_mem_op(rp2->onion_curve25519_pkey->public_key,OP_EQ, r2->onion_curve25519_pkey->public_key, CURVE25519_PUBKEY_LEN); - onion_pkey = router_get_rsa_onion_pkey(rp2->onion_pkey, - rp2->onion_pkey_len); - tt_int_op(crypto_pk_cmp_keys(onion_pkey, pk2), OP_EQ, 0); - crypto_pk_free(onion_pkey); - tt_int_op(crypto_pk_cmp_keys(rp2->identity_pkey, pk1), OP_EQ, 0); - tt_assert(rp2->supports_tunnelled_dir_requests); - - tt_int_op(smartlist_len(rp2->exit_policy),OP_EQ, 2); - - p = smartlist_get(rp2->exit_policy, 0); - tt_int_op(p->policy_type,OP_EQ, ADDR_POLICY_ACCEPT); - tt_assert(tor_addr_is_null(&p->addr)); - tt_int_op(p->maskbits,OP_EQ, 0); - tt_int_op(p->prt_min,OP_EQ, 80); - tt_int_op(p->prt_max,OP_EQ, 80); - - p = smartlist_get(rp2->exit_policy, 1); - tt_int_op(p->policy_type,OP_EQ, ADDR_POLICY_REJECT); - tt_assert(tor_addr_eq(&p->addr, &ex2->addr)); - tt_int_op(p->maskbits,OP_EQ, 8); - tt_int_op(p->prt_min,OP_EQ, 24); - tt_int_op(p->prt_max,OP_EQ, 24); - -#if 0 - /* Okay, now for the directories. */ - { - fingerprint_list = smartlist_new(); - crypto_pk_get_fingerprint(pk2, buf, 1); - add_fingerprint_to_dir(buf, fingerprint_list, 0); - crypto_pk_get_fingerprint(pk1, buf, 1); - add_fingerprint_to_dir(buf, fingerprint_list, 0); + + CHECK_PARSED_EXIT_POLICY(rp2); + + tor_free(buf); + routerinfo_free(rp2); + + /* Test extrainfo creation. */ + + /* Set up standard mocks and data */ + setup_mocks_for_fresh_descriptor(r2, r2_onion_pkey); + + /* router_build_fresh_descriptor() requires + * router_build_fresh_unsigned_routerinfo(), but the implementation is + * too complex. Instead, we re-use r2. + */ + mocked_routerinfo = r2; + MOCK(router_build_fresh_unsigned_routerinfo, + mock_router_build_fresh_unsigned_routerinfo); + + /* r2 uses ed25519, so we need to mock the ed key functions */ + mocked_master_signing_key = &kp2; + MOCK(get_master_signing_keypair, mock_get_master_signing_keypair); + + mocked_signing_key_cert = r2->cache_info.signing_key_cert; + MOCK(get_master_signing_key_cert, mock_get_master_signing_key_cert); + + mocked_curve25519_onion_key = &r2_onion_keypair; + MOCK(get_current_curve25519_keypair, mock_get_current_curve25519_keypair); + + /* Fake just enough of an ORPort to get by */ + setup_mock_configured_ports(r2->or_port, 0); + + /* Test the high-level interface. */ + rv = router_build_fresh_descriptor(&r2_out, &e2); + if (rv < 0) { + /* router_build_fresh_descriptor() frees r2 on failure. */ + r2 = NULL; + /* Get rid of an alias to rp2 */ + r2_out = NULL; } + tt_assert(rv == 0); + tt_assert(r2_out); + tt_assert(e2); + /* Guaranteed by mock_router_build_fresh_unsigned_routerinfo() */ + tt_ptr_op(r2_out, OP_EQ, r2); + /* Get rid of an alias to r2 */ + r2_out = NULL; + + /* Now cleanup */ + cleanup_mocks_for_fresh_descriptor(); + + mocked_routerinfo = NULL; + UNMOCK(router_build_fresh_unsigned_routerinfo); + mocked_master_signing_key = NULL; + UNMOCK(get_master_signing_keypair); + mocked_signing_key_cert = NULL; + UNMOCK(get_master_signing_key_cert); + mocked_curve25519_onion_key = NULL; + UNMOCK(get_current_curve25519_keypair); + + cleanup_mock_configured_ports(); + + CHECK_EXTRAINFO_CONSISTENCY(r2, e2); + + /* Test that the signed ri is parseable */ + tt_assert(r2->cache_info.signed_descriptor_body); + cp = r2->cache_info.signed_descriptor_body; + rp2 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); -#endif /* 0 */ - dirserv_free_fingerprint_list(); + CHECK_ROUTERINFO_CONSISTENCY(r2, rp2); + + tt_mem_op(rp2->onion_curve25519_pkey->public_key,OP_EQ, + r2->onion_curve25519_pkey->public_key, + CURVE25519_PUBKEY_LEN); + + CHECK_PARSED_EXIT_POLICY(rp2); + + routerinfo_free(rp2); + + /* Test that the signed ei is parseable */ + tt_assert(e2->cache_info.signed_descriptor_body); + cp = e2->cache_info.signed_descriptor_body; + ep2 = extrainfo_parse_entry_from_string((const char*)cp,NULL,1,NULL,NULL); + + CHECK_EXTRAINFO_CONSISTENCY(r2, ep2); + + /* In future tests, we could check the actual extrainfo statistics. */ + + extrainfo_free(ep2); done: - if (r1) - routerinfo_free(r1); - if (r2) - routerinfo_free(r2); - if (rp2) - routerinfo_free(rp2); + dirserv_free_fingerprint_list(); + + tor_free(options->Nickname); + + cleanup_mock_configured_ports(); + cleanup_mocks_for_fresh_descriptor(); + + if (chunks) { + SMARTLIST_FOREACH(chunks, char *, s, tor_free(s)); + smartlist_free(chunks); + } + + routerinfo_free(r2); + routerinfo_free(r2_out); + routerinfo_free(rp2); + + extrainfo_free(e2); + extrainfo_free(ep2); tor_free(rsa_cc); + crypto_pk_free(r2_onion_pkey); + tor_free(buf); - tor_free(pk1_str); - tor_free(pk2_str); - if (pk1) crypto_pk_free(pk1); - if (pk2) crypto_pk_free(pk2); - if (rp1) routerinfo_free(rp1); - tor_free(dir1); /* XXXX And more !*/ - tor_free(dir2); /* And more !*/ + tor_free(buf2); } #include "failing_routerdescs.inc" @@ -1767,7 +2465,8 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, "", 0); setup_capture_of_logs(LOG_WARN); tt_int_op(-1, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); expect_log_msg("Empty bandwidth file\n"); teardown_capture_of_logs(); bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); @@ -1783,7 +2482,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(-1, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op("", OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1794,7 +2495,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, header_lines_v100, 0); bw_file_headers = smartlist_new(); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v100, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1807,7 +2510,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v100, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1818,7 +2523,8 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) tor_asprintf(&content, "%s%s", header_lines_v100, relay_lines_v100); write_str_to_file(fname, content, 0); tor_free(content); - tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL)); + tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL, + NULL)); /* Test bandwidth file including v1.1.0 bandwidth headers and * v1.0.0 relay lines. bw_file_headers will contain the v1.1.0 headers. */ @@ -1828,7 +2534,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1844,7 +2552,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v100, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1861,7 +2571,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v100, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1872,7 +2584,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) bw_file_headers = smartlist_new(); write_str_to_file(fname, header_lines_v110_no_terminator, 0); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1883,7 +2597,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) bw_file_headers = smartlist_new(); write_str_to_file(fname, header_lines_v110, 0); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1898,7 +2614,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1913,7 +2631,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1929,7 +2649,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_v110, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1946,7 +2668,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); tt_str_op(bw_file_headers_str_bad, OP_EQ, bw_file_headers_str); SMARTLIST_FOREACH(bw_file_headers, char *, c, tor_free(c)); @@ -1964,7 +2688,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + tt_int_op(MAX_BW_FILE_HEADER_COUNT_IN_VOTE, OP_EQ, smartlist_len(bw_file_headers)); bw_file_headers_str = smartlist_join_strings(bw_file_headers, " ", 0, NULL); @@ -1985,7 +2711,9 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) write_str_to_file(fname, content, 0); tor_free(content); tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, - bw_file_headers)); + bw_file_headers, + NULL)); + tt_int_op(MAX_BW_FILE_HEADER_COUNT_IN_VOTE, OP_EQ, smartlist_len(bw_file_headers)); /* force bw_file_headers to be bigger than @@ -2014,7 +2742,8 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) /* Read the bandwidth file */ setup_full_capture_of_logs(LOG_DEBUG); - tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL)); + tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL, + NULL)); expect_log_msg_containing("Ignoring bandwidth file line"); teardown_capture_of_logs(); @@ -2032,11 +2761,13 @@ test_dir_dirserv_read_measured_bandwidths(void *arg) /* Read the bandwidth file */ setup_full_capture_of_logs(LOG_DEBUG); - tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL)); + tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL, NULL, + NULL)); expect_log_msg_not_containing("Ignoring bandwidth file line"); teardown_capture_of_logs(); done: + unlink(fname); tor_free(fname); tor_free(header_lines_v100); tor_free(header_lines_v110_no_terminator); @@ -2274,6 +3005,7 @@ test_dir_param_voting_lookup(void *arg) tt_int_op(99, OP_EQ, dirvote_get_intermediate_param_value(lst, "abcd", 1000)); +#ifndef ALL_BUGS_ARE_FATAL /* moomin appears twice. That's a bug. */ tor_capture_bugs_(1); tt_int_op(-100, OP_EQ, @@ -2291,7 +3023,7 @@ test_dir_param_voting_lookup(void *arg) dirvote_get_intermediate_param_value(lst, "jack", -100)); tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, - "!(! ok)"); + "!(!ok)"); tor_end_capture_bugs_(); /* electricity and opa aren't integers. */ tor_capture_bugs_(1); @@ -2299,7 +3031,7 @@ test_dir_param_voting_lookup(void *arg) dirvote_get_intermediate_param_value(lst, "electricity", -100)); tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, - "!(! ok)"); + "!(!ok)"); tor_end_capture_bugs_(); tor_capture_bugs_(1); @@ -2307,8 +3039,9 @@ test_dir_param_voting_lookup(void *arg) dirvote_get_intermediate_param_value(lst, "opa", -100)); tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, - "!(! ok)"); + "!(!ok)"); tor_end_capture_bugs_(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ done: SMARTLIST_FOREACH(lst, char *, cp, tor_free(cp)); @@ -2863,17 +3596,23 @@ test_a_networkstatus( MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); /* Parse certificates and keys. */ - cert1 = mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + cert1 = mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); tt_assert(cert1); - cert2 = authority_cert_parse_from_string(AUTHORITY_CERT_2, NULL); + cert2 = authority_cert_parse_from_string(AUTHORITY_CERT_2, + strlen(AUTHORITY_CERT_2), + NULL); tt_assert(cert2); - cert3 = authority_cert_parse_from_string(AUTHORITY_CERT_3, NULL); + cert3 = authority_cert_parse_from_string(AUTHORITY_CERT_3, + strlen(AUTHORITY_CERT_3), + NULL); tt_assert(cert3); sign_skey_1 = crypto_pk_new(); sign_skey_2 = crypto_pk_new(); sign_skey_3 = crypto_pk_new(); sign_skey_leg1 = pk_generate(4); - voting_schedule_recalculate_timing(get_options(), now); + dirauth_sched_recalculate_timing(get_options(), now); sr_state_init(0, 0); tt_assert(!crypto_pk_read_private_key_from_string(sign_skey_1, @@ -2969,7 +3708,7 @@ test_a_networkstatus( sign_skey_leg1, FLAV_NS); tt_assert(consensus_text); - con = networkstatus_parse_vote_from_string(consensus_text, NULL, + con = networkstatus_parse_vote_from_string_(consensus_text, NULL, NS_TYPE_CONSENSUS); tt_assert(con); //log_notice(LD_GENERAL, "<<%s>>\n<<%s>>\n<<%s>>\n", @@ -2981,7 +3720,7 @@ test_a_networkstatus( sign_skey_leg1, FLAV_MICRODESC); tt_assert(consensus_text_md); - con_md = networkstatus_parse_vote_from_string(consensus_text_md, NULL, + con_md = networkstatus_parse_vote_from_string_(consensus_text_md, NULL, NS_TYPE_CONSENSUS); tt_assert(con_md); tt_int_op(con_md->flavor,OP_EQ, FLAV_MICRODESC); @@ -3080,13 +3819,13 @@ test_a_networkstatus( tt_assert(consensus_text3); tt_assert(consensus_text_md2); tt_assert(consensus_text_md3); - con2 = networkstatus_parse_vote_from_string(consensus_text2, NULL, + con2 = networkstatus_parse_vote_from_string_(consensus_text2, NULL, NS_TYPE_CONSENSUS); - con3 = networkstatus_parse_vote_from_string(consensus_text3, NULL, + con3 = networkstatus_parse_vote_from_string_(consensus_text3, NULL, NS_TYPE_CONSENSUS); - con_md2 = networkstatus_parse_vote_from_string(consensus_text_md2, NULL, + con_md2 = networkstatus_parse_vote_from_string_(consensus_text_md2, NULL, NS_TYPE_CONSENSUS); - con_md3 = networkstatus_parse_vote_from_string(consensus_text_md3, NULL, + con_md3 = networkstatus_parse_vote_from_string_(consensus_text_md3, NULL, NS_TYPE_CONSENSUS); tt_assert(con2); tt_assert(con3); @@ -3864,6 +4603,62 @@ mock_get_options(void) return mock_options; } +/** + * Test dirauth_get_b64_digest_bw_file. + * This function should be near the other bwauth functions, but it needs + * mock_get_options, that is only defined here. + */ + +static void +test_dir_bwauth_bw_file_digest256(void *arg) +{ + (void)arg; + const char *content = + "1541171221\n" + "node_id=$68A483E05A2ABDCA6DA5A3EF8DB5177638A27F80 " + "master_key_ed25519=YaqV4vbvPYKucElk297eVdNArDz9HtIwUoIeo0+cVIpQ " + "bw=760 nick=Test time=2018-05-08T16:13:26\n"; + + char *fname = tor_strdup(get_fname("V3BandwidthsFile")); + /* Initialize to a wrong digest. */ + uint8_t digest[DIGEST256_LEN] = "01234567890123456789abcdefghijkl"; + + /* Digest of an empty string. Initialize to a wrong digest. */ + char digest_empty_str[DIGEST256_LEN] = "01234567890123456789abcdefghijkl"; + crypto_digest256(digest_empty_str, "", 0, DIGEST_SHA256); + + /* Digest of the content. Initialize to a wrong digest. */ + char digest_expected[DIGEST256_LEN] = "01234567890123456789abcdefghijkl"; + crypto_digest256(digest_expected, content, strlen(content), DIGEST_SHA256); + + /* When the bandwidth file can not be found. */ + tt_int_op(-1, OP_EQ, + dirserv_read_measured_bandwidths(fname, + NULL, NULL, digest)); + tt_mem_op(digest, OP_EQ, digest_empty_str, DIGEST256_LEN); + + /* When there is a timestamp but it is too old. */ + write_str_to_file(fname, content, 0); + tt_int_op(-1, OP_EQ, + dirserv_read_measured_bandwidths(fname, + NULL, NULL, digest)); + /* The digest will be correct. */ + tt_mem_op(digest, OP_EQ, digest_expected, DIGEST256_LEN); + + update_approx_time(1541171221); + + /* When there is a bandwidth file and it can be read. */ + tt_int_op(0, OP_EQ, + dirserv_read_measured_bandwidths(fname, + NULL, NULL, digest)); + tt_mem_op(digest, OP_EQ, digest_expected, DIGEST256_LEN); + + done: + unlink(fname); + tor_free(fname); + update_approx_time(time(NULL)); +} + static void reset_routerstatus(routerstatus_t *rs, const char *hex_identity_digest, @@ -3900,10 +4695,13 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) (void)arg; /* Init options */ + dirauth_options_t *dirauth_options = + tor_malloc_zero(sizeof(dirauth_options_t)); + mock_options = tor_malloc(sizeof(or_options_t)); reset_options(mock_options, &mock_get_options_calls); - MOCK(get_options, mock_get_options); + dirauth_set_options(dirauth_options); /* Init routersets */ routerset_t *routerset_all = routerset_new(); @@ -3943,16 +4741,15 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check that "*" sets flags on all routers: Exit * Check the flags aren't being confused with each other */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_a, ROUTER_A_ID_STR, ROUTER_A_IPV4); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_all; - mock_options->TestingDirAuthVoteExitIsStrict = 0; + dirauth_options->TestingDirAuthVoteExit = routerset_all; + dirauth_options->TestingDirAuthVoteExitIsStrict = 0; dirserv_set_routerstatus_testing(rs_a); - tt_int_op(mock_get_options_calls, OP_EQ, 1); dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 2); tt_uint_op(rs_a->is_exit, OP_EQ, 1); tt_uint_op(rs_b->is_exit, OP_EQ, 1); @@ -3965,18 +4762,17 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check that "*" sets flags on all routers: Guard & HSDir * Cover the remaining flags in one test */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_a, ROUTER_A_ID_STR, ROUTER_A_IPV4); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteGuard = routerset_all; - mock_options->TestingDirAuthVoteGuardIsStrict = 0; - mock_options->TestingDirAuthVoteHSDir = routerset_all; - mock_options->TestingDirAuthVoteHSDirIsStrict = 0; + dirauth_options->TestingDirAuthVoteGuard = routerset_all; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 0; + dirauth_options->TestingDirAuthVoteHSDir = routerset_all; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 0; dirserv_set_routerstatus_testing(rs_a); - tt_int_op(mock_get_options_calls, OP_EQ, 1); dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 2); tt_uint_op(rs_a->is_possible_guard, OP_EQ, 1); tt_uint_op(rs_b->is_possible_guard, OP_EQ, 1); @@ -3989,20 +4785,19 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check routerset A sets all flags on router A, * but leaves router B unmodified */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_a, ROUTER_A_ID_STR, ROUTER_A_IPV4); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_a; - mock_options->TestingDirAuthVoteExitIsStrict = 0; - mock_options->TestingDirAuthVoteGuard = routerset_a; - mock_options->TestingDirAuthVoteGuardIsStrict = 0; - mock_options->TestingDirAuthVoteHSDir = routerset_a; - mock_options->TestingDirAuthVoteHSDirIsStrict = 0; + dirauth_options->TestingDirAuthVoteExit = routerset_a; + dirauth_options->TestingDirAuthVoteExitIsStrict = 0; + dirauth_options->TestingDirAuthVoteGuard = routerset_a; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 0; + dirauth_options->TestingDirAuthVoteHSDir = routerset_a; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 0; dirserv_set_routerstatus_testing(rs_a); - tt_int_op(mock_get_options_calls, OP_EQ, 1); dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 2); tt_uint_op(rs_a->is_exit, OP_EQ, 1); tt_uint_op(rs_b->is_exit, OP_EQ, 0); @@ -4013,21 +4808,21 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check routerset A unsets all flags on router B when Strict is set */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_a; - mock_options->TestingDirAuthVoteExitIsStrict = 1; - mock_options->TestingDirAuthVoteGuard = routerset_a; - mock_options->TestingDirAuthVoteGuardIsStrict = 1; - mock_options->TestingDirAuthVoteHSDir = routerset_a; - mock_options->TestingDirAuthVoteHSDirIsStrict = 1; + dirauth_options->TestingDirAuthVoteExit = routerset_a; + dirauth_options->TestingDirAuthVoteExitIsStrict = 1; + dirauth_options->TestingDirAuthVoteGuard = routerset_a; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 1; + dirauth_options->TestingDirAuthVoteHSDir = routerset_a; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 1; rs_b->is_exit = 1; rs_b->is_possible_guard = 1; rs_b->is_hs_dir = 1; dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 1); tt_uint_op(rs_b->is_exit, OP_EQ, 0); tt_uint_op(rs_b->is_possible_guard, OP_EQ, 0); @@ -4035,21 +4830,21 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check routerset A doesn't modify flags on router B without Strict set */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_a; - mock_options->TestingDirAuthVoteExitIsStrict = 0; - mock_options->TestingDirAuthVoteGuard = routerset_a; - mock_options->TestingDirAuthVoteGuardIsStrict = 0; - mock_options->TestingDirAuthVoteHSDir = routerset_a; - mock_options->TestingDirAuthVoteHSDirIsStrict = 0; + dirauth_options->TestingDirAuthVoteExit = routerset_a; + dirauth_options->TestingDirAuthVoteExitIsStrict = 0; + dirauth_options->TestingDirAuthVoteGuard = routerset_a; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 0; + dirauth_options->TestingDirAuthVoteHSDir = routerset_a; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 0; rs_b->is_exit = 1; rs_b->is_possible_guard = 1; rs_b->is_hs_dir = 1; dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 1); tt_uint_op(rs_b->is_exit, OP_EQ, 1); tt_uint_op(rs_b->is_possible_guard, OP_EQ, 1); @@ -4058,21 +4853,21 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check the empty routerset zeroes all flags * on routers A & B with Strict set */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_none; - mock_options->TestingDirAuthVoteExitIsStrict = 1; - mock_options->TestingDirAuthVoteGuard = routerset_none; - mock_options->TestingDirAuthVoteGuardIsStrict = 1; - mock_options->TestingDirAuthVoteHSDir = routerset_none; - mock_options->TestingDirAuthVoteHSDirIsStrict = 1; + dirauth_options->TestingDirAuthVoteExit = routerset_none; + dirauth_options->TestingDirAuthVoteExitIsStrict = 1; + dirauth_options->TestingDirAuthVoteGuard = routerset_none; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 1; + dirauth_options->TestingDirAuthVoteHSDir = routerset_none; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 1; rs_b->is_exit = 1; rs_b->is_possible_guard = 1; rs_b->is_hs_dir = 1; dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 1); tt_uint_op(rs_b->is_exit, OP_EQ, 0); tt_uint_op(rs_b->is_possible_guard, OP_EQ, 0); @@ -4081,24 +4876,23 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) /* Check the empty routerset doesn't modify any flags * on A or B without Strict set */ reset_options(mock_options, &mock_get_options_calls); + memset(dirauth_options, 0, sizeof(*dirauth_options)); reset_routerstatus(rs_a, ROUTER_A_ID_STR, ROUTER_A_IPV4); reset_routerstatus(rs_b, ROUTER_B_ID_STR, ROUTER_B_IPV4); - mock_options->TestingDirAuthVoteExit = routerset_none; - mock_options->TestingDirAuthVoteExitIsStrict = 0; - mock_options->TestingDirAuthVoteGuard = routerset_none; - mock_options->TestingDirAuthVoteGuardIsStrict = 0; - mock_options->TestingDirAuthVoteHSDir = routerset_none; - mock_options->TestingDirAuthVoteHSDirIsStrict = 0; + dirauth_options->TestingDirAuthVoteExit = routerset_none; + dirauth_options->TestingDirAuthVoteExitIsStrict = 0; + dirauth_options->TestingDirAuthVoteGuard = routerset_none; + dirauth_options->TestingDirAuthVoteGuardIsStrict = 0; + dirauth_options->TestingDirAuthVoteHSDir = routerset_none; + dirauth_options->TestingDirAuthVoteHSDirIsStrict = 0; rs_b->is_exit = 1; rs_b->is_possible_guard = 1; rs_b->is_hs_dir = 1; dirserv_set_routerstatus_testing(rs_a); - tt_int_op(mock_get_options_calls, OP_EQ, 1); dirserv_set_routerstatus_testing(rs_b); - tt_int_op(mock_get_options_calls, OP_EQ, 2); tt_uint_op(rs_a->is_exit, OP_EQ, 0); tt_uint_op(rs_a->is_possible_guard, OP_EQ, 0); @@ -4109,6 +4903,7 @@ test_dir_dirserv_set_routerstatus_testing(void *arg) done: tor_free(mock_options); + tor_free(dirauth_options); mock_options = NULL; UNMOCK(get_options); @@ -4196,6 +4991,14 @@ test_dir_purpose_needs_anonymity_returns_true_by_default(void *arg) { (void)arg; +#ifdef ALL_BUGS_ARE_FATAL + /* Coverity (and maybe clang analyser) complain that the code following + * tt_skip() is unconditionally unreachable. */ +#if !defined(__COVERITY__) && !defined(__clang_analyzer__) + tt_skip(); +#endif +#endif /* defined(ALL_BUGS_ARE_FATAL) */ + tor_capture_bugs_(1); setup_full_capture_of_logs(LOG_WARN); tt_int_op(1, OP_EQ, purpose_needs_anonymity(0, 0, NULL)); @@ -4683,15 +5486,15 @@ test_dir_conn_purpose_to_string(void *data) teardown_capture_of_logs(); } -NS_DECL(int, -public_server_mode, (const or_options_t *options)); +static int dir_tests_public_server_mode(const or_options_t *options); +ATTR_UNUSED static int dir_tests_public_server_mode_called = 0; static int -NS(public_server_mode)(const or_options_t *options) +dir_tests_public_server_mode(const or_options_t *options) { (void)options; - if (CALLED(public_server_mode)++ == 0) { + if (dir_tests_public_server_mode_called++ == 0) { return 1; } @@ -4705,13 +5508,14 @@ test_dir_should_use_directory_guards(void *data) char *errmsg = NULL; (void)data; - NS_MOCK(public_server_mode); + MOCK(public_server_mode, + dir_tests_public_server_mode); options = options_new(); options_init(options); tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 1); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 1); options->UseEntryGuards = 1; options->DownloadExtraInfo = 0; @@ -4719,41 +5523,41 @@ test_dir_should_use_directory_guards(void *data) options->FetchDirInfoExtraEarly = 0; options->FetchUselessDescriptors = 0; tt_int_op(should_use_directory_guards(options), OP_EQ, 1); - tt_int_op(CALLED(public_server_mode), OP_EQ, 2); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 2); options->UseEntryGuards = 0; tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 3); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 3); options->UseEntryGuards = 1; options->DownloadExtraInfo = 1; tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 4); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 4); options->DownloadExtraInfo = 0; options->FetchDirInfoEarly = 1; tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 5); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 5); options->FetchDirInfoEarly = 0; options->FetchDirInfoExtraEarly = 1; tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 6); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 6); options->FetchDirInfoExtraEarly = 0; options->FetchUselessDescriptors = 1; tt_int_op(should_use_directory_guards(options), OP_EQ, 0); - tt_int_op(CALLED(public_server_mode), OP_EQ, 7); + tt_int_op(dir_tests_public_server_mode_called, OP_EQ, 7); options->FetchUselessDescriptors = 0; done: - NS_UNMOCK(public_server_mode); + UNMOCK(public_server_mode); or_options_free(options); tor_free(errmsg); } -NS_DECL(void, -directory_initiate_request, (directory_request_t *req)); +static void dir_tests_directory_initiate_request(directory_request_t *req); +ATTR_UNUSED static int dir_tests_directory_initiate_request_called = 0; static void test_dir_should_not_init_request_to_ourselves(void *data) @@ -4763,7 +5567,8 @@ test_dir_should_not_init_request_to_ourselves(void *data) crypto_pk_t *key = pk_generate(2); (void) data; - NS_MOCK(directory_initiate_request); + MOCK(directory_initiate_request, + dir_tests_directory_initiate_request); clear_dir_servers(); routerlist_free_all(); @@ -4778,15 +5583,15 @@ test_dir_should_not_init_request_to_ourselves(void *data) dir_server_add(ourself); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_STATUS_VOTE, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 0); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 0); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 0); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 0); done: - NS_UNMOCK(directory_initiate_request); + UNMOCK(directory_initiate_request); clear_dir_servers(); routerlist_free_all(); crypto_pk_free(key); @@ -4800,7 +5605,8 @@ test_dir_should_not_init_request_to_dir_auths_without_v3_info(void *data) | MICRODESC_DIRINFO; (void) data; - NS_MOCK(directory_initiate_request); + MOCK(directory_initiate_request, + dir_tests_directory_initiate_request); clear_dir_servers(); routerlist_free_all(); @@ -4811,14 +5617,14 @@ test_dir_should_not_init_request_to_dir_auths_without_v3_info(void *data) dir_server_add(ds); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_STATUS_VOTE, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 0); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 0); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 0); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 0); done: - NS_UNMOCK(directory_initiate_request); + UNMOCK(directory_initiate_request); clear_dir_servers(); routerlist_free_all(); } @@ -4829,7 +5635,8 @@ test_dir_should_init_request_to_dir_auths(void *data) dir_server_t *ds = NULL; (void) data; - NS_MOCK(directory_initiate_request); + MOCK(directory_initiate_request, + dir_tests_directory_initiate_request); clear_dir_servers(); routerlist_free_all(); @@ -4840,23 +5647,23 @@ test_dir_should_init_request_to_dir_auths(void *data) dir_server_add(ds); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_STATUS_VOTE, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 1); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 1); directory_get_from_all_authorities(DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0, NULL); - tt_int_op(CALLED(directory_initiate_request), OP_EQ, 2); + tt_int_op(dir_tests_directory_initiate_request_called, OP_EQ, 2); done: - NS_UNMOCK(directory_initiate_request); + UNMOCK(directory_initiate_request); clear_dir_servers(); routerlist_free_all(); } void -NS(directory_initiate_request)(directory_request_t *req) +dir_tests_directory_initiate_request(directory_request_t *req) { (void)req; - CALLED(directory_initiate_request)++; + dir_tests_directory_initiate_request_called++; } static void @@ -6087,6 +6894,80 @@ test_dir_find_dl_min_delay(void* data) } static void +test_dir_matching_flags(void *arg) +{ + (void) arg; + routerstatus_t *rs_noflags = NULL; + routerstatus_t *rs = NULL; + char *s = NULL; + + smartlist_t *tokens = smartlist_new(); + memarea_t *area = memarea_new(); + + int expected_val_when_unused = 0; + + const char *ex_noflags = + "r example hereiswhereyouridentitygoes 2015-08-30 12:00:00 " + "192.168.0.1 9001 0\n" + "m thisoneislongerbecauseitisa256bitmddigest33\n" + "s\n"; + const char *cp = ex_noflags; + rs_noflags = routerstatus_parse_entry_from_string( + area, &cp, + cp + strlen(cp), + tokens, NULL, NULL, + MAX_SUPPORTED_CONSENSUS_METHOD, FLAV_MICRODESC); + tt_assert(rs_noflags); + +#define FLAG(string, field) STMT_BEGIN { \ + tor_asprintf(&s,\ + "r example hereiswhereyouridentitygoes 2015-08-30 12:00:00 " \ + "192.168.0.1 9001 0\n" \ + "m thisoneislongerbecauseitisa256bitmddigest33\n" \ + "s %s\n", string); \ + cp = s; \ + rs = routerstatus_parse_entry_from_string( \ + area, &cp, \ + cp + strlen(cp), \ + tokens, NULL, NULL, \ + MAX_SUPPORTED_CONSENSUS_METHOD, FLAV_MICRODESC); \ + /* the field should usually be 0 when no flags are listed */ \ + tt_int_op(rs_noflags->field, OP_EQ, expected_val_when_unused); \ + /* the field should be 1 when this flags islisted */ \ + tt_int_op(rs->field, OP_EQ, 1); \ + tor_free(s); \ + routerstatus_free(rs); \ +} STMT_END + + FLAG("Authority", is_authority); + FLAG("BadExit", is_bad_exit); + FLAG("Exit", is_exit); + FLAG("Fast", is_fast); + FLAG("Guard", is_possible_guard); + FLAG("HSDir", is_hs_dir); + FLAG("Stable", is_stable); + FLAG("StaleDesc", is_staledesc); + FLAG("V2Dir", is_v2_dir); + + // These flags are assumed to be set whether they're declared or not. + expected_val_when_unused = 1; + FLAG("Running", is_flagged_running); + FLAG("Valid", is_valid); + expected_val_when_unused = 0; + + // These flags are no longer used, but still parsed. + FLAG("Named", is_named); + FLAG("Unnamed", is_unnamed); + + done: + tor_free(s); + routerstatus_free(rs); + routerstatus_free(rs_noflags); + memarea_drop_all(area); + smartlist_free(tokens); +} + +static void test_dir_assumed_flags(void *arg) { (void)arg; @@ -6101,9 +6982,10 @@ test_dir_assumed_flags(void *arg) "192.168.0.1 9001 0\n" "m thisoneislongerbecauseitisa256bitmddigest33\n" "s Fast Guard Stable\n"; + const char *eos = str1 + strlen(str1); const char *cp = str1; - rs = routerstatus_parse_entry_from_string(area, &cp, tokens, NULL, NULL, + rs = routerstatus_parse_entry_from_string(area, &cp, eos, tokens, NULL, NULL, 24, FLAV_MICRODESC); tt_assert(rs); tt_assert(rs->is_flagged_running); @@ -6201,98 +7083,6 @@ test_dir_platform_str(void *arg) ; } -static networkstatus_t *mock_networkstatus; - -static networkstatus_t * -mock_networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f) -{ - (void)f; - return mock_networkstatus; -} - -static void -test_dir_networkstatus_consensus_has_ipv6(void *arg) -{ - (void)arg; - - int has_ipv6 = 0; - - /* Init options and networkstatus */ - or_options_t our_options; - mock_options = &our_options; - reset_options(mock_options, &mock_get_options_calls); - MOCK(get_options, mock_get_options); - - networkstatus_t our_networkstatus; - mock_networkstatus = &our_networkstatus; - memset(mock_networkstatus, 0, sizeof(*mock_networkstatus)); - MOCK(networkstatus_get_latest_consensus_by_flavor, - mock_networkstatus_get_latest_consensus_by_flavor); - - /* A live consensus */ - mock_networkstatus->valid_after = time(NULL) - 3600; - mock_networkstatus->valid_until = time(NULL) + 3600; - - /* Test the bounds for A lines in the NS consensus */ - mock_options->UseMicrodescriptors = 0; - - mock_networkstatus->consensus_method = MIN_SUPPORTED_CONSENSUS_METHOD; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - /* Test the bounds for A lines in the microdesc consensus */ - mock_options->UseMicrodescriptors = 1; - - mock_networkstatus->consensus_method = - MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - mock_networkstatus->consensus_method = MAX_SUPPORTED_CONSENSUS_METHOD + 20; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - mock_networkstatus->consensus_method = - MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS + 1; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - mock_networkstatus->consensus_method = - MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS + 20; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - mock_networkstatus->consensus_method = - MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS - 1; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(!has_ipv6); - - /* Test the edge cases */ - mock_options->UseMicrodescriptors = 1; - mock_networkstatus->consensus_method = - MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS; - - /* Reasonably live */ - mock_networkstatus->valid_until = approx_time() - 60; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(has_ipv6); - - /* Not reasonably live */ - mock_networkstatus->valid_after = approx_time() - 24*60*60 - 3600; - mock_networkstatus->valid_until = approx_time() - 24*60*60 - 60; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(!has_ipv6); - - /* NULL consensus */ - mock_networkstatus = NULL; - has_ipv6 = networkstatus_consensus_has_ipv6(get_options()); - tt_assert(!has_ipv6); - - done: - UNMOCK(get_options); - UNMOCK(networkstatus_get_latest_consensus_by_flavor); -} - static void test_dir_format_versions_list(void *arg) { @@ -6344,6 +7134,301 @@ test_dir_format_versions_list(void *arg) teardown_capture_of_logs(); } +static void +test_dir_add_fingerprint(void *arg) +{ + (void)arg; + authdir_config_t *list; + int ret; + ed25519_secret_key_t seckey; + ed25519_public_key_t pubkey_good, pubkey_bad; + + authdir_init_fingerprint_list(); + list = authdir_return_fingerprint_list(); + + setup_capture_of_logs(LOG_WARN); + + /* RSA test - successful */ + ret = add_rsa_fingerprint_to_dir("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + list, 0); + tt_int_op(ret, OP_EQ, 0); + + /* RSA test - failure */ + ret = add_rsa_fingerprint_to_dir("ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ", + list, 0); + tt_int_op(ret, OP_EQ, -1); + + /* ed25519 test - successful */ + ed25519_secret_key_generate(&seckey, 0); + ed25519_public_key_generate(&pubkey_good, &seckey); + + ret = add_ed25519_to_dir(&pubkey_good, list, 0); + tt_int_op(ret, OP_EQ, 0); + + /* ed25519 test - failure */ + digest256_from_base64((char *) pubkey_bad.pubkey, "gibberish"); + + ret = add_ed25519_to_dir(&pubkey_bad, list, 0); + tt_int_op(ret, OP_EQ, -1); + + done: + teardown_capture_of_logs(); + dirserv_free_fingerprint_list(); +} + +static void +test_dir_dirserv_load_fingerprint_file(void *arg) +{ + (void)arg; + char *fname = tor_strdup(get_fname("approved-routers")); + + // Neither RSA nor ed25519 + const char *router_lines_invalid = + "!badexit notafingerprint"; + const char *router_lines_too_long = + "!badexit thisisareallylongstringthatislongerthanafingerprint\n"; + const char *router_lines_bad_fmt_str = + "!badexit ABCDEFGH|%1$p|%2$p|%3$p|%4$p|%5$p|%6$p\n"; + const char *router_lines_valid_rsa = + "!badexit AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n"; + const char *router_lines_invalid_rsa = + "!badexit ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ\n"; + const char *router_lines_valid_ed25519 = + "!badexit wqfLzgfCtRfYNg88LsL1QpzxS0itapJ1aj6TbnByx/Q\n"; + const char *router_lines_invalid_ed25519 = + "!badexit --fLzgfCtRfYNg88LsL1QpzxS0itapJ1aj6TbnByx--\n"; + + // Test: Invalid Fingerprint (not RSA or ed25519) + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_invalid, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + expect_log_msg_containing("Invalid fingerprint"); + teardown_capture_of_logs(); + + // Test: Very long string (longer than RSA or ed25519 key) + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_too_long, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + expect_log_msg_containing("Invalid fingerprint"); + teardown_capture_of_logs(); + + // Test: Formt string exploit + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_bad_fmt_str, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + expect_log_msg_containing("Invalid fingerprint"); + teardown_capture_of_logs(); + + // Test: Valid RSA + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_valid_rsa, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + teardown_capture_of_logs(); + + // Test: Invalid RSA + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_invalid_rsa, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + expect_log_msg_containing("Invalid fingerprint"); + teardown_capture_of_logs(); + + // Test: Valid ed25519 + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_valid_ed25519, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + teardown_capture_of_logs(); + + // Test: Invalid ed25519 + setup_capture_of_logs(LOG_NOTICE); + write_str_to_file(fname, router_lines_invalid_ed25519, 0); + tt_int_op(dirserv_load_fingerprint_file(), OP_EQ, 0); + expect_log_msg_containing("Invalid fingerprint"); + teardown_capture_of_logs(); + + done: + tor_free(fname); + dirserv_free_fingerprint_list(); +} + +#define RESET_FP_LIST(list) STMT_BEGIN \ + dirserv_free_fingerprint_list(); \ + authdir_init_fingerprint_list(); \ + list = authdir_return_fingerprint_list(); \ + STMT_END + +static void +test_dir_dirserv_router_get_status(void *arg) +{ + authdir_config_t *list; + routerinfo_t *ri = NULL; + ed25519_keypair_t kp1, kp2; + char d[DIGEST_LEN]; + char fp[HEX_DIGEST_LEN+1]; + int ret; + const char *msg; + time_t now = time(NULL); + + (void)arg; + + crypto_pk_t *pk = pk_generate(0); + + authdir_init_fingerprint_list(); + list = authdir_return_fingerprint_list(); + + /* Set up the routerinfo */ + ri = tor_malloc_zero(sizeof(routerinfo_t)); + ri->addr = 0xc0a80001u; + ri->or_port = 9001; + ri->platform = tor_strdup("0.4.0.1-alpha"); + ri->nickname = tor_strdup("Jessica"); + ri->identity_pkey = crypto_pk_dup_key(pk); + + curve25519_keypair_t ri_onion_keypair; + curve25519_keypair_generate(&ri_onion_keypair, 0); + ri->onion_curve25519_pkey = tor_memdup(&ri_onion_keypair.pubkey, + sizeof(curve25519_public_key_t)); + + ed25519_secret_key_from_seed(&kp1.seckey, + (const uint8_t*)"YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"); + ed25519_public_key_generate(&kp1.pubkey, &kp1.seckey); + ed25519_secret_key_from_seed(&kp2.seckey, + (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); + ri->cache_info.signing_key_cert = tor_cert_create(&kp1, + CERT_TYPE_ID_SIGNING, + &kp2.pubkey, + now, 86400, + CERT_FLAG_INCLUDE_SIGNING_KEY); + + crypto_pk_get_digest(ri->identity_pkey, d); + base16_encode(fp, HEX_DIGEST_LEN + 1, d, DIGEST_LEN); + + /* Try on an empty fingerprint list */ + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, 0); + RESET_FP_LIST(list); + + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, 0); + RESET_FP_LIST(list); + + /* Try an accepted router */ + add_rsa_fingerprint_to_dir(fp, list, 0); + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, 0); + RESET_FP_LIST(list); + + add_ed25519_to_dir(&kp1.pubkey, list, 0); + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, 0); + RESET_FP_LIST(list); + + /* Try a rejected router */ + add_rsa_fingerprint_to_dir(fp, list, RTR_REJECT); + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, RTR_REJECT); + RESET_FP_LIST(list); + + add_ed25519_to_dir(&kp1.pubkey, list, RTR_REJECT); + ret = dirserv_router_get_status(ri, &msg, LOG_INFO); + tt_int_op(ret, OP_EQ, RTR_REJECT); + RESET_FP_LIST(list); + + done: + dirserv_free_fingerprint_list(); + routerinfo_free(ri); + crypto_pk_free(pk); +} + +static void +test_dir_dirserv_would_reject_router(void *arg) +{ + authdir_config_t *list; + routerstatus_t rs; + vote_routerstatus_t vrs; + ed25519_keypair_t kp; + char fp[HEX_DIGEST_LEN+1]; + + (void)arg; + + authdir_init_fingerprint_list(); + list = authdir_return_fingerprint_list(); + + /* Set up the routerstatus */ + memset(&rs, 0, sizeof(rs)); + rs.addr = 0xc0a80001u; + rs.or_port = 9001; + strlcpy(rs.nickname, "Nicole", sizeof(rs.nickname)); + memcpy(rs.identity_digest, "Cloud nine is great ", DIGEST_LEN); + + ed25519_secret_key_from_seed(&kp.seckey, + (const uint8_t*)"YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"); + ed25519_public_key_generate(&kp.pubkey, &kp.seckey); + + base16_encode(fp, HEX_DIGEST_LEN + 1, rs.identity_digest, DIGEST_LEN); + + /* Setup the vote_routerstatus_t. */ + memcpy(vrs.ed25519_id, &kp.pubkey, ED25519_PUBKEY_LEN); + + /* Try an empty fingerprint list */ + tt_assert(!dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + tt_assert(!dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + /* Try an accepted router */ + add_rsa_fingerprint_to_dir(fp, list, 0); + tt_assert(!dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + add_ed25519_to_dir(&kp.pubkey, list, 0); + tt_assert(!dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + /* Try a rejected router */ + add_rsa_fingerprint_to_dir(fp, list, RTR_REJECT); + tt_assert(dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + add_ed25519_to_dir(&kp.pubkey, list, RTR_REJECT); + tt_assert(dirserv_would_reject_router(&rs, &vrs)); + RESET_FP_LIST(list); + + done: + dirserv_free_fingerprint_list(); +} + +static void +test_dir_dirserv_add_own_fingerprint(void *arg) +{ + authdir_config_t *list; + char digest[DIGEST_LEN]; + crypto_pk_t *pk = pk_generate(0); + + (void)arg; + + init_mock_ed_keys(pk); + authdir_init_fingerprint_list(); + list = authdir_return_fingerprint_list(); + dirserv_add_own_fingerprint(pk, get_master_identity_key()); + + /* Check if we have a RSA key. */ + crypto_pk_get_digest(pk, digest); + tt_assert(digestmap_get(list->status_by_digest, digest)); + + /* Check if we have a ed25519 key. */ + tt_assert(digest256map_get(list->status_by_digest256, + get_master_identity_key()->pubkey)); + + RESET_FP_LIST(list); + + done: + dirserv_free_fingerprint_list(); + crypto_pk_free(pk); +} + +#ifndef COCCI #define DIR_LEGACY(name) \ { #name, test_dir_ ## name , TT_FORK, NULL, NULL } @@ -6353,10 +7438,26 @@ test_dir_format_versions_list(void *arg) /* where arg is a string constant */ #define DIR_ARG(name,flags,arg) \ { #name "_" arg, test_dir_##name, (flags), &passthrough_setup, (void*) arg } +#endif /* !defined(COCCI) */ struct testcase_t dir_tests[] = { DIR_LEGACY(nicknames), - DIR_LEGACY(formats), + /* extrainfo without any stats */ + DIR_ARG(formats_rsa, TT_FORK, ""), + DIR_ARG(formats_rsa_ed25519, TT_FORK, ""), + /* on a bridge */ + DIR_ARG(formats_rsa, TT_FORK, "b"), + DIR_ARG(formats_rsa_ed25519, TT_FORK, "b"), + /* extrainfo with basic stats */ + DIR_ARG(formats_rsa, TT_FORK, "e"), + DIR_ARG(formats_rsa_ed25519, TT_FORK, "e"), + DIR_ARG(formats_rsa, TT_FORK, "be"), + DIR_ARG(formats_rsa_ed25519, TT_FORK, "be"), + /* extrainfo with all stats */ + DIR_ARG(formats_rsa, TT_FORK, "es"), + DIR_ARG(formats_rsa_ed25519, TT_FORK, "es"), + DIR_ARG(formats_rsa, TT_FORK, "bes"), + DIR_ARG(formats_rsa_ed25519, TT_FORK, "bes"), DIR(routerinfo_parsing, 0), DIR(extrainfo_parsing, 0), DIR(parse_router_list, TT_FORK), @@ -6370,6 +7471,7 @@ struct testcase_t dir_tests[] = { DIR_LEGACY(measured_bw_kb_line_is_after_headers), DIR_LEGACY(measured_bw_kb_cache), DIR_LEGACY(dirserv_read_measured_bandwidths), + DIR(bwauth_bw_file_digest256, 0), DIR_LEGACY(param_voting), DIR(param_voting_lookup, 0), DIR_LEGACY(v3_networkstatus), @@ -6378,7 +7480,7 @@ struct testcase_t dir_tests[] = { DIR_LEGACY(clip_unmeasured_bw_kb), DIR_LEGACY(clip_unmeasured_bw_kb_alt), DIR(fmt_control_ns, 0), - DIR(dirserv_set_routerstatus_testing, 0), + DIR(dirserv_set_routerstatus_testing, TT_FORK), DIR(http_handling, 0), DIR(purpose_needs_anonymity_returns_true_for_bridges, 0), DIR(purpose_needs_anonymity_returns_false_for_own_bridge_desc, 0), @@ -6410,9 +7512,14 @@ struct testcase_t dir_tests[] = { DIR_ARG(find_dl_min_delay, TT_FORK, "cfr"), DIR_ARG(find_dl_min_delay, TT_FORK, "car"), DIR(assumed_flags, 0), + DIR(matching_flags, 0), DIR(networkstatus_compute_bw_weights_v10, 0), DIR(platform_str, 0), - DIR(networkstatus_consensus_has_ipv6, TT_FORK), DIR(format_versions_list, TT_FORK), + DIR(add_fingerprint, TT_FORK), + DIR(dirserv_load_fingerprint_file, TT_FORK), + DIR(dirserv_router_get_status, TT_FORK), + DIR(dirserv_would_reject_router, TT_FORK), + DIR(dirserv_add_own_fingerprint, TT_FORK), END_OF_TESTCASES }; diff --git a/src/test/test_dir_common.c b/src/test/test_dir_common.c index 3723d6c31b..f2b4e8724b 100644 --- a/src/test/test_dir_common.c +++ b/src/test/test_dir_common.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -13,7 +13,7 @@ #include "feature/dirparse/authcert_parse.h" #include "feature/dirparse/ns_parse.h" #include "test/test_dir_common.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/nodelist/authority_cert_st.h" #include "feature/nodelist/networkstatus_st.h" @@ -42,14 +42,20 @@ dir_common_authority_pk_init(authority_cert_t **cert1, { /* Parse certificates and keys. */ authority_cert_t *cert; - cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); tt_assert(cert); tt_assert(cert->identity_key); *cert1 = cert; tt_assert(*cert1); - *cert2 = authority_cert_parse_from_string(AUTHORITY_CERT_2, NULL); + *cert2 = authority_cert_parse_from_string(AUTHORITY_CERT_2, + strlen(AUTHORITY_CERT_2), + NULL); tt_assert(*cert2); - *cert3 = authority_cert_parse_from_string(AUTHORITY_CERT_3, NULL); + *cert3 = authority_cert_parse_from_string(AUTHORITY_CERT_3, + strlen(AUTHORITY_CERT_3), + NULL); tt_assert(*cert3); *sign_skey_1 = crypto_pk_new(); *sign_skey_2 = crypto_pk_new(); @@ -266,7 +272,9 @@ dir_common_add_rs_and_parse(networkstatus_t *vote, networkstatus_t **vote_out, /* dump the vote and try to parse it. */ v_text = format_networkstatus_vote(sign_skey, vote); tt_assert(v_text); - *vote_out = networkstatus_parse_vote_from_string(v_text, NULL, NS_TYPE_VOTE); + *vote_out = networkstatus_parse_vote_from_string(v_text, + strlen(v_text), + NULL, NS_TYPE_VOTE); done: if (v_text) @@ -424,4 +432,3 @@ dir_common_construct_vote_3(networkstatus_t **vote, authority_cert_t *cert, return 0; } - diff --git a/src/test/test_dir_common.h b/src/test/test_dir_common.h index d6c5241b14..d37496465c 100644 --- a/src/test/test_dir_common.h +++ b/src/test/test_dir_common.h @@ -1,8 +1,11 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#ifndef TOR_TEST_DIR_COMMON_H +#define TOR_TEST_DIR_COMMON_H + #include "core/or/or.h" #include "feature/nodelist/networkstatus.h" @@ -49,3 +52,4 @@ int dir_common_construct_vote_3(networkstatus_t **vote, networkstatus_t **vote_out, int *n_vrs, time_t now, int clear_rl); +#endif /* !defined(TOR_TEST_DIR_COMMON_H) */ diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 90691fff94..f446bbb5eb 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define RENDCOMMON_PRIVATE @@ -20,6 +20,7 @@ #include "lib/compress/compress.h" #include "feature/rend/rendcommon.h" #include "feature/rend/rendcache.h" +#include "feature/relay/relay_config.h" #include "feature/relay/router.h" #include "feature/nodelist/authcert.h" #include "feature/nodelist/dirlist.h" @@ -37,7 +38,7 @@ #include "feature/dircache/dirserv.h" #include "feature/dirauth/dirvote.h" #include "test/log_test_helpers.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/dircommon/dir_connection_st.h" #include "feature/dirclient/dir_server_st.h" @@ -54,17 +55,15 @@ #endif /* defined(_WIN32) */ #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -DISABLE_GCC_WARNING(overlength-strings) +DISABLE_GCC_WARNING("-Woverlength-strings") /* We allow huge string constants in the unit tests, but not in the code * at large. */ #endif #include "vote_descriptors.inc" #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -ENABLE_GCC_WARNING(overlength-strings) +ENABLE_GCC_WARNING("-Woverlength-strings") #endif -#define NS_MODULE dir_handle_get - #define NOT_FOUND "HTTP/1.0 404 Not found\r\n\r\n" #define BAD_REQUEST "HTTP/1.0 400 Bad request\r\n\r\n" #define SERVER_BUSY "HTTP/1.0 503 Directory busy, try again later\r\n\r\n" @@ -72,6 +71,8 @@ ENABLE_GCC_WARNING(overlength-strings) #define NOT_ENOUGH_CONSENSUS_SIGNATURES "HTTP/1.0 404 " \ "Consensus not signed by sufficient number of requested authorities\r\n\r\n" +#define consdiffmgr_add_consensus consdiffmgr_add_consensus_nulterm + static dir_connection_t * new_dir_conn(void) { @@ -116,7 +117,7 @@ test_dir_handle_get_v1_command_not_found(void *data) conn = new_dir_conn(); // no frontpage configured - tt_ptr_op(get_dirportfrontpage(), OP_EQ, NULL); + tt_ptr_op(relay_get_dirportfrontpage(), OP_EQ, NULL); /* V1 path */ tt_int_op(directory_handle_command_get(conn, GET("/tor/"), NULL, 0), @@ -150,9 +151,9 @@ test_dir_handle_get_v1_command(void *data) (void) data; MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); - MOCK(get_dirportfrontpage, mock_get_dirportfrontpage); + MOCK(relay_get_dirportfrontpage, mock_get_dirportfrontpage); - exp_body = get_dirportfrontpage(); + exp_body = relay_get_dirportfrontpage(); body_len = strlen(exp_body); conn = new_dir_conn(); @@ -175,7 +176,7 @@ test_dir_handle_get_v1_command(void *data) done: UNMOCK(connection_write_to_buf_impl_); - UNMOCK(get_dirportfrontpage); + UNMOCK(relay_get_dirportfrontpage); connection_free_minimal(TO_CONN(conn)); tor_free(header); tor_free(body); @@ -255,7 +256,7 @@ test_dir_handle_get_rendezvous2_not_found_if_not_encrypted(void *data) conn = new_dir_conn(); // connection is not encrypted - tt_assert(!connection_dir_is_encrypted(conn)) + tt_assert(!connection_dir_is_encrypted(conn)); tt_int_op(directory_handle_command_get(conn, RENDEZVOUS2_GET(), NULL, 0), OP_EQ, 0); @@ -361,12 +362,13 @@ test_dir_handle_get_rendezvous2_not_found(void *data) rend_cache_free_all(); } -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); +static const routerinfo_t * dhg_tests_router_get_my_routerinfo(void); +ATTR_UNUSED static int dhg_tests_router_get_my_routerinfo_called = 0; static routerinfo_t *mock_routerinfo; static const routerinfo_t * -NS(router_get_my_routerinfo)(void) +dhg_tests_router_get_my_routerinfo(void) { if (!mock_routerinfo) { mock_routerinfo = tor_malloc_zero(sizeof(routerinfo_t)); @@ -391,7 +393,8 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data) (void) data; MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + dhg_tests_router_get_my_routerinfo); rend_cache_init(); @@ -434,7 +437,7 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data) done: UNMOCK(connection_write_to_buf_impl_); - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); connection_free_minimal(TO_CONN(conn)); tor_free(header); @@ -477,8 +480,7 @@ static or_options_t *mock_options = NULL; static void init_mock_options(void) { - mock_options = tor_malloc(sizeof(or_options_t)); - memset(mock_options, 0, sizeof(or_options_t)); + mock_options = options_new(); mock_options->TestingTorNetwork = 1; mock_options->DataDirectory = tor_strdup(get_fname_rnd("datadir_tmp")); mock_options->CacheDirectory = tor_strdup(mock_options->DataDirectory); @@ -767,7 +769,8 @@ test_dir_handle_get_server_descriptors_all(void* data) helper_setup_fake_routerlist(); //TODO: change to router_get_my_extrainfo when testing "extra" path - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + dhg_tests_router_get_my_routerinfo); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); // We are one of the routers @@ -809,7 +812,7 @@ test_dir_handle_get_server_descriptors_all(void* data) tt_ptr_op(conn->spool, OP_EQ, NULL); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); UNMOCK(connection_write_to_buf_impl_); connection_free_minimal(TO_CONN(conn)); tor_free(header); @@ -866,7 +869,8 @@ test_dir_handle_get_server_descriptors_authority(void* data) crypto_pk_t *identity_pkey = pk_generate(0); (void) data; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + dhg_tests_router_get_my_routerinfo); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); /* init mock */ @@ -911,7 +915,7 @@ test_dir_handle_get_server_descriptors_authority(void* data) tt_ptr_op(conn->spool, OP_EQ, NULL); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); UNMOCK(connection_write_to_buf_impl_); tor_free(mock_routerinfo->cache_info.signed_descriptor_body); tor_free(mock_routerinfo); @@ -931,7 +935,8 @@ test_dir_handle_get_server_descriptors_fp(void* data) crypto_pk_t *identity_pkey = pk_generate(0); (void) data; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + dhg_tests_router_get_my_routerinfo); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); /* init mock */ @@ -983,7 +988,7 @@ test_dir_handle_get_server_descriptors_fp(void* data) tt_ptr_op(conn->spool, OP_EQ, NULL); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); UNMOCK(connection_write_to_buf_impl_); tor_free(mock_routerinfo->cache_info.signed_descriptor_body); tor_free(mock_routerinfo); @@ -1275,7 +1280,9 @@ test_dir_handle_get_server_keys_authority(void* data) size_t body_used = 0; (void) data; - mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, NULL); + mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, + strlen(TEST_CERTIFICATE), + NULL); MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); @@ -1425,7 +1432,9 @@ test_dir_handle_get_server_keys_sk(void* data) size_t body_used = 0; (void) data; - mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, NULL); + mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, + strlen(TEST_CERTIFICATE), + NULL); MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); @@ -1783,13 +1792,14 @@ test_dir_handle_get_status_vote_current_consensus_too_old(void *data) or_options_free(mock_options); mock_options = NULL; } -NS_DECL(int, geoip_get_country_by_addr, (const tor_addr_t *addr)); +static int dhg_tests_geoip_get_country_by_addr(const tor_addr_t *addr); +ATTR_UNUSED static int dhg_tests_geoip_get_country_by_addr_called = 0; int -NS(geoip_get_country_by_addr)(const tor_addr_t *addr) +dhg_tests_geoip_get_country_by_addr(const tor_addr_t *addr) { (void)addr; - CALLED(geoip_get_country_by_addr)++; + dhg_tests_geoip_get_country_by_addr_called++; return 1; } @@ -1853,7 +1863,8 @@ test_dir_handle_get_status_vote_current_consensus_ns(void* data) dirserv_free_all(); clear_geoip_db(); - NS_MOCK(geoip_get_country_by_addr); + MOCK(geoip_get_country_by_addr, + dhg_tests_geoip_get_country_by_addr); MOCK(get_options, mock_get_options); init_mock_options(); @@ -1890,7 +1901,7 @@ test_dir_handle_get_status_vote_current_consensus_ns(void* data) tt_str_op("ab=8", OP_EQ, hist); done: - NS_UNMOCK(geoip_get_country_by_addr); + UNMOCK(geoip_get_country_by_addr); UNMOCK(get_options); tor_free(header); tor_free(comp_body); @@ -2069,12 +2080,12 @@ test_dir_handle_get_status_vote_d(void* data) mock_options->TestingV3AuthInitialDistDelay = 1; time_t now = 1441223455 -1; - voting_schedule_recalculate_timing(mock_options, now); + dirauth_sched_recalculate_timing(mock_options, now); const char *msg_out = NULL; int status_out = 0; - struct pending_vote_t *pv = dirvote_add_vote(VOTE_BODY_V3, &msg_out, - &status_out); + struct pending_vote_t *pv = dirvote_add_vote(VOTE_BODY_V3, 0, + &msg_out, &status_out); tt_assert(pv); status_vote_current_d_test(&header, &body, &body_used); @@ -2217,11 +2228,36 @@ test_dir_handle_get_status_vote_next_authority_not_found(void* data) tor_free(header); } -NS_DECL(const char*, -dirvote_get_pending_consensus, (consensus_flavor_t flav)); +static void +test_dir_handle_get_status_vote_next_bandwidth_not_found(void* data) +{ + dir_connection_t *conn = NULL; + char *header = NULL; + (void) data; + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + conn = new_dir_conn(); + + tt_int_op(0, OP_EQ, directory_handle_command_get(conn, + GET("/tor/status-vote/next/bandwdith"), NULL, 0)); + + fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE, + NULL, NULL, 1, 0); + tt_assert(header); + tt_str_op(NOT_FOUND, OP_EQ, header); + + done: + UNMOCK(connection_write_to_buf_impl_); + connection_free_minimal(TO_CONN(conn)); + tor_free(header); +} + +static const char* dhg_tests_dirvote_get_pending_consensus( + consensus_flavor_t flav); const char* -NS(dirvote_get_pending_consensus)(consensus_flavor_t flav) +dhg_tests_dirvote_get_pending_consensus(consensus_flavor_t flav) { (void)flav; return "pending consensus"; @@ -2234,7 +2270,8 @@ test_dir_handle_get_status_vote_next_consensus(void* data) size_t body_used = 0; (void) data; - NS_MOCK(dirvote_get_pending_consensus); + MOCK(dirvote_get_pending_consensus, + dhg_tests_dirvote_get_pending_consensus); status_vote_next_consensus_test(&header, &body, &body_used); tt_assert(header); @@ -2247,7 +2284,7 @@ test_dir_handle_get_status_vote_next_consensus(void* data) tt_str_op("pending consensus", OP_EQ, body); done: - NS_UNMOCK(dirvote_get_pending_consensus); + UNMOCK(dirvote_get_pending_consensus); tor_free(header); tor_free(body); } @@ -2260,7 +2297,8 @@ test_dir_handle_get_status_vote_next_consensus_busy(void* data) (void) data; MOCK(get_options, mock_get_options); - NS_MOCK(dirvote_get_pending_consensus); + MOCK(dirvote_get_pending_consensus, + dhg_tests_dirvote_get_pending_consensus); //Make it busy init_mock_options(); @@ -2272,7 +2310,7 @@ test_dir_handle_get_status_vote_next_consensus_busy(void* data) tt_str_op(SERVER_BUSY, OP_EQ, header); done: - NS_UNMOCK(dirvote_get_pending_consensus); + UNMOCK(dirvote_get_pending_consensus); UNMOCK(get_options); tor_free(header); tor_free(body); @@ -2316,11 +2354,10 @@ test_dir_handle_get_status_vote_next_consensus_signatures_not_found(void* data) tor_free(body); } -NS_DECL(const char*, -dirvote_get_pending_detached_signatures, (void)); +static const char* dhg_tests_dirvote_get_pending_detached_signatures(void); const char* -NS(dirvote_get_pending_detached_signatures)(void) +dhg_tests_dirvote_get_pending_detached_signatures(void) { return "pending detached sigs"; } @@ -2332,7 +2369,8 @@ test_dir_handle_get_status_vote_next_consensus_signatures(void* data) size_t body_used = 0; (void) data; - NS_MOCK(dirvote_get_pending_detached_signatures); + MOCK(dirvote_get_pending_detached_signatures, + dhg_tests_dirvote_get_pending_detached_signatures); status_vote_next_consensus_signatures_test(&header, &body, &body_used); tt_assert(header); @@ -2345,7 +2383,7 @@ test_dir_handle_get_status_vote_next_consensus_signatures(void* data) tt_str_op("pending detached sigs", OP_EQ, body); done: - NS_UNMOCK(dirvote_get_pending_detached_signatures); + UNMOCK(dirvote_get_pending_detached_signatures); tor_free(header); tor_free(body); } @@ -2357,7 +2395,8 @@ test_dir_handle_get_status_vote_next_consensus_signatures_busy(void* data) size_t body_used; (void) data; - NS_MOCK(dirvote_get_pending_detached_signatures); + MOCK(dirvote_get_pending_detached_signatures, + dhg_tests_dirvote_get_pending_detached_signatures); MOCK(get_options, mock_get_options); //Make it busy @@ -2371,7 +2410,7 @@ test_dir_handle_get_status_vote_next_consensus_signatures_busy(void* data) done: UNMOCK(get_options); - NS_UNMOCK(dirvote_get_pending_detached_signatures); + UNMOCK(dirvote_get_pending_detached_signatures); tor_free(header); tor_free(body); or_options_free(mock_options); mock_options = NULL; @@ -2393,7 +2432,9 @@ test_dir_handle_get_status_vote_next_authority(void* data) routerlist_free_all(); dirvote_free_all(); - mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, NULL); + mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, + strlen(TEST_CERTIFICATE), + NULL); /* create a trusted ds */ ds = trusted_dir_server_new("ds", "127.0.0.1", 9059, 9060, NULL, digest, @@ -2416,10 +2457,10 @@ test_dir_handle_get_status_vote_next_authority(void* data) mock_options->TestingV3AuthInitialDistDelay = 1; time_t now = 1441223455 -1; - voting_schedule_recalculate_timing(mock_options, now); + dirauth_sched_recalculate_timing(mock_options, now); - struct pending_vote_t *vote = dirvote_add_vote(VOTE_BODY_V3, &msg_out, - &status_out); + struct pending_vote_t *vote = dirvote_add_vote(VOTE_BODY_V3, 0, + &msg_out, &status_out); tt_assert(vote); MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); @@ -2455,6 +2496,85 @@ test_dir_handle_get_status_vote_next_authority(void* data) } static void +test_dir_handle_get_status_vote_next_bandwidth(void* data) +{ + dir_connection_t *conn = NULL; + char *header = NULL, *body = NULL; + size_t body_used = 0; + (void) data; + + const char *content = + "1541171221\n" + "node_id=$68A483E05A2ABDCA6DA5A3EF8DB5177638A27F80 " + "master_key_ed25519=YaqV4vbvPYKucElk297eVdNArDz9HtIwUoIeo0+cVIpQ " + "bw=760 nick=Test time=2018-05-08T16:13:26\n"; + + init_mock_options(); + MOCK(get_options, mock_get_options); + mock_options->V3BandwidthsFile = tor_strdup( + get_fname_rnd("V3BandwidthsFile") + ); + + write_str_to_file(mock_options->V3BandwidthsFile, content, 0); + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + conn = new_dir_conn(); + tt_int_op(0, OP_EQ, directory_handle_command_get(conn, + GET("/tor/status-vote/next/bandwidth"), NULL, 0)); + + fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE, + &body, &body_used, strlen(content)+1, 0); + + tt_assert(header); + tt_ptr_op(strstr(header, "HTTP/1.0 200 OK\r\n"), OP_EQ, header); + tt_assert(strstr(header, "Content-Type: text/plain\r\n")); + tt_assert(strstr(header, "Content-Encoding: identity\r\n")); + tt_assert(strstr(header, "Content-Length: 167\r\n")); + + /* Check cache lifetime */ + char expbuf[RFC1123_TIME_LEN+1]; + time_t now = approx_time(); + /* BANDWIDTH_CACHE_LIFETIME is defined in dircache.c. */ + format_rfc1123_time(expbuf, (time_t)(now + 30*60)); + char *expires = NULL; + /* Change to 'Cache-control: max-age=%d' if using http/1.1. */ + tor_asprintf(&expires, "Expires: %s\r\n", expbuf); + tt_assert(strstr(header, expires)); + + tt_int_op(body_used, OP_EQ, strlen(body)); + tt_str_op(content, OP_EQ, body); + + tor_free(header); + tor_free(body); + + /* Request the file using compression, the result should be the same. */ + tt_int_op(0, OP_EQ, directory_handle_command_get(conn, + GET("/tor/status-vote/next/bandwidth.z"), NULL, 0)); + + fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE, + &body, &body_used, strlen(content)+1, 0); + + tt_assert(header); + tt_ptr_op(strstr(header, "HTTP/1.0 200 OK\r\n"), OP_EQ, header); + tt_assert(strstr(header, "Content-Encoding: deflate\r\n")); + + /* Since using connection_write_to_buf_mock instead of mocking + * connection_buf_add_compress, the content is not actually compressed. + * If it would, the size and content would be different than the original. + */ + + done: + UNMOCK(get_options); + UNMOCK(connection_write_to_buf_impl_); + connection_free_minimal(TO_CONN(conn)); + tor_free(header); + tor_free(body); + tor_free(expires); + or_options_free(mock_options); +} + +static void test_dir_handle_get_status_vote_current_authority(void* data) { dir_connection_t *conn = NULL; @@ -2471,7 +2591,9 @@ test_dir_handle_get_status_vote_current_authority(void* data) routerlist_free_all(); dirvote_free_all(); - mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, NULL); + mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, + strlen(TEST_CERTIFICATE), + NULL); /* create a trusted ds */ ds = trusted_dir_server_new("ds", "127.0.0.1", 9059, 9060, NULL, digest, @@ -2495,10 +2617,10 @@ test_dir_handle_get_status_vote_current_authority(void* data) mock_options->TestingV3AuthInitialDistDelay = 1; time_t now = 1441223455; - voting_schedule_recalculate_timing(mock_options, now-1); + dirauth_sched_recalculate_timing(mock_options, now-1); - struct pending_vote_t *vote = dirvote_add_vote(VOTE_BODY_V3, &msg_out, - &status_out); + struct pending_vote_t *vote = dirvote_add_vote(VOTE_BODY_V3, 0, + &msg_out, &status_out); tt_assert(vote); // move the pending vote to previous vote @@ -2536,6 +2658,183 @@ test_dir_handle_get_status_vote_current_authority(void* data) dirvote_free_all(); } +/* Test that a late vote is rejected, but an on-time vote is accepted. */ +static void +test_dir_handle_get_status_vote_too_late(void* data) +{ + dir_connection_t *conn = NULL; + char *header = NULL, *body = NULL; + const char *msg_out = NULL; + int status_out = 0; + size_t body_used = 0; + const char digest[DIGEST_LEN] = ""; + + dir_server_t *ds = NULL; + const char* mode = (const char *)data; + + clear_dir_servers(); + routerlist_free_all(); + dirvote_free_all(); + + mock_cert = authority_cert_parse_from_string(TEST_CERTIFICATE, + strlen(TEST_CERTIFICATE), + NULL); + + /* create a trusted ds */ + ds = trusted_dir_server_new("ds", "127.0.0.1", 9059, 9060, NULL, digest, + NULL, V3_DIRINFO, 1.0); + tt_assert(ds); + dir_server_add(ds); + + /* ds v3_identity_digest is the certificate's identity_key */ + base16_decode(ds->v3_identity_digest, DIGEST_LEN, + TEST_CERT_IDENT_KEY, HEX_DIGEST_LEN); + + tt_int_op(0, OP_EQ, trusted_dirs_load_certs_from_string(TEST_CERTIFICATE, + TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST, 1, NULL)); + + init_mock_options(); + mock_options->AuthoritativeDir = 1; + mock_options->V3AuthoritativeDir = 1; + + int base_delay = 0; + int vote_interval = 0; + int start_offset = 0; + + tt_assert(mode); + /* Set the required timings, see below for details */ + if (strcmp(mode, "min") == 0) { + /* The minimum valid test network timing */ + base_delay = 2; + vote_interval = 10; + start_offset = vote_interval - 5; + } else if (strcmp(mode, "chutney") == 0) { + /* The test network timing used by chutney */ + base_delay = 4; + vote_interval = 20; + start_offset = vote_interval - 5; + } else if (strcmp(mode, "half-public") == 0) { + /* The short consensus failure timing used in the public network */ + base_delay = 5*60; + vote_interval = 30*60; + start_offset = vote_interval - 9*60 - 5; + } else if (strcmp(mode, "public") == 0) { + /* The standard timing used in the public network */ + base_delay = 5*60; + vote_interval = 60*60; + start_offset = vote_interval - 9*60 - 5; + } + + tt_assert(base_delay > 0); + tt_assert(vote_interval > 0); + tt_assert(start_offset > 0); + + /* Skew the time to fit the fixed time in the vote */ + mock_options->TestingV3AuthVotingStartOffset = start_offset; + /* Calculate the rest of the timings */ + mock_options->TestingV3AuthInitialVotingInterval = vote_interval; + mock_options->TestingV3AuthInitialVoteDelay = base_delay; + mock_options->TestingV3AuthInitialDistDelay = base_delay; + + time_t now = 1441223455; + dirauth_sched_recalculate_timing(mock_options, now-1); + const time_t voting_starts = voting_schedule.voting_starts; + const time_t fetch_missing = voting_schedule.fetch_missing_votes; + + struct pending_vote_t *vote = NULL; + + /* Next voting interval */ + vote = dirvote_add_vote(VOTE_BODY_V3, + fetch_missing + vote_interval, + &msg_out, &status_out); + tt_assert(!vote); + tt_int_op(status_out, OP_EQ, 400); + tt_str_op(msg_out, OP_EQ, + "Posted vote received too late, would be dangerous to count it"); + + /* Just after fetch missing */ + vote = dirvote_add_vote(VOTE_BODY_V3, + fetch_missing + 1, + &msg_out, &status_out); + tt_assert(!vote); + tt_int_op(status_out, OP_EQ, 400); + tt_str_op(msg_out, OP_EQ, + "Posted vote received too late, would be dangerous to count it"); + + /* On fetch missing */ + vote = dirvote_add_vote(VOTE_BODY_V3, + fetch_missing, + &msg_out, &status_out); + tt_assert(vote); + + /* Move the pending vote to previous vote */ + dirvote_act(mock_options, now+1); + /* And reset the timing */ + dirauth_sched_recalculate_timing(mock_options, now-1); + + /* Between voting starts and fetch missing */ + vote = dirvote_add_vote(VOTE_BODY_V3, + voting_starts + 1, + &msg_out, &status_out); + tt_assert(vote); + + /* Move the pending vote to previous vote */ + dirvote_act(mock_options, now+1); + /* And reset the timing */ + dirauth_sched_recalculate_timing(mock_options, now-1); + + /* On voting starts */ + vote = dirvote_add_vote(VOTE_BODY_V3, + voting_starts, + &msg_out, &status_out); + tt_assert(vote); + + /* Move the pending vote to previous vote */ + dirvote_act(mock_options, now+1); + /* And reset the timing */ + dirauth_sched_recalculate_timing(mock_options, now-1); + + /* Just before voting starts */ + vote = dirvote_add_vote(VOTE_BODY_V3, + voting_starts - 1, + &msg_out, &status_out); + tt_assert(vote); + + /* Move the pending vote to previous vote */ + dirvote_act(mock_options, now+1); + + MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + conn = new_dir_conn(); + tt_int_op(0, OP_EQ, directory_handle_command_get(conn, + GET("/tor/status-vote/current/authority"), NULL, 0)); + + fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE, + &body, &body_used, strlen(VOTE_BODY_V3)+1, 0); + + tt_assert(header); + tt_ptr_op(strstr(header, "HTTP/1.0 200 OK\r\n"), OP_EQ, header); + tt_assert(strstr(header, "Content-Type: text/plain\r\n")); + tt_assert(strstr(header, "Content-Encoding: identity\r\n")); + tt_assert(strstr(header, "Content-Length: 4135\r\n")); + + tt_str_op(VOTE_BODY_V3, OP_EQ, body); + + done: + UNMOCK(connection_write_to_buf_impl_); + UNMOCK(get_my_v3_authority_cert); + connection_free_minimal(TO_CONN(conn)); + tor_free(header); + tor_free(body); + authority_cert_free(mock_cert); mock_cert = NULL; + or_options_free(mock_options); mock_options = NULL; + + clear_dir_servers(); + routerlist_free_all(); + dirvote_free_all(); +} + static void test_dir_handle_get_parse_accept_encoding(void *arg) { @@ -2586,6 +2885,16 @@ test_dir_handle_get_parse_accept_encoding(void *arg) #define DIR_HANDLE_CMD(name,flags) \ { #name, test_dir_handle_get_##name, (flags), NULL, NULL } +#ifdef COCCI +/* Coccinelle doesn't like the stringification in this macro */ +#define DIR_HANDLE_CMD_ARG(name,flags,arg) \ + DIR_HANDLE_CMD(name,flags) +#else +#define DIR_HANDLE_CMD_ARG(name,flags,arg) \ + { #name "/" arg, test_dir_handle_get_##name, (flags), \ + &passthrough_setup, (void *)(arg) } +#endif /* defined(COCCI) */ + struct testcase_t dir_handle_get_tests[] = { DIR_HANDLE_CMD(not_found, 0), DIR_HANDLE_CMD(bad_request, 0), @@ -2625,8 +2934,14 @@ struct testcase_t dir_handle_get_tests[] = { DIR_HANDLE_CMD(status_vote_next_not_found, 0), DIR_HANDLE_CMD(status_vote_current_authority_not_found, 0), DIR_HANDLE_CMD(status_vote_current_authority, 0), + DIR_HANDLE_CMD_ARG(status_vote_too_late, 0, "min"), + DIR_HANDLE_CMD_ARG(status_vote_too_late, 0, "chutney"), + DIR_HANDLE_CMD_ARG(status_vote_too_late, 0, "half-public"), + DIR_HANDLE_CMD_ARG(status_vote_too_late, 0, "public"), DIR_HANDLE_CMD(status_vote_next_authority_not_found, 0), DIR_HANDLE_CMD(status_vote_next_authority, 0), + DIR_HANDLE_CMD(status_vote_next_bandwidth_not_found, 0), + DIR_HANDLE_CMD(status_vote_next_bandwidth, 0), DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_enough_sigs, TT_FORK), DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_found, TT_FORK), DIR_HANDLE_CMD(status_vote_current_consensus_too_old, TT_FORK), diff --git a/src/test/test_dispatch.c b/src/test/test_dispatch.c new file mode 100644 index 0000000000..77f33e4b15 --- /dev/null +++ b/src/test/test_dispatch.c @@ -0,0 +1,278 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define DISPATCH_NEW_PRIVATE +#define DISPATCH_PRIVATE + +#include "test/test.h" + +#include "lib/dispatch/dispatch.h" +#include "lib/dispatch/dispatch_cfg.h" +#include "lib/dispatch/dispatch_st.h" +#include "lib/dispatch/msgtypes.h" + +#include "lib/log/escape.h" +#include "lib/malloc/malloc.h" +#include "lib/string/printf.h" + +#include <stdio.h> +#include <string.h> + +static dispatch_t *dispatcher_in_use=NULL; + +static void +test_dispatch_max_in_u16_sl(void *arg) +{ + (void)arg; + smartlist_t *sl = smartlist_new(); + uint16_t nums[] = { 10, 20, 30 }; + tt_int_op(-1, OP_EQ, max_in_u16_sl(sl, -1)); + + smartlist_add(sl, NULL); + tt_int_op(-1, OP_EQ, max_in_u16_sl(sl, -1)); + + smartlist_add(sl, &nums[1]); + tt_int_op(20, OP_EQ, max_in_u16_sl(sl, -1)); + + smartlist_add(sl, &nums[0]); + tt_int_op(20, OP_EQ, max_in_u16_sl(sl, -1)); + + smartlist_add(sl, NULL); + tt_int_op(20, OP_EQ, max_in_u16_sl(sl, -1)); + + smartlist_add(sl, &nums[2]); + tt_int_op(30, OP_EQ, max_in_u16_sl(sl, -1)); + + done: + smartlist_free(sl); +} + +/* Construct an empty dispatch_t. */ +static void +test_dispatch_empty(void *arg) +{ + (void)arg; + + dispatch_t *d=NULL; + dispatch_cfg_t *cfg=NULL; + + cfg = dcfg_new(); + d = dispatch_new(cfg); + tt_assert(d); + + done: + dispatch_free(d); + dcfg_free(cfg); +} + +static int total_recv1_simple = 0; +static int total_recv2_simple = 0; + +static void +simple_recv1(const msg_t *m) +{ + total_recv1_simple += m->aux_data__.u64; +} + +static char *recv2_received = NULL; + +static void +simple_recv2(const msg_t *m) +{ + tor_free(recv2_received); + recv2_received = dispatch_fmt_msg_data(dispatcher_in_use, m); + + total_recv2_simple += m->aux_data__.u64*10; +} + +/* Construct a dispatch_t with two messages, make sure that they both get + * delivered. */ +static void +test_dispatch_simple(void *arg) +{ + (void)arg; + + dispatch_t *d=NULL; + dispatch_cfg_t *cfg=NULL; + int r; + + cfg = dcfg_new(); + r = dcfg_msg_set_type(cfg,0,0); + r += dcfg_msg_set_chan(cfg,0,0); + r += dcfg_add_recv(cfg,0,1,simple_recv1); + r += dcfg_msg_set_type(cfg,1,0); + r += dcfg_msg_set_chan(cfg,1,0); + r += dcfg_add_recv(cfg,1,1,simple_recv2); + r += dcfg_add_recv(cfg,1,1,simple_recv2); /* second copy */ + tt_int_op(r, OP_EQ, 0); + + d = dispatch_new(cfg); + tt_assert(d); + dispatcher_in_use = d; + + msg_aux_data_t data = {.u64 = 7}; + r = dispatch_send(d, 99, 0, 0, 0, data); + tt_int_op(r, OP_EQ, 0); + tt_int_op(total_recv1_simple, OP_EQ, 0); + + r = dispatch_flush(d, 0, INT_MAX); + tt_int_op(r, OP_EQ, 0); + tt_int_op(total_recv1_simple, OP_EQ, 7); + tt_int_op(total_recv2_simple, OP_EQ, 0); + + total_recv1_simple = 0; + r = dispatch_send(d, 99, 0, 1, 0, data); + tt_int_op(r, OP_EQ, 0); + r = dispatch_flush(d, 0, INT_MAX); + tt_int_op(total_recv1_simple, OP_EQ, 0); + tt_int_op(total_recv2_simple, OP_EQ, 140); + + tt_str_op(recv2_received, OP_EQ, "<>"); // no format function was set. + + done: + dispatch_free(d); + dcfg_free(cfg); + tor_free(recv2_received); +} + +/* Construct a dispatch_t with a message and no reciever; make sure that it + * gets dropped properly. */ +static void +test_dispatch_no_recipient(void *arg) +{ + (void)arg; + + dispatch_t *d=NULL; + dispatch_cfg_t *cfg=NULL; + int r; + + cfg = dcfg_new(); + r = dcfg_msg_set_type(cfg,0,0); + r += dcfg_msg_set_chan(cfg,0,0); + tt_int_op(r, OP_EQ, 0); + + d = dispatch_new(cfg); + tt_assert(d); + dispatcher_in_use = d; + + msg_aux_data_t data = { .u64 = 7}; + r = dispatch_send(d, 99, 0, 0, 0, data); + tt_int_op(r, OP_EQ, 0); + + r = dispatch_flush(d, 0, INT_MAX); + tt_int_op(r, OP_EQ, 0); + + done: + dispatch_free(d); + dcfg_free(cfg); +} + +struct coord_t { int x; int y; }; +static void +free_coord(msg_aux_data_t d) +{ + tor_free(d.ptr); +} +static char * +fmt_coord(msg_aux_data_t d) +{ + char *v; + struct coord_t *c = d.ptr; + tor_asprintf(&v, "[%d, %d]", c->x, c->y); + return v; +} +static dispatch_typefns_t coord_fns = { + .fmt_fn = fmt_coord, + .free_fn = free_coord, +}; +static void +alert_run_immediate(dispatch_t *d, channel_id_t ch, void *arg) +{ + (void)arg; + dispatch_flush(d, ch, INT_MAX); +} + +static char *received_data=NULL; + +static void +recv_typed_data(const msg_t *m) +{ + tor_free(received_data); + received_data = dispatch_fmt_msg_data(dispatcher_in_use, m); +} + +static void +test_dispatch_with_types(void *arg) +{ + (void)arg; + + dispatch_t *d=NULL; + dispatch_cfg_t *cfg=NULL; + int r; + + cfg = dcfg_new(); + r = dcfg_msg_set_type(cfg,5,3); + r += dcfg_msg_set_chan(cfg,5,2); + r += dcfg_add_recv(cfg,5,0,recv_typed_data); + r += dcfg_type_set_fns(cfg,3,&coord_fns); + tt_int_op(r, OP_EQ, 0); + + d = dispatch_new(cfg); + tt_assert(d); + dispatcher_in_use = d; + + /* Make this message get run immediately. */ + r = dispatch_set_alert_fn(d, 2, alert_run_immediate, NULL); + tt_int_op(r, OP_EQ, 0); + + struct coord_t *xy = tor_malloc(sizeof(*xy)); + xy->x = 13; + xy->y = 37; + msg_aux_data_t data = {.ptr = xy}; + r = dispatch_send(d, 99/*sender*/, 2/*channel*/, 5/*msg*/, 3/*type*/, data); + tt_int_op(r, OP_EQ, 0); + tt_str_op(received_data, OP_EQ, "[13, 37]"); + + done: + dispatch_free(d); + dcfg_free(cfg); + tor_free(received_data); + dispatcher_in_use = NULL; +} + +static void +test_dispatch_bad_type_setup(void *arg) +{ + (void)arg; + static dispatch_typefns_t fns; + dispatch_cfg_t *cfg = dcfg_new(); + + tt_int_op(0, OP_EQ, dcfg_type_set_fns(cfg, 7, &coord_fns)); + + fns = coord_fns; + fns.fmt_fn = NULL; + tt_int_op(-1, OP_EQ, dcfg_type_set_fns(cfg, 7, &fns)); + + fns = coord_fns; + fns.free_fn = NULL; + tt_int_op(-1, OP_EQ, dcfg_type_set_fns(cfg, 7, &fns)); + + fns = coord_fns; + tt_int_op(0, OP_EQ, dcfg_type_set_fns(cfg, 7, &fns)); + + done: + dcfg_free(cfg); +} + +#define T(name) \ + { #name, test_dispatch_ ## name, TT_FORK, NULL, NULL } + +struct testcase_t dispatch_tests[] = { + T(max_in_u16_sl), + T(empty), + T(simple), + T(no_recipient), + T(with_types), + T(bad_type_setup), + END_OF_TESTCASES +}; diff --git a/src/test/test_dns.c b/src/test/test_dns.c index 41a56f65d8..299321ab64 100644 --- a/src/test/test_dns.c +++ b/src/test/test_dns.c @@ -1,6 +1,7 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#include "orconfig.h" #include "core/or/or.h" #include "test/test.h" @@ -13,29 +14,81 @@ #include "core/or/edge_connection_st.h" #include "core/or/or_circuit_st.h" +#include "app/config/or_options_st.h" +#include "app/config/config.h" -#define NS_MODULE dns +#include <event2/event.h> +#include <event2/dns.h> -#define NS_SUBMODULE clip_ttl +#ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR + +static or_options_t options = { + .ORPort_set = 1, +}; + +static const or_options_t * +mock_get_options(void) +{ + return &options; +} static void -NS(test_main)(void *arg) +test_dns_configure_ns_fallback(void *arg) { (void)arg; + tor_addr_t *nameserver_addr = NULL; - uint32_t ttl_mid = MIN_DNS_TTL_AT_EXIT / 2 + MAX_DNS_TTL_AT_EXIT / 2; + MOCK(get_options, mock_get_options); - tt_int_op(dns_clip_ttl(MIN_DNS_TTL_AT_EXIT - 1),OP_EQ,MIN_DNS_TTL_AT_EXIT); - tt_int_op(dns_clip_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL_AT_EXIT); - tt_int_op(dns_clip_ttl(MAX_DNS_TTL_AT_EXIT + 1),OP_EQ,MAX_DNS_TTL_AT_EXIT); + options.ServerDNSResolvConfFile = (char *)"no_such_file!!!"; - done: + dns_init(); // calls configure_nameservers() + + tt_int_op(number_of_configured_nameservers(), OP_EQ, 1); + + nameserver_addr = configured_nameserver_address(0); + + tt_assert(tor_addr_family(nameserver_addr) == AF_INET); + tt_assert(tor_addr_eq_ipv4h(nameserver_addr, 0x7f000001)); + +#ifndef _WIN32 + tor_free(nameserver_addr); + + options.ServerDNSResolvConfFile = (char *)"/dev/null"; + + dns_init(); + + tt_int_op(number_of_configured_nameservers(), OP_EQ, 1); + + nameserver_addr = configured_nameserver_address(0); + + tt_assert(tor_addr_family(nameserver_addr) == AF_INET); + tt_assert(tor_addr_eq_ipv4h(nameserver_addr, 0x7f000001)); +#endif /* !defined(_WIN32) */ + + UNMOCK(get_options); + + done: + tor_free(nameserver_addr); return; } -#undef NS_SUBMODULE +#endif /* defined(HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR) */ + +static void +test_dns_clip_ttl(void *arg) +{ + (void)arg; -#define NS_SUBMODULE resolve + uint32_t ttl_mid = MIN_DNS_TTL / 2 + MAX_DNS_TTL / 2; + + tt_int_op(clip_dns_ttl(MIN_DNS_TTL - 1),OP_EQ,MIN_DNS_TTL); + tt_int_op(clip_dns_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL); + tt_int_op(clip_dns_ttl(MAX_DNS_TTL + 1),OP_EQ,MAX_DNS_TTL); + + done: + return; +} static int resolve_retval = 0; static int resolve_made_conn_pending = 0; @@ -44,10 +97,11 @@ static cached_resolve_t *cache_entry_mock = NULL; static int n_fake_impl = 0; -NS_DECL(int, dns_resolve_impl, (edge_connection_t *exitconn, int is_resolve, - or_circuit_t *oncirc, char **hostname_out, - int *made_connection_pending_out, - cached_resolve_t **resolve_out)); +static int dns_resolve_dns_resolve_impl(edge_connection_t *exitconn, + int is_resolve, or_circuit_t *oncirc, + char **hostname_out, int *made_connection_pending_out, + cached_resolve_t **resolve_out); +ATTR_UNUSED static int dns_resolve_dns_resolve_impl_called = 0; /** This will be our configurable substitute for <b>dns_resolve_impl</b> in * dns.c. It will return <b>resolve_retval</b>, @@ -58,7 +112,7 @@ NS_DECL(int, dns_resolve_impl, (edge_connection_t *exitconn, int is_resolve, * 1. */ static int -NS(dns_resolve_impl)(edge_connection_t *exitconn, int is_resolve, +dns_resolve_dns_resolve_impl(edge_connection_t *exitconn, int is_resolve, or_circuit_t *oncirc, char **hostname_out, int *made_connection_pending_out, cached_resolve_t **resolve_out) @@ -88,7 +142,7 @@ static uint8_t last_answer_type = 0; static cached_resolve_t *last_resolved; static void -NS(send_resolved_cell)(edge_connection_t *conn, uint8_t answer_type, +dns_resolve_send_resolved_cell(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved) { conn_for_resolved_cell = conn; @@ -104,7 +158,7 @@ static int n_send_resolved_hostname_cell_replacement = 0; static char *last_resolved_hostname = NULL; static void -NS(send_resolved_hostname_cell)(edge_connection_t *conn, +dns_resolve_send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname) { conn_for_resolved_cell = conn; @@ -118,7 +172,7 @@ NS(send_resolved_hostname_cell)(edge_connection_t *conn, static int n_dns_cancel_pending_resolve_replacement = 0; static void -NS(dns_cancel_pending_resolve)(const char *address) +dns_resolve_dns_cancel_pending_resolve(const char *address) { (void) address; n_dns_cancel_pending_resolve_replacement++; @@ -128,7 +182,7 @@ static int n_connection_free = 0; static connection_t *last_freed_conn = NULL; static void -NS(connection_free_)(connection_t *conn) +dns_resolve_connection_free_(connection_t *conn) { n_connection_free++; @@ -136,7 +190,7 @@ NS(connection_free_)(connection_t *conn) } static void -NS(test_main)(void *arg) +test_dns_resolve(void *arg) { (void) arg; int retval; @@ -155,9 +209,12 @@ NS(test_main)(void *arg) memset(exitconn,0,sizeof(edge_connection_t)); memset(nextconn,0,sizeof(edge_connection_t)); - NS_MOCK(dns_resolve_impl); - NS_MOCK(send_resolved_cell); - NS_MOCK(send_resolved_hostname_cell); + MOCK(dns_resolve_impl, + dns_resolve_dns_resolve_impl); + MOCK(send_resolved_cell, + dns_resolve_send_resolved_cell); + MOCK(send_resolved_hostname_cell, + dns_resolve_send_resolved_hostname_cell); /* * CASE 1: dns_resolve_impl returns 1 and sets a hostname. purpose is @@ -270,8 +327,10 @@ NS(test_main)(void *arg) * on exitconn with type being RESOLVED_TYPE_ERROR. */ - NS_MOCK(dns_cancel_pending_resolve); - NS_MOCK(connection_free_); + MOCK(dns_cancel_pending_resolve, + dns_resolve_dns_cancel_pending_resolve); + MOCK(connection_free_, + dns_resolve_connection_free_); exitconn->on_circuit = &(on_circuit->base_); exitconn->base_.purpose = EXIT_PURPOSE_RESOLVE; @@ -294,11 +353,11 @@ NS(test_main)(void *arg) tt_assert(last_freed_conn == TO_CONN(exitconn)); done: - NS_UNMOCK(dns_resolve_impl); - NS_UNMOCK(send_resolved_cell); - NS_UNMOCK(send_resolved_hostname_cell); - NS_UNMOCK(dns_cancel_pending_resolve); - NS_UNMOCK(connection_free_); + UNMOCK(dns_resolve_impl); + UNMOCK(send_resolved_cell); + UNMOCK(send_resolved_hostname_cell); + UNMOCK(dns_cancel_pending_resolve); + UNMOCK(connection_free_); tor_free(on_circuit); tor_free(exitconn); tor_free(nextconn); @@ -308,8 +367,6 @@ NS(test_main)(void *arg) return; } -#undef NS_SUBMODULE - /** Create an <b>edge_connection_t</b> instance that is considered a * valid exit connection by asserts in dns_resolve_impl. */ @@ -326,8 +383,6 @@ create_valid_exitconn(void) return exitconn; } -#define NS_SUBMODULE ASPECT(resolve_impl, addr_is_ip_no_need_to_resolve) - /* * Given that <b>exitconn->base_.address</b> is IP address string, we * want dns_resolve_impl() to parse it and store in @@ -336,7 +391,7 @@ create_valid_exitconn(void) */ static void -NS(test_main)(void *arg) +test_dns_impl_addr_is_ip(void *arg) { int retval; int made_pending; @@ -369,21 +424,17 @@ NS(test_main)(void *arg) return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, non_exit) - /** Given that Tor instance is not configured as an exit node, we want * dns_resolve_impl() to fail with return value -1. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_non_exit_router_my_exit_policy_is_reject_star(void) { return 1; } static void -NS(test_main)(void *arg) +test_dns_impl_non_exit(void *arg) { int retval; int made_pending; @@ -395,7 +446,8 @@ NS(test_main)(void *arg) TO_CONN(exitconn)->address = tor_strdup("torproject.org"); - NS_MOCK(router_my_exit_policy_is_reject_star); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_non_exit_router_my_exit_policy_is_reject_star); retval = dns_resolve_impl(exitconn, 1, on_circ, NULL, &made_pending, NULL); @@ -406,27 +458,23 @@ NS(test_main)(void *arg) tor_free(TO_CONN(exitconn)->address); tor_free(exitconn); tor_free(on_circ); - NS_UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(router_my_exit_policy_is_reject_star); return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, addr_is_invalid_dest) - /** Given that address is not a valid destination (as judged by * address_is_invalid_destination() function), we want dns_resolve_impl() * function to fail with return value -1. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_addr_is_invalid_dest_router_my_exit_policy_is_reject_star(void) { return 0; } static void -NS(test_main)(void *arg) +test_dns_impl_addr_is_invalid_dest(void *arg) { int retval; int made_pending; @@ -436,7 +484,8 @@ NS(test_main)(void *arg) (void)arg; - NS_MOCK(router_my_exit_policy_is_reject_star); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_addr_is_invalid_dest_router_my_exit_policy_is_reject_star); TO_CONN(exitconn)->address = tor_strdup("invalid#@!.org"); @@ -446,29 +495,25 @@ NS(test_main)(void *arg) tt_int_op(retval,OP_EQ,-1); done: - NS_UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(router_my_exit_policy_is_reject_star); tor_free(TO_CONN(exitconn)->address); tor_free(exitconn); tor_free(on_circ); return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, malformed_ptr) - /** Given that address is a malformed PTR name, we want dns_resolve_impl to * fail. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_malformed_ptr_router_my_exit_policy_is_reject_star(void) { return 0; } static void -NS(test_main)(void *arg) +test_dns_impl_malformed_ptr(void *arg) { int retval; int made_pending; @@ -480,7 +525,8 @@ NS(test_main)(void *arg) TO_CONN(exitconn)->address = tor_strdup("1.0.0.127.in-addr.arpa"); - NS_MOCK(router_my_exit_policy_is_reject_star); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_malformed_ptr_router_my_exit_policy_is_reject_star); retval = dns_resolve_impl(exitconn, 1, on_circ, NULL, &made_pending, NULL); @@ -498,30 +544,26 @@ NS(test_main)(void *arg) tt_int_op(retval,OP_EQ,-1); done: - NS_UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(router_my_exit_policy_is_reject_star); tor_free(TO_CONN(exitconn)->address); tor_free(exitconn); tor_free(on_circ); return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, cache_hit_pending) - /* Given that there is already a pending resolve for the given address, * we want dns_resolve_impl to append our exit connection to list * of pending connections for the pending DNS request and return 0. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_cache_hit_pending_router_my_exit_policy_is_reject_star(void) { return 0; } static void -NS(test_main)(void *arg) +test_dns_impl_cache_hit_pending(void *arg) { int retval; int made_pending = 0; @@ -544,7 +586,8 @@ NS(test_main)(void *arg) strlcpy(cache_entry->address, TO_CONN(exitconn)->address, sizeof(cache_entry->address)); - NS_MOCK(router_my_exit_policy_is_reject_star); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_cache_hit_pending_router_my_exit_policy_is_reject_star); dns_init(); @@ -562,7 +605,7 @@ NS(test_main)(void *arg) tt_assert(pending_conn->conn == exitconn); done: - NS_UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(router_my_exit_policy_is_reject_star); tor_free(on_circ); tor_free(TO_CONN(exitconn)->address); tor_free(cache_entry->pending_connections); @@ -571,16 +614,12 @@ NS(test_main)(void *arg) return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, cache_hit_cached) - /* Given that a finished DNS resolve is available in our cache, we want * dns_resolve_impl() return it to called via resolve_out and pass the * handling to set_exitconn_info_from_resolve function. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_cache_hit_cached_router_my_exit_policy_is_reject_star(void) { return 0; } @@ -589,7 +628,8 @@ static edge_connection_t *last_exitconn = NULL; static cached_resolve_t *last_resolve = NULL; static int -NS(set_exitconn_info_from_resolve)(edge_connection_t *exitconn, +dns_impl_cache_hit_cached_set_exitconn_info_from_resolve( + edge_connection_t *exitconn, const cached_resolve_t *resolve, char **hostname_out) { @@ -602,7 +642,7 @@ NS(set_exitconn_info_from_resolve)(edge_connection_t *exitconn, } static void -NS(test_main)(void *arg) +test_dns_impl_cache_hit_cached(void *arg) { int retval; int made_pending = 0; @@ -625,8 +665,10 @@ NS(test_main)(void *arg) strlcpy(cache_entry->address, TO_CONN(exitconn)->address, sizeof(cache_entry->address)); - NS_MOCK(router_my_exit_policy_is_reject_star); - NS_MOCK(set_exitconn_info_from_resolve); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_cache_hit_cached_router_my_exit_policy_is_reject_star); + MOCK(set_exitconn_info_from_resolve, + dns_impl_cache_hit_cached_set_exitconn_info_from_resolve); dns_init(); @@ -643,8 +685,8 @@ NS(test_main)(void *arg) tt_assert(last_resolve == cache_entry); done: - NS_UNMOCK(router_my_exit_policy_is_reject_star); - NS_UNMOCK(set_exitconn_info_from_resolve); + UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(set_exitconn_info_from_resolve); tor_free(on_circ); tor_free(TO_CONN(exitconn)->address); tor_free(cache_entry->pending_connections); @@ -652,10 +694,6 @@ NS(test_main)(void *arg) return; } -#undef NS_SUBMODULE - -#define NS_SUBMODULE ASPECT(resolve_impl, cache_miss) - /* Given that there are neither pending nor pre-cached resolve for a given * address, we want dns_resolve_impl() to create a new cached_resolve_t * object, mark it as pending, insert it into the cache, attach the exit @@ -663,7 +701,7 @@ NS(test_main)(void *arg) * with the cached_resolve_t object it created. */ static int -NS(router_my_exit_policy_is_reject_star)(void) +dns_impl_cache_miss_router_my_exit_policy_is_reject_star(void) { return 0; } @@ -671,7 +709,7 @@ NS(router_my_exit_policy_is_reject_star)(void) static cached_resolve_t *last_launched_resolve = NULL; static int -NS(launch_resolve)(cached_resolve_t *resolve) +dns_impl_cache_miss_launch_resolve(cached_resolve_t *resolve) { last_launched_resolve = resolve; @@ -679,7 +717,7 @@ NS(launch_resolve)(cached_resolve_t *resolve) } static void -NS(test_main)(void *arg) +test_dns_impl_cache_miss(void *arg) { int retval; int made_pending = 0; @@ -698,8 +736,10 @@ NS(test_main)(void *arg) strlcpy(query.address, TO_CONN(exitconn)->address, sizeof(query.address)); - NS_MOCK(router_my_exit_policy_is_reject_star); - NS_MOCK(launch_resolve); + MOCK(router_my_exit_policy_is_reject_star, + dns_impl_cache_miss_router_my_exit_policy_is_reject_star); + MOCK(launch_resolve, + dns_impl_cache_miss_launch_resolve); dns_init(); @@ -722,8 +762,8 @@ NS(test_main)(void *arg) tt_str_op(cache_entry->address,OP_EQ,TO_CONN(exitconn)->address); done: - NS_UNMOCK(router_my_exit_policy_is_reject_star); - NS_UNMOCK(launch_resolve); + UNMOCK(router_my_exit_policy_is_reject_star); + UNMOCK(launch_resolve); tor_free(on_circ); tor_free(TO_CONN(exitconn)->address); if (cache_entry) @@ -733,19 +773,22 @@ NS(test_main)(void *arg) return; } -#undef NS_SUBMODULE - struct testcase_t dns_tests[] = { - TEST_CASE(clip_ttl), - TEST_CASE(resolve), - TEST_CASE_ASPECT(resolve_impl, addr_is_ip_no_need_to_resolve), - TEST_CASE_ASPECT(resolve_impl, non_exit), - TEST_CASE_ASPECT(resolve_impl, addr_is_invalid_dest), - TEST_CASE_ASPECT(resolve_impl, malformed_ptr), - TEST_CASE_ASPECT(resolve_impl, cache_hit_pending), - TEST_CASE_ASPECT(resolve_impl, cache_hit_cached), - TEST_CASE_ASPECT(resolve_impl, cache_miss), +#ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR + { "configure_ns_fallback", test_dns_configure_ns_fallback, + TT_FORK, NULL, NULL }, +#endif + { "clip_ttl", test_dns_clip_ttl, TT_FORK, NULL, NULL }, + { "resolve", test_dns_resolve, TT_FORK, NULL, NULL }, + { "impl_addr_is_ip", test_dns_impl_addr_is_ip, TT_FORK, NULL, NULL }, + { "impl_non_exit", test_dns_impl_non_exit, TT_FORK, NULL, NULL }, + { "impl_addr_is_invalid_dest", test_dns_impl_addr_is_invalid_dest, + TT_FORK, NULL, NULL }, + { "impl_malformed_ptr", test_dns_impl_malformed_ptr, TT_FORK, NULL, NULL }, + { "impl_cache_hit_pending", test_dns_impl_cache_hit_pending, + TT_FORK, NULL, NULL }, + { "impl_cache_hit_cached", test_dns_impl_cache_hit_cached, + TT_FORK, NULL, NULL }, + { "impl_cache_miss", test_dns_impl_cache_miss, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; - -#undef NS_MODULE diff --git a/src/test/test_dos.c b/src/test/test_dos.c index 01d7cd006e..527e5bbe7f 100644 --- a/src/test/test_dos.c +++ b/src/test/test_dos.c @@ -1,8 +1,8 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define DOS_PRIVATE -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define CIRCUITLIST_PRIVATE #include "core/or/or.h" @@ -411,7 +411,7 @@ test_dos_bucket_refill(void *arg) } tt_uint_op(current_circ_count, OP_EQ, 0); tt_uint_op(dos_stats->cc_stats.circuit_bucket, OP_EQ, current_circ_count); -#endif +#endif /* SIZEOF_TIME_T == 8 */ done: tor_free(chan); diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c index fc7c5d5800..9cdd7f6d0e 100644 --- a/src/test/test_entryconn.c +++ b/src/test/test_entryconn.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -11,7 +11,7 @@ #include "feature/client/addressmap.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" #include "feature/nodelist/nodelist.h" diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c index a486b13ae1..5ddd1a3db0 100644 --- a/src/test/test_entrynodes.c +++ b/src/test/test_entrynodes.c @@ -1,10 +1,11 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #define CIRCUITLIST_PRIVATE #define CIRCUITBUILD_PRIVATE +#define CONFIG_PRIVATE #define STATEFILE_PRIVATE #define ENTRYNODES_PRIVATE #define ROUTERLIST_PRIVATE @@ -17,7 +18,7 @@ #include "core/or/circuitlist.h" #include "core/or/circuitbuild.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" #include "lib/crypt_ops/crypto_rand.h" #include "feature/dircommon/directory.h" #include "feature/dirclient/dirclient.h" @@ -67,7 +68,7 @@ static networkstatus_t *dummy_consensus = NULL; static smartlist_t *big_fake_net_nodes = NULL; -static smartlist_t * +static const smartlist_t * bfn_mock_nodelist_get_list(void) { return big_fake_net_nodes; @@ -127,6 +128,9 @@ big_fake_network_cleanup(const struct testcase_t *testcase, void *ptr) return 1; /* NOP */ } +#define REASONABLY_FUTURE " reasonably-future" +#define REASONABLY_PAST " reasonably-past" + /* Unittest setup function: Setup a fake network. */ static void * big_fake_network_setup(const struct testcase_t *testcase) @@ -138,9 +142,10 @@ big_fake_network_setup(const struct testcase_t *testcase) const int N_NODES = 271; const char *argument = testcase->setup_data; - int reasonably_live_consensus = 0; + int reasonably_future_consensus = 0, reasonably_past_consensus = 0; if (argument) { - reasonably_live_consensus = strstr(argument, "reasonably-live") != NULL; + reasonably_future_consensus = strstr(argument, REASONABLY_FUTURE) != NULL; + reasonably_past_consensus = strstr(argument, REASONABLY_PAST) != NULL; } big_fake_net_nodes = smartlist_new(); @@ -193,16 +198,21 @@ big_fake_network_setup(const struct testcase_t *testcase) n->md->exit_policy = parse_short_policy("accept 443"); } + n->nodelist_idx = smartlist_len(big_fake_net_nodes); smartlist_add(big_fake_net_nodes, n); } - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); dummy_consensus = tor_malloc_zero(sizeof(networkstatus_t)); - if (reasonably_live_consensus) { - /* Make the dummy consensus valid from 4 hours ago, but expired an hour + if (reasonably_future_consensus) { + /* Make the dummy consensus valid in 6 hours, and expiring in 7 hours. */ + dummy_consensus->valid_after = approx_time() + 6*3600; + dummy_consensus->valid_until = approx_time() + 7*3600; + } else if (reasonably_past_consensus) { + /* Make the dummy consensus valid from 16 hours ago, but expired 12 hours * ago. */ - dummy_consensus->valid_after = approx_time() - 4*3600; - dummy_consensus->valid_until = approx_time() - 3600; + dummy_consensus->valid_after = approx_time() - 16*3600; + dummy_consensus->valid_until = approx_time() - 12*3600; } else { /* Make the dummy consensus valid for an hour either side of now. */ dummy_consensus->valid_after = approx_time() - 3600; @@ -226,12 +236,12 @@ mock_randomize_time_no_randomization(time_t a, time_t b) return a; } -static or_options_t mocked_options; +static or_options_t *mocked_options; static const or_options_t * mock_get_options(void) { - return &mocked_options; + return mocked_options; } #define TEST_IPV4_ADDR "123.45.67.89" @@ -250,7 +260,7 @@ test_node_preferred_orport(void *arg) tor_addr_port_t ap; /* Setup options */ - memset(&mocked_options, 0, sizeof(mocked_options)); + mocked_options = options_new(); /* We don't test ClientPreferIPv6ORPort here, because it's used in * nodelist_set_consensus to setup node.ipv6_preferred, which we set * directly. */ @@ -273,8 +283,8 @@ test_node_preferred_orport(void *arg) /* Check the preferred address is IPv4 if we're only using IPv4, regardless * of whether we prefer it or not */ - mocked_options.ClientUseIPv4 = 1; - mocked_options.ClientUseIPv6 = 0; + mocked_options->ClientUseIPv4 = 1; + mocked_options->ClientUseIPv6 = 0; node.ipv6_preferred = 0; node_get_pref_orport(&node, &ap); tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr)); @@ -287,8 +297,8 @@ test_node_preferred_orport(void *arg) /* Check the preferred address is IPv4 if we're using IPv4 and IPv6, but * don't prefer the IPv6 address */ - mocked_options.ClientUseIPv4 = 1; - mocked_options.ClientUseIPv6 = 1; + mocked_options->ClientUseIPv4 = 1; + mocked_options->ClientUseIPv6 = 1; node.ipv6_preferred = 0; node_get_pref_orport(&node, &ap); tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr)); @@ -296,28 +306,29 @@ test_node_preferred_orport(void *arg) /* Check the preferred address is IPv6 if we prefer it and * ClientUseIPv6 is 1, regardless of ClientUseIPv4 */ - mocked_options.ClientUseIPv4 = 1; - mocked_options.ClientUseIPv6 = 1; + mocked_options->ClientUseIPv4 = 1; + mocked_options->ClientUseIPv6 = 1; node.ipv6_preferred = 1; node_get_pref_orport(&node, &ap); tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); tt_assert(ap.port == ipv6_port); - mocked_options.ClientUseIPv4 = 0; + mocked_options->ClientUseIPv4 = 0; node_get_pref_orport(&node, &ap); tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); tt_assert(ap.port == ipv6_port); /* Check the preferred address is IPv6 if we don't prefer it, but * ClientUseIPv4 is 0 */ - mocked_options.ClientUseIPv4 = 0; - mocked_options.ClientUseIPv6 = 1; - node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(&mocked_options); + mocked_options->ClientUseIPv4 = 0; + mocked_options->ClientUseIPv6 = 1; + node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(mocked_options); node_get_pref_orport(&node, &ap); tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); tt_assert(ap.port == ipv6_port); done: + or_options_free(mocked_options); UNMOCK(get_options); } @@ -379,12 +390,13 @@ test_entry_guard_encode_for_state_minimal(void *arg) eg->confirmed_idx = -1; char *s = NULL; - s = entry_guard_encode_for_state(eg); + s = entry_guard_encode_for_state(eg, 0); tt_str_op(s, OP_EQ, "in=wubwub " "rsa_id=706C75727079666C75727079736C75727079646F " "sampled_on=2016-11-14T00:00:00 " + "sampled_idx=0 " "listed=0"); done: @@ -410,10 +422,11 @@ test_entry_guard_encode_for_state_maximal(void *arg) eg->currently_listed = 1; eg->confirmed_on_date = 1479081690; eg->confirmed_idx = 333; + eg->sampled_idx = 42; eg->extra_state_fields = tor_strdup("and the green grass grew all around"); char *s = NULL; - s = entry_guard_encode_for_state(eg); + s = entry_guard_encode_for_state(eg, 0); tt_str_op(s, OP_EQ, "in=default " @@ -421,6 +434,7 @@ test_entry_guard_encode_for_state_maximal(void *arg) "bridge_addr=8.8.4.4:9999 " "nickname=Fred " "sampled_on=2016-11-14T00:00:00 " + "sampled_idx=0 " "sampled_by=1.2.3 " "unlisted_since=2016-11-14T00:00:45 " "listed=1 " @@ -610,39 +624,47 @@ test_entry_guard_parse_from_state_full(void *arg) const char STATE[] = "Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 " "nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev " "listed=1\n" "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 " "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 " + "sampled_idx=1 " "sampled_by=0.3.0.0-alpha-dev " "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 " "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 " "pb_successful_circuits_closed=2.000000\n" "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " + "sampled_idx=2 " "sampled_by=0.3.0.0-alpha-dev " "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 " "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 " "pb_successful_circuits_closed=5.000000\n" "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev " "listed=1\n" "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E " "nickname=maibrunn sampled_on=2016-11-25T22:36:38 " + "sampled_idx=3 " "sampled_by=0.3.0.0-alpha-dev listed=1\n" "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E " "nickname=Unnamed sampled_on=2016-11-25T14:34:00 " + "sampled_idx=10 " "sampled_by=0.3.0.0-alpha-dev listed=1\n" "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E " "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev listed=1 " "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 " "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 " "pb_successful_circuits_closed=13.000000\n" "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 " "bridge_addr=37.218.246.143:28366 " - "sampled_on=2016-11-18T15:07:34 sampled_by=0.3.0.0-alpha-dev listed=1\n"; + "sampled_on=2016-11-18T15:07:34 sampled_idx=1 " + "sampled_by=0.3.0.0-alpha-dev listed=1\n"; config_line_t *lines = NULL; or_state_t *state = tor_malloc_zero(sizeof(or_state_t)); @@ -718,35 +740,42 @@ test_entry_guard_parse_from_state_full(void *arg) tt_str_op(joined, OP_EQ, "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 " "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev " "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 " "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 " "pb_successful_circuits_closed=2.000000\n" "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " + "sampled_idx=1 " "sampled_by=0.3.0.0-alpha-dev " "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 " "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 " "pb_successful_circuits_closed=5.000000\n" "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E " "nickname=maibrunn sampled_on=2016-11-25T22:36:38 " + "sampled_idx=2 " "sampled_by=0.3.0.0-alpha-dev listed=1\n" "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E " "nickname=Unnamed sampled_on=2016-11-25T14:34:00 " + "sampled_idx=3 " "sampled_by=0.3.0.0-alpha-dev listed=1\n" "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev " "listed=1\n" "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E " "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 " + "sampled_idx=0 " "sampled_by=0.3.0.0-alpha-dev listed=1 " "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 " "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 " "pb_successful_circuits_closed=13.000000\n" "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 " "bridge_addr=37.218.246.143:28366 " - "sampled_on=2016-11-18T15:07:34 sampled_by=0.3.0.0-alpha-dev listed=1\n"); + "sampled_on=2016-11-18T15:07:34 sampled_idx=1 " + "sampled_by=0.3.0.0-alpha-dev listed=1\n"); done: config_free_lines(lines); @@ -1450,8 +1479,8 @@ test_entry_guard_confirming_guards(void *arg) tt_i64_op(g1->confirmed_on_date, OP_EQ, start+10); tt_i64_op(g2->confirmed_on_date, OP_EQ, start); tt_i64_op(g3->confirmed_on_date, OP_EQ, start+10); - tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g2); - tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g1); + tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1); + tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2); tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3); /* Now make sure we can regenerate the confirmed_entry_guards list. */ @@ -1463,8 +1492,8 @@ test_entry_guard_confirming_guards(void *arg) tt_int_op(g1->confirmed_idx, OP_EQ, 1); tt_int_op(g2->confirmed_idx, OP_EQ, 0); tt_int_op(g3->confirmed_idx, OP_EQ, 2); - tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g2); - tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g1); + tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1); + tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2); tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3); /* Now make sure we can regenerate the confirmed_entry_guards list if @@ -1481,9 +1510,9 @@ test_entry_guard_confirming_guards(void *arg) g1 = smartlist_get(gs->confirmed_entry_guards, 0); g2 = smartlist_get(gs->confirmed_entry_guards, 1); g3 = smartlist_get(gs->confirmed_entry_guards, 2); - tt_int_op(g1->confirmed_idx, OP_EQ, 0); - tt_int_op(g2->confirmed_idx, OP_EQ, 1); - tt_int_op(g3->confirmed_idx, OP_EQ, 2); + tt_int_op(g1->sampled_idx, OP_EQ, 0); + tt_int_op(g2->sampled_idx, OP_EQ, 1); + tt_int_op(g3->sampled_idx, OP_EQ, 8); tt_assert(g1 != g2); tt_assert(g1 != g3); tt_assert(g2 != g3); @@ -1499,9 +1528,6 @@ test_entry_guard_sample_reachable_filtered(void *arg) (void)arg; guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); entry_guards_expand_sample(gs); - const int N = 10000; - bitarray_t *selected = NULL; - int i, j; /* We've got a sampled list now; let's make one non-usable-filtered; some * confirmed, some primary, some pending. @@ -1536,32 +1562,21 @@ test_entry_guard_sample_reachable_filtered(void *arg) { SAMPLE_EXCLUDE_PENDING, 0 }, { -1, -1}, }; - + int j; for (j = 0; tests[j].flag >= 0; ++j) { - selected = bitarray_init_zero(n_guards); const int excluded_flags = tests[j].flag; const int excluded_idx = tests[j].idx; - for (i = 0; i < N; ++i) { - g = sample_reachable_filtered_entry_guards(gs, NULL, excluded_flags); - tor_assert(g); - int pos = smartlist_pos(gs->sampled_entry_guards, g); - tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards); - tt_int_op(pos, OP_GE, 0); - tt_int_op(pos, OP_LT, n_guards); - bitarray_set(selected, pos); - } - for (i = 0; i < n_guards; ++i) { - const int should_be_set = (i != excluded_idx && - i != 3); // filtered out. - tt_int_op(!!bitarray_is_set(selected, i), OP_EQ, should_be_set); - } - bitarray_free(selected); - selected = NULL; + g = first_reachable_filtered_entry_guard(gs, NULL, excluded_flags); + tor_assert(g); + int pos = smartlist_pos(gs->sampled_entry_guards, g); + tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards); + const int should_be_set = (pos != excluded_idx && + pos != 3); // filtered out. + tt_int_op(1, OP_EQ, should_be_set); } done: guard_selection_free(gs); - bitarray_free(selected); } static void @@ -1573,7 +1588,7 @@ test_entry_guard_sample_reachable_filtered_empty(void *arg) SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, n->is_possible_guard = 0); - entry_guard_t *g = sample_reachable_filtered_entry_guards(gs, NULL, 0); + entry_guard_t *g = first_reachable_filtered_entry_guard(gs, NULL, 0); tt_ptr_op(g, OP_EQ, NULL); done: @@ -1664,10 +1679,13 @@ test_entry_guard_manage_primary(void *arg) tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx)); }); - /* If we have one confirmed guard, that guards becomes the first primary - * guard, and the other primary guards get kept. */ + /** + * If we have one confirmed guard, that guards becomes the first primary + * only if its sampled_idx is smaller + * */ - /* find a non-primary guard... */ + /* find a non-primary guard... it should have a sampled_idx higher than + * existing primary guards */ entry_guard_t *confirmed = NULL; SMARTLIST_FOREACH(gs->sampled_entry_guards, entry_guard_t *, g, { if (! g->is_primary) { @@ -1683,15 +1701,13 @@ test_entry_guard_manage_primary(void *arg) smartlist_add_all(prev_guards, gs->primary_entry_guards); entry_guards_update_primary(gs); - /* and see what's primary now! */ + /* the confirmed guard should be at the end of the primary list! Hopefully, + * one of the primary guards with a lower sampled_idx will confirm soon :) + * Doing this won't make the client switches between primaries depending on + * the order of confirming events */ tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary); - tt_ptr_op(smartlist_get(gs->primary_entry_guards, 0), OP_EQ, confirmed); - SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, { - tt_assert(g->is_primary); - if (g_sl_idx == 0) - continue; - tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx - 1)); - }); + tt_ptr_op(smartlist_get(gs->primary_entry_guards, + smartlist_len(gs->primary_entry_guards)-1), OP_EQ, confirmed); { entry_guard_t *prev_last_guard = smartlist_get(prev_guards, n_primary-1); tt_assert(! prev_last_guard->is_primary); @@ -1782,6 +1798,57 @@ test_entry_guard_guard_preferred(void *arg) } static void +test_entry_guard_correct_cascading_order(void *arg) +{ + (void)arg; + smartlist_t *old_primary_guards = smartlist_new(); + guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); + entry_guards_expand_sample(gs); + /** First, a test in which the primary guards need be pulled from different + * lists to fill up the primary list -- this may happen, if for example, not + * enough guards have confirmed yet */ + entry_guard_t *g; + /** just one confirmed */ + g = smartlist_get(gs->sampled_entry_guards, 2); + make_guard_confirmed(gs, g); + entry_guards_update_primary(gs); + g = smartlist_get(gs->primary_entry_guards, 0); + tt_int_op(g->sampled_idx, OP_EQ, 0); + g = smartlist_get(gs->primary_entry_guards, 1); + tt_int_op(g->sampled_idx, OP_EQ, 1); + g = smartlist_get(gs->primary_entry_guards, 2); + tt_int_op(g->sampled_idx, OP_EQ, 2); + + /** Now the primaries get all confirmed, and the primary list should not + * change */ + make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 0)); + make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 1)); + smartlist_add_all(old_primary_guards, gs->primary_entry_guards); + entry_guards_update_primary(gs); + smartlist_ptrs_eq(gs->primary_entry_guards, old_primary_guards); + /** the confirmed guards should also have the same set of guards, in the same + * order :-) */ + smartlist_ptrs_eq(gs->confirmed_entry_guards, gs->primary_entry_guards); + /** Now select a guard for a circuit, and make sure it is the first primary + * guard */ + unsigned state = 9999; + g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); + tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0)); + /** Now, let's mark this guard as unreachable and let's update the lists */ + g->is_reachable = GUARD_REACHABLE_NO; + g->failing_since = approx_time() - 10; + g->last_tried_to_connect = approx_time() - 10; + state = 9999; + entry_guards_update_primary(gs); + g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); + /** we should have switched to the next one is sampled order */ + tt_int_op(g->sampled_idx, OP_EQ, 1); + done: + smartlist_free(old_primary_guards); + guard_selection_free(gs); +} + +static void test_entry_guard_select_for_circuit_no_confirmed(void *arg) { /* Simpler cases: no gaurds are confirmed yet. */ @@ -3028,6 +3095,7 @@ static const struct testcase_setup_t upgrade_circuits = { upgrade_circuits_setup, upgrade_circuits_cleanup }; +#ifndef COCCI #define NO_PREFIX_TEST(name) \ { #name, test_ ## name, 0, NULL, NULL } @@ -3039,13 +3107,18 @@ static const struct testcase_setup_t upgrade_circuits = { #define BFN_TEST(name) \ EN_TEST_BASE(name, TT_FORK, &big_fake_network, NULL), \ - { #name "_reasonably_live", test_entry_guard_ ## name, TT_FORK, \ - &big_fake_network, (void*)("reasonably-live") } + { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \ + &big_fake_network, (void*)(REASONABLY_FUTURE) }, \ + { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \ + &big_fake_network, (void*)(REASONABLY_PAST) } #define UPGRADE_TEST(name, arg) \ EN_TEST_BASE(name, TT_FORK, &upgrade_circuits, arg), \ - { #name "_reasonably_live", test_entry_guard_ ## name, TT_FORK, \ - &upgrade_circuits, (void*)(arg " reasonably-live") } + { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \ + &upgrade_circuits, (void*)(arg REASONABLY_FUTURE) }, \ + { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \ + &upgrade_circuits, (void*)(arg REASONABLY_PAST) } +#endif /* !defined(COCCI) */ struct testcase_t entrynodes_tests[] = { NO_PREFIX_TEST(node_preferred_orport), @@ -3077,6 +3150,7 @@ struct testcase_t entrynodes_tests[] = { BFN_TEST(sample_reachable_filtered_empty), BFN_TEST(retry_unreachable), BFN_TEST(manage_primary), + BFN_TEST(correct_cascading_order), EN_TEST_FORK(guard_preferred), diff --git a/src/test/test_extorport.c b/src/test/test_extorport.c index 0c34d37a71..7935530653 100644 --- a/src/test/test_extorport.c +++ b/src/test/test_extorport.c @@ -1,15 +1,15 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONNECTION_PRIVATE #define EXT_ORPORT_PRIVATE #define MAINLOOP_PRIVATE #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/mainloop/connection.h" #include "core/or/connection_or.h" #include "app/config/config.h" -#include "feature/control/control.h" +#include "feature/control/control_events.h" #include "lib/crypt_ops/crypto_rand.h" #include "feature/relay/ext_orport.h" #include "core/mainloop/mainloop.h" @@ -18,6 +18,7 @@ #include "test/test.h" #include "test/test_helpers.h" +#include "test/rng_test_helpers.h" #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> @@ -176,7 +177,7 @@ test_ext_or_init_auth(void *arg) /* Shouldn't be initialized already, or our tests will be a bit * meaningless */ ext_or_auth_cookie = tor_malloc_zero(32); - tt_assert(tor_mem_is_zero((char*)ext_or_auth_cookie, 32)); + tt_assert(fast_mem_is_zero((char*)ext_or_auth_cookie, 32)); /* Now make sure we use a temporary file */ fn = get_fname("ext_cookie_file"); @@ -201,7 +202,7 @@ test_ext_or_init_auth(void *arg) tt_mem_op(cp,OP_EQ, "! Extended ORPort Auth Cookie !\x0a", 32); tt_mem_op(cp+32,OP_EQ, ext_or_auth_cookie, 32); memcpy(cookie0, ext_or_auth_cookie, 32); - tt_assert(!tor_mem_is_zero((char*)ext_or_auth_cookie, 32)); + tt_assert(!fast_mem_is_zero((char*)ext_or_auth_cookie, 32)); /* Operation should be idempotent. */ tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1)); @@ -303,16 +304,6 @@ test_ext_or_cookie_auth(void *arg) } static void -crypto_rand_return_tse_str(char *to, size_t n) -{ - if (n != 32) { - TT_FAIL(("Asked for %d bytes, not 32", (int)n)); - return; - } - memcpy(to, "te road There is always another ", 32); -} - -static void test_ext_or_cookie_auth_testvec(void *arg) { char *reply=NULL, *client_hash=NULL; @@ -326,7 +317,7 @@ test_ext_or_cookie_auth_testvec(void *arg) memcpy(ext_or_auth_cookie, "Gliding wrapt in a brown mantle," , 32); ext_or_auth_cookie_is_set = 1; - MOCK(crypto_rand, crypto_rand_return_tse_str); + testing_enable_prefilled_rng("te road There is always another ", 32); tt_int_op(0, OP_EQ, handle_client_auth_nonce(client_nonce, 32, &client_hash, &reply, @@ -351,7 +342,7 @@ test_ext_or_cookie_auth_testvec(void *arg) "33b3cd77ff79bd80c2074bbf438119a2"); done: - UNMOCK(crypto_rand); + testing_disable_prefilled_rng(); tor_free(reply); tor_free(client_hash); tor_free(mem_op_hex_tmp); @@ -414,9 +405,9 @@ do_ext_or_handshake(or_connection_t *conn) CONTAINS("\x01\x00", 2); WRITE("\x01", 1); WRITE("But when I look ahead up the whi", 32); - MOCK(crypto_rand, crypto_rand_return_tse_str); + testing_enable_prefilled_rng("te road There is always another ", 32); tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn)); - UNMOCK(crypto_rand); + testing_disable_prefilled_rng(); tt_int_op(TO_CONN(conn)->state, OP_EQ, EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH); CONTAINS("\xec\x80\xed\x6e\x54\x6d\x3b\x36\xfd\xfc\x22\xfe\x13\x15\x41\x6b" @@ -481,9 +472,9 @@ test_ext_or_handshake(void *arg) tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn)); /* send the rest of the nonce. */ WRITE("ahead up the whi", 16); - MOCK(crypto_rand, crypto_rand_return_tse_str); + testing_enable_prefilled_rng("te road There is always another ", 32); tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn)); - UNMOCK(crypto_rand); + testing_disable_prefilled_rng(); /* We should get the right reply from the server. */ CONTAINS("\xec\x80\xed\x6e\x54\x6d\x3b\x36\xfd\xfc\x22\xfe\x13\x15\x41\x6b" "\x02\x9f\x1a\xde\x76\x10\xd9\x10\x87\x8b\x62\xee\xb7\x40\x38\x21" @@ -582,7 +573,7 @@ test_ext_or_handshake(void *arg) done: UNMOCK(connection_write_to_buf_impl_); - UNMOCK(crypto_rand); + testing_disable_prefilled_rng(); if (conn) connection_free_minimal(TO_CONN(conn)); #undef CONTAINS @@ -596,6 +587,6 @@ struct testcase_t extorport_tests[] = { { "cookie_auth", test_ext_or_cookie_auth, TT_FORK, NULL, NULL }, { "cookie_auth_testvec", test_ext_or_cookie_auth_testvec, TT_FORK, NULL, NULL }, - { "handshake", test_ext_or_handshake, TT_FORK, NULL, NULL }, + { "handshake", test_ext_or_handshake, TT_FORK, &helper_pubsub_setup, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_geoip.c b/src/test/test_geoip.c index 16c566bdbc..bf9932c169 100644 --- a/src/test/test_geoip.c +++ b/src/test/test_geoip.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_guardfraction.c b/src/test/test_guardfraction.c index ac8bfbfded..00c200e0fd 100644 --- a/src/test/test_guardfraction.c +++ b/src/test/test_guardfraction.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define GUARDFRACTION_PRIVATE diff --git a/src/test/test_handles.c b/src/test/test_handles.c index 7f1d6e1898..dbb5b1a18e 100644 --- a/src/test/test_handles.c +++ b/src/test/test_handles.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c index 802d0a9ebe..f31c28b24d 100644 --- a/src/test/test_helpers.c +++ b/src/test/test_helpers.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -9,25 +9,33 @@ #define ROUTERLIST_PRIVATE #define CONFIG_PRIVATE #define CONNECTION_PRIVATE +#define CONNECTION_OR_PRIVATE #define MAINLOOP_PRIVATE #include "orconfig.h" #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" +#include "app/main/subsysmgr.h" #include "core/mainloop/connection.h" +#include "core/or/connection_or.h" #include "lib/crypt_ops/crypto_rand.h" #include "core/mainloop/mainloop.h" #include "feature/nodelist/nodelist.h" #include "core/or/relay.h" #include "feature/nodelist/routerlist.h" +#include "lib/dispatch/dispatch.h" +#include "lib/dispatch/dispatch_naming.h" +#include "lib/pubsub/pubsub_build.h" +#include "lib/pubsub/pubsub_connect.h" #include "lib/encoding/confline.h" #include "lib/net/resolve.h" #include "core/or/cell_st.h" #include "core/or/connection_st.h" +#include "core/or/or_connection_st.h" #include "feature/nodelist/node_st.h" #include "core/or/origin_circuit_st.h" #include "feature/nodelist/routerlist_st.h" @@ -37,14 +45,14 @@ #include "test/test_connection.h" #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -DISABLE_GCC_WARNING(overlength-strings) +DISABLE_GCC_WARNING("-Woverlength-strings") /* We allow huge string constants in the unit tests, but not in the code * at large. */ #endif #include "test_descriptors.inc" #include "core/or/circuitlist.h" #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -ENABLE_GCC_WARNING(overlength-strings) +ENABLE_GCC_WARNING("-Woverlength-strings") #endif /* Return a statically allocated string representing yesterday's date @@ -78,7 +86,7 @@ helper_setup_fake_routerlist(void) { int retval; routerlist_t *our_routerlist = NULL; - smartlist_t *our_nodelist = NULL; + const smartlist_t *our_nodelist = NULL; /* Read the file that contains our test descriptors. */ @@ -189,6 +197,14 @@ fake_close_socket(tor_socket_t sock) return 0; } +/* Helper for test_conn_get_proxy_or_connection() */ +void +mock_connection_or_change_state(or_connection_t *conn, uint8_t state) +{ + tor_assert(conn); + conn->base_.state = state; +} + static int mock_connection_connect_sockaddr_called = 0; static int fake_socket_number = TEST_CONN_FD_INIT; @@ -223,6 +239,77 @@ mock_connection_connect_sockaddr(connection_t *conn, return 1; } +or_connection_t * +test_conn_get_proxy_or_connection(unsigned int proxy_type) +{ + or_connection_t *conn = NULL; + tor_addr_t dst_addr; + tor_addr_t proxy_addr; + int socket_err = 0; + int in_progress = 0; + + MOCK(connection_connect_sockaddr, + mock_connection_connect_sockaddr); + MOCK(connection_write_to_buf_impl_, + connection_write_to_buf_mock); + MOCK(connection_or_change_state, + mock_connection_or_change_state); + MOCK(tor_close_socket, fake_close_socket); + + tor_init_connection_lists(); + + conn = or_connection_new(CONN_TYPE_OR, TEST_CONN_FAMILY); + tt_assert(conn); + + /* Set up a destination address. */ + test_conn_lookup_addr_helper(TEST_CONN_ADDRESS, TEST_CONN_FAMILY, + &dst_addr); + tt_assert(!tor_addr_is_null(&dst_addr)); + + conn->proxy_type = proxy_type; + conn->base_.proxy_state = PROXY_INFANT; + + tor_addr_copy_tight(&conn->base_.addr, &dst_addr); + conn->base_.address = tor_addr_to_str_dup(&dst_addr); + conn->base_.port = TEST_CONN_PORT; + + /* Set up a proxy address. */ + test_conn_lookup_addr_helper(TEST_CONN_ADDRESS_2, TEST_CONN_FAMILY, + &proxy_addr); + tt_assert(!tor_addr_is_null(&proxy_addr)); + + conn->base_.state = OR_CONN_STATE_CONNECTING; + + mock_connection_connect_sockaddr_called = 0; + in_progress = connection_connect(TO_CONN(conn), TEST_CONN_ADDRESS_PORT, + &proxy_addr, TEST_CONN_PORT, &socket_err); + tt_int_op(mock_connection_connect_sockaddr_called, OP_EQ, 1); + tt_assert(!socket_err); + tt_assert(in_progress == 0 || in_progress == 1); + + assert_connection_ok(TO_CONN(conn), time(NULL)); + + in_progress = connection_or_finished_connecting(conn); + tt_int_op(in_progress, OP_EQ, 0); + + assert_connection_ok(TO_CONN(conn), time(NULL)); + + UNMOCK(connection_connect_sockaddr); + UNMOCK(connection_write_to_buf_impl_); + UNMOCK(connection_or_change_state); + UNMOCK(tor_close_socket); + return conn; + + /* On failure */ + done: + UNMOCK(connection_connect_sockaddr); + UNMOCK(connection_write_to_buf_impl_); + UNMOCK(connection_or_change_state); + UNMOCK(tor_close_socket); + connection_free_(TO_CONN(conn)); + return NULL; +} + /** Create and return a new connection/stream */ connection_t * test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose) @@ -290,7 +377,7 @@ helper_parse_options(const char *conf) if (ret != 0) { goto done; } - ret = config_assign(&options_format, opt, line, 0, &msg); + ret = config_assign(get_options_mgr(), opt, line, 0, &msg); if (ret != 0) { goto done; } @@ -303,3 +390,54 @@ helper_parse_options(const char *conf) } return opt; } + +/** + * Dispatch alertfn callback: flush all messages right now. Implements + * DELIV_IMMEDIATE. + **/ +static void +alertfn_immediate(dispatch_t *d, channel_id_t chan, void *arg) +{ + (void) arg; + dispatch_flush(d, chan, INT_MAX); +} + +/** + * Setup helper for tests that need pubsub active + * + * Does not hook up mainloop events. Does set immediate delivery for + * all channels. + */ +void * +helper_setup_pubsub(const struct testcase_t *testcase) +{ + dispatch_t *dispatcher = NULL; + pubsub_builder_t *builder = pubsub_builder_new(); + channel_id_t chan = get_channel_id("orconn"); + + (void)testcase; + (void)subsystems_add_pubsub(builder); + dispatcher = pubsub_builder_finalize(builder, NULL); + tor_assert(dispatcher); + dispatch_set_alert_fn(dispatcher, chan, alertfn_immediate, NULL); + chan = get_channel_id("ocirc"); + dispatch_set_alert_fn(dispatcher, chan, alertfn_immediate, NULL); + return dispatcher; +} + +/** + * Cleanup helper for tests that need pubsub active + */ +int +helper_cleanup_pubsub(const struct testcase_t *testcase, void *dispatcher_) +{ + dispatch_t *dispatcher = dispatcher_; + + (void)testcase; + dispatch_free(dispatcher); + return 1; +} + +const struct testcase_setup_t helper_pubsub_setup = { + helper_setup_pubsub, helper_cleanup_pubsub +}; diff --git a/src/test/test_helpers.h b/src/test/test_helpers.h index 9e376a563d..eaf18e19e2 100644 --- a/src/test/test_helpers.h +++ b/src/test/test_helpers.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef TOR_TEST_HELPERS_H @@ -7,6 +7,7 @@ #define BUFFERS_PRIVATE #include "core/or/or.h" +#include "tinytest.h" const char *get_yesterday_date_str(void); @@ -25,11 +26,19 @@ char *buf_get_contents(buf_t *buf, size_t *sz_out); int mock_tor_addr_lookup__fail_on_bad_addrs(const char *name, uint16_t family, tor_addr_t *out); +void mock_connection_or_change_state(or_connection_t *conn, uint8_t state); + +or_connection_t *test_conn_get_proxy_or_connection(unsigned int proxy_type); connection_t *test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose); or_options_t *helper_parse_options(const char *conf); extern const char TEST_DESCRIPTORS[]; +void *helper_setup_pubsub(const struct testcase_t *); +int helper_cleanup_pubsub(const struct testcase_t *, void *); + +extern const struct testcase_setup_t helper_pubsub_setup; + #endif /* !defined(TOR_TEST_HELPERS_H) */ diff --git a/src/test/test_hs.c b/src/test/test_hs.c index a611b46ca6..46b4493a3d 100644 --- a/src/test/test_hs.c +++ b/src/test/test_hs.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2007-2019, The Tor Project, Inc. */ +/* Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,7 +6,7 @@ * \brief Unit tests for hidden service. **/ -#define CONTROL_PRIVATE +#define CONTROL_EVENTS_PRIVATE #define CIRCUITBUILD_PRIVATE #define RENDCOMMON_PRIVATE #define RENDSERVICE_PRIVATE @@ -15,6 +15,8 @@ #include "core/or/or.h" #include "test/test.h" #include "feature/control/control.h" +#include "feature/control/control_events.h" +#include "feature/control/control_fmt.h" #include "app/config/config.h" #include "feature/hs/hs_common.h" #include "feature/rend/rendcommon.h" @@ -321,6 +323,16 @@ test_hs_desc_event(void *arg) tt_str_op(received_msg,OP_EQ, expected_msg); tor_free(received_msg); + /* test HSDir rate limited */ + rend_query.auth_type = REND_NO_AUTH; + control_event_hsv2_descriptor_failed(&rend_query.base_, NULL, + "QUERY_RATE_LIMITED"); + expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" NO_AUTH " \ + "UNKNOWN REASON=QUERY_RATE_LIMITED\r\n"; + tt_assert(received_msg); + tt_str_op(received_msg,OP_EQ, expected_msg); + tor_free(received_msg); + /* Test invalid content with no HSDir fingerprint. */ char *exp_msg; control_event_hs_descriptor_content(rend_query.onion_address, @@ -436,7 +448,7 @@ test_hs_rend_data(void *arg) tt_int_op(client_v2->auth_type, OP_EQ, REND_BASIC_AUTH); tt_int_op(strlen(client_v2->onion_address), OP_EQ, 0); tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id)); - tt_int_op(tor_mem_is_zero(client_v2->descriptor_cookie, + tt_int_op(fast_mem_is_zero(client_v2->descriptor_cookie, sizeof(client_v2->descriptor_cookie)), OP_EQ, 1); tt_assert(client->hsdirs_fp); tt_int_op(smartlist_len(client->hsdirs_fp), OP_EQ, 0); diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c index 742fa349d9..df96b2c791 100644 --- a/src/test/test_hs_cache.c +++ b/src/test/test_hs_cache.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -10,6 +10,7 @@ #define DIRCACHE_PRIVATE #define DIRCLIENT_PRIVATE #define HS_CACHE_PRIVATE +#define CHANNEL_OBJECT_PRIVATE #include "trunnel/ed25519_cert.h" #include "feature/hs/hs_cache.h" @@ -19,8 +20,14 @@ #include "feature/nodelist/networkstatus.h" #include "core/mainloop/connection.h" #include "core/proto/proto_http.h" +#include "core/or/circuitlist.h" +#include "core/or/channel.h" #include "lib/crypt_ops/crypto_format.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "core/or/edge_connection_st.h" +#include "core/or/or_circuit_st.h" +#include "core/or/or_connection_st.h" #include "feature/dircommon/dir_connection_st.h" #include "feature/nodelist/networkstatus_st.h" @@ -232,22 +239,31 @@ helper_fetch_desc_from_hsdir(const ed25519_public_key_t *blinded_key) /* The dir conn we are going to simulate */ dir_connection_t *conn = NULL; + edge_connection_t *edge_conn = NULL; + or_circuit_t *or_circ = NULL; /* First extract the blinded public key that we are going to use in our query, and then build the actual query string. */ { char hsdir_cache_key[ED25519_BASE64_LEN+1]; - retval = ed25519_public_to_base64(hsdir_cache_key, - blinded_key); - tt_int_op(retval, OP_EQ, 0); + ed25519_public_to_base64(hsdir_cache_key, blinded_key); tor_asprintf(&hsdir_query_str, GET("/tor/hs/3/%s"), hsdir_cache_key); } /* Simulate an HTTP GET request to the HSDir */ conn = dir_connection_new(AF_INET); + tt_assert(conn); + TO_CONN(conn)->linked = 1; /* Signal that it is encrypted. */ tor_addr_from_ipv4h(&conn->base_.addr, 0x7f000001); - TO_CONN(conn)->linked = 1;/* Pretend the conn is encrypted :) */ + + /* Pretend this conn is anonymous. */ + edge_conn = edge_connection_new(CONN_TYPE_EXIT, AF_INET); + TO_CONN(conn)->linked_conn = TO_CONN(edge_conn); + or_circ = or_circuit_new(0, NULL); + or_circ->p_chan = tor_malloc_zero(sizeof(channel_t)); + edge_conn->on_circuit = TO_CIRCUIT(or_circ); + retval = directory_handle_command_get(conn, hsdir_query_str, NULL, 0); tt_int_op(retval, OP_EQ, 0); @@ -264,8 +280,11 @@ helper_fetch_desc_from_hsdir(const ed25519_public_key_t *blinded_key) done: tor_free(hsdir_query_str); - if (conn) + if (conn) { + tor_free(or_circ->p_chan); + connection_free_minimal(TO_CONN(conn)->linked_conn); connection_free_minimal(TO_CONN(conn)); + } return received_desc; } @@ -351,7 +370,7 @@ test_hsdir_revision_counter_check(void *arg) hs_descriptor_t *published_desc = NULL; char *published_desc_str = NULL; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; char *received_desc_str = NULL; hs_descriptor_t *received_desc = NULL; @@ -388,12 +407,12 @@ test_hsdir_revision_counter_check(void *arg) const ed25519_public_key_t *blinded_key; blinded_key = &published_desc->plaintext_data.blinded_pubkey; - hs_get_subcredential(&signing_kp.pubkey, blinded_key, subcredential); + hs_get_subcredential(&signing_kp.pubkey, blinded_key, &subcredential); received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); retval = hs_desc_decode_descriptor(received_desc_str, - subcredential, NULL, &received_desc); - tt_int_op(retval, OP_EQ, 0); + &subcredential, NULL, &received_desc); + tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK); tt_assert(received_desc); /* Check that the revision counter is correct */ @@ -425,8 +444,8 @@ test_hsdir_revision_counter_check(void *arg) received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); retval = hs_desc_decode_descriptor(received_desc_str, - subcredential, NULL, &received_desc); - tt_int_op(retval, OP_EQ, 0); + &subcredential, NULL, &received_desc); + tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK); tt_assert(received_desc); /* Check that the revision counter is the latest */ @@ -458,7 +477,7 @@ test_client_cache(void *arg) ed25519_keypair_t signing_kp; hs_descriptor_t *published_desc = NULL; char *published_desc_str = NULL; - uint8_t wanted_subcredential[DIGEST256_LEN]; + hs_subcredential_t wanted_subcredential; response_handler_args_t *args = NULL; dir_connection_t *conn = NULL; @@ -487,8 +506,10 @@ test_client_cache(void *arg) retval = hs_desc_encode_descriptor(published_desc, &signing_kp, NULL, &published_desc_str); tt_int_op(retval, OP_EQ, 0); - memcpy(wanted_subcredential, published_desc->subcredential, DIGEST256_LEN); - tt_assert(!tor_mem_is_zero((char*)wanted_subcredential, DIGEST256_LEN)); + memcpy(&wanted_subcredential, &published_desc->subcredential, + sizeof(hs_subcredential_t)); + tt_assert(!fast_mem_is_zero((char*)wanted_subcredential.subcred, + DIGEST256_LEN)); } /* Test handle_response_fetch_hsdesc_v3() */ @@ -522,8 +543,9 @@ test_client_cache(void *arg) const hs_descriptor_t *cached_desc = NULL; cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey); tt_assert(cached_desc); - tt_mem_op(cached_desc->subcredential, OP_EQ, wanted_subcredential, - DIGEST256_LEN); + tt_mem_op(cached_desc->subcredential.subcred, + OP_EQ, wanted_subcredential.subcred, + SUBCRED_LEN); } /* Progress time to next TP and check that desc was cleaned */ @@ -550,6 +572,136 @@ test_client_cache(void *arg) } } +/** Test that we can store HS descriptors in the client HS cache. */ +static void +test_client_cache_decrypt(void *arg) +{ + int ret; + char *desc_encoded = NULL; + uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; + curve25519_keypair_t client_kp; + ed25519_keypair_t service_kp; + hs_descriptor_t *desc = NULL; + const hs_descriptor_t *search_desc; + const char *search_desc_encoded; + + (void) arg; + + /* Initialize HSDir cache subsystem */ + hs_init(); + + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + + /* Set consensus time */ + parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", + &mock_ns.valid_until); + + /* Generate a valid descriptor with normal values. */ + { + ret = ed25519_keypair_generate(&service_kp, 0); + tt_int_op(ret, OP_EQ, 0); + ret = curve25519_keypair_generate(&client_kp, 0); + tt_int_op(ret, OP_EQ, 0); + crypto_rand((char *) descriptor_cookie, sizeof(descriptor_cookie)); + + desc = hs_helper_build_hs_desc_with_client_auth(descriptor_cookie, + &client_kp.pubkey, + &service_kp); + tt_assert(desc); + ret = hs_desc_encode_descriptor(desc, &service_kp, descriptor_cookie, + &desc_encoded); + tt_int_op(ret, OP_EQ, 0); + } + + /* Put it in the cache. Should not be decrypted since the client + * authorization creds were not added to the global map. */ + ret = hs_cache_store_as_client(desc_encoded, &service_kp.pubkey); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH); + + /* We should not be able to decrypt anything. */ + ret = hs_cache_client_new_auth_parse(&service_kp.pubkey); + tt_int_op(ret, OP_EQ, false); + + /* Add client auth to global map. */ + hs_helper_add_client_auth(&service_kp.pubkey, &client_kp.seckey); + + /* We should not be able to decrypt anything. */ + ret = hs_cache_client_new_auth_parse(&service_kp.pubkey); + tt_int_op(ret, OP_EQ, true); + + /* Lookup the cache to make sure it is usable and there. */ + search_desc = hs_cache_lookup_as_client(&service_kp.pubkey); + tt_assert(search_desc); + search_desc_encoded = hs_cache_lookup_encoded_as_client(&service_kp.pubkey); + tt_mem_op(search_desc_encoded, OP_EQ, desc_encoded, strlen(desc_encoded)); + + done: + hs_descriptor_free(desc); + tor_free(desc_encoded); + + hs_free_all(); + + UNMOCK(networkstatus_get_reasonably_live_consensus); +} + +static void +test_client_cache_remove(void *arg) +{ + int ret; + ed25519_keypair_t service_kp; + hs_descriptor_t *desc1 = NULL; + + (void) arg; + + hs_init(); + + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + + /* Set consensus time. Lookup will not return the entry if it has expired + * and it is checked against the consensus valid_after time. */ + parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", + &mock_ns.valid_until); + + /* Generate service keypair */ + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0)); + + /* Build a descriptor and cache it. */ + { + char *encoded; + desc1 = hs_helper_build_hs_desc_with_ip(&service_kp); + tt_assert(desc1); + ret = hs_desc_encode_descriptor(desc1, &service_kp, NULL, &encoded); + tt_int_op(ret, OP_EQ, 0); + tt_assert(encoded); + + /* Store it */ + ret = hs_cache_store_as_client(encoded, &service_kp.pubkey); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); + tor_free(encoded); + tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey)); + } + + /* Remove the cached entry. */ + hs_cache_remove_as_client(&service_kp.pubkey); + tt_assert(!hs_cache_lookup_as_client(&service_kp.pubkey)); + + done: + hs_descriptor_free(desc1); + hs_free_all(); + + UNMOCK(networkstatus_get_reasonably_live_consensus); +} + struct testcase_t hs_cache[] = { /* Encoding tests. */ { "directory", test_directory, TT_FORK, @@ -562,6 +714,10 @@ struct testcase_t hs_cache[] = { NULL, NULL }, { "client_cache", test_client_cache, TT_FORK, NULL, NULL }, + { "client_cache_decrypt", test_client_cache_decrypt, TT_FORK, + NULL, NULL }, + { "client_cache_remove", test_client_cache_remove, TT_FORK, + NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_hs_cell.c b/src/test/test_hs_cell.c index f8af631c8b..5406339276 100644 --- a/src/test/test_hs_cell.c +++ b/src/test/test_hs_cell.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -20,6 +20,7 @@ #include "feature/hs/hs_service.h" /* Trunnel. */ +#include "trunnel/hs/cell_common.h" #include "trunnel/hs/cell_establish_intro.h" /** We simulate the creation of an outgoing ESTABLISH_INTRO cell, and then we @@ -38,11 +39,13 @@ test_gen_establish_intro_cell(void *arg) /* Create outgoing ESTABLISH_INTRO cell and extract its payload so that we attempt to parse it. */ { + hs_service_config_t config; + memset(&config, 0, sizeof(config)); /* We only need the auth key pair here. */ - hs_service_intro_point_t *ip = service_intro_point_new(NULL, 0, 0); + hs_service_intro_point_t *ip = service_intro_point_new(NULL); /* Auth key pair is generated in the constructor so we are all set for * using this IP object. */ - ret = hs_cell_build_establish_intro(circ_nonce, ip, buf); + ret = hs_cell_build_establish_intro(circ_nonce, &config, ip, buf); service_intro_point_free(ip); tt_u64_op(ret, OP_GT, 0); } @@ -97,6 +100,9 @@ test_gen_establish_intro_cell_bad(void *arg) trn_cell_establish_intro_t *cell = NULL; char circ_nonce[DIGEST_LEN] = {0}; hs_service_intro_point_t *ip = NULL; + hs_service_config_t config; + + memset(&config, 0, sizeof(config)); MOCK(ed25519_sign_prefixed, mock_ed25519_sign_prefixed); @@ -107,8 +113,8 @@ test_gen_establish_intro_cell_bad(void *arg) ed25519_sign_prefixed() function and make it fail. */ cell = trn_cell_establish_intro_new(); tt_assert(cell); - ip = service_intro_point_new(NULL, 0, 0); - cell_len = hs_cell_build_establish_intro(circ_nonce, ip, NULL); + ip = service_intro_point_new(NULL); + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, NULL); service_intro_point_free(ip); expect_log_msg_containing("Unable to make signature for " "ESTABLISH_INTRO cell."); @@ -120,11 +126,97 @@ test_gen_establish_intro_cell_bad(void *arg) UNMOCK(ed25519_sign_prefixed); } +static void +test_gen_establish_intro_dos_ext(void *arg) +{ + ssize_t ret; + hs_service_config_t config; + hs_service_intro_point_t *ip = NULL; + trn_cell_extension_t *extensions = NULL; + trn_cell_extension_dos_t *dos = NULL; + + (void) arg; + + memset(&config, 0, sizeof(config)); + ip = service_intro_point_new(NULL); + tt_assert(ip); + ip->support_intro2_dos_defense = 1; + + /* Case 1: No DoS parameters so no extension to be built. */ + extensions = build_establish_intro_extensions(&config, ip); + tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 0); + trn_cell_extension_free(extensions); + extensions = NULL; + + /* Case 2: Enable the DoS extension. Parameter set to 0 should indicate to + * disable the defense on the intro point but there should be an extension + * nonetheless in the cell. */ + config.has_dos_defense_enabled = 1; + extensions = build_establish_intro_extensions(&config, ip); + tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 1); + /* Validate the extension. */ + const trn_cell_extension_field_t *field = + trn_cell_extension_getconst_fields(extensions, 0); + tt_int_op(trn_cell_extension_field_get_field_type(field), OP_EQ, + TRUNNEL_CELL_EXTENSION_TYPE_DOS); + ret = trn_cell_extension_dos_parse(&dos, + trn_cell_extension_field_getconstarray_field(field), + trn_cell_extension_field_getlen_field(field)); + tt_int_op(ret, OP_EQ, 19); + /* Rate per sec param. */ + const trn_cell_extension_dos_param_t *param = + trn_cell_extension_dos_getconst_params(dos, 0); + tt_int_op(trn_cell_extension_dos_param_get_type(param), OP_EQ, + TRUNNEL_DOS_PARAM_TYPE_INTRO2_RATE_PER_SEC); + tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 0); + /* Burst per sec param. */ + param = trn_cell_extension_dos_getconst_params(dos, 1); + tt_int_op(trn_cell_extension_dos_param_get_type(param), OP_EQ, + TRUNNEL_DOS_PARAM_TYPE_INTRO2_BURST_PER_SEC); + tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 0); + trn_cell_extension_dos_free(dos); dos = NULL; + trn_cell_extension_free(extensions); extensions = NULL; + + /* Case 3: Enable the DoS extension. Parameter set to some normal values. */ + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = 42; + config.intro_dos_burst_per_sec = 250; + extensions = build_establish_intro_extensions(&config, ip); + tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 1); + /* Validate the extension. */ + field = trn_cell_extension_getconst_fields(extensions, 0); + tt_int_op(trn_cell_extension_field_get_field_type(field), OP_EQ, + TRUNNEL_CELL_EXTENSION_TYPE_DOS); + ret = trn_cell_extension_dos_parse(&dos, + trn_cell_extension_field_getconstarray_field(field), + trn_cell_extension_field_getlen_field(field)); + tt_int_op(ret, OP_EQ, 19); + /* Rate per sec param. */ + param = trn_cell_extension_dos_getconst_params(dos, 0); + tt_int_op(trn_cell_extension_dos_param_get_type(param), OP_EQ, + TRUNNEL_DOS_PARAM_TYPE_INTRO2_RATE_PER_SEC); + tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 42); + /* Burst per sec param. */ + param = trn_cell_extension_dos_getconst_params(dos, 1); + tt_int_op(trn_cell_extension_dos_param_get_type(param), OP_EQ, + TRUNNEL_DOS_PARAM_TYPE_INTRO2_BURST_PER_SEC); + tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 250); + trn_cell_extension_dos_free(dos); dos = NULL; + trn_cell_extension_free(extensions); extensions = NULL; + + done: + service_intro_point_free(ip); + trn_cell_extension_dos_free(dos); + trn_cell_extension_free(extensions); +} + struct testcase_t hs_cell_tests[] = { { "gen_establish_intro_cell", test_gen_establish_intro_cell, TT_FORK, NULL, NULL }, { "gen_establish_intro_cell_bad", test_gen_establish_intro_cell_bad, TT_FORK, NULL, NULL }, + { "gen_establish_intro_dos_ext", test_gen_establish_intro_dos_ext, TT_FORK, + NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 53ee3c53d2..0cd7d81eea 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -10,10 +10,11 @@ #define CRYPTO_PRIVATE #define MAINLOOP_PRIVATE #define HS_CLIENT_PRIVATE -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define CIRCUITBUILD_PRIVATE #define CIRCUITLIST_PRIVATE #define CONNECTION_PRIVATE +#define CRYPT_PATH_PRIVATE #include "test/test.h" #include "test/test_helpers.h" @@ -24,6 +25,7 @@ #include "app/config/config.h" #include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_dh.h" +#include "lib/crypt_ops/crypto_rand.h" #include "core/or/channeltls.h" #include "feature/dircommon/directory.h" #include "core/mainloop/mainloop.h" @@ -36,6 +38,7 @@ #include "feature/hs/hs_config.h" #include "feature/hs/hs_ident.h" #include "feature/hs/hs_cache.h" +#include "feature/rend/rendcache.h" #include "core/or/circuitlist.h" #include "core/or/circuitbuild.h" #include "core/mainloop/connection.h" @@ -44,6 +47,7 @@ #include "core/or/cpath_build_state_st.h" #include "core/or/crypt_path_st.h" +#include "core/or/crypt_path.h" #include "feature/dircommon/dir_connection_st.h" #include "core/or/entry_connection_st.h" #include "core/or/extend_info_st.h" @@ -78,6 +82,23 @@ mock_networkstatus_get_reasonably_live_consensus(time_t now, int flavor) } static int +mock_write_str_to_file(const char *path, const char *str, int bin) +{ + (void) bin; + (void) path; + (void) str; + return 0; +} + +static or_options_t mocked_options; + +static const or_options_t * +mock_get_options(void) +{ + return &mocked_options; +} + +static int helper_config_client(const char *conf, int validate_only) { int ret = 0; @@ -91,6 +112,24 @@ helper_config_client(const char *conf, int validate_only) return ret; } +static void +helper_add_random_client_auth(const ed25519_public_key_t *service_pk) +{ + char *conf = NULL; +#define conf_fmt "ClientOnionAuthDir %s\n" + tor_asprintf(&conf, conf_fmt, get_fname("auth_keys")); +#undef conf_fmt + helper_config_client(conf, 0); + tor_free(conf); + + digest256map_t *client_auths = get_hs_client_auths_map(); + hs_client_service_authorization_t *auth = + tor_malloc_zero(sizeof(hs_client_service_authorization_t)); + curve25519_secret_key_generate(&auth->enc_seckey, 0); + hs_build_address(service_pk, HS_VERSION_THREE, auth->onion_address); + digest256map_set(client_auths, service_pk->pubkey, auth); +} + /* Test helper function: Setup a circuit and a stream with the same hidden * service destination, and put them in <b>circ_out</b> and * <b>conn_out</b>. Make the stream wait for circuits to be established to the @@ -159,8 +198,7 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out, or_circ->rend_data = rend_data_dup(conn_rend_data); } else { /* prop224: Setup hs ident on the circuit */ - or_circ->hs_ident = hs_ident_circuit_new(&service_pk, - HS_IDENT_CIRCUIT_RENDEZVOUS); + or_circ->hs_ident = hs_ident_circuit_new(&service_pk); } TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN; @@ -243,12 +281,14 @@ test_e2e_rend_circuit_setup_legacy(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA1); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA1); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); @@ -285,7 +325,7 @@ test_e2e_rend_circuit_setup(void *arg) mock_connection_ap_handshake_send_begin); /* Setup */ - retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 0); + retval = helper_get_circ_and_stream_for_test(&or_circ, &conn, 0); tt_int_op(retval, OP_EQ, 0); tt_assert(or_circ); tt_assert(conn); @@ -301,9 +341,8 @@ test_e2e_rend_circuit_setup(void *arg) /**********************************************/ /* Setup the circuit */ - retval = hs_circuit_setup_e2e_rend_circ(or_circ, - ntor_key_seed, sizeof(ntor_key_seed), - 0); + retval = hs_circuit_setup_e2e_rend_circ(or_circ, ntor_key_seed, + sizeof(ntor_key_seed), 0); tt_int_op(retval, OP_EQ, 0); /**********************************************/ @@ -313,12 +352,12 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check that the crypt path has prop224 algorithm parameters */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); @@ -389,15 +428,17 @@ test_client_pick_intro(void *arg) tt_assert(encoded); /* store it */ - hs_cache_store_as_client(encoded, &service_kp.pubkey); + ret = hs_cache_store_as_client(encoded, &service_kp.pubkey); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); /* fetch it to make sure it works */ const hs_descriptor_t *fetched_desc = hs_cache_lookup_as_client(&service_kp.pubkey); tt_assert(fetched_desc); - tt_mem_op(fetched_desc->subcredential, OP_EQ, desc->subcredential, - DIGEST256_LEN); - tt_assert(!tor_mem_is_zero((char*)fetched_desc->subcredential, + tt_mem_op(fetched_desc->subcredential.subcred, + OP_EQ, desc->subcredential.subcred, + SUBCRED_LEN); + tt_assert(!fast_mem_is_zero((char*)fetched_desc->subcredential.subcred, DIGEST256_LEN)); tor_free(encoded); } @@ -405,6 +446,9 @@ test_client_pick_intro(void *arg) /* 2) Mark all intro points except _the chosen one_ as failed. Then query the * desc and get a random intro: check that we got _the chosen one_. */ { + /* Tell hs_get_extend_info_from_lspecs() to skip the private address check. + */ + get_options_mutable()->ExtendAllowPrivateAddresses = 1; /* Pick the chosen intro point and get its ei */ hs_desc_intro_point_t *chosen_intro_point = smartlist_get(desc->encrypted_data.intro_points, 0); @@ -432,7 +476,7 @@ test_client_pick_intro(void *arg) for (int i = 0; i < 64; ++i) { extend_info_t *ip = client_get_random_intro(&service_kp.pubkey); tor_assert(ip); - tt_assert(!tor_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN)); + tt_assert(!fast_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN)); tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest, DIGEST_LEN); extend_info_free(ip); @@ -478,6 +522,18 @@ test_client_pick_intro(void *arg) SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, hs_desc_intro_point_t *, ip) { extend_info_t *intro_ei = desc_intro_point_to_extend_info(ip); + /* desc_intro_point_to_extend_info() doesn't return IPv6 intro points + * yet, because we can't extend to them. See #24404, #24451, and #24181. + */ + if (intro_ei == NULL) { + /* Pretend we're making a direct connection, and that we can use IPv6 + */ + get_options_mutable()->ClientUseIPv6 = 1; + intro_ei = hs_get_extend_info_from_lspecs(ip->link_specifiers, + &ip->onion_key, 1); + tt_assert(tor_addr_family(&intro_ei->addr) == AF_INET6); + } + tt_assert(intro_ei); if (intro_ei) { const char *ptr; char ip_addr[TOR_ADDR_BUF_LEN]; @@ -531,6 +587,17 @@ mock_connection_mark_unattached_ap_(entry_connection_t *conn, int endreason, } static void +mock_connection_mark_unattached_ap_no_close(entry_connection_t *conn, + int endreason, int line, + const char *file) +{ + (void) conn; + (void) endreason; + (void) line; + (void) file; +} + +static void test_descriptor_fetch(void *arg) { int ret; @@ -668,6 +735,10 @@ test_parse_auth_file_content(void *arg) /* Bigger key than it should be */ tt_assert(!parse_auth_file_content("xx:descriptor:x25519:" "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa")); + /* All-zeroes key */ + tt_assert(!parse_auth_file_content("xx:descriptor:x25519:" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")); + done: tor_free(auth); } @@ -805,6 +876,7 @@ test_desc_has_arrived_cleanup(void *arg) ed25519_keypair_t signing_kp; entry_connection_t *socks1 = NULL, *socks2 = NULL; hs_ident_dir_conn_t hs_dir_ident; + dir_connection_t *dir_conn = NULL; (void) arg; @@ -833,7 +905,7 @@ test_desc_has_arrived_cleanup(void *arg) /* Store in the client cache. */ ret = hs_cache_store_as_client(desc_str, &signing_kp.pubkey); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey); tt_assert(cached_desc); hs_helper_desc_equal(desc, cached_desc); @@ -861,9 +933,11 @@ test_desc_has_arrived_cleanup(void *arg) * SOCKS connection to be ended with a resolved failed. */ hs_ident_dir_conn_init(&signing_kp.pubkey, &desc->plaintext_data.blinded_pubkey, &hs_dir_ident); - hs_client_desc_has_arrived(&hs_dir_ident); + dir_conn = dir_connection_new(AF_INET); + dir_conn->hs_ident = hs_ident_dir_conn_dup(&hs_dir_ident); + hs_client_dir_fetch_done(dir_conn, "A reason", desc_str, 200); + connection_free_minimal(TO_CONN(dir_conn)); tt_int_op(socks1->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED); - /* XXX: MUST work with OP_EQ. */ tt_int_op(socks2->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED); /* Now let say tor cleans up the intro state cache which resets all intro @@ -872,7 +946,6 @@ test_desc_has_arrived_cleanup(void *arg) /* Retrying all SOCKS which should basically do nothing since we don't have * any pending SOCKS connection in AP_CONN_STATE_RENDDESC_WAIT state. */ - /* XXX: BUG() is triggered here, shouldn't if socks2 wasn't alive. */ retry_all_socks_conn_waiting_for_desc(); done: @@ -899,6 +972,7 @@ test_close_intro_circuits_new_desc(void *arg) (void) arg; hs_init(); + rend_cache_init(); /* This is needed because of the client cache expiration timestamp is based * on having a consensus. See cached_client_descriptor_has_expired(). */ @@ -923,6 +997,51 @@ test_close_intro_circuits_new_desc(void *arg) circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING; ocirc = TO_ORIGIN_CIRCUIT(circ); + /* Build a descriptor _without_ client authorization and thus not + * decryptable. Make sure the close circuit code path is not triggered. */ + { + char *desc_encoded = NULL; + uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; + curve25519_keypair_t client_kp; + hs_descriptor_t *desc = NULL; + + tt_int_op(0, OP_EQ, curve25519_keypair_generate(&client_kp, 0)); + crypto_rand((char *) descriptor_cookie, sizeof(descriptor_cookie)); + + desc = hs_helper_build_hs_desc_with_client_auth(descriptor_cookie, + &client_kp.pubkey, + &service_kp); + tt_assert(desc); + ret = hs_desc_encode_descriptor(desc, &service_kp, descriptor_cookie, + &desc_encoded); + tt_int_op(ret, OP_EQ, 0); + /* Associate descriptor intro key with the dummy circuit. */ + const hs_desc_intro_point_t *ip = + smartlist_get(desc->encrypted_data.intro_points, 0); + tt_assert(ip); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, + &ip->auth_key_cert->signed_key); + hs_descriptor_free(desc); + tt_assert(desc_encoded); + /* Put it in the cache. Should not be decrypted since the client + * authorization creds were not added to the global map. */ + ret = hs_cache_store_as_client(desc_encoded, &service_kp.pubkey); + tor_free(desc_encoded); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH); + + /* Clean cache with a future timestamp. It will trigger the clean up and + * attempt to close the circuit but only if the descriptor is decryptable. + * Cache object should be removed and circuit untouched. */ + hs_cache_clean_as_client(mock_ns.valid_after + (60 * 60 * 24)); + tt_assert(!hs_cache_lookup_as_client(&service_kp.pubkey)); + + /* Make sure the circuit still there. */ + tt_assert(circuit_get_next_intro_circ(NULL, true)); + /* Get rid of the ident, it will be replaced in the next tests. */ + hs_ident_circuit_free(ocirc->hs_ident); + } + /* Build the first descriptor and cache it. */ { char *encoded; @@ -934,7 +1053,7 @@ test_close_intro_circuits_new_desc(void *arg) /* Store it */ ret = hs_cache_store_as_client(encoded, &service_kp.pubkey); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tor_free(encoded); tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey)); } @@ -944,8 +1063,7 @@ test_close_intro_circuits_new_desc(void *arg) const hs_desc_intro_point_t *ip = smartlist_get(desc1->encrypted_data.intro_points, 0); tt_assert(ip); - ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey, - HS_IDENT_CIRCUIT_INTRO); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, &ip->auth_key_cert->signed_key); } @@ -971,7 +1089,7 @@ test_close_intro_circuits_new_desc(void *arg) tt_assert(encoded); ret = hs_cache_store_as_client(encoded, &service_kp.pubkey); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tor_free(encoded); tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey)); } @@ -988,6 +1106,451 @@ test_close_intro_circuits_new_desc(void *arg) UNMOCK(networkstatus_get_reasonably_live_consensus); } +static void +test_close_intro_circuits_cache_clean(void *arg) +{ + int ret; + ed25519_keypair_t service_kp; + circuit_t *circ = NULL; + origin_circuit_t *ocirc = NULL; + hs_descriptor_t *desc1 = NULL; + + (void) arg; + + hs_init(); + rend_cache_init(); + + /* This is needed because of the client cache expiration timestamp is based + * on having a consensus. See cached_client_descriptor_has_expired(). */ + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + + /* Set consensus time */ + parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", + &mock_ns.valid_until); + + /* Generate service keypair */ + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0)); + + /* Create and add to the global list a dummy client introduction circuits. + * We'll then make sure the hs_ident is attached to a dummy descriptor. */ + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING; + ocirc = TO_ORIGIN_CIRCUIT(circ); + + /* Build the first descriptor and cache it. */ + { + char *encoded; + desc1 = hs_helper_build_hs_desc_with_ip(&service_kp); + tt_assert(desc1); + ret = hs_desc_encode_descriptor(desc1, &service_kp, NULL, &encoded); + tt_int_op(ret, OP_EQ, 0); + tt_assert(encoded); + + /* Store it */ + ret = hs_cache_store_as_client(encoded, &service_kp.pubkey); + tt_int_op(ret, OP_EQ, 0); + tor_free(encoded); + tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey)); + } + + /* We'll pick one introduction point and associate it with the circuit. */ + { + const hs_desc_intro_point_t *ip = + smartlist_get(desc1->encrypted_data.intro_points, 0); + tt_assert(ip); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, + &ip->auth_key_cert->signed_key); + } + + /* Before we are about to clean up the intro circuits, make sure it is + * actually there. */ + tt_assert(circuit_get_next_intro_circ(NULL, true)); + + /* Cleanup the client cache. The ns valid after time is what decides if the + * descriptor has expired so put it in the future enough (72h) so we are + * sure to always expire. */ + mock_ns.valid_after = approx_time() + (72 * 24 * 60 * 60); + hs_cache_clean_as_client(0); + + /* Once stored, our intro circuit should be closed because it is related to + * an old introduction point that doesn't exists anymore. */ + tt_assert(!circuit_get_next_intro_circ(NULL, true)); + + done: + circuit_free(circ); + hs_descriptor_free(desc1); + hs_free_all(); + rend_cache_free_all(); + UNMOCK(networkstatus_get_reasonably_live_consensus); +} + +static void +test_socks_hs_errors(void *arg) +{ + int ret; + char digest[DIGEST_LEN]; + char *desc_encoded = NULL; + circuit_t *circ = NULL; + origin_circuit_t *ocirc = NULL; + tor_addr_t addr; + ed25519_keypair_t service_kp; + ed25519_keypair_t signing_kp; + entry_connection_t *socks_conn = NULL; + dir_connection_t *dir_conn = NULL; + hs_descriptor_t *desc = NULL; + uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; + + (void) arg; + + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + MOCK(connection_mark_unattached_ap_, + mock_connection_mark_unattached_ap_no_close); + MOCK(read_file_to_str, mock_read_file_to_str); + MOCK(tor_listdir, mock_tor_listdir); + MOCK(check_private_dir, mock_check_private_dir); + + /* Set consensus time */ + parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", + &mock_ns.valid_until); + + hs_init(); + + ret = ed25519_keypair_generate(&service_kp, 0); + tt_int_op(ret, OP_EQ, 0); + ret = ed25519_keypair_generate(&signing_kp, 0); + tt_int_op(ret, OP_EQ, 0); + + socks_conn = helper_build_socks_connection(&service_kp.pubkey, + AP_CONN_STATE_RENDDESC_WAIT); + tt_assert(socks_conn); + + /* Create directory connection. */ + dir_conn = dir_connection_new(AF_INET); + dir_conn->hs_ident = tor_malloc_zero(sizeof(hs_ident_dir_conn_t)); + TO_CONN(dir_conn)->purpose = DIR_PURPOSE_FETCH_HSDESC; + ed25519_pubkey_copy(&dir_conn->hs_ident->identity_pk, &service_kp.pubkey); + + /* Encode descriptor so we can decode it. */ + desc = hs_helper_build_hs_desc_with_ip(&service_kp); + tt_assert(desc); + + /* Before testing the client authentication error code, encode the + * descriptor with no client auth. */ + ret = hs_desc_encode_descriptor(desc, &service_kp, NULL, &desc_encoded); + tt_int_op(ret, OP_EQ, 0); + tt_assert(desc_encoded); + + /* + * Test the introduction failure codes (X'F2' and X'F7') + */ + + /* First, we have to put all the IPs in the failure cache. */ + SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, + hs_desc_intro_point_t *, ip) { + hs_cache_client_intro_state_note(&service_kp.pubkey, + &ip->auth_key_cert->signed_key, + INTRO_POINT_FAILURE_GENERIC); + } SMARTLIST_FOREACH_END(ip); + + hs_client_dir_fetch_done(dir_conn, "Reason", desc_encoded, 200); + tt_int_op(socks_conn->socks_request->socks_extended_error_code, OP_EQ, + SOCKS5_HS_INTRO_FAILED); + + /* Purge client cache of the descriptor so we can go again. */ + hs_cache_purge_as_client(); + + /* Second, set all failures to be time outs. */ + SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, + hs_desc_intro_point_t *, ip) { + hs_cache_client_intro_state_note(&service_kp.pubkey, + &ip->auth_key_cert->signed_key, + INTRO_POINT_FAILURE_TIMEOUT); + } SMARTLIST_FOREACH_END(ip); + + hs_client_dir_fetch_done(dir_conn, "Reason", desc_encoded, 200); + tt_int_op(socks_conn->socks_request->socks_extended_error_code, OP_EQ, + SOCKS5_HS_INTRO_TIMEDOUT); + + /* Purge client cache of the descriptor so we can go again. */ + hs_cache_purge_as_client(); + + /* + * Test the rendezvous failure codes (X'F3') + */ + + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_REND_READY; + ocirc = TO_ORIGIN_CIRCUIT(circ); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ocirc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); + /* Code path will log this exit so build it. */ + ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, + NULL, NULL, NULL, &addr, + 4242); + /* Attach socks connection to this rendezvous circuit. */ + ocirc->p_streams = ENTRY_TO_EDGE_CONN(socks_conn); + /* Trigger the rendezvous failure. Timeout the circuit and free. */ + circuit_mark_for_close(circ, END_CIRC_REASON_TIMEOUT); + + tt_int_op(socks_conn->socks_request->socks_extended_error_code, OP_EQ, + SOCKS5_HS_REND_FAILED); + + /* + * Test client authorization codes. + */ + + tor_free(desc_encoded); + crypto_rand((char *) descriptor_cookie, sizeof(descriptor_cookie)); + ret = hs_desc_encode_descriptor(desc, &service_kp, descriptor_cookie, + &desc_encoded); + tt_int_op(ret, OP_EQ, 0); + tt_assert(desc_encoded); + + /* Try decoding. Point this to an existing descriptor. The following should + * fail thus the desc_out should be set to NULL. */ + hs_descriptor_t *desc_out = desc; + ret = hs_client_decode_descriptor(desc_encoded, &service_kp.pubkey, + &desc_out); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH); + tt_assert(desc_out == NULL); + + /* The caching will fail to decrypt because the descriptor_cookie used above + * is not known to the HS subsystem. This will lead to a missing client + * auth. */ + hs_client_dir_fetch_done(dir_conn, "Reason", desc_encoded, 200); + + tt_int_op(socks_conn->socks_request->socks_extended_error_code, OP_EQ, + SOCKS5_HS_MISSING_CLIENT_AUTH); + + /* Add in the global client auth list bad creds for this service. */ + helper_add_random_client_auth(&service_kp.pubkey); + + ret = hs_client_decode_descriptor(desc_encoded, &service_kp.pubkey, + &desc_out); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_BAD_CLIENT_AUTH); + tt_assert(desc_out == NULL); + + /* Simmulate a fetch done again. This should replace the cached descriptor + * and signal a bad client authorization. */ + hs_client_dir_fetch_done(dir_conn, "Reason", desc_encoded, 200); + tt_int_op(socks_conn->socks_request->socks_extended_error_code, OP_EQ, + SOCKS5_HS_BAD_CLIENT_AUTH); + + done: + connection_free_minimal(ENTRY_TO_CONN(socks_conn)); + connection_free_minimal(TO_CONN(dir_conn)); + hs_descriptor_free(desc); + tor_free(desc_encoded); + circuit_free(circ); + + hs_free_all(); + + UNMOCK(networkstatus_get_reasonably_live_consensus); + UNMOCK(connection_mark_unattached_ap_); + UNMOCK(read_file_to_str); + UNMOCK(tor_listdir); + UNMOCK(check_private_dir); +} + +static void +test_close_intro_circuit_failure(void *arg) +{ + char digest[DIGEST_LEN]; + circuit_t *circ = NULL; + ed25519_keypair_t service_kp, intro_kp; + origin_circuit_t *ocirc = NULL; + tor_addr_t addr; + const hs_cache_intro_state_t *entry; + + (void) arg; + + hs_init(); + + /* Generate service keypair */ + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0)); + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&intro_kp, 0)); + + /* Create and add to the global list a dummy client introduction circuit at + * the ACK WAIT state. */ + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT; + ocirc = TO_ORIGIN_CIRCUIT(circ); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ocirc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); + /* Code path will log this exit so build it. */ + ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, + NULL, NULL, NULL, &addr, + 4242); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, &intro_kp.pubkey); + + /* We'll make for close the circuit for a timeout failure. It should _NOT_ + * end up in the failure cache just yet. We do that on free() only. */ + circuit_mark_for_close(circ, END_CIRC_REASON_TIMEOUT); + tt_assert(!hs_cache_client_intro_state_find(&service_kp.pubkey, + &intro_kp.pubkey)); + /* Time to free. It should get removed. */ + circuit_free(circ); + entry = hs_cache_client_intro_state_find(&service_kp.pubkey, + &intro_kp.pubkey); + tt_assert(entry); + tt_uint_op(entry->timed_out, OP_EQ, 1); + hs_cache_client_intro_state_purge(); + + /* Again, create and add to the global list a dummy client introduction + * circuit at the INTRODUCING state. */ + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING; + ocirc = TO_ORIGIN_CIRCUIT(circ); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ocirc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); + /* Code path will log this exit so build it. */ + ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, + NULL, NULL, NULL, &addr, + 4242); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, &intro_kp.pubkey); + + /* On free, we should get an unreachable failure. */ + circuit_free(circ); + entry = hs_cache_client_intro_state_find(&service_kp.pubkey, + &intro_kp.pubkey); + tt_assert(entry); + tt_uint_op(entry->unreachable_count, OP_EQ, 1); + hs_cache_client_intro_state_purge(); + + /* Again, create and add to the global list a dummy client introduction + * circuit at the INTRODUCING state but we'll close it for timeout. It + * should not be noted as a timeout failure. */ + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING; + ocirc = TO_ORIGIN_CIRCUIT(circ); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ocirc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); + /* Code path will log this exit so build it. */ + ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, + NULL, NULL, NULL, &addr, + 4242); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, &intro_kp.pubkey); + + circuit_mark_for_close(circ, END_CIRC_REASON_TIMEOUT); + circuit_free(circ); + tt_assert(!hs_cache_client_intro_state_find(&service_kp.pubkey, + &intro_kp.pubkey)); + + /* Again, create and add to the global list a dummy client introduction + * circuit at the INTRODUCING state but without a chosen_exit. In theory, it + * can not happen but we'll make sure it doesn't end up in the failure cache + * anyway. */ + circ = dummy_origin_circuit_new(0); + tt_assert(circ); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING; + ocirc = TO_ORIGIN_CIRCUIT(circ); + ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey); + ed25519_pubkey_copy(ô->hs_ident->intro_auth_pk, &intro_kp.pubkey); + + circuit_free(circ); + tt_assert(!hs_cache_client_intro_state_find(&service_kp.pubkey, + &intro_kp.pubkey)); + + done: + circuit_free(circ); + hs_free_all(); +} + +static void +test_purge_ephemeral_client_auth(void *arg) +{ + ed25519_keypair_t service_kp; + hs_client_service_authorization_t *auth = NULL; + hs_client_register_auth_status_t status; + + (void) arg; + + /* We will try to write on disk client credentials. */ + MOCK(check_private_dir, mock_check_private_dir); + MOCK(get_options, mock_get_options); + MOCK(write_str_to_file, mock_write_str_to_file); + + /* Boggus directory so when we try to write the permanent client + * authorization data to disk, we don't fail. See + * store_permanent_client_auth_credentials() for more details. */ + mocked_options.ClientOnionAuthDir = tor_strdup("auth_dir"); + + hs_init(); + + /* Generate service keypair */ + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0)); + + /* Generate a client authorization object. */ + auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t)); + + /* Set it up. No flags meaning it is ephemeral. */ + curve25519_secret_key_generate(&auth->enc_seckey, 0); + hs_build_address(&service_kp.pubkey, HS_VERSION_THREE, auth->onion_address); + auth->flags = 0; + + /* Confirm that there is nothing in the client auth map. It is unallocated + * until we add the first entry. */ + tt_assert(!get_hs_client_auths_map()); + + /* Add an entry to the client auth list. We loose ownership of the auth + * object so nullify it. */ + status = hs_client_register_auth_credentials(auth); + auth = NULL; + tt_int_op(status, OP_EQ, REGISTER_SUCCESS); + + /* We should have the entry now. */ + digest256map_t *client_auths = get_hs_client_auths_map(); + tt_assert(client_auths); + tt_int_op(digest256map_size(client_auths), OP_EQ, 1); + + /* Purge the cache that should remove all ephemeral values. */ + purge_ephemeral_client_auth(); + tt_int_op(digest256map_size(client_auths), OP_EQ, 0); + + /* Now add a new authorization object but permanent. */ + /* Generate a client authorization object. */ + auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t)); + curve25519_secret_key_generate(&auth->enc_seckey, 0); + hs_build_address(&service_kp.pubkey, HS_VERSION_THREE, auth->onion_address); + auth->flags = CLIENT_AUTH_FLAG_IS_PERMANENT; + + /* Add an entry to the client auth list. We loose ownership of the auth + * object so nullify it. */ + status = hs_client_register_auth_credentials(auth); + auth = NULL; + tt_int_op(status, OP_EQ, REGISTER_SUCCESS); + tt_int_op(digest256map_size(client_auths), OP_EQ, 1); + + /* Purge again, the entry should still be there. */ + purge_ephemeral_client_auth(); + tt_int_op(digest256map_size(client_auths), OP_EQ, 1); + + done: + client_service_authorization_free(auth); + hs_free_all(); + tor_free(mocked_options.ClientOnionAuthDir); + + UNMOCK(check_private_dir); + UNMOCK(get_options); + UNMOCK(write_str_to_file); +} + struct testcase_t hs_client_tests[] = { { "e2e_rend_circuit_setup_legacy", test_e2e_rend_circuit_setup_legacy, TT_FORK, NULL, NULL }, @@ -1005,8 +1568,19 @@ struct testcase_t hs_client_tests[] = { TT_FORK, NULL, NULL }, { "desc_has_arrived_cleanup", test_desc_has_arrived_cleanup, TT_FORK, NULL, NULL }, + { "close_intro_circuit_failure", test_close_intro_circuit_failure, + TT_FORK, NULL, NULL }, { "close_intro_circuits_new_desc", test_close_intro_circuits_new_desc, TT_FORK, NULL, NULL }, + { "close_intro_circuits_cache_clean", test_close_intro_circuits_cache_clean, + TT_FORK, NULL, NULL }, + + /* SOCKS5 Extended Error Code. */ + { "socks_hs_errors", test_socks_hs_errors, TT_FORK, NULL, NULL }, + + /* Client authorization. */ + { "purge_ephemeral_client_auth", test_purge_ephemeral_client_auth, TT_FORK, + NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_hs_common.c b/src/test/test_hs_common.c index c6104301e1..e3d130fb32 100644 --- a/src/test/test_hs_common.c +++ b/src/test/test_hs_common.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,6 +6,7 @@ * \brief Test hidden service common functionalities. */ +#define CONNECTION_EDGE_PRIVATE #define HS_COMMON_PRIVATE #define HS_CLIENT_PRIVATE #define HS_SERVICE_PRIVATE @@ -31,7 +32,7 @@ #include "app/config/statefile.h" #include "core/or/circuitlist.h" #include "feature/dirauth/shared_random.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/nodelist/microdesc_st.h" #include "feature/nodelist/networkstatus_st.h" @@ -52,14 +53,14 @@ test_validate_address(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = hs_address_is_valid("blah"); tt_int_op(ret, OP_EQ, 0); - expect_log_msg_containing("has an invalid length"); + expect_log_msg_containing("Invalid length"); teardown_capture_of_logs(); setup_full_capture_of_logs(LOG_WARN); ret = hs_address_is_valid( "p3xnclpu4mu22dwaurjtsybyqk4xfjmcfz6z62yl24uwmhjatiwnlnadb"); tt_int_op(ret, OP_EQ, 0); - expect_log_msg_containing("has an invalid length"); + expect_log_msg_containing("Invalid length"); teardown_capture_of_logs(); /* Invalid checksum (taken from prop224) */ @@ -82,7 +83,7 @@ test_validate_address(void *arg) ret = hs_address_is_valid( "????????????????????????????????????????????????????????"); tt_int_op(ret, OP_EQ, 0); - expect_log_msg_containing("can't be decoded"); + expect_log_msg_containing("Unable to base32 decode"); teardown_capture_of_logs(); /* Valid address. */ @@ -275,7 +276,7 @@ test_start_time_of_next_time_period(void *arg) static void cleanup_nodelist(void) { - smartlist_t *nodelist = nodelist_get_list(); + const smartlist_t *nodelist = nodelist_get_list(); SMARTLIST_FOREACH_BEGIN(nodelist, node_t *, node) { tor_free(node->md); node->md = NULL; @@ -509,6 +510,7 @@ test_desc_reupload_logic(void *arg) pubkey_hex, strlen(pubkey_hex)); hs_build_address(&pubkey, HS_VERSION_THREE, onion_addr); service = tor_malloc_zero(sizeof(hs_service_t)); + tt_assert(service); memcpy(service->onion_address, onion_addr, sizeof(service->onion_address)); ed25519_secret_key_generate(&service->keys.identity_sk, 0); ed25519_public_key_generate(&service->keys.identity_pk, @@ -610,6 +612,10 @@ test_desc_reupload_logic(void *arg) SMARTLIST_FOREACH(ns->routerstatus_list, routerstatus_t *, rs, routerstatus_free(rs)); smartlist_clear(ns->routerstatus_list); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } networkstatus_vote_free(ns); cleanup_nodelist(); hs_free_all(); @@ -637,7 +643,7 @@ test_disaster_srv(void *arg) get_disaster_srv(1, srv_one); get_disaster_srv(2, srv_two); - /* Check that the cached ones where updated */ + /* Check that the cached ones were updated */ tt_mem_op(cached_disaster_srv_one, OP_EQ, srv_one, DIGEST256_LEN); tt_mem_op(cached_disaster_srv_two, OP_EQ, srv_two, DIGEST256_LEN); @@ -780,6 +786,7 @@ static void test_parse_extended_hostname(void *arg) { (void) arg; + hostname_type_t type; char address1[] = "fooaddress.onion"; char address2[] = "aaaaaaaaaaaaaaaa.onion"; @@ -790,21 +797,48 @@ test_parse_extended_hostname(void *arg) char address7[] = ".abcdefghijklmnop.onion"; char address8[] = "www.25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid.onion"; + char address9[] = + "www.15njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid.onion"; + char address10[] = + "15njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid7jdl.onion"; + + tt_assert(!parse_extended_hostname(address1, &type)); + tt_int_op(type, OP_EQ, BAD_HOSTNAME); + + tt_assert(parse_extended_hostname(address2, &type)); + tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); + tt_str_op(address2, OP_EQ, "aaaaaaaaaaaaaaaa"); + + tt_assert(parse_extended_hostname(address3, &type)); + tt_int_op(type, OP_EQ, EXIT_HOSTNAME); + + tt_assert(parse_extended_hostname(address4, &type)); + tt_int_op(type, OP_EQ, NORMAL_HOSTNAME); - tt_assert(BAD_HOSTNAME == parse_extended_hostname(address1)); - tt_assert(ONION_V2_HOSTNAME == parse_extended_hostname(address2)); - tt_str_op(address2,OP_EQ, "aaaaaaaaaaaaaaaa"); - tt_assert(EXIT_HOSTNAME == parse_extended_hostname(address3)); - tt_assert(NORMAL_HOSTNAME == parse_extended_hostname(address4)); - tt_assert(ONION_V2_HOSTNAME == parse_extended_hostname(address5)); - tt_str_op(address5,OP_EQ, "abcdefghijklmnop"); - tt_assert(ONION_V2_HOSTNAME == parse_extended_hostname(address6)); - tt_str_op(address6,OP_EQ, "abcdefghijklmnop"); - tt_assert(BAD_HOSTNAME == parse_extended_hostname(address7)); - tt_assert(ONION_V3_HOSTNAME == parse_extended_hostname(address8)); + tt_assert(parse_extended_hostname(address5, &type)); + tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); + tt_str_op(address5, OP_EQ, "abcdefghijklmnop"); + + tt_assert(parse_extended_hostname(address6, &type)); + tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); + tt_str_op(address6, OP_EQ, "abcdefghijklmnop"); + + tt_assert(!parse_extended_hostname(address7, &type)); + tt_int_op(type, OP_EQ, BAD_HOSTNAME); + + tt_assert(parse_extended_hostname(address8, &type)); + tt_int_op(type, OP_EQ, ONION_V3_HOSTNAME); tt_str_op(address8, OP_EQ, "25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid"); + /* Invalid v3 address. */ + tt_assert(!parse_extended_hostname(address9, &type)); + tt_int_op(type, OP_EQ, BAD_HOSTNAME); + + /* Invalid v3 address: too long */ + tt_assert(!parse_extended_hostname(address10, &type)); + tt_int_op(type, OP_EQ, BAD_HOSTNAME); + done: ; } @@ -832,7 +866,7 @@ test_time_between_tp_and_srv(void *arg) tt_int_op(ret, OP_EQ, 0); ret = parse_rfc1123_time("Sat, 26 Oct 1985 01:00:00 UTC", &ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), ns.valid_after); ret = hs_in_period_between_tp_and_srv(&ns, 0); tt_int_op(ret, OP_EQ, 0); @@ -840,7 +874,7 @@ test_time_between_tp_and_srv(void *arg) tt_int_op(ret, OP_EQ, 0); ret = parse_rfc1123_time("Sat, 26 Oct 1985 12:00:00 UTC", &ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), ns.valid_after); ret = hs_in_period_between_tp_and_srv(&ns, 0); tt_int_op(ret, OP_EQ, 0); @@ -848,7 +882,7 @@ test_time_between_tp_and_srv(void *arg) tt_int_op(ret, OP_EQ, 0); ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", &ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), ns.valid_after); ret = hs_in_period_between_tp_and_srv(&ns, 0); tt_int_op(ret, OP_EQ, 1); @@ -856,7 +890,7 @@ test_time_between_tp_and_srv(void *arg) tt_int_op(ret, OP_EQ, 0); ret = parse_rfc1123_time("Sat, 27 Oct 1985 00:00:00 UTC", &ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), ns.valid_after); ret = hs_in_period_between_tp_and_srv(&ns, 0); tt_int_op(ret, OP_EQ, 1); @@ -864,7 +898,7 @@ test_time_between_tp_and_srv(void *arg) tt_int_op(ret, OP_EQ, 0); ret = parse_rfc1123_time("Sat, 27 Oct 1985 01:00:00 UTC", &ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), ns.valid_after); ret = hs_in_period_between_tp_and_srv(&ns, 0); tt_int_op(ret, OP_EQ, 0); @@ -1354,7 +1388,7 @@ run_reachability_scenario(const reachability_cfg_t *cfg, int num_scenario) &mock_service_ns->valid_until); set_consensus_times(cfg->service_valid_until, &mock_service_ns->fresh_until); - voting_schedule_recalculate_timing(get_options(), + dirauth_sched_recalculate_timing(get_options(), mock_service_ns->valid_after); /* Check that service is in the right time period point */ tt_int_op(hs_in_period_between_tp_and_srv(mock_service_ns, 0), OP_EQ, @@ -1367,7 +1401,7 @@ run_reachability_scenario(const reachability_cfg_t *cfg, int num_scenario) &mock_client_ns->valid_until); set_consensus_times(cfg->client_valid_until, &mock_client_ns->fresh_until); - voting_schedule_recalculate_timing(get_options(), + dirauth_sched_recalculate_timing(get_options(), mock_client_ns->valid_after); /* Check that client is in the right time period point */ tt_int_op(hs_in_period_between_tp_and_srv(mock_client_ns, 0), OP_EQ, @@ -1590,7 +1624,7 @@ helper_set_consensus_and_system_time(networkstatus_t *ns, int position) } else { tt_assert(0); } - voting_schedule_recalculate_timing(get_options(), ns->valid_after); + dirauth_sched_recalculate_timing(get_options(), ns->valid_after); /* Set system time: pretend to be just 2 minutes before consensus expiry */ real_time = ns->valid_until - 120; diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c index c2c556307d..dc3b598c34 100644 --- a/src/test/test_hs_config.c +++ b/src/test/test_hs_config.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -12,6 +12,7 @@ #include "test/test.h" #include "test/test_helpers.h" #include "test/log_test_helpers.h" +#include "test/resolve_test_helpers.h" #include "app/config/config.h" #include "feature/hs/hs_common.h" @@ -61,8 +62,9 @@ test_invalid_service(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = helper_config_service(conf, 1); tt_int_op(ret, OP_EQ, -1); - expect_log_msg_containing("HiddenServiceAllowUnknownPorts must be " - "between 0 and 1, not 2"); + expect_log_msg_containing("Could not parse " + "HiddenServiceAllowUnknownPorts: Unrecognized " + "value 2. Allowed values are 0 and 1."); teardown_capture_of_logs(); } @@ -75,8 +77,9 @@ test_invalid_service(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = helper_config_service(conf, 1); tt_int_op(ret, OP_EQ, -1); - expect_log_msg_containing("HiddenServiceDirGroupReadable must be " - "between 0 and 1, not 2"); + expect_log_msg_containing("Could not parse " + "HiddenServiceDirGroupReadable: " + "Unrecognized value 2."); teardown_capture_of_logs(); } @@ -89,8 +92,9 @@ test_invalid_service(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = helper_config_service(conf, 1); tt_int_op(ret, OP_EQ, -1); - expect_log_msg_containing("HiddenServiceMaxStreamsCloseCircuit must " - "be between 0 and 1, not 2"); + expect_log_msg_containing("Could not parse " + "HiddenServiceMaxStreamsCloseCircuit: " + "Unrecognized value 2"); teardown_capture_of_logs(); } @@ -227,8 +231,8 @@ test_invalid_service_v2(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = helper_config_service(conf, validate_only); tt_int_op(ret, OP_EQ, -1); - expect_log_msg_containing("HiddenServiceNumIntroductionPoints should " - "be between 0 and 10, not 11"); + expect_log_msg_containing("HiddenServiceNumIntroductionPoints must " + "be between 0 and 10, not 11."); teardown_capture_of_logs(); } @@ -242,8 +246,9 @@ test_invalid_service_v2(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = helper_config_service(conf, validate_only); tt_int_op(ret, OP_EQ, -1); - expect_log_msg_containing("HiddenServiceNumIntroductionPoints should " - "be between 0 and 10, not -1"); + expect_log_msg_containing("Could not parse " + "HiddenServiceNumIntroductionPoints: " + "Integer -1 is malformed or out of bounds."); teardown_capture_of_logs(); } @@ -272,6 +277,7 @@ test_valid_service_v2(void *arg) int ret; (void) arg; + mock_hostname_resolver(); /* Valid complex configuration. Basic client authorization. */ { @@ -314,7 +320,7 @@ test_valid_service_v2(void *arg) } done: - ; + unmock_hostname_resolver(); } static void @@ -392,6 +398,7 @@ test_valid_service_v3(void *arg) int ret; (void) arg; + mock_hostname_resolver(); /* Valid complex configuration. */ { @@ -448,7 +455,7 @@ test_valid_service_v3(void *arg) } done: - ; + unmock_hostname_resolver(); } static void @@ -489,6 +496,114 @@ test_staging_service_v3(void *arg) hs_free_all(); } +static void +test_dos_parameters(void *arg) +{ + int ret; + + (void) arg; + + hs_init(); + + /* Valid configuration. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n" + "HiddenServiceVersion 3\n" + "HiddenServicePort 22 1.1.1.1:22\n" + "HiddenServiceEnableIntroDoSDefense 1\n" + "HiddenServiceEnableIntroDoSRatePerSec 42\n" + "HiddenServiceEnableIntroDoSBurstPerSec 87\n"; + + setup_full_capture_of_logs(LOG_INFO); + ret = helper_config_service(conf, 0); + tt_int_op(ret, OP_EQ, 0); + expect_log_msg_containing("Service INTRO2 DoS defenses rate set to: 42"); + expect_log_msg_containing("Service INTRO2 DoS defenses burst set to: 87"); + teardown_capture_of_logs(); + } + + /* Invalid rate. Value of 2^37. Max allowed is 2^31. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n" + "HiddenServiceVersion 3\n" + "HiddenServicePort 22 1.1.1.1:22\n" + "HiddenServiceEnableIntroDoSDefense 1\n" + "HiddenServiceEnableIntroDoSRatePerSec 137438953472\n" + "HiddenServiceEnableIntroDoSBurstPerSec 87\n"; + + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 0); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("Could not parse " + "HiddenServiceEnableIntroDoSRatePerSec: " + "Integer 137438953472 is malformed or out of " + "bounds."); + teardown_capture_of_logs(); + } + + /* Invalid burst. Value of 2^38. Max allowed is 2^31. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n" + "HiddenServiceVersion 3\n" + "HiddenServicePort 22 1.1.1.1:22\n" + "HiddenServiceEnableIntroDoSDefense 1\n" + "HiddenServiceEnableIntroDoSRatePerSec 42\n" + "HiddenServiceEnableIntroDoSBurstPerSec 274877906944\n"; + + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 0); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("Could not parse " + "HiddenServiceEnableIntroDoSBurstPerSec: " + "Integer 274877906944 is malformed or out " + "of bounds."); + teardown_capture_of_logs(); + } + + /* Burst is smaller than rate. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n" + "HiddenServiceVersion 3\n" + "HiddenServicePort 22 1.1.1.1:22\n" + "HiddenServiceEnableIntroDoSDefense 1\n" + "HiddenServiceEnableIntroDoSRatePerSec 42\n" + "HiddenServiceEnableIntroDoSBurstPerSec 27\n"; + + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 0); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("Hidden service DoS defenses burst (27) can " + "not be smaller than the rate value (42)."); + teardown_capture_of_logs(); + } + + /* Negative value. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n" + "HiddenServiceVersion 3\n" + "HiddenServicePort 22 1.1.1.1:22\n" + "HiddenServiceEnableIntroDoSDefense 1\n" + "HiddenServiceEnableIntroDoSRatePerSec -1\n" + "HiddenServiceEnableIntroDoSBurstPerSec 42\n"; + + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 0); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("Could not parse " + "HiddenServiceEnableIntroDoSRatePerSec: " + "Integer -1 is malformed or out of bounds."); + teardown_capture_of_logs(); + } + + done: + hs_free_all(); +} + struct testcase_t hs_config_tests[] = { /* Invalid service not specific to any version. */ { "invalid_service", test_invalid_service, TT_FORK, @@ -512,6 +627,9 @@ struct testcase_t hs_config_tests[] = { { "staging_service_v3", test_staging_service_v3, TT_FORK, NULL, NULL }, + /* Test HS DoS parameters. */ + { "dos_parameters", test_dos_parameters, TT_FORK, + NULL, NULL }, + END_OF_TESTCASES }; - diff --git a/src/test/test_hs_control.c b/src/test/test_hs_control.c index ba67712f1b..80bbf547dc 100644 --- a/src/test/test_hs_control.c +++ b/src/test/test_hs_control.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,13 +6,21 @@ * \brief Unit tests for hidden service control port event and command. **/ -#define CONTROL_PRIVATE +#define CONTROL_EVENTS_PRIVATE +#define HS_CLIENT_PRIVATE #include "core/or/or.h" #include "test/test.h" +#include "test/test_helpers.h" +#include "core/mainloop/connection.h" #include "feature/control/control.h" +#include "feature/control/control_events.h" +#include "feature/control/control_cmd.h" +#include "feature/control/control_fmt.h" +#include "feature/control/control_connection_st.h" #include "app/config/config.h" #include "feature/hs/hs_common.h" +#include "feature/hs/hs_client.h" #include "feature/hs/hs_control.h" #include "feature/nodelist/nodelist.h" @@ -20,7 +28,16 @@ #include "feature/nodelist/routerstatus_st.h" #include "lib/crypt_ops/crypto_format.h" -#include "test/test_helpers.h" +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif + +#ifdef _WIN32 +/* For mkdir() */ +#include <direct.h> +#else +#include <dirent.h> +#endif /* defined(_WIN32) */ /* mock ID digest and longname for node that's in nodelist */ #define HSDIR_EXIST_ID \ @@ -105,8 +122,7 @@ test_hs_desc_event(void *arg) memset(&blinded_pk, 'B', sizeof(blinded_pk)); memset(&hsdir_rs, 0, sizeof(hsdir_rs)); memcpy(hsdir_rs.identity_digest, HSDIR_EXIST_ID, DIGEST_LEN); - ret = ed25519_public_to_base64(base64_blinded_pk, &blinded_pk); - tt_int_op(ret, OP_EQ, 0); + ed25519_public_to_base64(base64_blinded_pk, &blinded_pk); memcpy(&ident.identity_pk, &identity_kp.pubkey, sizeof(ed25519_public_key_t)); memcpy(&ident.blinded_pk, &blinded_pk, sizeof(blinded_pk)); @@ -186,9 +202,552 @@ test_hs_desc_event(void *arg) tor_free(expected_msg); } +/** Test that we can correctly add, remove and view client auth credentials + * using the control port. */ +static void +test_hs_control_good_onion_client_auth_add(void *arg) +{ + (void) arg; + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + int retval; + ed25519_public_key_t service_identity_pk_2fv, service_identity_pk_jt4, + service_identity_pk_jam; + control_connection_t conn; + char *args = NULL; + char *cp1 = NULL; + size_t sz; + + hs_init(); + + { /* Setup the control conn */ + memset(&conn, 0, sizeof(control_connection_t)); + TO_CONN(&conn)->outbuf = buf_new(); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_ADD"); + } + + { /* Setup the services */ + retval = hs_parse_address( + "2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd", + &service_identity_pk_2fv, + NULL, NULL); + tt_int_op(retval, OP_EQ, 0); + + retval = hs_parse_address( + "jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd", + &service_identity_pk_jt4, + NULL, NULL); + tt_int_op(retval, OP_EQ, 0); + + retval = hs_parse_address( + "jamie3vkiwibfiwucd6vxijskbhpjdyajmzeor4mc4i7yopvpo4p7cyd", + &service_identity_pk_jam, + NULL, NULL); + tt_int_op(retval, OP_EQ, 0); + } + + digest256map_t *client_auths = get_hs_client_auths_map(); + tt_assert(!client_auths); + + /* Register first service */ + args = tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd " + "x25519:iJ1tjKCrMAbiFT2bVrCjhbfMDnE1fpaRbIS5ZHKUvEQ= "); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + + tor_free(cp1); + tor_free(args); + + /* Register second service (even with an unrecognized argument) */ + args = tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " + "x25519:eIIdIGoSZwI2Q/lSzpf92akGki5I+PZIDz37MA5BhlA= DropSound=No"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + tor_free(cp1); + tor_free(args); + + /* Register second service (even with an unrecognized argument) */ + args = tor_strdup("jamie3vkiwibfiwucd6vxijskbhpjdyajmzeor4mc4i7yopvpo4p7cyd " + "x25519:FCV0c0ELDKKDpSFgVIB8Yow8Evj5iD+GoiTtK878NkQ= " + "ClientName=MeganNicole "); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + tor_free(cp1); + + client_auths = get_hs_client_auths_map(); + tt_assert(client_auths); + tt_uint_op(digest256map_size(client_auths), OP_EQ, 3); + + hs_client_service_authorization_t *client_2fv = + digest256map_get(client_auths, service_identity_pk_2fv.pubkey); + tt_assert(client_2fv); + tt_int_op(client_2fv->flags, OP_EQ, 0); + + hs_client_service_authorization_t *client_jt4 = + digest256map_get(client_auths, service_identity_pk_jt4.pubkey); + tt_assert(client_jt4); + tt_int_op(client_jt4->flags, OP_EQ, 0); + + hs_client_service_authorization_t *client_jam = + digest256map_get(client_auths, service_identity_pk_jam.pubkey); + tt_assert(client_jam); + tt_int_op(client_jam->flags, OP_EQ, 0); + + /* Now let's VIEW the auth credentials */ + tor_free(conn.current_cmd); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_VIEW"); + + /* First go with no arguments, so that we view all the credentials */ + tor_free(args); + args = tor_strdup(""); + +#define VIEW_CORRECT_REPLY_NO_ADDR "250-ONION_CLIENT_AUTH_VIEW\r\n" \ + "250-CLIENT 2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd " \ + "x25519:iJ1tjKCrMAbiFT2bVrCjhbfMDnE1fpaRbIS5ZHKUvEQ=\r\n" \ + "250-CLIENT jamie3vkiwibfiwucd6vxijskbhpjdyajmzeor4mc4i7yopvpo4p7cyd " \ + "x25519:FCV0c0ELDKKDpSFgVIB8Yow8Evj5iD+GoiTtK878NkQ= " \ + "ClientName=MeganNicole\r\n" \ + "250-CLIENT jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " \ + "x25519:eIIdIGoSZwI2Q/lSzpf92akGki5I+PZIDz37MA5BhlA=\r\n" \ + "250 OK\r\n" + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, VIEW_CORRECT_REPLY_NO_ADDR); + tor_free(cp1); + + /* Now specify an HS addr, and see that we only view those creds */ + tor_free(args); + args = + tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd"); + +#define VIEW_CORRECT_REPLY_JT4 "250-ONION_CLIENT_AUTH_VIEW " \ + "jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd\r\n" \ + "250-CLIENT jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " \ + "x25519:eIIdIGoSZwI2Q/lSzpf92akGki5I+PZIDz37MA5BhlA=\r\n" \ + "250 OK\r\n" + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, VIEW_CORRECT_REPLY_JT4); + tor_free(cp1); + + /* Now try to REMOVE the auth credentials */ + tor_free(conn.current_cmd); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_REMOVE"); + + /* First try with a wrong addr */ + tor_free(args); + args = tor_strdup("thatsok"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "512 Invalid v3 address \"thatsok\"\r\n"); + tor_free(cp1); + + client_jt4 = digest256map_get(client_auths, service_identity_pk_jt4.pubkey); + tt_assert(client_jt4); + + /* Now actually remove them. */ + tor_free(args); + args =tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + tor_free(cp1); + + client_jt4 = digest256map_get(client_auths, service_identity_pk_jt4.pubkey); + tt_assert(!client_jt4); + + /* Now try another time (we should get 'already removed' msg) */ + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "251 No credentials for " + "\"jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd\"\r\n"); + tor_free(cp1); + + client_jt4 = digest256map_get(client_auths, service_identity_pk_jt4.pubkey); + tt_assert(!client_jt4); + + /* Now also remove the other one */ + tor_free(args); + args = + tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + tor_free(cp1); + + /* Now also remove the other one */ + tor_free(args); + args = + tor_strdup("jamie3vkiwibfiwucd6vxijskbhpjdyajmzeor4mc4i7yopvpo4p7cyd"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + tor_free(cp1); + + /* Finally, do another VIEW and see that we get nothing. */ + tor_free(conn.current_cmd); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_VIEW"); + tor_free(args); + args = tor_strdup(""); + +#define VIEW_CORRECT_REPLY_NOTHING "250-ONION_CLIENT_AUTH_VIEW\r\n250 OK\r\n" + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, VIEW_CORRECT_REPLY_NOTHING); + tor_free(cp1); + + /* And a final VIEW with a wrong HS addr */ + tor_free(args); + args = tor_strdup("house"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "512 Invalid v3 address \"house\"\r\n"); + + done: + tor_free(args); + tor_free(cp1); + buf_free(TO_CONN(&conn)->outbuf); + tor_free(conn.current_cmd); + hs_client_free_all(); +} + +/** Test some error cases of ONION_CLIENT_AUTH_ADD */ +static void +test_hs_control_bad_onion_client_auth_add(void *arg) +{ + (void) arg; + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + int retval; + control_connection_t conn; + char *cp1 = NULL; + size_t sz; + char *args = NULL; + + hs_init(); + + { /* Setup the control conn */ + memset(&conn, 0, sizeof(control_connection_t)); + TO_CONN(&conn)->outbuf = buf_new(); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_ADD"); + } + + digest256map_t *client_auths = get_hs_client_auths_map(); + tt_assert(!client_auths); + + /* Register first service */ + args = tor_strdup( + "badaddr x25519:iJ1tjKCrMAbiFT2bVrCjhbfMDnE1fpaRbIS5ZHKUvEQ="); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "512 Invalid v3 address \"badaddr\"\r\n"); + + tor_free(cp1); + tor_free(args); + + /* Register second service (even with an unrecognized argument) */ + args = tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " + "love:eIIdIGoSZwI2Q/lSzpf92akGki5I+PZIDz37MA5BhlA="); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "552 Unrecognized key type \"love\"\r\n"); + + tor_free(cp1); + tor_free(args); + + /* Register second service (even with an unrecognized argument) */ + args = tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " + "x25519:QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUEK"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "512 Failed to decode x25519 private key\r\n"); + + tor_free(cp1); + tor_free(args); + + /* Register with an all zero client key */ + args = tor_strdup("jt4grrjwzyz3pjkylwfau5xnjaj23vxmhskqaeyfhrfylelw4hvxcuyd " + "x25519:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="); + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check contents */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "553 Invalid private key \"AAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAA=\"\r\n"); + + client_auths = get_hs_client_auths_map(); + tt_assert(!client_auths); + + done: + tor_free(args); + tor_free(cp1); + buf_free(TO_CONN(&conn)->outbuf); + tor_free(conn.current_cmd); + hs_client_free_all(); +} + +/** Test that we can correctly add permanent client auth credentials using the + * control port. */ +static void +test_hs_control_store_permanent_creds(void *arg) +{ + (void) arg; + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + int retval; + ed25519_public_key_t service_identity_pk_2fv; + control_connection_t conn; + char *args = NULL; + char *cp1 = NULL; + char *creds_file_str = NULL; + char *creds_fname = NULL; + + size_t sz; + + hs_init(); + + { /* Setup the control conn */ + memset(&conn, 0, sizeof(control_connection_t)); + TO_CONN(&conn)->outbuf = buf_new(); + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_ADD"); + } + + { /* Setup the services */ + retval = hs_parse_address( + "2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd", + &service_identity_pk_2fv, + NULL, NULL); + tt_int_op(retval, OP_EQ, 0); + } + + digest256map_t *client_auths = get_hs_client_auths_map(); + tt_assert(!client_auths); + + /* Try registering first service with no ClientOnionAuthDir set */ + args = tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd " + "x25519:iJ1tjKCrMAbiFT2bVrCjhbfMDnE1fpaRbIS5ZHKUvEQ= " + "Flags=Permanent"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check control port response. This one should fail. */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "553 Unable to store creds for " + "\"2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd\"\r\n"); + + { /* Setup ClientOnionAuthDir */ + int ret; + char *perm_creds_dir = tor_strdup(get_fname("permanent_credentials")); + get_options_mutable()->ClientOnionAuthDir = perm_creds_dir; + + #ifdef _WIN32 + ret = mkdir(perm_creds_dir); + #else + ret = mkdir(perm_creds_dir, 0700); + #endif + tt_int_op(ret, OP_EQ, 0); + } + + tor_free(args); + tor_free(cp1); + + /* Try the control port command again. This time it should work! */ + args = tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd " + "x25519:iJ1tjKCrMAbiFT2bVrCjhbfMDnE1fpaRbIS5ZHKUvEQ= " + "Flags=Permanent"); + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check control port response */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + + /* Check file contents! */ + creds_fname = tor_strdup(get_fname("permanent_credentials/" + "2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd.auth_private")); + creds_file_str = read_file_to_str(creds_fname, RFTS_BIN, NULL); + + tt_assert(creds_file_str); + tt_str_op(creds_file_str, OP_EQ, + "2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd:descriptor:" + /* This is the base32 represenation of the base64 iJ1t... key above */ + "x25519:rcow3dfavmyanyqvhwnvnmfdqw34ydtrgv7jnelmqs4wi4uuxrca"); + + tor_free(args); + tor_free(cp1); + + /* Overwrite the credentials and check that they got overwrited. */ + args = tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd " + "x25519:UDRvZLvcJo0QRLvDfkpgbtsqbkhIUQZyeo2FNBrgS18= " + "Flags=Permanent"); + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check control port response: we replaced! */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "251 Client for onion existed and replaced\r\n"); + + tor_free(creds_file_str); + + /* Check creds file contents again. See that the key got updated */ + creds_file_str = read_file_to_str(creds_fname, RFTS_BIN, NULL); + tt_assert(creds_file_str); + tt_str_op(creds_file_str, OP_EQ, + "2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd:descriptor:" + /* This is the base32 represenation of the base64 UDRv... key above */ + "x25519:ka2g6zf33qti2ecexpbx4stan3nsu3sijbiqm4t2rwctigxajnpq"); + + /* Now for our next act!!! Actually get the HS client subsystem to parse the + * whole directory and make sure that it extracted the right credential! */ + hs_config_client_authorization(get_options(), 0); + + client_auths = get_hs_client_auths_map(); + tt_assert(client_auths); + tt_uint_op(digest256map_size(client_auths), OP_EQ, 1); + + hs_client_service_authorization_t *client_2fv = + digest256map_get(client_auths, service_identity_pk_2fv.pubkey); + tt_assert(client_2fv); + tt_int_op(client_2fv->flags, OP_EQ, CLIENT_AUTH_FLAG_IS_PERMANENT); + tt_str_op(hex_str((char*)client_2fv->enc_seckey.secret_key, 32), OP_EQ, + "50346F64BBDC268D1044BBC37E4A606EDB2A6E48485106727A8D85341AE04B5F"); + + /* And now for the final act! Use the REMOVE control port command to remove + the credential, and ensure that the file has also been removed! */ + tor_free(conn.current_cmd); + tor_free(cp1); + tor_free(args); + + /* Ensure that the creds file exists */ + tt_int_op(file_status(creds_fname), OP_EQ, FN_FILE); + + /* Do the REMOVE */ + conn.current_cmd = tor_strdup("ONION_CLIENT_AUTH_REMOVE"); + args =tor_strdup("2fvhjskjet3n5syd6yfg5lhvwcs62bojmthr35ko5bllr3iqdb4ctdyd"); + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "250 OK\r\n"); + + /* Ensure that the file has been removed and the map is empty */ + tt_int_op(file_status(creds_fname), OP_EQ, FN_NOENT); + tt_uint_op(digest256map_size(client_auths), OP_EQ, 0); + + done: + tor_free(get_options_mutable()->ClientOnionAuthDir); + tor_free(args); + tor_free(cp1); + buf_free(TO_CONN(&conn)->outbuf); + tor_free(conn.current_cmd); + tor_free(creds_fname); + tor_free(creds_file_str); + hs_client_free_all(); +} + +/** Test that ADD_ONION properly handles an attacker passing it a bad private + * key. */ +static void +test_hs_control_add_onion_with_bad_pubkey(void *arg) +{ + (void) arg; + + MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); + + int retval; + control_connection_t conn; + char *args = NULL; + char *cp1 = NULL; + size_t sz; + + hs_init(); + + { /* Setup the control conn */ + memset(&conn, 0, sizeof(control_connection_t)); + TO_CONN(&conn)->outbuf = buf_new(); + conn.current_cmd = tor_strdup("ADD_ONION"); + } + + args = tor_strdup("ED25519-V3:AAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAA" + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA " + "Port=9735,127.0.0.1 Flags=DiscardPK"); + + retval = handle_control_command(&conn, (uint32_t) strlen(args), args); + tt_int_op(retval, OP_EQ, 0); + + /* Check control port response */ + cp1 = buf_get_contents(TO_CONN(&conn)->outbuf, &sz); + tt_str_op(cp1, OP_EQ, "551 Failed to generate onion address\r\n"); + + done: + tor_free(args); + tor_free(cp1); + buf_free(TO_CONN(&conn)->outbuf); + tor_free(conn.current_cmd); +} + struct testcase_t hs_control_tests[] = { { "hs_desc_event", test_hs_desc_event, TT_FORK, NULL, NULL }, + { "hs_control_good_onion_client_auth_add", + test_hs_control_good_onion_client_auth_add, TT_FORK, + NULL, NULL }, + { "hs_control_bad_onion_client_auth_add", + test_hs_control_bad_onion_client_auth_add, TT_FORK, + NULL, NULL }, + { "hs_control_store_permanent_creds", + test_hs_control_store_permanent_creds, TT_FORK, NULL, NULL }, + { "hs_control_add_onion_with_bad_pubkey", + test_hs_control_add_onion_with_bad_pubkey, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index de584ed47a..782b78306c 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -14,6 +14,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "trunnel/ed25519_cert.h" #include "core/or/or.h" +#include "app/config/config.h" #include "feature/hs/hs_descriptor.h" #include "test/test.h" #include "feature/nodelist/torcert.h" @@ -21,21 +22,15 @@ #include "test/hs_test_helpers.h" #include "test/test_helpers.h" #include "test/log_test_helpers.h" +#include "test/rng_test_helpers.h" #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -DISABLE_GCC_WARNING(overlength-strings) +DISABLE_GCC_WARNING("-Woverlength-strings") /* We allow huge string constants in the unit tests, but not in the code * at large. */ #endif #include "test_hs_descriptor.inc" -ENABLE_GCC_WARNING(overlength-strings) - -/* Mock function to fill all bytes with 1 */ -static void -mock_crypto_strongest_rand(uint8_t *out, size_t out_len) -{ - memset(out, 1, out_len); -} +ENABLE_GCC_WARNING("-Woverlength-strings") /* Test certificate encoding put in a descriptor. */ static void @@ -43,7 +38,6 @@ test_cert_encoding(void *arg) { int ret; char *encoded = NULL; - time_t now = time(NULL); ed25519_keypair_t kp; ed25519_public_key_t signed_key; ed25519_secret_key_t secret_key; @@ -51,6 +45,10 @@ test_cert_encoding(void *arg) (void) arg; + /* Change time to 03-01-2002 23:36 UTC */ + update_approx_time(1010101010); + time_t now = approx_time(); + ret = ed25519_keypair_generate(&kp, 0); tt_int_op(ret, == , 0); ret = ed25519_secret_key_generate(&secret_key, 0); @@ -94,13 +92,31 @@ test_cert_encoding(void *arg) /* The cert did have the signing key? */ ret= ed25519_pubkey_eq(&parsed_cert->signing_key, &kp.pubkey); tt_int_op(ret, OP_EQ, 1); - tor_cert_free(parsed_cert); /* Get to the end part of the certificate. */ pos += b64_cert_len; tt_int_op(strcmpstart(pos, "-----END ED25519 CERT-----"), OP_EQ, 0); pos += strlen("-----END ED25519 CERT-----"); tt_str_op(pos, OP_EQ, ""); + + /* Check that certificate expiry works properly and emits the right log + message */ + const char *msg = "fire"; + /* Move us forward 4 hours so that the the certificate is definitely + expired */ + update_approx_time(approx_time() + 3600*4); + setup_full_capture_of_logs(LOG_PROTOCOL_WARN); + ret = cert_is_valid(parsed_cert, CERT_TYPE_SIGNING_AUTH, msg); + tt_int_op(ret, OP_EQ, 0); + /* Since the current time at the creation of the cert was "03-01-2002 + * 23:36", and the expiration date of the cert was two hours, the Tor code + * will ceiling that and make it 02:00. Make sure that the right log + * message is emitted */ + expect_log_msg_containing("Invalid signature for fire: expired" + " (2002-01-04 02:00:00)"); + teardown_capture_of_logs(); + + tor_cert_free(parsed_cert); } done: @@ -132,7 +148,7 @@ test_descriptor_padding(void *arg) tt_assert(padded_plaintext); tor_free(plaintext); /* Make sure our padding has been zeroed. */ - tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len, padded_len - plaintext_len), OP_EQ, 1); tor_free(padded_plaintext); /* Never never have a padded length smaller than the plaintext. */ @@ -149,7 +165,7 @@ test_descriptor_padding(void *arg) tt_assert(padded_plaintext); tor_free(plaintext); /* Make sure our padding has been zeroed. */ - tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len, padded_len - plaintext_len), OP_EQ, 1); tor_free(padded_plaintext); /* Never never have a padded length smaller than the plaintext. */ @@ -166,7 +182,7 @@ test_descriptor_padding(void *arg) tt_assert(padded_plaintext); tor_free(plaintext); /* Make sure our padding has been zeroed. */ - tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + tt_int_op(fast_mem_is_zero((char *) padded_plaintext + plaintext_len, padded_len - plaintext_len), OP_EQ, 1); tor_free(padded_plaintext); /* Never never have a padded length smaller than the plaintext. */ @@ -179,115 +195,6 @@ test_descriptor_padding(void *arg) } static void -test_link_specifier(void *arg) -{ - ssize_t ret; - hs_desc_link_specifier_t spec; - smartlist_t *link_specifiers = smartlist_new(); - char buf[256]; - char *b64 = NULL; - link_specifier_t *ls = NULL; - - (void) arg; - - /* Always this port. */ - spec.u.ap.port = 42; - smartlist_add(link_specifiers, &spec); - - /* Test IPv4 for starter. */ - { - uint32_t ipv4; - - spec.type = LS_IPV4; - ret = tor_addr_parse(&spec.u.ap.addr, "1.2.3.4"); - tt_int_op(ret, OP_EQ, AF_INET); - b64 = encode_link_specifiers(link_specifiers); - tt_assert(b64); - - /* Decode it and validate the format. */ - ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); - tt_int_op(ret, OP_GT, 0); - /* First byte is the number of link specifier. */ - tt_int_op(get_uint8(buf), OP_EQ, 1); - ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); - tt_int_op(ret, OP_EQ, 8); - /* Should be 2 bytes for port and 4 bytes for IPv4. */ - tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, 6); - ipv4 = link_specifier_get_un_ipv4_addr(ls); - tt_int_op(tor_addr_to_ipv4h(&spec.u.ap.addr), OP_EQ, ipv4); - tt_int_op(link_specifier_get_un_ipv4_port(ls), OP_EQ, spec.u.ap.port); - - link_specifier_free(ls); - ls = NULL; - tor_free(b64); - } - - /* Test IPv6. */ - { - uint8_t ipv6[16]; - - spec.type = LS_IPV6; - ret = tor_addr_parse(&spec.u.ap.addr, "[1:2:3:4::]"); - tt_int_op(ret, OP_EQ, AF_INET6); - b64 = encode_link_specifiers(link_specifiers); - tt_assert(b64); - - /* Decode it and validate the format. */ - ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); - tt_int_op(ret, OP_GT, 0); - /* First byte is the number of link specifier. */ - tt_int_op(get_uint8(buf), OP_EQ, 1); - ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); - tt_int_op(ret, OP_EQ, 20); - /* Should be 2 bytes for port and 16 bytes for IPv6. */ - tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, 18); - for (unsigned int i = 0; i < sizeof(ipv6); i++) { - ipv6[i] = link_specifier_get_un_ipv6_addr(ls, i); - } - tt_mem_op(tor_addr_to_in6_addr8(&spec.u.ap.addr), OP_EQ, ipv6, - sizeof(ipv6)); - tt_int_op(link_specifier_get_un_ipv6_port(ls), OP_EQ, spec.u.ap.port); - - link_specifier_free(ls); - ls = NULL; - tor_free(b64); - } - - /* Test legacy. */ - { - uint8_t *id; - - spec.type = LS_LEGACY_ID; - memset(spec.u.legacy_id, 'Y', sizeof(spec.u.legacy_id)); - b64 = encode_link_specifiers(link_specifiers); - tt_assert(b64); - - /* Decode it and validate the format. */ - ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); - tt_int_op(ret, OP_GT, 0); - /* First byte is the number of link specifier. */ - tt_int_op(get_uint8(buf), OP_EQ, 1); - ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); - /* 20 bytes digest + 1 byte type + 1 byte len. */ - tt_int_op(ret, OP_EQ, 22); - tt_int_op(link_specifier_getlen_un_legacy_id(ls), OP_EQ, DIGEST_LEN); - /* Digest length is 20 bytes. */ - tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, DIGEST_LEN); - id = link_specifier_getarray_un_legacy_id(ls); - tt_mem_op(spec.u.legacy_id, OP_EQ, id, DIGEST_LEN); - - link_specifier_free(ls); - ls = NULL; - tor_free(b64); - } - - done: - link_specifier_free(ls); - tor_free(b64); - smartlist_free(link_specifiers); -} - -static void test_encode_descriptor(void *arg) { int ret; @@ -336,7 +243,7 @@ test_decode_descriptor(void *arg) hs_descriptor_t *desc = NULL; hs_descriptor_t *decoded = NULL; hs_descriptor_t *desc_no_ip = NULL; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; (void) arg; @@ -345,19 +252,19 @@ test_decode_descriptor(void *arg) desc = hs_helper_build_hs_desc_with_ip(&signing_kp); hs_helper_get_subcred_from_identity_keypair(&signing_kp, - subcredential); + &subcredential); /* Give some bad stuff to the decoding function. */ - ret = hs_desc_decode_descriptor("hladfjlkjadf", subcredential, + ret = hs_desc_decode_descriptor("hladfjlkjadf", &subcredential, NULL, &decoded); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &encoded); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_assert(encoded); - ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded); - tt_int_op(ret, OP_EQ, 0); + ret = hs_desc_decode_descriptor(encoded, &subcredential, NULL, &decoded); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_assert(decoded); hs_helper_desc_equal(desc, decoded); @@ -368,7 +275,7 @@ test_decode_descriptor(void *arg) ret = ed25519_keypair_generate(&signing_kp_no_ip, 0); tt_int_op(ret, OP_EQ, 0); hs_helper_get_subcred_from_identity_keypair(&signing_kp_no_ip, - subcredential); + &subcredential); desc_no_ip = hs_helper_build_hs_desc_no_ip(&signing_kp_no_ip); tt_assert(desc_no_ip); tor_free(encoded); @@ -377,8 +284,8 @@ test_decode_descriptor(void *arg) tt_int_op(ret, OP_EQ, 0); tt_assert(encoded); hs_descriptor_free(decoded); - ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded); - tt_int_op(ret, OP_EQ, 0); + ret = hs_desc_decode_descriptor(encoded, &subcredential, NULL, &decoded); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_assert(decoded); } @@ -401,14 +308,14 @@ test_decode_descriptor(void *arg) &auth_ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN); hs_helper_get_subcred_from_identity_keypair(&signing_kp, - subcredential); + &subcredential); /* Build and add the auth client to the descriptor. */ clients = desc->superencrypted_data.clients; if (!clients) { clients = smartlist_new(); } - hs_desc_build_authorized_client(subcredential, + hs_desc_build_authorized_client(&subcredential, &client_kp.pubkey, &auth_ephemeral_kp.seckey, descriptor_cookie, client); @@ -430,23 +337,23 @@ test_decode_descriptor(void *arg) /* If we do not have the client secret key, the decoding must fail. */ hs_descriptor_free(decoded); - ret = hs_desc_decode_descriptor(encoded, subcredential, + ret = hs_desc_decode_descriptor(encoded, &subcredential, NULL, &decoded); - tt_int_op(ret, OP_LT, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH); tt_assert(!decoded); /* If we have an invalid client secret key, the decoding must fail. */ hs_descriptor_free(decoded); - ret = hs_desc_decode_descriptor(encoded, subcredential, + ret = hs_desc_decode_descriptor(encoded, &subcredential, &invalid_client_kp.seckey, &decoded); - tt_int_op(ret, OP_LT, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_BAD_CLIENT_AUTH); tt_assert(!decoded); /* If we have the client secret key, the decoding must succeed and the * decoded descriptor must be correct. */ - ret = hs_desc_decode_descriptor(encoded, subcredential, + ret = hs_desc_decode_descriptor(encoded, &subcredential, &client_kp.seckey, &decoded); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_assert(decoded); hs_helper_desc_equal(desc, decoded); @@ -682,7 +589,7 @@ test_decode_bad_signature(void *arg) setup_full_capture_of_logs(LOG_WARN); ret = hs_desc_decode_plaintext(HS_DESC_BAD_SIG, &desc_plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); expect_log_msg_containing("Malformed signature line. Rejecting."); teardown_capture_of_logs(); @@ -722,14 +629,14 @@ test_decode_plaintext(void *arg) tor_asprintf(&plaintext, template, bad_value, "180", "42", "MESSAGE"); ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Missing fields. */ { const char *plaintext = "hs-descriptor 3\n"; ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Max length. */ @@ -742,7 +649,7 @@ test_decode_plaintext(void *arg) plaintext[big - 1] = '\0'; ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Bad lifetime value. */ @@ -751,7 +658,7 @@ test_decode_plaintext(void *arg) tor_asprintf(&plaintext, template, "3", bad_value, "42", "MESSAGE"); ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Huge lifetime value. */ @@ -760,7 +667,7 @@ test_decode_plaintext(void *arg) tor_asprintf(&plaintext, template, "3", "7181615", "42", "MESSAGE"); ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Invalid encrypted section. */ @@ -769,7 +676,7 @@ test_decode_plaintext(void *arg) tor_asprintf(&plaintext, template, "3", "180", "42", bad_value); ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } /* Invalid revision counter. */ @@ -778,7 +685,7 @@ test_decode_plaintext(void *arg) tor_asprintf(&plaintext, template, "3", "180", bad_value, "MESSAGE"); ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); tor_free(plaintext); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); } done: @@ -848,8 +755,7 @@ test_desc_signature(void *arg) ret = ed25519_sign_prefixed(&sig, (const uint8_t *) data, strlen(data), "Tor onion service descriptor sig v3", &kp); tt_int_op(ret, OP_EQ, 0); - ret = ed25519_signature_to_base64(sig_b64, &sig); - tt_int_op(ret, OP_EQ, 0); + ed25519_signature_to_base64(sig_b64, &sig); /* Build the descriptor that should be valid. */ tor_asprintf(&desc, "%ssignature %s\n", data, sig_b64); ret = desc_sig_is_valid(sig_b64, &kp.pubkey, desc, strlen(desc)); @@ -878,7 +784,7 @@ test_build_authorized_client(void *arg) "07d087f1d8c68393721f6e70316d3b29"; const char client_pubkey_b16[] = "8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37"; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; char *mem_op_hex_tmp=NULL; (void) arg; @@ -890,7 +796,7 @@ test_build_authorized_client(void *arg) tt_int_op(ret, OP_EQ, 0); curve25519_public_key_generate(&client_auth_pk, &client_auth_sk); - memset(subcredential, 42, sizeof(subcredential)); + memset(subcredential.subcred, 42, sizeof(subcredential)); desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); @@ -909,9 +815,9 @@ test_build_authorized_client(void *arg) client_pubkey_b16, strlen(client_pubkey_b16)); - MOCK(crypto_strongest_rand_, mock_crypto_strongest_rand); + testing_enable_prefilled_rng("\x01", 1); - hs_desc_build_authorized_client(subcredential, + hs_desc_build_authorized_client(&subcredential, &client_auth_pk, &auth_ephemeral_sk, descriptor_cookie, desc_client); @@ -925,15 +831,13 @@ test_build_authorized_client(void *arg) done: tor_free(desc_client); tor_free(mem_op_hex_tmp); - UNMOCK(crypto_strongest_rand_); + testing_disable_prefilled_rng(); } struct testcase_t hs_descriptor[] = { /* Encoding tests. */ { "cert_encoding", test_cert_encoding, TT_FORK, NULL, NULL }, - { "link_specifier", test_link_specifier, TT_FORK, - NULL, NULL }, { "encode_descriptor", test_encode_descriptor, TT_FORK, NULL, NULL }, { "descriptor_padding", test_descriptor_padding, TT_FORK, diff --git a/src/test/test_hs_dos.c b/src/test/test_hs_dos.c new file mode 100644 index 0000000000..642513efce --- /dev/null +++ b/src/test/test_hs_dos.c @@ -0,0 +1,176 @@ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_hs_cell.c + * \brief Test hidden service cell functionality. + */ + +#define CIRCUITLIST_PRIVATE +#define NETWORKSTATUS_PRIVATE +#define HS_DOS_PRIVATE +#define HS_INTROPOINT_PRIVATE + +#include "test/test.h" +#include "test/test_helpers.h" +#include "test/log_test_helpers.h" + +#include "app/config/config.h" + +#include "core/or/circuitlist.h" +#include "core/or/circuituse.h" +#include "core/or/or_circuit_st.h" + +#include "feature/hs/hs_dos.h" +#include "feature/hs/hs_intropoint.h" +#include "feature/nodelist/networkstatus.h" + +static void +setup_mock_consensus(void) +{ + current_ns_consensus = tor_malloc_zero(sizeof(networkstatus_t)); + current_ns_consensus->net_params = smartlist_new(); + smartlist_add(current_ns_consensus->net_params, + (void *) "HiddenServiceEnableIntroDoSDefense=1"); + hs_dos_consensus_has_changed(current_ns_consensus); +} + +static void +free_mock_consensus(void) +{ + smartlist_free(current_ns_consensus->net_params); + tor_free(current_ns_consensus); +} + +static void +test_can_send_intro2(void *arg) +{ + uint32_t now = (uint32_t) approx_time(); + or_circuit_t *or_circ = NULL; + + (void) arg; + + hs_init(); + hs_dos_init(); + + get_options_mutable()->ORPort_set = 1; + setup_mock_consensus(); + + or_circ = or_circuit_new(1, NULL); + + /* Make that circuit a service intro point. */ + circuit_change_purpose(TO_CIRCUIT(or_circ), CIRCUIT_PURPOSE_INTRO_POINT); + hs_dos_setup_default_intro2_defenses(or_circ); + or_circ->introduce2_dos_defense_enabled = 1; + + /* Brand new circuit, we should be able to send INTRODUCE2 cells. */ + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + + /* Simulate that 10 cells have arrived in 1 second. There should be no + * refill since the bucket is already at maximum on the first cell. */ + update_approx_time(++now); + for (int i = 0; i < 10; i++) { + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + } + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, + get_intro2_burst_consensus_param(NULL) - 10); + + /* Fully refill the bucket minus 1 cell. */ + update_approx_time(++now); + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, + get_intro2_burst_consensus_param(NULL) - 1); + + /* Receive an INTRODUCE2 at each second. We should have the bucket full + * since at every second it gets refilled. */ + for (int i = 0; i < 10; i++) { + update_approx_time(++now); + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + } + /* Last check if we can send the cell decrements the bucket so minus 1. */ + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, + get_intro2_burst_consensus_param(NULL) - 1); + + /* Manually reset bucket for next test. */ + token_bucket_ctr_reset(&or_circ->introduce2_bucket, now); + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, + get_intro2_burst_consensus_param(NULL)); + + /* Do a full burst in the current second which should empty the bucket and + * we shouldn't be allowed to send one more cell after that. We go minus 1 + * cell else the very last check if we can send the INTRO2 cell returns + * false because the bucket goes down to 0. */ + for (uint32_t i = 0; i < get_intro2_burst_consensus_param(NULL) - 1; i++) { + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + } + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, 1); + /* Get the last remaining cell, we shouldn't be allowed to send it. */ + tt_int_op(false, OP_EQ, hs_dos_can_send_intro2(or_circ)); + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, 0); + + /* Make sure the next 100 cells aren't allowed and bucket stays at 0. */ + for (int i = 0; i < 100; i++) { + tt_int_op(false, OP_EQ, hs_dos_can_send_intro2(or_circ)); + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, 0); + } + + /* One second has passed, we should have the rate minus 1 cell added. */ + update_approx_time(++now); + tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ)); + tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ, + get_intro2_rate_consensus_param(NULL) - 1); + + done: + circuit_free_(TO_CIRCUIT(or_circ)); + + hs_free_all(); + free_mock_consensus(); +} + +static void +test_validate_dos_extension_params(void *arg) +{ + bool ret; + + (void) arg; + + /* Validate the default values. */ + ret = cell_dos_extension_parameters_are_valid( + get_intro2_rate_consensus_param(NULL), + get_intro2_burst_consensus_param(NULL)); + tt_assert(ret); + + /* Valid custom rate/burst. */ + ret = cell_dos_extension_parameters_are_valid(17, 42); + tt_assert(ret); + ret = cell_dos_extension_parameters_are_valid(INT32_MAX, INT32_MAX); + tt_assert(ret); + + /* Invalid rate. */ + ret = cell_dos_extension_parameters_are_valid(UINT64_MAX, 42); + tt_assert(!ret); + + /* Invalid burst. */ + ret = cell_dos_extension_parameters_are_valid(42, UINT64_MAX); + tt_assert(!ret); + + /* Value of 0 is valid (but should disable defenses) */ + ret = cell_dos_extension_parameters_are_valid(0, 0); + tt_assert(ret); + + /* Can't have burst smaller than rate. */ + ret = cell_dos_extension_parameters_are_valid(42, 40); + tt_assert(!ret); + + done: + return; +} + +struct testcase_t hs_dos_tests[] = { + { "can_send_intro2", test_can_send_intro2, TT_FORK, + NULL, NULL }, + { "validate_dos_extension_params", test_validate_dos_extension_params, + TT_FORK, NULL, NULL }, + + END_OF_TESTCASES +}; diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 558fc32c54..e6b27d7a50 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -16,6 +16,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "core/or/or.h" +#include "core/or/channel.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" #include "ht.h" @@ -25,6 +26,8 @@ #include "feature/hs/hs_cell.h" #include "feature/hs/hs_circuitmap.h" #include "feature/hs/hs_common.h" +#include "feature/hs/hs_config.h" +#include "feature/hs/hs_dos.h" #include "feature/hs/hs_intropoint.h" #include "feature/hs/hs_service.h" @@ -43,6 +46,9 @@ new_establish_intro_cell(const char *circ_nonce, uint8_t buf[RELAY_PAYLOAD_SIZE] = {0}; trn_cell_establish_intro_t *cell = NULL; hs_service_intro_point_t *ip = NULL; + hs_service_config_t config; + + memset(&config, 0, sizeof(config)); /* Ensure that *cell_out is NULL such that we can use to check if we need to * free `cell` in case of an error. */ @@ -50,9 +56,9 @@ new_establish_intro_cell(const char *circ_nonce, /* Auth key pair is generated in the constructor so we are all set for * using this IP object. */ - ip = service_intro_point_new(NULL, 0, 0); + ip = service_intro_point_new(NULL); tt_assert(ip); - cell_len = hs_cell_build_establish_intro(circ_nonce, ip, buf); + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, buf); tt_i64_op(cell_len, OP_GT, 0); cell_len = trn_cell_establish_intro_parse(&cell, buf, sizeof(buf)); @@ -73,12 +79,15 @@ new_establish_intro_encoded_cell(const char *circ_nonce, uint8_t *cell_out) { ssize_t cell_len = 0; hs_service_intro_point_t *ip = NULL; + hs_service_config_t config; + + memset(&config, 0, sizeof(config)); /* Auth key pair is generated in the constructor so we are all set for * using this IP object. */ - ip = service_intro_point_new(NULL, 0, 0); + ip = service_intro_point_new(NULL); tt_assert(ip); - cell_len = hs_cell_build_establish_intro(circ_nonce, ip, cell_out); + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell_out); tt_i64_op(cell_len, OP_GT, 0); done: @@ -118,6 +127,8 @@ helper_create_intro_circuit(void) or_circuit_t *circ = or_circuit_new(0, NULL); tt_assert(circ); circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_OR); + token_bucket_ctr_init(&circ->introduce2_bucket, 100, 100, + (uint32_t) approx_time()); done: return circ; } @@ -693,6 +704,17 @@ test_introduce1_suitable_circuit(void *arg) tt_int_op(ret, OP_EQ, 0); } + /* Single hop circuit should not be allowed. */ + { + circ = or_circuit_new(0, NULL); + circ->p_chan = tor_malloc_zero(sizeof(channel_t)); + circ->p_chan->is_client = 1; + ret = circuit_is_suitable_for_introduce1(circ); + tor_free(circ->p_chan); + circuit_free_(TO_CIRCUIT(circ)); + tt_int_op(ret, OP_EQ, 0); + } + done: ; } @@ -735,12 +757,15 @@ test_introduce1_validation(void *arg) cell = helper_create_introduce1_cell(); tt_assert(cell); +#ifndef ALL_BUGS_ARE_FATAL /* It should NOT be a legacy cell which will trigger a BUG(). */ memset(cell->legacy_key_id, 'a', sizeof(cell->legacy_key_id)); tor_capture_bugs_(1); ret = validate_introduce1_parsed_cell(cell); tor_end_capture_bugs_(); tt_int_op(ret, OP_EQ, -1); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ + /* Reset legacy ID and make sure it's correct. */ memset(cell->legacy_key_id, 0, sizeof(cell->legacy_key_id)); ret = validate_introduce1_parsed_cell(cell); @@ -888,43 +913,213 @@ test_received_introduce1_handling(void *arg) UNMOCK(relay_send_command_from_edge_); } +static void +test_received_establish_intro_dos_ext(void *arg) +{ + int ret; + ssize_t cell_len = 0; + uint8_t cell[RELAY_PAYLOAD_SIZE] = {0}; + char circ_nonce[DIGEST_LEN] = {0}; + hs_service_intro_point_t *ip = NULL; + hs_service_config_t config; + or_circuit_t *intro_circ = or_circuit_new(0,NULL); + + (void) arg; + + MOCK(relay_send_command_from_edge_, mock_relay_send_command_from_edge); + + hs_circuitmap_init(); + + /* Setup. */ + crypto_rand(circ_nonce, sizeof(circ_nonce)); + ip = service_intro_point_new(NULL); + tt_assert(ip); + ip->support_intro2_dos_defense = 1; + memset(&config, 0, sizeof(config)); + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = 13; + config.intro_dos_burst_per_sec = 42; + helper_prepare_circ_for_intro(intro_circ, circ_nonce); + /* The INTRO2 bucket should be 0 at this point. */ + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, 0); + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, 0); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, 0); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, 0); + + /* Case 1: Build encoded cell. Usable DoS parameters. */ + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell); + tt_size_op(cell_len, OP_GT, 0); + /* Pass it to the intro point. */ + ret = hs_intro_received_establish_intro(intro_circ, cell, cell_len); + tt_int_op(ret, OP_EQ, 0); + /* Should be set to the burst value. */ + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, 42); + /* Validate the config of the intro2 bucket. */ + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, 13); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, 42); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, 1); + + /* Need to reset the circuit in between test cases. */ + circuit_free_(TO_CIRCUIT(intro_circ)); + intro_circ = or_circuit_new(0,NULL); + helper_prepare_circ_for_intro(intro_circ, circ_nonce); + + /* Case 2: Build encoded cell. Bad DoS parameters. */ + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = UINT_MAX; + config.intro_dos_burst_per_sec = 13; + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell); + tt_size_op(cell_len, OP_GT, 0); + /* Pass it to the intro point. */ + ret = hs_intro_received_establish_intro(intro_circ, cell, cell_len); + tt_int_op(ret, OP_EQ, 0); + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_RATE_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_DEFAULT); + + /* Need to reset the circuit in between test cases. */ + circuit_free_(TO_CIRCUIT(intro_circ)); + intro_circ = or_circuit_new(0,NULL); + helper_prepare_circ_for_intro(intro_circ, circ_nonce); + + /* Case 3: Build encoded cell. Burst is smaller than rate. Not allowed. */ + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = 87; + config.intro_dos_burst_per_sec = 45; + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell); + tt_size_op(cell_len, OP_GT, 0); + /* Pass it to the intro point. */ + ret = hs_intro_received_establish_intro(intro_circ, cell, cell_len); + tt_int_op(ret, OP_EQ, 0); + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_RATE_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_DEFAULT); + + /* Need to reset the circuit in between test cases. */ + circuit_free_(TO_CIRCUIT(intro_circ)); + intro_circ = or_circuit_new(0,NULL); + helper_prepare_circ_for_intro(intro_circ, circ_nonce); + + /* Case 4: Build encoded cell. Rate is 0 but burst is not 0. Disables the + * defense. */ + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = 0; + config.intro_dos_burst_per_sec = 45; + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell); + tt_size_op(cell_len, OP_GT, 0); + /* Pass it to the intro point. */ + ret = hs_intro_received_establish_intro(intro_circ, cell, cell_len); + tt_int_op(ret, OP_EQ, 0); + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_RATE_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_DEFAULT); + + /* Need to reset the circuit in between test cases. */ + circuit_free_(TO_CIRCUIT(intro_circ)); + intro_circ = or_circuit_new(0,NULL); + helper_prepare_circ_for_intro(intro_circ, circ_nonce); + + /* Case 5: Build encoded cell. Burst is 0 but rate is not 0. Disables the + * defense. */ + config.has_dos_defense_enabled = 1; + config.intro_dos_rate_per_sec = 45; + config.intro_dos_burst_per_sec = 0; + cell_len = hs_cell_build_establish_intro(circ_nonce, &config, ip, cell); + tt_size_op(cell_len, OP_GT, 0); + /* Pass it to the intro point. */ + ret = hs_intro_received_establish_intro(intro_circ, cell, cell_len); + tt_int_op(ret, OP_EQ, 0); + tt_u64_op(token_bucket_ctr_get(&intro_circ->introduce2_bucket), OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_u64_op(intro_circ->introduce2_bucket.cfg.rate, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_RATE_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_bucket.cfg.burst, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_BURST_PER_SEC_DEFAULT); + tt_int_op(intro_circ->introduce2_dos_defense_enabled, OP_EQ, + HS_CONFIG_V3_DOS_DEFENSE_DEFAULT); + + done: + circuit_free_(TO_CIRCUIT(intro_circ)); + service_intro_point_free(ip); + hs_circuitmap_free_all(); + UNMOCK(relay_send_command_from_edge_); +} + +static void * +hs_subsystem_setup_fn(const struct testcase_t *tc) +{ + (void) tc; + + return NULL; +} + +static int +hs_subsystem_cleanup_fn(const struct testcase_t *tc, void *arg) +{ + (void) tc; + (void) arg; + + return 1; +} + +static struct testcase_setup_t test_setup = { + hs_subsystem_setup_fn, hs_subsystem_cleanup_fn +}; + struct testcase_t hs_intropoint_tests[] = { { "intro_point_registration", - test_intro_point_registration, TT_FORK, NULL, NULL }, + test_intro_point_registration, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_keytype", - test_establish_intro_wrong_keytype, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_keytype, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_keytype2", - test_establish_intro_wrong_keytype2, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_keytype2, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_purpose", - test_establish_intro_wrong_purpose, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_purpose, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_sig", - test_establish_intro_wrong_sig, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_sig, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_sig_len", - test_establish_intro_wrong_sig_len, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_sig_len, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_auth_key_len", - test_establish_intro_wrong_auth_key_len, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_auth_key_len, TT_FORK, NULL, &test_setup}, { "receive_establish_intro_wrong_mac", - test_establish_intro_wrong_mac, TT_FORK, NULL, NULL }, + test_establish_intro_wrong_mac, TT_FORK, NULL, &test_setup}, { "introduce1_suitable_circuit", - test_introduce1_suitable_circuit, TT_FORK, NULL, NULL }, + test_introduce1_suitable_circuit, TT_FORK, NULL, &test_setup}, { "introduce1_is_legacy", - test_introduce1_is_legacy, TT_FORK, NULL, NULL }, + test_introduce1_is_legacy, TT_FORK, NULL, &test_setup}, { "introduce1_validation", - test_introduce1_validation, TT_FORK, NULL, NULL }, + test_introduce1_validation, TT_FORK, NULL, &test_setup}, { "received_introduce1_handling", - test_received_introduce1_handling, TT_FORK, NULL, NULL }, + test_received_introduce1_handling, TT_FORK, NULL, &test_setup}, + + { "received_establish_intro_dos_ext", + test_received_establish_intro_dos_ext, TT_FORK, NULL, &test_setup}, END_OF_TESTCASES }; - diff --git a/src/test/test_hs_ntor.c b/src/test/test_hs_ntor.c index 1c694e6040..7867740a1a 100644 --- a/src/test/test_hs_ntor.c +++ b/src/test/test_hs_ntor.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -23,7 +23,7 @@ test_hs_ntor(void *arg) { int retval; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; ed25519_keypair_t service_intro_auth_keypair; curve25519_keypair_t service_intro_enc_keypair; @@ -42,7 +42,7 @@ test_hs_ntor(void *arg) /* Generate fake data for this unittest */ { /* Generate fake subcredential */ - memset(subcredential, 'Z', DIGEST256_LEN); + memset(subcredential.subcred, 'Z', DIGEST256_LEN); /* service */ curve25519_keypair_generate(&service_intro_enc_keypair, 0); @@ -57,7 +57,7 @@ test_hs_ntor(void *arg) hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair.pubkey, &service_intro_enc_keypair.pubkey, &client_ephemeral_enc_keypair, - subcredential, + &subcredential, &client_hs_ntor_intro_cell_keys); tt_int_op(retval, OP_EQ, 0); @@ -66,7 +66,7 @@ test_hs_ntor(void *arg) hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair.pubkey, &service_intro_enc_keypair, &client_ephemeral_enc_keypair.pubkey, - subcredential, + &subcredential, &service_hs_ntor_intro_cell_keys); tt_int_op(retval, OP_EQ, 0); diff --git a/src/test/test_hs_ntor.sh b/src/test/test_hs_ntor.sh index 8a0003d44a..ee7141cc9a 100755 --- a/src/test/test_hs_ntor.sh +++ b/src/test/test_hs_ntor.sh @@ -3,7 +3,7 @@ exitcode=0 -# Run the python integration test sand return the exitcode of the python +# Run the python integration tests and return the exitcode of the python # script. The python script might ask the testsuite to skip it if not all # python dependencies are covered. "${PYTHON:-python}" "${abs_top_srcdir:-.}/src/test/hs_ntor_ref.py" || exitcode=$? diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c index 6341b96d84..3acd7ef0bc 100644 --- a/src/test/test_hs_ntor_cl.c +++ b/src/test/test_hs_ntor_cl.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** This is a wrapper over the little-t-tor HS ntor functions. The wrapper is @@ -53,7 +53,7 @@ client1(int argc, char **argv) curve25519_public_key_t intro_enc_pubkey; ed25519_public_key_t intro_auth_pubkey; curve25519_keypair_t client_ephemeral_enc_keypair; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; /* Output */ hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; @@ -65,7 +65,7 @@ client1(int argc, char **argv) BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN); - BASE16(5, subcredential, DIGEST256_LEN); + BASE16(5, subcredential.subcred, DIGEST256_LEN); /* Generate keypair */ curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, @@ -74,7 +74,7 @@ client1(int argc, char **argv) retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey, &intro_enc_pubkey, &client_ephemeral_enc_keypair, - subcredential, + &subcredential, &hs_ntor_intro_cell_keys); if (retval < 0) { goto done; @@ -106,7 +106,7 @@ server1(int argc, char **argv) curve25519_keypair_t intro_enc_keypair; ed25519_public_key_t intro_auth_pubkey; curve25519_public_key_t client_ephemeral_enc_pubkey; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; /* Output */ hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; @@ -119,7 +119,7 @@ server1(int argc, char **argv) BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN); BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN); BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); - BASE16(5, subcredential, DIGEST256_LEN); + BASE16(5, subcredential.subcred, DIGEST256_LEN); /* Generate keypair */ curve25519_public_key_generate(&intro_enc_keypair.pubkey, @@ -130,7 +130,7 @@ server1(int argc, char **argv) retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey, &intro_enc_keypair, &client_ephemeral_enc_pubkey, - subcredential, + &subcredential, &hs_ntor_intro_cell_keys); if (retval < 0) { goto done; @@ -188,7 +188,7 @@ client2(int argc, char **argv) ed25519_public_key_t intro_auth_pubkey; curve25519_keypair_t client_ephemeral_enc_keypair; curve25519_public_key_t service_ephemeral_rend_pubkey; - uint8_t subcredential[DIGEST256_LEN]; + hs_subcredential_t subcredential; /* Output */ hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys; @@ -201,7 +201,7 @@ client2(int argc, char **argv) CURVE25519_SECKEY_LEN); BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN); - BASE16(6, subcredential, DIGEST256_LEN); + BASE16(6, subcredential.subcred, DIGEST256_LEN); /* Generate keypair */ curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, diff --git a/src/test/test_hs_ob.c b/src/test/test_hs_ob.c new file mode 100644 index 0000000000..7f40187b5f --- /dev/null +++ b/src/test/test_hs_ob.c @@ -0,0 +1,268 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_hs_ob.c + * \brief Test hidden service onion balance functionality. + */ + +#define CONFIG_PRIVATE +#define HS_SERVICE_PRIVATE +#define HS_OB_PRIVATE + +#include "test/test.h" +#include "test/test_helpers.h" +#include "test/log_test_helpers.h" + +#include "app/config/config.h" +#include "feature/hs/hs_config.h" +#include "feature/hs/hs_ob.h" +#include "feature/hs/hs_service.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/networkstatus_st.h" + +static ed25519_keypair_t onion_addr_kp_1; +static char onion_addr_1[HS_SERVICE_ADDR_LEN_BASE32 + 1]; + +static ed25519_keypair_t onion_addr_kp_2; +static char onion_addr_2[HS_SERVICE_ADDR_LEN_BASE32 + 1]; + +static bool config_is_good = true; + +static int +helper_tor_config(const char *conf) +{ + int ret = -1; + or_options_t *options = helper_parse_options(conf); + tt_assert(options); + ret = hs_config_service_all(options, 0); + done: + or_options_free(options); + return ret; +} + +static networkstatus_t mock_ns; + +static networkstatus_t * +mock_networkstatus_get_live_consensus(time_t now) +{ + (void) now; + return &mock_ns; +} + +static char * +mock_read_file_to_str(const char *filename, int flags, struct stat *stat_out) +{ + char *ret = NULL; + + (void) flags; + (void) stat_out; + + if (!strcmp(filename, get_fname("hs3" PATH_SEPARATOR "ob_config"))) { + if (config_is_good) { + tor_asprintf(&ret, "MasterOnionAddress %s.onion\n" + "MasterOnionAddress %s.onion\n", + onion_addr_1, onion_addr_2); + } else { + tor_asprintf(&ret, "MasterOnionAddress JUNKJUNKJUNK.onion\n" + "UnknownOption BLAH\n"); + } + goto done; + } + + done: + return ret; +} + +static void +test_parse_config_file(void *arg) +{ + int ret; + char *conf = NULL; + const ed25519_public_key_t *pkey; + + (void) arg; + + hs_init(); + + MOCK(read_file_to_str, mock_read_file_to_str); + +#define fmt_conf \ + "HiddenServiceDir %s\n" \ + "HiddenServicePort 22\n" \ + "HiddenServiceOnionBalanceInstance 1\n" + tor_asprintf(&conf, fmt_conf, get_fname("hs3")); +#undef fmt_conf + + /* Build the OB frontend onion addresses. */ + ed25519_keypair_generate(&onion_addr_kp_1, 0); + hs_build_address(&onion_addr_kp_1.pubkey, HS_VERSION_THREE, onion_addr_1); + ed25519_keypair_generate(&onion_addr_kp_2, 0); + hs_build_address(&onion_addr_kp_2.pubkey, HS_VERSION_THREE, onion_addr_2); + + ret = helper_tor_config(conf); + tor_free(conf); + tt_int_op(ret, OP_EQ, 0); + + /* Load the keys for the service. After that, the v3 service should be + * registered in the global map and we'll be able to access it. */ + tt_int_op(get_hs_service_staging_list_size(), OP_EQ, 1); + hs_service_load_all_keys(); + tt_int_op(get_hs_service_map_size(), OP_EQ, 1); + const hs_service_t *s = get_first_service(); + tt_assert(s); + tt_assert(s->config.ob_master_pubkeys); + tt_assert(hs_ob_service_is_instance(s)); + tt_assert(smartlist_len(s->config.ob_master_pubkeys) == 2); + + /* Test the public keys we've added. */ + pkey = smartlist_get(s->config.ob_master_pubkeys, 0); + tt_mem_op(&onion_addr_kp_1.pubkey, OP_EQ, pkey, ED25519_PUBKEY_LEN); + pkey = smartlist_get(s->config.ob_master_pubkeys, 1); + tt_mem_op(&onion_addr_kp_2.pubkey, OP_EQ, pkey, ED25519_PUBKEY_LEN); + + done: + hs_free_all(); + + UNMOCK(read_file_to_str); +} + +static void +test_parse_config_file_bad(void *arg) +{ + int ret; + char *conf = NULL; + + (void) arg; + + hs_init(); + + MOCK(read_file_to_str, mock_read_file_to_str); + + /* Indicate mock_read_file_to_str() to use the bad config. */ + config_is_good = false; + +#define fmt_conf \ + "HiddenServiceDir %s\n" \ + "HiddenServicePort 22\n" \ + "HiddenServiceOnionBalanceInstance 1\n" + tor_asprintf(&conf, fmt_conf, get_fname("hs3")); +#undef fmt_conf + + setup_full_capture_of_logs(LOG_INFO); + ret = helper_tor_config(conf); + tor_free(conf); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("OnionBalance: MasterOnionAddress " + "JUNKJUNKJUNK.onion is invalid"); + expect_log_msg_containing("Found unrecognized option \'UnknownOption\'; " + "saving it."); + teardown_capture_of_logs(); + + done: + hs_free_all(); + + UNMOCK(read_file_to_str); +} + +static void +test_get_subcredentials(void *arg) +{ + int ret; + hs_service_t *service = NULL; + hs_service_config_t config; + hs_subcredential_t *subcreds = NULL; + + (void) arg; + + MOCK(networkstatus_get_live_consensus, + mock_networkstatus_get_live_consensus); + + /* Setup consensus with proper time so we can compute the time period. */ + ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + tt_int_op(ret, OP_EQ, 0); + ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + tt_int_op(ret, OP_EQ, 0); + + config.ob_master_pubkeys = smartlist_new(); + tt_assert(config.ob_master_pubkeys); + + /* Set up an instance */ + service = tor_malloc_zero(sizeof(hs_service_t)); + service->config = config; + /* Setup the service descriptors */ + service->desc_current = service_descriptor_new(); + service->desc_next = service_descriptor_new(); + + /* First try to compute subcredentials but with no OB keys. Make sure that + * subcreds get NULLed. To do this check we first poison subcreds. */ + subcreds = (void*)999; + tt_ptr_op(subcreds, OP_NE, NULL); + size_t num = compute_subcredentials(service, &subcreds); + tt_ptr_op(subcreds, OP_EQ, NULL); + + /* Generate a keypair to add to the OB keys list. */ + ed25519_keypair_generate(&onion_addr_kp_1, 0); + smartlist_add(config.ob_master_pubkeys, &onion_addr_kp_1.pubkey); + + /* Set up the instance subcredentials */ + char current_subcred[SUBCRED_LEN]; + char next_subcred[SUBCRED_LEN]; + memset(current_subcred, 'C', SUBCRED_LEN); + memset(next_subcred, 'N', SUBCRED_LEN); + memcpy(service->desc_current->desc->subcredential.subcred, current_subcred, + SUBCRED_LEN); + memcpy(service->desc_next->desc->subcredential.subcred, next_subcred, + SUBCRED_LEN); + + /* See that subcreds are computed properly */ + num = compute_subcredentials(service, &subcreds); + /* 5 subcredentials: 3 for the frontend, 2 for the instance */ + tt_uint_op(num, OP_EQ, 5); + tt_ptr_op(subcreds, OP_NE, NULL); + + /* Validate the subcredentials we just got. We'll build them oursevles with + * the right time period steps and compare. */ + const uint64_t tp = hs_get_time_period_num(0); + const int steps[3] = {0, -1, 1}; + + unsigned int i; + for (i = 0; i < 3; i++) { + hs_subcredential_t subcredential; + ed25519_public_key_t blinded_pubkey; + hs_build_blinded_pubkey(&onion_addr_kp_1.pubkey, NULL, 0, tp + steps[i], + &blinded_pubkey); + hs_get_subcredential(&onion_addr_kp_1.pubkey, &blinded_pubkey, + &subcredential); + tt_mem_op(subcreds[i].subcred, OP_EQ, subcredential.subcred, + SUBCRED_LEN); + } + + tt_mem_op(subcreds[i++].subcred, OP_EQ, current_subcred, SUBCRED_LEN); + tt_mem_op(subcreds[i++].subcred, OP_EQ, next_subcred, SUBCRED_LEN); + + done: + tor_free(subcreds); + + smartlist_free(config.ob_master_pubkeys); + if (service) { + memset(&service->config, 0, sizeof(hs_service_config_t)); + hs_service_free(service); + } + + UNMOCK(networkstatus_get_live_consensus); +} + +struct testcase_t hs_ob_tests[] = { + { "parse_config_file", test_parse_config_file, TT_FORK, + NULL, NULL }, + { "parse_config_file_bad", test_parse_config_file_bad, TT_FORK, + NULL, NULL }, + + { "get_subcredentials", test_get_subcredentials, TT_FORK, + NULL, NULL }, + + END_OF_TESTCASES +}; diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index c60ab6c930..8b94bb6cf1 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -19,8 +19,9 @@ #define MAINLOOP_PRIVATE #define NETWORKSTATUS_PRIVATE #define STATEFILE_PRIVATE -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define HS_CLIENT_PRIVATE +#define CRYPT_PATH_PRIVATE #include "test/test.h" #include "test/test_helpers.h" @@ -43,13 +44,15 @@ #include "core/or/versions.h" #include "feature/dirauth/dirvote.h" #include "feature/dirauth/shared_random_state.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/hs/hs_circuit.h" #include "feature/hs/hs_circuitmap.h" #include "feature/hs/hs_client.h" #include "feature/hs/hs_common.h" #include "feature/hs/hs_config.h" #include "feature/hs/hs_ident.h" +#include "feature/hs/hs_ob.h" +#include "feature/hs/hs_cell.h" #include "feature/hs/hs_intropoint.h" #include "feature/hs/hs_service.h" #include "feature/nodelist/networkstatus.h" @@ -60,6 +63,7 @@ #include "core/or/cpath_build_state_st.h" #include "core/or/crypt_path_st.h" +#include "core/or/crypt_path.h" #include "feature/nodelist/networkstatus_st.h" #include "feature/nodelist/node_st.h" #include "core/or/origin_circuit_st.h" @@ -86,6 +90,14 @@ mock_networkstatus_get_reasonably_live_consensus(time_t now, int flavor) return &mock_ns; } +static networkstatus_t * +mock_networkstatus_get_reasonably_live_consensus_null(time_t now, int flavor) +{ + (void) now; + (void) flavor; + return NULL; +} + static or_state_t *dummy_state = NULL; /* Mock function to get fake or state (used for rev counters) */ @@ -108,6 +120,9 @@ mock_circuit_mark_for_close(circuit_t *circ, int reason, int line, return; } +static size_t relay_payload_len; +static char relay_payload[RELAY_PAYLOAD_SIZE]; + static int mock_relay_send_command_from_edge(streamid_t stream_id, circuit_t *circ, uint8_t relay_command, const char *payload, @@ -123,6 +138,24 @@ mock_relay_send_command_from_edge(streamid_t stream_id, circuit_t *circ, (void) cpath_layer; (void) filename; (void) lineno; + + memcpy(relay_payload, payload, payload_len); + relay_payload_len = payload_len; + + return 0; +} + +static unsigned int num_intro_points = 0; +static unsigned int +mock_count_desc_circuit_established(const hs_service_descriptor_t *desc) +{ + (void) desc; + return num_intro_points; +} + +static int +mock_router_have_minimum_dir_info_false(void) +{ return 0; } @@ -170,8 +203,7 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(0, OP_EQ, ed25519_secret_key_generate(&sk, 0)); tt_int_op(0, OP_EQ, ed25519_public_key_generate(&service_pk, &sk)); - or_circ->hs_ident = hs_ident_circuit_new(&service_pk, - HS_IDENT_CIRCUIT_RENDEZVOUS); + or_circ->hs_ident = hs_ident_circuit_new(&service_pk); TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN; } @@ -183,9 +215,8 @@ test_e2e_rend_circuit_setup(void *arg) /* Setup the circuit: do the ntor key exchange */ { uint8_t ntor_key_seed[DIGEST256_LEN] = {2}; - retval = hs_circuit_setup_e2e_rend_circ(or_circ, - ntor_key_seed, sizeof(ntor_key_seed), - 1); + retval = hs_circuit_setup_e2e_rend_circ(or_circ, ntor_key_seed, + sizeof(ntor_key_seed), 1); tt_int_op(retval, OP_EQ, 0); } @@ -194,12 +225,12 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_S_REND_JOINED); @@ -268,7 +299,7 @@ helper_clone_authorized_client(const hs_service_authorized_client_t *client) /* Helper: Return a newly allocated service object with the identity keypair * sets and the current descriptor. Then register it to the global map. - * Caller should us hs_free_all() to free this service or remove it from the + * Caller should use hs_free_all() to free this service or remove it from the * global map before freeing. */ static hs_service_t * helper_create_service(void) @@ -290,6 +321,20 @@ helper_create_service(void) return service; } +/* Helper: Deallocate a given service object, its child objects and + * remove it from onion service map. + * */ +static void +helper_destroy_service(hs_service_t *service) +{ + if (!service) + return; + + remove_service(get_hs_service_map(), service); + + hs_service_free(service); +} + /* Helper: Return a newly allocated service object with clients. */ static hs_service_t * helper_create_service_with_clients(int num_clients) @@ -315,17 +360,18 @@ helper_create_service_with_clients(int num_clients) static hs_service_intro_point_t * helper_create_service_ip(void) { - hs_desc_link_specifier_t *ls; - hs_service_intro_point_t *ip = service_intro_point_new(NULL, 0, 0); + link_specifier_t *ls; + hs_service_intro_point_t *ip = service_intro_point_new(NULL); tor_assert(ip); /* Add a first unused link specifier. */ - ls = tor_malloc_zero(sizeof(*ls)); - ls->type = LS_IPV4; + ls = link_specifier_new(); + link_specifier_set_ls_type(ls, LS_IPV4); smartlist_add(ip->base.link_specifiers, ls); /* Add a second link specifier used by a test. */ - ls = tor_malloc_zero(sizeof(*ls)); - ls->type = LS_LEGACY_ID; - memset(ls->u.legacy_id, 'A', sizeof(ls->u.legacy_id)); + ls = link_specifier_new(); + link_specifier_set_ls_type(ls, LS_LEGACY_ID); + memset(link_specifier_getarray_un_legacy_id(ls), 'A', + link_specifier_getlen_un_legacy_id(ls)); smartlist_add(ip->base.link_specifiers, ls); return ip; @@ -379,11 +425,11 @@ test_load_keys(void *arg) tt_assert(s); /* Ok we have the service object. Validate few things. */ - tt_assert(!tor_mem_is_zero(s->onion_address, sizeof(s->onion_address))); + tt_assert(!fast_mem_is_zero(s->onion_address, sizeof(s->onion_address))); tt_int_op(hs_address_is_valid(s->onion_address), OP_EQ, 1); - tt_assert(!tor_mem_is_zero((char *) s->keys.identity_sk.seckey, + tt_assert(!fast_mem_is_zero((char *) s->keys.identity_sk.seckey, ED25519_SECKEY_LEN)); - tt_assert(!tor_mem_is_zero((char *) s->keys.identity_pk.pubkey, + tt_assert(!fast_mem_is_zero((char *) s->keys.identity_pk.pubkey, ED25519_PUBKEY_LEN)); /* Check onion address from identity key. */ hs_build_address(&s->keys.identity_pk, s->config.version, addr); @@ -657,13 +703,15 @@ test_service_intro_point(void *arg) (void) arg; + update_approx_time(1481621834); + /* Test simple creation of an object. */ { - time_t now = time(NULL); + time_t now = approx_time(); ip = helper_create_service_ip(); tt_assert(ip); /* Make sure the authentication keypair is not zeroes. */ - tt_int_op(tor_mem_is_zero((const char *) &ip->auth_key_kp, + tt_int_op(fast_mem_is_zero((const char *) &ip->auth_key_kp, sizeof(ed25519_keypair_t)), OP_EQ, 0); /* The introduce2_max MUST be in that range. */ tt_u64_op(ip->introduce2_max, OP_GE, @@ -798,10 +846,11 @@ test_helper_functions(void *arg) const node_t *node = get_node_from_intro_point(ip); tt_ptr_op(node, OP_EQ, &mock_node); SMARTLIST_FOREACH_BEGIN(ip->base.link_specifiers, - hs_desc_link_specifier_t *, ls) { - if (ls->type == LS_LEGACY_ID) { + link_specifier_t *, ls) { + if (link_specifier_get_ls_type(ls) == LS_LEGACY_ID) { /* Change legacy id in link specifier which is not the mock node. */ - memset(ls->u.legacy_id, 'B', sizeof(ls->u.legacy_id)); + memset(link_specifier_getarray_un_legacy_id(ls), 'B', + link_specifier_getlen_un_legacy_id(ls)); } } SMARTLIST_FOREACH_END(ls); node = get_node_from_intro_point(ip); @@ -859,6 +908,10 @@ test_helper_functions(void *arg) done: /* This will free the service and all objects associated to it. */ + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_service_free_all(); UNMOCK(node_get_by_id); } @@ -868,7 +921,7 @@ static void test_intro_circuit_opened(void *arg) { int flags = CIRCLAUNCH_NEED_UPTIME | CIRCLAUNCH_IS_INTERNAL; - hs_service_t *service; + hs_service_t *service = NULL; origin_circuit_t *circ = NULL; (void) arg; @@ -916,6 +969,10 @@ test_intro_circuit_opened(void *arg) done: circuit_free_(TO_CIRCUIT(circ)); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(circuit_mark_for_close_); UNMOCK(relay_send_command_from_edge_); @@ -930,7 +987,7 @@ test_intro_established(void *arg) int flags = CIRCLAUNCH_NEED_UPTIME | CIRCLAUNCH_IS_INTERNAL; uint8_t payload[RELAY_PAYLOAD_SIZE] = {0}; origin_circuit_t *circ = NULL; - hs_service_t *service; + hs_service_t *service = NULL; hs_service_intro_point_t *ip = NULL; (void) arg; @@ -985,12 +1042,15 @@ test_intro_established(void *arg) /* Send an empty payload. INTRO_ESTABLISHED cells are basically zeroes. */ ret = hs_service_receive_intro_established(circ, payload, sizeof(payload)); tt_int_op(ret, OP_EQ, 0); - tt_u64_op(ip->circuit_established, OP_EQ, 1); tt_int_op(TO_CIRCUIT(circ)->purpose, OP_EQ, CIRCUIT_PURPOSE_S_INTRO); done: if (circ) circuit_free_(TO_CIRCUIT(circ)); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(circuit_mark_for_close_); } @@ -1002,7 +1062,7 @@ test_rdv_circuit_opened(void *arg) { int flags = CIRCLAUNCH_NEED_UPTIME | CIRCLAUNCH_IS_INTERNAL; origin_circuit_t *circ = NULL; - hs_service_t *service; + hs_service_t *service = NULL; (void) arg; @@ -1033,6 +1093,10 @@ test_rdv_circuit_opened(void *arg) done: circuit_free_(TO_CIRCUIT(circ)); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(circuit_mark_for_close_); UNMOCK(relay_send_command_from_edge_); @@ -1070,8 +1134,7 @@ test_closing_intro_circs(void *arg) /* Initialize intro circuit */ intro_circ = origin_circuit_init(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, flags); - intro_circ->hs_ident = hs_ident_circuit_new(&service->keys.identity_pk, - HS_IDENT_CIRCUIT_INTRO); + intro_circ->hs_ident = hs_ident_circuit_new(&service->keys.identity_pk); /* Register circuit in the circuitmap . */ hs_circuitmap_register_intro_circ_v3_service_side(intro_circ, &ip->auth_key_kp.pubkey); @@ -1097,8 +1160,7 @@ test_closing_intro_circs(void *arg) /* Now pretend that a new intro point circ was launched and opened. Check * that the intro point will be established correctly. */ intro_circ = origin_circuit_init(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, flags); - intro_circ->hs_ident = hs_ident_circuit_new(&service->keys.identity_pk, - HS_IDENT_CIRCUIT_INTRO); + intro_circ->hs_ident = hs_ident_circuit_new(&service->keys.identity_pk); ed25519_pubkey_copy(&intro_circ->hs_ident->intro_auth_pk, &ip->auth_key_kp.pubkey); /* Register circuit in the circuitmap . */ @@ -1120,19 +1182,23 @@ test_closing_intro_circs(void *arg) circuit_free_(TO_CIRCUIT(intro_circ)); } /* Frees the service object. */ + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(assert_circuit_ok); } /** Test sending and receiving introduce2 cells */ static void -test_introduce2(void *arg) +test_bad_introduce2(void *arg) { int ret; int flags = CIRCLAUNCH_NEED_UPTIME | CIRCLAUNCH_IS_INTERNAL; uint8_t payload[RELAY_PAYLOAD_SIZE] = {0}; origin_circuit_t *circ = NULL; - hs_service_t *service; + hs_service_t *service = NULL; hs_service_intro_point_t *ip = NULL; (void) arg; @@ -1142,7 +1208,7 @@ test_introduce2(void *arg) MOCK(get_or_state, get_or_state_replacement); - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); circ = helper_create_origin_circuit(CIRCUIT_PURPOSE_S_INTRO, flags); tt_assert(circ); @@ -1199,6 +1265,10 @@ test_introduce2(void *arg) dummy_state = NULL; if (circ) circuit_free_(TO_CIRCUIT(circ)); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(circuit_mark_for_close_); } @@ -1222,6 +1292,7 @@ test_service_event(void *arg) /* Set a service for this circuit. */ service = helper_create_service(); + tt_assert(service); ed25519_pubkey_copy(&circ->hs_ident->identity_pk, &service->keys.identity_pk); @@ -1253,7 +1324,6 @@ test_service_event(void *arg) * descriptor map so we can retry it. */ ip = helper_create_service_ip(); service_intro_point_add(service->desc_current->intro_points.map, ip); - ip->circuit_established = 1; /* We'll test that, it MUST be 0 after. */ run_housekeeping_event(now); tt_int_op(digest256map_size(service->desc_current->intro_points.map), OP_EQ, 1); @@ -1283,6 +1353,10 @@ test_service_event(void *arg) done: hs_circuitmap_remove_circuit(TO_CIRCUIT(circ)); circuit_free_(TO_CIRCUIT(circ)); + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(circuit_mark_for_close_); } @@ -1293,12 +1367,12 @@ test_rotate_descriptors(void *arg) { int ret; time_t next_rotation_time, now; - hs_service_t *service; + hs_service_t *service = NULL; hs_service_descriptor_t *desc_next; (void) arg; - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); hs_init(); MOCK(get_or_state, get_or_state_replacement); @@ -1314,7 +1388,7 @@ test_rotate_descriptors(void *arg) ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", &mock_ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); update_approx_time(mock_ns.valid_after+1); now = mock_ns.valid_after+1; @@ -1355,7 +1429,7 @@ test_rotate_descriptors(void *arg) ret = parse_rfc1123_time("Sat, 27 Oct 1985 02:00:00 UTC", &mock_ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); update_approx_time(mock_ns.valid_after+1); now = mock_ns.valid_after+1; @@ -1385,6 +1459,10 @@ test_rotate_descriptors(void *arg) tt_assert(service->desc_next); done: + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); UNMOCK(get_or_state); UNMOCK(circuit_mark_for_close_); @@ -1397,9 +1475,8 @@ static void test_build_update_descriptors(void *arg) { int ret; - time_t now = time(NULL); node_t *node; - hs_service_t *service; + hs_service_t *service = NULL; hs_service_intro_point_t *ip_cur, *ip_next; routerinfo_t ri; @@ -1412,7 +1489,7 @@ test_build_update_descriptors(void *arg) MOCK(networkstatus_get_reasonably_live_consensus, mock_networkstatus_get_reasonably_live_consensus); - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); ret = parse_rfc1123_time("Sat, 26 Oct 1985 03:00:00 UTC", &mock_ns.valid_after); @@ -1420,10 +1497,11 @@ test_build_update_descriptors(void *arg) ret = parse_rfc1123_time("Sat, 26 Oct 1985 04:00:00 UTC", &mock_ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); update_approx_time(mock_ns.valid_after+1); - now = mock_ns.valid_after+1; + + time_t now = mock_ns.valid_after+1; /* Create a service without a current descriptor to trigger a build. */ service = helper_create_service(); @@ -1547,9 +1625,9 @@ test_build_update_descriptors(void *arg) tt_int_op(smartlist_len(ip_cur->base.link_specifiers), OP_EQ, 3); /* Make sure we have a valid encryption keypair generated when we pick an * intro point in the update process. */ - tt_assert(!tor_mem_is_zero((char *) ip_cur->enc_key_kp.seckey.secret_key, + tt_assert(!fast_mem_is_zero((char *) ip_cur->enc_key_kp.seckey.secret_key, CURVE25519_SECKEY_LEN)); - tt_assert(!tor_mem_is_zero((char *) ip_cur->enc_key_kp.pubkey.public_key, + tt_assert(!fast_mem_is_zero((char *) ip_cur->enc_key_kp.pubkey.public_key, CURVE25519_PUBKEY_LEN)); tt_u64_op(ip_cur->time_to_expire, OP_GE, now + INTRO_POINT_LIFETIME_MIN_SECONDS); @@ -1615,6 +1693,10 @@ test_build_update_descriptors(void *arg) tt_u64_op(service->desc_next->next_upload_time, OP_EQ, 0); done: + if (service) { + remove_service(get_hs_service_map(), service); + hs_service_free(service); + } hs_free_all(); nodelist_free_all(); } @@ -1627,6 +1709,7 @@ test_build_descriptors(void *arg) { int ret; time_t now = time(NULL); + hs_service_t *last_service = NULL; (void) arg; @@ -1637,7 +1720,7 @@ test_build_descriptors(void *arg) MOCK(networkstatus_get_reasonably_live_consensus, mock_networkstatus_get_reasonably_live_consensus); - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); ret = parse_rfc1123_time("Sat, 26 Oct 1985 03:00:00 UTC", &mock_ns.valid_after); @@ -1645,25 +1728,33 @@ test_build_descriptors(void *arg) ret = parse_rfc1123_time("Sat, 26 Oct 1985 04:00:00 UTC", &mock_ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); /* Generate a valid number of fake auth clients when a client authorization * is disabled. */ { hs_service_t *service = helper_create_service(); + last_service = service; service_descriptor_free(service->desc_current); service->desc_current = NULL; build_all_descriptors(now); + tt_assert(service->desc_current); + tt_assert(service->desc_current->desc); + hs_desc_superencrypted_data_t *superencrypted; superencrypted = &service->desc_current->desc->superencrypted_data; tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16); + + helper_destroy_service(service); + last_service = NULL; } /* Generate a valid number of fake auth clients when the number of * clients is zero. */ { hs_service_t *service = helper_create_service_with_clients(0); + last_service = service; service_descriptor_free(service->desc_current); service->desc_current = NULL; @@ -1671,12 +1762,16 @@ test_build_descriptors(void *arg) hs_desc_superencrypted_data_t *superencrypted; superencrypted = &service->desc_current->desc->superencrypted_data; tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 16); + + helper_destroy_service(service); + last_service = NULL; } /* Generate a valid number of fake auth clients when the number of * clients is not a multiple of 16. */ { hs_service_t *service = helper_create_service_with_clients(20); + last_service = service; service_descriptor_free(service->desc_current); service->desc_current = NULL; @@ -1684,12 +1779,16 @@ test_build_descriptors(void *arg) hs_desc_superencrypted_data_t *superencrypted; superencrypted = &service->desc_current->desc->superencrypted_data; tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 32); + + helper_destroy_service(service); + last_service = NULL; } /* Do not generate any fake desc client when the number of clients is * a multiple of 16 but not zero. */ { hs_service_t *service = helper_create_service_with_clients(32); + last_service = service; service_descriptor_free(service->desc_current); service->desc_current = NULL; @@ -1697,9 +1796,13 @@ test_build_descriptors(void *arg) hs_desc_superencrypted_data_t *superencrypted; superencrypted = &service->desc_current->desc->superencrypted_data; tt_int_op(smartlist_len(superencrypted->clients), OP_EQ, 32); + + helper_destroy_service(service); + last_service = NULL; } done: + helper_destroy_service(last_service); hs_free_all(); } @@ -1718,7 +1821,7 @@ test_upload_descriptors(void *arg) MOCK(networkstatus_get_reasonably_live_consensus, mock_networkstatus_get_reasonably_live_consensus); - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", &mock_ns.valid_after); @@ -1726,7 +1829,7 @@ test_upload_descriptors(void *arg) ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", &mock_ns.fresh_until); tt_int_op(ret, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), mock_ns.valid_after); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); update_approx_time(mock_ns.valid_after+1); now = mock_ns.valid_after+1; @@ -1848,9 +1951,9 @@ test_rendezvous1_parsing(void *arg) } /* Send out the RENDEZVOUS1 and make sure that our mock func worked */ - tt_assert(tor_mem_is_zero(rend1_payload, 32)); + tt_assert(fast_mem_is_zero(rend1_payload, 32)); hs_circ_service_rp_has_opened(service, service_circ); - tt_assert(!tor_mem_is_zero(rend1_payload, 32)); + tt_assert(!fast_mem_is_zero(rend1_payload, 32)); tt_int_op(rend1_payload_len, OP_EQ, HS_LEGACY_RENDEZVOUS_CELL_SIZE); /******************************/ @@ -2098,6 +2201,490 @@ test_export_client_circuit_id(void *arg) tor_free(cp2); } +static smartlist_t * +mock_node_get_link_specifier_smartlist(const node_t *node, bool direct_conn) +{ + (void) node; + (void) direct_conn; + + smartlist_t *lspecs = smartlist_new(); + link_specifier_t *ls_legacy = link_specifier_new(); + smartlist_add(lspecs, ls_legacy); + + return lspecs; +} + +static node_t *fake_node = NULL; + +static const node_t * +mock_build_state_get_exit_node(cpath_build_state_t *state) +{ + (void) state; + + if (!fake_node) { + curve25519_secret_key_t seckey; + curve25519_secret_key_generate(&seckey, 0); + + fake_node = tor_malloc_zero(sizeof(node_t)); + fake_node->ri = tor_malloc_zero(sizeof(routerinfo_t)); + fake_node->ri->onion_curve25519_pkey = + tor_malloc_zero(sizeof(curve25519_public_key_t)); + curve25519_public_key_generate(fake_node->ri->onion_curve25519_pkey, + &seckey); + } + + return fake_node; +} + +static void +mock_launch_rendezvous_point_circuit(const hs_service_t *service, + const hs_service_intro_point_t *ip, + const hs_cell_introduce2_data_t *data) +{ + (void) service; + (void) ip; + (void) data; + return; +} + +/** + * Test that INTRO2 cells are handled well by onion services in the normal + * case and also when onionbalance is enabled. + */ +static void +test_intro2_handling(void *arg) +{ + (void)arg; + + MOCK(build_state_get_exit_node, mock_build_state_get_exit_node); + MOCK(relay_send_command_from_edge_, mock_relay_send_command_from_edge); + MOCK(node_get_link_specifier_smartlist, + mock_node_get_link_specifier_smartlist); + MOCK(launch_rendezvous_point_circuit, mock_launch_rendezvous_point_circuit); + + memset(relay_payload, 0, sizeof(relay_payload)); + + int retval; + time_t now = 0101010101; + update_approx_time(now); + + /** OK this is the play: + * + * In Act I, we have a standalone onion service X (without onionbalance + * enabled). We test that X can properly handle INTRO2 cells sent by a + * client Alice. + * + * In Act II, we create an onionbalance setup with frontend being Z which + * includes instances X and Y. We then setup onionbalance on X and test that + * Alice who addresses Z can communicate with X through INTRO2 cells. + * + * In Act III, we test that Alice can also communicate with X + * directly even tho onionbalance is enabled. + * + * And finally in Act IV, we check various cases where the INTRO2 cell + * should not go through because the subcredentials don't line up + * (e.g. Alice sends INTRO2 to X using Y's subcredential). + */ + + /** Let's start with some setup! Create the instances and the frontend + service, create Alice, etc: */ + + /* Create instance X */ + hs_service_t x_service; + memset(&x_service, 0, sizeof(hs_service_t)); + /* Disable onionbalance */ + x_service.config.ob_master_pubkeys = NULL; + x_service.state.replay_cache_rend_cookie = replaycache_new(0,0); + + /* Create subcredential for x: */ + ed25519_keypair_t x_identity_keypair; + hs_subcredential_t x_subcred; + ed25519_keypair_generate(&x_identity_keypair, 0); + hs_helper_get_subcred_from_identity_keypair(&x_identity_keypair, + &x_subcred); + + /* Create the x instance's intro point */ + hs_service_intro_point_t *x_ip = NULL; + { + curve25519_secret_key_t seckey; + curve25519_public_key_t pkey; + curve25519_secret_key_generate(&seckey, 0); + curve25519_public_key_generate(&pkey, &seckey); + + node_t intro_node; + memset(&intro_node, 0, sizeof(intro_node)); + routerinfo_t ri; + memset(&ri, 0, sizeof(routerinfo_t)); + ri.onion_curve25519_pkey = &pkey; + intro_node.ri = &ri; + + x_ip = service_intro_point_new(&intro_node); + } + + /* Create z frontend's subcredential */ + ed25519_keypair_t z_identity_keypair; + hs_subcredential_t z_subcred; + ed25519_keypair_generate(&z_identity_keypair, 0); + hs_helper_get_subcred_from_identity_keypair(&z_identity_keypair, + &z_subcred); + + /* Create y instance's subcredential */ + ed25519_keypair_t y_identity_keypair; + hs_subcredential_t y_subcred; + ed25519_keypair_generate(&y_identity_keypair, 0); + hs_helper_get_subcred_from_identity_keypair(&y_identity_keypair, + &y_subcred); + + /* Create Alice's intro point */ + hs_desc_intro_point_t *alice_ip; + ed25519_keypair_t signing_kp; + ed25519_keypair_generate(&signing_kp, 0); + alice_ip = hs_helper_build_intro_point(&signing_kp, now, "1.2.3.4", 0, + &x_ip->auth_key_kp, + &x_ip->enc_key_kp); + + /* Create Alice's intro and rend circuits */ + origin_circuit_t *intro_circ = origin_circuit_new(); + intro_circ->cpath = tor_malloc_zero(sizeof(crypt_path_t)); + intro_circ->cpath->prev = intro_circ->cpath; + intro_circ->hs_ident = tor_malloc_zero(sizeof(*intro_circ->hs_ident)); + origin_circuit_t rend_circ; + rend_circ.hs_ident = tor_malloc_zero(sizeof(*rend_circ.hs_ident)); + curve25519_keypair_generate(&rend_circ.hs_ident->rendezvous_client_kp, 0); + memset(rend_circ.hs_ident->rendezvous_cookie, 'r', HS_REND_COOKIE_LEN); + + /* ************************************************************ */ + + /* Act I: + * + * Where Alice connects to X without onionbalance in the picture */ + + /* Create INTRODUCE1 */ + tt_assert(fast_mem_is_zero(relay_payload, sizeof(relay_payload))); + retval = hs_circ_send_introduce1(intro_circ, &rend_circ, + alice_ip, &x_subcred); + + /* Check that the payload was written successfully */ + tt_int_op(retval, OP_EQ, 0); + tt_assert(!fast_mem_is_zero(relay_payload, sizeof(relay_payload))); + tt_int_op(relay_payload_len, OP_NE, 0); + + /* Handle the cell */ + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &x_subcred, + (uint8_t*)relay_payload,relay_payload_len); + tt_int_op(retval, OP_EQ, 0); + + /* ************************************************************ */ + + /* Act II: + * + * We now create an onionbalance setup with Z being the frontend and X and Y + * being the backend instances. Make sure that Alice can talk with the + * backend instance X even tho she thinks she is talking to the frontend Z. + */ + + /* Now configure the X instance to do onionbalance with Z as the frontend */ + x_service.config.ob_master_pubkeys = smartlist_new(); + smartlist_add(x_service.config.ob_master_pubkeys, + &z_identity_keypair.pubkey); + + /* Create descriptors for x and load next descriptor with the x's + * subcredential so that it can accept connections for itself. */ + x_service.desc_current = service_descriptor_new(); + memset(x_service.desc_current->desc->subcredential.subcred, 'C',SUBCRED_LEN); + x_service.desc_next = service_descriptor_new(); + memcpy(&x_service.desc_next->desc->subcredential, &x_subcred, SUBCRED_LEN); + + /* Refresh OB keys */ + hs_ob_refresh_keys(&x_service); + + /* Create INTRODUCE1 from Alice to X through Z */ + memset(relay_payload, 0, sizeof(relay_payload)); + retval = hs_circ_send_introduce1(intro_circ, &rend_circ, + alice_ip, &z_subcred); + + /* Check that the payload was written successfully */ + tt_int_op(retval, OP_EQ, 0); + tt_assert(!fast_mem_is_zero(relay_payload, sizeof(relay_payload))); + tt_int_op(relay_payload_len, OP_NE, 0); + + /* Deliver INTRODUCE1 to X even tho it carries Z's subcredential */ + replaycache_free(x_service.state.replay_cache_rend_cookie); + x_service.state.replay_cache_rend_cookie = replaycache_new(0, 0); + + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &z_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, 0); + + replaycache_free(x_ip->replay_cache); + x_ip->replay_cache = replaycache_new(0, 0); + + replaycache_free(x_service.state.replay_cache_rend_cookie); + x_service.state.replay_cache_rend_cookie = replaycache_new(0, 0); + + /* ************************************************************ */ + + /* Act III: + * + * Now send a direct INTRODUCE cell from Alice to X using X's subcredential + * and check that it succeeds even with onionbalance enabled. + */ + + /* Refresh OB keys (just to check for memleaks) */ + hs_ob_refresh_keys(&x_service); + + /* Create INTRODUCE1 from Alice to X using X's subcred. */ + memset(relay_payload, 0, sizeof(relay_payload)); + retval = hs_circ_send_introduce1(intro_circ, &rend_circ, + alice_ip, &x_subcred); + + /* Check that the payload was written successfully */ + tt_int_op(retval, OP_EQ, 0); + tt_assert(!fast_mem_is_zero(relay_payload, sizeof(relay_payload))); + tt_int_op(relay_payload_len, OP_NE, 0); + + /* Send INTRODUCE1 to X with X's subcredential (should succeed) */ + replaycache_free(x_service.state.replay_cache_rend_cookie); + x_service.state.replay_cache_rend_cookie = replaycache_new(0, 0); + + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &x_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, 0); + + /* ************************************************************ */ + + /* Act IV: + * + * Test cases where the INTRO2 cell should not be able to decode. + */ + + /* Try sending the exact same INTRODUCE2 cell again and see that the intro + * point replay cache triggers: */ + setup_full_capture_of_logs(LOG_WARN); + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &x_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, -1); + expect_log_msg_containing("with the same ENCRYPTED section"); + teardown_capture_of_logs(); + + /* Now cleanup the intro point replay cache but not the service replay cache + and see that this one triggers this time. */ + replaycache_free(x_ip->replay_cache); + x_ip->replay_cache = replaycache_new(0, 0); + setup_full_capture_of_logs(LOG_INFO); + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &x_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, -1); + expect_log_msg_containing("with same REND_COOKIE"); + teardown_capture_of_logs(); + + /* Now just to make sure cleanup both replay caches and make sure that the + cell gets through */ + replaycache_free(x_ip->replay_cache); + x_ip->replay_cache = replaycache_new(0, 0); + replaycache_free(x_service.state.replay_cache_rend_cookie); + x_service.state.replay_cache_rend_cookie = replaycache_new(0, 0); + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &x_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, 0); + + /* As a final thing, create an INTRODUCE1 cell from Alice to X using Y's + * subcred (should fail since Y is just another instance and not the frontend + * service!) */ + memset(relay_payload, 0, sizeof(relay_payload)); + retval = hs_circ_send_introduce1(intro_circ, &rend_circ, + alice_ip, &y_subcred); + tt_int_op(retval, OP_EQ, 0); + + /* Check that the payload was written successfully */ + tt_assert(!fast_mem_is_zero(relay_payload, sizeof(relay_payload))); + tt_int_op(relay_payload_len, OP_NE, 0); + + retval = hs_circ_handle_introduce2(&x_service, + intro_circ, x_ip, + &y_subcred, + (uint8_t*)relay_payload, relay_payload_len); + tt_int_op(retval, OP_EQ, -1); + + done: + /* Start cleaning up X */ + replaycache_free(x_service.state.replay_cache_rend_cookie); + smartlist_free(x_service.config.ob_master_pubkeys); + tor_free(x_service.state.ob_subcreds); + service_descriptor_free(x_service.desc_current); + service_descriptor_free(x_service.desc_next); + service_intro_point_free(x_ip); + + /* Clean up Alice */ + hs_desc_intro_point_free(alice_ip); + tor_free(rend_circ.hs_ident); + + if (fake_node) { + tor_free(fake_node->ri->onion_curve25519_pkey); + tor_free(fake_node->ri); + tor_free(fake_node); + } + + UNMOCK(build_state_get_exit_node); + UNMOCK(relay_send_command_from_edge_); + UNMOCK(node_get_link_specifier_smartlist); + UNMOCK(launch_rendezvous_point_circuit); +} + +static void +test_cannot_upload_descriptors(void *arg) +{ + int ret; + time_t now; + hs_service_t *service; + + (void) arg; + + hs_init(); + MOCK(get_or_state, + get_or_state_replacement); + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + + dummy_state = or_state_new(); + + ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", + &mock_ns.valid_after); + tt_int_op(ret, OP_EQ, 0); + ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", + &mock_ns.fresh_until); + tt_int_op(ret, OP_EQ, 0); + dirauth_sched_recalculate_timing(get_options(), mock_ns.valid_after); + + update_approx_time(mock_ns.valid_after + 1); + now = mock_ns.valid_after + 1; + + /* Create a service with no descriptor. It's added to the global map. */ + service = hs_service_new(get_options()); + tt_assert(service); + service->config.version = HS_VERSION_THREE; + ed25519_secret_key_generate(&service->keys.identity_sk, 0); + ed25519_public_key_generate(&service->keys.identity_pk, + &service->keys.identity_sk); + /* Register service to global map. */ + ret = register_service(get_hs_service_map(), service); + tt_int_op(ret, OP_EQ, 0); + /* But first, build our descriptor. */ + build_all_descriptors(now); + + /* 1. Testing missing intro points reason. */ + { + digest256map_t *cur = service->desc_current->intro_points.map; + digest256map_t *tmp = digest256map_new(); + service->desc_current->intro_points.map = tmp; + service->desc_current->missing_intro_points = 1; + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + digest256map_free(tmp, tor_free_); + service->desc_current->intro_points.map = cur; + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "Missing intro points"); + teardown_capture_of_logs(); + /* Reset. */ + service->desc_current->missing_intro_points = 0; + } + + /* 2. Testing non established intro points. */ + { + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "Intro circuits aren't yet all established (0/3)."); + teardown_capture_of_logs(); + } + + /* We need to pass the established circuit tests and thus from now on, we + * MOCK this to return 3 intro points. */ + MOCK(count_desc_circuit_established, mock_count_desc_circuit_established); + num_intro_points = 3; + + /* 3. Testing non established intro points. */ + { + service->desc_current->next_upload_time = now + 1000; + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "Next upload time is"); + teardown_capture_of_logs(); + /* Reset. */ + service->desc_current->next_upload_time = 0; + } + + /* 4. Testing missing live consensus. */ + { + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus_null); + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "No reasonably live consensus"); + teardown_capture_of_logs(); + /* Reset. */ + MOCK(networkstatus_get_reasonably_live_consensus, + mock_networkstatus_get_reasonably_live_consensus); + } + + /* 5. Test missing minimum directory information. */ + { + MOCK(router_have_minimum_dir_info, + mock_router_have_minimum_dir_info_false); + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "Not enough directory information"); + teardown_capture_of_logs(); + + /* Running it again shouldn't trigger anything due to rate limitation. */ + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_no_log_entry(); + teardown_capture_of_logs(); + UNMOCK(router_have_minimum_dir_info); + } + + /* Increase time and redo test (5) in order to test the rate limiting. */ + update_approx_time(mock_ns.valid_after + 61); + { + MOCK(router_have_minimum_dir_info, + mock_router_have_minimum_dir_info_false); + setup_full_capture_of_logs(LOG_INFO); + run_upload_descriptor_event(now); + expect_log_msg_containing( + "Service [scrubbed] can't upload its current descriptor: " + "Not enough directory information"); + teardown_capture_of_logs(); + UNMOCK(router_have_minimum_dir_info); + } + + done: + hs_free_all(); + UNMOCK(count_desc_circuit_established); + UNMOCK(networkstatus_get_reasonably_live_consensus); + UNMOCK(get_or_state); +} + struct testcase_t hs_service_tests[] = { { "e2e_rend_circuit_setup", test_e2e_rend_circuit_setup, TT_FORK, NULL, NULL }, @@ -2123,7 +2710,7 @@ struct testcase_t hs_service_tests[] = { NULL, NULL }, { "rdv_circuit_opened", test_rdv_circuit_opened, TT_FORK, NULL, NULL }, - { "introduce2", test_introduce2, TT_FORK, + { "bad_introduce2", test_bad_introduce2, TT_FORK, NULL, NULL }, { "service_event", test_service_event, TT_FORK, NULL, NULL }, @@ -2135,12 +2722,15 @@ struct testcase_t hs_service_tests[] = { NULL, NULL }, { "upload_descriptors", test_upload_descriptors, TT_FORK, NULL, NULL }, + { "cannot_upload_descriptors", test_cannot_upload_descriptors, TT_FORK, + NULL, NULL }, { "rendezvous1_parsing", test_rendezvous1_parsing, TT_FORK, NULL, NULL }, { "authorized_client_config_equal", test_authorized_client_config_equal, TT_FORK, NULL, NULL }, { "export_client_circuit_id", test_export_client_circuit_id, TT_FORK, NULL, NULL }, + { "intro2_handling", test_intro2_handling, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_introduce.c b/src/test/test_introduce.c index 4a6d90d97e..0ae78496b2 100644 --- a/src/test/test_introduce.c +++ b/src/test/test_introduce.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2012-2019, The Tor Project, Inc. */ +/* Copyright (c) 2012-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -383,8 +383,10 @@ make_intro_from_plaintext( /* Output the cell */ *cell_out = cell; + cell = NULL; done: + tor_free(cell); return cell_len; } @@ -535,4 +537,3 @@ struct testcase_t introduce_tests[] = { INTRODUCE_LEGACY(late_parse_v3), END_OF_TESTCASES }; - diff --git a/src/test/test_key_expiration.sh b/src/test/test_key_expiration.sh index 3474210607..2238f7aa78 100755 --- a/src/test/test_key_expiration.sh +++ b/src/test/test_key_expiration.sh @@ -6,14 +6,28 @@ umask 077 set -e -if [ $# -eq 0 ] || [ ! -f ${1} ] || [ ! -x ${1} ]; then +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if [ -d "$f" ]; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + +if [ $# -eq 0 ] || [ ! -f "${1}" ] || [ ! -x "${1}" ]; then if [ "$TESTING_TOR_BINARY" = "" ] ; then echo "Usage: ${0} PATH_TO_TOR [case-number]" exit 1 fi fi -UNAME_OS=`uname -s | cut -d_ -f1` +UNAME_OS=$(uname -s | cut -d_ -f1) if test "$UNAME_OS" = 'CYGWIN' || \ test "$UNAME_OS" = 'MSYS' || \ test "$UNAME_OS" = 'MINGW'; then @@ -21,11 +35,21 @@ if test "$UNAME_OS" = 'CYGWIN' || \ exit 77 fi +# find the tor binary if [ $# -ge 1 ]; then TOR_BINARY="${1}" shift else - TOR_BINARY="${TESTING_TOR_BINARY}" + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" +fi + +TOR_BINARY="$(abspath "$TOR_BINARY")" + +echo "TOR BINARY IS ${TOR_BINARY}" + +if "$TOR_BINARY" --list-modules | grep -q "relay: no"; then + echo "This test requires the relay module. Skipping." >&2 + exit 77 fi if [ $# -ge 1 ]; then @@ -47,11 +71,11 @@ dump() { xxd -p "$1" | tr -d '\n '; } die() { echo "$1" >&2 ; exit 5; } check_dir() { [ -d "$1" ] || die "$1 did not exist"; } check_file() { [ -e "$1" ] || die "$1 did not exist"; } -check_no_file() { [ -e "$1" ] && die "$1 was not supposed to exist" || true; } -check_files_eq() { cmp "$1" "$2" || die "$1 and $2 did not match: `dump $1` vs `dump $2`"; } +check_no_file() { if [ -e "$1" ]; then die "$1 was not supposed to exist"; fi } +check_files_eq() { cmp "$1" "$2" || die "$1 and $2 did not match: $(dump "$1") vs $(dump "$2")"; } check_keys_eq() { check_files_eq "${SRC}/keys/${1}" "${ME}/keys/${1}"; } -DATA_DIR=`mktemp -d -t tor_key_expiration_tests.XXXXXX` +DATA_DIR=$(mktemp -d -t tor_key_expiration_tests.XXXXXX) if [ -z "$DATA_DIR" ]; then echo "Failure: mktemp invocation returned empty string" >&2 exit 3 @@ -60,10 +84,10 @@ if [ ! -d "$DATA_DIR" ]; then echo "Failure: mktemp invocation result doesn't point to directory" >&2 exit 3 fi -trap "rm -rf '$DATA_DIR'" 0 +trap 'rm -rf "$DATA_DIR"' 0 # Use an absolute path for this or Tor will complain -DATA_DIR=`cd "${DATA_DIR}" && pwd` +DATA_DIR=$(cd "${DATA_DIR}" && pwd) touch "${DATA_DIR}/empty_torrc" touch "${DATA_DIR}/empty_defaults_torrc" diff --git a/src/test/test_keygen.sh b/src/test/test_keygen.sh index 7afff271cb..6812f8883d 100755 --- a/src/test/test_keygen.sh +++ b/src/test/test_keygen.sh @@ -6,14 +6,28 @@ umask 077 set -e -if [ $# -eq 0 ] || [ ! -f ${1} ] || [ ! -x ${1} ]; then +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if [ -d "$f" ]; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + +if [ $# -eq 0 ] || [ ! -f "${1}" ] || [ ! -x "${1}" ]; then if [ "$TESTING_TOR_BINARY" = "" ] ; then echo "Usage: ${0} PATH_TO_TOR [case-number]" exit 1 fi fi -UNAME_OS=`uname -s | cut -d_ -f1` +UNAME_OS=$(uname -s | cut -d_ -f1) if test "$UNAME_OS" = 'CYGWIN' || \ test "$UNAME_OS" = 'MSYS' || \ test "$UNAME_OS" = 'MINGW'; then @@ -21,14 +35,22 @@ if test "$UNAME_OS" = 'CYGWIN' || \ exit 77 fi +# find the tor binary if [ $# -ge 1 ]; then TOR_BINARY="${1}" shift else - TOR_BINARY="${TESTING_TOR_BINARY}" + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" fi +TOR_BINARY="$(abspath "$TOR_BINARY")" +echo "TOR BINARY IS ${TOR_BINARY}" + +if "$TOR_BINARY" --list-modules | grep -q "relay: no"; then + echo "This test requires the relay module. Skipping." >&2 + exit 77 +fi if [ $# -ge 1 ]; then dflt=0 @@ -64,11 +86,11 @@ dump() { xxd -p "$1" | tr -d '\n '; } die() { echo "$1" >&2 ; exit 5; } check_dir() { [ -d "$1" ] || die "$1 did not exist"; } check_file() { [ -e "$1" ] || die "$1 did not exist"; } -check_no_file() { [ -e "$1" ] && die "$1 was not supposed to exist" || true; } -check_files_eq() { cmp "$1" "$2" || die "$1 and $2 did not match: `dump $1` vs `dump $2`"; } +check_no_file() { if [ -e "$1" ]; then die "$1 was not supposed to exist"; fi } +check_files_eq() { cmp "$1" "$2" || die "$1 and $2 did not match: $(dump "$1") vs $(dump "$2")"; } check_keys_eq() { check_files_eq "${SRC}/keys/${1}" "${ME}/keys/${1}"; } -DATA_DIR=`mktemp -d -t tor_keygen_tests.XXXXXX` +DATA_DIR=$(mktemp -d -t tor_keygen_tests.XXXXXX) if [ -z "$DATA_DIR" ]; then echo "Failure: mktemp invocation returned empty string" >&2 exit 3 @@ -77,10 +99,10 @@ if [ ! -d "$DATA_DIR" ]; then echo "Failure: mktemp invocation result doesn't point to directory" >&2 exit 3 fi -trap "rm -rf '$DATA_DIR'" 0 +trap 'rm -rf "$DATA_DIR"' 0 # Use an absolute path for this or Tor will complain -DATA_DIR=`cd "${DATA_DIR}" && pwd` +DATA_DIR=$(cd "${DATA_DIR}" && pwd) touch "${DATA_DIR}/empty_torrc" touch "${DATA_DIR}/empty_defaults_torrc" @@ -144,7 +166,9 @@ ME="${DATA_DIR}/case2a" SRC="${DATA_DIR}/orig" mkdir -p "${ME}/keys" cp "${SRC}/keys/ed25519_master_id_public_key" "${ME}/keys/" -${TOR} --DataDirectory "${ME}" --list-fingerprint > "${ME}/stdout" && die "Somehow succeeded when missing secret key, certs: `cat ${ME}/stdout`" || true +if ${TOR} --DataDirectory "${ME}" --list-fingerprint > "${ME}/stdout"; then + die "Somehow succeeded when missing secret key, certs: $(cat "${ME}/stdout")" +fi check_files_eq "${SRC}/keys/ed25519_master_id_public_key" "${ME}/keys/ed25519_master_id_public_key" grep "We needed to load a secret key.*but couldn't find it" "${ME}/stdout" >/dev/null || die "Tor didn't declare that it was missing a secret key" @@ -281,7 +305,9 @@ SRC="${DATA_DIR}/encrypted" mkdir -p "${ME}/keys" cp "${SRC}/keys/ed25519_master_id_secret_key_encrypted" "${ME}/keys/" cp "${SRC}/keys/ed25519_master_id_public_key" "${ME}/keys/" -${TOR} --DataDirectory "${ME}" --list-fingerprint > "${ME}/stdout" && die "Tor started with encrypted secret key and no certs" || true +if ${TOR} --DataDirectory "${ME}" --list-fingerprint > "${ME}/stdout"; then + die "Tor started with encrypted secret key and no certs" +fi check_no_file "${ME}/keys/ed25519_signing_cert" check_no_file "${ME}/keys/ed25519_signing_secret_key" @@ -370,7 +396,9 @@ mkdir -p "${ME}/keys" cp "${SRC}/keys/ed25519_master_id_public_key" "${ME}/keys/" cp "${OTHER}/keys/ed25519_master_id_secret_key" "${ME}/keys/" -${TOR} --DataDirectory "${ME}" --list-fingerprint >"${ME}/stdout" && die "Successfully started with mismatched keys!?" || true +if ${TOR} --DataDirectory "${ME}" --list-fingerprint >"${ME}/stdout"; then + die "Successfully started with mismatched keys!?" +fi grep "public_key does not match.*secret_key" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a key mismatch" @@ -386,7 +414,9 @@ ME="${DATA_DIR}/case11a" mkdir -p "${ME}/keys" -${TOR} --DataDirectory "${ME}" --passphrase-fd 1 > "${ME}/stdout" && die "Successfully started with passphrase-fd but no keygen?" || true +if ${TOR} --DataDirectory "${ME}" --passphrase-fd 1 > "${ME}/stdout"; then + die "Successfully started with passphrase-fd but no keygen?" +fi grep "passphrase-fd specified without --keygen" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a problem with the arguments." @@ -402,7 +432,9 @@ ME="${DATA_DIR}/case11b" mkdir -p "${ME}/keys" -${TOR} --DataDirectory "${ME}" --no-passphrase > "${ME}/stdout" && die "Successfully started with no-passphrase but no keygen?" || true +if ${TOR} --DataDirectory "${ME}" --no-passphrase > "${ME}/stdout"; then + die "Successfully started with no-passphrase but no keygen?" +fi grep "no-passphrase specified without --keygen" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a problem with the arguments." @@ -418,7 +450,9 @@ ME="${DATA_DIR}/case11C" mkdir -p "${ME}/keys" -${TOR} --DataDirectory "${ME}" --newpass > "${ME}/stdout" && die "Successfully started with newpass but no keygen?" || true +if ${TOR} --DataDirectory "${ME}" --newpass > "${ME}/stdout"; then + die "Successfully started with newpass but no keygen?" +fi grep "newpass specified without --keygen" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a problem with the arguments." @@ -456,7 +490,9 @@ ME="${DATA_DIR}/case11E" mkdir -p "${ME}/keys" -${TOR} --DataDirectory "${ME}" --keygen --passphrase-fd ewigeblumenkraft > "${ME}/stdout" && die "Successfully started with bogus passphrase-fd?" || true +if ${TOR} --DataDirectory "${ME}" --keygen --passphrase-fd ewigeblumenkraft > "${ME}/stdout"; then + die "Successfully started with bogus passphrase-fd?" +fi grep "Invalid --passphrase-fd value" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a problem with the arguments." @@ -473,7 +509,9 @@ ME="${DATA_DIR}/case11F" mkdir -p "${ME}/keys" -${TOR} --DataDirectory "${ME}" --keygen --passphrase-fd 1 --no-passphrase > "${ME}/stdout" && die "Successfully started with bogus passphrase-fd combination?" || true +if ${TOR} --DataDirectory "${ME}" --keygen --passphrase-fd 1 --no-passphrase > "${ME}/stdout"; then + die "Successfully started with bogus passphrase-fd combination?" +fi grep "no-passphrase specified with --passphrase-fd" "${ME}/stdout" >/dev/null || die "Tor didn't declare that there was a problem with the arguments." diff --git a/src/test/test_keypin.c b/src/test/test_keypin.c index e7beef8609..ff6397f8c7 100644 --- a/src/test/test_keypin.c +++ b/src/test/test_keypin.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 34f59f26cd..1566b349ed 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -1,11 +1,11 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #define CHANNELTLS_PRIVATE #define CONNECTION_PRIVATE -#define TOR_CHANNEL_INTERNAL_ +#define CHANNEL_OBJECT_PRIVATE #define TORTLS_PRIVATE #include "core/or/or.h" @@ -18,6 +18,7 @@ #include "feature/relay/routerkeys.h" #include "core/or/scheduler.h" #include "feature/nodelist/torcert.h" +#include "feature/relay/relay_handshake.h" #include "core/or/or_connection_st.h" #include "core/or/or_handshake_certs_st.h" @@ -263,7 +264,7 @@ test_link_handshake_certs_ok(void *arg) tt_assert(c1->handshake_state->authenticated_rsa); tt_assert(! c1->handshake_state->authenticated_ed25519); } - tt_assert(! tor_mem_is_zero( + tt_assert(! fast_mem_is_zero( (char*)c1->handshake_state->authenticated_rsa_peer_id, 20)); chan2 = tor_malloc_zero(sizeof(*chan2)); @@ -290,7 +291,7 @@ test_link_handshake_certs_ok(void *arg) tt_ptr_op(c2->handshake_state->certs->ed_id_sign, OP_EQ, NULL); } tt_assert(c2->handshake_state->certs->id_cert); - tt_assert(tor_mem_is_zero( + tt_assert(fast_mem_is_zero( (char*)c2->handshake_state->authenticated_rsa_peer_id, 20)); /* no authentication has happened yet, since we haen't gotten an AUTH cell. */ @@ -325,7 +326,7 @@ test_link_handshake_certs_ok(void *arg) crypto_pk_free(key2); } -typedef struct certs_data_s { +typedef struct certs_data_t { int is_ed; int is_link_cert; or_connection_t *c; @@ -948,7 +949,7 @@ test_link_handshake_send_authchallenge(void *arg) #else tt_int_op(36, OP_EQ, cell1->payload_len); tt_int_op(36, OP_EQ, cell2->payload_len); -#endif +#endif /* defined(HAVE_WORKING_TOR_TLS_GET_TLSSECRETS) */ tt_int_op(0, OP_EQ, cell1->circ_id); tt_int_op(0, OP_EQ, cell2->circ_id); tt_int_op(CELL_AUTH_CHALLENGE, OP_EQ, cell1->command); @@ -960,7 +961,7 @@ test_link_handshake_send_authchallenge(void *arg) #else tt_mem_op("\x00\x01\x00\x03", OP_EQ, cell1->payload + 32, 4); tt_mem_op("\x00\x01\x00\x03", OP_EQ, cell2->payload + 32, 4); -#endif +#endif /* defined(HAVE_WORKING_TOR_TLS_GET_TLSSECRETS) */ tt_mem_op(cell1->payload, OP_NE, cell2->payload, 32); done: @@ -972,7 +973,7 @@ test_link_handshake_send_authchallenge(void *arg) crypto_pk_free(rsa1); } -typedef struct authchallenge_data_s { +typedef struct authchallenge_data_t { or_connection_t *c; channel_tls_t *chan; var_cell_t *cell; @@ -1171,7 +1172,7 @@ mock_set_circid_type(channel_t *chan, (void) consider_identity; } -typedef struct authenticate_data_s { +typedef struct authenticate_data_t { int is_ed; or_connection_t *c1, *c2; channel_tls_t *chan2; @@ -1492,6 +1493,7 @@ AUTHENTICATE_FAIL(missing_ed_auth, "authentication certificate"; }) +#ifndef COCCI #define TEST_RSA(name, flags) \ { #name , test_link_handshake_ ## name, (flags), \ &passthrough_setup, (void*)"RSA" } @@ -1527,6 +1529,7 @@ AUTHENTICATE_FAIL(missing_ed_auth, #define TEST_AUTHENTICATE_ED(name) \ { "authenticate/" #name "_ed25519" , test_link_handshake_auth_ ## name, \ TT_FORK, &setup_authenticate, (void*)3 } +#endif /* !defined(COCCI) */ struct testcase_t link_handshake_tests[] = { TEST_RSA(certs_ok, TT_FORK), diff --git a/src/test/test_logging.c b/src/test/test_logging.c index 95a2fce757..e09f7a21cd 100644 --- a/src/test/test_logging.c +++ b/src/test/test_logging.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONFIG_PRIVATE @@ -9,14 +9,13 @@ #include "lib/err/torerr.h" #include "lib/log/log.h" #include "test/test.h" -#include "lib/process/subprocess.h" #ifdef HAVE_UNISTD_H #include <unistd.h> #endif static void -dummy_cb_fn(int severity, uint32_t domain, const char *msg) +dummy_cb_fn(int severity, log_domain_mask_t domain, const char *msg) { (void)severity; (void)domain; (void)msg; } @@ -36,7 +35,7 @@ test_get_sigsafe_err_fds(void *arg) set_log_severity_config(LOG_WARN, LOG_ERR, &include_bug); set_log_severity_config(LOG_WARN, LOG_ERR, &no_bug); - no_bug.masks[0] &= ~(LD_BUG|LD_GENERAL); + no_bug.masks[SEVERITY_MASK_IDX(LOG_ERR)] &= ~(LD_BUG|LD_GENERAL); set_log_severity_config(LOG_INFO, LOG_NOTICE, &no_bug2); /* Add some logs; make sure the output is as expected. */ @@ -117,22 +116,27 @@ test_sigsafe_err(void *arg) content = read_file_to_str(fn, 0, NULL); tt_ptr_op(content, OP_NE, NULL); - tor_split_lines(lines, content, (int)strlen(content)); + smartlist_split_string(lines, content, "\n", 0, 0); tt_int_op(smartlist_len(lines), OP_GE, 5); - if (strstr(smartlist_get(lines, 0), "opening new log file")) + if (strstr(smartlist_get(lines, 0), "opening new log file")) { + void *item = smartlist_get(lines, 0); smartlist_del_keeporder(lines, 0); + tor_free(item); + } + tt_assert(strstr(smartlist_get(lines, 0), "Say, this isn't too cool")); - /* Next line is blank. */ - tt_assert(!strcmpstart(smartlist_get(lines, 1), "==============")); - tt_assert(!strcmpstart(smartlist_get(lines, 2), "Minimal.")); - /* Next line is blank. */ - tt_assert(!strcmpstart(smartlist_get(lines, 3), "==============")); - tt_str_op(smartlist_get(lines, 4), OP_EQ, + tt_str_op(smartlist_get(lines, 1), OP_EQ, ""); + tt_assert(!strcmpstart(smartlist_get(lines, 2), "==============")); + tt_assert(!strcmpstart(smartlist_get(lines, 3), "Minimal.")); + tt_str_op(smartlist_get(lines, 4), OP_EQ, ""); + tt_assert(!strcmpstart(smartlist_get(lines, 5), "==============")); + tt_str_op(smartlist_get(lines, 6), OP_EQ, "Testing any attempt to manually log from a signal."); done: tor_free(content); + SMARTLIST_FOREACH(lines, char *, x, tor_free(x)); smartlist_free(lines); } diff --git a/src/test/test_mainloop.c b/src/test/test_mainloop.c index 089ea812cf..c4e60d9da5 100644 --- a/src/test/test_mainloop.c +++ b/src/test/test_mainloop.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,11 +6,29 @@ * \brief Tests for functions closely related to the Tor main loop */ +#define CONFIG_PRIVATE +#define MAINLOOP_PRIVATE +#define STATEFILE_PRIVATE + #include "test/test.h" #include "test/log_test_helpers.h" +#include "lib/confmgt/confmgt.h" + #include "core/or/or.h" +#include "core/mainloop/connection.h" #include "core/mainloop/mainloop.h" +#include "core/mainloop/mainloop_state_st.h" +#include "core/mainloop/mainloop_sys.h" +#include "core/mainloop/netstatus.h" + +#include "feature/hs/hs_service.h" + +#include "app/config/config.h" +#include "app/config/statefile.h" +#include "app/config/or_state_st.h" + +#include "app/main/subsysmgr.h" static const uint64_t BILLION = 1000000000; @@ -131,12 +149,233 @@ test_mainloop_update_time_jumps(void *arg) monotime_disable_test_mocking(); } +static int schedule_rescan_called = 0; +static void +mock_schedule_rescan_periodic_events(void) +{ + ++schedule_rescan_called; +} + +static void +test_mainloop_user_activity(void *arg) +{ + (void)arg; + const time_t start = 1542658829; + update_approx_time(start); + + MOCK(schedule_rescan_periodic_events, mock_schedule_rescan_periodic_events); + + reset_user_activity(start); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start); + + set_network_participation(false); + + // reset can move backwards and forwards, but does not change network + // participation. + reset_user_activity(start-10); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start-10); + reset_user_activity(start+10); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+10); + + tt_int_op(schedule_rescan_called, OP_EQ, 0); + tt_int_op(false, OP_EQ, is_participating_on_network()); + + // "note" can only move forward. Calling it from a non-participating + // state makes us rescan the periodic callbacks and set participation. + note_user_activity(start+20); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+20); + tt_int_op(true, OP_EQ, is_participating_on_network()); + tt_int_op(schedule_rescan_called, OP_EQ, 1); + + // Calling it again will move us forward, but not call rescan again. + note_user_activity(start+25); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+25); + tt_int_op(true, OP_EQ, is_participating_on_network()); + tt_int_op(schedule_rescan_called, OP_EQ, 1); + + // We won't move backwards. + note_user_activity(start+20); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+25); + tt_int_op(true, OP_EQ, is_participating_on_network()); + tt_int_op(schedule_rescan_called, OP_EQ, 1); + + // We _will_ adjust if the clock jumps though. + netstatus_note_clock_jumped(500); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+525); + + netstatus_note_clock_jumped(-400); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+125); + + done: + UNMOCK(schedule_rescan_periodic_events); +} + +static unsigned int +mock_get_num_services(void) +{ + return 1; +} + +static connection_t * +mock_connection_gbtu(int type) +{ + (void) type; + return (void *)"hello fellow connections"; +} + +static void +test_mainloop_check_participation(void *arg) +{ + (void)arg; + or_options_t *options = options_new(); + const time_t start = 1542658829; + const time_t ONE_DAY = 24*60*60; + + // Suppose we've been idle for a day or two + reset_user_activity(start - 2*ONE_DAY); + set_network_participation(true); + check_network_participation_callback(start, options); + tt_int_op(is_participating_on_network(), OP_EQ, false); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start-2*ONE_DAY); + + // suppose we've been idle for 2 days... but we are a server. + reset_user_activity(start - 2*ONE_DAY); + options->ORPort_set = 1; + set_network_participation(true); + check_network_participation_callback(start+2, options); + tt_int_op(is_participating_on_network(), OP_EQ, true); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+2); + options->ORPort_set = 0; + + // idle for 2 days, but we have a hidden service. + reset_user_activity(start - 2*ONE_DAY); + set_network_participation(true); + MOCK(hs_service_get_num_services, mock_get_num_services); + check_network_participation_callback(start+3, options); + tt_int_op(is_participating_on_network(), OP_EQ, true); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+3); + UNMOCK(hs_service_get_num_services); + + // idle for 2 days but we have at least one user connection + MOCK(connection_get_by_type_nonlinked, mock_connection_gbtu); + reset_user_activity(start - 2*ONE_DAY); + set_network_participation(true); + options->DormantTimeoutDisabledByIdleStreams = 1; + check_network_participation_callback(start+10, options); + tt_int_op(is_participating_on_network(), OP_EQ, true); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start+10); + + // as above, but DormantTimeoutDisabledByIdleStreams is not set + reset_user_activity(start - 2*ONE_DAY); + set_network_participation(true); + options->DormantTimeoutDisabledByIdleStreams = 0; + check_network_participation_callback(start+13, options); + tt_int_op(is_participating_on_network(), OP_EQ, false); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start-2*ONE_DAY); + UNMOCK(connection_get_by_type_nonlinked); + options->DormantTimeoutDisabledByIdleStreams = 1; + + // idle for 2 days but DormantClientTimeout is 3 days + reset_user_activity(start - 2*ONE_DAY); + set_network_participation(true); + options->DormantClientTimeout = ONE_DAY * 3; + check_network_participation_callback(start+30, options); + tt_int_op(is_participating_on_network(), OP_EQ, true); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start-2*ONE_DAY); + + done: + or_options_free(options); + UNMOCK(hs_service_get_num_services); + UNMOCK(connection_get_by_type_nonlinked); +} + +static void +test_mainloop_dormant_load_state(void *arg) +{ + (void)arg; + or_state_t *or_state = or_state_new(); + mainloop_state_t *state; + { + int idx = subsystems_get_state_idx(&sys_mainloop); + tor_assert(idx >= 0); + state = config_mgr_get_obj_mutable(get_state_mgr(), or_state, idx); + } + const time_t start = 1543956575; + + reset_user_activity(0); + set_network_participation(false); + + // When we construct a new state, it starts out in "auto" mode. + tt_int_op(state->Dormant, OP_EQ, -1); + + // Initializing from "auto" makes us start out (by default) non-Dormant, + // with activity right now. + netstatus_load_from_state(state, start); + tt_assert(is_participating_on_network()); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start); + + // Initializing from dormant clears the last user activity time, and + // makes us dormant. + state->Dormant = 1; + netstatus_load_from_state(state, start); + tt_assert(! is_participating_on_network()); + tt_i64_op(get_last_user_activity_time(), OP_EQ, 0); + + // Initializing from non-dormant sets the last user activity time, and + // makes us non-dormant. + state->Dormant = 0; + state->MinutesSinceUserActivity = 123; + netstatus_load_from_state(state, start); + tt_assert(is_participating_on_network()); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start - 123*60); + + // If we would start dormant, but DormantCanceledByStartup is set, then + // we start up non-dormant. + state->Dormant = 1; + get_options_mutable()->DormantCanceledByStartup = 1; + netstatus_load_from_state(state, start); + tt_assert(is_participating_on_network()); + tt_i64_op(get_last_user_activity_time(), OP_EQ, start); + + done: + or_state_free(or_state); +} + +static void +test_mainloop_dormant_save_state(void *arg) +{ + (void)arg; + mainloop_state_t *state = tor_malloc_zero(sizeof(mainloop_state_t)); + const time_t start = 1543956575; + + // Can we save a non-dormant state correctly? + reset_user_activity(start - 1000); + set_network_participation(true); + netstatus_flush_to_state(state, start); + + tt_int_op(state->Dormant, OP_EQ, 0); + tt_int_op(state->MinutesSinceUserActivity, OP_EQ, 1000 / 60); + + // Can we save a dormant state correctly? + set_network_participation(false); + netstatus_flush_to_state(state, start); + + tt_int_op(state->Dormant, OP_EQ, 1); + tt_int_op(state->MinutesSinceUserActivity, OP_EQ, 0); + + done: + tor_free(state); +} + #define MAINLOOP_TEST(name) \ { #name, test_mainloop_## name , TT_FORK, NULL, NULL } struct testcase_t mainloop_tests[] = { MAINLOOP_TEST(update_time_normal), MAINLOOP_TEST(update_time_jumps), + MAINLOOP_TEST(user_activity), + MAINLOOP_TEST(check_participation), + MAINLOOP_TEST(dormant_load_state), + MAINLOOP_TEST(dormant_save_state), END_OF_TESTCASES }; - diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c index 4c4317d81a..f89025aa6c 100644 --- a/src/test/test_microdesc.c +++ b/src/test/test_microdesc.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -11,6 +11,7 @@ #include "feature/dirparse/routerparse.h" #include "feature/nodelist/microdesc.h" #include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/nodefamily.h" #include "feature/nodelist/routerlist.h" #include "feature/nodelist/torcert.h" @@ -20,6 +21,7 @@ #include "feature/nodelist/routerstatus_st.h" #include "test/test.h" +#include "test/log_test_helpers.h" #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> @@ -70,6 +72,7 @@ test_md_cache(void *data) const char *test_md3_noannotation = strchr(test_md3, '\n')+1; time_t time1, time2, time3; char *fn = NULL, *s = NULL; + char *encoded_family = NULL; (void)data; options = get_options_mutable(); @@ -172,8 +175,9 @@ test_md_cache(void *data) tt_ptr_op(md1->family, OP_EQ, NULL); tt_ptr_op(md3->family, OP_NE, NULL); - tt_int_op(smartlist_len(md3->family), OP_EQ, 3); - tt_str_op(smartlist_get(md3->family, 0), OP_EQ, "nodeX"); + + encoded_family = nodefamily_format(md3->family); + tt_str_op(encoded_family, OP_EQ, "nodex nodey nodez"); /* Now rebuild the cache! */ tt_int_op(microdesc_cache_rebuild(mc, 1), OP_EQ, 0); @@ -254,6 +258,7 @@ test_md_cache(void *data) smartlist_free(wanted); tor_free(s); tor_free(fn); + tor_free(encoded_family); } static const char truncated_md[] = @@ -417,6 +422,28 @@ static const char test_md2_21[] = "ntor-onion-key hbxdRnfVUJJY7+KcT4E3Rs7/zuClbN3hJrjSBiEGMgI=\n" "id ed25519 wqfLzgfCtRfYNg88LsL1QpzxS0itapJ1aj6TbnByx/Q\n"; +static const char test_md2_withfamily_28[] = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAL2R8EfubUcahxha4u02P4VAR0llQIMwFAmrHPjzcK7apcQgDOf2ovOA\n" + "+YQnJFxlpBmCoCZC6ssCi+9G0mqo650lFuTMP5I90BdtjotfzESfTykHLiChyvhd\n" + "l0dlqclb2SU/GKem/fLRXH16aNi72CdSUu/1slKs/70ILi34QixRAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "ntor-onion-key hbxdRnfVUJJY7+KcT4E3Rs7/zuClbN3hJrjSBiEGMgI=\n" + "family OtherNode !Strange\n" + "id ed25519 wqfLzgfCtRfYNg88LsL1QpzxS0itapJ1aj6TbnByx/Q\n"; + +static const char test_md2_withfamily_29[] = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAL2R8EfubUcahxha4u02P4VAR0llQIMwFAmrHPjzcK7apcQgDOf2ovOA\n" + "+YQnJFxlpBmCoCZC6ssCi+9G0mqo650lFuTMP5I90BdtjotfzESfTykHLiChyvhd\n" + "l0dlqclb2SU/GKem/fLRXH16aNi72CdSUu/1slKs/70ILi34QixRAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "ntor-onion-key hbxdRnfVUJJY7+KcT4E3Rs7/zuClbN3hJrjSBiEGMgI=\n" + "family !Strange $B7E27F104213C36F13E7E9829182845E495997A0 othernode\n" + "id ed25519 wqfLzgfCtRfYNg88LsL1QpzxS0itapJ1aj6TbnByx/Q\n"; + static void test_md_generate(void *arg) { @@ -447,13 +474,24 @@ test_md_generate(void *arg) tt_assert(ed25519_pubkey_eq(md->ed25519_identity_pkey, &ri->cache_info.signing_key_cert->signing_key)); + // Try family encoding. + microdesc_free(md); + ri->declared_family = smartlist_new(); + smartlist_add_strdup(ri->declared_family, "OtherNode !Strange"); + md = dirvote_create_microdescriptor(ri, 28); + tt_str_op(md->body, OP_EQ, test_md2_withfamily_28); + + microdesc_free(md); + md = dirvote_create_microdescriptor(ri, 29); + tt_str_op(md->body, OP_EQ, test_md2_withfamily_29); + done: microdesc_free(md); routerinfo_free(ri); } #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -DISABLE_GCC_WARNING(overlength-strings) +DISABLE_GCC_WARNING("-Woverlength-strings") /* We allow huge string constants in the unit tests, but not in the code * at large. */ #endif @@ -611,9 +649,44 @@ static const char MD_PARSE_TEST_DATA[] = "ntor-onion-key k2yFqTU2vzMCQDEiE/j9UcEHxKrXMLpB3IL0or09sik=\n" "id rsa1024 2A8wYpHxnkKJ92orocvIQBzeHlE\n" "p6 allow 80\n" + /* Good 11: Normal, non-exit relay with ipv6 address */ + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "a [::1:2:3:4]:9090\n" + "a 18.0.0.1:9999\n" + "ntor-onion-key k2yFqTU2vzMCQDEiE/j9UcEHxKrXMLpB3IL0or09sik=\n" + "id rsa1024 2A8wYpHxnkKJ92orocvIQBzeHlE\n" + /* Good 12: Normal, exit relay with ipv6 address */ + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "a [::1:2:3:4]:9090\n" + "a 18.0.0.1:9999\n" + "ntor-onion-key k2yFqTU2vzMCQDEiE/j9UcEHxKrXMLpB3IL0or09sik=\n" + "p accept 20-23,43,53,79-81,88,110,143,194,220,389,443,464,531,543-544\n" + "id rsa1024 2A8wYpHxnkKJ92orocvIQBzeHlE\n" + /* Good 13: Normal, exit relay with only ipv6 exit policy */ + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "a [::1:2:3:4]:9090\n" + "a 18.0.0.1:9999\n" + "ntor-onion-key k2yFqTU2vzMCQDEiE/j9UcEHxKrXMLpB3IL0or09sik=\n" + "p6 accept 20-23,43,53,79-81,88,110,143,194,220,389,443,464,531,543-544\n" + "id rsa1024 2A8wYpHxnkKJ92orocvIQBzeHlE\n" ; #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS -ENABLE_GCC_WARNING(overlength-strings) +ENABLE_GCC_WARNING("-Woverlength-strings") #endif /** More tests for parsing different kinds of microdescriptors, and getting @@ -628,7 +701,7 @@ test_md_parse(void *arg) smartlist_t *mds = microdescs_parse_from_string(MD_PARSE_TEST_DATA, NULL, 1, SAVED_NOWHERE, invalid); - tt_int_op(smartlist_len(mds), OP_EQ, 11); + tt_int_op(smartlist_len(mds), OP_EQ, 14); tt_int_op(smartlist_len(invalid), OP_EQ, 4); test_memeq_hex(smartlist_get(invalid,0), @@ -675,6 +748,21 @@ test_md_parse(void *arg) tt_assert(tor_addr_family(&md->ipv6_addr) == AF_INET6); tt_int_op(md->ipv6_orport, OP_EQ, 9090); + md = smartlist_get(mds, 11); + tt_assert(tor_addr_family(&md->ipv6_addr) == AF_INET6); + tt_int_op(md->ipv6_orport, OP_EQ, 9090); + tt_int_op(md->policy_is_reject_star, OP_EQ, 1); + + md = smartlist_get(mds, 12); + tt_assert(tor_addr_family(&md->ipv6_addr) == AF_INET6); + tt_int_op(md->ipv6_orport, OP_EQ, 9090); + tt_int_op(md->policy_is_reject_star, OP_EQ, 0); + + md = smartlist_get(mds, 13); + tt_assert(tor_addr_family(&md->ipv6_addr) == AF_INET6); + tt_int_op(md->ipv6_orport, OP_EQ, 9090); + tt_int_op(md->policy_is_reject_star, OP_EQ, 0); + done: SMARTLIST_FOREACH(mds, microdesc_t *, mdsc, microdesc_free(mdsc)); smartlist_free(mds); @@ -683,6 +771,80 @@ test_md_parse(void *arg) tor_free(mem_op_hex_tmp); } +static void +test_md_parse_id_ed25519(void *arg) +{ + (void)arg; + + /* A correct MD with an ed25519 ID ... and an unspecified ID type, + * which is permitted. */ + const char GOOD_MD[] = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "id ed25519 VGhpcyBpc24ndCBhY3R1YWxseSBhIHB1YmxpYyBrZXk\n" + "id wumpus dodecahedron\n"; + + smartlist_t *mds = NULL; + const microdesc_t *md; + + mds = microdescs_parse_from_string(GOOD_MD, + NULL, 1, SAVED_NOWHERE, NULL); + tt_assert(mds); + tt_int_op(smartlist_len(mds), OP_EQ, 1); + md = smartlist_get(mds, 0); + tt_mem_op(md->ed25519_identity_pkey, OP_EQ, + "This isn't actually a public key", ED25519_PUBKEY_LEN); + SMARTLIST_FOREACH(mds, microdesc_t *, m, microdesc_free(m)); + smartlist_free(mds); + + /* As above, but ed25519 ID key appears twice. */ + const char DUPLICATE_KEY[] = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "id ed25519 VGhpcyBpc24ndCBhY3R1YWxseSBhIHB1YmxpYyBrZXk\n" + "id ed25519 VGhpcyBpc24ndCBhY3R1YWxseSBhIHB1YmxpYyBrZXk\n"; + + setup_capture_of_logs(LOG_WARN); + mds = microdescs_parse_from_string(DUPLICATE_KEY, + NULL, 1, SAVED_NOWHERE, NULL); + tt_assert(mds); + tt_int_op(smartlist_len(mds), OP_EQ, 0); // no entries. + expect_single_log_msg_containing("Extra ed25519 key"); + mock_clean_saved_logs(); + smartlist_free(mds); + + /* As above, but ed25519 ID key is invalid. */ + const char BOGUS_KEY[] = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAM7uUtq5F6h63QNYIvC+4NcWaD0DjtnrOORZMkdpJhinXUOwce3cD5Dj\n" + "sgdN1wJpWpTQMXJ2DssfSgmOVXETP7qJuZyRprxalQhaEATMDNJA/66Ml1jSO9mZ\n" + "+8Xb7m/4q778lNtkSbsvMaYD2Dq6k2QQ3kMhr9z8oUtX0XA23+pfAgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n" + "id ed25519 VGhpcyBpc24ndCBhY3R1YWxseSBhIHB1YmxpYyZZZZZZZZZZZ\n"; + + mds = microdescs_parse_from_string(BOGUS_KEY, + NULL, 1, SAVED_NOWHERE, NULL); + tt_assert(mds); + tt_int_op(smartlist_len(mds), OP_EQ, 0); // no entries. + expect_single_log_msg_containing("Bogus ed25519 key"); + + done: + if (mds) { + SMARTLIST_FOREACH(mds, microdesc_t *, m, microdesc_free(m)); + smartlist_free(mds); + } + teardown_capture_of_logs(); +} + static int mock_rgsbd_called = 0; static routerstatus_t *mock_rgsbd_val_a = NULL; static routerstatus_t *mock_rgsbd_val_b = NULL; @@ -816,6 +978,7 @@ struct testcase_t microdesc_tests[] = { { "broken_cache", test_md_cache_broken, TT_FORK, NULL, NULL }, { "generate", test_md_generate, 0, NULL, NULL }, { "parse", test_md_parse, 0, NULL, NULL }, + { "parse_id_ed25519", test_md_parse_id_ed25519, 0, NULL, NULL }, { "reject_cache", test_md_reject_cache, TT_FORK, NULL, NULL }, { "corrupt_desc", test_md_corrupt_desc, TT_FORK, NULL, NULL }, END_OF_TESTCASES diff --git a/src/test/test_namemap.c b/src/test/test_namemap.c new file mode 100644 index 0000000000..e93d3fbc3c --- /dev/null +++ b/src/test/test_namemap.c @@ -0,0 +1,174 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "test/test.h" + +#include "lib/cc/torint.h" +#include "lib/container/namemap.h" +#include "lib/container/namemap_st.h" +#include "lib/malloc/malloc.h" + +#include <stdio.h> +#include <string.h> + +static void +test_namemap_empty(void *arg) +{ + (void)arg; + + namemap_t m; + namemap_init(&m); + namemap_t m2 = NAMEMAP_INIT(); + + tt_uint_op(0, OP_EQ, namemap_get_size(&m)); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, "hello")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, "hello")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, "hello128")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, "")); + tt_uint_op(0, OP_EQ, namemap_get_size(&m)); + + tt_uint_op(0, OP_EQ, namemap_get_size(&m2)); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m2, "hello")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m2, "hello")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m2, "hello128")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m2, "")); + tt_uint_op(0, OP_EQ, namemap_get_size(&m)); + + done: + namemap_clear(&m); + namemap_clear(&m2); +} + +static void +test_namemap_toolong(void *arg) +{ + (void)arg; + namemap_t m; + char *ok = NULL; + char *toolong = NULL; + namemap_init(&m); + + ok = tor_malloc_zero(MAX_NAMEMAP_NAME_LEN+1); + memset(ok, 'x', MAX_NAMEMAP_NAME_LEN); + + toolong = tor_malloc_zero(MAX_NAMEMAP_NAME_LEN+2); + memset(toolong, 'x', MAX_NAMEMAP_NAME_LEN+1); + + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, ok)); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, toolong)); + unsigned u1 = namemap_get_or_create_id(&m, toolong); + unsigned u2 = namemap_get_or_create_id(&m, ok); + tt_uint_op(u1, OP_EQ, NAMEMAP_ERR); + tt_uint_op(u2, OP_NE, NAMEMAP_ERR); + tt_uint_op(u2, OP_EQ, namemap_get_id(&m, ok)); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m, toolong)); + + tt_str_op(ok, OP_EQ, namemap_get_name(&m, u2)); + tt_ptr_op(NULL, OP_EQ, namemap_get_name(&m, u1)); + + done: + tor_free(ok); + tor_free(toolong); + namemap_clear(&m); +} + +static void +test_namemap_blackbox(void *arg) +{ + (void)arg; + + namemap_t m1, m2; + namemap_init(&m1); + namemap_init(&m2); + + unsigned u1 = namemap_get_or_create_id(&m1, "hello"); + unsigned u2 = namemap_get_or_create_id(&m1, "world"); + tt_uint_op(u1, OP_NE, NAMEMAP_ERR); + tt_uint_op(u2, OP_NE, NAMEMAP_ERR); + tt_uint_op(u1, OP_NE, u2); + + tt_uint_op(u1, OP_EQ, namemap_get_id(&m1, "hello")); + tt_uint_op(u1, OP_EQ, namemap_get_or_create_id(&m1, "hello")); + tt_uint_op(u2, OP_EQ, namemap_get_id(&m1, "world")); + tt_uint_op(u2, OP_EQ, namemap_get_or_create_id(&m1, "world")); + + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m1, "HELLO")); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m2, "hello")); + + unsigned u3 = namemap_get_or_create_id(&m2, "hola"); + tt_uint_op(u3, OP_NE, NAMEMAP_ERR); + tt_uint_op(NAMEMAP_ERR, OP_EQ, namemap_get_id(&m1, "hola")); + tt_uint_op(u3, OP_EQ, namemap_get_or_create_id(&m2, "hola")); + tt_uint_op(u3, OP_EQ, namemap_get_id(&m2, "hola")); + + unsigned int u4 = namemap_get_or_create_id(&m1, "hola"); + tt_uint_op(u4, OP_NE, NAMEMAP_ERR); + tt_uint_op(u4, OP_EQ, namemap_get_id(&m1, "hola")); + tt_uint_op(u3, OP_EQ, namemap_get_id(&m2, "hola")); + + tt_str_op("hello", OP_EQ, namemap_get_name(&m1, u1)); + tt_str_op("world", OP_EQ, namemap_get_name(&m1, u2)); + tt_str_op("hola", OP_EQ, namemap_get_name(&m2, u3)); + tt_str_op("hola", OP_EQ, namemap_get_name(&m1, u4)); + + tt_ptr_op(NULL, OP_EQ, namemap_get_name(&m2, u3 + 10)); + + done: + namemap_clear(&m1); + namemap_clear(&m2); +} + +static void +test_namemap_internals(void *arg) +{ + (void)arg; + // This test actually assumes know something about the identity layout. + namemap_t m; + namemap_init(&m); + + tt_uint_op(0, OP_EQ, namemap_get_or_create_id(&m, "that")); + tt_uint_op(0, OP_EQ, namemap_get_or_create_id(&m, "that")); + tt_uint_op(1, OP_EQ, namemap_get_or_create_id(&m, "is")); + tt_uint_op(1, OP_EQ, namemap_get_or_create_id(&m, "is")); + + tt_uint_op(0, OP_EQ, namemap_get_id(&m, "that")); + tt_uint_op(0, OP_EQ, namemap_get_id(&m, "that")); + tt_uint_op(1, OP_EQ, namemap_get_id(&m, "is")); + tt_uint_op(2, OP_EQ, namemap_get_or_create_id(&m, "not")); + tt_uint_op(1, OP_EQ, namemap_get_or_create_id(&m, "is")); + tt_uint_op(2, OP_EQ, namemap_get_or_create_id(&m, "not")); + + done: + namemap_clear(&m); +} + +static void +test_namemap_fmt(void *arg) +{ + (void)arg; + namemap_t m = NAMEMAP_INIT(); + + unsigned a = namemap_get_or_create_id(&m, "greetings"); + unsigned b = namemap_get_or_create_id(&m, "earthlings"); + + tt_str_op(namemap_fmt_name(&m, a), OP_EQ, "greetings"); + tt_str_op(namemap_fmt_name(&m, b), OP_EQ, "earthlings"); + tt_int_op(a, OP_NE, 100); + tt_int_op(b, OP_NE, 100); + tt_str_op(namemap_fmt_name(&m, 100), OP_EQ, "{100}"); + + done: + namemap_clear(&m); +} + +#define T(name) \ + { #name, test_namemap_ ## name , 0, NULL, NULL } + +struct testcase_t namemap_tests[] = { + T(empty), + T(toolong), + T(blackbox), + T(internals), + T(fmt), + END_OF_TESTCASES +}; diff --git a/src/test/test_netinfo.c b/src/test/test_netinfo.c new file mode 100644 index 0000000000..93892978dc --- /dev/null +++ b/src/test/test_netinfo.c @@ -0,0 +1,48 @@ +/* Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" +#include "core/or/or.h" +#include "trunnel/netinfo.h" +#include "test/test.h" + +static void +test_netinfo_unsupported_addr(void *arg) +{ + const uint8_t wire_data[] = + { // TIME + 0x00, 0x00, 0x00, 0x01, + // OTHERADDR + 0x04, // ATYPE + 0x04, // ALEN + 0x08, 0x08, 0x08, 0x08, // AVAL + 0x01, // NMYADDR + 0x03, // ATYPE (unsupported) + 0x05, // ALEN + 'a', 'd', 'r', 'r', '!' // AVAL (unsupported) + }; + + (void)arg; + + netinfo_cell_t *parsed_cell = NULL; + + ssize_t parsed = netinfo_cell_parse(&parsed_cell, wire_data, + sizeof(wire_data)); + + tt_assert(parsed == sizeof(wire_data)); + + netinfo_addr_t *addr = netinfo_cell_get_my_addrs(parsed_cell, 0); + tt_assert(addr); + + tt_int_op(3, OP_EQ, netinfo_addr_get_addr_type(addr)); + tt_int_op(5, OP_EQ, netinfo_addr_get_len(addr)); + + done: + netinfo_cell_free(parsed_cell); +} + +struct testcase_t netinfo_tests[] = { + { "unsupported_addr", test_netinfo_unsupported_addr, 0, NULL, NULL }, + END_OF_TESTCASES +}; + diff --git a/src/test/test_nodelist.c b/src/test/test_nodelist.c index 53eb0413e5..fbbbf0a99f 100644 --- a/src/test/test_nodelist.c +++ b/src/test/test_nodelist.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2007-2019, The Tor Project, Inc. */ +/* Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -6,15 +6,24 @@ * \brief Unit tests for nodelist related functions. **/ +#define NODELIST_PRIVATE +#define NETWORKSTATUS_PRIVATE + #include "core/or/or.h" #include "lib/crypt_ops/crypto_rand.h" +#include "feature/nodelist/describe.h" #include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/nodefamily.h" #include "feature/nodelist/nodelist.h" #include "feature/nodelist/torcert.h" +#include "core/or/extend_info_st.h" +#include "feature/dirauth/dirvote.h" +#include "feature/nodelist/fmt_routerstatus.h" #include "feature/nodelist/microdesc_st.h" #include "feature/nodelist/networkstatus_st.h" #include "feature/nodelist/node_st.h" +#include "feature/nodelist/nodefamily_st.h" #include "feature/nodelist/routerinfo_st.h" #include "feature/nodelist/routerstatus_st.h" @@ -72,7 +81,7 @@ test_nodelist_node_get_verbose_nickname_not_named(void *arg) } /** A node should be considered a directory server if it has an open dirport - * of it accepts tunnelled directory requests. + * or it accepts tunnelled directory requests. */ static void test_nodelist_node_is_dir(void *arg) @@ -231,6 +240,1176 @@ test_nodelist_ed_id(void *arg) #undef N_NODES } +static void +test_nodelist_nodefamily(void *arg) +{ + (void)arg; + /* hex ID digests */ + const char h1[] = "5B435D6869206861206C65207363617270652070"; + const char h2[] = "75C3B220616E6461726520696E206769726F2061"; + const char h3[] = "2074726F766172206461206D616E67696172652C"; + const char h4[] = "206D656E747265206E6F6E2076616C65206C2769"; + const char h5[] = "6E766572736F2E202D2D5072696D6F204C657669"; + + /* binary ID digests */ + uint8_t d1[DIGEST_LEN], d2[DIGEST_LEN], d3[DIGEST_LEN], d4[DIGEST_LEN], + d5[DIGEST_LEN]; + base16_decode((char*)d1, sizeof(d1), h1, strlen(h1)); + base16_decode((char*)d2, sizeof(d2), h2, strlen(h2)); + base16_decode((char*)d3, sizeof(d3), h3, strlen(h3)); + base16_decode((char*)d4, sizeof(d4), h4, strlen(h4)); + base16_decode((char*)d5, sizeof(d5), h5, strlen(h5)); + + char *enc=NULL, *enc2=NULL; + + nodefamily_t *nf1 = NULL; + nodefamily_t *nf2 = NULL; + nodefamily_t *nf3 = NULL; + + enc = nodefamily_format(NULL); + tt_str_op(enc, OP_EQ, ""); + tor_free(enc); + + /* Make sure that sorting and de-duplication work. */ + tor_asprintf(&enc, "$%s hello", h1); + nf1 = nodefamily_parse(enc, NULL, 0); + tt_assert(nf1); + tor_free(enc); + + tor_asprintf(&enc, "hello hello $%s hello", h1); + nf2 = nodefamily_parse(enc, NULL, 0); + tt_assert(nf2); + tt_ptr_op(nf1, OP_EQ, nf2); + tor_free(enc); + + tor_asprintf(&enc, "%s $%s hello", h1, h1); + nf3 = nodefamily_parse(enc, NULL, 0); + tt_assert(nf3); + tt_ptr_op(nf1, OP_EQ, nf3); + tor_free(enc); + + tt_assert(nodefamily_contains_rsa_id(nf1, d1)); + tt_assert(! nodefamily_contains_rsa_id(nf1, d2)); + tt_assert(nodefamily_contains_nickname(nf1, "hello")); + tt_assert(nodefamily_contains_nickname(nf1, "HELLO")); + tt_assert(! nodefamily_contains_nickname(nf1, "goodbye")); + + tt_int_op(nf1->refcnt, OP_EQ, 3); + nodefamily_free(nf3); + tt_int_op(nf1->refcnt, OP_EQ, 2); + + /* Try parsing with a provided self RSA digest. */ + nf3 = nodefamily_parse("hello ", d1, 0); + tt_assert(nf3); + tt_ptr_op(nf1, OP_EQ, nf3); + + /* Do we get the expected result when we re-encode? */ + tor_asprintf(&enc, "$%s hello", h1); + enc2 = nodefamily_format(nf1); + tt_str_op(enc2, OP_EQ, enc); + tor_free(enc2); + tor_free(enc); + + /* Make sure that we get a different result if we give a different digest. */ + nodefamily_free(nf3); + tor_asprintf(&enc, "hello $%s hello", h3); + nf3 = nodefamily_parse(enc, NULL, 0); + tt_assert(nf3); + tt_ptr_op(nf1, OP_NE, nf3); + tor_free(enc); + + tt_assert(nodefamily_contains_rsa_id(nf3, d3)); + tt_assert(! nodefamily_contains_rsa_id(nf3, d2)); + tt_assert(! nodefamily_contains_rsa_id(nf3, d1)); + tt_assert(nodefamily_contains_nickname(nf3, "hello")); + tt_assert(! nodefamily_contains_nickname(nf3, "goodbye")); + + nodefamily_free(nf1); + nodefamily_free(nf2); + nodefamily_free(nf3); + + /* Try one with several digests, all with nicknames appended, in different + formats. */ + tor_asprintf(&enc, "%s $%s $%s=res $%s~ist", h1, h2, h3, h4); + nf1 = nodefamily_parse(enc, d5, 0); + tt_assert(nf1); + tt_assert(nodefamily_contains_rsa_id(nf1, d1)); + tt_assert(nodefamily_contains_rsa_id(nf1, d2)); + tt_assert(nodefamily_contains_rsa_id(nf1, d3)); + tt_assert(nodefamily_contains_rsa_id(nf1, d4)); + tt_assert(nodefamily_contains_rsa_id(nf1, d5)); + /* Nicknames aren't preserved when ids are present, since node naming is + * deprecated */ + tt_assert(! nodefamily_contains_nickname(nf3, "res")); + tor_free(enc); + tor_asprintf(&enc, "$%s $%s $%s $%s $%s", h4, h3, h1, h5, h2); + enc2 = nodefamily_format(nf1); + tt_str_op(enc, OP_EQ, enc2); + tor_free(enc); + tor_free(enc2); + + /* Try ones where we parse the empty string. */ + nf2 = nodefamily_parse("", NULL, 0); + nf3 = nodefamily_parse("", d4, 0); + tt_assert(nf2); + tt_assert(nf3); + tt_ptr_op(nf2, OP_NE, nf3); + + tt_assert(! nodefamily_contains_rsa_id(nf2, d4)); + tt_assert(nodefamily_contains_rsa_id(nf3, d4)); + tt_assert(! nodefamily_contains_rsa_id(nf2, d5)); + tt_assert(! nodefamily_contains_rsa_id(nf3, d5)); + tt_assert(! nodefamily_contains_nickname(nf2, "fred")); + tt_assert(! nodefamily_contains_nickname(nf3, "bosco")); + + /* The NULL family should contain nothing. */ + tt_assert(! nodefamily_contains_rsa_id(NULL, d4)); + tt_assert(! nodefamily_contains_rsa_id(NULL, d5)); + + done: + tor_free(enc); + tor_free(enc2); + nodefamily_free(nf1); + nodefamily_free(nf2); + nodefamily_free(nf3); + nodefamily_free_all(); +} + +static void +test_nodelist_nodefamily_parse_err(void *arg) +{ + (void)arg; + nodefamily_t *nf1 = NULL; + char *enc = NULL; + const char *semibogus = + "sdakljfdslkfjdsaklfjdkl9sdf " // too long for nickname + "$jkASDFLkjsadfjhkl " // not hex + "$7468696e67732d696e2d7468656d73656c766573 " // ok + "reticulatogranulate "// ok + "$73656d69616e7468726f706f6c6f676963616c6c79 " // too long for hex + "$616273656e746d696e6465646e6573736573" // too short for hex + ; + + setup_capture_of_logs(LOG_WARN); + + // We only get two items when we parse this. + for (int reject = 0; reject <= 1; ++reject) { + for (int log_at_warn = 0; log_at_warn <= 1; ++log_at_warn) { + unsigned flags = log_at_warn ? NF_WARN_MALFORMED : 0; + flags |= reject ? NF_REJECT_MALFORMED : 0; + nf1 = nodefamily_parse(semibogus, NULL, flags); + if (reject) { + tt_assert(nf1 == NULL); + } else { + tt_assert(nf1); + enc = nodefamily_format(nf1); + tt_str_op(enc, OP_EQ, + "$7468696E67732D696E2D7468656D73656C766573 " + "reticulatogranulate"); + tor_free(enc); + } + + if (log_at_warn) { + expect_log_msg_containing("$616273656e746d696e6465646e6573736573"); + expect_log_msg_containing("sdakljfdslkfjdsaklfjdkl9sdf"); + } else { + tt_int_op(mock_saved_log_n_entries(), OP_EQ, 0); + } + mock_clean_saved_logs(); + } + } + + done: + tor_free(enc); + nodefamily_free(nf1); + teardown_capture_of_logs(); +} + +static const node_t * +mock_node_get_by_id(const char *id) +{ + if (fast_memeq(id, "!!!!!!!!!!!!!!!!!!!!", DIGEST_LEN)) + return NULL; + + // use tor_free, not node_free. + node_t *fake_node = tor_malloc_zero(sizeof(node_t)); + memcpy(fake_node->identity, id, DIGEST_LEN); + return fake_node; +} + +static const node_t * +mock_node_get_by_nickname(const char *nn, unsigned flags) +{ + (void)flags; + if (!strcmp(nn, "nonesuch")) + return NULL; + + // use tor_free, not node_free. + node_t *fake_node = tor_malloc_zero(sizeof(node_t)); + strlcpy(fake_node->identity, nn, DIGEST_LEN); + return fake_node; +} + +static void +test_nodelist_nodefamily_lookup(void *arg) +{ + (void)arg; + MOCK(node_get_by_nickname, mock_node_get_by_nickname); + MOCK(node_get_by_id, mock_node_get_by_id); + smartlist_t *sl = smartlist_new(); + nodefamily_t *nf1 = NULL; + char *mem_op_hex_tmp = NULL; + + // 'null' is allowed. + nodefamily_add_nodes_to_smartlist(NULL, sl); + tt_int_op(smartlist_len(sl), OP_EQ, 0); + + // Try a real family + nf1 = nodefamily_parse("$EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE " + "$2121212121212121212121212121212121212121 " + "$3333333333333333333333333333333333333333 " + "erewhon nonesuch", NULL, 0); + tt_assert(nf1); + nodefamily_add_nodes_to_smartlist(nf1, sl); + // There were 5 elements; 2 were dropped because the mocked lookup failed. + tt_int_op(smartlist_len(sl), OP_EQ, 3); + + const node_t *n = smartlist_get(sl, 0); + test_memeq_hex(n->identity, "3333333333333333333333333333333333333333"); + n = smartlist_get(sl, 1); + test_memeq_hex(n->identity, "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE"); + n = smartlist_get(sl, 2); + tt_str_op(n->identity, OP_EQ, "erewhon"); + + done: + UNMOCK(node_get_by_nickname); + UNMOCK(node_get_by_id); + SMARTLIST_FOREACH(sl, node_t *, fake_node, tor_free(fake_node)); + smartlist_free(sl); + nodefamily_free(nf1); + tor_free(mem_op_hex_tmp); +} + +static void +test_nodelist_nickname_matches(void *arg) +{ + (void)arg; + node_t mock_node; + routerstatus_t mock_rs; + memset(&mock_node, 0, sizeof(mock_node)); + memset(&mock_rs, 0, sizeof(mock_rs)); + + strlcpy(mock_rs.nickname, "evilgeniuses", sizeof(mock_rs.nickname)); + mock_node.rs = &mock_rs; + memcpy(mock_node.identity, ".forabettertomorrow.", DIGEST_LEN); + +#define match(x) tt_assert(node_nickname_matches(&mock_node, (x))) +#define no_match(x) tt_assert(! node_nickname_matches(&mock_node, (x))) + + match("evilgeniuses"); + match("EvilGeniuses"); + match("EvilGeniuses"); + match("2e666f7261626574746572746f6d6f72726f772e"); + match("2E666F7261626574746572746F6D6F72726F772E"); + match("$2e666f7261626574746572746f6d6f72726f772e"); + match("$2E666F7261626574746572746F6D6F72726F772E"); + match("$2E666F7261626574746572746F6D6F72726F772E~evilgeniuses"); + match("$2E666F7261626574746572746F6D6F72726F772E~EVILGENIUSES"); + + no_match("evilgenius"); + no_match("evilgeniuseses"); + no_match("evil.genius"); + no_match("$2E666F7261626574746572746F6D6F72726FFFFF"); + no_match("2E666F7261626574746572746F6D6F72726FFFFF"); + no_match("$2E666F7261626574746572746F6D6F72726F772E~fred"); + no_match("$2E666F7261626574746572746F6D6F72726F772E=EVILGENIUSES"); + done: + ; +} + +static void +test_nodelist_node_nodefamily(void *arg) +{ + (void)arg; + node_t mock_node1; + routerstatus_t mock_rs; + microdesc_t mock_md; + + node_t mock_node2; + routerinfo_t mock_ri; + + smartlist_t *nodes=smartlist_new(); + + memset(&mock_node1, 0, sizeof(mock_node1)); + memset(&mock_node2, 0, sizeof(mock_node2)); + memset(&mock_rs, 0, sizeof(mock_rs)); + memset(&mock_md, 0, sizeof(mock_md)); + memset(&mock_ri, 0, sizeof(mock_ri)); + + mock_node1.rs = &mock_rs; + mock_node1.md = &mock_md; + + mock_node2.ri = &mock_ri; + + strlcpy(mock_rs.nickname, "nodeone", sizeof(mock_rs.nickname)); + mock_ri.nickname = tor_strdup("nodetwo"); + + memcpy(mock_node1.identity, "NodeOneNode1NodeOne1", DIGEST_LEN); + memcpy(mock_node2.identity, "SecondNodeWe'reTestn", DIGEST_LEN); + + // empty families. + tt_assert(! node_family_contains(&mock_node1, &mock_node2)); + tt_assert(! node_family_contains(&mock_node2, &mock_node1)); + + // Families contain nodes, but not these nodes + mock_ri.declared_family = smartlist_new(); + smartlist_add(mock_ri.declared_family, (char*)"NodeThree"); + mock_md.family = nodefamily_parse("NodeFour", NULL, 0); + tt_assert(! node_family_contains(&mock_node1, &mock_node2)); + tt_assert(! node_family_contains(&mock_node2, &mock_node1)); + + // Families contain one another. + smartlist_add(mock_ri.declared_family, (char*) + "4e6f64654f6e654e6f6465314e6f64654f6e6531"); + tt_assert(! node_family_contains(&mock_node1, &mock_node2)); + tt_assert(node_family_contains(&mock_node2, &mock_node1)); + + nodefamily_free(mock_md.family); + mock_md.family = nodefamily_parse( + "NodeFour " + "5365636f6e644e6f64655765277265546573746e", NULL, 0); + tt_assert(node_family_contains(&mock_node1, &mock_node2)); + tt_assert(node_family_contains(&mock_node2, &mock_node1)); + + // Try looking up families now. + MOCK(node_get_by_nickname, mock_node_get_by_nickname); + MOCK(node_get_by_id, mock_node_get_by_id); + + node_lookup_declared_family(nodes, &mock_node1); + tt_int_op(smartlist_len(nodes), OP_EQ, 2); + const node_t *n = smartlist_get(nodes, 0); + tt_mem_op(n->identity, OP_EQ, "SecondNodeWe'reTestn", DIGEST_LEN); + n = smartlist_get(nodes, 1); + tt_str_op(n->identity, OP_EQ, "nodefour"); + + // free, try the other one. + SMARTLIST_FOREACH(nodes, node_t *, x, tor_free(x)); + smartlist_clear(nodes); + + node_lookup_declared_family(nodes, &mock_node2); + tt_int_op(smartlist_len(nodes), OP_EQ, 2); + n = smartlist_get(nodes, 0); + // This gets a truncated hex hex ID since it was looked up by name + tt_str_op(n->identity, OP_EQ, "NodeThree"); + n = smartlist_get(nodes, 1); + tt_str_op(n->identity, OP_EQ, "4e6f64654f6e654e6f6"); + + done: + UNMOCK(node_get_by_nickname); + UNMOCK(node_get_by_id); + smartlist_free(mock_ri.declared_family); + nodefamily_free(mock_md.family); + tor_free(mock_ri.nickname); + // use tor_free, these aren't real nodes + SMARTLIST_FOREACH(nodes, node_t *, x, tor_free(x)); + smartlist_free(nodes); +} + +static void +test_nodelist_nodefamily_canonicalize(void *arg) +{ + (void)arg; + char *c = NULL; + + c = nodefamily_canonicalize("", NULL, 0); + tt_str_op(c, OP_EQ, ""); + tor_free(c); + + uint8_t own_id[20]; + memset(own_id, 0, sizeof(own_id)); + c = nodefamily_canonicalize( + "alice BOB caroL %potrzebie !!!@#@# " + "$bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb=fred " + "ffffffffffffffffffffffffffffffffffffffff " + "$cccccccccccccccccccccccccccccccccccccccc ", own_id, 0); + tt_str_op(c, OP_EQ, + "!!!@#@# " + "$0000000000000000000000000000000000000000 " + "$BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB " + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC " + "$FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF " + "%potrzebie " + "alice bob carol"); + + done: + tor_free(c); +} + +/** format_node_description() should return + * "Fingerprint~Nickname at IPv4 and [IPv6]". + * The nickname and addresses are optional. + */ +static void +test_nodelist_format_node_description(void *arg) +{ + char mock_digest[DIGEST_LEN]; + char mock_nickname[MAX_NICKNAME_LEN+1]; + tor_addr_t mock_null_ip; + tor_addr_t mock_ipv4; + tor_addr_t mock_ipv6; + + char ndesc[NODE_DESC_BUF_LEN]; + const char *rv = NULL; + + (void) arg; + + /* Clear variables */ + memset(ndesc, 0, sizeof(ndesc)); + memset(mock_digest, 0, sizeof(mock_digest)); + memset(mock_nickname, 0, sizeof(mock_nickname)); + memset(&mock_null_ip, 0, sizeof(mock_null_ip)); + memset(&mock_ipv4, 0, sizeof(mock_ipv4)); + memset(&mock_ipv6, 0, sizeof(mock_ipv6)); + + /* Set variables */ + memcpy(mock_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_digest)); + strlcpy(mock_nickname, "TestOR7890123456789", sizeof(mock_nickname)); + tor_addr_parse(&mock_ipv4, "111.222.233.244"); + tor_addr_parse(&mock_ipv6, "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* Test function with variables */ + rv = format_node_description(ndesc, + mock_digest, + NULL, + NULL, + 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); + + /* format node description should use ~ because named is deprecated */ + rv = format_node_description(ndesc, + mock_digest, + mock_nickname, + NULL, + 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~""TestOR7890123456789"); + + /* Try a null IP address, rather than NULL */ + rv = format_node_description(ndesc, + mock_digest, + mock_nickname, + &mock_null_ip, + 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789"); + + /* Try some real IP addresses */ + rv = format_node_description(ndesc, + mock_digest, + NULL, + &mock_ipv4, + 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA at 111.222.233.244"); + + rv = format_node_description(ndesc, + mock_digest, + mock_nickname, + &mock_ipv6, + 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + rv = format_node_description(ndesc, + mock_digest, + mock_nickname, + &mock_ipv6, + tor_addr_to_ipv4h(&mock_ipv4)); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(ndesc, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* test NULL handling */ + rv = format_node_description(NULL, NULL, NULL, NULL, 0); + tt_str_op(rv, OP_EQ, "<NULL BUFFER>"); + + rv = format_node_description(ndesc, NULL, NULL, NULL, 0); + tt_ptr_op(rv, OP_EQ, ndesc); + tt_str_op(rv, OP_EQ, "<NULL ID DIGEST>"); + + done: + return; +} + +/** router_describe() is a wrapper for format_node_description(), see that + * test for details. + * + * The routerinfo-only node_describe() tests are in this function, + * so we can re-use the same mocked variables. + */ +static void +test_nodelist_router_describe(void *arg) +{ + char mock_nickname[MAX_NICKNAME_LEN+1]; + tor_addr_t mock_ipv4; + routerinfo_t mock_ri_ipv4; + routerinfo_t mock_ri_ipv6; + routerinfo_t mock_ri_dual; + + const char *rv = NULL; + + (void) arg; + + /* Clear variables */ + memset(mock_nickname, 0, sizeof(mock_nickname)); + memset(&mock_ipv4, 0, sizeof(mock_ipv4)); + memset(&mock_ri_ipv4, 0, sizeof(mock_ri_ipv4)); + memset(&mock_ri_ipv6, 0, sizeof(mock_ri_ipv6)); + memset(&mock_ri_dual, 0, sizeof(mock_ri_dual)); + + /* Set up the dual-stack routerinfo */ + memcpy(mock_ri_dual.cache_info.identity_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_ri_dual.cache_info.identity_digest)); + strlcpy(mock_nickname, "TestOR7890123456789", sizeof(mock_nickname)); + mock_ri_dual.nickname = mock_nickname; + tor_addr_parse(&mock_ipv4, "111.222.233.244"); + mock_ri_dual.addr = tor_addr_to_ipv4h(&mock_ipv4); + tor_addr_parse(&mock_ri_dual.ipv6_addr, + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* Create and modify the other routerinfos. + * mock_nickname is referenced from all 3 routerinfos. + * That's ok, all their memory is static. */ + memcpy(&mock_ri_ipv4, &mock_ri_dual, sizeof(mock_ri_ipv4)); + memcpy(&mock_ri_ipv6, &mock_ri_dual, sizeof(mock_ri_ipv6)); + /* Clear the unnecessary addresses */ + memset(&mock_ri_ipv4.ipv6_addr, 0, sizeof(mock_ri_ipv4.ipv6_addr)); + mock_ri_ipv6.addr = 0; + + /* We don't test the no-nickname and no-IP cases, because they're covered by + * format_node_description(), and we don't expect to see them in Tor code. */ + + /* Try some real IP addresses */ + rv = router_describe(&mock_ri_ipv4); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244"); + + rv = router_describe(&mock_ri_ipv6); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + rv = router_describe(&mock_ri_dual); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* test NULL handling */ + rv = router_describe(NULL); + tt_str_op(rv, OP_EQ, "<null>"); + + /* Now test a node with only these routerinfos */ + node_t mock_node; + memset(&mock_node, 0, sizeof(mock_node)); + memcpy(mock_node.identity, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_node.identity)); + + /* Try some real IP addresses */ + mock_node.ri = &mock_ri_ipv4; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244"); + + mock_node.ri = &mock_ri_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + mock_node.ri = &mock_ri_dual; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + done: + return; +} + +/** node_describe() is a wrapper for format_node_description(), see that + * test for details. + * + * The routerinfo-only and routerstatus-only node_describe() tests are in + * test_nodelist_router_describe() and test_nodelist_routerstatus_describe(), + * so we can re-use their mocked variables. + */ +static void +test_nodelist_node_describe(void *arg) +{ + char mock_nickname[MAX_NICKNAME_LEN+1]; + tor_addr_t mock_ipv4; + + const char *rv = NULL; + + (void) arg; + + /* Routerinfos */ + routerinfo_t mock_ri_dual; + + /* Clear variables */ + memset(mock_nickname, 0, sizeof(mock_nickname)); + memset(&mock_ipv4, 0, sizeof(mock_ipv4)); + memset(&mock_ri_dual, 0, sizeof(mock_ri_dual)); + + /* Set up the dual-stack routerinfo */ + memcpy(mock_ri_dual.cache_info.identity_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_ri_dual.cache_info.identity_digest)); + strlcpy(mock_nickname, "TestOR7890123456789", sizeof(mock_nickname)); + mock_ri_dual.nickname = mock_nickname; + tor_addr_parse(&mock_ipv4, "111.222.233.244"); + mock_ri_dual.addr = tor_addr_to_ipv4h(&mock_ipv4); + tor_addr_parse(&mock_ri_dual.ipv6_addr, + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* Routerstatuses */ + routerstatus_t mock_rs_ipv4; + routerstatus_t mock_rs_dual; + + /* Clear variables */ + memset(&mock_ipv4, 0, sizeof(mock_ipv4)); + memset(&mock_rs_ipv4, 0, sizeof(mock_rs_ipv4)); + memset(&mock_rs_dual, 0, sizeof(mock_rs_dual)); + + /* Set up the dual-stack routerstatus */ + memcpy(mock_rs_dual.identity_digest, + "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" + "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB", + sizeof(mock_rs_dual.identity_digest)); + strlcpy(mock_rs_dual.nickname, "Bbb", + sizeof(mock_rs_dual.nickname)); + tor_addr_parse(&mock_ipv4, "2.2.2.2"); + mock_rs_dual.addr = tor_addr_to_ipv4h(&mock_ipv4); + tor_addr_parse(&mock_rs_dual.ipv6_addr, + "[bbbb::bbbb]"); + + /* Create and modify the other routerstatus. */ + memcpy(&mock_rs_ipv4, &mock_rs_dual, sizeof(mock_rs_ipv4)); + /* Clear the unnecessary IPv6 address */ + memset(&mock_rs_ipv4.ipv6_addr, 0, sizeof(mock_rs_ipv4.ipv6_addr)); + + /* Microdescs */ + microdesc_t mock_md_null; + microdesc_t mock_md_ipv6; + + /* Clear variables */ + memset(&mock_md_null, 0, sizeof(mock_md_null)); + memset(&mock_md_ipv6, 0, sizeof(mock_md_ipv6)); + + /* Set up the microdesc */ + tor_addr_parse(&mock_md_ipv6.ipv6_addr, + "[eeee::6000:6000]"); + + /* Set up the node */ + node_t mock_node; + memset(&mock_node, 0, sizeof(mock_node)); + memcpy(mock_node.identity, + "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC" + "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC", + sizeof(mock_node.identity)); + + /* Test that the routerinfo and routerstatus work separately, but the + * identity comes from the node */ + mock_node.ri = &mock_ri_dual; + mock_node.rs = NULL; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + mock_node.ri = NULL; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2"); + + mock_node.ri = NULL; + mock_node.rs = &mock_rs_dual; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + /* Test that the routerstatus overrides the routerinfo */ + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2"); + + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_dual; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + /* Test that the microdesc IPv6 is used if the routerinfo doesn't have IPv6 + */ + mock_node.ri = NULL; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = &mock_md_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [eeee::6000:6000]"); + + mock_node.ri = NULL; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = &mock_md_null; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2"); + + mock_node.ri = NULL; + mock_node.rs = &mock_rs_dual; + mock_node.md = &mock_md_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + mock_node.ri = NULL; + mock_node.rs = &mock_rs_dual; + mock_node.md = &mock_md_null; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + /* Test that the routerinfo doesn't change the results above + */ + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = &mock_md_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [eeee::6000:6000]"); + + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_ipv4; + mock_node.md = &mock_md_null; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2"); + + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_dual; + mock_node.md = &mock_md_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + mock_node.ri = &mock_ri_dual; + mock_node.rs = &mock_rs_dual; + mock_node.md = &mock_md_null; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC~Bbb at " + "2.2.2.2 and [bbbb::bbbb]"); + + /* test NULL handling */ + rv = node_describe(NULL); + tt_str_op(rv, OP_EQ, "<null>"); + + mock_node.ri = NULL; + mock_node.rs = NULL; + mock_node.md = NULL; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "<null rs and ri>"); + + done: + return; +} + +/** routerstatus_describe() is a wrapper for format_node_description(), see + * that test for details. + * + * The routerstatus-only node_describe() tests are in this function, + * so we can re-use the same mocked variables. + */ +static void +test_nodelist_routerstatus_describe(void *arg) +{ + tor_addr_t mock_ipv4; + routerstatus_t mock_rs_ipv4; + routerstatus_t mock_rs_ipv6; + routerstatus_t mock_rs_dual; + + const char *rv = NULL; + + (void) arg; + + /* Clear variables */ + memset(&mock_ipv4, 0, sizeof(mock_ipv4)); + memset(&mock_rs_ipv4, 0, sizeof(mock_rs_ipv4)); + memset(&mock_rs_ipv6, 0, sizeof(mock_rs_ipv6)); + memset(&mock_rs_dual, 0, sizeof(mock_rs_dual)); + + /* Set up the dual-stack routerstatus */ + memcpy(mock_rs_dual.identity_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_rs_dual.identity_digest)); + strlcpy(mock_rs_dual.nickname, "TestOR7890123456789", + sizeof(mock_rs_dual.nickname)); + tor_addr_parse(&mock_ipv4, "111.222.233.244"); + mock_rs_dual.addr = tor_addr_to_ipv4h(&mock_ipv4); + tor_addr_parse(&mock_rs_dual.ipv6_addr, + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* Create and modify the other routerstatuses. */ + memcpy(&mock_rs_ipv4, &mock_rs_dual, sizeof(mock_rs_ipv4)); + memcpy(&mock_rs_ipv6, &mock_rs_dual, sizeof(mock_rs_ipv6)); + /* Clear the unnecessary addresses */ + memset(&mock_rs_ipv4.ipv6_addr, 0, sizeof(mock_rs_ipv4.ipv6_addr)); + mock_rs_ipv6.addr = 0; + + /* We don't test the no-nickname and no-IP cases, because they're covered by + * format_node_description(), and we don't expect to see them in Tor code. */ + + /* Try some real IP addresses */ + rv = routerstatus_describe(&mock_rs_ipv4); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244"); + + rv = routerstatus_describe(&mock_rs_ipv6); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + rv = routerstatus_describe(&mock_rs_dual); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* test NULL handling */ + rv = routerstatus_describe(NULL); + tt_str_op(rv, OP_EQ, "<null>"); + + /* Now test a node with only these routerstatuses */ + node_t mock_node; + memset(&mock_node, 0, sizeof(mock_node)); + memcpy(mock_node.identity, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_node.identity)); + + /* Try some real IP addresses */ + mock_node.rs = &mock_rs_ipv4; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244"); + + mock_node.rs = &mock_rs_ipv6; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + mock_node.rs = &mock_rs_dual; + rv = node_describe(&mock_node); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244 and [1111:2222:3333:4444:5555:6666:7777:8888]"); + + done: + return; +} + +/** extend_info_describe() is a wrapper for format_node_description(), see + * that test for details. + */ +static void +test_nodelist_extend_info_describe(void *arg) +{ + extend_info_t mock_ei_ipv4; + extend_info_t mock_ei_ipv6; + + const char *rv = NULL; + + (void) arg; + + /* Clear variables */ + memset(&mock_ei_ipv4, 0, sizeof(mock_ei_ipv4)); + memset(&mock_ei_ipv6, 0, sizeof(mock_ei_ipv6)); + + /* Set up the IPv4 extend info */ + memcpy(mock_ei_ipv4.identity_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + sizeof(mock_ei_ipv4.identity_digest)); + strlcpy(mock_ei_ipv4.nickname, "TestOR7890123456789", + sizeof(mock_ei_ipv4.nickname)); + tor_addr_parse(&mock_ei_ipv4.addr, "111.222.233.244"); + + /* Create and modify the other extend info. */ + memcpy(&mock_ei_ipv6, &mock_ei_ipv4, sizeof(mock_ei_ipv6)); + tor_addr_parse(&mock_ei_ipv6.addr, + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* We don't test the no-nickname and no-IP cases, because they're covered by + * format_node_description(), and we don't expect to see them in Tor code. */ + + /* Try some real IP addresses */ + rv = extend_info_describe(&mock_ei_ipv4); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "111.222.233.244"); + + rv = extend_info_describe(&mock_ei_ipv6); + tt_str_op(rv, OP_EQ, + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR7890123456789 at " + "[1111:2222:3333:4444:5555:6666:7777:8888]"); + + /* Extend infos only have one IP address, so there is no dual case */ + + /* test NULL handling */ + rv = extend_info_describe(NULL); + tt_str_op(rv, OP_EQ, "<null>"); + + done: + return; +} + +/** router_get_verbose_nickname() should return "Fingerprint~Nickname" + */ +static void +test_nodelist_router_get_verbose_nickname(void *arg) +{ + routerinfo_t mock_ri; + char mock_nickname[MAX_NICKNAME_LEN+1]; + + char vname[MAX_VERBOSE_NICKNAME_LEN+1]; + + (void) arg; + + memset(&mock_ri, 0, sizeof(routerinfo_t)); + memset(mock_nickname, 0, sizeof(mock_nickname)); + mock_ri.nickname = mock_nickname; + + /* verbose nickname should use ~ because named is deprecated */ + strlcpy(mock_nickname, "TestOR", sizeof(mock_nickname)); + memcpy(mock_ri.cache_info.identity_digest, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA", + DIGEST_LEN); + router_get_verbose_nickname(vname, &mock_ri); + tt_str_op(vname, OP_EQ, "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA~TestOR"); + + /* test NULL router handling */ + router_get_verbose_nickname(vname, NULL); + tt_str_op(vname, OP_EQ, "<null>"); + + router_get_verbose_nickname(NULL, &mock_ri); + router_get_verbose_nickname(NULL, NULL); + + done: + return; +} + +static void +test_nodelist_routerstatus_has_visibly_changed(void *arg) +{ + (void)arg; + routerstatus_t rs_orig, rs; + char *fmt_orig = NULL, *fmt = NULL; + memset(&rs_orig, 0, sizeof(rs_orig)); + strlcpy(rs_orig.nickname, "friendly", sizeof(rs_orig.nickname)); + memcpy(rs_orig.identity_digest, "abcdefghijklmnopqrst", 20); + memcpy(rs_orig.descriptor_digest, "abcdefghijklmnopqrst", 20); + rs_orig.addr = 0x7f000001; + rs_orig.or_port = 3; + rs_orig.published_on = time(NULL); + rs_orig.has_bandwidth = 1; + rs_orig.bandwidth_kb = 20; + +#define COPY() memcpy(&rs, &rs_orig, sizeof(rs)) +#define FORMAT() \ + STMT_BEGIN \ + tor_free(fmt_orig); \ + tor_free(fmt); \ + fmt_orig = routerstatus_format_entry(&rs_orig, NULL, NULL, \ + NS_CONTROL_PORT, \ + NULL); \ + fmt = routerstatus_format_entry(&rs, NULL, NULL, NS_CONTROL_PORT, \ + NULL); \ + tt_assert(fmt_orig); \ + tt_assert(fmt); \ + STMT_END +#define ASSERT_SAME() \ + STMT_BEGIN \ + tt_assert(! routerstatus_has_visibly_changed(&rs_orig, &rs)); \ + FORMAT(); \ + tt_str_op(fmt_orig, OP_EQ, fmt); \ + COPY(); \ + STMT_END +#define ASSERT_CHANGED() \ + STMT_BEGIN \ + tt_assert(routerstatus_has_visibly_changed(&rs_orig, &rs)); \ + FORMAT(); \ + tt_str_op(fmt_orig, OP_NE, fmt); \ + COPY(); \ + STMT_END +#define ASSERT_CHANGED_NO_FORMAT() \ + STMT_BEGIN \ + tt_assert(routerstatus_has_visibly_changed(&rs_orig, &rs)); \ + COPY(); \ + STMT_END + + COPY(); + ASSERT_SAME(); + + rs.addr = 0x7f000002; + ASSERT_CHANGED(); + + strlcpy(rs.descriptor_digest, "hello world", sizeof(rs.descriptor_digest)); + ASSERT_CHANGED(); + + strlcpy(rs.nickname, "fr1end1y", sizeof(rs.nickname)); + ASSERT_CHANGED(); + + rs.published_on += 3600; + ASSERT_CHANGED(); + + rs.or_port = 55; + ASSERT_CHANGED(); + + rs.dir_port = 9999; + ASSERT_CHANGED(); + + tor_addr_parse(&rs.ipv6_addr, "1234::56"); + ASSERT_CHANGED(); + + tor_addr_parse(&rs_orig.ipv6_addr, "1234::56"); + rs_orig.ipv6_orport = 99; + COPY(); + rs.ipv6_orport = 22; + ASSERT_CHANGED(); + + rs.is_authority = 1; + ASSERT_CHANGED(); + + rs.is_exit = 1; + ASSERT_CHANGED(); + + rs.is_stable = 1; + ASSERT_CHANGED(); + + rs.is_fast = 1; + ASSERT_CHANGED(); + + rs.is_flagged_running = 1; + ASSERT_CHANGED(); + + // This option is obsolete and not actually formatted. + rs.is_named = 1; + ASSERT_CHANGED_NO_FORMAT(); + + // This option is obsolete and not actually formatted. + rs.is_unnamed = 1; + ASSERT_CHANGED_NO_FORMAT(); + + rs.is_valid = 1; + ASSERT_CHANGED(); + + rs.is_possible_guard = 1; + ASSERT_CHANGED(); + + rs.is_bad_exit = 1; + ASSERT_CHANGED(); + + rs.is_hs_dir = 1; + ASSERT_CHANGED(); + + rs.is_v2_dir = 1; + ASSERT_CHANGED(); + + rs.is_staledesc = 1; + ASSERT_CHANGED(); + + // Setting this to zero crashes us with an assertion failure in + // routerstatus_format_entry() if we don't have a descriptor. + rs.has_bandwidth = 0; + ASSERT_CHANGED_NO_FORMAT(); + + // Does not actually matter; not visible to controller. + rs.has_exitsummary = 1; + ASSERT_SAME(); + + // Does not actually matter; not visible to the controller. + rs.bw_is_unmeasured = 1; + ASSERT_SAME(); + + rs.bandwidth_kb = 2000; + ASSERT_CHANGED(); + + // not visible to the controller. + rs.has_guardfraction = 1; + rs.guardfraction_percentage = 22; + ASSERT_SAME(); + + // not visible to the controller. + rs_orig.has_guardfraction = 1; + rs_orig.guardfraction_percentage = 20; + COPY(); + rs.guardfraction_percentage = 25; + ASSERT_SAME(); + + // not visible to the controller. + rs.exitsummary = (char*)"accept 1-2"; + ASSERT_SAME(); + + done: +#undef COPY +#undef ASSERT_SAME +#undef ASSERT_CHANGED + tor_free(fmt_orig); + tor_free(fmt); + return; +} + #define NODE(name, flags) \ { #name, test_nodelist_##name, (flags), NULL, NULL } @@ -239,6 +1418,18 @@ struct testcase_t nodelist_tests[] = { NODE(node_get_verbose_nickname_not_named, TT_FORK), NODE(node_is_dir, TT_FORK), NODE(ed_id, TT_FORK), + NODE(nodefamily, TT_FORK), + NODE(nodefamily_parse_err, TT_FORK), + NODE(nodefamily_lookup, TT_FORK), + NODE(nickname_matches, 0), + NODE(node_nodefamily, TT_FORK), + NODE(nodefamily_canonicalize, 0), + NODE(format_node_description, 0), + NODE(router_describe, 0), + NODE(node_describe, 0), + NODE(routerstatus_describe, 0), + NODE(extend_info_describe, 0), + NODE(router_get_verbose_nickname, 0), + NODE(routerstatus_has_visibly_changed, 0), END_OF_TESTCASES }; - diff --git a/src/test/test_ntor_cl.c b/src/test/test_ntor_cl.c index 68b6927f56..a1508d0afc 100644 --- a/src/test/test_ntor_cl.c +++ b/src/test/test_ntor_cl.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2012-2019, The Tor Project, Inc. */ +/* Copyright (c) 2012-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_oom.c b/src/test/test_oom.c index b813fa43a3..51c237ec2e 100644 --- a/src/test/test_oom.c +++ b/src/test/test_oom.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /* Unit tests for OOM handling logic */ @@ -8,7 +8,7 @@ #define CIRCUITLIST_PRIVATE #define CONNECTION_PRIVATE #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/or/circuitlist.h" #include "lib/evloop/compat_libevent.h" #include "core/mainloop/connection.h" diff --git a/src/test/test_oos.c b/src/test/test_oos.c index 815feda7ce..f8c712a6b6 100644 --- a/src/test/test_oos.c +++ b/src/test/test_oos.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /* Unit tests for OOS handler */ diff --git a/src/test/test_options.c b/src/test/test_options.c index 0e52967a23..8e0d19f126 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -1,19 +1,29 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONFIG_PRIVATE +#define RELAY_CONFIG_PRIVATE +#define LOG_PRIVATE +#define ROUTERSET_PRIVATE #include "core/or/or.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" #include "app/config/config.h" +#include "feature/dirauth/dirauth_config.h" +#include "feature/dirauth/dirauth_options_st.h" +#include "feature/dirauth/dirauth_sys.h" +#include "feature/relay/relay_config.h" #include "test/test.h" #include "lib/geoip/geoip.h" -#define ROUTERSET_PRIVATE #include "feature/nodelist/routerset.h" #include "core/mainloop/mainloop.h" +#include "app/main/subsysmgr.h" #include "test/log_test_helpers.h" +#include "test/resolve_test_helpers.h" +#include "lib/crypt_ops/crypto_options_st.h" +#include "lib/crypt_ops/crypto_sys.h" #include "lib/sandbox/sandbox.h" #include "lib/memarea/memarea.h" @@ -21,24 +31,23 @@ #include "lib/encoding/confline.h" #include "core/or/policies.h" #include "test/test_helpers.h" +#include "test/opts_test_helpers.h" #include "lib/net/resolve.h" #ifdef HAVE_SYS_PARAM_H #include <sys/param.h> #endif -#define NS_MODULE test_options - typedef struct { int severity; - uint32_t domain; + log_domain_mask_t domain; char *msg; } logmsg_t; static smartlist_t *messages = NULL; static void -log_cback(int severity, uint32_t domain, const char *msg) +log_cback(int severity, log_domain_mask_t domain, const char *msg) { logmsg_t *x = tor_malloc(sizeof(*x)); x->severity = severity; @@ -54,9 +63,9 @@ setup_log_callback(void) { log_severity_list_t lst; memset(&lst, 0, sizeof(lst)); - lst.masks[LOG_ERR - LOG_ERR] = ~0; - lst.masks[LOG_WARN - LOG_ERR] = ~0; - lst.masks[LOG_NOTICE - LOG_ERR] = ~0; + lst.masks[SEVERITY_MASK_IDX(LOG_ERR)] = LD_ALL_DOMAINS; + lst.masks[SEVERITY_MASK_IDX(LOG_WARN)] = LD_ALL_DOMAINS; + lst.masks[SEVERITY_MASK_IDX(LOG_NOTICE)] = LD_ALL_DOMAINS; add_callback_log(&lst, log_cback); mark_logs_temp(); } @@ -90,16 +99,57 @@ clear_log_messages(void) messages = NULL; } -#define setup_options(opt,dflt) \ +#define setup_options(opt) \ do { \ opt = options_new(); \ opt->command = CMD_RUN_TOR; \ options_init(opt); \ - \ - dflt = config_dup(&options_format, opt); \ - clear_log_messages(); \ } while (0) +#ifdef COCCI + +#define ENABLE_AUTHORITY_MIN "" +#define ENABLE_AUTHORITY_V3_MIN "" +#define ENABLE_AUTHORITY_BRIDGE_MIN "" +#define AUTHORITY_OPT_REQ_ "" +#define ENABLE_AUTHORITY "" +#define ENABLE_AUTHORITY_V3 "" +#define ENABLE_AUTHORITY_BRIDGE "" + +#else /* !defined(COCCI) */ + +#define ENABLE_AUTHORITY_MIN \ + "AuthoritativeDirectory 1\n" + +#define ENABLE_AUTHORITY_V3_MIN \ + ENABLE_AUTHORITY_MIN \ + "V3AuthoritativeDir 1\n" + +#define ENABLE_AUTHORITY_BRIDGE_MIN \ + ENABLE_AUTHORITY_MIN \ + "BridgeAuthoritativeDir 1\n" + +#define AUTHORITY_OPT_REQ_ \ + "Address 192.0.2.111\n" \ + "ContactInfo a@example.org\n" \ + "DirPort 1025\n" \ + "ORPort 1026\n" + +/* Not actually valid: requires v3 / bridge */ +#define ENABLE_AUTHORITY \ + ENABLE_AUTHORITY_MIN \ + AUTHORITY_OPT_REQ_ + +#define ENABLE_AUTHORITY_V3 \ + ENABLE_AUTHORITY_V3_MIN \ + AUTHORITY_OPT_REQ_ + +#define ENABLE_AUTHORITY_BRIDGE \ + ENABLE_AUTHORITY_BRIDGE_MIN \ + AUTHORITY_OPT_REQ_ + +#endif /* defined(COCCI) */ + #define VALID_DIR_AUTH "DirAuthority dizum orport=443 v3ident=E8A9C45" \ "EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \ " 083C 538F 4403 8BBF A077 587D D755\n" @@ -179,12 +229,11 @@ test_options_validate_impl(const char *configuration, int phase) { or_options_t *opt=NULL; - or_options_t *dflt; config_line_t *cl=NULL; char *msg=NULL; int r; - setup_options(opt, dflt); + setup_options(opt); r = config_get_lines(configuration, &cl, 1); if (phase == PH_GETLINES) { @@ -196,7 +245,7 @@ test_options_validate_impl(const char *configuration, if (r) goto done; - r = config_assign(&options_format, opt, cl, 0, &msg); + r = config_assign(get_options_mgr(), opt, cl, 0, &msg); if (phase == PH_ASSIGN) { if (test_options_checkmsgs(configuration, expect_errmsg, expect_log_severity, @@ -207,7 +256,7 @@ test_options_validate_impl(const char *configuration, if (r) goto done; - r = options_validate(NULL, opt, dflt, 0, &msg); + r = options_validate(NULL, opt, &msg); if (phase == PH_VALIDATE) { if (test_options_checkmsgs(configuration, expect_errmsg, expect_log_severity, @@ -221,7 +270,6 @@ test_options_validate_impl(const char *configuration, policies_free_all(); config_free_lines(cl); or_options_free(opt); - or_options_free(dflt); tor_free(msg); clear_log_messages(); } @@ -241,6 +289,7 @@ test_options_validate(void *arg) (void)arg; setup_log_callback(); sandbox_disable_getaddrinfo_cache(); + mock_hostname_resolver(); WANT_ERR("ExtORPort 500000", "Invalid ExtORPort", PH_VALIDATE); @@ -258,14 +307,10 @@ test_options_validate(void *arg) WANT_ERR("BridgeRelay 1\nDirCache 0", "We're a bridge but DirCache is disabled.", PH_VALIDATE); - WANT_ERR_LOG("HeartbeatPeriod 21 snarks", - "Interval 'HeartbeatPeriod 21 snarks' is malformed or" - " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.", - PH_ASSIGN); - WANT_ERR_LOG("LogTimeGranularity 21 snarks", - "Msec interval 'LogTimeGranularity 21 snarks' is malformed or" - " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.", - PH_ASSIGN); + WANT_ERR("HeartbeatPeriod 21 snarks", + "Unknown unit in 21 snarks", PH_ASSIGN); + WANT_ERR("LogTimeGranularity 21 snarks", + "Unknown unit in 21 snarks", PH_ASSIGN); OK("HeartbeatPeriod 1 hour", PH_VALIDATE); OK("LogTimeGranularity 100 milliseconds", PH_VALIDATE); @@ -278,6 +323,7 @@ test_options_validate(void *arg) close_temp_logs(); clear_log_messages(); + unmock_hostname_resolver(); return; } @@ -287,20 +333,18 @@ test_have_enough_mem_for_dircache(void *arg) { (void)arg; or_options_t *opt=NULL; - or_options_t *dflt=NULL; config_line_t *cl=NULL; char *msg=NULL; int r; const char *configuration = "ORPort 8080\nDirCache 1", *expect_errmsg; - setup_options(opt, dflt); + setup_options(opt); setup_log_callback(); - (void)dflt; r = config_get_lines(configuration, &cl, 1); tt_int_op(r, OP_EQ, 0); - r = config_assign(&options_format, opt, cl, 0, &msg); + r = config_assign(get_options_mgr(), opt, cl, 0, &msg); tt_int_op(r, OP_EQ, 0); /* 300 MB RAM available, DirCache enabled */ @@ -323,7 +367,7 @@ test_have_enough_mem_for_dircache(void *arg) r = config_get_lines(configuration, &cl, 1); tt_int_op(r, OP_EQ, 0); - r = config_assign(&options_format, opt, cl, 0, &msg); + r = config_assign(get_options_mgr(), opt, cl, 0, &msg); tt_int_op(r, OP_EQ, 0); /* 300 MB RAM available, DirCache enabled, Bridge */ @@ -346,7 +390,7 @@ test_have_enough_mem_for_dircache(void *arg) r = config_get_lines(configuration, &cl, 1); tt_int_op(r, OP_EQ, 0); - r = config_assign(&options_format, opt, cl, 0, &msg); + r = config_assign(get_options_mgr(), opt, cl, 0, &msg); tt_int_op(r, OP_EQ, 0); /* 200 MB RAM available, DirCache disabled */ @@ -369,7 +413,6 @@ test_have_enough_mem_for_dircache(void *arg) done: if (msg) tor_free(msg); - or_options_free(dflt); or_options_free(opt); config_free_lines(cl); return; @@ -383,33 +426,8 @@ fixed_get_uname(void) return fixed_get_uname_result; } -#define TEST_OPTIONS_OLD_VALUES "TestingV3AuthInitialVotingInterval 1800\n" \ - "ClientBootstrapConsensusMaxInProgressTries 3\n" \ - "TestingV3AuthInitialVoteDelay 300\n" \ - "TestingV3AuthInitialDistDelay 300\n" \ - "TestingClientMaxIntervalWithoutRequest 600\n" \ - "TestingDirConnectionMaxStall 600\n" \ - -#define TEST_OPTIONS_DEFAULT_VALUES TEST_OPTIONS_OLD_VALUES \ - "MaxClientCircuitsPending 1\n" \ - "RendPostPeriod 1000\n" \ - "KeepAlivePeriod 1\n" \ - "ConnLimit 1\n" \ - "V3AuthVotingInterval 300\n" \ - "V3AuthVoteDelay 20\n" \ - "V3AuthDistDelay 20\n" \ - "V3AuthNIntervalsValid 3\n" \ - "ClientUseIPv4 1\n" \ - "VirtualAddrNetworkIPv4 127.192.0.0/10\n" \ - "VirtualAddrNetworkIPv6 [FE80::]/10\n" \ - "UseEntryGuards 1\n" \ - "Schedulers Vanilla\n" \ - "ClientDNSRejectInternalAddresses 1\n" - typedef struct { - or_options_t *old_opt; or_options_t *opt; - or_options_t *def_opt; } options_test_data_t; static void free_options_test_data(options_test_data_t *td); @@ -422,17 +440,12 @@ get_options_test_data(const char *conf) config_line_t *cl=NULL; options_test_data_t *result = tor_malloc(sizeof(options_test_data_t)); result->opt = options_new(); - result->old_opt = options_new(); - result->def_opt = options_new(); - // XXX: Really, all of these options should be set to defaults - // with options_init(), but about a dozen tests break when I do that. - // Being kinda lame and just fixing the immedate breakage for now.. - result->opt->ConnectionPadding = -1; // default must be "auto" + options_init(result->opt); rv = config_get_lines(conf, &cl, 1); tt_int_op(rv, OP_EQ, 0); - rv = config_assign(&options_format, result->opt, cl, 0, &msg); + rv = config_assign(get_options_mgr(), result->opt, cl, 0, &msg); if (msg) { /* Display the parse error message by comparing it with an empty string */ tt_str_op(msg, OP_EQ, ""); @@ -441,13 +454,7 @@ get_options_test_data(const char *conf) config_free_lines(cl); result->opt->LogTimeGranularity = 1; result->opt->TokenBucketRefillInterval = 1; - rv = config_get_lines(TEST_OPTIONS_OLD_VALUES, &cl, 1); - tt_int_op(rv, OP_EQ, 0); - rv = config_assign(&options_format, result->def_opt, cl, 0, &msg); - if (msg) { - /* Display the parse error message by comparing it with an empty string */ - tt_str_op(msg, OP_EQ, ""); - } + rv = config_get_lines("", &cl, 1); tt_int_op(rv, OP_EQ, 0); done: @@ -466,9 +473,7 @@ static void free_options_test_data(options_test_data_t *td) { if (!td) return; - or_options_free(td->old_opt); or_options_free(td->opt); - or_options_free(td->def_opt); tor_free(td); } @@ -491,7 +496,7 @@ test_options_validate__uname_for_server(void *ignored) MOCK(get_uname, fixed_get_uname); fixed_get_uname_result = "Windows 95"; - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("Tor is running as a server, but you" " are running Windows 95; this probably won't work. See https://www" ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); @@ -499,7 +504,7 @@ test_options_validate__uname_for_server(void *ignored) fixed_get_uname_result = "Windows 98"; mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("Tor is running as a server, but you" " are running Windows 98; this probably won't work. See https://www" ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); @@ -507,7 +512,7 @@ test_options_validate__uname_for_server(void *ignored) fixed_get_uname_result = "Windows Me"; mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("Tor is running as a server, but you" " are running Windows Me; this probably won't work. See https://www" ".torproject.org/docs/faq.html#BestOSForRelay for details.\n"); @@ -515,8 +520,8 @@ test_options_validate__uname_for_server(void *ignored) fixed_get_uname_result = "Windows 2000"; mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - expect_no_log_entry(); + options_validate(NULL, tdata->opt, &msg); + expect_no_log_msg("Tor is running as a server, but you "); tor_free(msg); done: @@ -539,7 +544,7 @@ test_options_validate__outbound_addresses(void *ignored) options_test_data_t *tdata = get_options_test_data( "OutboundBindAddress xxyy!!!sdfaf"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Multiple outbound bind addresses configured: " "xxyy!!!sdfaf"); @@ -576,7 +581,7 @@ test_options_validate__data_directory(void *ignored) "ONGLONGlongreallylongLONG" "LONG"); // 440 characters - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Invalid DataDirectory"); @@ -594,7 +599,7 @@ test_options_validate__nickname(void *ignored) options_test_data_t *tdata = get_options_test_data( "Nickname ThisNickNameIsABitTooLong"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Nickname 'ThisNickNameIsABitTooLong', nicknames must be between " @@ -604,16 +609,14 @@ test_options_validate__nickname(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("Nickname AMoreValidNick"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("DataDirectory /tmp/somewhere"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); done: free_options_test_data(tdata); @@ -631,8 +634,8 @@ test_options_validate__contactinfo(void *ignored) setup_capture_of_logs(LOG_DEBUG); tdata->opt->ContactInfo = NULL; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_log_msg( "Your ContactInfo config option is not set. Please strongly " "consider setting it, so we can contact you if your relay is " @@ -645,8 +648,8 @@ test_options_validate__contactinfo(void *ignored) tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "ContactInfo hella@example.org"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "Your ContactInfo config option is not set. Please strongly " "consider setting it, so we can contact you if your relay is " @@ -673,50 +676,53 @@ test_options_validate__logs(void *ignored) tdata->opt->Logs = NULL; tdata->opt->RunAsDaemon = 0; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_str_op(tdata->opt->Logs->key, OP_EQ, "Log"); - tt_str_op(tdata->opt->Logs->value, OP_EQ, "notice stdout"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_assert(!tdata->opt->Logs); tor_free(msg); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, 0); free_options_test_data(tdata); tdata = get_options_test_data(""); tdata->opt->Logs = NULL; tdata->opt->RunAsDaemon = 0; quiet_level = 1; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_str_op(tdata->opt->Logs->key, OP_EQ, "Log"); - tt_str_op(tdata->opt->Logs->value, OP_EQ, "warn stdout"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_assert(!tdata->opt->Logs); tor_free(msg); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, 0); free_options_test_data(tdata); tdata = get_options_test_data(""); tdata->opt->Logs = NULL; tdata->opt->RunAsDaemon = 0; quiet_level = 2; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_assert(!tdata->opt->Logs); tor_free(msg); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, 0); free_options_test_data(tdata); tdata = get_options_test_data(""); tdata->opt->Logs = NULL; tdata->opt->RunAsDaemon = 0; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 1, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_assert(!tdata->opt->Logs); tor_free(msg); - tt_int_op(ret, OP_EQ, -1); + tt_int_op(ret, OP_EQ, 0); free_options_test_data(tdata); tdata = get_options_test_data(""); tdata->opt->Logs = NULL; tdata->opt->RunAsDaemon = 1; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_assert(!tdata->opt->Logs); tor_free(msg); +#ifdef _WIN32 + /* Can't RunAsDaemon on Windows. */ tt_int_op(ret, OP_EQ, -1); +#else + tt_int_op(ret, OP_EQ, 0); +#endif /* defined(_WIN32) */ free_options_test_data(tdata); tdata = get_options_test_data(""); @@ -724,7 +730,7 @@ test_options_validate__logs(void *ignored) config_line_t *cl=NULL; config_get_lines("Log foo", &cl, 1); tdata->opt->Logs = cl; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op((intptr_t)tdata->opt->Logs, OP_EQ, (intptr_t)cl); tt_int_op(ret, OP_EQ, -1); @@ -752,13 +758,14 @@ test_options_validate__authdir(void *ignored) char *msg; setup_capture_of_logs(LOG_INFO); options_test_data_t *tdata = get_options_test_data( - "AuthoritativeDirectory 1\n" + ENABLE_AUTHORITY_V3_MIN "Address this.should.not!exist!.example.org"); + const dirauth_options_t *da_opt; sandbox_disable_getaddrinfo_cache(); MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); UNMOCK(tor_addr_lookup); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Failed to resolve/guess local address. See logs for" @@ -768,246 +775,217 @@ test_options_validate__authdir(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN "Address 100.200.10.1"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Authoritative directory servers must set " "ContactInfo"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN "Address 100.200.10.1\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Authoritative directory servers must set ContactInfo"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_MIN "Address 100.200.10.1\n" "TestingTorNetwork 1\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)" "AuthoritativeDir is set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)" "AuthoritativeDir is set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "RecommendedVersions 1.2, 3.14\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "RecommendedVersions 1.2, 3.14\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14"); - tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14"); + options_validate(NULL, tdata->opt, &msg); + da_opt = get_dirauth_options(tdata->opt); + tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14"); + tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "RecommendedVersions 1.2, 3.14\n" "RecommendedClientVersions 25\n" - "RecommendedServerVersions 4.18\n" - "ContactInfo hello@hello.com\n"); + "RecommendedServerVersions 4.18\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "25"); - tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "4.18"); + options_validate(NULL, tdata->opt, &msg); + da_opt = get_dirauth_options(tdata->opt); + tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "25"); + tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "4.18"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY "VersioningAuthoritativeDirectory 1\n" "RecommendedVersions 1.2, 3.14\n" "RecommendedClientVersions 25\n" - "RecommendedServerVersions 4.18\n" - "ContactInfo hello@hello.com\n"); + "RecommendedServerVersions 4.18\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); + da_opt = get_dirauth_options(tdata->opt); tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)" "AuthoritativeDir is set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "VersioningAuthoritativeDirectory 1\n" - "RecommendedServerVersions 4.18\n" - "ContactInfo hello@hello.com\n"); + "RecommendedServerVersions 4.18\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); + da_opt = get_dirauth_options(tdata->opt); tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set " "Recommended*Versions."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "VersioningAuthoritativeDirectory 1\n" - "RecommendedClientVersions 4.18\n" - "ContactInfo hello@hello.com\n"); + "RecommendedClientVersions 4.18\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); + da_opt = get_dirauth_options(tdata->opt); tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set " "Recommended*Versions."); tor_free(msg); + da_opt = NULL; free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "UseEntryGuards 1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "UseEntryGuards 1\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("Authoritative directory servers " "can't set UseEntryGuards. Disabling.\n"); tt_int_op(tdata->opt->UseEntryGuards, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "V3AuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "DownloadExtraInfo 0\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("Authoritative directories always try" " to download extra-info documents. Setting DownloadExtraInfo.\n"); tt_int_op(tdata->opt->DownloadExtraInfo, OP_EQ, 1); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "DownloadExtraInfo 1\n" - "V3AuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "V3BandwidthsFile non-existent-file\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - expect_no_log_msg("Authoritative directories always try" - " to download extra-info documents. Setting DownloadExtraInfo.\n"); - tt_int_op(tdata->opt->DownloadExtraInfo, OP_EQ, 1); + options_validate(NULL, tdata->opt, &msg); + expect_log_msg("Can't open bandwidth file at configured location: " + "non-existent-file\n"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "GuardfractionFile non-existent-file\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)" - "AuthoritativeDir is set."); + options_validate(NULL, tdata->opt, &msg); + expect_log_msg("Cannot open guardfraction file 'non-existent-file'. " + "Failing.\n"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN "Address 100.200.10.1\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n" - "V3BandwidthsFile non-existent-file\n"); + "ORPort 2000\n" + "ContactInfo hello@hello.com\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Running as authoritative directory, but no DirPort set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE_MIN "Address 100.200.10.1\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n" - "V3BandwidthsFile non-existent-file\n"); + "ORPort 2000\n" + "ContactInfo hello@hello.com\n"); mock_clean_saved_logs(); - options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Running as authoritative directory, but no DirPort set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN "Address 100.200.10.1\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n" - "GuardfractionFile non-existent-file\n"); + "DirPort 999\n" + "ContactInfo hello@hello.com\n"); mock_clean_saved_logs(); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, - "Running as authoritative directory, but no DirPort set."); + "Running as authoritative directory, but no ORPort set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" + tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE_MIN "Address 100.200.10.1\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n" - "GuardfractionFile non-existent-file\n"); + "DirPort 999\n" + "ContactInfo hello@hello.com\n"); mock_clean_saved_logs(); - options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, - "Running as authoritative directory, but no DirPort set."); + "Running as authoritative directory, but no ORPort set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "ClientOnly 1\n"); + /* We have to call the dirauth-specific function, and fake port parsing, + * to hit this case */ + tdata->opt->DirPort_set = 1; + tdata->opt->ORPort_set = 1; mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate_dirauth_mode(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, - "Running as authoritative directory, but no DirPort set."); + tt_str_op(msg, OP_EQ, "Running as authoritative directory, " + "but ClientOnly also set."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("AuthoritativeDirectory 1\n" - "Address 100.200.10.1\n" - "DirPort 999\n" - "BridgeAuthoritativeDir 1\n" - "ContactInfo hello@hello.com\n"); + tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE + "ClientOnly 1\n"); + /* We have to call the dirauth-specific function, and fake port parsing, + * to hit this case */ + tdata->opt->DirPort_set = 1; + tdata->opt->ORPort_set = 1; mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate_dirauth_mode(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, - "Running as authoritative directory, but no ORPort set."); + tt_str_op(msg, OP_EQ, "Running as authoritative directory, " + "but ClientOnly also set."); tor_free(msg); - // TODO: This case can't be reached, since clientonly is used to - // check when parsing port lines as well. - /* free_options_test_data(tdata); */ - /* tdata = get_options_test_data("AuthoritativeDirectory 1\n" */ - /* "Address 100.200.10.1\n" */ - /* "DirPort 999\n" */ - /* "ORPort 888\n" */ - /* "ClientOnly 1\n" */ - /* "BridgeAuthoritativeDir 1\n" */ - /* "ContactInfo hello@hello.com\n" ); */ - /* mock_clean_saved_logs(); */ - /* ret = options_validate(tdata->old_opt, tdata->opt, */ - /* tdata->def_opt, 0, &msg); */ - /* tt_int_op(ret, OP_EQ, -1); */ - /* tt_str_op(msg, OP_EQ, "Running as authoritative directory, " */ - /* "but ClientOnly also set."); */ - done: teardown_capture_of_logs(); // sandbox_free_getaddrinfo_cache(); @@ -1020,6 +998,7 @@ test_options_validate__relay_with_hidden_services(void *ignored) { (void)ignored; char *msg; + int ret; setup_capture_of_logs(LOG_DEBUG); options_test_data_t *tdata = get_options_test_data( "ORPort 127.0.0.1:5555\n" @@ -1028,7 +1007,8 @@ test_options_validate__relay_with_hidden_services(void *ignored) "HiddenServicePort 80 127.0.0.1:8080\n" ); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_log_msg( "Tor is currently configured as a relay and a hidden service. " "That's not very secure: you should probably run your hidden servi" @@ -1041,27 +1021,25 @@ test_options_validate__relay_with_hidden_services(void *ignored) tor_free(msg); } -// TODO: it doesn't seem possible to hit the case of having no port lines at -// all, since there will be a default created for SocksPort -/* static void */ -/* test_options_validate__ports(void *ignored) */ -/* { */ -/* (void)ignored; */ -/* int ret; */ -/* char *msg; */ -/* setup_capture_of_logs(LOG_WARN); */ -/* options_test_data_t *tdata = get_options_test_data(""); */ -/* ret = options_validate(tdata->old_opt, tdata->opt, */ -/* tdata->def_opt, 0, &msg); */ -/* expect_log_msg("SocksPort, TransPort, NATDPort, DNSPort, and ORPort " */ -/* "are all undefined, and there aren't any hidden services " */ -/* "configured. " */ -/* " Tor will still run, but probably won't do anything.\n"); */ -/* done: */ -/* teardown_capture_of_logs(); */ -/* free_options_test_data(tdata); */ -/* tor_free(msg); */ -/* } */ +static void +test_options_validate__listen_ports(void *ignored) +{ + (void)ignored; + int ret; + char *msg; + setup_capture_of_logs(LOG_WARN); + options_test_data_t *tdata = get_options_test_data("SOCKSPort 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + expect_log_msg("SocksPort, TransPort, NATDPort, DNSPort, and ORPort " + "are all undefined, and there aren't any hidden services " + "configured. " + " Tor will still run, but probably won't do anything.\n"); + done: + teardown_capture_of_logs(); + free_options_test_data(tdata); + tor_free(msg); +} static void test_options_validate__transproxy(void *ignored) @@ -1075,31 +1053,31 @@ test_options_validate__transproxy(void *ignored) // Test default trans proxy tdata = get_options_test_data("TransProxyType default\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_DEFAULT); tor_free(msg); // Test pf-divert trans proxy free_options_test_data(tdata); tdata = get_options_test_data("TransProxyType pf-divert\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); -#if !defined(OpenBSD) && !defined( DARWIN ) +#if !defined(OpenBSD) && !defined(DARWIN) tt_str_op(msg, OP_EQ, "pf-divert is a OpenBSD-specific and OS X/Darwin-specific feature."); #else tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_PF_DIVERT); tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without " "any valid TransPort."); -#endif /* !defined(OpenBSD) && !defined( DARWIN ) */ +#endif /* !defined(OpenBSD) && !defined(DARWIN) */ tor_free(msg); // Test tproxy trans proxy free_options_test_data(tdata); tdata = get_options_test_data("TransProxyType tproxy\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); #if !defined(__linux__) @@ -1114,7 +1092,7 @@ test_options_validate__transproxy(void *ignored) // Test ipfw trans proxy free_options_test_data(tdata); tdata = get_options_test_data("TransProxyType ipfw\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); #ifndef KERNEL_MAY_SUPPORT_IPFW @@ -1130,7 +1108,7 @@ test_options_validate__transproxy(void *ignored) // Test unknown trans proxy free_options_test_data(tdata); tdata = get_options_test_data("TransProxyType non-existent\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Unrecognized value for TransProxyType"); tor_free(msg); @@ -1142,39 +1120,35 @@ test_options_validate__transproxy(void *ignored) #if defined(__linux__) tdata = get_options_test_data("TransProxyType tproxy\n" "TransPort 127.0.0.1:123\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); #elif defined(KERNEL_MAY_SUPPORT_IPFW) tdata = get_options_test_data("TransProxyType ipfw\n" "TransPort 127.0.0.1:123\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); #elif defined(OpenBSD) tdata = get_options_test_data("TransProxyType pf-divert\n" "TransPort 127.0.0.1:123\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); #elif defined(__NetBSD__) tdata = get_options_test_data("TransProxyType default\n" "TransPort 127.0.0.1:123\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); #endif /* defined(__linux__) || ... */ // Assert that a test has run for some TransProxyType tt_assert(tdata); -#else /* !(defined(USE_TRANSPARENT)) */ +#else /* !defined(USE_TRANSPARENT) */ tdata = get_options_test_data("TransPort 127.0.0.1:555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TransPort is disabled in this build."); tor_free(msg); @@ -1185,13 +1159,14 @@ test_options_validate__transproxy(void *ignored) tor_free(msg); } -NS_DECL(country_t, geoip_get_country, (const char *country)); +static country_t opt_tests_geoip_get_country(const char *country); +ATTR_UNUSED static int opt_tests_geoip_get_country_called = 0; static country_t -NS(geoip_get_country)(const char *countrycode) +opt_tests_geoip_get_country(const char *countrycode) { (void)countrycode; - CALLED(geoip_get_country)++; + opt_tests_geoip_get_country_called++; return 1; } @@ -1201,7 +1176,8 @@ test_options_validate__exclude_nodes(void *ignored) { (void)ignored; - NS_MOCK(geoip_get_country); + MOCK(geoip_get_country, + opt_tests_geoip_get_country); int ret; char *msg; @@ -1209,8 +1185,8 @@ test_options_validate__exclude_nodes(void *ignored) options_test_data_t *tdata = get_options_test_data( "ExcludeExitNodes {us}\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 1); tt_str_op((char *) (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)), @@ -1219,8 +1195,8 @@ test_options_validate__exclude_nodes(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ExcludeNodes {cn}\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 1); tt_str_op((char *) (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)), @@ -1230,8 +1206,8 @@ test_options_validate__exclude_nodes(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ExcludeNodes {cn}\n" "ExcludeExitNodes {us} {cn}\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 2); tt_str_op((char *) (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)), @@ -1245,8 +1221,8 @@ test_options_validate__exclude_nodes(void *ignored) tdata = get_options_test_data("ExcludeNodes {cn}\n" "StrictNodes 1\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_log_msg( "You have asked to exclude certain relays from all positions " "in your circuits. Expect hidden services and other Tor " @@ -1256,8 +1232,8 @@ test_options_validate__exclude_nodes(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ExcludeNodes {cn}\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "You have asked to exclude certain relays from all positions " "in your circuits. Expect hidden services and other Tor " @@ -1265,7 +1241,7 @@ test_options_validate__exclude_nodes(void *ignored) tor_free(msg); done: - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_get_country); teardown_capture_of_logs(); free_options_test_data(tdata); tor_free(msg); @@ -1281,8 +1257,8 @@ test_options_validate__node_families(void *ignored) "NodeFamily flux, flax\n" "NodeFamily somewhere\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_assert(tdata->opt->NodeFamilySets); tt_int_op(smartlist_len(tdata->opt->NodeFamilySets), OP_EQ, 2); tt_str_op((char *)(smartlist_get( @@ -1299,15 +1275,15 @@ test_options_validate__node_families(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(""); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_assert(!tdata->opt->NodeFamilySets); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("NodeFamily !flux\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_assert(tdata->opt->NodeFamilySets); tt_int_op(smartlist_len(tdata->opt->NodeFamilySets), OP_EQ, 0); @@ -1327,14 +1303,14 @@ test_options_validate__token_bucket(void *ignored) options_test_data_t *tdata = get_options_test_data(""); tdata->opt->TokenBucketRefillInterval = 0; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TokenBucketRefillInterval must be between 1 and 1000 inclusive."); tor_free(msg); tdata->opt->TokenBucketRefillInterval = 1001; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TokenBucketRefillInterval must be between 1 and 1000 inclusive."); @@ -1346,29 +1322,6 @@ test_options_validate__token_bucket(void *ignored) } static void -test_options_validate__recommended_packages(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - setup_capture_of_logs(LOG_WARN); - options_test_data_t *tdata = get_options_test_data( - "RecommendedPackages foo 1.2 http://foo.com sha1=123123123123\n" - "RecommendedPackages invalid-package-line\n"); - - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - expect_no_log_msg("Invalid RecommendedPackage line " - "invalid-package-line will be ignored\n"); - - done: - escaped(NULL); // This will free the leaking memory from the previous escaped - teardown_capture_of_logs(); - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__fetch_dir(void *ignored) { (void)ignored; @@ -1378,7 +1331,7 @@ test_options_validate__fetch_dir(void *ignored) "FetchDirInfoExtraEarly 1\n" "FetchDirInfoEarly 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "FetchDirInfoExtraEarly requires that you" " also set FetchDirInfoEarly"); @@ -1388,10 +1341,8 @@ test_options_validate__fetch_dir(void *ignored) tdata = get_options_test_data("FetchDirInfoExtraEarly 1\n" "FetchDirInfoEarly 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_NE, "FetchDirInfoExtraEarly requires that you" - " also set FetchDirInfoEarly"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); done: @@ -1408,7 +1359,7 @@ test_options_validate__conn_limit(void *ignored) options_test_data_t *tdata = get_options_test_data( "ConnLimit 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0"); tor_free(msg); @@ -1416,10 +1367,8 @@ test_options_validate__conn_limit(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ConnLimit 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024, " - "but was set to 0"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); done: @@ -1442,11 +1391,10 @@ test_options_validate__paths_needed(void *ignored) setup_capture_of_logs(LOG_WARN); options_test_data_t *tdata = get_options_test_data( - "PathsNeededToBuildCircuits 0.1\n" - "ConnLimit 1\n"); + "PathsNeededToBuildCircuits 0.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.24 && tdata->opt->PathsNeededToBuildCircuits < 0.26); expect_log_msg("PathsNeededToBuildCircuits is too low. " @@ -1455,11 +1403,10 @@ test_options_validate__paths_needed(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data("PathsNeededToBuildCircuits 0.99\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("PathsNeededToBuildCircuits 0.99\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.94 && tdata->opt->PathsNeededToBuildCircuits < 0.96); expect_log_msg("PathsNeededToBuildCircuits is " @@ -1468,14 +1415,13 @@ test_options_validate__paths_needed(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data("PathsNeededToBuildCircuits 0.91\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("PathsNeededToBuildCircuits 0.91\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.90 && tdata->opt->PathsNeededToBuildCircuits < 0.92); - expect_no_log_entry(); + expect_no_log_msg_containing("PathsNeededToBuildCircuits"); tor_free(msg); done: @@ -1495,32 +1441,28 @@ test_options_validate__max_client_circuits(void *ignored) int ret; char *msg; options_test_data_t *tdata = get_options_test_data( - "MaxClientCircuitsPending 0\n" - "ConnLimit 1\n"); + "MaxClientCircuitsPending 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024," " but was set to 0"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("MaxClientCircuitsPending 1025\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("MaxClientCircuitsPending 1025\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024," " but was set to 1025"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("MaxClientCircuitsPending 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive."); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); done: @@ -1534,23 +1476,18 @@ test_options_validate__ports(void *ignored) (void)ignored; int ret; char *msg; - options_test_data_t *tdata = get_options_test_data( - "FirewallPorts 65537\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + options_test_data_t *tdata = get_options_test_data("FirewallPorts 65537\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Port '65537' out of range in FirewallPorts"); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("FirewallPorts 1\n" - "LongLivedPorts 124444\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "LongLivedPorts 124444\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Port '124444' out of range in LongLivedPorts"); tor_free(msg); @@ -1558,11 +1495,9 @@ test_options_validate__ports(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("FirewallPorts 1\n" "LongLivedPorts 2\n" - "RejectPlaintextPorts 112233\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "RejectPlaintextPorts 112233\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Port '112233' out of range in RejectPlaintextPorts"); tor_free(msg); @@ -1571,11 +1506,9 @@ test_options_validate__ports(void *ignored) tdata = get_options_test_data("FirewallPorts 1\n" "LongLivedPorts 2\n" "RejectPlaintextPorts 3\n" - "WarnPlaintextPorts 65536\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "WarnPlaintextPorts 65536\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Port '65536' out of range in WarnPlaintextPorts"); tor_free(msg); @@ -1584,13 +1517,10 @@ test_options_validate__ports(void *ignored) tdata = get_options_test_data("FirewallPorts 1\n" "LongLivedPorts 2\n" "RejectPlaintextPorts 3\n" - "WarnPlaintextPorts 4\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "WarnPlaintextPorts 4\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive."); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); done: @@ -1605,13 +1535,10 @@ test_options_validate__reachable_addresses(void *ignored) int ret; char *msg; setup_capture_of_logs(LOG_NOTICE); - options_test_data_t *tdata = get_options_test_data( - "FascistFirewall 1\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + options_test_data_t *tdata = get_options_test_data("FascistFirewall 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_log_msg("Converting FascistFirewall config " "option to new format: \"ReachableDirAddresses *:80\"\n"); tt_str_op(tdata->opt->ReachableDirAddresses->value, OP_EQ, "*:80"); @@ -1624,13 +1551,17 @@ test_options_validate__reachable_addresses(void *ignored) mock_clean_saved_logs(); tdata = get_options_test_data("FascistFirewall 1\n" "ReachableDirAddresses *:81\n" - "ReachableORAddresses *:444\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); - tdata->opt->FirewallPorts = smartlist_new(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + "ReachableORAddresses *:444\n"); + tt_assert(tdata->opt->FirewallPorts); + SMARTLIST_FOREACH(tdata->opt->FirewallPorts, char *, cp, tor_free(cp)); + smartlist_clear(tdata->opt->FirewallPorts); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); +#if 0 + /* This does not actually produce any logs, and did not produce any relevant + * logs before. */ expect_log_entry(); +#endif tt_str_op(tdata->opt->ReachableDirAddresses->value, OP_EQ, "*:81"); tt_str_op(tdata->opt->ReachableORAddresses->value, OP_EQ, "*:444"); tor_free(msg); @@ -1638,12 +1569,10 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); tdata = get_options_test_data("FascistFirewall 1\n" - "FirewallPort 123\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "FirewallPort 123\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); expect_log_msg("Converting FascistFirewall and " "FirewallPorts config options to new format: " "\"ReachableAddresses *:123\"\n"); @@ -1655,25 +1584,25 @@ test_options_validate__reachable_addresses(void *ignored) tdata = get_options_test_data("FascistFirewall 1\n" "ReachableAddresses *:82\n" "ReachableAddresses *:83\n" - "ReachableAddresses reject *:*\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ReachableAddresses reject *:*\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); +#if 0 + /* This does not actually produce any logs, and did not produce any relevant + * logs before. */ expect_log_entry(); +#endif tt_str_op(tdata->opt->ReachableAddresses->value, OP_EQ, "*:82"); tor_free(msg); free_options_test_data(tdata); mock_clean_saved_logs(); tdata = get_options_test_data("FascistFirewall 1\n" - "ReachableAddresses *:82\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ReachableAddresses *:82\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_ptr_op(tdata->opt->ReachableAddresses->next, OP_EQ, NULL); tor_free(msg); @@ -1683,44 +1612,36 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ReachableAddresses *:82\n" - "ORPort 127.0.0.1:5555\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ORPort 127.0.0.1:5555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("ReachableORAddresses *:82\n" - "ORPort 127.0.0.1:5555\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ORPort 127.0.0.1:5555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("ReachableDirAddresses *:82\n" - "ORPort 127.0.0.1:5555\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ORPort 127.0.0.1:5555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data("ClientUseIPv4 0\n" - "ORPort 127.0.0.1:5555\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ORPort 127.0.0.1:5555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG); tor_free(msg); @@ -1728,74 +1649,68 @@ test_options_validate__reachable_addresses(void *ignored) /* Test IPv4-only clients setting IPv6 preferences */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientUseIPv4 1\n" + tdata = get_options_test_data("ClientUseIPv4 1\n" "ClientUseIPv6 0\n" "UseBridges 0\n" "ClientPreferIPv6ORPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientUseIPv4 1\n" + tdata = get_options_test_data("ClientUseIPv4 1\n" "ClientUseIPv6 0\n" "UseBridges 0\n" "ClientPreferIPv6DirPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); /* Now test an IPv4/IPv6 client setting IPv6 preferences */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientUseIPv4 1\n" + tdata = get_options_test_data("ClientUseIPv4 1\n" "ClientUseIPv6 1\n" "ClientPreferIPv6ORPort 1\n" "ClientPreferIPv6DirPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); /* Now test an IPv6 client setting IPv6 preferences */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientUseIPv6 1\n" + tdata = get_options_test_data("ClientUseIPv6 1\n" "ClientPreferIPv6ORPort 1\n" "ClientPreferIPv6DirPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); /* And an implicit (IPv4 disabled) IPv6 client setting IPv6 preferences */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientUseIPv4 0\n" + tdata = get_options_test_data("ClientUseIPv4 0\n" "ClientPreferIPv6ORPort 1\n" "ClientPreferIPv6DirPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); /* And an implicit (bridge) client setting IPv6 preferences */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "UseBridges 1\n" + tdata = get_options_test_data("UseBridges 1\n" "Bridge 127.0.0.1:12345\n" "ClientPreferIPv6ORPort 1\n" "ClientPreferIPv6DirPort 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); @@ -1814,76 +1729,68 @@ test_options_validate__use_bridges(void *ignored) options_test_data_t *tdata = get_options_test_data( "UseBridges 1\n" "ClientUseIPv4 1\n" - "ORPort 127.0.0.1:5555\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "ORPort 127.0.0.1:5555\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Servers must be able to freely connect to the rest of" " the Internet, so they must not set UseBridges."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("UseBridges 1\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("UseBridges 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_NE, "Servers must be able to freely connect to the rest of" " the Internet, so they must not set UseBridges."); tor_free(msg); - NS_MOCK(geoip_get_country); + MOCK(geoip_get_country, + opt_tests_geoip_get_country); free_options_test_data(tdata); tdata = get_options_test_data("UseBridges 1\n" - "EntryNodes {cn}\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "EntryNodes {cn}\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "You cannot set both UseBridges and EntryNodes."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "UseBridges 1\n"); + tdata = get_options_test_data("UseBridges 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "If you set UseBridges, you must specify at least one bridge."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "UseBridges 1\n" + tdata = get_options_test_data("UseBridges 1\n" "Bridge 10.0.0.1\n" "UseEntryGuards 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Setting UseBridges requires also setting UseEntryGuards."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "UseBridges 1\n" + tdata = get_options_test_data("UseBridges 1\n" "Bridge 10.0.0.1\n" "Bridge !!!\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bridge line did not parse. See logs for details."); tor_free(msg); done: - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_get_country); policies_free_all(); free_options_test_data(tdata); tor_free(msg); @@ -1895,14 +1802,13 @@ test_options_validate__entry_nodes(void *ignored) (void)ignored; int ret; char *msg; - NS_MOCK(geoip_get_country); + MOCK(geoip_get_country, + opt_tests_geoip_get_country); options_test_data_t *tdata = get_options_test_data( "EntryNodes {cn}\n" - "UseEntryGuards 0\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "UseEntryGuards 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "If EntryNodes is set, UseEntryGuards must be enabled."); @@ -1910,17 +1816,14 @@ test_options_validate__entry_nodes(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("EntryNodes {cn}\n" - "UseEntryGuards 1\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + "UseEntryGuards 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive."); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tor_free(msg); done: - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_get_country); free_options_test_data(tdata); tor_free(msg); } @@ -1931,51 +1834,41 @@ test_options_validate__safe_logging(void *ignored) (void)ignored; int ret; char *msg; - options_test_data_t *tdata = get_options_test_data( - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + options_test_data_t *tdata = get_options_test_data("SafeLogging 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_NONE); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("SafeLogging 0\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("SafeLogging 0\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_NONE); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("SafeLogging Relay\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("SafeLogging Relay\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_RELAY); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("SafeLogging 1\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("SafeLogging 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_ALL); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("SafeLogging stuffy\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n"); + tdata = get_options_test_data("SafeLogging stuffy\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Unrecognized value '\"stuffy\"' in SafeLogging"); tor_free(msg); @@ -1994,27 +1887,24 @@ test_options_validate__publish_server_descriptor(void *ignored) char *msg; setup_capture_of_logs(LOG_WARN); options_test_data_t *tdata = get_options_test_data( - "PublishServerDescriptor bridge\n" TEST_OPTIONS_DEFAULT_VALUES - ); + "PublishServerDescriptor bridge\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); free_options_test_data(tdata); - tdata = get_options_test_data("PublishServerDescriptor humma\n" - TEST_OPTIONS_DEFAULT_VALUES); + tdata = get_options_test_data("PublishServerDescriptor humma\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Unrecognized value in PublishServerDescriptor"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("PublishServerDescriptor bridge, v3\n" - TEST_OPTIONS_DEFAULT_VALUES); + tdata = get_options_test_data("PublishServerDescriptor bridge, v3\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bridges are not supposed to publish router " "descriptors to the directory authorities. Please correct your " @@ -2023,10 +1913,9 @@ test_options_validate__publish_server_descriptor(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("BridgeRelay 1\n" - "PublishServerDescriptor v3\n" - TEST_OPTIONS_DEFAULT_VALUES); + "PublishServerDescriptor v3\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bridges are not supposed to publish router " "descriptors to the directory authorities. Please correct your " @@ -2034,9 +1923,9 @@ test_options_validate__publish_server_descriptor(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("BridgeRelay 1\n" TEST_OPTIONS_DEFAULT_VALUES); + tdata = get_options_test_data("BridgeRelay 1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_NE, "Bridges are not supposed to publish router " "descriptors to the directory authorities. Please correct your " @@ -2045,10 +1934,10 @@ test_options_validate__publish_server_descriptor(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("BridgeRelay 1\n" - "DirPort 999\n" TEST_OPTIONS_DEFAULT_VALUES); + "DirPort 999\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); expect_log_msg("Can't set a DirPort on a bridge " "relay; disabling DirPort\n"); @@ -2073,21 +1962,19 @@ test_options_validate__testing(void *ignored) #define ENSURE_DEFAULT(varname, varval) \ STMT_BEGIN \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \ - #varname " " #varval "\n"); \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + tdata = get_options_test_data(#varname " " #varval "\n"); \ + ret = options_validate(NULL, tdata->opt, &msg); \ tt_str_op(msg, OP_EQ, \ #varname " may only be changed in testing Tor networks!"); \ tt_int_op(ret, OP_EQ, -1); \ tor_free(msg); \ \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \ - #varname " " #varval "\n" \ + tdata = get_options_test_data(#varname " " #varval "\n" \ VALID_DIR_AUTH \ "TestingTorNetwork 1\n"); \ \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + ret = options_validate(NULL, tdata->opt, &msg); \ if (msg) { \ tt_str_op(msg, OP_NE, \ #varname " may only be changed in testing Tor networks!"); \ @@ -2095,11 +1982,10 @@ test_options_validate__testing(void *ignored) } \ \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \ - #varname " " #varval "\n" \ + tdata = get_options_test_data(#varname " " #varval "\n" \ "___UsingTestNetworkDefaults 1\n"); \ \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + ret = options_validate(NULL, tdata->opt, &msg);\ if (msg) { \ tt_str_op(msg, OP_NE, \ #varname " may only be changed in testing Tor networks!"); \ @@ -2112,7 +1998,6 @@ test_options_validate__testing(void *ignored) ENSURE_DEFAULT(TestingV3AuthInitialDistDelay, 3000); ENSURE_DEFAULT(TestingV3AuthVotingStartOffset, 3000); ENSURE_DEFAULT(TestingAuthDirTimeToLearnReachability, 3000); - ENSURE_DEFAULT(TestingEstimatedDescriptorPropagationTime, 3000); ENSURE_DEFAULT(TestingServerDownloadInitialDelay, 3000); ENSURE_DEFAULT(TestingClientDownloadInitialDelay, 3000); ENSURE_DEFAULT(TestingServerConsensusDownloadInitialDelay, 3000); @@ -2142,21 +2027,12 @@ test_options_validate__hidserv(void *ignored) char *msg; setup_capture_of_logs(LOG_WARN); - options_test_data_t *tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES); - tdata->opt->MinUptimeHidServDirectoryV2 = -1; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_log_msg("MinUptimeHidServDirectoryV2 " - "option must be at least 0 seconds. Changing to 0.\n"); - tt_int_op(tdata->opt->MinUptimeHidServDirectoryV2, OP_EQ, 0); - tor_free(msg); + options_test_data_t *tdata = NULL; free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RendPostPeriod 1\n" ); + tdata = get_options_test_data("RendPostPeriod 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("RendPostPeriod option is too short;" " raising to 600 seconds.\n"); @@ -2164,10 +2040,9 @@ test_options_validate__hidserv(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RendPostPeriod 302401\n" ); + tdata = get_options_test_data("RendPostPeriod 302401\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("RendPostPeriod is too large; " "clipping to 302400s.\n"); @@ -2189,45 +2064,40 @@ test_options_validate__path_bias(void *ignored) char *msg; options_test_data_t *tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "PathBiasNoticeRate 1.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "PathBiasNoticeRate is too high. It must be between 0 and 1.0"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "PathBiasWarnRate 1.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("PathBiasWarnRate 1.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "PathBiasWarnRate is too high. It must be between 0 and 1.0"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "PathBiasExtremeRate 1.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("PathBiasExtremeRate 1.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "PathBiasExtremeRate is too high. It must be between 0 and 1.0"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "PathBiasNoticeUseRate 1.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("PathBiasNoticeUseRate 1.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "PathBiasNoticeUseRate is too high. It must be between 0 and 1.0"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "PathBiasExtremeUseRate 1.1\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("PathBiasExtremeUseRate 1.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "PathBiasExtremeUseRate is too high. It must be between 0 and 1.0"); @@ -2246,130 +2116,141 @@ test_options_validate__bandwidth(void *ignored) char *msg; options_test_data_t *tdata = NULL; -#define ENSURE_BANDWIDTH_PARAM(p) \ - STMT_BEGIN \ +#define ENSURE_BANDWIDTH_PARAM(p, EXTRA_OPT_STR) \ + STMT_BEGIN \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES #p " 3Gb\n"); \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + tdata = get_options_test_data(EXTRA_OPT_STR \ + #p " 3Gb\n"); \ + ret = options_validate(NULL, tdata->opt, &msg); \ tt_int_op(ret, OP_EQ, -1); \ tt_mem_op(msg, OP_EQ, #p " (3221225471) must be at most 2147483647", 40); \ tor_free(msg); \ STMT_END - ENSURE_BANDWIDTH_PARAM(BandwidthRate); - ENSURE_BANDWIDTH_PARAM(BandwidthBurst); - ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth); - ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate); - ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst); - ENSURE_BANDWIDTH_PARAM(PerConnBWRate); - ENSURE_BANDWIDTH_PARAM(PerConnBWBurst); - ENSURE_BANDWIDTH_PARAM(AuthDirFastGuarantee); - ENSURE_BANDWIDTH_PARAM(AuthDirGuardBWGuarantee); + ENSURE_BANDWIDTH_PARAM(BandwidthRate, ""); + ENSURE_BANDWIDTH_PARAM(BandwidthBurst, ""); + + ENSURE_BANDWIDTH_PARAM(BandwidthRate, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(BandwidthBurst, ENABLE_AUTHORITY_V3); + + ENSURE_BANDWIDTH_PARAM(BandwidthRate, ENABLE_AUTHORITY_BRIDGE); + ENSURE_BANDWIDTH_PARAM(BandwidthBurst, ENABLE_AUTHORITY_BRIDGE); + + ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, ""); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, ""); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, ""); + ENSURE_BANDWIDTH_PARAM(PerConnBWRate, ""); + ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, ""); + + ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(PerConnBWRate, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, ENABLE_AUTHORITY_V3); + + ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, ENABLE_AUTHORITY_BRIDGE); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, ENABLE_AUTHORITY_BRIDGE); + ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, ENABLE_AUTHORITY_BRIDGE); + ENSURE_BANDWIDTH_PARAM(PerConnBWRate, ENABLE_AUTHORITY_BRIDGE); + ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, ENABLE_AUTHORITY_BRIDGE); + + ENSURE_BANDWIDTH_PARAM(AuthDirFastGuarantee, ENABLE_AUTHORITY_V3); + ENSURE_BANDWIDTH_PARAM(AuthDirGuardBWGuarantee, ENABLE_AUTHORITY_V3); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RelayBandwidthRate 1000\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("RelayBandwidthRate 1000\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_u64_op(tdata->opt->RelayBandwidthBurst, OP_EQ, 1000); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RelayBandwidthBurst 1001\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("RelayBandwidthBurst 1001\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_u64_op(tdata->opt->RelayBandwidthRate, OP_EQ, 1001); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RelayBandwidthRate 1001\n" + tdata = get_options_test_data("RelayBandwidthRate 1001\n" "RelayBandwidthBurst 1000\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "RelayBandwidthBurst must be at least equal to " "RelayBandwidthRate."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "BandwidthRate 1001\n" + tdata = get_options_test_data("BandwidthRate 1001\n" "BandwidthBurst 1000\n"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "BandwidthBurst must be at least equal to BandwidthRate."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RelayBandwidthRate 1001\n" + tdata = get_options_test_data("RelayBandwidthRate 1001\n" "BandwidthRate 1000\n" "BandwidthBurst 1000\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_u64_op(tdata->opt->BandwidthRate, OP_EQ, 1001); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "RelayBandwidthRate 1001\n" + tdata = get_options_test_data("RelayBandwidthRate 1001\n" "BandwidthRate 1000\n" "RelayBandwidthBurst 1001\n" "BandwidthBurst 1000\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_u64_op(tdata->opt->BandwidthBurst, OP_EQ, 1001); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORPort 127.0.0.1:5555\n" + tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "BandwidthRate 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "BandwidthRate is set to 1 bytes/second. For servers," " it must be at least 76800."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORPort 127.0.0.1:5555\n" + tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "MaxAdvertisedBandwidth 30000\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "MaxAdvertisedBandwidth is set to 30000 bytes/second." " For servers, it must be at least 38400."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORPort 127.0.0.1:5555\n" + tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "RelayBandwidthRate 1\n" "MaxAdvertisedBandwidth 38400\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "RelayBandwidthRate is set to 1 bytes/second. For " "servers, it must be at least 76800."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORPort 127.0.0.1:5555\n" + tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "BandwidthBurst 76800\n" "RelayBandwidthRate 76800\n" "MaxAdvertisedBandwidth 38400\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); @@ -2388,9 +2269,8 @@ test_options_validate__circuits(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "MaxCircuitDirtiness 2592001\n"); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("MaxCircuitDirtiness 2592001\n"); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("MaxCircuitDirtiness option is too " "high; setting to 30 days.\n"); tt_int_op(tdata->opt->MaxCircuitDirtiness, OP_EQ, 2592000); @@ -2398,9 +2278,8 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "CircuitStreamTimeout 1\n"); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("CircuitStreamTimeout 1\n"); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("CircuitStreamTimeout option is too" " short; raising to 10 seconds.\n"); tt_int_op(tdata->opt->CircuitStreamTimeout, OP_EQ, 10); @@ -2408,9 +2287,8 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "CircuitStreamTimeout 111\n"); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("CircuitStreamTimeout 111\n"); + options_validate(NULL, tdata->opt, &msg); expect_no_log_msg("CircuitStreamTimeout option is too" " short; raising to 10 seconds.\n"); tt_int_op(tdata->opt->CircuitStreamTimeout, OP_EQ, 111); @@ -2418,9 +2296,8 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HeartbeatPeriod 1\n"); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HeartbeatPeriod 1\n"); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("HeartbeatPeriod option is too short;" " raising to 1800 seconds.\n"); tt_int_op(tdata->opt->HeartbeatPeriod, OP_EQ, 1800); @@ -2428,9 +2305,8 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HeartbeatPeriod 1982\n"); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HeartbeatPeriod 1982\n"); + options_validate(NULL, tdata->opt, &msg); expect_no_log_msg("HeartbeatPeriod option is too short;" " raising to 1800 seconds.\n"); tt_int_op(tdata->opt->HeartbeatPeriod, OP_EQ, 1982); @@ -2438,10 +2314,10 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data("LearnCircuitBuildTimeout 0\n" "CircuitBuildTimeout 1\n" ); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_log_msg("CircuitBuildTimeout is shorter (1" " seconds) than the recommended minimum (10 seconds), and " "LearnCircuitBuildTimeout is disabled. If tor isn't working, " @@ -2450,10 +2326,9 @@ test_options_validate__circuits(void *ignored) free_options_test_data(tdata); mock_clean_saved_logs(); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "CircuitBuildTimeout 11\n" + tdata = get_options_test_data("CircuitBuildTimeout 11\n" ); - options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + options_validate(NULL, tdata->opt, &msg); expect_no_log_msg("CircuitBuildTimeout is shorter (1 " "seconds) than the recommended minimum (10 seconds), and " "LearnCircuitBuildTimeout is disabled. If tor isn't working, " @@ -2477,51 +2352,46 @@ test_options_validate__rend(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data( "UseEntryGuards 0\n" "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("UseEntryGuards is disabled, but you" " have configured one or more hidden services on this Tor " "instance. Your hidden services will be very easy to locate using" - " a well-known attack -- see http://freehaven.net/anonbib/#hs-" + " a well-known attack -- see https://freehaven.net/anonbib/#hs-" "attack06 for details.\n"); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "UseEntryGuards 1\n" "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg("UseEntryGuards is disabled, but you" " have configured one or more hidden services on this Tor " "instance. Your hidden services will be very easy to locate using" - " a well-known attack -- see http://freehaven.net/anonbib/#hs-" + " a well-known attack -- see https://freehaven.net/anonbib/#hs-" "attack06 for details.\n"); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HiddenServicePort 80 127.0.0.1:8080\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HiddenServicePort 80 127.0.0.1:8080\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Failed to configure rendezvous options. See logs for details."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HidServAuth failed\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HidServAuth failed\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Failed to configure client authorization for hidden " "services. See logs for details."); @@ -2545,11 +2415,10 @@ test_options_validate__single_onion(void *ignored) /* Test that HiddenServiceSingleHopMode must come with * HiddenServiceNonAnonymousMode */ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 0\n" + tdata = get_options_test_data("SOCKSPort 0\n" "HiddenServiceSingleHopMode 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HiddenServiceSingleHopMode does not provide any " "server anonymity. It must be used with " @@ -2557,12 +2426,11 @@ test_options_validate__single_onion(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 0\n" + tdata = get_options_test_data("SOCKSPort 0\n" "HiddenServiceSingleHopMode 1\n" "HiddenServiceNonAnonymousMode 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HiddenServiceSingleHopMode does not provide any " "server anonymity. It must be used with " @@ -2570,23 +2438,21 @@ test_options_validate__single_onion(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 0\n" + tdata = get_options_test_data("SOCKSPort 0\n" "HiddenServiceSingleHopMode 1\n" "HiddenServiceNonAnonymousMode 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); free_options_test_data(tdata); /* Test that SOCKSPort if HiddenServiceSingleHopMode is 1 */ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 5000\n" + tdata = get_options_test_data("SOCKSPort 5000\n" "HiddenServiceSingleHopMode 1\n" "HiddenServiceNonAnonymousMode 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode is incompatible with " "using Tor as an anonymous client. Please set " @@ -2595,32 +2461,30 @@ test_options_validate__single_onion(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 0\n" + tdata = get_options_test_data("SOCKSPort 0\n" "HiddenServiceSingleHopMode 1\n" "HiddenServiceNonAnonymousMode 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "SOCKSPort 5000\n" + tdata = get_options_test_data("SOCKSPort 5000\n" "HiddenServiceSingleHopMode 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); free_options_test_data(tdata); /* Test that a hidden service can't be run in non anonymous mode. */ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data( "HiddenServiceNonAnonymousMode 1\n" "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode does not provide any " "server anonymity. It must be used with " @@ -2628,10 +2492,10 @@ test_options_validate__single_onion(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data( "HiddenServiceNonAnonymousMode 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode does not provide any " "server anonymity. It must be used with " @@ -2639,23 +2503,23 @@ test_options_validate__single_onion(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data( "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data( "HiddenServiceNonAnonymousMode 1\n" "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" "HiddenServiceSingleHopMode 1\n" "SOCKSPort 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_ptr_op(msg, OP_EQ, NULL); @@ -2676,53 +2540,56 @@ test_options_validate__accounting(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccountingRule something_bad\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccountingRule something_bad\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "AccountingRule must be 'sum', 'max', 'in', or 'out'"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccountingRule sum\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccountingRule sum\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_SUM); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccountingRule max\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccountingRule max\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_MAX); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccountingStart fail\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccountingRule in\n"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_IN); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data("AccountingRule out\n"); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_OUT); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data("AccountingStart fail\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Failed to parse accounting options. See logs for details."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccountingMax 10\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccountingMax 10\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "BandwidthBurst 76800\n" @@ -2732,7 +2599,7 @@ test_options_validate__accounting(void *ignored) "AccountingMax 10\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("Using accounting with a hidden " "service and an ORPort is risky: your hidden service(s) and " @@ -2743,13 +2610,12 @@ test_options_validate__accounting(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" "AccountingMax 10\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg("Using accounting with a hidden " "service and an ORPort is risky: your hidden service(s) and " @@ -2760,7 +2626,6 @@ test_options_validate__accounting(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service2/\n" @@ -2768,7 +2633,7 @@ test_options_validate__accounting(void *ignored) "AccountingMax 10\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("Using accounting with multiple " "hidden services is risky: they will all turn off at the same" @@ -2795,36 +2660,29 @@ test_options_validate__proxy(void *ignored) MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 127.0.42.1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpProxy 127.0.42.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->HTTPProxyPort, OP_EQ, 80); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 127.0.42.1:444\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpProxy 127.0.42.1:444\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->HTTPProxyPort, OP_EQ, 444); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy not_so_valid!\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpProxy not_so_valid!\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HTTPProxy failed to parse or resolve. Please fix."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxyAuthenticator " + tdata = get_options_test_data("HttpProxyAuthenticator " "onetwothreonetwothreonetwothreonetwothreonetw" "othreonetwothreonetwothreonetwothreonetwothre" "onetwothreonetwothreonetwothreonetwothreonetw" @@ -2837,52 +2695,41 @@ test_options_validate__proxy(void *ignored) "othreonetwothreonetwothreonetwothreonetwothre" "onetwothreonetwothreonetwothreonetwothreonetw" "othreonetwothreeonetwothreeonetwothree" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HTTPProxyAuthenticator is too long (>= 512 chars)."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxyAuthenticator validauth\n" - - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpProxyAuthenticator validauth\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpsProxy 127.0.42.1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpsProxy 127.0.42.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->HTTPSProxyPort, OP_EQ, 443); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpsProxy 127.0.42.1:444\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpsProxy 127.0.42.1:444\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->HTTPSProxyPort, OP_EQ, 444); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpsProxy not_so_valid!\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpsProxy not_so_valid!\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HTTPSProxy failed to parse or resolve. Please fix."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpsProxyAuthenticator " + tdata = get_options_test_data("HttpsProxyAuthenticator " "onetwothreonetwothreonetwothreonetwothreonetw" "othreonetwothreonetwothreonetwothreonetwothre" "onetwothreonetwothreonetwothreonetwothreonetw" @@ -2897,103 +2744,86 @@ test_options_validate__proxy(void *ignored) "othreonetwothreeonetwothreeonetwothree" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "HTTPSProxyAuthenticator is too long (>= 512 chars)."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpsProxyAuthenticator validauth\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("HttpsProxyAuthenticator validauth\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks4Proxy 127.0.42.1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks4Proxy 127.0.42.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->Socks4ProxyPort, OP_EQ, 1080); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks4Proxy 127.0.42.1:444\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks4Proxy 127.0.42.1:444\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->Socks4ProxyPort, OP_EQ, 444); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks4Proxy not_so_valid!\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks4Proxy not_so_valid!\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks4Proxy failed to parse or resolve. Please fix."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5Proxy 127.0.42.1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5Proxy 127.0.42.1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->Socks5ProxyPort, OP_EQ, 1080); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5Proxy 127.0.42.1:444\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5Proxy 127.0.42.1:444\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_int_op(tdata->opt->Socks5ProxyPort, OP_EQ, 444); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5Proxy not_so_valid!\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5Proxy not_so_valid!\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5Proxy failed to parse or resolve. Please fix."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks4Proxy 215.1.1.1\n" + tdata = get_options_test_data("Socks4Proxy 215.1.1.1\n" "Socks5Proxy 215.1.1.2\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "You have configured more than one proxy type. " - "(Socks4Proxy|Socks5Proxy|HTTPSProxy)"); + "(Socks4Proxy|Socks5Proxy|HTTPSProxy|TCPProxy)"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 215.1.1.1\n" - ); + tdata = get_options_test_data("HttpProxy 215.1.1.1\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); - expect_log_msg("HTTPProxy configured, but no SOCKS " - "proxy or HTTPS proxy configured. Watch out: this configuration " - "will proxy unencrypted directory connections only.\n"); + expect_log_msg("HTTPProxy configured, but no SOCKS proxy, " + "HTTPS proxy, or any other TCP proxy configured. Watch out: " + "this configuration will proxy unencrypted directory " + "connections only.\n"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 215.1.1.1\n" + tdata = get_options_test_data("HttpProxy 215.1.1.1\n" "Socks4Proxy 215.1.1.1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg("HTTPProxy configured, but no SOCKS " "proxy or HTTPS proxy configured. Watch out: this configuration " @@ -3001,12 +2831,11 @@ test_options_validate__proxy(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 215.1.1.1\n" + tdata = get_options_test_data("HttpProxy 215.1.1.1\n" "Socks5Proxy 215.1.1.1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg("HTTPProxy configured, but no SOCKS " "proxy or HTTPS proxy configured. Watch out: this configuration " @@ -3014,12 +2843,11 @@ test_options_validate__proxy(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HttpProxy 215.1.1.1\n" + tdata = get_options_test_data("HttpProxy 215.1.1.1\n" "HttpsProxy 215.1.1.1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "HTTPProxy configured, but no SOCKS proxy or HTTPS proxy " @@ -3028,81 +2856,69 @@ test_options_validate__proxy(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - ); + tdata = get_options_test_data(""); tdata->opt->Socks5ProxyUsername = tor_strdup(""); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyUsername must be between 1 and 255 characters."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - ); + tdata = get_options_test_data(""); tdata->opt->Socks5ProxyUsername = tor_strdup("ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789AB" "CDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCD" "EABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEA" "BCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABC" "DE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyUsername must be between 1 and 255 characters."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5ProxyUsername hello_world\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5ProxyUsername hello_world\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be included with " "Socks5ProxyUsername."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5ProxyUsername hello_world\n" - ); + tdata = get_options_test_data("Socks5ProxyUsername hello_world\n"); tdata->opt->Socks5ProxyPassword = tor_strdup(""); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be between 1 and 255 characters."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5ProxyUsername hello_world\n" - ); + tdata = get_options_test_data("Socks5ProxyUsername hello_world\n"); tdata->opt->Socks5ProxyPassword = tor_strdup("ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789AB" "CDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCD" "EABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEA" "BCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABC" "DE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789"); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be between 1 and 255 characters."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5ProxyUsername hello_world\n" - "Socks5ProxyPassword world_hello\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5ProxyUsername hello_world\n" + "Socks5ProxyPassword world_hello\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "Socks5ProxyPassword hello_world\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("Socks5ProxyPassword hello_world\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be included with " "Socks5ProxyUsername."); @@ -3127,69 +2943,62 @@ test_options_validate__control(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HashedControlPassword something_incorrect\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data( + "HashedControlPassword something_incorrect\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bad HashedControlPassword: wrong length or bad encoding"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "HashedControlPassword 16:872860B76453A77D60CA" + tdata = get_options_test_data("HashedControlPassword 16:872860B76453A77D60CA" "2BB8C1A7042072093276A3D701AD684053EC4C\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "__HashedControlSessionPassword something_incorrect\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bad HashedControlSessionPassword: wrong length or " "bad encoding"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "__HashedControlSessionPassword 16:872860B7645" + tdata = get_options_test_data("__HashedControlSessionPassword 16:872860B7645" "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC" "4C\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); tdata = get_options_test_data( - TEST_OPTIONS_DEFAULT_VALUES "__OwningControllerProcess something_incorrect\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Bad OwningControllerProcess: invalid PID"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "__OwningControllerProcess 123\n" + tdata = get_options_test_data("__OwningControllerProcess 123\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlPort 127.0.0.1:1234\n" + tdata = get_options_test_data("ControlPort 127.0.0.1:1234\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "ControlPort is open, but no authentication method has been " @@ -3199,13 +3008,12 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlPort 127.0.0.1:1234\n" + tdata = get_options_test_data("ControlPort 127.0.0.1:1234\n" "HashedControlPassword 16:872860B76453A77D60CA" "2BB8C1A7042072093276A3D701AD684053EC4C\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlPort is open, but no authentication method has been " @@ -3215,14 +3023,13 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlPort 127.0.0.1:1234\n" + tdata = get_options_test_data("ControlPort 127.0.0.1:1234\n" "__HashedControlSessionPassword 16:872860B7645" "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC" "4C\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlPort is open, but no authentication method has been " @@ -3232,12 +3039,11 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlPort 127.0.0.1:1234\n" + tdata = get_options_test_data("ControlPort 127.0.0.1:1234\n" "CookieAuthentication 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlPort is open, but no authentication method has been " @@ -3248,11 +3054,9 @@ test_options_validate__control(void *ignored) #ifdef HAVE_SYS_UN_H free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlSocket unix:/tmp WorldWritable\n" - ); + tdata = get_options_test_data("ControlSocket unix:/tmp WorldWritable\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "ControlSocket is world writable, but no authentication method has" @@ -3262,13 +3066,12 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlSocket unix:/tmp WorldWritable\n" + tdata = get_options_test_data("ControlSocket unix:/tmp WorldWritable\n" "HashedControlPassword 16:872860B76453A77D60CA" "2BB8C1A7042072093276A3D701AD684053EC4C\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlSocket is world writable, but no authentication method has" @@ -3278,14 +3081,13 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlSocket unix:/tmp WorldWritable\n" + tdata = get_options_test_data("ControlSocket unix:/tmp WorldWritable\n" "__HashedControlSessionPassword 16:872860B7645" "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC" "4C\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlSocket is world writable, but no authentication method has" @@ -3295,12 +3097,11 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ControlSocket unix:/tmp WorldWritable\n" + tdata = get_options_test_data("ControlSocket unix:/tmp WorldWritable\n" "CookieAuthentication 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "ControlSocket is world writable, but no authentication method has" @@ -3311,11 +3112,10 @@ test_options_validate__control(void *ignored) #endif /* defined(HAVE_SYS_UN_H) */ free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "CookieAuthFileGroupReadable 1\n" + tdata = get_options_test_data("CookieAuthFileGroupReadable 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "CookieAuthFileGroupReadable is set, but will have no effect: you " @@ -3324,12 +3124,11 @@ test_options_validate__control(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "CookieAuthFileGroupReadable 1\n" + tdata = get_options_test_data("CookieAuthFileGroupReadable 1\n" "CookieAuthFile /tmp/somewhere\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "CookieAuthFileGroupReadable is set, but will have no effect: you " @@ -3354,8 +3153,7 @@ test_options_validate__families(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "MyFamily home\n" + tdata = get_options_test_data("MyFamily home\n" "BridgeRelay 1\n" "ORPort 127.0.0.1:5555\n" "BandwidthRate 51300\n" @@ -3364,7 +3162,7 @@ test_options_validate__families(void *ignored) "DirCache 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "Listing a family for a bridge relay is not supported: it can " @@ -3374,11 +3172,9 @@ test_options_validate__families(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "MyFamily home\n" - ); + tdata = get_options_test_data("MyFamily home\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "Listing a family for a bridge relay is not supported: it can " @@ -3388,22 +3184,18 @@ test_options_validate__families(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "MyFamily !\n" - ); + tdata = get_options_test_data("MyFamily !\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Invalid nickname '!' in MyFamily line"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "NodeFamily foo\n" - "NodeFamily !\n" - ); + tdata = get_options_test_data("NodeFamily foo\n" + "NodeFamily !\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_assert(!msg); tor_free(msg); @@ -3424,11 +3216,10 @@ test_options_validate__addr_policies(void *ignored) options_test_data_t *tdata = NULL; free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ExitPolicy !!!\n" + tdata = get_options_test_data("ExitPolicy !!!\n" "ExitRelay 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Error in ExitPolicy entry."); tor_free(msg); @@ -3449,12 +3240,11 @@ test_options_validate__dir_auth(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - VALID_DIR_AUTH + tdata = get_options_test_data(VALID_DIR_AUTH VALID_ALT_DIR_AUTH ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Directory authority/fallback line did not parse. See logs for " @@ -3464,10 +3254,8 @@ test_options_validate__dir_auth(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingTorNetwork 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("TestingTorNetwork 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingTorNetwork may only be configured in combination with a " @@ -3476,20 +3264,18 @@ test_options_validate__dir_auth(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - VALID_DIR_AUTH + tdata = get_options_test_data(VALID_DIR_AUTH "TestingTorNetwork 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingTorNetwork 1\n" + tdata = get_options_test_data("TestingTorNetwork 1\n" VALID_ALT_DIR_AUTH ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingTorNetwork may only be configured in combination with a " @@ -3498,11 +3284,10 @@ test_options_validate__dir_auth(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingTorNetwork 1\n" + tdata = get_options_test_data("TestingTorNetwork 1\n" VALID_ALT_BRIDGE_AUTH ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingTorNetwork may only be configured in " "combination with a non-default set of DirAuthority or both of " @@ -3510,12 +3295,11 @@ test_options_validate__dir_auth(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - VALID_ALT_DIR_AUTH + tdata = get_options_test_data(VALID_ALT_DIR_AUTH VALID_ALT_BRIDGE_AUTH "TestingTorNetwork 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); @@ -3536,11 +3320,10 @@ test_options_validate__transport(void *ignored) setup_capture_of_logs(LOG_NOTICE); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientTransportPlugin !!\n" + tdata = get_options_test_data("ClientTransportPlugin !!\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Invalid client transport line. See logs for details."); @@ -3549,20 +3332,17 @@ test_options_validate__transport(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ClientTransportPlugin foo exec bar\n" + tdata = get_options_test_data("ClientTransportPlugin foo exec bar\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportPlugin !!\n" - ); + tdata = get_options_test_data("ServerTransportPlugin !!\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Invalid server transport line. See logs for details."); @@ -3571,11 +3351,9 @@ test_options_validate__transport(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportPlugin foo exec bar\n" - ); + tdata = get_options_test_data("ServerTransportPlugin foo exec bar\n"); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "Tor is not configured as a relay but you specified a " @@ -3584,15 +3362,14 @@ test_options_validate__transport(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportPlugin foo exec bar\n" + tdata = get_options_test_data("ServerTransportPlugin foo exec bar\n" "ORPort 127.0.0.1:5555\n" "BandwidthRate 76900\n" "BandwidthBurst 76900\n" "MaxAdvertisedBandwidth 38500\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "Tor is not configured as a relay but you specified a " @@ -3601,22 +3378,19 @@ test_options_validate__transport(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportListenAddr foo 127.0.0.42:55\n" - "ServerTransportListenAddr !\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("ServerTransportListenAddr foo 127.0.0.42:55\n" + "ServerTransportListenAddr !\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "ServerTransportListenAddr did not parse. See logs for details."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportListenAddr foo 127.0.0.42:55\n" + tdata = get_options_test_data("ServerTransportListenAddr foo 127.0.0.42:55\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg( "You need at least a single managed-proxy to specify a transport " @@ -3625,8 +3399,7 @@ test_options_validate__transport(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ServerTransportListenAddr foo 127.0.0.42:55\n" + tdata = get_options_test_data("ServerTransportListenAddr foo 127.0.0.42:55\n" "ServerTransportPlugin foo exec bar\n" "ORPort 127.0.0.1:5555\n" "BandwidthRate 76900\n" @@ -3634,7 +3407,7 @@ test_options_validate__transport(void *ignored) "MaxAdvertisedBandwidth 38500\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "You need at least a single managed-proxy to specify a transport " @@ -3659,50 +3432,46 @@ test_options_validate__constrained_sockets(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ConstrainedSockets 1\n" + tdata = get_options_test_data("ConstrainedSockets 1\n" "ConstrainedSockSize 0\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value " "between 2048 and 262144 in 1024 byte increments."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ConstrainedSockets 1\n" + tdata = get_options_test_data("ConstrainedSockets 1\n" "ConstrainedSockSize 263168\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value " "between 2048 and 262144 in 1024 byte increments."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ConstrainedSockets 1\n" + tdata = get_options_test_data("ConstrainedSockets 1\n" "ConstrainedSockSize 2047\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value " "between 2048 and 262144 in 1024 byte increments."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ConstrainedSockets 1\n" + tdata = get_options_test_data("ConstrainedSockets 1\n" "ConstrainedSockSize 2048\n" "DirPort 999\n" "DirCache 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("You have requested constrained " "socket buffers while also serving directory entries via DirPort." @@ -3711,12 +3480,11 @@ test_options_validate__constrained_sockets(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ConstrainedSockets 1\n" + tdata = get_options_test_data("ConstrainedSockets 1\n" "ConstrainedSockSize 2048\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg( "You have requested constrained socket buffers while also serving" @@ -3742,12 +3510,12 @@ test_options_validate__v3_auth(void *ignored) setup_capture_of_logs(LOG_WARN); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 1000\n" "V3AuthDistDelay 1000\n" "V3AuthVotingInterval 1000\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthVoteDelay plus V3AuthDistDelay must be less than half " @@ -3755,20 +3523,18 @@ test_options_validate__v3_auth(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "V3AuthVoteDelay 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "V3AuthVoteDelay 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 1\n" - "TestingTorNetwork 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + "TestingTorNetwork 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low."); tor_free(msg); @@ -3778,87 +3544,127 @@ test_options_validate__v3_auth(void *ignored) // since they are the same free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "V3AuthDistDelay 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "V3AuthDistDelay 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthDistDelay 1\n" "TestingTorNetwork 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low."); tor_free(msg); - // TODO: we can't reach the case of v3authdistdelay lower than + // We can't reach the case of v3authdistdelay lower than // MIN_DIST_SECONDS but not lower than MIN_DIST_SECONDS_TESTING, // since they are the same free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthNIntervalsValid 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthNIntervalsValid must be at least 2."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 49\n" "V3AuthDistDelay 49\n" "V3AuthVotingInterval 200\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely low."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "V3AuthVoteDelay 49\n" + "V3AuthDistDelay 49\n" + "V3AuthVotingInterval 200\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "V3AuthVoteDelay 2\n" + "V3AuthDistDelay 2\n" + "V3AuthVotingInterval 9\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, + "V3AuthVoteDelay plus V3AuthDistDelay must be less than half " + "V3AuthVotingInterval"); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "V3AuthVoteDelay 2\n" + "V3AuthDistDelay 2\n" + "V3AuthVotingInterval 10\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 49\n" "V3AuthDistDelay 49\n" "V3AuthVotingInterval 200000\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely high."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 49\n" "V3AuthDistDelay 49\n" "V3AuthVotingInterval 1441\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("V3AuthVotingInterval does not divide" " evenly into 24 hours.\n"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 49\n" "V3AuthDistDelay 49\n" "V3AuthVotingInterval 1440\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_no_log_msg("V3AuthVotingInterval does not divide" " evenly into 24 hours.\n"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "V3AuthVoteDelay 49\n" "V3AuthDistDelay 49\n" "V3AuthVotingInterval 299\n" @@ -3866,84 +3672,125 @@ test_options_validate__v3_auth(void *ignored) "TestingTorNetwork 1\n" ); mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); expect_log_msg("V3AuthVotingInterval is very low. " "This may lead to failure to synchronise for a consensus.\n"); tor_free(msg); - // TODO: It is impossible to reach the case of testingtor network, with - // v3authvotinginterval too low - /* free_options_test_data(tdata); */ - /* tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES */ - /* "V3AuthVoteDelay 1\n" */ - /* "V3AuthDistDelay 1\n" */ - /* "V3AuthVotingInterval 9\n" */ - /* VALID_DIR_AUTH */ - /* "TestingTorNetwork 1\n" */ - /* ); */ - /* ret = options_validate(tdata->old_opt, tdata->opt, */ - /* tdata->def_opt, 0, &msg); */ - /* tt_int_op(ret, OP_EQ, -1); */ - /* tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely low."); */ + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + "V3AuthVoteDelay 1\n" + "V3AuthDistDelay 1\n" + "V3AuthVotingInterval 9\n" + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + ); + /* We have to call the dirauth-specific function to reach this case */ + ret = options_validate_dirauth_schedule(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low."); + tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "TestingV3AuthInitialVoteDelay 1\n" VALID_DIR_AUTH "TestingTorNetwork 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingV3AuthInitialVoteDelay is way too low."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 "TestingV3AuthInitialDistDelay 1\n" VALID_DIR_AUTH "TestingTorNetwork 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingV3AuthInitialDistDelay is way too low."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 VALID_DIR_AUTH "TestingTorNetwork 1\n" ); tdata->opt->TestingV3AuthVotingStartOffset = 100000; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingV3AuthVotingStartOffset is higher than the " "voting interval."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 VALID_DIR_AUTH "TestingTorNetwork 1\n" ); tdata->opt->TestingV3AuthVotingStartOffset = -1; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingV3AuthVotingStartOffset must be non-negative."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 VALID_DIR_AUTH "TestingTorNetwork 1\n" "TestingV3AuthInitialVotingInterval 4\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingV3AuthInitialVotingInterval is insanely low."); tor_free(msg); + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "TestingV3AuthInitialVoteDelay 2\n" + "TestingV3AuthInitialDistDelay 2\n" + "TestingV3AuthInitialVotingInterval 5\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "TestingV3AuthInitialVotingInterval 7\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, + "TestingV3AuthInitialVotingInterval does not divide evenly into " + "30 minutes."); + tor_free(msg); + + free_options_test_data(tdata); + tdata = get_options_test_data(ENABLE_AUTHORITY_V3 + VALID_DIR_AUTH + "TestingTorNetwork 1\n" + "TestingV3AuthInitialVoteDelay 3\n" + "TestingV3AuthInitialDistDelay 3\n" + "TestingV3AuthInitialVotingInterval 5\n" + ); + ret = options_validate(NULL, tdata->opt, &msg); + tt_int_op(ret, OP_EQ, -1); + tt_str_op(msg, OP_EQ, + "TestingV3AuthInitialVoteDelay plus " + "TestingV3AuthInitialDistDelay must be less than " + "TestingV3AuthInitialVotingInterval"); + tor_free(msg); + done: policies_free_all(); teardown_capture_of_logs(); @@ -3960,19 +3807,16 @@ test_options_validate__virtual_addr(void *ignored) options_test_data_t *tdata = NULL; free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "VirtualAddrNetworkIPv4 !!" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("VirtualAddrNetworkIPv4 !!"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Error parsing VirtualAddressNetwork !!"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "VirtualAddrNetworkIPv6 !!" + tdata = get_options_test_data("VirtualAddrNetworkIPv6 !!" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Error parsing VirtualAddressNetworkIPv6 !!"); tor_free(msg); @@ -3993,135 +3837,133 @@ test_options_validate__testing_options(void *ignored) options_test_data_t *tdata = NULL; setup_capture_of_logs(LOG_WARN); -#define TEST_TESTING_OPTION(name, low_val, high_val, err_low) \ +#define TEST_TESTING_OPTION(name, accessor, \ + low_val, high_val, err_low, EXTRA_OPT_STR) \ STMT_BEGIN \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \ + tdata = get_options_test_data(EXTRA_OPT_STR \ VALID_DIR_AUTH \ "TestingTorNetwork 1\n" \ ); \ - tdata->opt-> name = low_val; \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + accessor(tdata->opt)->name = low_val; \ + ret = options_validate(NULL, tdata->opt, &msg); \ tt_int_op(ret, OP_EQ, -1); \ tt_str_op(msg, OP_EQ, #name " " err_low); \ tor_free(msg); \ \ free_options_test_data(tdata); \ - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \ + tdata = get_options_test_data(EXTRA_OPT_STR \ VALID_DIR_AUTH \ "TestingTorNetwork 1\n" \ ); \ - tdata->opt-> name = high_val; \ + accessor(tdata->opt)->name = high_val; \ mock_clean_saved_logs(); \ - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\ + ret = options_validate(NULL, tdata->opt, &msg); \ tt_int_op(ret, OP_EQ, 0); \ + tt_ptr_op(msg, OP_EQ, NULL); \ expect_log_msg( #name " is insanely high.\n"); \ tor_free(msg); \ STMT_END - TEST_TESTING_OPTION(TestingAuthDirTimeToLearnReachability, -1, 8000, - "must be non-negative."); - TEST_TESTING_OPTION(TestingEstimatedDescriptorPropagationTime, -1, 3601, - "must be non-negative."); - TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, -1, 3601, - "is way too low."); - TEST_TESTING_OPTION(TestingDirConnectionMaxStall, 1, 3601, - "is way too low."); + TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, , -1, 3601, + "is way too low.", ""); + TEST_TESTING_OPTION(TestingDirConnectionMaxStall, , 1, 3601, + "is way too low.", ""); + + TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, , -1, 3601, + "is way too low.", ENABLE_AUTHORITY_V3); + TEST_TESTING_OPTION(TestingDirConnectionMaxStall, , 1, 3601, + "is way too low.", ENABLE_AUTHORITY_V3); + + TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, , -1, 3601, + "is way too low.", ENABLE_AUTHORITY_BRIDGE); + TEST_TESTING_OPTION(TestingDirConnectionMaxStall, , 1, 3601, + "is way too low.", ENABLE_AUTHORITY_BRIDGE); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableConnBwEvent 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("TestingEnableConnBwEvent 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingEnableConnBwEvent may only be changed in " "testing Tor networks!"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableConnBwEvent 1\n" + tdata = get_options_test_data("TestingEnableConnBwEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 1\n" "___UsingTestNetworkDefaults 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableConnBwEvent 1\n" + tdata = get_options_test_data("TestingEnableConnBwEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 0\n" "___UsingTestNetworkDefaults 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableCellStatsEvent 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("TestingEnableCellStatsEvent 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "TestingEnableCellStatsEvent may only be changed in " "testing Tor networks!"); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableCellStatsEvent 1\n" + tdata = get_options_test_data("TestingEnableCellStatsEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 1\n" "___UsingTestNetworkDefaults 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableCellStatsEvent 1\n" + tdata = get_options_test_data("TestingEnableCellStatsEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 0\n" "___UsingTestNetworkDefaults 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableTbEmptyEvent 1\n" + tdata = get_options_test_data("TestingEnableTbEmptyEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 1\n" "___UsingTestNetworkDefaults 0\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "TestingEnableTbEmptyEvent 1\n" + tdata = get_options_test_data("TestingEnableTbEmptyEvent 1\n" VALID_DIR_AUTH "TestingTorNetwork 0\n" "___UsingTestNetworkDefaults 1\n" ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tt_assert(!msg); tor_free(msg); @@ -4142,40 +3984,32 @@ test_options_validate__accel(void *ignored) options_test_data_t *tdata = NULL; free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccelName foo\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccelName foo\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); - tt_int_op(tdata->opt->HardwareAccel, OP_EQ, 1); + tt_int_op(get_crypto_options(tdata->opt)->HardwareAccel, OP_EQ, 0); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccelName foo\n" - ); - tdata->opt->HardwareAccel = 2; - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccelName foo\n"); + get_crypto_options(tdata->opt)->HardwareAccel = 2; + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); - tt_int_op(tdata->opt->HardwareAccel, OP_EQ, 2); + tt_int_op(get_crypto_options(tdata->opt)->HardwareAccel, OP_EQ, 2); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccelDir 1\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccelDir 1\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, -1); tt_str_op(msg, OP_EQ, "Can't use hardware crypto accelerator dir without engine name."); tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AccelDir 1\n" - "AccelName something\n" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); + tdata = get_options_test_data("AccelDir 1\n" + "AccelName something\n"); + ret = options_validate(NULL, tdata->opt, &msg); tt_int_op(ret, OP_EQ, 0); tor_free(msg); @@ -4185,8 +4019,280 @@ test_options_validate__accel(void *ignored) tor_free(msg); } +static int mocked_granularity; + +static void +mock_set_log_time_granularity(int g) +{ + mocked_granularity = g; +} + +static void +test_options_init_logs_granularity(void *arg) +{ + options_test_data_t *tdata = get_options_test_data(""); + int rv; + (void) arg; + + MOCK(set_log_time_granularity, mock_set_log_time_granularity); + + /* Reasonable value. */ + tdata->opt->LogTimeGranularity = 100; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 100); + + /* Doesn't divide 1000. */ + tdata->opt->LogTimeGranularity = 249; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 250); + + /* Doesn't divide 1000. */ + tdata->opt->LogTimeGranularity = 3; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 4); + + /* Not a multiple of 1000. */ + tdata->opt->LogTimeGranularity = 1500; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 2000); + + /* Reasonable value. */ + tdata->opt->LogTimeGranularity = 3000; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 3000); + + /* Negative. (Shouldn't be allowed by rest of config parsing.) */ + tdata->opt->LogTimeGranularity = -1; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, -1); + + /* Very big */ + tdata->opt->LogTimeGranularity = 3600 * 1000; + mocked_granularity = -1; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(mocked_granularity, OP_EQ, 3600 * 1000); + + done: + free_options_test_data(tdata); + UNMOCK(set_log_time_granularity); +} + +typedef struct { + char *name; + log_severity_list_t sev; + int fd; + bool stream; +} added_log_t; + +static smartlist_t *added_logs = NULL; + +static void +mock_add_stream_log_impl(const log_severity_list_t *sev, const char *name, + int fd) +{ + added_log_t *a = tor_malloc_zero(sizeof(added_log_t)); + a->name = tor_strdup(name); + memcpy(&a->sev, sev, sizeof(log_severity_list_t)); + a->fd = fd; + a->stream = true; + smartlist_add(added_logs, a); +} + +static int +mock_add_file_log(const log_severity_list_t *sev, const char *name, int fd) +{ + added_log_t *a = tor_malloc_zero(sizeof(added_log_t)); + a->name = tor_strdup(name); + memcpy(&a->sev, sev, sizeof(log_severity_list_t)); + a->fd = fd; + smartlist_add(added_logs, a); + return 0; +} + +static void +clear_added_logs(void) +{ + SMARTLIST_FOREACH(added_logs, added_log_t *, a, + { tor_free(a->name); tor_free(a); }); + smartlist_clear(added_logs); +} + +static void +test_options_init_logs_quiet(void *arg) +{ + (void)arg; + char *cfg = NULL; + options_test_data_t *tdata = get_options_test_data(""); + char *fn1 = tor_strdup(get_fname_rnd("log")); + const added_log_t *a; + int rv; + tdata->opt->RunAsDaemon = 0; + + added_logs = smartlist_new(); + MOCK(add_stream_log_impl, mock_add_stream_log_impl); + MOCK(add_file_log, mock_add_file_log); + + tt_ptr_op(tdata->opt->Logs, OP_EQ, NULL); + + /* First, try with no configured logs, and make sure that our configured + logs match the quiet level. */ + quiet_level = QUIET_SILENT; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(smartlist_len(added_logs), OP_EQ, 0); + + quiet_level = QUIET_HUSH; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(smartlist_len(added_logs), OP_EQ, 1); + a = smartlist_get(added_logs, 0); + tt_assert(a); + tt_assert(a->stream); + tt_int_op(a->fd, OP_EQ, fileno(stdout)); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_INFO)], OP_EQ, 0); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_NOTICE)], OP_EQ, 0); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_WARN)], OP_EQ, LD_ALL_DOMAINS); + clear_added_logs(); + + quiet_level = QUIET_NONE; + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(smartlist_len(added_logs), OP_EQ, 1); + a = smartlist_get(added_logs, 0); + tt_assert(a); + tt_assert(a->stream); + tt_int_op(a->fd, OP_EQ, fileno(stdout)); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_INFO)], OP_EQ, 0); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_NOTICE)], OP_EQ, + LD_ALL_DOMAINS); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_WARN)], OP_EQ, LD_ALL_DOMAINS); + clear_added_logs(); + + /* Make sure that adding a configured log makes the default logs go away. */ + tor_asprintf(&cfg, "Log info file %s\n", fn1); + free_options_test_data(tdata); + tdata = get_options_test_data(cfg); + rv = options_init_logs(NULL, tdata->opt, 0); + tt_int_op(rv, OP_EQ, 0); + tt_int_op(smartlist_len(added_logs), OP_EQ, 1); + a = smartlist_get(added_logs, 0); + tt_assert(a); + tt_assert(! a->stream); + tt_int_op(a->fd, OP_NE, fileno(stdout)); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_INFO)], OP_EQ, LD_ALL_DOMAINS); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_NOTICE)], OP_EQ, + LD_ALL_DOMAINS); + tt_u64_op(a->sev.masks[SEVERITY_MASK_IDX(LOG_WARN)], OP_EQ, LD_ALL_DOMAINS); + + done: + free_options_test_data(tdata); + tor_free(fn1); + tor_free(cfg); + clear_added_logs(); + smartlist_free(added_logs); + UNMOCK(add_stream_log_impl); + UNMOCK(add_file_log); +} + +static int mock_options_act_status = 0; +static int +mock_options_act(const or_options_t *old_options) +{ + (void)old_options; + return mock_options_act_status; +} +static int +mock_options_act_reversible(const or_options_t *old_options, char **msg_out) +{ + (void)old_options; + (void)msg_out; + return 0; +} + +static void +test_options_trial_assign(void *arg) +{ + (void)arg; + setopt_err_t v; + config_line_t *lines = NULL; + char *msg = NULL; + int r; + + // replace options_act*() so that we don't actually launch tor here. + MOCK(options_act, mock_options_act); + MOCK(options_act_reversible, mock_options_act_reversible); + + // Try assigning nothing; that should work. + v = options_trial_assign(lines, 0, &msg); + if (msg) + puts(msg); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(v, OP_EQ, SETOPT_OK); + + // Assigning a nickname is okay + r = config_get_lines("Nickname Hemiramphinae", &lines, 0); + tt_int_op(r, OP_EQ, 0); + v = options_trial_assign(lines, 0, &msg); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(v, OP_EQ, SETOPT_OK); + tt_str_op(get_options()->Nickname, OP_EQ, "Hemiramphinae"); + config_free_lines(lines); + + // We can't change the User; that's a transition error. + r = config_get_lines("User Heraclitus", &lines, 0); + tt_int_op(r, OP_EQ, 0); + v = options_trial_assign(lines, 0, &msg); + tt_int_op(v, OP_EQ, SETOPT_ERR_TRANSITION); + tt_str_op(msg, OP_EQ, "While Tor is running, changing User is not allowed"); + tor_free(msg); + config_free_lines(lines); + + // We can't set the ORPort to nonsense: that's a validation error. + r = config_get_lines("ORPort fractabling planished", &lines, 0); + tt_int_op(r, OP_EQ, 0); + v = options_trial_assign(lines, 0, &msg); + tt_int_op(v, OP_EQ, SETOPT_ERR_PARSE); // (same error code for now) + tt_str_op(msg, OP_EQ, "Invalid ORPort configuration"); + tor_free(msg); + config_free_lines(lines); + + // We can't set UseBridges to a non-boolean: that's a parse error. + r = config_get_lines("UseBridges ambidextrous", &lines, 0); + tt_int_op(r, OP_EQ, 0); + v = options_trial_assign(lines, 0, &msg); + tt_int_op(v, OP_EQ, SETOPT_ERR_PARSE); + tt_str_op(msg, OP_EQ, + "Could not parse UseBridges: Unrecognized value ambidextrous. " + "Allowed values are 0 and 1."); + tor_free(msg); + config_free_lines(lines); + + // this didn't change. + tt_str_op(get_options()->Nickname, OP_EQ, "Hemiramphinae"); + + done: + config_free_lines(lines); + tor_free(msg); + UNMOCK(options_act); + UNMOCK(options_act_reversible); +} + +#ifndef COCCI #define LOCAL_VALIDATE_TEST(name) \ { "validate__" #name, test_options_validate__ ## name, TT_FORK, NULL, NULL } +#endif struct testcase_t options_tests[] = { { "validate", test_options_validate, TT_FORK, NULL, NULL }, @@ -4199,11 +4305,11 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(logs), LOCAL_VALIDATE_TEST(authdir), LOCAL_VALIDATE_TEST(relay_with_hidden_services), + LOCAL_VALIDATE_TEST(listen_ports), LOCAL_VALIDATE_TEST(transproxy), LOCAL_VALIDATE_TEST(exclude_nodes), LOCAL_VALIDATE_TEST(node_families), LOCAL_VALIDATE_TEST(token_bucket), - LOCAL_VALIDATE_TEST(recommended_packages), LOCAL_VALIDATE_TEST(fetch_dir), LOCAL_VALIDATE_TEST(conn_limit), LOCAL_VALIDATE_TEST(paths_needed), @@ -4233,5 +4339,10 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(virtual_addr), LOCAL_VALIDATE_TEST(testing_options), LOCAL_VALIDATE_TEST(accel), + { "init_logs/granularity", test_options_init_logs_granularity, TT_FORK, + NULL, NULL }, + { "init_logs/quiet", test_options_init_logs_quiet, TT_FORK, + NULL, NULL }, + { "trial_assign", test_options_trial_assign, TT_FORK, NULL, NULL }, END_OF_TESTCASES /* */ }; diff --git a/src/test/test_options_act.c b/src/test/test_options_act.c new file mode 100644 index 0000000000..942584bffd --- /dev/null +++ b/src/test/test_options_act.c @@ -0,0 +1,272 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define CONFIG_PRIVATE +#include "core/or/or.h" +#include "app/config/config.h" +#include "lib/encoding/confline.h" + +#include "test/test.h" +#include "test/log_test_helpers.h" +#include "test/test_helpers.h" + +#ifndef _WIN32 +#include <sys/stat.h> + +/** + * Check whether fname is readable. On success set + * *<b>is_group_readable_out</b> to as appropriate and return 0. On failure + * return -1. + */ +static int +get_file_mode(const char *fname, unsigned *permissions_out) +{ + struct stat st; + int r = stat(fname, &st); + if (r < 0) + return -1; + *permissions_out = (unsigned) st.st_mode; + return 0; +} +#define assert_mode(fn,mask,expected) STMT_BEGIN \ + unsigned mode_; \ + int tmp_ = get_file_mode((fn), &mode_); \ + if (tmp_ < 0) { \ + TT_DIE(("Couldn't stat %s: %s", (fn), strerror(errno))); \ + } \ + if ((mode_ & (mask)) != (expected)) { \ + TT_DIE(("Bad mode %o on %s", mode_, (fn))); \ + } \ + STMT_END +#else /* defined(_WIN32) */ +/* "group-readable" isn't meaningful on windows */ +#define assert_mode(fn,mask,expected) STMT_NIL +#endif /* !defined(_WIN32) */ + +static or_options_t *mock_opts; +static const or_options_t * +mock_get_options(void) +{ + return mock_opts; +} + +static void +test_options_act_create_dirs(void *arg) +{ + (void)arg; + MOCK(get_options, mock_get_options); + char *msg = NULL; + or_options_t *opts = mock_opts = options_new(); + + /* We're testing options_create_directories(), which assumes that + validate_data_directories() has already been called, and all of + KeyDirectory, DataDirectory, and CacheDirectory are set. */ + + /* Success case 1: all directories are the default */ + char *fn; + fn = tor_strdup(get_fname_rnd("ddir")); + opts->DataDirectory = tor_strdup(fn); + opts->CacheDirectory = tor_strdup(fn); + tor_asprintf(&opts->KeyDirectory, "%s/keys", fn); + opts->DataDirectoryGroupReadable = 1; + opts->CacheDirectoryGroupReadable = -1; /* default. */ + int r = options_create_directories(&msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->DataDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->CacheDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->KeyDirectory)); + assert_mode(opts->DataDirectory, 0777, 0750); + assert_mode(opts->KeyDirectory, 0777, 0700); + tor_free(fn); + tor_free(opts->KeyDirectory); + or_options_free(opts); + + /* Success case 2: all directories are different. */ + opts = mock_opts = options_new(); + opts->DataDirectory = tor_strdup(get_fname_rnd("ddir")); + opts->CacheDirectory = tor_strdup(get_fname_rnd("cdir")); + opts->KeyDirectory = tor_strdup(get_fname_rnd("kdir")); + opts->CacheDirectoryGroupReadable = 1; // cache directory group readable + r = options_create_directories(&msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->DataDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->CacheDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->KeyDirectory)); + assert_mode(opts->DataDirectory, 0777, 0700); + assert_mode(opts->KeyDirectory, 0777, 0700); + assert_mode(opts->CacheDirectory, 0777, 0750); + tor_free(fn); + or_options_free(opts); + + /* Success case 3: all directories are the same. */ + opts = mock_opts = options_new(); + fn = tor_strdup(get_fname_rnd("ddir")); + opts->DataDirectory = tor_strdup(fn); + opts->CacheDirectory = tor_strdup(fn); + opts->KeyDirectory = tor_strdup(fn); + opts->DataDirectoryGroupReadable = 1; + opts->CacheDirectoryGroupReadable = -1; /* default. */ + opts->KeyDirectoryGroupReadable = -1; /* default */ + r = options_create_directories(&msg); + tt_int_op(r, OP_EQ, 0); + tt_ptr_op(msg, OP_EQ, NULL); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->DataDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->CacheDirectory)); + tt_int_op(FN_DIR, OP_EQ, file_status(opts->KeyDirectory)); + assert_mode(opts->DataDirectory, 0777, 0750); + assert_mode(opts->KeyDirectory, 0777, 0750); + assert_mode(opts->CacheDirectory, 0777, 0750); + tor_free(fn); + or_options_free(opts); + + /* Failure case 1: Can't make datadir. */ + opts = mock_opts = options_new(); + opts->DataDirectory = tor_strdup(get_fname_rnd("ddir")); + opts->CacheDirectory = tor_strdup(get_fname_rnd("cdir")); + opts->KeyDirectory = tor_strdup(get_fname_rnd("kdir")); + write_str_to_file(opts->DataDirectory, "foo", 0); + r = options_create_directories(&msg); + tt_int_op(r, OP_LT, 0); + tt_assert(!strcmpstart(msg, "Couldn't create private data directory")); + or_options_free(opts); + tor_free(msg); + + /* Failure case 2: Can't make keydir. */ + opts = mock_opts = options_new(); + opts->DataDirectory = tor_strdup(get_fname_rnd("ddir")); + opts->CacheDirectory = tor_strdup(get_fname_rnd("cdir")); + opts->KeyDirectory = tor_strdup(get_fname_rnd("kdir")); + write_str_to_file(opts->KeyDirectory, "foo", 0); + r = options_create_directories(&msg); + tt_int_op(r, OP_LT, 0); + tt_assert(!strcmpstart(msg, "Couldn't create private data directory")); + or_options_free(opts); + tor_free(msg); + + /* Failure case 3: Can't make cachedir. */ + opts = mock_opts = options_new(); + opts->DataDirectory = tor_strdup(get_fname_rnd("ddir")); + opts->CacheDirectory = tor_strdup(get_fname_rnd("cdir")); + opts->KeyDirectory = tor_strdup(get_fname_rnd("kdir")); + write_str_to_file(opts->CacheDirectory, "foo", 0); + r = options_create_directories(&msg); + tt_int_op(r, OP_LT, 0); + tt_assert(!strcmpstart(msg, "Couldn't create private data directory")); + tor_free(fn); + or_options_free(opts); + tor_free(msg); + + done: + UNMOCK(get_options); + or_options_free(opts); + mock_opts = NULL; + tor_free(fn); + tor_free(msg); +} + +static void +test_options_act_log_transition(void *arg) +{ + (void)arg; + or_options_t *opts = mock_opts = options_new(); + or_options_t *old_opts = NULL; + opts->LogTimeGranularity = 1000; + opts->SafeLogging_ = SAFELOG_SCRUB_ALL; + struct log_transaction_t *lt = NULL; + char *msg = NULL; + MOCK(get_options, mock_get_options); + + tt_ptr_op(opts->Logs, OP_EQ, NULL); + config_line_append(&opts->Logs, "Log", "notice stdout"); + lt = options_start_log_transaction(NULL, &msg); + tt_assert(lt); + tt_assert(!msg); + + // commit, see that there is a change. + options_commit_log_transaction(lt); + lt=NULL; + tt_int_op(get_min_log_level(), OP_EQ, LOG_NOTICE); + + // Now drop to debug. + old_opts = opts; + opts = mock_opts = options_new(); + opts->LogTimeGranularity = 1000; + opts->SafeLogging_ = SAFELOG_SCRUB_ALL; + config_line_append(&opts->Logs, "Log", "debug stdout"); + lt = options_start_log_transaction(old_opts, &msg); + tt_assert(lt); + tt_assert(!msg); + + setup_full_capture_of_logs(LOG_NOTICE); + options_commit_log_transaction(lt); + lt=NULL; + expect_single_log_msg_containing("may contain sensitive information"); + tt_int_op(get_min_log_level(), OP_EQ, LOG_DEBUG); + + // Turn off SafeLogging + or_options_free(old_opts); + mock_clean_saved_logs(); + old_opts = opts; + opts = mock_opts = options_new(); + opts->SafeLogging_ = SAFELOG_SCRUB_NONE; + opts->LogTimeGranularity = 1000; + config_line_append(&opts->Logs, "Log", "debug stdout"); + lt = options_start_log_transaction(old_opts, &msg); + tt_assert(lt); + tt_assert(!msg); + options_commit_log_transaction(lt); + lt=NULL; + expect_single_log_msg_containing("may contain sensitive information"); + tt_int_op(get_min_log_level(), OP_EQ, LOG_DEBUG); + + // Try rolling back. + or_options_free(old_opts); + mock_clean_saved_logs(); + old_opts = opts; + opts = mock_opts = options_new(); + opts->SafeLogging_ = SAFELOG_SCRUB_NONE; + opts->LogTimeGranularity = 1000; + config_line_append(&opts->Logs, "Log", "notice stdout"); + lt = options_start_log_transaction(old_opts, &msg); + tt_assert(lt); + tt_assert(!msg); + options_rollback_log_transaction(lt); + expect_no_log_entry(); + lt = NULL; + tt_int_op(get_min_log_level(), OP_EQ, LOG_DEBUG); + + // Now try some bad options. + or_options_free(opts); + mock_clean_saved_logs(); + opts = mock_opts = options_new(); + opts->LogTimeGranularity = 1000; + config_line_append(&opts->Logs, "Log", "warn blaznert"); + lt = options_start_log_transaction(old_opts, &msg); + tt_assert(!lt); + tt_str_op(msg, OP_EQ, "Failed to init Log options. See logs for details."); + expect_single_log_msg_containing("Couldn't parse"); + tt_int_op(get_min_log_level(), OP_EQ, LOG_DEBUG); + + done: + UNMOCK(get_options); + or_options_free(opts); + or_options_free(old_opts); + tor_free(msg); + if (lt) + options_rollback_log_transaction(lt); + teardown_capture_of_logs(); +} + +#ifndef COCCI +#define T(name) { #name, test_options_act_##name, TT_FORK, NULL, NULL } +#endif + +struct testcase_t options_act_tests[] = { + T(create_dirs), + T(log_transition), + END_OF_TESTCASES +}; diff --git a/src/test/test_parsecommon.c b/src/test/test_parsecommon.c new file mode 100644 index 0000000000..9c22266da1 --- /dev/null +++ b/src/test/test_parsecommon.c @@ -0,0 +1,594 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "core/or/or.h" +#include "test/test.h" +#include "lib/memarea/memarea.h" +#include "lib/encoding/binascii.h" +#include "feature/dirparse/parsecommon.h" +#include "test/log_test_helpers.h" + +static void +test_parsecommon_tokenize_string_null(void *arg) +{ + + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + const char *str_with_null = "a\0bccccccccc"; + + int retval = + tokenize_string(area, str_with_null, + str_with_null + 3, + tokens, NULL, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_multiple_lines(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + T01("uptime", K_UPTIME, GE(1), NO_OBJ), + T01("hibernating", K_HIBERNATING, GE(1), NO_OBJ), + T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ), + END_OF_TABLE, + }; + + char *str = tor_strdup( + "hibernating 0\nuptime 1024\n" + "published 2018-10-15 10:00:00\n"); + + int retval = + tokenize_string(area, str, NULL, + tokens, table, 0); + + tt_int_op(smartlist_len(tokens), OP_EQ, 3); + directory_token_t *token = smartlist_get(tokens, 0); + + tt_int_op(token->tp, OP_EQ, K_HIBERNATING); + + token = smartlist_get(tokens, 1); + + tt_int_op(token->tp, OP_EQ, K_UPTIME); + + token = smartlist_get(tokens, 2); + + tt_int_op(token->tp, OP_EQ, K_PUBLISHED); + + tt_int_op(retval, OP_EQ, 0); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_min_cnt(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + T01("uptime", K_UPTIME, EQ(2), NO_OBJ), + T01("hibernating", K_HIBERNATING, GE(1), NO_OBJ), + END_OF_TABLE, + }; + + // Missing "uptime" + char *str = tor_strdup("uptime 1024\nhibernating 0\n"); + + int retval = + tokenize_string(area, str, NULL, + tokens, table, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_max_cnt(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + T01("uptime", K_UPTIME, EQ(1), NO_OBJ), + T01("hibernating", K_HIBERNATING, GE(1), NO_OBJ), + END_OF_TABLE, + }; + + // "uptime" expected once, but occurs twice in input. + char *str = tor_strdup( + "uptime 1024\nuptime 2048\nhibernating 0\n"); + + int retval = + tokenize_string(area, str, NULL, + tokens, table, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_at_start(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + T1_START("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ), + T01("uptime", K_UPTIME, EQ(1), NO_OBJ), + END_OF_TABLE, + }; + + // "client-name" is not the first line. + char *str = tor_strdup( + "uptime 1024\nclient-name Alice\n"); + + int retval = + tokenize_string(area, str, NULL, tokens, table, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_at_end(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + T1_END("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ), + T01("uptime", K_UPTIME, EQ(1), NO_OBJ), + END_OF_TABLE, + }; + + // "client-name" is not the last line. + char *str = tor_strdup( + "client-name Alice\nuptime 1024\n"); + + int retval = + tokenize_string(area, str, NULL, tokens, table, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_tokenize_string_no_annotations(void *arg) +{ + memarea_t *area = memarea_new(); + smartlist_t *tokens = smartlist_new(); + + (void)arg; + + token_rule_t table[] = { + A01("@last-listed", A_LAST_LISTED, CONCAT_ARGS, NO_OBJ), + END_OF_TABLE, + }; + + char *str = tor_strdup("@last-listed 2018-09-21 15:30:03\n"); + + int retval = + tokenize_string(area, str, NULL, tokens, table, 0); + + tt_int_op(retval, OP_EQ, -1); + + done: + tor_free(str); + memarea_drop_all(area); + smartlist_free(tokens); + return; +} + +static void +test_parsecommon_get_next_token_success(void *arg) +{ + memarea_t *area = memarea_new(); + const char *str = "uptime 1024"; + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t table = T01("uptime", K_UPTIME, GE(1), NO_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &table); + + tt_int_op(token->tp, OP_EQ, K_UPTIME); + tt_int_op(token->n_args, OP_EQ, 1); + tt_str_op(*(token->args), OP_EQ, "1024"); + tt_assert(!token->object_type); + tt_int_op(token->object_size, OP_EQ, 0); + tt_assert(!token->object_body); + + tt_ptr_op(*s, OP_EQ, end); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_concat_args(void *arg) +{ + memarea_t *area = memarea_new(); + const char *str = "proto A=1 B=2"; + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T01("proto", K_PROTO, CONCAT_ARGS, NO_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, K_PROTO); + tt_int_op(token->n_args, OP_EQ, 1); + tt_str_op(*(token->args), OP_EQ, "A=1 B=2"); + + done: + memarea_drop_all(area); +} + +static void +test_parsecommon_get_next_token_parse_keys(void *arg) +{ + (void)arg; + + memarea_t *area = memarea_new(); + const char *str = + "onion-key\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAMDdIya33BfNlHOkzoTKSTT8EjD64waMfUr372syVHiFjHhObwKwGA5u\n" + "sHaMIe9r+Ij/4C1dKyuXkcz3DOl6gWNhTD7dZ89I+Okoh1jWe30jxCiAcywC22p5\n" + "XLhrDkX1A63Z7XCH9ltwU2WMqWsVM98N2GR6MTujP7wtqdLExYN1AgMBAAE=\n" + "-----END RSA PUBLIC KEY-----\n"; + + const char *end = str + strlen(str); + const char **s = (const char **)&str; + directory_token_t *token = NULL; + directory_token_t *token2 = NULL; + + token_rule_t rule = T1("onion-key", R_IPO_ONION_KEY, NO_ARGS, NEED_KEY_1024); + + token = get_next_token(area, s, end, &rule); + tt_assert(token); + + tt_int_op(token->tp, OP_EQ, R_IPO_ONION_KEY); + tt_int_op(token->n_args, OP_EQ, 0); + tt_str_op(token->object_type, OP_EQ, "RSA PUBLIC KEY"); + tt_int_op(token->object_size, OP_EQ, 140); + tt_assert(token->object_body); + tt_assert(token->key); + tt_assert(!token->error); + + const char *str2 = + "client-key\n" + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQCwS810a2auH2PQchOBz9smNgjlDu31aq0IYlUohSYbhcv5AJ+d\n" + "DY0nfZWzS+mZPwzL3UiEnTt6PVv7AgoZ5V9ZJWJTKIURjJpkK0mstfJKHKIZhf84\n" + "pmFfRej9GQViB6NLtp1obOXJgJixSlMfw9doDI4NoAnEISCyH/tD77Qs2wIDAQAB\n" + "AoGAbDg8CKkdQOnX9c7xFpCnsE8fKqz9eddgHHNwXw1NFTwOt+2gDWKSMZmv2X5S\n" + "CVZg3owZxf5W0nT0D6Ny2+6nliak7foYAvkD0BsCiBhgftwC0zAo6k5rIbUKB3PJ\n" + "QLFXgpJhqWuXkODyt/hS/GTernR437WVSEGp1bnALqiFabECQQDaqHOxzoWY/nvH\n" + "KrfUi8EhqCnqERlRHwrW0MQZ1RPvF16OPPma+xa+ht/amfh3vYN5tZY82Zm43gGl\n" + "XWL5cZhNAkEAzmdSootYVnqLLLRMfHKXnO1XbaEcA/08MDNKGlSclBJixFenE8jX\n" + "iQsUbHwMJuGONvzWpRGPBP2f8xBd28ZtxwJARY+LZshtpfNniz/ixYJESaHG28je\n" + "xfjbKOW3TQSFV+2WTifFvHEeljQwKMoMyoMGvYRwLCGJjs9JtMLVxsdFjQJBAKwD\n" + "3BBvBQ39TuPQ1zWX4tb7zjMlY83HTFP3Sriq71tP/1QWoL2SUl56B2lp8E6vB/C3\n" + "wsMK4SCNprHRYAd7VZ0CQDKn6Zhd11P94PLs0msybFEh1VXr6CEW/BrxBgbL4ls6\n" + "dbX5XO0z4Ra8gYXgObgimhyMDYO98Idt5+Z3HIdyrSc=\n" + "-----END RSA PRIVATE KEY-----\n"; + + const char *end2 = str2 + strlen(str2); + const char **s2 = (const char **)&str2; + + token_rule_t rule2 = T01("client-key", C_CLIENT_KEY, NO_ARGS, + NEED_SKEY_1024); + + token2 = get_next_token(area, s2, end2, &rule2); + tt_assert(token2); + + tt_int_op(token2->tp, OP_EQ, C_CLIENT_KEY); + tt_int_op(token2->n_args, OP_EQ, 0); + tt_str_op(token2->object_type, OP_EQ, "RSA PRIVATE KEY"); + tt_int_op(token2->object_size, OP_EQ, 608); + tt_assert(token2->object_body); + tt_assert(token2->key); + tt_assert(!token->error); + + done: + if (token) token_clear(token); + if (token2) token_clear(token2); + memarea_drop_all(area); +} + +static void +test_parsecommon_get_next_token_object(void *arg) +{ + memarea_t *area = memarea_new(); + + const char *str = + "directory-signature 0232AF901C31A04EE9848595AF9BB7620D4C5B2E " + "CD1FD971855430880D3C31E0331C5C55800C2F79\n" + "-----BEGIN SIGNATURE-----\n" + "dLTbc1Lad/OWKBJhA/dERzDHumswTAzBFAWAz2vnQhLsebs1SOm0W/vceEsiEkiF\n" + "A+JJSzIyfywJc6Mnk7aKMEIFjOO/MaxuAp4zv+q+JonJkF0ExjMqvKR0D6pSFmfN\n" + "cnemnxGHxNuPDnKl0imbWKmWDsHtwgi4zWeTq3MekfMOXKi6gIh+bDFzCs9/Vquh\n" + "uNKJI1jW/A2DEKeaSAODEv9VoCsYSvbVVEuHCBWjeNAurd5aL26BrAolW6m7pkD6\n" + "I+cQ8dQG6Wa/Zt6gLXtBbOP2o/iDI7ahDP9diNkBI/rm4nfp9j4piTwsqpi7xz9J\n" + "Ua9DEZB9KbJHVX1rGShrLA==\n" + "-----END SIGNATURE-----\n"; + + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T("directory-signature", K_DIRECTORY_SIGNATURE, + GE(2), NEED_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, K_DIRECTORY_SIGNATURE); + tt_int_op(token->n_args, OP_EQ, 2); + tt_str_op(token->args[0], OP_EQ, + "0232AF901C31A04EE9848595AF9BB7620D4C5B2E"); + tt_str_op(token->args[1], OP_EQ, + "CD1FD971855430880D3C31E0331C5C55800C2F79"); + + tt_assert(!token->error); + + char decoded[256]; + const char *signature = + "dLTbc1Lad/OWKBJhA/dERzDHumswTAzBFAWAz2vnQhLsebs1SOm0W/vceEsiEkiF\n" + "A+JJSzIyfywJc6Mnk7aKMEIFjOO/MaxuAp4zv+q+JonJkF0ExjMqvKR0D6pSFmfN\n" + "cnemnxGHxNuPDnKl0imbWKmWDsHtwgi4zWeTq3MekfMOXKi6gIh+bDFzCs9/Vquh\n" + "uNKJI1jW/A2DEKeaSAODEv9VoCsYSvbVVEuHCBWjeNAurd5aL26BrAolW6m7pkD6\n" + "I+cQ8dQG6Wa/Zt6gLXtBbOP2o/iDI7ahDP9diNkBI/rm4nfp9j4piTwsqpi7xz9J\n" + "Ua9DEZB9KbJHVX1rGShrLA==\n"; + tt_assert(signature); + size_t signature_len = strlen(signature); + base64_decode(decoded, sizeof(decoded), signature, signature_len); + + tt_str_op(token->object_type, OP_EQ, "SIGNATURE"); + tt_int_op(token->object_size, OP_EQ, 256); + tt_mem_op(token->object_body, OP_EQ, decoded, 256); + + tt_assert(!token->key); + + done: + memarea_drop_all(area); +} + +static void +test_parsecommon_get_next_token_err_too_many_args(void *arg) +{ + memarea_t *area = memarea_new(); + const char *str = "uptime 1024 1024 1024"; + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t table = T01("uptime", K_UPTIME, EQ(1), NO_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &table); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, "Too many arguments to uptime"); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_err_too_few_args(void *arg) +{ + memarea_t *area = memarea_new(); + const char *str = "uptime"; + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t table = T01("uptime", K_UPTIME, EQ(1), NO_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &table); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, "Too few arguments to uptime"); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_err_obj_missing_endline(void *arg) +{ + memarea_t *area = memarea_new(); + + const char *str = + "directory-signature 0232AF901C31A04EE9848595AF9BB7620D4C5B2E " + "CD1FD971855430880D3C31E0331C5C55800C2F79\n" + "-----BEGIN SIGNATURE-----\n" + "dLTbc1Lad/OWKBJhA/dERzDHumswTAzBFAWAz2vnQhLsebs1SOm0W/vceEsiEkiF\n" + "A+JJSzIyfywJc6Mnk7aKMEIFjOO/MaxuAp4zv+q+JonJkF0ExjMqvKR0D6pSFmfN\n" + "cnemnxGHxNuPDnKl0imbWKmWDsHtwgi4zWeTq3MekfMOXKi6gIh+bDFzCs9/Vquh\n" + "uNKJI1jW/A2DEKeaSAODEv9VoCsYSvbVVEuHCBWjeNAurd5aL26BrAolW6m7pkD6\n" + "I+cQ8dQG6Wa/Zt6gLXtBbOP2o/iDI7ahDP9diNkBI/rm4nfp9j4piTwsqpi7xz9J\n" + "Ua9DEZB9KbJHVX1rGShrLA==\n"; + + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T("directory-signature", K_DIRECTORY_SIGNATURE, + GE(2), NEED_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, "Malformed object: missing object end line"); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_err_bad_beginline(void *arg) +{ + memarea_t *area = memarea_new(); + + const char *str = + "directory-signature 0232AF901C31A04EE9848595AF9BB7620D4C5B2E " + "CD1FD971855430880D3C31E0331C5C55800C2F79\n" + "-----BEGIN SIGNATURE-Z---\n" + "dLTbc1Lad/OWKBJhA/dERzDHumswTAzBFAWAz2vnQhLsebs1SOm0W/vceEsiEkiF\n" + "A+JJSzIyfywJc6Mnk7aKMEIFjOO/MaxuAp4zv+q+JonJkF0ExjMqvKR0D6pSFmfN\n" + "cnemnxGHxNuPDnKl0imbWKmWDsHtwgi4zWeTq3MekfMOXKi6gIh+bDFzCs9/Vquh\n" + "uNKJI1jW/A2DEKeaSAODEv9VoCsYSvbVVEuHCBWjeNAurd5aL26BrAolW6m7pkD6\n" + "I+cQ8dQG6Wa/Zt6gLXtBbOP2o/iDI7ahDP9diNkBI/rm4nfp9j4piTwsqpi7xz9J\n" + "Ua9DEZB9KbJHVX1rGShrLA==\n" + "-----END SIGNATURE-----\n"; + + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T("directory-signature", K_DIRECTORY_SIGNATURE, + GE(2), NEED_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, "Malformed object: bad begin line"); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_err_tag_mismatch(void *arg) +{ + memarea_t *area = memarea_new(); + + const char *str = + "directory-signature 0232AF901C31A04EE9848595AF9BB7620D4C5B2E " + "CD1FD971855430880D3C31E0331C5C55800C2F79\n" + "-----BEGIN SIGNATURE-----\n" + "dLTbc1Lad/OWKBJhA/dERzDHumswTAzBFAWAz2vnQhLsebs1SOm0W/vceEsiEkiF\n" + "A+JJSzIyfywJc6Mnk7aKMEIFjOO/MaxuAp4zv+q+JonJkF0ExjMqvKR0D6pSFmfN\n" + "cnemnxGHxNuPDnKl0imbWKmWDsHtwgi4zWeTq3MekfMOXKi6gIh+bDFzCs9/Vquh\n" + "uNKJI1jW/A2DEKeaSAODEv9VoCsYSvbVVEuHCBWjeNAurd5aL26BrAolW6m7pkD6\n" + "I+cQ8dQG6Wa/Zt6gLXtBbOP2o/iDI7ahDP9diNkBI/rm4nfp9j4piTwsqpi7xz9J\n" + "Ua9DEZB9KbJHVX1rGShrLA==\n" + "-----END SOMETHINGELSE-----\n"; + + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T("directory-signature", K_DIRECTORY_SIGNATURE, + GE(2), NEED_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, + "Malformed object: mismatched end tag SIGNATURE"); + + done: + memarea_drop_all(area); + return; +} + +static void +test_parsecommon_get_next_token_err_bad_base64(void *arg) +{ + memarea_t *area = memarea_new(); + + const char *str = + "directory-signature 0232AF901C31A04EE9848595AF9BB7620D4C5B2E " + "CD1FD971855430880D3C31E0331C5C55800C2F79\n" + "-----BEGIN SIGNATURE-----\n" + "%%@%%%%%%%!!!'\n" + "-----END SIGNATURE-----\n"; + + const char *end = str + strlen(str); + const char **s = &str; + token_rule_t rule = T("directory-signature", K_DIRECTORY_SIGNATURE, + GE(2), NEED_OBJ); + (void)arg; + + directory_token_t *token = get_next_token(area, s, end, &rule); + + tt_int_op(token->tp, OP_EQ, ERR_); + tt_str_op(token->error, OP_EQ, "Malformed object: bad base64-encoded data"); + + done: + memarea_drop_all(area); + return; +} + +#define PARSECOMMON_TEST(name) \ + { #name, test_parsecommon_ ## name, 0, NULL, NULL } + +struct testcase_t parsecommon_tests[] = { + PARSECOMMON_TEST(tokenize_string_null), + PARSECOMMON_TEST(tokenize_string_multiple_lines), + PARSECOMMON_TEST(tokenize_string_min_cnt), + PARSECOMMON_TEST(tokenize_string_max_cnt), + PARSECOMMON_TEST(tokenize_string_at_start), + PARSECOMMON_TEST(tokenize_string_at_end), + PARSECOMMON_TEST(tokenize_string_no_annotations), + PARSECOMMON_TEST(get_next_token_success), + PARSECOMMON_TEST(get_next_token_concat_args), + PARSECOMMON_TEST(get_next_token_parse_keys), + PARSECOMMON_TEST(get_next_token_object), + PARSECOMMON_TEST(get_next_token_err_too_many_args), + PARSECOMMON_TEST(get_next_token_err_too_few_args), + PARSECOMMON_TEST(get_next_token_err_obj_missing_endline), + PARSECOMMON_TEST(get_next_token_err_bad_beginline), + PARSECOMMON_TEST(get_next_token_err_tag_mismatch), + PARSECOMMON_TEST(get_next_token_err_bad_base64), + END_OF_TESTCASES +}; diff --git a/src/test/test_parseconf.sh b/src/test/test_parseconf.sh new file mode 100755 index 0000000000..4fe27d9f5d --- /dev/null +++ b/src/test/test_parseconf.sh @@ -0,0 +1,655 @@ +#!/bin/sh +# Copyright 2019, The Tor Project, Inc. +# See LICENSE for licensing information + +# Integration test script for verifying that Tor configurations are parsed as +# we expect. +# +# Valid configurations are tested with --dump-config, which parses and +# validates the configuration before writing it out. We then make sure that +# the result is what we expect, before parsing and dumping it again to make +# sure that there is no change. Optionally, we can also test the log messages +# with --verify-config. +# +# Invalid configurations are tested with --verify-config, which parses +# and validates the configuration. We capture its output and make sure that +# it contains the error message we expect. +# +# When tor is compiled with different libraries or modules, some +# configurations may have different results. We can specify these result +# variants using additional result files. + +# This script looks for its test cases as individual directories in +# src/test/conf_examples/. Each test may have these files: +# +# Configuration Files +# +# torrc -- Usually needed. This file is passed to Tor on the command line +# with the "-f" flag. (If you omit it, you'll test Tor's behavior when +# it receives a nonexistent configuration file.) +# +# torrc.defaults -- Optional. If present, it is passed to Tor on the command +# line with the --defaults-torrc option. If this file is absent, an empty +# file is passed instead to prevent Tor from reading the system defaults. +# +# cmdline -- Optional. If present, it contains command-line arguments that +# will be passed to Tor. +# +# (included torrc files or directories) -- Optional. Additional files can be +# included in configuration, using the "%include" directive. Files or +# directories can be included in any of the config files listed above. +# Include paths should be specified relative to the test case directory. +# +# Result Files +# +# expected -- If this file is present, then it should be the expected result +# of "--dump-config short" for this test case. Exactly one of +# "expected" or "error" must be present, or the test will fail. +# +# expected_log -- Optional. If this file is present, then it contains a regex +# that must be matched by some line in the output of "--verify-config", +# which must succeed. Only used if "expected" is also present. +# +# error -- If this file is present, then it contains a regex that must be +# matched by some line in the output of "--verify-config", which must +# fail. Exactly one of "expected" or "error" must be present, or the +# test will fail. +# +# {expected,expected_log,error}_${TOR_LIBS_ENABLED}* -- If this file is +# present, then the outcome is different when some optional libraries are +# enabled. If there is no result file matching the exact list of enabled +# libraries, the script searches for result files with one or more of +# those libraries disabled. The search terminates at the standard result +# file. If expected* is present, the script also searches for +# expected_log*. +# +# For example: +# A test that succeeds, regardless of any enabled libraries: +# - expected +# A test that has a different result if the nss library is enabled +# (but the same result if any other library is enabled). We also check +# the log output in this test: +# - expected +# - expected_log +# - expected_nss +# - expected_log_nss +# A test that fails if the lzma and zstd modules are *not* enabled: +# - error +# - expected_lzma_zstd +# +# {expected,expected_log,error}*_no_${TOR_MODULES_DISABLED} -- If this file is +# present, then the outcome is different when some modules are disabled. +# If there is no result file matching the exact list of disabled modules, +# the standard result file is used. If expected* is present, the script +# also searches for expected_log*. +# +# For example: +# A test that succeeds, regardless of any disabled modules: +# - expected +# A test that has a different result if the relay module is disabled +# (but the same result if just the dirauth module is disabled): +# - expected +# - expected_no_relay_dirauth +# A test that fails if the dirauth module is disabled: +# - expected +# - error_no_dirauth +# - error_no_relay_dirauth +# (Disabling the relay module also disables dirauth module. But we don't +# want to encode that knowledge in this test script, so we supply a +# separate result file for every combination of disabled modules that +# has a different result.) + +umask 077 +set -e + +MYNAME="$0" + +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if test -d "$f"; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + +# find the tor binary +if test $# -ge 1; then + TOR_BINARY="$1" + shift +else + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" +fi + +TOR_BINARY="$(abspath "$TOR_BINARY")" + +echo "Using Tor binary '$TOR_BINARY'." + +# make a safe space for temporary files +DATA_DIR=$(mktemp -d -t tor_parseconf_tests.XXXXXX) +trap 'rm -rf "$DATA_DIR"' 0 + +# This is where we look for examples +EXAMPLEDIR="$(dirname "$0")"/conf_examples + +case "$(uname -s)" in + CYGWIN*) WINDOWS=1;; + MINGW*) WINDOWS=1;; + MSYS*) WINDOWS=1;; + *) WINDOWS=0;; +esac + +#### +# BUG WORKAROUND FOR 31757: +# On Appveyor, it seems that Tor sometimes randomly fails to produce +# output with --dump-config. Whil we are figuring this out, do not treat +# windows errors as hard failures. +#### +if test "$WINDOWS" = 1; then + EXITCODE=0 +else + EXITCODE=1 +fi + +FINAL_EXIT=0 +NEXT_TEST= + +# Log a failure message to stderr, using $@ as a printf string and arguments +# Set NEXT_TEST to "yes" and FINAL_EXIT to $EXITCODE. +fail_printf() +{ + printf "FAIL: " >&2 + # The first argument is a printf string, so this warning is spurious + # shellcheck disable=SC2059 + printf "$@" >&2 + NEXT_TEST="yes" + FINAL_EXIT=$EXITCODE +} + +# Log a failure message to stderr, using $@ as a printf string and arguments +# Exit with status $EXITCODE. +die_printf() +{ + printf "FAIL: CRITICAL error in '%s':" "$MYNAME" >&2 + # The first argument is a printf string, so this warning is spurious + # shellcheck disable=SC2059 + printf "$@" >&2 + exit $EXITCODE +} + +if test "$WINDOWS" = 1; then + FILTER="dos2unix" +else + FILTER="cat" +fi + +EMPTY="${DATA_DIR}/EMPTY" +touch "$EMPTY" || die_printf "Couldn't create empty file '%s'.\\n" \ + "$EMPTY" +NON_EMPTY="${DATA_DIR}/NON_EMPTY" +echo "This pattern should not match any log messages" \ + > "$NON_EMPTY" || die_printf "Couldn't create non-empty file '%s'.\\n" \ + "$NON_EMPTY" + +STANDARD_LIBS="libevent\\|openssl\\|zlib" +# Lib names are restricted to [a-z0-9]* at the moment +# We don't actually want to support foreign accents here +# shellcheck disable=SC2018,SC2019 +TOR_LIBS_ENABLED="$("$TOR_BINARY" --verify-config \ + -f "$EMPTY" --defaults-torrc "$EMPTY" \ + | sed -n 's/.* Tor .* running on .* with\(.*\)\./\1/p' \ + | tr 'A-Z' 'a-z' | tr ',' '\n' \ + | grep -v "$STANDARD_LIBS" | grep -v "n/a" \ + | sed 's/\( and\)* \(lib\)*\([a-z0-9]*\) .*/\3/' \ + | sort | tr '\n' '_')" +# Remove the last underscore, if there is one +TOR_LIBS_ENABLED=${TOR_LIBS_ENABLED%_} + +# If we ever have more than 3 optional libraries, we'll need more code here +TOR_LIBS_ENABLED_COUNT="$(echo "$TOR_LIBS_ENABLED_SEARCH" \ + | tr ' ' '\n' | wc -l)" +if test "$TOR_LIBS_ENABLED_COUNT" -gt 3; then + die_printf "Can not handle more than 3 optional libraries.\\n" +fi +# Brute-force the combinations of libraries +TOR_LIBS_ENABLED_SEARCH_3="$(echo "$TOR_LIBS_ENABLED" \ + | sed -n \ + 's/^\([^_]*\)_\([^_]*\)_\([^_]*\)$/_\1_\2 _\1_\3 _\2_\3 _\1 _\2 _\3/p')" +TOR_LIBS_ENABLED_SEARCH_2="$(echo "$TOR_LIBS_ENABLED" \ + | sed -n 's/^\([^_]*\)_\([^_]*\)$/_\1 _\2/p')" +TOR_LIBS_ENABLED_SEARCH="_$TOR_LIBS_ENABLED \ + $TOR_LIBS_ENABLED_SEARCH_3 \ + $TOR_LIBS_ENABLED_SEARCH_2" +TOR_LIBS_ENABLED_SEARCH="$(echo "$TOR_LIBS_ENABLED_SEARCH" | tr ' ' '\n' \ + | grep -v '^_*$' | tr '\n' ' ')" + +TOR_MODULES_DISABLED="$("$TOR_BINARY" --list-modules | grep ': no' \ + | cut -d ':' -f1 | sort | tr '\n' '_')" +# Remove the last underscore, if there is one +TOR_MODULES_DISABLED=${TOR_MODULES_DISABLED%_} + +echo "Tor is configured with:" +echo "Optional Libraries: ${TOR_LIBS_ENABLED:-(None)}" +if test "$TOR_LIBS_ENABLED"; then + echo "Optional Library Search List: $TOR_LIBS_ENABLED_SEARCH" +fi +echo "Disabled Modules: ${TOR_MODULES_DISABLED:-(None)}" + +# Yes, unix uses "0" for a successful command +TRUE=0 +FALSE=1 + +# Run tor --verify-config on the torrc $1, and defaults torrc $2, which may +# be $EMPTY. Pass tor the extra command line arguments $3, which will be +# passed unquoted. +# Send tor's standard output to stderr. +log_verify_config() +{ + # show the command we're about to execute + # log_verify_config() is only called when we've failed + printf "Tor --verify-config said:\\n" >&2 + printf "$ %s %s %s %s %s %s %s\\n" \ + "$TOR_BINARY" --verify-config \ + -f "$1" \ + --defaults-torrc "$2" \ + "$3" \ + >&2 + # We need cmdline unquoted + # shellcheck disable=SC2086 + "$TOR_BINARY" --verify-config \ + -f "$1" \ + --defaults-torrc "$2" \ + $3 \ + >&2 \ + || true +} + +# Run "tor --dump-config short" on the torrc $1, and defaults torrc $2, which +# may be $EMPTY. Pass tor the extra command line arguments $3, which will be +# passed unquoted. Send tor's standard output to $4. +# +# Set $FULL_TOR_CMD to the tor command line that was executed. +# +# If tor fails, fail_printf() using the file name $5, and context $6, +# which may be an empty string. Then run log_verify_config(). +dump_config() +{ + if test "$6"; then + CONTEXT=" $6" + else + CONTEXT="" + fi + + # keep the command we're about to execute, and show if it we fail + FULL_TOR_CMD=$(printf "$ %s %s %s %s %s %s %s %s" \ + "$TOR_BINARY" --dump-config short \ + -f "$1" \ + --defaults-torrc "$2" \ + "$3" + ) + # We need cmdline unquoted + # shellcheck disable=SC2086 + if ! "$TOR_BINARY" --dump-config short \ + -f "$1" \ + --defaults-torrc "$2" \ + $3 \ + > "$4"; then + fail_printf "'%s': Tor --dump-config reported an error%s:\\n%s\\n" \ + "$5" \ + "$CONTEXT" \ + "$FULL_TOR_CMD" + log_verify_config "$1" \ + "$2" \ + "$3" + fi +} + +# Run "$FILTER" on the input $1. +# Send the standard output to $2. +# If tor fails, log a failure message using the file name $3, and context $4, +# which may be an empty string. +filter() +{ + if test "$4"; then + CONTEXT=" $4" + else + CONTEXT="" + fi + + "$FILTER" "$1" \ + > "$2" \ + || fail_printf "'%s': Filter '%s' reported an error%s.\\n" \ + "$3" \ + "$FILTER" \ + "$CONTEXT" +} + +# Compare the expected file $1, and output file $2. +# +# If they are different, fail. Log the differences between the files. +# Run log_verify_config() with torrc $3, defaults torrc $4, and command +# line $5, to log Tor's error messages. +# +# If the file contents are identical, returns true. Otherwise, return false. +# +# Log failure messages using fail_printf(), with the expected file name, +# context $6, which may be an empty string, and the tor command line $7. +check_diff() +{ + if test "$6"; then + CONTEXT=" $6" + else + CONTEXT="" + fi + + if cmp "$1" "$2" > /dev/null; then + return "$TRUE" + else + fail_printf "'%s': Tor --dump-config said%s:\\n%s\\n" \ + "$1" \ + "$CONTEXT" \ + "$7" + diff -u "$1" "$2" >&2 \ + || true + log_verify_config "$3" \ + "$4" \ + "$5" + return "$FALSE" + fi +} + +# Run "tor --dump-config short" on the torrc $1, and defaults torrc $2, which +# may be $EMPTY. Pass tor the extra command line arguments $3, which will be +# passed unquoted. Send tor's standard output to $4, after running $FILTER +# on it. +# +# If tor fails, run log_verify_config(). +# +# Compare the expected file $5, and output file. If they are different, fail. +# If this is the first step that failed in this test, run log_verify_config(). +# +# If the file contents are identical, returns true. Otherwise, return false, +# and log the differences between the files. +# +# Log failure messages using fail_printf(), with the expected file name, and +# context $6, which may be an empty string. +check_dump_config() +{ + OUTPUT="$4" + OUTPUT_RAW="${OUTPUT}_raw" + + FULL_TOR_CMD= + dump_config "$1" \ + "$2" \ + "$3" \ + "$OUTPUT_RAW" \ + "$5" \ + "$6" + + filter "$OUTPUT_RAW" \ + "$OUTPUT" \ + "$5" \ + "$6" + + if check_diff "$5" \ + "$OUTPUT" \ + "$1" \ + "$2" \ + "$3" \ + "$6" \ + "$FULL_TOR_CMD"; then + return "$TRUE" + else + return "$FALSE" + fi +} + +# Check if $1 is an empty file. +# If it is, fail_printf() using $2 as the type of file. +# Returns true if the file is empty, false otherwise. +check_empty_pattern() +{ + if ! test -s "$1"; then + fail_printf "%s file '%s' is empty, and will match any output.\\n" \ + "$2" \ + "$1" + return "$TRUE" + else + return "$FALSE" + fi +} + +# Run tor --verify-config on the torrc $1, and defaults torrc $2, which may +# be $EMPTY. Pass tor the extra command line arguments $3, which will be +# passed unquoted. Send tor's standard output to $4. +# +# Set $FULL_TOR_CMD to the tor command line that was executed. +# +# If tor's exit status does not match the boolean $5, fail_printf() +# using the file name $6, and context $7, which is required. +verify_config() +{ + RESULT=$TRUE + + # keep the command we're about to execute, and show if it we fail + FULL_TOR_CMD=$(printf "$ %s %s %s %s %s %s %s" \ + "$TOR_BINARY" --verify-config \ + -f "$1" \ + --defaults-torrc "$2" \ + "$3" + ) + # We need cmdline unquoted + # shellcheck disable=SC2086 + "$TOR_BINARY" --verify-config \ + -f "$1" \ + --defaults-torrc "$2" \ + $3 \ + > "$4" || RESULT=$FALSE + + # Convert the actual and expected results to boolean, and compare + if test $((! (! RESULT))) -ne $((! (! $5))); then + fail_printf "'%s': Tor --verify-config did not %s:\\n%s\\n" \ + "$6" \ + "$7" \ + "$FULL_TOR_CMD" + cat "$4" >&2 + fi +} + +# Check for the patterns in the match file $1, in the output file $2. +# Uses grep with the entire contents of the match file as the pattern. +# (Not "grep -f".) +# +# If the pattern does not match any lines in the output file, fail. +# Log the pattern, and the entire contents of the output file. +# +# Log failure messages using fail_printf(), with the match file name, +# context $3, and tor command line $4, which are required. +check_pattern() +{ + expect_log="$(cat "$1")" + if ! grep "$expect_log" "$2" > /dev/null; then + fail_printf "Expected %s '%s':\\n%s\\n" \ + "$3" \ + "$1" \ + "$expect_log" + printf "Tor --verify-config said:\\n%s\\n" \ + "$4" >&2 + cat "$2" >&2 + fi +} + +# Run tor --verify-config on the torrc $1, and defaults torrc $2, which may +# be $EMPTY. Pass tor the extra command line arguments $3, which will be +# passed unquoted. Send tor's standard output to $4. +# +# If tor's exit status does not match the boolean $5, fail. +# +# Check for the patterns in the match file $6, in the output file. +# Uses grep with the entire contents of the match file as the pattern. +# (Not "grep -f".) The match file must not be empty. +# +# If the pattern does not match any lines in the output file, fail. +# Log the pattern, and the entire contents of the output file. +# +# Log failure messages using fail_printf(), with the match file name, +# and context $7, which is required. +check_verify_config() +{ + if check_empty_pattern "$6" "$7"; then + return + fi + + FULL_TOR_CMD= + verify_config "$1" \ + "$2" \ + "$3" \ + "$4" \ + "$5" \ + "$6" \ + "$7" + + check_pattern "$6" \ + "$4" \ + "$7" \ + "$FULL_TOR_CMD" +} + +for dir in "${EXAMPLEDIR}"/*; do + NEXT_TEST= + + if ! test -d "$dir"; then + # Only count directories. + continue + fi + + testname="$(basename "${dir}")" + # We use printf since "echo -n" is not standard + printf "%s: " \ + "$testname" + + PREV_DIR="$(pwd)" + cd "$dir" + + if test -f "./torrc.defaults"; then + DEFAULTS="./torrc.defaults" + else + DEFAULTS="${DATA_DIR}/EMPTY" + fi + + if test -f "./cmdline"; then + CMDLINE="$(cat ./cmdline)" + else + CMDLINE="" + fi + + EXPECTED= + EXPECTED_LOG= + ERROR= + # Search for a custom result file for any combination of enabled optional + # libraries + # The libs in the list are [A-Za-z0-9_]* and space-separated. + # shellcheck disable=SC2086 + for lib_suffix in $TOR_LIBS_ENABLED_SEARCH ""; do + # Search for a custom result file for any disabled modules + for mod_suffix in "_no_${TOR_MODULES_DISABLED}" ""; do + suffix="${lib_suffix}${mod_suffix}" + + if test -f "./expected${suffix}"; then + + # Check for broken configs + if test -f "./error${suffix}"; then + fail_printf "Found both '%s' and '%s'.%s\\n" \ + "${dir}/expected${suffix}" \ + "${dir}/error${suffix}" \ + "(Only one of these files should exist.)" + break + fi + + EXPECTED="./expected${suffix}" + if test -f "./expected_log${suffix}"; then + EXPECTED_LOG="./expected_log${suffix}" + fi + break + + elif test -f "./error${suffix}"; then + ERROR="./error${suffix}" + break + fi + done + + # Exit as soon as the inner loop finds a file, or fails + if test -f "$EXPECTED" || test -f "$ERROR" || test "$NEXT_TEST"; then + break + fi + done + + if test "$NEXT_TEST"; then + # The test failed inside the file search loop: go to the next test + continue + elif test -f "$EXPECTED"; then + # This case should succeed: run dump-config and see if it does. + + if check_dump_config "./torrc" \ + "$DEFAULTS" \ + "$CMDLINE" \ + "${DATA_DIR}/output.${testname}" \ + "$EXPECTED" \ + ""; then + # Check round-trip. + check_dump_config "${DATA_DIR}/output.${testname}" \ + "$EMPTY" \ + "" \ + "${DATA_DIR}/output_2.${testname}" \ + "$EXPECTED" \ + "on round-trip" || true + fi + + if test -f "$EXPECTED_LOG"; then + # This case should succeed: run verify-config and see if it does. + + check_verify_config "./torrc" \ + "$DEFAULTS" \ + "$CMDLINE" \ + "${DATA_DIR}/output_log.${testname}" \ + "$TRUE" \ + "$EXPECTED_LOG" \ + "log success" + else + printf "\\nNOTICE: Missing '%s_log' file:\\n" \ + "$EXPECTED" >&2 + log_verify_config "./torrc" \ + "$DEFAULTS" \ + "$CMDLINE" + fi + + elif test -f "$ERROR"; then + # This case should fail: run verify-config and see if it does. + + check_verify_config "./torrc" \ + "$DEFAULTS" \ + "$CMDLINE" \ + "${DATA_DIR}/output.${testname}" \ + "$FALSE" \ + "$ERROR" \ + "log error" + else + # This case is not actually configured with a success or a failure. + # call that an error. + fail_printf "Did not find ${dir}/*expected or ${dir}/*error.\\n" + fi + + if test -z "$NEXT_TEST"; then + echo "OK" + fi + + cd "$PREV_DIR" + +done + +exit "$FINAL_EXIT" diff --git a/src/test/test_pem.c b/src/test/test_pem.c index 9eb99181e2..9772be124b 100644 --- a/src/test/test_pem.c +++ b/src/test/test_pem.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/test/test_periodic_event.c b/src/test/test_periodic_event.c index 4a53639dad..b7f1785805 100644 --- a/src/test/test_periodic_event.c +++ b/src/test/test_periodic_event.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -19,6 +19,7 @@ #include "feature/hibernate/hibernate.h" #include "feature/hs/hs_service.h" #include "core/mainloop/mainloop.h" +#include "core/mainloop/netstatus.h" #include "core/mainloop/periodic.h" /** Helper function: This is replaced in some tests for the event callbacks so @@ -50,16 +51,21 @@ test_pe_initialize(void *arg) * need to run the main loop and then wait for a second delaying the unit * tests. Instead, we'll test the callback work indepedently elsewhere. */ initialize_periodic_events(); + periodic_events_connect_all(); + set_network_participation(false); + rescan_periodic_events(get_options()); /* Validate that all events have been set up. */ - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; tt_assert(item->ev); tt_assert(item->fn); tt_u64_op(item->last_action_time, OP_EQ, 0); /* Every event must have role(s) assign to it. This is done statically. */ tt_u64_op(item->roles, OP_NE, 0); - tt_uint_op(periodic_event_is_enabled(item), OP_EQ, 0); + int should_be_enabled = (item->roles & PERIODIC_EVENT_ROLE_ALL) && + !(item->flags & PERIODIC_EVENT_FLAG_NEED_NET); + tt_uint_op(periodic_event_is_enabled(item), OP_EQ, should_be_enabled); } done: @@ -79,17 +85,20 @@ test_pe_launch(void *arg) * network gets enabled. */ consider_hibernation(time(NULL)); + set_network_participation(true); + /* Hack: We'll set a dumb fn() of each events so they don't get called when * dispatching them. We just want to test the state of the callbacks, not * the whole code path. */ - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; item->fn = dumb_event_fn; } options = get_options_mutable(); options->SocksPort_set = 1; periodic_events_on_new_options(options); + #if 0 /* Lets make sure that before intialization, we can't scan the periodic * events list and launch them. Lets try by being a Client. */ @@ -99,20 +108,20 @@ test_pe_launch(void *arg) periodic_event_item_t *item = &periodic_events[i]; tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0); } -#endif +#endif /* 0 */ initialize_periodic_events(); + periodic_events_connect_all(); /* Now that we've initialized, rescan the list to launch. */ periodic_events_on_new_options(options); - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; - if (item->roles & PERIODIC_EVENT_ROLE_CLIENT) { - tt_int_op(periodic_event_is_enabled(item), OP_EQ, 1); - } else { - tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0); - } + int mask = PERIODIC_EVENT_ROLE_CLIENT|PERIODIC_EVENT_ROLE_ALL| + PERIODIC_EVENT_ROLE_NET_PARTICIPANT; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; + int should_be_enabled = !!(item->roles & mask); + tt_int_op(periodic_event_is_enabled(item), OP_EQ, should_be_enabled); // enabled or not, the event has not yet been run. tt_u64_op(item->last_action_time, OP_EQ, 0); } @@ -124,10 +133,11 @@ test_pe_launch(void *arg) unsigned roles = get_my_roles(options); tt_uint_op(roles, OP_EQ, - PERIODIC_EVENT_ROLE_RELAY|PERIODIC_EVENT_ROLE_DIRSERVER); + PERIODIC_EVENT_ROLE_RELAY|PERIODIC_EVENT_ROLE_DIRSERVER| + PERIODIC_EVENT_ROLE_ALL|PERIODIC_EVENT_ROLE_NET_PARTICIPANT); - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; /* Only Client role should be disabled. */ if (item->roles == PERIODIC_EVENT_ROLE_CLIENT) { tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0); @@ -144,17 +154,23 @@ test_pe_launch(void *arg) /* Disable everything and we'll enable them ALL. */ options->SocksPort_set = 0; options->ORPort_set = 0; + options->DisableNetwork = 1; + set_network_participation(false); periodic_events_on_new_options(options); - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; - tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0); + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; + int should_be_enabled = (item->roles & PERIODIC_EVENT_ROLE_ALL) && + !(item->flags & PERIODIC_EVENT_FLAG_NEED_NET); + tt_int_op(periodic_event_is_enabled(item), OP_EQ, should_be_enabled); } /* Enable everything. */ options->SocksPort_set = 1; options->ORPort_set = 1; options->BridgeRelay = 1; options->AuthoritativeDir = 1; options->V3AuthoritativeDir = 1; options->BridgeAuthoritativeDir = 1; + options->DisableNetwork = 0; + set_network_participation(true); register_dummy_hidden_service(&service); periodic_events_on_new_options(options); /* Note down the reference because we need to remove this service from the @@ -163,9 +179,10 @@ test_pe_launch(void *arg) * trigger a rescan of the event disabling the HS service event. */ to_remove = &service; - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; - tt_int_op(periodic_event_is_enabled(item), OP_EQ, 1); + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; + tt_int_op(periodic_event_is_enabled(item), OP_EQ, + (item->roles != PERIODIC_EVENT_ROLE_CONTROLEV)); } done: @@ -187,42 +204,49 @@ test_pe_get_roles(void *arg) or_options_t *options = get_options_mutable(); tt_assert(options); + set_network_participation(true); + + const int ALL = PERIODIC_EVENT_ROLE_ALL | + PERIODIC_EVENT_ROLE_NET_PARTICIPANT; /* Nothing configured, should be no roles. */ + tt_assert(net_is_disabled()); roles = get_my_roles(options); - tt_int_op(roles, OP_EQ, 0); + tt_int_op(roles, OP_EQ, ALL); /* Indicate we have a SocksPort, roles should be come Client. */ options->SocksPort_set = 1; roles = get_my_roles(options); - tt_int_op(roles, OP_EQ, PERIODIC_EVENT_ROLE_CLIENT); + tt_int_op(roles, OP_EQ, PERIODIC_EVENT_ROLE_CLIENT|ALL); /* Now, we'll add a ORPort so should now be a Relay + Client. */ options->ORPort_set = 1; roles = get_my_roles(options); tt_int_op(roles, OP_EQ, (PERIODIC_EVENT_ROLE_CLIENT | PERIODIC_EVENT_ROLE_RELAY | - PERIODIC_EVENT_ROLE_DIRSERVER)); + PERIODIC_EVENT_ROLE_DIRSERVER | ALL)); /* Now add a Bridge. */ options->BridgeRelay = 1; roles = get_my_roles(options); tt_int_op(roles, OP_EQ, (PERIODIC_EVENT_ROLE_CLIENT | PERIODIC_EVENT_ROLE_RELAY | - PERIODIC_EVENT_ROLE_BRIDGE | PERIODIC_EVENT_ROLE_DIRSERVER)); + PERIODIC_EVENT_ROLE_BRIDGE | PERIODIC_EVENT_ROLE_DIRSERVER | + ALL)); tt_assert(roles & PERIODIC_EVENT_ROLE_ROUTER); /* Unset client so we can solely test Router role. */ options->SocksPort_set = 0; roles = get_my_roles(options); tt_int_op(roles, OP_EQ, - PERIODIC_EVENT_ROLE_ROUTER | PERIODIC_EVENT_ROLE_DIRSERVER); + PERIODIC_EVENT_ROLE_ROUTER | PERIODIC_EVENT_ROLE_DIRSERVER | + ALL); /* Reset options so we can test authorities. */ options->SocksPort_set = 0; options->ORPort_set = 0; options->BridgeRelay = 0; roles = get_my_roles(options); - tt_int_op(roles, OP_EQ, 0); + tt_int_op(roles, OP_EQ, ALL); /* Now upgrade to Dirauth. */ options->DirPort_set = 1; @@ -230,7 +254,7 @@ test_pe_get_roles(void *arg) options->V3AuthoritativeDir = 1; roles = get_my_roles(options); tt_int_op(roles, OP_EQ, - PERIODIC_EVENT_ROLE_DIRAUTH|PERIODIC_EVENT_ROLE_DIRSERVER); + PERIODIC_EVENT_ROLE_DIRAUTH|PERIODIC_EVENT_ROLE_DIRSERVER|ALL); tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES); /* Now Bridge Authority. */ @@ -238,7 +262,7 @@ test_pe_get_roles(void *arg) options->BridgeAuthoritativeDir = 1; roles = get_my_roles(options); tt_int_op(roles, OP_EQ, - PERIODIC_EVENT_ROLE_BRIDGEAUTH|PERIODIC_EVENT_ROLE_DIRSERVER); + PERIODIC_EVENT_ROLE_BRIDGEAUTH|PERIODIC_EVENT_ROLE_DIRSERVER|ALL); tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES); /* Move that bridge auth to become a relay. */ @@ -246,7 +270,7 @@ test_pe_get_roles(void *arg) roles = get_my_roles(options); tt_int_op(roles, OP_EQ, (PERIODIC_EVENT_ROLE_BRIDGEAUTH | PERIODIC_EVENT_ROLE_RELAY - | PERIODIC_EVENT_ROLE_DIRSERVER)); + | PERIODIC_EVENT_ROLE_DIRSERVER|ALL)); tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES); /* And now an Hidden service. */ @@ -257,7 +281,8 @@ test_pe_get_roles(void *arg) remove_service(get_hs_service_map(), &service); tt_int_op(roles, OP_EQ, (PERIODIC_EVENT_ROLE_BRIDGEAUTH | PERIODIC_EVENT_ROLE_RELAY | - PERIODIC_EVENT_ROLE_HS_SERVICE | PERIODIC_EVENT_ROLE_DIRSERVER)); + PERIODIC_EVENT_ROLE_HS_SERVICE | PERIODIC_EVENT_ROLE_DIRSERVER | + ALL)); tt_assert(roles & PERIODIC_EVENT_ROLE_AUTHORITIES); done: @@ -277,12 +302,13 @@ test_pe_hs_service(void *arg) consider_hibernation(time(NULL)); /* Initialize the events so we can enable them */ initialize_periodic_events(); + periodic_events_connect_all(); /* Hack: We'll set a dumb fn() of each events so they don't get called when * dispatching them. We just want to test the state of the callbacks, not * the whole code path. */ - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; item->fn = dumb_event_fn; } @@ -295,8 +321,8 @@ test_pe_hs_service(void *arg) * trigger a rescan of the event disabling the HS service event. */ to_remove = &service; - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; if (item->roles & PERIODIC_EVENT_ROLE_HS_SERVICE) { tt_int_op(periodic_event_is_enabled(item), OP_EQ, 1); } @@ -306,8 +332,8 @@ test_pe_hs_service(void *arg) /* Remove the service from the global map, it should trigger a rescan and * disable the HS service events. */ remove_service(get_hs_service_map(), &service); - for (int i = 0; periodic_events[i].name; ++i) { - periodic_event_item_t *item = &periodic_events[i]; + for (int i = 0; mainloop_periodic_events[i].name; ++i) { + periodic_event_item_t *item = &mainloop_periodic_events[i]; if (item->roles & PERIODIC_EVENT_ROLE_HS_SERVICE) { tt_int_op(periodic_event_is_enabled(item), OP_EQ, 0); } diff --git a/src/test/test_policy.c b/src/test/test_policy.c index 9c001c294a..7949e90e9e 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2013-2019, The Tor Project, Inc. */ +/* Copyright (c) 2013-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CONFIG_PRIVATE @@ -6,13 +6,18 @@ #include "core/or/or.h" #include "app/config/config.h" +#include "core/or/circuitbuild.h" #include "core/or/policies.h" #include "feature/dirparse/policy_parse.h" +#include "feature/hs/hs_common.h" +#include "feature/hs/hs_descriptor.h" #include "feature/relay/router.h" #include "lib/encoding/confline.h" #include "test/test.h" +#include "test/log_test_helpers.h" #include "core/or/addr_policy_st.h" +#include "core/or/extend_info_st.h" #include "core/or/port_cfg_st.h" #include "feature/nodelist/node_st.h" #include "feature/nodelist/routerinfo_st.h" @@ -57,8 +62,8 @@ test_policy_summary_helper_family_flags(const char *policy_str, short_policy_t *short_policy = NULL; int success = 0; - line.key = (char*)"foo"; - line.value = (char *)policy_str; + line.key = (char *) "foo"; + line.value = (char *) policy_str; line.next = NULL; r = policies_parse_exit_policy(&line, &policy, @@ -2024,6 +2029,101 @@ test_policies_fascist_firewall_allows_address(void *arg) expect_ap); \ STMT_END +/* Check that fascist_firewall_choose_address_ls() returns the expected + * results. */ +#define CHECK_CHOSEN_ADDR_NULL_LS() \ + STMT_BEGIN \ + tor_addr_port_t chosen_ls_ap; \ + tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \ + chosen_ls_ap.port = 0; \ + setup_full_capture_of_logs(LOG_WARN); \ + fascist_firewall_choose_address_ls(NULL, 1, &chosen_ls_ap); \ + expect_single_log_msg("Unknown or missing link specifiers"); \ + teardown_capture_of_logs(); \ + STMT_END + +#define CHECK_CHOSEN_ADDR_LS(fake_ls, pref_only, expect_rv, expect_ap) \ + STMT_BEGIN \ + tor_addr_port_t chosen_ls_ap; \ + tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \ + chosen_ls_ap.port = 0; \ + setup_full_capture_of_logs(LOG_WARN); \ + fascist_firewall_choose_address_ls(fake_ls, pref_only, &chosen_ls_ap); \ + if (smartlist_len(fake_ls) == 0) { \ + expect_single_log_msg("Link specifiers are empty"); \ + } else { \ + expect_no_log_entry(); \ + tt_assert(tor_addr_eq(&(expect_ap).addr, &chosen_ls_ap.addr)); \ + tt_int_op((expect_ap).port, OP_EQ, chosen_ls_ap.port); \ + } \ + teardown_capture_of_logs(); \ + STMT_END + +#define CHECK_LS_LEGACY_ONLY(fake_ls) \ + STMT_BEGIN \ + tor_addr_port_t chosen_ls_ap; \ + tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \ + chosen_ls_ap.port = 0; \ + setup_full_capture_of_logs(LOG_WARN); \ + fascist_firewall_choose_address_ls(fake_ls, 0, &chosen_ls_ap); \ + expect_single_log_msg("None of our link specifiers have IPv4 or IPv6"); \ + teardown_capture_of_logs(); \ + STMT_END + +#define CHECK_HS_EXTEND_INFO_ADDR_LS(fake_ls, direct_conn, expect_ap) \ + STMT_BEGIN \ + curve25519_secret_key_t seckey; \ + curve25519_secret_key_generate(&seckey, 0); \ + curve25519_public_key_t pubkey; \ + curve25519_public_key_generate(&pubkey, &seckey); \ + setup_full_capture_of_logs(LOG_WARN); \ + extend_info_t *ei = hs_get_extend_info_from_lspecs(fake_ls, &pubkey, \ + direct_conn); \ + if (fake_ls == NULL) { \ + tt_ptr_op(ei, OP_EQ, NULL); \ + expect_single_log_msg("Specified link specifiers is null"); \ + } else { \ + expect_no_log_entry(); \ + tt_assert(tor_addr_eq(&(expect_ap).addr, &ei->addr)); \ + tt_int_op((expect_ap).port, OP_EQ, ei->port); \ + extend_info_free(ei); \ + } \ + teardown_capture_of_logs(); \ + STMT_END + +#define CHECK_HS_EXTEND_INFO_ADDR_LS_NULL_KEY(fake_ls) \ + STMT_BEGIN \ + setup_full_capture_of_logs(LOG_WARN); \ + extend_info_t *ei = hs_get_extend_info_from_lspecs(fake_ls, NULL, 0); \ + tt_ptr_op(ei, OP_EQ, NULL); \ + expect_single_log_msg("Specified onion key is null"); \ + teardown_capture_of_logs(); \ + STMT_END + +#define CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(fake_ls, direct_conn) \ + STMT_BEGIN \ + curve25519_secret_key_t seckey; \ + curve25519_secret_key_generate(&seckey, 0); \ + curve25519_public_key_t pubkey; \ + curve25519_public_key_generate(&pubkey, &seckey); \ + extend_info_t *ei = hs_get_extend_info_from_lspecs(fake_ls, &pubkey, \ + direct_conn); \ + tt_ptr_op(ei, OP_EQ, NULL); \ + STMT_END + +#define CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_MSG(fake_ls, msg_level, msg) \ + STMT_BEGIN \ + curve25519_secret_key_t seckey; \ + curve25519_secret_key_generate(&seckey, 0); \ + curve25519_public_key_t pubkey; \ + curve25519_public_key_generate(&pubkey, &seckey); \ + setup_full_capture_of_logs(msg_level); \ + extend_info_t *ei = hs_get_extend_info_from_lspecs(fake_ls, &pubkey, 0); \ + tt_ptr_op(ei, OP_EQ, NULL); \ + expect_single_log_msg(msg); \ + teardown_capture_of_logs(); \ + STMT_END + /** Run unit tests for fascist_firewall_choose_address */ static void test_policies_fascist_firewall_choose_address(void *arg) @@ -2422,6 +2522,141 @@ test_policies_fascist_firewall_choose_address(void *arg) CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_DIR_CONNECTION, 1, 1, ipv4_dir_ap); + /* Test firewall_choose_address_ls(). To do this, we make a fake link + * specifier. */ + smartlist_t *lspecs = smartlist_new(), + *lspecs_blank = smartlist_new(), + *lspecs_v4 = smartlist_new(), + *lspecs_v6 = smartlist_new(), + *lspecs_no_legacy = smartlist_new(), + *lspecs_legacy_only = smartlist_new(); + link_specifier_t *fake_ls; + + /* IPv4 link specifier */ + fake_ls = link_specifier_new(); + link_specifier_set_ls_type(fake_ls, LS_IPV4); + link_specifier_set_un_ipv4_addr(fake_ls, + tor_addr_to_ipv4h(&ipv4_or_ap.addr)); + link_specifier_set_un_ipv4_port(fake_ls, ipv4_or_ap.port); + link_specifier_set_ls_len(fake_ls, sizeof(ipv4_or_ap.addr.addr.in_addr) + + sizeof(ipv4_or_ap.port)); + smartlist_add(lspecs, fake_ls); + smartlist_add(lspecs_v4, fake_ls); + smartlist_add(lspecs_no_legacy, fake_ls); + + /* IPv6 link specifier */ + fake_ls = link_specifier_new(); + link_specifier_set_ls_type(fake_ls, LS_IPV6); + size_t addr_len = link_specifier_getlen_un_ipv6_addr(fake_ls); + const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ipv6_or_ap.addr); + uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(fake_ls); + memcpy(ipv6_array, in6_addr, addr_len); + link_specifier_set_un_ipv6_port(fake_ls, ipv6_or_ap.port); + link_specifier_set_ls_len(fake_ls, addr_len + sizeof(ipv6_or_ap.port)); + smartlist_add(lspecs, fake_ls); + smartlist_add(lspecs_v6, fake_ls); + + /* Legacy ID link specifier */ + fake_ls = link_specifier_new(); + link_specifier_set_ls_type(fake_ls, LS_LEGACY_ID); + uint8_t *legacy_id = link_specifier_getarray_un_legacy_id(fake_ls); + memset(legacy_id, 'A', sizeof(*legacy_id)); + link_specifier_set_ls_len(fake_ls, + link_specifier_getlen_un_legacy_id(fake_ls)); + smartlist_add(lspecs, fake_ls); + smartlist_add(lspecs_legacy_only, fake_ls); + smartlist_add(lspecs_v4, fake_ls); + smartlist_add(lspecs_v6, fake_ls); + + /* Check with bogus requests. */ + tor_addr_port_t null_ap; \ + tor_addr_make_null(&null_ap.addr, AF_UNSPEC); \ + null_ap.port = 0; \ + + /* Check for a null link state. */ + CHECK_CHOSEN_ADDR_NULL_LS(); + CHECK_HS_EXTEND_INFO_ADDR_LS(NULL, 1, null_ap); + + /* Check for a blank link state. */ + CHECK_CHOSEN_ADDR_LS(lspecs_blank, 0, 0, null_ap); + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_blank, 0); + + /* Check for a link state with only a Legacy ID. */ + CHECK_LS_LEGACY_ONLY(lspecs_legacy_only); + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_legacy_only, 0); + smartlist_free(lspecs_legacy_only); + + /* Check with a null onion_key. */ + CHECK_HS_EXTEND_INFO_ADDR_LS_NULL_KEY(lspecs_blank); + smartlist_free(lspecs_blank); + + /* Check with a null onion_key. */ + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_MSG(lspecs_no_legacy, LOG_WARN, + "Missing Legacy ID in link state"); + smartlist_free(lspecs_no_legacy); + + /* Enable both IPv4 and IPv6. */ + memset(&mock_options, 0, sizeof(or_options_t)); + mock_options.ClientUseIPv4 = 1; + mock_options.ClientUseIPv6 = 1; + + /* Prefer IPv4, enable both IPv4 and IPv6. */ + mock_options.ClientPreferIPv6ORPort = 0; + + CHECK_CHOSEN_ADDR_LS(lspecs, 0, 1, ipv4_or_ap); + CHECK_CHOSEN_ADDR_LS(lspecs, 1, 1, ipv4_or_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 1, ipv4_or_ap); + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 0, ipv4_or_ap); + + /* Prefer IPv6, enable both IPv4 and IPv6. */ + mock_options.ClientPreferIPv6ORPort = 1; + + CHECK_CHOSEN_ADDR_LS(lspecs, 0, 1, ipv6_or_ap); + CHECK_CHOSEN_ADDR_LS(lspecs, 1, 1, ipv6_or_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 1, ipv6_or_ap); + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 0, ipv4_or_ap); + + /* IPv4-only. */ + memset(&mock_options, 0, sizeof(or_options_t)); + mock_options.ClientUseIPv4 = 1; + mock_options.ClientUseIPv6 = 0; + + CHECK_CHOSEN_ADDR_LS(lspecs, 0, 1, ipv4_or_ap); + CHECK_CHOSEN_ADDR_LS(lspecs, 1, 1, ipv4_or_ap); + + CHECK_CHOSEN_ADDR_LS(lspecs_v6, 0, 0, null_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 1, ipv4_or_ap); + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 0, ipv4_or_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_v6, 0); + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_v6, 1); + + /* IPv6-only. */ + memset(&mock_options, 0, sizeof(or_options_t)); + mock_options.ClientUseIPv4 = 0; + mock_options.ClientUseIPv6 = 1; + + CHECK_CHOSEN_ADDR_LS(lspecs, 0, 1, ipv6_or_ap); + CHECK_CHOSEN_ADDR_LS(lspecs, 1, 1, ipv6_or_ap); + + CHECK_CHOSEN_ADDR_LS(lspecs_v4, 0, 0, null_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 1, ipv6_or_ap); + CHECK_HS_EXTEND_INFO_ADDR_LS(lspecs, 0, ipv4_or_ap); + + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_v4, 1); + CHECK_HS_EXTEND_INFO_ADDR_LS_EXPECT_NULL(lspecs_v6, 0); + + smartlist_free(lspecs_v4); + smartlist_free(lspecs_v6); + + SMARTLIST_FOREACH(lspecs, link_specifier_t *, lspec, \ + link_specifier_free(lspec)); \ + smartlist_free(lspecs); + done: UNMOCK(get_options); } diff --git a/src/test/test_prob_distr.c b/src/test/test_prob_distr.c new file mode 100644 index 0000000000..541a81df3a --- /dev/null +++ b/src/test/test_prob_distr.c @@ -0,0 +1,1406 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_prob_distr.c + * \brief Test probability distributions. + * \detail + * + * For each probability distribution we do two kinds of tests: + * + * a) We do numerical deterministic testing of their cdf/icdf/sf/isf functions + * and the various relationships between them for each distribution. We also + * do deterministic tests on their sampling functions. Test vectors for + * these tests were computed from alternative implementations and were + * eyeballed to make sure they make sense + * (e.g. src/test/prob_distr_mpfr_ref.c computes logit(p) using GNU mpfr + * with 200-bit precision and is then tested in test_logit_logistic()). + * + * b) We do stochastic hypothesis testing (G-test) to ensure that sampling from + * the given distributions is distributed properly. The stochastic tests are + * slow and their false positive rate is not well suited for CI, so they are + * currently disabled-by-default and put into 'tests-slow'. + */ + +#define PROB_DISTR_PRIVATE + +#include "orconfig.h" + +#include "test/test.h" + +#include "core/or/or.h" + +#include "lib/math/prob_distr.h" +#include "lib/math/fp.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "test/rng_test_helpers.h" + +#include <float.h> +#include <math.h> +#include <stdbool.h> +#include <stddef.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> + +/** + * Return floor(d) converted to size_t, as a workaround for complaints + * under -Wbad-function-cast for (size_t)floor(d). + */ +static size_t +floor_to_size_t(double d) +{ + double integral_d = floor(d); + return (size_t)integral_d; +} + +/** + * Return ceil(d) converted to size_t, as a workaround for complaints + * under -Wbad-function-cast for (size_t)ceil(d). + */ +static size_t +ceil_to_size_t(double d) +{ + double integral_d = ceil(d); + return (size_t)integral_d; +} + +/* + * Geometric(p) distribution, supported on {1, 2, 3, ...}. + * + * Compute the probability mass function Geom(n; p) of the number of + * trials before the first success when success has probability p. + */ +static double +logpmf_geometric(unsigned n, double p) +{ + /* This is actually a check against 1, but we do >= so that the compiler + does not raise a -Wfloat-equal */ + if (p >= 1) { + if (n == 1) + return 0; + else + return -HUGE_VAL; + } + return (n - 1)*log1p(-p) + log(p); +} + +/** + * Compute the logistic function, translated in output by 1/2: + * logistichalf(x) = logistic(x) - 1/2. Well-conditioned on the entire + * real plane, with maximum condition number 1 at 0. + * + * This implementation gives relative error bounded by 5 eps. + */ +static double +logistichalf(double x) +{ + /* + * Rewrite this with the identity + * + * 1/(1 + e^{-x}) - 1/2 + * = (1 - 1/2 - e^{-x}/2)/(1 + e^{-x}) + * = (1/2 - e^{-x}/2)/(1 + e^{-x}) + * = (1 - e^{-x})/[2 (1 + e^{-x})] + * = -(e^{-x} - 1)/[2 (1 + e^{-x})], + * + * which we can evaluate by -expm1(-x)/[2 (1 + exp(-x))]. + * + * Suppose exp has error d0, + has error d1, expm1 has error + * d2, and / has error d3, so we evaluate + * + * -(1 + d2) (1 + d3) (e^{-x} - 1) + * / [2 (1 + d1) (1 + (1 + d0) e^{-x})]. + * + * In the denominator, + * + * 1 + (1 + d0) e^{-x} + * = 1 + e^{-x} + d0 e^{-x} + * = (1 + e^{-x}) (1 + d0 e^{-x}/(1 + e^{-x})), + * + * so the relative error of the numerator is + * + * d' = d2 + d3 + d2 d3, + * and of the denominator, + * d'' = d1 + d0 e^{-x}/(1 + e^{-x}) + d0 d1 e^{-x}/(1 + e^{-x}) + * = d1 + d0 L(-x) + d0 d1 L(-x), + * + * where L(-x) is logistic(-x). By Lemma 1 the relative error + * of the quotient is bounded by + * + * 2|d2 + d3 + d2 d3 - d1 - d0 L(x) + d0 d1 L(x)|, + * + * Since 0 < L(x) < 1, this is bounded by + * + * 2|d2| + 2|d3| + 2|d2 d3| + 2|d1| + 2|d0| + 2|d0 d1| + * <= 4 eps + 2 eps^2. + */ + if (x < log(DBL_EPSILON/8)) { + /* + * Avoid overflow in e^{-x}. When x < log(eps/4), we + * we further have x < logit(eps/4), so that + * logistic(x) < eps/4. Hence the relative error of + * logistic(x) - 1/2 from -1/2 is bounded by eps/2, and + * so the relative error of -1/2 from logistic(x) - 1/2 + * is bounded by eps. + */ + return -0.5; + } else { + return -expm1(-x)/(2*(1 + exp(-x))); + } +} + +/** + * Compute the log of the sum of the exps. Caller should arrange the + * array in descending order to minimize error because I don't want to + * deal with using temporary space and the one caller in this file + * arranges that anyway. + * + * Warning: This implementation does not handle infinite or NaN inputs + * sensibly, because I don't need that here at the moment. (NaN, or + * -inf and +inf together, should yield NaN; +inf and finite should + * yield +inf; otherwise all -inf should be ignored because exp(-inf) = + * 0.) + */ +static double +logsumexp(double *A, size_t n) +{ + double maximum, sum; + size_t i; + + if (n == 0) + return log(0); + + maximum = A[0]; + for (i = 1; i < n; i++) { + if (A[i] > maximum) + maximum = A[i]; + } + + sum = 0; + for (i = n; i --> 0;) + sum += exp(A[i] - maximum); + + return log(sum) + maximum; +} + +/** + * Compute log(1 - e^x). Defined only for negative x so that e^x < 1. + * This is the complement of a probability in log space. + */ +static double +log1mexp(double x) +{ + + /* + * We want to compute log on [0, 1/2) but log1p on [1/2, +inf), + * so partition x at -log(2) = log(1/2). + */ + if (-log(2) < x) + return log(-expm1(x)); + else + return log1p(-exp(x)); +} + +/* + * Tests of numerical errors in computing logit, logistic, and the + * various cdfs, sfs, icdfs, and isfs. + */ + +#define arraycount(A) (sizeof(A)/sizeof(A[0])) + +/** Return relative error between <b>actual</b> and <b>expected</b>. + * Special cases: If <b>expected</b> is zero or infinite, return 1 if + * <b>actual</b> is equal to <b>expected</b> and 0 if not, since the + * usual notion of relative error is undefined but we only use this + * for testing relerr(e, a) <= bound. If either is NaN, return NaN, + * which has the property that NaN <= bound is false no matter what + * bound is. + * + * Beware: if you test !(relerr(e, a) > bound), then then the result + * is true when a is NaN because NaN > bound is false too. See + * CHECK_RELERR for correct use to decide when to report failure. + */ +static double +relerr(double expected, double actual) +{ + /* + * To silence -Wfloat-equal, we have to test for equality using + * inequalities: we have (fabs(expected) <= 0) iff (expected == 0), + * and (actual <= expected && actual >= expected) iff actual == + * expected whether expected is zero or infinite. + */ + if (fabs(expected) <= 0 || tor_isinf(expected)) { + if (actual <= expected && actual >= expected) + return 0; + else + return 1; + } else { + return fabs((expected - actual)/expected); + } +} + +/** Check that relative error of <b>expected</b> and <b>actual</b> is within + * <b>relerr_bound</b>. Caller must arrange to have i and relerr_bound in + * scope. */ +#define CHECK_RELERR(expected, actual) do { \ + double check_expected = (expected); \ + double check_actual = (actual); \ + const char *str_expected = #expected; \ + const char *str_actual = #actual; \ + double check_relerr = relerr(expected, actual); \ + if (!(relerr(check_expected, check_actual) <= relerr_bound)) { \ + log_warn(LD_GENERAL, "%s:%d: case %u: relerr(%s=%.17e, %s=%.17e)" \ + " = %.17e > %.17e\n", \ + __func__, __LINE__, (unsigned) i, \ + str_expected, check_expected, \ + str_actual, check_actual, \ + check_relerr, relerr_bound); \ + ok = false; \ + } \ +} while (0) + +/* Check that a <= b. + * Caller must arrange to have i in scope. */ +#define CHECK_LE(a, b) do { \ + double check_a = (a); \ + double check_b = (b); \ + const char *str_a = #a; \ + const char *str_b = #b; \ + if (!(check_a <= check_b)) { \ + log_warn(LD_GENERAL, "%s:%d: case %u: %s=%.17e > %s=%.17e\n", \ + __func__, __LINE__, (unsigned) i, \ + str_a, check_a, str_b, check_b); \ + ok = false; \ + } \ +} while (0) + +/** + * Test the logit and logistic functions. Confirm that they agree with + * the cdf, sf, icdf, and isf of the standard Logistic distribution. + * Confirm that the sampler for the standard logistic distribution maps + * [0, 1] into the right subinterval for the inverse transform, for + * this implementation. + */ +static void +test_logit_logistic(void *arg) +{ + (void) arg; + + static const struct { + double x; /* x = logit(p) */ + double p; /* p = logistic(x) */ + double phalf; /* p - 1/2 = logistic(x) - 1/2 */ + } cases[] = { + { -HUGE_VAL, 0, -0.5 }, + { -1000, 0, -0.5 }, + { -710, 4.47628622567513e-309, -0.5 }, + { -708, 3.307553003638408e-308, -0.5 }, + { -2, .11920292202211755, -.3807970779778824 }, + { -1.0000001, .2689414017088022, -.23105859829119776 }, + { -1, .2689414213699951, -.23105857863000487 }, + { -0.9999999, .26894144103118883, -.2310585589688111 }, + /* see src/test/prob_distr_mpfr_ref.c for computation */ + { -4.000000000537333e-5, .49999, -1.0000000000010001e-5 }, + { -4.000000000533334e-5, .49999, -.00001 }, + { -4.000000108916878e-9, .499999999, -1.0000000272292198e-9 }, + { -4e-9, .499999999, -1e-9 }, + { -4e-16, .5, -1e-16 }, + { -4e-300, .5, -1e-300 }, + { 0, .5, 0 }, + { 4e-300, .5, 1e-300 }, + { 4e-16, .5, 1e-16 }, + { 3.999999886872274e-9, .500000001, 9.999999717180685e-10 }, + { 4e-9, .500000001, 1e-9 }, + { 4.0000000005333336e-5, .50001, .00001 }, + { 8.000042667076272e-3, .502, .002 }, + { 0.9999999, .7310585589688111, .2310585589688111 }, + { 1, .7310585786300049, .23105857863000487 }, + { 1.0000001, .7310585982911977, .23105859829119774 }, + { 2, .8807970779778823, .3807970779778824 }, + { 708, 1, .5 }, + { 710, 1, .5 }, + { 1000, 1, .5 }, + { HUGE_VAL, 1, .5 }, + }; + double relerr_bound = 3e-15; /* >10eps */ + size_t i; + bool ok = true; + + for (i = 0; i < arraycount(cases); i++) { + double x = cases[i].x; + double p = cases[i].p; + double phalf = cases[i].phalf; + + /* + * cdf is logistic, icdf is logit, and symmetry for + * sf/isf. + */ + CHECK_RELERR(logistic(x), cdf_logistic(x, 0, 1)); + CHECK_RELERR(logistic(-x), sf_logistic(x, 0, 1)); + CHECK_RELERR(logit(p), icdf_logistic(p, 0, 1)); + CHECK_RELERR(-logit(p), isf_logistic(p, 0, 1)); + + CHECK_RELERR(cdf_logistic(x, 0, 1), cdf_logistic(x*2, 0, 2)); + CHECK_RELERR(sf_logistic(x, 0, 1), sf_logistic(x*2, 0, 2)); + CHECK_RELERR(icdf_logistic(p, 0, 1), icdf_logistic(p, 0, 2)/2); + CHECK_RELERR(isf_logistic(p, 0, 1), isf_logistic(p, 0, 2)/2); + + CHECK_RELERR(cdf_logistic(x, 0, 1), cdf_logistic(x/2, 0, .5)); + CHECK_RELERR(sf_logistic(x, 0, 1), sf_logistic(x/2, 0, .5)); + CHECK_RELERR(icdf_logistic(p, 0, 1), icdf_logistic(p, 0,.5)*2); + CHECK_RELERR(isf_logistic(p, 0, 1), isf_logistic(p, 0, .5)*2); + + CHECK_RELERR(cdf_logistic(x, 0, 1), cdf_logistic(x*2 + 1, 1, 2)); + CHECK_RELERR(sf_logistic(x, 0, 1), sf_logistic(x*2 + 1, 1, 2)); + + /* + * For p near 0 and p near 1/2, the arithmetic of + * translating by 1 loses precision. + */ + if (fabs(p) > DBL_EPSILON && fabs(p) < 0.4) { + CHECK_RELERR(icdf_logistic(p, 0, 1), + (icdf_logistic(p, 1, 2) - 1)/2); + CHECK_RELERR(isf_logistic(p, 0, 1), + (isf_logistic(p, 1, 2) - 1)/2); + } + + CHECK_RELERR(p, logistic(x)); + CHECK_RELERR(phalf, logistichalf(x)); + + /* + * On the interior floating-point numbers, either logit or + * logithalf had better give the correct answer. + * + * For probabilities near 0, we can get much finer resolution with + * logit, and for probabilities near 1/2, we can get much finer + * resolution with logithalf by representing them using p - 1/2. + * + * E.g., we can write -.00001 for phalf, and .49999 for p, but the + * difference 1/2 - .00001 gives 1.0000000000010001e-5 in binary64 + * arithmetic. So test logit(.49999) which should give the same + * answer as logithalf(-1.0000000000010001e-5), namely + * -4.000000000537333e-5, and also test logithalf(-.00001) which + * gives -4.000000000533334e-5 instead -- but don't expect + * logit(.49999) to give -4.000000000533334e-5 even though it looks + * like 1/2 - .00001. + * + * A naive implementation of logit will just use log(p/(1 - p)) and + * give the answer -4.000000000551673e-05 for .49999, which is + * wrong in a lot of digits, which happens because log is + * ill-conditioned near 1 and thus amplifies whatever relative + * error we made in computing p/(1 - p). + */ + if ((0 < p && p < 1) || tor_isinf(x)) { + if (phalf >= p - 0.5 && phalf <= p - 0.5) + CHECK_RELERR(x, logit(p)); + if (p >= 0.5 + phalf && p <= 0.5 + phalf) + CHECK_RELERR(x, logithalf(phalf)); + } + + CHECK_RELERR(-phalf, logistichalf(-x)); + if (fabs(phalf) < 0.5 || tor_isinf(x)) + CHECK_RELERR(-x, logithalf(-phalf)); + if (p < 1 || tor_isinf(x)) { + CHECK_RELERR(1 - p, logistic(-x)); + if (p > .75 || tor_isinf(x)) + CHECK_RELERR(-x, logit(1 - p)); + } else { + CHECK_LE(logistic(-x), 1e-300); + } + } + + for (i = 0; i <= 100; i++) { + double p0 = (double)i/100; + + CHECK_RELERR(logit(p0/(1 + M_E)), sample_logistic(0, 0, p0)); + CHECK_RELERR(-logit(p0/(1 + M_E)), sample_logistic(1, 0, p0)); + CHECK_RELERR(logithalf(p0*(0.5 - 1/(1 + M_E))), + sample_logistic(0, 1, p0)); + CHECK_RELERR(-logithalf(p0*(0.5 - 1/(1 + M_E))), + sample_logistic(1, 1, p0)); + } + + if (!ok) + printf("fail logit/logistic / logistic cdf/sf\n"); + + tt_assert(ok); + + done: + ; +} + +/** + * Test the cdf, sf, icdf, and isf of the LogLogistic distribution. + */ +static void +test_log_logistic(void *arg) +{ + (void) arg; + + static const struct { + /* x is a point in the support of the LogLogistic distribution */ + double x; + /* 'p' is the probability that a random variable X for a given LogLogistic + * probability ditribution will take value less-or-equal to x */ + double p; + /* 'np' is the probability that a random variable X for a given LogLogistic + * probability distribution will take value greater-or-equal to x. */ + double np; + } cases[] = { + { 0, 0, 1 }, + { 1e-300, 1e-300, 1 }, + { 1e-17, 1e-17, 1 }, + { 1e-15, 1e-15, .999999999999999 }, + { .1, .09090909090909091, .90909090909090909 }, + { .25, .2, .8 }, + { .5, .33333333333333333, .66666666666666667 }, + { .75, .42857142857142855, .5714285714285714 }, + { .9999, .49997499874993756, .5000250012500626 }, + { .99999999, .49999999749999996, .5000000025 }, + { .999999999999999, .49999999999999994, .5000000000000002 }, + { 1, .5, .5 }, + }; + double relerr_bound = 3e-15; + size_t i; + bool ok = true; + + for (i = 0; i < arraycount(cases); i++) { + double x = cases[i].x; + double p = cases[i].p; + double np = cases[i].np; + + CHECK_RELERR(p, cdf_log_logistic(x, 1, 1)); + CHECK_RELERR(p, cdf_log_logistic(x/2, .5, 1)); + CHECK_RELERR(p, cdf_log_logistic(x*2, 2, 1)); + CHECK_RELERR(p, cdf_log_logistic(sqrt(x), 1, 2)); + CHECK_RELERR(p, cdf_log_logistic(sqrt(x)/2, .5, 2)); + CHECK_RELERR(p, cdf_log_logistic(sqrt(x)*2, 2, 2)); + if (2*sqrt(DBL_MIN) < x) { + CHECK_RELERR(p, cdf_log_logistic(x*x, 1, .5)); + CHECK_RELERR(p, cdf_log_logistic(x*x/2, .5, .5)); + CHECK_RELERR(p, cdf_log_logistic(x*x*2, 2, .5)); + } + + CHECK_RELERR(np, sf_log_logistic(x, 1, 1)); + CHECK_RELERR(np, sf_log_logistic(x/2, .5, 1)); + CHECK_RELERR(np, sf_log_logistic(x*2, 2, 1)); + CHECK_RELERR(np, sf_log_logistic(sqrt(x), 1, 2)); + CHECK_RELERR(np, sf_log_logistic(sqrt(x)/2, .5, 2)); + CHECK_RELERR(np, sf_log_logistic(sqrt(x)*2, 2, 2)); + if (2*sqrt(DBL_MIN) < x) { + CHECK_RELERR(np, sf_log_logistic(x*x, 1, .5)); + CHECK_RELERR(np, sf_log_logistic(x*x/2, .5, .5)); + CHECK_RELERR(np, sf_log_logistic(x*x*2, 2, .5)); + } + + CHECK_RELERR(np, cdf_log_logistic(1/x, 1, 1)); + CHECK_RELERR(np, cdf_log_logistic(1/(2*x), .5, 1)); + CHECK_RELERR(np, cdf_log_logistic(2/x, 2, 1)); + CHECK_RELERR(np, cdf_log_logistic(1/sqrt(x), 1, 2)); + CHECK_RELERR(np, cdf_log_logistic(1/(2*sqrt(x)), .5, 2)); + CHECK_RELERR(np, cdf_log_logistic(2/sqrt(x), 2, 2)); + if (2*sqrt(DBL_MIN) < x && x < 1/(2*sqrt(DBL_MIN))) { + CHECK_RELERR(np, cdf_log_logistic(1/(x*x), 1, .5)); + CHECK_RELERR(np, cdf_log_logistic(1/(2*x*x), .5, .5)); + CHECK_RELERR(np, cdf_log_logistic(2/(x*x), 2, .5)); + } + + CHECK_RELERR(p, sf_log_logistic(1/x, 1, 1)); + CHECK_RELERR(p, sf_log_logistic(1/(2*x), .5, 1)); + CHECK_RELERR(p, sf_log_logistic(2/x, 2, 1)); + CHECK_RELERR(p, sf_log_logistic(1/sqrt(x), 1, 2)); + CHECK_RELERR(p, sf_log_logistic(1/(2*sqrt(x)), .5, 2)); + CHECK_RELERR(p, sf_log_logistic(2/sqrt(x), 2, 2)); + if (2*sqrt(DBL_MIN) < x && x < 1/(2*sqrt(DBL_MIN))) { + CHECK_RELERR(p, sf_log_logistic(1/(x*x), 1, .5)); + CHECK_RELERR(p, sf_log_logistic(1/(2*x*x), .5, .5)); + CHECK_RELERR(p, sf_log_logistic(2/(x*x), 2, .5)); + } + + CHECK_RELERR(x, icdf_log_logistic(p, 1, 1)); + CHECK_RELERR(x/2, icdf_log_logistic(p, .5, 1)); + CHECK_RELERR(x*2, icdf_log_logistic(p, 2, 1)); + CHECK_RELERR(x, icdf_log_logistic(p, 1, 1)); + CHECK_RELERR(sqrt(x)/2, icdf_log_logistic(p, .5, 2)); + CHECK_RELERR(sqrt(x)*2, icdf_log_logistic(p, 2, 2)); + CHECK_RELERR(sqrt(x), icdf_log_logistic(p, 1, 2)); + CHECK_RELERR(x*x/2, icdf_log_logistic(p, .5, .5)); + CHECK_RELERR(x*x*2, icdf_log_logistic(p, 2, .5)); + + if (np < .9) { + CHECK_RELERR(x, isf_log_logistic(np, 1, 1)); + CHECK_RELERR(x/2, isf_log_logistic(np, .5, 1)); + CHECK_RELERR(x*2, isf_log_logistic(np, 2, 1)); + CHECK_RELERR(sqrt(x), isf_log_logistic(np, 1, 2)); + CHECK_RELERR(sqrt(x)/2, isf_log_logistic(np, .5, 2)); + CHECK_RELERR(sqrt(x)*2, isf_log_logistic(np, 2, 2)); + CHECK_RELERR(x*x, isf_log_logistic(np, 1, .5)); + CHECK_RELERR(x*x/2, isf_log_logistic(np, .5, .5)); + CHECK_RELERR(x*x*2, isf_log_logistic(np, 2, .5)); + + CHECK_RELERR(1/x, icdf_log_logistic(np, 1, 1)); + CHECK_RELERR(1/(2*x), icdf_log_logistic(np, .5, 1)); + CHECK_RELERR(2/x, icdf_log_logistic(np, 2, 1)); + CHECK_RELERR(1/sqrt(x), icdf_log_logistic(np, 1, 2)); + CHECK_RELERR(1/(2*sqrt(x)), + icdf_log_logistic(np, .5, 2)); + CHECK_RELERR(2/sqrt(x), icdf_log_logistic(np, 2, 2)); + CHECK_RELERR(1/(x*x), icdf_log_logistic(np, 1, .5)); + CHECK_RELERR(1/(2*x*x), icdf_log_logistic(np, .5, .5)); + CHECK_RELERR(2/(x*x), icdf_log_logistic(np, 2, .5)); + } + + CHECK_RELERR(1/x, isf_log_logistic(p, 1, 1)); + CHECK_RELERR(1/(2*x), isf_log_logistic(p, .5, 1)); + CHECK_RELERR(2/x, isf_log_logistic(p, 2, 1)); + CHECK_RELERR(1/sqrt(x), isf_log_logistic(p, 1, 2)); + CHECK_RELERR(1/(2*sqrt(x)), isf_log_logistic(p, .5, 2)); + CHECK_RELERR(2/sqrt(x), isf_log_logistic(p, 2, 2)); + CHECK_RELERR(1/(x*x), isf_log_logistic(p, 1, .5)); + CHECK_RELERR(1/(2*x*x), isf_log_logistic(p, .5, .5)); + CHECK_RELERR(2/(x*x), isf_log_logistic(p, 2, .5)); + } + + for (i = 0; i <= 100; i++) { + double p0 = (double)i/100; + + CHECK_RELERR(0.5*p0/(1 - 0.5*p0), sample_log_logistic(0, p0)); + CHECK_RELERR((1 - 0.5*p0)/(0.5*p0), + sample_log_logistic(1, p0)); + } + + if (!ok) + printf("fail log logistic cdf/sf\n"); + + tt_assert(ok); + + done: + ; +} + +/** + * Test the cdf, sf, icdf, isf of the Weibull distribution. + */ +static void +test_weibull(void *arg) +{ + (void) arg; + + static const struct { + /* x is a point in the support of the Weibull distribution */ + double x; + /* 'p' is the probability that a random variable X for a given Weibull + * probability ditribution will take value less-or-equal to x */ + double p; + /* 'np' is the probability that a random variable X for a given Weibull + * probability distribution will take value greater-or-equal to x. */ + double np; + } cases[] = { + { 0, 0, 1 }, + { 1e-300, 1e-300, 1 }, + { 1e-17, 1e-17, 1 }, + { .1, .09516258196404043, .9048374180359595 }, + { .5, .3934693402873666, .6065306597126334 }, + { .6931471805599453, .5, .5 }, + { 1, .6321205588285577, .36787944117144233 }, + { 10, .9999546000702375, 4.5399929762484854e-5 }, + { 36, .9999999999999998, 2.319522830243569e-16 }, + { 37, .9999999999999999, 8.533047625744066e-17 }, + { 38, 1, 3.1391327920480296e-17 }, + { 100, 1, 3.720075976020836e-44 }, + { 708, 1, 3.307553003638408e-308 }, + { 710, 1, 4.47628622567513e-309 }, + { 1000, 1, 0 }, + { HUGE_VAL, 1, 0 }, + }; + double relerr_bound = 3e-15; + size_t i; + bool ok = true; + + for (i = 0; i < arraycount(cases); i++) { + double x = cases[i].x; + double p = cases[i].p; + double np = cases[i].np; + + CHECK_RELERR(p, cdf_weibull(x, 1, 1)); + CHECK_RELERR(p, cdf_weibull(x/2, .5, 1)); + CHECK_RELERR(p, cdf_weibull(x*2, 2, 1)); + /* For 0 < x < sqrt(DBL_MIN), x^2 loses lots of bits. */ + if (x <= 0 || + sqrt(DBL_MIN) <= x) { + CHECK_RELERR(p, cdf_weibull(x*x, 1, .5)); + CHECK_RELERR(p, cdf_weibull(x*x/2, .5, .5)); + CHECK_RELERR(p, cdf_weibull(x*x*2, 2, .5)); + } + CHECK_RELERR(p, cdf_weibull(sqrt(x), 1, 2)); + CHECK_RELERR(p, cdf_weibull(sqrt(x)/2, .5, 2)); + CHECK_RELERR(p, cdf_weibull(sqrt(x)*2, 2, 2)); + CHECK_RELERR(np, sf_weibull(x, 1, 1)); + CHECK_RELERR(np, sf_weibull(x/2, .5, 1)); + CHECK_RELERR(np, sf_weibull(x*2, 2, 1)); + CHECK_RELERR(np, sf_weibull(x*x, 1, .5)); + CHECK_RELERR(np, sf_weibull(x*x/2, .5, .5)); + CHECK_RELERR(np, sf_weibull(x*x*2, 2, .5)); + if (x >= 10) { + /* + * exp amplifies the error of sqrt(x)^2 + * proportionally to exp(x); for large inputs + * this is significant. + */ + double t = -expm1(-x*(2*DBL_EPSILON + DBL_EPSILON)); + relerr_bound = t + DBL_EPSILON + t*DBL_EPSILON; + if (relerr_bound < 3e-15) + /* + * The tests are written only to 16 + * decimal places anyway even if your + * `double' is, say, i387 binary80, for + * whatever reason. + */ + relerr_bound = 3e-15; + CHECK_RELERR(np, sf_weibull(sqrt(x), 1, 2)); + CHECK_RELERR(np, sf_weibull(sqrt(x)/2, .5, 2)); + CHECK_RELERR(np, sf_weibull(sqrt(x)*2, 2, 2)); + } + + if (p <= 0.75) { + /* + * For p near 1, not enough precision near 1 to + * recover x. + */ + CHECK_RELERR(x, icdf_weibull(p, 1, 1)); + CHECK_RELERR(x/2, icdf_weibull(p, .5, 1)); + CHECK_RELERR(x*2, icdf_weibull(p, 2, 1)); + } + if (p >= 0.25 && !tor_isinf(x) && np > 0) { + /* + * For p near 0, not enough precision in np + * near 1 to recover x. For 0, isf gives inf, + * even if p is precise enough for the icdf to + * work. + */ + CHECK_RELERR(x, isf_weibull(np, 1, 1)); + CHECK_RELERR(x/2, isf_weibull(np, .5, 1)); + CHECK_RELERR(x*2, isf_weibull(np, 2, 1)); + } + } + + for (i = 0; i <= 100; i++) { + double p0 = (double)i/100; + + CHECK_RELERR(3*sqrt(-log(p0/2)), sample_weibull(0, p0, 3, 2)); + CHECK_RELERR(3*sqrt(-log1p(-p0/2)), + sample_weibull(1, p0, 3, 2)); + } + + if (!ok) + printf("fail Weibull cdf/sf\n"); + + tt_assert(ok); + + done: + ; +} + +/** + * Test the cdf, sf, icdf, and isf of the generalized Pareto + * distribution. + */ +static void +test_genpareto(void *arg) +{ + (void) arg; + + struct { + /* xi is the 'xi' parameter of the generalized Pareto distribution, and the + * rest are the same as in the above tests */ + double xi, x, p, np; + } cases[] = { + { 0, 0, 0, 1 }, + { 1e-300, .004, 3.992010656008528e-3, .9960079893439915 }, + { 1e-300, .1, .09516258196404043, .9048374180359595 }, + { 1e-300, 1, .6321205588285577, .36787944117144233 }, + { 1e-300, 10, .9999546000702375, 4.5399929762484854e-5 }, + { 1e-200, 1e-16, 9.999999999999999e-17, .9999999999999999 }, + { 1e-16, 1e-200, 9.999999999999998e-201, 1 }, + { 1e-16, 1e-16, 1e-16, 1 }, + { 1e-16, .004, 3.992010656008528e-3, .9960079893439915 }, + { 1e-16, .1, .09516258196404043, .9048374180359595 }, + { 1e-16, 1, .6321205588285577, .36787944117144233 }, + { 1e-16, 10, .9999546000702375, 4.539992976248509e-5 }, + { 1e-10, 1e-6, 9.999995000001667e-7, .9999990000005 }, + { 1e-8, 1e-8, 9.999999950000001e-9, .9999999900000001 }, + { 1, 1e-300, 1e-300, 1 }, + { 1, 1e-16, 1e-16, .9999999999999999 }, + { 1, .1, .09090909090909091, .9090909090909091 }, + { 1, 1, .5, .5 }, + { 1, 10, .9090909090909091, .0909090909090909 }, + { 1, 100, .9900990099009901, .0099009900990099 }, + { 1, 1000, .999000999000999, 9.990009990009992e-4 }, + { 10, 1e-300, 1e-300, 1 }, + { 10, 1e-16, 9.999999999999995e-17, .9999999999999999 }, + { 10, .1, .06696700846319258, .9330329915368074 }, + { 10, 1, .21320655780322778, .7867934421967723 }, + { 10, 10, .3696701667040189, .6303298332959811 }, + { 10, 100, .49886285755007337, .5011371424499267 }, + { 10, 1000, .6018968102992647, .3981031897007353 }, + }; + double xi_array[] = { -1.5, -1, -1e-30, 0, 1e-30, 1, 1.5 }; + size_t i, j; + double relerr_bound = 3e-15; + bool ok = true; + + for (i = 0; i < arraycount(cases); i++) { + double xi = cases[i].xi; + double x = cases[i].x; + double p = cases[i].p; + double np = cases[i].np; + + CHECK_RELERR(p, cdf_genpareto(x, 0, 1, xi)); + CHECK_RELERR(p, cdf_genpareto(x*2, 0, 2, xi)); + CHECK_RELERR(p, cdf_genpareto(x/2, 0, .5, xi)); + CHECK_RELERR(np, sf_genpareto(x, 0, 1, xi)); + CHECK_RELERR(np, sf_genpareto(x*2, 0, 2, xi)); + CHECK_RELERR(np, sf_genpareto(x/2, 0, .5, xi)); + + if (p < .5) { + CHECK_RELERR(x, icdf_genpareto(p, 0, 1, xi)); + CHECK_RELERR(x*2, icdf_genpareto(p, 0, 2, xi)); + CHECK_RELERR(x/2, icdf_genpareto(p, 0, .5, xi)); + } + if (np < .5) { + CHECK_RELERR(x, isf_genpareto(np, 0, 1, xi)); + CHECK_RELERR(x*2, isf_genpareto(np, 0, 2, xi)); + CHECK_RELERR(x/2, isf_genpareto(np, 0, .5, xi)); + } + } + + for (i = 0; i < arraycount(xi_array); i++) { + for (j = 0; j <= 100; j++) { + double p0 = (j == 0 ? 2*DBL_MIN : (double)j/100); + + /* This is actually a check against 0, but we do <= so that the compiler + does not raise a -Wfloat-equal */ + if (fabs(xi_array[i]) <= 0) { + /* + * When xi == 0, the generalized Pareto + * distribution reduces to an + * exponential distribution. + */ + CHECK_RELERR(-log(p0/2), + sample_genpareto(0, p0, 0)); + CHECK_RELERR(-log1p(-p0/2), + sample_genpareto(1, p0, 0)); + } else { + CHECK_RELERR(expm1(-xi_array[i]*log(p0/2))/xi_array[i], + sample_genpareto(0, p0, xi_array[i])); + CHECK_RELERR((j == 0 ? DBL_MIN : + expm1(-xi_array[i]*log1p(-p0/2))/xi_array[i]), + sample_genpareto(1, p0, xi_array[i])); + } + + CHECK_RELERR(isf_genpareto(p0/2, 0, 1, xi_array[i]), + sample_genpareto(0, p0, xi_array[i])); + CHECK_RELERR(icdf_genpareto(p0/2, 0, 1, xi_array[i]), + sample_genpareto(1, p0, xi_array[i])); + } + } + + tt_assert(ok); + + done: + ; +} + +/** + * Test the deterministic sampler for uniform distribution on [a, b]. + * + * This currently only tests whether the outcome lies within [a, b]. + */ +static void +test_uniform_interval(void *arg) +{ + (void) arg; + struct { + /* Sample from a uniform distribution with parameters 'a' and 'b', using + * 't' as the sampling index. */ + double t, a, b; + } cases[] = { + { 0, 0, 0 }, + { 0, 0, 1 }, + { 0, 1.0000000000000007, 3.999999999999995 }, + { 0, 4000, 4000 }, + { 0.42475836677491291, 4000, 4000 }, + { 0, -DBL_MAX, DBL_MAX }, + { 0.25, -DBL_MAX, DBL_MAX }, + { 0.5, -DBL_MAX, DBL_MAX }, + }; + size_t i = 0; + bool ok = true; + + for (i = 0; i < arraycount(cases); i++) { + double t = cases[i].t; + double a = cases[i].a; + double b = cases[i].b; + + CHECK_LE(a, sample_uniform_interval(t, a, b)); + CHECK_LE(sample_uniform_interval(t, a, b), b); + + CHECK_LE(a, sample_uniform_interval(1 - t, a, b)); + CHECK_LE(sample_uniform_interval(1 - t, a, b), b); + + CHECK_LE(sample_uniform_interval(t, -b, -a), -a); + CHECK_LE(-b, sample_uniform_interval(t, -b, -a)); + + CHECK_LE(sample_uniform_interval(1 - t, -b, -a), -a); + CHECK_LE(-b, sample_uniform_interval(1 - t, -b, -a)); + } + + tt_assert(ok); + + done: + ; +} + +/********************** Stochastic tests ****************************/ + +/* + * Psi test, sometimes also called G-test. The psi test statistic, + * suitably scaled, has chi^2 distribution, but the psi test tends to + * have better statistical power in practice to detect deviations than + * the chi^2 test does. (The chi^2 test statistic is the first term of + * the Taylor expansion of the psi test statistic.) The psi test is + * generic, for any CDF; particular distributions might have higher- + * power tests to distinguish them from predictable deviations or bugs. + * + * We choose the psi critical value so that a single psi test has + * probability below alpha = 1% of spuriously failing even if all the + * code is correct. But the false positive rate for a suite of n tests + * is higher: 1 - Binom(0; n, alpha) = 1 - (1 - alpha)^n. For n = 10, + * this is about 10%, and for n = 100 it is well over 50%. + * + * Given that these tests will run with every CI job, we want to drive down the + * false positive rate. We can drive it down by running each test four times, + * and accepting it if it passes at least once; in that case, it is as if we + * used Binom(4; 2, alpha) = alpha^4 as the false positive rate for each test, + * and for n = 10 tests, it would be 9.99999959506e-08. If each CI build has 14 + * jobs, then the chance of a CI build failing is 1.39999903326e-06, which + * means that a CI build will break with probability 50% after about 495106 + * builds. + * + * The critical value for a chi^2 distribution with 100 degrees of + * freedom and false positive rate alpha = 1% was taken from: + * + * NIST/SEMATECH e-Handbook of Statistical Methods, Section + * 1.3.6.7.4 `Critical Values of the Chi-Square Distribution', + * <https://www.itl.nist.gov/div898/handbook/eda/section3/eda3674.htm>, + * retrieved 2018-10-28. + */ + +static const size_t NSAMPLES = 100000; +/* Number of chances we give to the test to succeed. */ +static const unsigned NTRIALS = 4; +/* Number of times we want the test to pass per NTRIALS. */ +static const unsigned NPASSES_MIN = 1; + +#define PSI_DF 100 /* degrees of freedom */ +static const double PSI_CRITICAL = 135.807; /* critical value, alpha = .01 */ + +/** + * Perform a psi test on an array of sample counts, C, adding up to N + * samples, and an array of log expected probabilities, logP, + * representing the null hypothesis for the distribution of samples + * counted. Return false if the psi test rejects the null hypothesis, + * true if otherwise. + */ +static bool +psi_test(const size_t C[PSI_DF], const double logP[PSI_DF], size_t N) +{ + double psi = 0; + double c = 0; /* Kahan compensation */ + double t, u; + size_t i; + + for (i = 0; i < PSI_DF; i++) { + /* + * c*log(c/(n*p)) = (1/n) * f*log(f/p) where f = c/n is + * the frequency, and f*log(f/p) ---> 0 as f ---> 0, so + * this is a reasonable choice. Further, any mass that + * _fails_ to turn up in this bin will inflate another + * bin instead, so we don't really lose anything by + * ignoring empty bins even if they have high + * probability. + */ + if (C[i] == 0) + continue; + t = C[i]*(log((double)C[i]/N) - logP[i]) - c; + u = psi + t; + c = (u - psi) - t; + psi = u; + } + psi *= 2; + + return psi <= PSI_CRITICAL; +} + +static bool +test_stochastic_geometric_impl(double p) +{ + const struct geometric_t geometric = { + .base = GEOMETRIC(geometric), + .p = p, + }; + double logP[PSI_DF] = {0}; + unsigned ntry = NTRIALS, npass = 0; + unsigned i; + size_t j; + + /* Compute logP[i] = Geom(i + 1; p). */ + for (i = 0; i < PSI_DF - 1; i++) + logP[i] = logpmf_geometric(i + 1, p); + + /* Compute logP[n-1] = log (1 - (P[0] + P[1] + ... + P[n-2])). */ + logP[PSI_DF - 1] = log1mexp(logsumexp(logP, PSI_DF - 1)); + + while (ntry --> 0) { + size_t C[PSI_DF] = {0}; + + for (j = 0; j < NSAMPLES; j++) { + double n_tmp = dist_sample(&geometric.base); + + /* Must be an integer. (XXX -Wfloat-equal) */ + tor_assert(ceil(n_tmp) <= n_tmp && ceil(n_tmp) >= n_tmp); + + /* Must be a positive integer. */ + tor_assert(n_tmp >= 1); + + /* Probability of getting a value in the billions is negligible. */ + tor_assert(n_tmp <= (double)UINT_MAX); + + unsigned n = (unsigned) n_tmp; + + if (n > PSI_DF) + n = PSI_DF; + C[n - 1]++; + } + + if (psi_test(C, logP, NSAMPLES)) { + if (++npass >= NPASSES_MIN) + break; + } + } + + if (npass >= NPASSES_MIN) { + /* printf("pass %s sampler\n", "geometric"); */ + return true; + } else { + printf("fail %s sampler\n", "geometric"); + return false; + } +} + +/** + * Divide the support of <b>dist</b> into histogram bins in <b>logP</b>. Start + * at the 1st percentile and ending at the 99th percentile. Pick the bin + * boundaries using linear interpolation so that they are uniformly spaced. + * + * In each bin logP[i] we insert the expected log-probability that a sampled + * value will fall into that bin. We will use this as the null hypothesis of + * the psi test. + * + * Set logP[i] = log(CDF(x_i) - CDF(x_{i-1})), where x_-1 = -inf, x_n = + * +inf, and x_i = i*(hi - lo)/(n - 2). + */ +static void +bin_cdfs(const struct dist_t *dist, double lo, double hi, double *logP, + size_t n) +{ +#define CDF(x) dist_cdf(dist, x) +#define SF(x) dist_sf(dist, x) + const double w = (hi - lo)/(n - 2); + double halfway = dist_icdf(dist, 0.5); + double x_0, x_1; + size_t i; + size_t n2 = ceil_to_size_t((halfway - lo)/w); + + tor_assert(lo <= halfway); + tor_assert(halfway <= hi); + tor_assert(n2 <= n); + + x_1 = lo; + logP[0] = log(CDF(x_1) - 0); /* 0 = CDF(-inf) */ + for (i = 1; i < n2; i++) { + x_0 = x_1; + /* do the linear interpolation */ + x_1 = (i <= n/2 ? lo + i*w : hi - (n - 2 - i)*w); + /* set the expected log-probability */ + logP[i] = log(CDF(x_1) - CDF(x_0)); + } + x_0 = hi; + logP[n - 1] = log(SF(x_0) - 0); /* 0 = SF(+inf) = 1 - CDF(+inf) */ + + /* In this loop we are filling out the high part of the array. We are using + * SF because in these cases the CDF is near 1 where precision is lower. So + * instead we are using SF near 0 where the precision is higher. We have + * SF(t) = 1 - CDF(t). */ + for (i = 1; i < n - n2; i++) { + x_1 = x_0; + /* do the linear interpolation */ + x_0 = (i <= n/2 ? hi - i*w : lo + (n - 2 - i)*w); + /* set the expected log-probability */ + logP[n - i - 1] = log(SF(x_0) - SF(x_1)); + } +#undef SF +#undef CDF +} + +/** + * Draw NSAMPLES samples from dist, counting the number of samples x in + * the ith bin C[i] if x_{i-1} <= x < x_i, where x_-1 = -inf, x_n = + * +inf, and x_i = i*(hi - lo)/(n - 2). + */ +static void +bin_samples(const struct dist_t *dist, double lo, double hi, size_t *C, + size_t n) +{ + const double w = (hi - lo)/(n - 2); + size_t i; + + for (i = 0; i < NSAMPLES; i++) { + double x = dist_sample(dist); + size_t bin; + + if (x < lo) + bin = 0; + else if (x < hi) + bin = 1 + floor_to_size_t((x - lo)/w); + else + bin = n - 1; + tor_assert(bin < n); + C[bin]++; + } +} + +/** + * Carry out a Psi test on <b>dist</b>. + * + * Sample NSAMPLES from dist, putting them in bins from -inf to lo to + * hi to +inf, and apply up to two psi tests. True if at least one psi + * test passes; false if not. False positive rate should be bounded by + * 0.01^2 = 0.0001. + */ +static bool +test_psi_dist_sample(const struct dist_t *dist) +{ + double logP[PSI_DF] = {0}; + unsigned ntry = NTRIALS, npass = 0; + double lo = dist_icdf(dist, 1/(double)(PSI_DF + 2)); + double hi = dist_isf(dist, 1/(double)(PSI_DF + 2)); + + /* Create the null hypothesis in logP */ + bin_cdfs(dist, lo, hi, logP, PSI_DF); + + /* Now run the test */ + while (ntry --> 0) { + size_t C[PSI_DF] = {0}; + bin_samples(dist, lo, hi, C, PSI_DF); + if (psi_test(C, logP, NSAMPLES)) { + if (++npass >= NPASSES_MIN) + break; + } + } + + /* Did we fail or succeed? */ + if (npass >= NPASSES_MIN) { + /* printf("pass %s sampler\n", dist_name(dist));*/ + return true; + } else { + printf("fail %s sampler\n", dist_name(dist)); + return false; + } +} + +static void +write_stochastic_warning(void) +{ + if (tinytest_cur_test_has_failed()) { + printf("\n" + "NOTE: This is a stochastic test, and we expect it to fail from\n" + "time to time, with some low probability. If you see it fail more\n" + "than one trial in 100, though, please tell us.\n\n"); + } +} + +static void +test_stochastic_uniform(void *arg) +{ + (void) arg; + + const struct uniform_t uniform01 = { + .base = UNIFORM(uniform01), + .a = 0, + .b = 1, + }; + const struct uniform_t uniform_pos = { + .base = UNIFORM(uniform_pos), + .a = 1.23, + .b = 4.56, + }; + const struct uniform_t uniform_neg = { + .base = UNIFORM(uniform_neg), + .a = -10, + .b = -1, + }; + const struct uniform_t uniform_cross = { + .base = UNIFORM(uniform_cross), + .a = -1.23, + .b = 4.56, + }; + const struct uniform_t uniform_subnormal = { + .base = UNIFORM(uniform_subnormal), + .a = 4e-324, + .b = 4e-310, + }; + const struct uniform_t uniform_subnormal_cross = { + .base = UNIFORM(uniform_subnormal_cross), + .a = -4e-324, + .b = 4e-310, + }; + bool ok = true, tests_failed = true; + + testing_enable_reproducible_rng(); + + ok &= test_psi_dist_sample(&uniform01.base); + ok &= test_psi_dist_sample(&uniform_pos.base); + ok &= test_psi_dist_sample(&uniform_neg.base); + ok &= test_psi_dist_sample(&uniform_cross.base); + ok &= test_psi_dist_sample(&uniform_subnormal.base); + ok &= test_psi_dist_sample(&uniform_subnormal_cross.base); + + tt_assert(ok); + + tests_failed = false; + + done: + if (tests_failed) { + write_stochastic_warning(); + } + testing_disable_reproducible_rng(); +} + +static bool +test_stochastic_logistic_impl(double mu, double sigma) +{ + const struct logistic_t dist = { + .base = LOGISTIC(dist), + .mu = mu, + .sigma = sigma, + }; + + /* XXX Consider some fancier logistic test. */ + return test_psi_dist_sample(&dist.base); +} + +static bool +test_stochastic_log_logistic_impl(double alpha, double beta) +{ + const struct log_logistic_t dist = { + .base = LOG_LOGISTIC(dist), + .alpha = alpha, + .beta = beta, + }; + + /* XXX Consider some fancier log logistic test. */ + return test_psi_dist_sample(&dist.base); +} + +static bool +test_stochastic_weibull_impl(double lambda, double k) +{ + const struct weibull_t dist = { + .base = WEIBULL(dist), + .lambda = lambda, + .k = k, + }; + +// clang-format off +/* + * XXX Consider applying a Tiku-Singh test: + * + * M.L. Tiku and M. Singh, `Testing the two-parameter + * Weibull distribution', Communications in Statistics -- + * Theory and Methods A10(9), 1981, 907--918. +https://www.tandfonline.com/doi/pdf/10.1080/03610928108828082?needAccess=true + */ +// clang-format on + return test_psi_dist_sample(&dist.base); +} + +static bool +test_stochastic_genpareto_impl(double mu, double sigma, double xi) +{ + const struct genpareto_t dist = { + .base = GENPARETO(dist), + .mu = mu, + .sigma = sigma, + .xi = xi, + }; + + /* XXX Consider some fancier GPD test. */ + return test_psi_dist_sample(&dist.base); +} + +static void +test_stochastic_genpareto(void *arg) +{ + bool ok = 0; + bool tests_failed = true; + (void) arg; + + testing_enable_reproducible_rng(); + + ok = test_stochastic_genpareto_impl(0, 1, -0.25); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(0, 1, -1e-30); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(0, 1, 0); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(0, 1, 1e-30); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(0, 1, 0.25); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(-1, 1, -0.25); + tt_assert(ok); + ok = test_stochastic_genpareto_impl(1, 2, 0.25); + tt_assert(ok); + + tests_failed = false; + + done: + if (tests_failed) { + write_stochastic_warning(); + } + testing_disable_reproducible_rng(); +} + +static void +test_stochastic_geometric(void *arg) +{ + bool ok = 0; + bool tests_failed = true; + + (void) arg; + + testing_enable_reproducible_rng(); + + ok = test_stochastic_geometric_impl(0.1); + tt_assert(ok); + ok = test_stochastic_geometric_impl(0.5); + tt_assert(ok); + ok = test_stochastic_geometric_impl(0.9); + tt_assert(ok); + ok = test_stochastic_geometric_impl(1); + tt_assert(ok); + + tests_failed = false; + + done: + if (tests_failed) { + write_stochastic_warning(); + } + testing_disable_reproducible_rng(); +} + +static void +test_stochastic_logistic(void *arg) +{ + bool ok = 0; + bool tests_failed = true; + (void) arg; + + testing_enable_reproducible_rng(); + + ok = test_stochastic_logistic_impl(0, 1); + tt_assert(ok); + ok = test_stochastic_logistic_impl(0, 1e-16); + tt_assert(ok); + ok = test_stochastic_logistic_impl(1, 10); + tt_assert(ok); + ok = test_stochastic_logistic_impl(-10, 100); + tt_assert(ok); + + tests_failed = false; + + done: + if (tests_failed) { + write_stochastic_warning(); + } + testing_disable_reproducible_rng(); +} + +static void +test_stochastic_log_logistic(void *arg) +{ + bool ok = 0; + (void) arg; + + testing_enable_reproducible_rng(); + + ok = test_stochastic_log_logistic_impl(1, 1); + tt_assert(ok); + ok = test_stochastic_log_logistic_impl(1, 10); + tt_assert(ok); + ok = test_stochastic_log_logistic_impl(M_E, 1e-1); + tt_assert(ok); + ok = test_stochastic_log_logistic_impl(exp(-10), 1e-2); + tt_assert(ok); + + done: + write_stochastic_warning(); + testing_disable_reproducible_rng(); +} + +static void +test_stochastic_weibull(void *arg) +{ + bool ok = 0; + (void) arg; + + testing_enable_reproducible_rng(); + + ok = test_stochastic_weibull_impl(1, 0.5); + tt_assert(ok); + ok = test_stochastic_weibull_impl(1, 1); + tt_assert(ok); + ok = test_stochastic_weibull_impl(1, 1.5); + tt_assert(ok); + ok = test_stochastic_weibull_impl(1, 2); + tt_assert(ok); + ok = test_stochastic_weibull_impl(10, 1); + tt_assert(ok); + + done: + write_stochastic_warning(); + testing_disable_reproducible_rng(); + UNMOCK(crypto_rand); +} + +struct testcase_t prob_distr_tests[] = { + { "logit_logistics", test_logit_logistic, TT_FORK, NULL, NULL }, + { "log_logistic", test_log_logistic, TT_FORK, NULL, NULL }, + { "weibull", test_weibull, TT_FORK, NULL, NULL }, + { "genpareto", test_genpareto, TT_FORK, NULL, NULL }, + { "uniform_interval", test_uniform_interval, TT_FORK, NULL, NULL }, + END_OF_TESTCASES +}; + +struct testcase_t slow_stochastic_prob_distr_tests[] = { + { "stochastic_genpareto", test_stochastic_genpareto, TT_FORK, NULL, NULL }, + { "stochastic_geometric", test_stochastic_geometric, TT_FORK, NULL, NULL }, + { "stochastic_uniform", test_stochastic_uniform, TT_FORK, NULL, NULL }, + { "stochastic_logistic", test_stochastic_logistic, TT_FORK, NULL, NULL }, + { "stochastic_log_logistic", test_stochastic_log_logistic, TT_FORK, NULL, + NULL }, + { "stochastic_weibull", test_stochastic_weibull, TT_FORK, NULL, NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_process.c b/src/test/test_process.c new file mode 100644 index 0000000000..c1da6db278 --- /dev/null +++ b/src/test/test_process.c @@ -0,0 +1,669 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_process.c + * \brief Test cases for the Process API. + */ + +#include "orconfig.h" +#include "core/or/or.h" +#include "test/test.h" +#include "lib/process/env.h" + +#define PROCESS_PRIVATE +#include "lib/process/process.h" +#define PROCESS_UNIX_PRIVATE +#include "lib/process/process_unix.h" +#define PROCESS_WIN32_PRIVATE +#include "lib/process/process_win32.h" + +static const char *stdout_read_buffer; +static const char *stderr_read_buffer; + +struct process_data_t { + smartlist_t *stdout_data; + smartlist_t *stderr_data; + smartlist_t *stdin_data; + process_exit_code_t exit_code; +}; + +typedef struct process_data_t process_data_t; + +static process_data_t * +process_data_new(void) +{ + process_data_t *process_data = tor_malloc_zero(sizeof(process_data_t)); + process_data->stdout_data = smartlist_new(); + process_data->stderr_data = smartlist_new(); + process_data->stdin_data = smartlist_new(); + return process_data; +} + +static void +process_data_free(process_data_t *process_data) +{ + if (process_data == NULL) + return; + + SMARTLIST_FOREACH(process_data->stdout_data, char *, x, tor_free(x)); + SMARTLIST_FOREACH(process_data->stderr_data, char *, x, tor_free(x)); + SMARTLIST_FOREACH(process_data->stdin_data, char *, x, tor_free(x)); + + smartlist_free(process_data->stdout_data); + smartlist_free(process_data->stderr_data); + smartlist_free(process_data->stdin_data); + tor_free(process_data); +} + +static int +process_mocked_read_stdout(process_t *process, buf_t *buffer) +{ + (void)process; + + if (stdout_read_buffer != NULL) { + buf_add_string(buffer, stdout_read_buffer); + stdout_read_buffer = NULL; + } + + return (int)buf_datalen(buffer); +} + +static int +process_mocked_read_stderr(process_t *process, buf_t *buffer) +{ + (void)process; + + if (stderr_read_buffer != NULL) { + buf_add_string(buffer, stderr_read_buffer); + stderr_read_buffer = NULL; + } + + return (int)buf_datalen(buffer); +} + +static void +process_mocked_write_stdin(process_t *process, buf_t *buffer) +{ + const size_t size = buf_datalen(buffer); + + if (size == 0) + return; + + char *data = tor_malloc_zero(size + 1); + process_data_t *process_data = process_get_data(process); + + buf_get_bytes(buffer, data, size); + smartlist_add(process_data->stdin_data, data); +} + +static void +process_stdout_callback(process_t *process, const char *data, size_t size) +{ + tt_ptr_op(process, OP_NE, NULL); + tt_ptr_op(data, OP_NE, NULL); + tt_int_op(strlen(data), OP_EQ, size); + + process_data_t *process_data = process_get_data(process); + smartlist_add(process_data->stdout_data, tor_strdup(data)); + + done: + return; +} + +static void +process_stderr_callback(process_t *process, const char *data, size_t size) +{ + tt_ptr_op(process, OP_NE, NULL); + tt_ptr_op(data, OP_NE, NULL); + tt_int_op(strlen(data), OP_EQ, size); + + process_data_t *process_data = process_get_data(process); + smartlist_add(process_data->stderr_data, tor_strdup(data)); + + done: + return; +} + +static bool +process_exit_callback(process_t *process, process_exit_code_t exit_code) +{ + tt_ptr_op(process, OP_NE, NULL); + + process_data_t *process_data = process_get_data(process); + process_data->exit_code = exit_code; + + done: + /* Do not free up our process_t. */ + return false; +} + +static void +test_default_values(void *arg) +{ + (void)arg; + process_t *process = process_new("/path/to/nothing"); + + /* We are not running by default. */ + tt_int_op(PROCESS_STATUS_NOT_RUNNING, OP_EQ, process_get_status(process)); + + /* We use the line protocol by default. */ + tt_int_op(PROCESS_PROTOCOL_LINE, OP_EQ, process_get_protocol(process)); + + /* We don't set any custom data by default. */ + tt_ptr_op(NULL, OP_EQ, process_get_data(process)); + + /* Our command was given to the process_t's constructor in process_new(). */ + tt_str_op("/path/to/nothing", OP_EQ, process_get_command(process)); + + /* Make sure we are listed in the list of proccesses. */ + tt_assert(smartlist_contains(process_get_all_processes(), + process)); + + /* Default PID is 0. */ + tt_u64_op(0, OP_EQ, process_get_pid(process)); + + /* Our arguments should be empty. */ + tt_int_op(0, OP_EQ, + smartlist_len(process_get_arguments(process))); + + done: + process_free(process); +} + +static void +test_environment(void *arg) +{ + (void)arg; + + process_t *process = process_new(""); + process_environment_t *env = NULL; + + process_set_environment(process, "E", "F"); + process_set_environment(process, "C", "D"); + process_set_environment(process, "A", "B"); + + env = process_get_environment(process); + tt_mem_op(env->windows_environment_block, OP_EQ, + "A=B\0C=D\0E=F\0", 12); + tt_str_op(env->unixoid_environment_block[0], OP_EQ, + "A=B"); + tt_str_op(env->unixoid_environment_block[1], OP_EQ, + "C=D"); + tt_str_op(env->unixoid_environment_block[2], OP_EQ, + "E=F"); + tt_ptr_op(env->unixoid_environment_block[3], OP_EQ, + NULL); + process_environment_free(env); + + /* Reset our environment. */ + smartlist_t *new_env = smartlist_new(); + smartlist_add(new_env, (char *)"FOO=bar"); + smartlist_add(new_env, (char *)"HELLO=world"); + + process_reset_environment(process, new_env); + smartlist_free(new_env); + + env = process_get_environment(process); + tt_mem_op(env->windows_environment_block, OP_EQ, + "FOO=bar\0HELLO=world\0", 20); + tt_str_op(env->unixoid_environment_block[0], OP_EQ, + "FOO=bar"); + tt_str_op(env->unixoid_environment_block[1], OP_EQ, + "HELLO=world"); + tt_ptr_op(env->unixoid_environment_block[2], OP_EQ, + NULL); + + done: + process_environment_free(env); + process_free(process); +} + +static void +test_stringified_types(void *arg) +{ + (void)arg; + + /* process_protocol_t values. */ + tt_str_op("Raw", OP_EQ, process_protocol_to_string(PROCESS_PROTOCOL_RAW)); + tt_str_op("Line", OP_EQ, process_protocol_to_string(PROCESS_PROTOCOL_LINE)); + + /* process_status_t values. */ + tt_str_op("not running", OP_EQ, + process_status_to_string(PROCESS_STATUS_NOT_RUNNING)); + tt_str_op("running", OP_EQ, + process_status_to_string(PROCESS_STATUS_RUNNING)); + tt_str_op("error", OP_EQ, + process_status_to_string(PROCESS_STATUS_ERROR)); + + done: + return; +} + +static void +test_line_protocol_simple(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + + process_set_stdout_read_callback(process, process_stdout_callback); + process_set_stderr_read_callback(process, process_stderr_callback); + + MOCK(process_read_stdout, process_mocked_read_stdout); + MOCK(process_read_stderr, process_mocked_read_stderr); + + /* Make sure we are running with the line protocol. */ + tt_int_op(PROCESS_PROTOCOL_LINE, OP_EQ, process_get_protocol(process)); + + tt_int_op(0, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(0, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = "Hello stdout\n"; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = "Hello stderr\r\n"; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Data should be ready. */ + tt_int_op(1, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(1, OP_EQ, smartlist_len(process_data->stderr_data)); + + /* Check if the data is correct. */ + tt_str_op(smartlist_get(process_data->stdout_data, 0), OP_EQ, + "Hello stdout"); + tt_str_op(smartlist_get(process_data->stderr_data, 0), OP_EQ, + "Hello stderr"); + + done: + process_data_free(process_data); + process_free(process); + + UNMOCK(process_read_stdout); + UNMOCK(process_read_stderr); +} + +static void +test_line_protocol_multi(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + process_set_stdout_read_callback(process, process_stdout_callback); + process_set_stderr_read_callback(process, process_stderr_callback); + + MOCK(process_read_stdout, process_mocked_read_stdout); + MOCK(process_read_stderr, process_mocked_read_stderr); + + /* Make sure we are running with the line protocol. */ + tt_int_op(PROCESS_PROTOCOL_LINE, OP_EQ, process_get_protocol(process)); + + tt_int_op(0, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(0, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = "Hello stdout\r\nOnion Onion Onion\nA B C D\r\n\r\n"; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = "Hello stderr\nFoo bar baz\nOnion Onion Onion\n"; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Data should be ready. */ + tt_int_op(4, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(3, OP_EQ, smartlist_len(process_data->stderr_data)); + + /* Check if the data is correct. */ + tt_str_op(smartlist_get(process_data->stdout_data, 0), OP_EQ, + "Hello stdout"); + tt_str_op(smartlist_get(process_data->stdout_data, 1), OP_EQ, + "Onion Onion Onion"); + tt_str_op(smartlist_get(process_data->stdout_data, 2), OP_EQ, + "A B C D"); + tt_str_op(smartlist_get(process_data->stdout_data, 3), OP_EQ, + ""); + + tt_str_op(smartlist_get(process_data->stderr_data, 0), OP_EQ, + "Hello stderr"); + tt_str_op(smartlist_get(process_data->stderr_data, 1), OP_EQ, + "Foo bar baz"); + tt_str_op(smartlist_get(process_data->stderr_data, 2), OP_EQ, + "Onion Onion Onion"); + + done: + process_data_free(process_data); + process_free(process); + + UNMOCK(process_read_stdout); + UNMOCK(process_read_stderr); +} + +static void +test_line_protocol_partial(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + process_set_stdout_read_callback(process, process_stdout_callback); + process_set_stderr_read_callback(process, process_stderr_callback); + + MOCK(process_read_stdout, process_mocked_read_stdout); + MOCK(process_read_stderr, process_mocked_read_stderr); + + /* Make sure we are running with the line protocol. */ + tt_int_op(PROCESS_PROTOCOL_LINE, OP_EQ, process_get_protocol(process)); + + tt_int_op(0, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(0, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = "Hello stdout this is a partial line ..."; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = "Hello stderr this is a partial line ..."; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Data should NOT be ready. */ + tt_int_op(0, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(0, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = " the end\nAnother partial string goes here ..."; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = " the end\nAnother partial string goes here ..."; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Some data should be ready. */ + tt_int_op(1, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(1, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = " the end\nFoo bar baz\n"; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = " the end\nFoo bar baz\n"; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Some data should be ready. */ + tt_int_op(3, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(3, OP_EQ, smartlist_len(process_data->stderr_data)); + + /* Check if the data is correct. */ + tt_str_op(smartlist_get(process_data->stdout_data, 0), OP_EQ, + "Hello stdout this is a partial line ... the end"); + tt_str_op(smartlist_get(process_data->stdout_data, 1), OP_EQ, + "Another partial string goes here ... the end"); + tt_str_op(smartlist_get(process_data->stdout_data, 2), OP_EQ, + "Foo bar baz"); + + tt_str_op(smartlist_get(process_data->stderr_data, 0), OP_EQ, + "Hello stderr this is a partial line ... the end"); + tt_str_op(smartlist_get(process_data->stderr_data, 1), OP_EQ, + "Another partial string goes here ... the end"); + tt_str_op(smartlist_get(process_data->stderr_data, 2), OP_EQ, + "Foo bar baz"); + + done: + process_data_free(process_data); + process_free(process); + + UNMOCK(process_read_stdout); + UNMOCK(process_read_stderr); +} + +static void +test_raw_protocol_simple(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + process_set_protocol(process, PROCESS_PROTOCOL_RAW); + + process_set_stdout_read_callback(process, process_stdout_callback); + process_set_stderr_read_callback(process, process_stderr_callback); + + MOCK(process_read_stdout, process_mocked_read_stdout); + MOCK(process_read_stderr, process_mocked_read_stderr); + + /* Make sure we are running with the raw protocol. */ + tt_int_op(PROCESS_PROTOCOL_RAW, OP_EQ, process_get_protocol(process)); + + tt_int_op(0, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(0, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = "Hello stdout\n"; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = "Hello stderr\n"; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Data should be ready. */ + tt_int_op(1, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(1, OP_EQ, smartlist_len(process_data->stderr_data)); + + stdout_read_buffer = "Hello, again, stdout\nThis contains multiple lines"; + process_notify_event_stdout(process); + tt_ptr_op(NULL, OP_EQ, stdout_read_buffer); + + stderr_read_buffer = "Hello, again, stderr\nThis contains multiple lines"; + process_notify_event_stderr(process); + tt_ptr_op(NULL, OP_EQ, stderr_read_buffer); + + /* Data should be ready. */ + tt_int_op(2, OP_EQ, smartlist_len(process_data->stdout_data)); + tt_int_op(2, OP_EQ, smartlist_len(process_data->stderr_data)); + + /* Check if the data is correct. */ + tt_str_op(smartlist_get(process_data->stdout_data, 0), OP_EQ, + "Hello stdout\n"); + tt_str_op(smartlist_get(process_data->stdout_data, 1), OP_EQ, + "Hello, again, stdout\nThis contains multiple lines"); + + tt_str_op(smartlist_get(process_data->stderr_data, 0), OP_EQ, + "Hello stderr\n"); + tt_str_op(smartlist_get(process_data->stderr_data, 1), OP_EQ, + "Hello, again, stderr\nThis contains multiple lines"); + + done: + process_data_free(process_data); + process_free(process); + + UNMOCK(process_read_stdout); + UNMOCK(process_read_stderr); +} + +static void +test_write_simple(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + + MOCK(process_write_stdin, process_mocked_write_stdin); + + process_write(process, (uint8_t *)"Hello world\n", 12); + process_notify_event_stdin(process); + tt_int_op(1, OP_EQ, smartlist_len(process_data->stdin_data)); + + process_printf(process, "Hello %s !\n", "moon"); + process_notify_event_stdin(process); + tt_int_op(2, OP_EQ, smartlist_len(process_data->stdin_data)); + + done: + process_data_free(process_data); + process_free(process); + + UNMOCK(process_write_stdin); +} + +static void +test_exit_simple(void *arg) +{ + (void)arg; + + process_data_t *process_data = process_data_new(); + + process_t *process = process_new(""); + process_set_data(process, process_data); + process_set_exit_callback(process, process_exit_callback); + + /* Our default is 0. */ + tt_u64_op(0, OP_EQ, process_data->exit_code); + + /* Fake that we are a running process. */ + process_set_status(process, PROCESS_STATUS_RUNNING); + tt_int_op(process_get_status(process), OP_EQ, PROCESS_STATUS_RUNNING); + + /* Fake an exit. */ + process_notify_event_exit(process, 1337); + + /* Check if our state changed and if our callback fired. */ + tt_int_op(process_get_status(process), OP_EQ, PROCESS_STATUS_NOT_RUNNING); + tt_u64_op(1337, OP_EQ, process_data->exit_code); + + done: + process_set_data(process, process_data); + process_data_free(process_data); + process_free(process); +} + +static void +test_argv_simple(void *arg) +{ + (void)arg; + + process_t *process = process_new("/bin/cat"); + char **argv = NULL; + + /* Setup some arguments. */ + process_append_argument(process, "foo"); + process_append_argument(process, "bar"); + process_append_argument(process, "baz"); + + /* Check the number of elements. */ + tt_int_op(3, OP_EQ, + smartlist_len(process_get_arguments(process))); + + /* Let's try to convert it into a Unix style char **argv. */ + argv = process_get_argv(process); + + /* Check our values. */ + tt_str_op(argv[0], OP_EQ, "/bin/cat"); + tt_str_op(argv[1], OP_EQ, "foo"); + tt_str_op(argv[2], OP_EQ, "bar"); + tt_str_op(argv[3], OP_EQ, "baz"); + tt_ptr_op(argv[4], OP_EQ, NULL); + + done: + tor_free(argv); + process_free(process); +} + +static void +test_unix(void *arg) +{ + (void)arg; +#ifndef _WIN32 + process_t *process = process_new(""); + + /* On Unix all processes should have a Unix process handle. */ + tt_ptr_op(NULL, OP_NE, process_get_unix_process(process)); + + done: + process_free(process); +#endif /* !defined(_WIN32) */ +} + +static void +test_win32(void *arg) +{ + (void)arg; +#ifdef _WIN32 + process_t *process = process_new(""); + char *joined_argv = NULL; + + /* On Win32 all processes should have a Win32 process handle. */ + tt_ptr_op(NULL, OP_NE, process_get_win32_process(process)); + + /* Based on some test cases from "Parsing C++ Command-Line Arguments" in + * MSDN but we don't exercise all quoting rules because tor_join_win_cmdline + * will try to only generate simple cases for the child process to parse; + * i.e. we never embed quoted strings in arguments. */ + + const char *argvs[][4] = { + {"a", "bb", "CCC", NULL}, // Normal + {NULL, NULL, NULL, NULL}, // Empty argument list + {"", NULL, NULL, NULL}, // Empty argument + {"\"a", "b\"b", "CCC\"", NULL}, // Quotes + {"a\tbc", "dd dd", "E", NULL}, // Whitespace + {"a\\\\\\b", "de fg", "H", NULL}, // Backslashes + {"a\\\"b", "\\c", "D\\", NULL}, // Backslashes before quote + {"a\\\\b c", "d", "E", NULL}, // Backslashes not before quote + { NULL } // Terminator + }; + + const char *cmdlines[] = { + "a bb CCC", + "", + "\"\"", + "\\\"a b\\\"b CCC\\\"", + "\"a\tbc\" \"dd dd\" E", + "a\\\\\\b \"de fg\" H", + "a\\\\\\\"b \\c D\\", + "\"a\\\\b c\" d E", + NULL // Terminator + }; + + int i; + + for (i=0; cmdlines[i]!=NULL; i++) { + log_info(LD_GENERAL, "Joining argvs[%d], expecting <%s>", i, cmdlines[i]); + joined_argv = tor_join_win_cmdline(argvs[i]); + tt_str_op(cmdlines[i],OP_EQ, joined_argv); + tor_free(joined_argv); + } + + done: + tor_free(joined_argv); + process_free(process); +#endif /* defined(_WIN32) */ +} + +struct testcase_t process_tests[] = { + { "default_values", test_default_values, TT_FORK, NULL, NULL }, + { "environment", test_environment, TT_FORK, NULL, NULL }, + { "stringified_types", test_stringified_types, TT_FORK, NULL, NULL }, + { "line_protocol_simple", test_line_protocol_simple, TT_FORK, NULL, NULL }, + { "line_protocol_multi", test_line_protocol_multi, TT_FORK, NULL, NULL }, + { "line_protocol_partial", test_line_protocol_partial, TT_FORK, NULL, NULL }, + { "raw_protocol_simple", test_raw_protocol_simple, TT_FORK, NULL, NULL }, + { "write_simple", test_write_simple, TT_FORK, NULL, NULL }, + { "exit_simple", test_exit_simple, TT_FORK, NULL, NULL }, + { "argv_simple", test_argv_simple, TT_FORK, NULL, NULL }, + { "unix", test_unix, TT_FORK, NULL, NULL }, + { "win32", test_win32, TT_FORK, NULL, NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_process_descs.c b/src/test/test_process_descs.c new file mode 100644 index 0000000000..14865cff13 --- /dev/null +++ b/src/test/test_process_descs.c @@ -0,0 +1,70 @@ +/* Copyright (c) 2019-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" + +#include "core/or/or.h" +#include "feature/dirauth/process_descs.h" + +#include "test/test.h" + +static void +test_process_descs_versions(void *arg) +{ + (void)arg; + struct { + const char *version; + bool should_reject; + } cases[] = { + // a very old version: reject. + { "Tor 0.1.2.3-alpha", true }, + // a non-tor program: don't reject. + { "Wombat 0.1.2.3-alpha", false }, + // some unsupported versions: reject. + { "Tor 0.2.9.4-alpha", true }, + { "Tor 0.2.9.5-alpha", true }, + { "Tor 0.2.9.100", true }, + { "Tor 0.3.0.0-alpha-dev", true }, + { "Tor 0.3.0.2-alpha", true }, + { "Tor 0.3.0.5", true }, + { "Tor 0.3.1.4", true }, + { "Tor 0.3.2.4", true }, + { "Tor 0.3.3.4", true }, + { "Tor 0.3.4.1-alpha", true }, + { "Tor 0.3.4.100", true }, + { "Tor 0.3.5.1-alpha", true }, + { "Tor 0.3.5.6-rc", true}, + { "Tor 0.4.0.1-alpha", true }, + { "Tor 0.4.0.5", true }, + { "Tor 0.4.1.1-alpha", true }, + { "Tor 0.4.1.4-rc", true }, + // new enough to be supported + { "Tor 0.3.5.7", false }, + { "Tor 0.3.5.8", false }, + { "Tor 0.4.1.5", false }, + { "Tor 0.4.2.1-alpha", false }, + { "Tor 0.4.2.4-rc", false }, + { "Tor 0.4.3.0-alpha-dev", false }, + // Very far in the future + { "Tor 100.100.1.5", false }, + }; + size_t n_cases = ARRAY_LENGTH(cases); + + for (unsigned i = 0; i < n_cases; ++i) { + const char *msg = NULL; + bool rejected = dirserv_rejects_tor_version(cases[i].version, &msg); + tt_int_op(rejected, OP_EQ, cases[i].should_reject); + tt_int_op(msg == NULL, OP_EQ, rejected == false); + } + + done: + ; +} + +#define T(name,flags) \ + { #name, test_process_descs_##name, (flags), NULL, NULL } + +struct testcase_t process_descs_tests[] = { + T(versions,0), + END_OF_TESTCASES +}; diff --git a/src/test/test_process_slow.c b/src/test/test_process_slow.c new file mode 100644 index 0000000000..f74d4adc9a --- /dev/null +++ b/src/test/test_process_slow.c @@ -0,0 +1,365 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_process_slow.c + * \brief Slow test cases for the Process API. + */ + +#define MAINLOOP_PRIVATE +#include "orconfig.h" +#include "core/or/or.h" +#include "core/mainloop/mainloop.h" +#include "lib/evloop/compat_libevent.h" +#include "lib/process/process.h" +#include "lib/process/waitpid.h" +#include "test/test.h" + +#ifndef BUILDDIR +#define BUILDDIR "." +#endif + +#ifdef _WIN32 +#define TEST_PROCESS "test-process.exe" +#else +#define TEST_PROCESS BUILDDIR "/src/test/test-process" +#endif /* defined(_WIN32) */ + +/** Timer that ticks once a second and stop the event loop after 5 ticks. */ +static periodic_timer_t *main_loop_timeout_timer; + +/** How many times have our timer ticked? */ +static int timer_tick_count; + +struct process_data_t { + smartlist_t *stdout_data; + smartlist_t *stderr_data; + smartlist_t *stdin_data; + process_exit_code_t exit_code; + bool did_exit; +}; + +typedef struct process_data_t process_data_t; + +static process_data_t * +process_data_new(void) +{ + process_data_t *process_data = tor_malloc_zero(sizeof(process_data_t)); + process_data->stdout_data = smartlist_new(); + process_data->stderr_data = smartlist_new(); + process_data->stdin_data = smartlist_new(); + return process_data; +} + +static void +process_data_free(process_data_t *process_data) +{ + if (process_data == NULL) + return; + + SMARTLIST_FOREACH(process_data->stdout_data, char *, x, tor_free(x)); + SMARTLIST_FOREACH(process_data->stderr_data, char *, x, tor_free(x)); + SMARTLIST_FOREACH(process_data->stdin_data, char *, x, tor_free(x)); + + smartlist_free(process_data->stdout_data); + smartlist_free(process_data->stderr_data); + smartlist_free(process_data->stdin_data); + tor_free(process_data); +} + +static void +process_stdout_callback(process_t *process, const char *data, size_t size) +{ + tt_ptr_op(process, OP_NE, NULL); + tt_ptr_op(data, OP_NE, NULL); + tt_int_op(strlen(data), OP_EQ, size); + + process_data_t *process_data = process_get_data(process); + smartlist_add(process_data->stdout_data, tor_strdup(data)); + + done: + return; +} + +static void +process_stderr_callback(process_t *process, const char *data, size_t size) +{ + tt_ptr_op(process, OP_NE, NULL); + tt_ptr_op(data, OP_NE, NULL); + tt_int_op(strlen(data), OP_EQ, size); + + process_data_t *process_data = process_get_data(process); + smartlist_add(process_data->stderr_data, tor_strdup(data)); + + done: + return; +} + +static bool +process_exit_callback(process_t *process, process_exit_code_t exit_code) +{ + process_status_t status; + + tt_ptr_op(process, OP_NE, NULL); + + process_data_t *process_data = process_get_data(process); + process_data->exit_code = exit_code; + process_data->did_exit = true; + + /* Check if our process is still running? */ + status = process_get_status(process); + tt_int_op(status, OP_EQ, PROCESS_STATUS_NOT_RUNNING); + + done: + /* Do not free up our process_t. */ + return false; +} + +#ifdef _WIN32 +static const char * +get_win32_test_binary_path(void) +{ + static char buffer[MAX_PATH]; + + /* Get the absolute path of our binary: \path\to\test-slow.exe. */ + GetModuleFileNameA(GetModuleHandle(0), buffer, sizeof(buffer)); + + /* Find our process name. */ + char *offset = strstr(buffer, "test-slow.exe"); + tt_ptr_op(offset, OP_NE, NULL); + + /* Change test-slow.exe to test-process.exe. */ + memcpy(offset, TEST_PROCESS, strlen(TEST_PROCESS)); + + return buffer; + done: + return NULL; +} +#endif /* defined(_WIN32) */ + +static void +main_loop_timeout_cb(periodic_timer_t *timer, void *data) +{ + /* Sanity check. */ + tt_ptr_op(timer, OP_EQ, main_loop_timeout_timer); + tt_ptr_op(data, OP_NE, NULL); + + /* Our process data. */ + process_data_t *process_data = data; + + /* Our process did exit. */ + if (process_data->did_exit) + tor_shutdown_event_loop_and_exit(0); + + /* Have we been called 10 times we exit the main loop. */ + timer_tick_count++; + + tt_int_op(timer_tick_count, OP_LT, 10); + +#ifndef _WIN32 + /* Call waitpid callbacks. */ + notify_pending_waitpid_callbacks(); +#endif + + return; + done: + /* Exit with an error. */ + tor_shutdown_event_loop_and_exit(-1); +} + +static void +run_main_loop(process_data_t *process_data) +{ + int ret; + + /* Wake up after 1 seconds. */ + static const struct timeval interval = {1, 0}; + + timer_tick_count = 0; + main_loop_timeout_timer = periodic_timer_new(tor_libevent_get_base(), + &interval, + main_loop_timeout_cb, + process_data); + + /* Run our main loop. */ + ret = run_main_loop_until_done(); + + /* Clean up our main loop timeout timer. */ + tt_int_op(ret, OP_EQ, 0); + + done: + periodic_timer_free(main_loop_timeout_timer); +} + +static void +test_callbacks(void *arg) +{ + (void)arg; + const char *filename = NULL; + +#ifdef _WIN32 + filename = get_win32_test_binary_path(); +#else + filename = TEST_PROCESS; +#endif + + /* Process callback data. */ + process_data_t *process_data = process_data_new(); + + /* Setup our process. */ + process_t *process = process_new(filename); + process_set_data(process, process_data); + process_set_stdout_read_callback(process, process_stdout_callback); + process_set_stderr_read_callback(process, process_stderr_callback); + process_set_exit_callback(process, process_exit_callback); + + /* Set environment variable. */ + process_set_environment(process, "TOR_TEST_ENV", "Hello, from Tor!"); + + /* Add some arguments. */ + process_append_argument(process, "This is the first one"); + process_append_argument(process, "Second one"); + process_append_argument(process, "Third: Foo bar baz"); + + /* Run our process. */ + process_status_t status; + + status = process_exec(process); + tt_int_op(status, OP_EQ, PROCESS_STATUS_RUNNING); + + /* Write some lines to stdin. */ + process_printf(process, "Hi process!\r\n"); + process_printf(process, "Can you read more than one line?\n"); + process_printf(process, "Can you read partial ..."); + process_printf(process, " lines?\r\n"); + + /* Start our main loop. */ + run_main_loop(process_data); + + /* We returned. Let's see what our event loop said. */ + tt_int_op(smartlist_len(process_data->stdout_data), OP_EQ, 12); + tt_int_op(smartlist_len(process_data->stderr_data), OP_EQ, 3); + tt_assert(process_data->did_exit); + tt_u64_op(process_data->exit_code, OP_EQ, 0); + + /* Check stdout output. */ + char argv0_expected[256]; + tor_snprintf(argv0_expected, sizeof(argv0_expected), + "argv[0] = '%s'", filename); + + tt_str_op(smartlist_get(process_data->stdout_data, 0), OP_EQ, + argv0_expected); + tt_str_op(smartlist_get(process_data->stdout_data, 1), OP_EQ, + "argv[1] = 'This is the first one'"); + tt_str_op(smartlist_get(process_data->stdout_data, 2), OP_EQ, + "argv[2] = 'Second one'"); + tt_str_op(smartlist_get(process_data->stdout_data, 3), OP_EQ, + "argv[3] = 'Third: Foo bar baz'"); + tt_str_op(smartlist_get(process_data->stdout_data, 4), OP_EQ, + "Environment variable TOR_TEST_ENV = 'Hello, from Tor!'"); + tt_str_op(smartlist_get(process_data->stdout_data, 5), OP_EQ, + "Output on stdout"); + tt_str_op(smartlist_get(process_data->stdout_data, 6), OP_EQ, + "This is a new line"); + tt_str_op(smartlist_get(process_data->stdout_data, 7), OP_EQ, + "Partial line on stdout ...end of partial line on stdout"); + tt_str_op(smartlist_get(process_data->stdout_data, 8), OP_EQ, + "Read line from stdin: 'Hi process!'"); + tt_str_op(smartlist_get(process_data->stdout_data, 9), OP_EQ, + "Read line from stdin: 'Can you read more than one line?'"); + tt_str_op(smartlist_get(process_data->stdout_data, 10), OP_EQ, + "Read line from stdin: 'Can you read partial ... lines?'"); + tt_str_op(smartlist_get(process_data->stdout_data, 11), OP_EQ, + "We are done for here, thank you!"); + + /* Check stderr output. */ + tt_str_op(smartlist_get(process_data->stderr_data, 0), OP_EQ, + "Output on stderr"); + tt_str_op(smartlist_get(process_data->stderr_data, 1), OP_EQ, + "This is a new line"); + tt_str_op(smartlist_get(process_data->stderr_data, 2), OP_EQ, + "Partial line on stderr ...end of partial line on stderr"); + + done: + process_data_free(process_data); + process_free(process); +} + +static void +test_callbacks_terminate(void *arg) +{ + (void)arg; + const char *filename = NULL; + +#ifdef _WIN32 + filename = get_win32_test_binary_path(); +#else + filename = TEST_PROCESS; +#endif + + /* Process callback data. */ + process_data_t *process_data = process_data_new(); + + /* Setup our process. */ + process_t *process = process_new(filename); + process_set_data(process, process_data); + process_set_exit_callback(process, process_exit_callback); + + /* Run our process. */ + process_status_t status; + + status = process_exec(process); + tt_int_op(status, OP_EQ, PROCESS_STATUS_RUNNING); + + /* Zap our process. */ + bool success; + + success = process_terminate(process); + tt_assert(success); + + /* Start our main loop. */ + run_main_loop(process_data); + + /* Check if we did exit. */ + tt_assert(process_data->did_exit); + + done: + process_data_free(process_data); + process_free(process); +} + +static void +test_nonexistent_executable(void *arg) +{ + (void)arg; + + /* Process callback data. */ + process_data_t *process_data = process_data_new(); + + /* Setup our process. */ + process_t *process = process_new("binary-does-not-exist"); + process_set_data(process, process_data); + process_set_exit_callback(process, process_exit_callback); + + /* Run our process. */ + process_exec(process); + + /* Start our main loop. */ + run_main_loop(process_data); + + /* Ensure that the exit callback was actually called even though the binary + * did not exist. + */ + tt_assert(process_data->did_exit); + + done: + process_data_free(process_data); + process_free(process); +} + +struct testcase_t slow_process_tests[] = { + { "callbacks", test_callbacks, 0, NULL, NULL }, + { "callbacks_terminate", test_callbacks_terminate, 0, NULL, NULL }, + { "nonexistent_executable", test_nonexistent_executable, 0, NULL, NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_procmon.c b/src/test/test_procmon.c index e23578f4fd..1752008f63 100644 --- a/src/test/test_procmon.c +++ b/src/test/test_procmon.c @@ -1,7 +1,6 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define PROCMON_PRIVATE #include "orconfig.h" #include "core/or/or.h" #include "test/test.h" @@ -10,8 +9,6 @@ #include "test/log_test_helpers.h" -#define NS_MODULE procmon - struct event_base; static void diff --git a/src/test/test_proto_haproxy.c b/src/test/test_proto_haproxy.c new file mode 100644 index 0000000000..040354ec1f --- /dev/null +++ b/src/test/test_proto_haproxy.c @@ -0,0 +1,66 @@ +/* Copyright (c) 2019-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_proto_haproxy.c + * \brief Tests for our HAProxy protocol parser code + */ + +#define PROTO_HAPROXY_PRIVATE + +#include "test/test.h" +#include "core/proto/proto_haproxy.h" +#include "test/log_test_helpers.h" + +static void +test_format_proxy_header_line(void *arg) +{ + tor_addr_t addr; + tor_addr_port_t *addr_port = NULL; + char *output = NULL; + + (void) arg; + + /* IPv4 address. */ + tor_addr_parse(&addr, "192.168.1.2"); + addr_port = tor_addr_port_new(&addr, 8000); + output = haproxy_format_proxy_header_line(addr_port); + + tt_str_op(output, OP_EQ, "PROXY TCP4 0.0.0.0 192.168.1.2 0 8000\r\n"); + + tor_free(addr_port); + tor_free(output); + + /* IPv6 address. */ + tor_addr_parse(&addr, "123:45:6789::5005:11"); + addr_port = tor_addr_port_new(&addr, 8000); + output = haproxy_format_proxy_header_line(addr_port); + + tt_str_op(output, OP_EQ, "PROXY TCP6 :: 123:45:6789::5005:11 0 8000\r\n"); + + tor_free(addr_port); + tor_free(output); + + /* UNIX socket address. */ + memset(&addr, 0, sizeof(addr)); + addr.family = AF_UNIX; + addr_port = tor_addr_port_new(&addr, 8000); + output = haproxy_format_proxy_header_line(addr_port); + + /* If it's not an IPv4 or IPv6 address, haproxy_format_proxy_header_line + * must return NULL. */ + tt_ptr_op(output, OP_EQ, NULL); + + tor_free(addr_port); + tor_free(output); + + done: + tor_free(addr_port); + tor_free(output); +} + +struct testcase_t proto_haproxy_tests[] = { + { "format_proxy_header_line", test_format_proxy_header_line, 0, NULL, NULL }, + + END_OF_TESTCASES +}; diff --git a/src/test/test_proto_http.c b/src/test/test_proto_http.c index 08990c0b6a..481d78b2c1 100644 --- a/src/test/test_proto_http.c +++ b/src/test/test_proto_http.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -8,7 +8,7 @@ #include "core/or/or.h" #include "test/test.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/proto/proto_http.h" #include "test/log_test_helpers.h" diff --git a/src/test/test_proto_misc.c b/src/test/test_proto_misc.c index af9cf7eee2..64bf5c4993 100644 --- a/src/test/test_proto_misc.c +++ b/src/test/test_proto_misc.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -8,7 +8,7 @@ #include "core/or/or.h" #include "test/test.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "core/or/connection_or.h" #include "feature/relay/ext_orport.h" #include "core/proto/proto_cell.h" diff --git a/src/test/test_protover.c b/src/test/test_protover.c index b4689045cf..71f984a0ac 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -1,7 +1,8 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define PROTOVER_PRIVATE +#define DIRVOTE_PRIVATE #include "orconfig.h" #include "test/test.h" @@ -12,6 +13,8 @@ #include "core/or/connection_or.h" #include "lib/tls/tortls.h" +#include "feature/dirauth/dirvote.h" + static void test_protover_parse(void *arg) { @@ -22,7 +25,7 @@ test_protover_parse(void *arg) tt_skip(); done: ; -#else +#else /* !defined(HAVE_RUST) */ char *re_encoded = NULL; const char *orig = "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16"; @@ -85,7 +88,7 @@ test_protover_parse(void *arg) SMARTLIST_FOREACH(elts, proto_entry_t *, ent, proto_entry_free(ent)); smartlist_free(elts); tor_free(re_encoded); -#endif +#endif /* defined(HAVE_RUST) */ } static void @@ -129,7 +132,7 @@ test_protover_parse_fail(void *arg) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); tt_ptr_op(elts, OP_EQ, NULL); -#endif +#endif /* defined(HAVE_RUST) */ done: ; } @@ -271,6 +274,7 @@ test_protover_all_supported(void *arg) tt_assert(protover_all_supported("Fribble=", &msg)); tt_ptr_op(msg, OP_EQ, NULL); +#ifndef ALL_BUGS_ARE_FATAL /* If we get a completely unparseable list, protover_all_supported should * hit a fatal assertion for BUG(entries == NULL). */ tor_capture_bugs_(1); @@ -282,9 +286,10 @@ test_protover_all_supported(void *arg) tor_capture_bugs_(1); tt_assert(protover_all_supported("Sleen=1-4294967295", &msg)); tor_end_capture_bugs_(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ /* Protocol name too long */ -#ifndef HAVE_RUST // XXXXXX ????? +#if !defined(HAVE_RUST) && !defined(ALL_BUGS_ARE_FATAL) tor_capture_bugs_(1); tt_assert(protover_all_supported( "DoSaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -292,7 +297,7 @@ test_protover_all_supported(void *arg) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "aaaaaaaaaaaa=1-65536", &msg)); tor_end_capture_bugs_(); -#endif +#endif /* !defined(HAVE_RUST) && !defined(ALL_BUGS_ARE_FATAL) */ done: tor_end_capture_bugs_(); @@ -416,7 +421,7 @@ test_protover_supported_protocols(void *arg) tt_assert(protocol_list_supports_protocol(supported_protocols, PRT_LINKAUTH, PROTOVER_LINKAUTH_V1)); -#endif +#endif /* defined(HAVE_WORKING_TOR_TLS_GET_TLSSECRETS) */ /* Latest LinkAuth is not exposed in the headers. */ tt_assert(protocol_list_supports_protocol(supported_protocols, PRT_LINKAUTH, @@ -587,6 +592,43 @@ test_protover_vote_roundtrip(void *args) tor_free(result); } +static void +test_protover_vote_roundtrip_ours(void *args) +{ + (void) args; + const char *examples[] = { + protover_get_supported_protocols(), + DIRVOTE_RECOMMEND_RELAY_PROTO, + DIRVOTE_RECOMMEND_CLIENT_PROTO, + DIRVOTE_REQUIRE_RELAY_PROTO, + DIRVOTE_REQUIRE_CLIENT_PROTO, + }; + unsigned u; + smartlist_t *votes = smartlist_new(); + char *result = NULL; + + for (u = 0; u < ARRAY_LENGTH(examples); ++u) { + tt_assert(examples[u]); + const char *input = examples[u]; + const char *expected_output = examples[u]; + + smartlist_add(votes, (void*)input); + result = protover_compute_vote(votes, 1); + if (expected_output != NULL) { + tt_str_op(result, OP_EQ, expected_output); + } else { + tt_str_op(result, OP_EQ, ""); + } + + smartlist_clear(votes); + tor_free(result); + } + + done: + smartlist_free(votes); + tor_free(result); +} + #define PV_TEST(name, flags) \ { #name, test_protover_ ##name, (flags), NULL, NULL } @@ -600,5 +642,6 @@ struct testcase_t protover_tests[] = { PV_TEST(supports_version, 0), PV_TEST(supported_protocols, 0), PV_TEST(vote_roundtrip, 0), + PV_TEST(vote_roundtrip_ours, 0), END_OF_TESTCASES }; diff --git a/src/test/test_pt.c b/src/test/test_pt.c index 1f9786648a..893fec3674 100644 --- a/src/test/test_pt.c +++ b/src/test/test_pt.c @@ -1,28 +1,30 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #define PT_PRIVATE -#define UTIL_PRIVATE #define STATEFILE_PRIVATE -#define CONTROL_PRIVATE -#define SUBPROCESS_PRIVATE +#define CONTROL_EVENTS_PRIVATE +#define PROCESS_PRIVATE #include "core/or/or.h" #include "app/config/config.h" -#include "app/config/confparse.h" +#include "lib/confmgt/confmgt.h" #include "feature/control/control.h" +#include "feature/control/control_events.h" #include "feature/client/transports.h" #include "core/or/circuitbuild.h" #include "app/config/statefile.h" #include "test/test.h" -#include "lib/process/subprocess.h" #include "lib/encoding/confline.h" #include "lib/net/resolve.h" +#include "lib/process/process.h" #include "app/config/or_state_st.h" +#include "test/log_test_helpers.h" + static void reset_mp(managed_proxy_t *mp) { @@ -288,41 +290,35 @@ test_pt_get_extrainfo_string(void *arg) tor_free(s); } -#ifdef _WIN32 -#define STDIN_HANDLE HANDLE* -#else -#define STDIN_HANDLE int -#endif - -static smartlist_t * -tor_get_lines_from_handle_replacement(STDIN_HANDLE handle, - enum stream_status *stream_status_out) +static int +process_read_stdout_replacement(process_t *process, buf_t *buffer) { + (void)process; static int times_called = 0; - smartlist_t *retval_sl = smartlist_new(); - - (void) handle; - (void) stream_status_out; /* Generate some dummy CMETHOD lines the first 5 times. The 6th time, send 'CMETHODS DONE' to finish configuring the proxy. */ - if (times_called++ != 5) { - smartlist_add_asprintf(retval_sl, "SMETHOD mock%d 127.0.0.1:555%d", + times_called++; + + if (times_called <= 5) { + buf_add_printf(buffer, "SMETHOD mock%d 127.0.0.1:555%d\n", times_called, times_called); - } else { - smartlist_add_strdup(retval_sl, "SMETHODS DONE"); + } else if (times_called <= 6) { + buf_add_string(buffer, "SMETHODS DONE\n"); + } else if (times_called <= 7) { + buf_add_string(buffer, "LOG SEVERITY=error MESSAGE=\"Oh noes, something " + "bad happened. What do we do!?\"\n"); + buf_add_string(buffer, "LOG SEVERITY=warning MESSAGE=\"warning msg\"\n"); + buf_add_string(buffer, "LOG SEVERITY=notice MESSAGE=\"notice msg\"\n"); + buf_add_string(buffer, "LOG SEVERITY=info MESSAGE=\"info msg\"\n"); + buf_add_string(buffer, "LOG SEVERITY=debug MESSAGE=\"debug msg\"\n"); + } else if (times_called <= 8) { + buf_add_string(buffer, "STATUS TRANSPORT=a K_1=a K_2=b K_3=\"foo bar\"\n"); + buf_add_string(buffer, "STATUS TRANSPORT=b K_1=a K_2=b K_3=\"foo bar\"\n"); + buf_add_string(buffer, "STATUS TRANSPORT=c K_1=a K_2=b K_3=\"foo bar\"\n"); } - return retval_sl; -} - -/* NOP mock */ -static void -tor_process_handle_destroy_replacement(process_handle_t *process_handle, - int also_terminate_process) -{ - (void) process_handle; - (void) also_terminate_process; + return (int)buf_datalen(buffer); } static or_state_t *dummy_state = NULL; @@ -355,12 +351,9 @@ test_pt_configure_proxy(void *arg) managed_proxy_t *mp = NULL; (void) arg; - dummy_state = tor_malloc_zero(sizeof(or_state_t)); + dummy_state = or_state_new(); - MOCK(tor_get_lines_from_handle, - tor_get_lines_from_handle_replacement); - MOCK(tor_process_handle_destroy, - tor_process_handle_destroy_replacement); + MOCK(process_read_stdout, process_read_stdout_replacement); MOCK(get_or_state, get_or_state_replacement); MOCK(queue_control_event_string, @@ -372,24 +365,34 @@ test_pt_configure_proxy(void *arg) mp->conf_state = PT_PROTO_ACCEPTING_METHODS; mp->transports = smartlist_new(); mp->transports_to_launch = smartlist_new(); - mp->process_handle = tor_malloc_zero(sizeof(process_handle_t)); mp->argv = tor_malloc_zero(sizeof(char*)*2); mp->argv[0] = tor_strdup("<testcase>"); mp->is_server = 1; + /* Configure the process. */ + mp->process = process_new(""); + process_set_stdout_read_callback(mp->process, managed_proxy_stdout_callback); + process_set_data(mp->process, mp); + /* Test the return value of configure_proxy() by calling it some times while it is uninitialized and then finally finalizing its configuration. */ for (i = 0 ; i < 5 ; i++) { + /* force a read from our mocked stdout reader. */ + process_notify_event_stdout(mp->process); + /* try to configure our proxy. */ retval = configure_proxy(mp); /* retval should be zero because proxy hasn't finished configuring yet */ tt_int_op(retval, OP_EQ, 0); /* check the number of registered transports */ - tt_assert(smartlist_len(mp->transports) == i+1); + tt_int_op(smartlist_len(mp->transports), OP_EQ, i+1); /* check that the mp is still waiting for transports */ tt_assert(mp->conf_state == PT_PROTO_ACCEPTING_METHODS); } + /* Get the SMETHOD DONE written to the process. */ + process_notify_event_stdout(mp->process); + /* this last configure_proxy() should finalize the proxy configuration. */ retval = configure_proxy(mp); /* retval should be 1 since the proxy finished configuring */ @@ -412,6 +415,49 @@ test_pt_configure_proxy(void *arg) tt_str_op(smartlist_get(controlevent_msgs, 4), OP_EQ, "650 TRANSPORT_LAUNCHED server mock5 127.0.0.1 5555\r\n"); + /* Get the log message out. */ + setup_full_capture_of_logs(LOG_ERR); + process_notify_event_stdout(mp->process); + expect_single_log_msg_containing("Oh noes, something bad happened"); + teardown_capture_of_logs(); + + tt_int_op(controlevent_n, OP_EQ, 10); + tt_int_op(controlevent_event, OP_EQ, EVENT_PT_LOG); + tt_int_op(smartlist_len(controlevent_msgs), OP_EQ, 10); + tt_str_op(smartlist_get(controlevent_msgs, 5), OP_EQ, + "650 PT_LOG PT=<testcase> SEVERITY=error " + "MESSAGE=\"Oh noes, " + "something bad happened. What do we do!?\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 6), OP_EQ, + "650 PT_LOG PT=<testcase> SEVERITY=warning " + "MESSAGE=\"warning msg\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 7), OP_EQ, + "650 PT_LOG PT=<testcase> SEVERITY=notice " + "MESSAGE=\"notice msg\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 8), OP_EQ, + "650 PT_LOG PT=<testcase> SEVERITY=info " + "MESSAGE=\"info msg\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 9), OP_EQ, + "650 PT_LOG PT=<testcase> SEVERITY=debug " + "MESSAGE=\"debug msg\"\r\n"); + + /* Get the STATUS messages out. */ + process_notify_event_stdout(mp->process); + + tt_int_op(controlevent_n, OP_EQ, 13); + tt_int_op(controlevent_event, OP_EQ, EVENT_PT_STATUS); + tt_int_op(smartlist_len(controlevent_msgs), OP_EQ, 13); + + tt_str_op(smartlist_get(controlevent_msgs, 10), OP_EQ, + "650 PT_STATUS " + "PT=<testcase> TRANSPORT=a K_1=a K_2=b K_3=\"foo bar\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 11), OP_EQ, + "650 PT_STATUS " + "PT=<testcase> TRANSPORT=b K_1=a K_2=b K_3=\"foo bar\"\r\n"); + tt_str_op(smartlist_get(controlevent_msgs, 12), OP_EQ, + "650 PT_STATUS " + "PT=<testcase> TRANSPORT=c K_1=a K_2=b K_3=\"foo bar\"\r\n"); + { /* check that the transport info were saved properly in the tor state */ config_line_t *transport_in_state = NULL; smartlist_t *transport_info_sl = smartlist_new(); @@ -434,9 +480,9 @@ test_pt_configure_proxy(void *arg) } done: + teardown_capture_of_logs(); or_state_free(dummy_state); - UNMOCK(tor_get_lines_from_handle); - UNMOCK(tor_process_handle_destroy); + UNMOCK(process_read_stdout); UNMOCK(get_or_state); UNMOCK(queue_control_event_string); if (controlevent_msgs) { @@ -449,7 +495,7 @@ test_pt_configure_proxy(void *arg) smartlist_free(mp->transports); } smartlist_free(mp->transports_to_launch); - tor_free(mp->process_handle); + process_free(mp->process); tor_free(mp->argv[0]); tor_free(mp->argv); tor_free(mp); @@ -533,8 +579,10 @@ test_get_pt_proxy_uri(void *arg) tor_free(uri); } +#ifndef COCCI #define PT_LEGACY(name) \ - { #name, test_pt_ ## name , 0, NULL, NULL } + { (#name), test_pt_ ## name , 0, NULL, NULL } +#endif struct testcase_t pt_tests[] = { PT_LEGACY(parsing), diff --git a/src/test/test_ptr_slow.c b/src/test/test_ptr_slow.c new file mode 100644 index 0000000000..25b893c4c0 --- /dev/null +++ b/src/test/test_ptr_slow.c @@ -0,0 +1,106 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" +#include "core/or/or.h" +#include "test/test.h" +#include "test/ptr_helpers.h" + +#include <stdint.h> +#include <limits.h> + +/** Assert that <b>a</b> can be cast to void * and back. */ +static void +assert_int_voidptr_roundtrip(int a) +{ + intptr_t ap = (intptr_t)a; + void *b = cast_intptr_to_voidstar(ap); + intptr_t c = cast_voidstar_to_intptr(b); + void *d = cast_intptr_to_voidstar(c); + + tt_assert(ap == c); + tt_assert(b == d); + + done: + return; +} + +/** Test for possibility of casting `int` to `void *` and back. */ +static void +test_int_voidstar_interop(void *arg) +{ + int a; + (void)arg; + + for (a = -1024; a <= 1024; a++) { + assert_int_voidptr_roundtrip(a); + } + + for (a = INT_MIN; a <= INT_MIN+1024; a++) { + assert_int_voidptr_roundtrip(a); + } + + for (a = INT_MAX-1024; a < INT_MAX; a++) { + assert_int_voidptr_roundtrip(a); + } + + a = 1; + for (unsigned long i = 0; i < sizeof(int) * 8; i++) { + assert_int_voidptr_roundtrip(a); + a = (a << 1); + } +} + +/** Assert that <b>a</b> can be cast to void * and back. */ +static void +assert_uint_voidptr_roundtrip(unsigned int a) +{ + uintptr_t ap = (uintptr_t)a; + void *b = cast_uintptr_to_voidstar(ap); + uintptr_t c = cast_voidstar_to_uintptr(b); + void *d = cast_uintptr_to_voidstar(c); + + tt_assert(ap == c); + tt_assert(b == d); + + done: + return; +} + +/** Test for possibility of casting `int` to `void *` and back. */ +static void +test_uint_voidstar_interop(void *arg) +{ + unsigned int a; + (void)arg; + + for (a = 0; a <= 1024; a++) { + assert_uint_voidptr_roundtrip(a); + } + + for (a = UINT_MAX-1024; a < UINT_MAX; a++) { + assert_uint_voidptr_roundtrip(a); + } + + a = 1; + for (unsigned long i = 0; i < sizeof(int) * 8; i++) { + assert_uint_voidptr_roundtrip(a); + a = (a << 1); + } +} + +struct testcase_t slow_ptr_tests[] = { + { .name = "int_voidstar_interop", + .fn = test_int_voidstar_interop, + .flags = 0, + .setup = NULL, + .setup_data = NULL }, + { .name = "uint_voidstar_interop", + .fn = test_uint_voidstar_interop, + .flags = 0, + .setup = NULL, + .setup_data = NULL }, + END_OF_TESTCASES +}; diff --git a/src/test/test_pubsub_build.c b/src/test/test_pubsub_build.c new file mode 100644 index 0000000000..5f9005926c --- /dev/null +++ b/src/test/test_pubsub_build.c @@ -0,0 +1,578 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define DISPATCH_PRIVATE +#define PUBSUB_PRIVATE + +#include "test/test.h" + +#include "lib/cc/torint.h" +#include "lib/dispatch/dispatch.h" +#include "lib/dispatch/dispatch_naming.h" +#include "lib/dispatch/dispatch_st.h" +#include "lib/dispatch/msgtypes.h" +#include "lib/pubsub/pubsub_macros.h" +#include "lib/pubsub/pubsub_build.h" +#include "lib/pubsub/pubsub_builder_st.h" + +#include "lib/log/escape.h" +#include "lib/malloc/malloc.h" +#include "lib/string/printf.h" + +#include "test/log_test_helpers.h" + +#include <stdio.h> +#include <string.h> + +static char * +ex_int_fmt(msg_aux_data_t aux) +{ + int val = (int) aux.u64; + char *r=NULL; + tor_asprintf(&r, "%d", val); + return r; +} + +static char * +ex_str_fmt(msg_aux_data_t aux) +{ + return esc_for_log(aux.ptr); +} + +static void +ex_str_free(msg_aux_data_t aux) +{ + tor_free_(aux.ptr); +} + +static dispatch_typefns_t intfns = { + .fmt_fn = ex_int_fmt +}; + +static dispatch_typefns_t stringfns = { + .free_fn = ex_str_free, + .fmt_fn = ex_str_fmt +}; + +DECLARE_MESSAGE_INT(bunch_of_coconuts, int, int); +DECLARE_PUBLISH(bunch_of_coconuts); +DECLARE_SUBSCRIBE(bunch_of_coconuts, coconut_recipient_cb); + +DECLARE_MESSAGE(yes_we_have_no, string, char *); +DECLARE_PUBLISH(yes_we_have_no); +DECLARE_SUBSCRIBE(yes_we_have_no, absent_item_cb); + +static void +coconut_recipient_cb(const msg_t *m, int n_coconuts) +{ + (void)m; + (void)n_coconuts; +} + +static void +absent_item_cb(const msg_t *m, const char *fruitname) +{ + (void)m; + (void)fruitname; +} + +#define FLAG_SKIP 99999 + +static void +seed_dispatch_builder(pubsub_builder_t *b, + unsigned fl1, unsigned fl2, unsigned fl3, unsigned fl4) +{ + pubsub_connector_t *c = NULL; + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys1")); + DISPATCH_REGISTER_TYPE(c, int, &intfns); + if (fl1 != FLAG_SKIP) + DISPATCH_ADD_PUB_(c, main, bunch_of_coconuts, fl1); + if (fl2 != FLAG_SKIP) + DISPATCH_ADD_SUB_(c, main, yes_we_have_no, fl2); + pubsub_connector_free(c); + } + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys2")); + DISPATCH_REGISTER_TYPE(c, string, &stringfns); + if (fl3 != FLAG_SKIP) + DISPATCH_ADD_PUB_(c, main, yes_we_have_no, fl3); + if (fl4 != FLAG_SKIP) + DISPATCH_ADD_SUB_(c, main, bunch_of_coconuts, fl4); + pubsub_connector_free(c); + } +} + +static void +seed_pubsub_builder_basic(pubsub_builder_t *b) +{ + seed_dispatch_builder(b, 0, 0, 0, 0); +} + +/* Regular builder with valid types and messages. + */ +static void +test_pubsub_build_types_ok(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + pubsub_items_t *items = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + + dispatcher = pubsub_builder_finalize(b, &items); + b = NULL; + tt_assert(dispatcher); + tt_assert(items); + tt_int_op(smartlist_len(items->items), OP_EQ, 4); + + // Make sure that the bindings got build correctly. + SMARTLIST_FOREACH_BEGIN(items->items, pubsub_cfg_t *, item) { + if (item->is_publish) { + tt_assert(item->pub_binding); + tt_ptr_op(item->pub_binding->dispatch_ptr, OP_EQ, dispatcher); + } + } SMARTLIST_FOREACH_END(item); + + tt_int_op(dispatcher->n_types, OP_GE, 2); + tt_assert(dispatcher->typefns); + + tt_assert(dispatcher->typefns[get_msg_type_id("int")].fmt_fn == ex_int_fmt); + tt_assert(dispatcher->typefns[get_msg_type_id("string")].fmt_fn == + ex_str_fmt); + + // Now clear the bindings, like we would do before freeing the + // the dispatcher. + pubsub_items_clear_bindings(items); + SMARTLIST_FOREACH_BEGIN(items->items, pubsub_cfg_t *, item) { + if (item->is_publish) { + tt_assert(item->pub_binding); + tt_ptr_op(item->pub_binding->dispatch_ptr, OP_EQ, NULL); + } + } SMARTLIST_FOREACH_END(item); + + done: + pubsub_connector_free(c); + pubsub_builder_free(b); + dispatch_free(dispatcher); + pubsub_items_free(items); +} + +/* We fail if the same type is defined in two places with different functions. + */ +static void +test_pubsub_build_types_decls_conflict(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys3")); + // Extra declaration of int: we don't allow this. + DISPATCH_REGISTER_TYPE(c, int, &stringfns); + pubsub_connector_free(c); + } + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + // expect_log_msg_containing("(int) declared twice"); // XXXX + + done: + pubsub_connector_free(c); + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* If a message ID exists but nobody is publishing or subscribing to it, + * that's okay. */ +static void +test_pubsub_build_unused_message(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + + // This message isn't actually generated by anyone, but that will be fine: + // we just log it at info. + get_message_id("unused"); + setup_capture_of_logs(LOG_INFO); + + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher); + expect_log_msg_containing( + "Nobody is publishing or subscribing to message"); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* Publishing or subscribing to a message with no subscribers / publishers + * should fail and warn. */ +static void +test_pubsub_build_missing_pubsub(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + + b = pubsub_builder_new(); + seed_dispatch_builder(b, 0, 0, FLAG_SKIP, FLAG_SKIP); + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + + expect_log_msg_containing( + "Message \"bunch_of_coconuts\" has publishers, but no subscribers."); + expect_log_msg_containing( + "Message \"yes_we_have_no\" has subscribers, but no publishers."); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* Make sure that a stub publisher or subscriber prevents an error from + * happening even if there are no other publishers/subscribers for a message + */ +static void +test_pubsub_build_stub_pubsub(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + + b = pubsub_builder_new(); + seed_dispatch_builder(b, 0, 0, DISP_FLAG_STUB, DISP_FLAG_STUB); + + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher); + + // 1 subscriber. + tt_int_op(1, OP_EQ, + dispatcher->table[get_message_id("yes_we_have_no")]->n_enabled); + // no subscribers + tt_ptr_op(NULL, OP_EQ, + dispatcher->table[get_message_id("bunch_of_coconuts")]); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); +} + +/* Only one channel per msg id. */ +static void +test_pubsub_build_channels_conflict(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + pub_binding_t btmp; + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("problems")); + /* Usually the DISPATCH_ADD_PUB macro would keep us from using + * the wrong channel */ + pubsub_add_pub_(c, &btmp, get_channel_id("hithere"), + get_message_id("bunch_of_coconuts"), + get_msg_type_id("int"), + 0 /* flags */, + "somewhere.c", 22); + pubsub_connector_free(c); + }; + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + + expect_log_msg_containing("Message \"bunch_of_coconuts\" is associated " + "with multiple inconsistent channels."); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* Only one type per msg id. */ +static void +test_pubsub_build_types_conflict(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + pub_binding_t btmp; + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("problems")); + /* Usually the DISPATCH_ADD_PUB macro would keep us from using + * the wrong channel */ + pubsub_add_pub_(c, &btmp, get_channel_id("hithere"), + get_message_id("bunch_of_coconuts"), + get_msg_type_id("string"), + 0 /* flags */, + "somewhere.c", 22); + pubsub_connector_free(c); + }; + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + + expect_log_msg_containing("Message \"bunch_of_coconuts\" is associated " + "with multiple inconsistent message types."); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* The same module can't publish and subscribe the same message */ +static void +test_pubsub_build_pubsub_same(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys1")); + // already publishing this. + DISPATCH_ADD_SUB(c, main, bunch_of_coconuts); + pubsub_connector_free(c); + }; + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + + expect_log_msg_containing("Message \"bunch_of_coconuts\" is published " + "and subscribed by the same subsystem \"sys1\"."); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +/* More than one subsystem may publish or subscribe, and that's okay. */ +static void +test_pubsub_build_pubsub_multi(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + pub_binding_t btmp; + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys3")); + DISPATCH_ADD_SUB(c, main, bunch_of_coconuts); + pubsub_add_pub_(c, &btmp, get_channel_id("main"), + get_message_id("yes_we_have_no"), + get_msg_type_id("string"), + 0 /* flags */, + "somewhere.c", 22); + pubsub_connector_free(c); + }; + + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher); + + // 1 subscribers + tt_int_op(1, OP_EQ, + dispatcher->table[get_message_id("yes_we_have_no")]->n_enabled); + // 2 subscribers. + dtbl_entry_t *ent = + dispatcher->table[get_message_id("bunch_of_coconuts")]; + tt_int_op(2, OP_EQ, ent->n_enabled); + tt_int_op(2, OP_EQ, ent->n_fns); + tt_ptr_op(ent->rcv[0].fn, OP_EQ, recv_fn__bunch_of_coconuts); + tt_ptr_op(ent->rcv[1].fn, OP_EQ, recv_fn__bunch_of_coconuts); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); +} + +static void +some_other_coconut_hook(const msg_t *m) +{ + (void)m; +} + +/* Subscribe hooks should be build correctly when there are a bunch of + * them. */ +static void +test_pubsub_build_sub_many(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + char *sysname = NULL; + b = pubsub_builder_new(); + seed_pubsub_builder_basic(b); + + int i; + for (i = 1; i < 100; ++i) { + tor_asprintf(&sysname, "system%d",i); + c = pubsub_connector_for_subsystem(b, get_subsys_id(sysname)); + if (i % 7) { + DISPATCH_ADD_SUB(c, main, bunch_of_coconuts); + } else { + pubsub_add_sub_(c, some_other_coconut_hook, + get_channel_id("main"), + get_message_id("bunch_of_coconuts"), + get_msg_type_id("int"), + 0 /* flags */, + "somewhere.c", 22); + } + pubsub_connector_free(c); + tor_free(sysname); + }; + + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher); + + dtbl_entry_t *ent = + dispatcher->table[get_message_id("bunch_of_coconuts")]; + tt_int_op(100, OP_EQ, ent->n_enabled); + tt_int_op(100, OP_EQ, ent->n_fns); + tt_ptr_op(ent->rcv[0].fn, OP_EQ, recv_fn__bunch_of_coconuts); + tt_ptr_op(ent->rcv[1].fn, OP_EQ, recv_fn__bunch_of_coconuts); + tt_ptr_op(ent->rcv[76].fn, OP_EQ, recv_fn__bunch_of_coconuts); + tt_ptr_op(ent->rcv[77].fn, OP_EQ, some_other_coconut_hook); + tt_ptr_op(ent->rcv[78].fn, OP_EQ, recv_fn__bunch_of_coconuts); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + tor_free(sysname); +} + +/* It's fine to declare the excl flag. */ +static void +test_pubsub_build_excl_ok(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + + b = pubsub_builder_new(); + // Try one excl/excl pair and one excl/non pair. + seed_dispatch_builder(b, DISP_FLAG_EXCL, 0, + DISP_FLAG_EXCL, DISP_FLAG_EXCL); + + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher); + + // 1 subscribers + tt_int_op(1, OP_EQ, + dispatcher->table[get_message_id("yes_we_have_no")]->n_enabled); + // 1 subscriber. + tt_int_op(1, OP_EQ, + dispatcher->table[get_message_id("bunch_of_coconuts")]->n_enabled); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); +} + +/* but if you declare the excl flag, you need to mean it. */ +static void +test_pubsub_build_excl_bad(void *arg) +{ + (void)arg; + pubsub_builder_t *b = NULL; + dispatch_t *dispatcher = NULL; + pubsub_connector_t *c = NULL; + + b = pubsub_builder_new(); + seed_dispatch_builder(b, DISP_FLAG_EXCL, DISP_FLAG_EXCL, + 0, 0); + + { + c = pubsub_connector_for_subsystem(b, get_subsys_id("sys3")); + DISPATCH_ADD_PUB_(c, main, bunch_of_coconuts, 0); + DISPATCH_ADD_SUB_(c, main, yes_we_have_no, 0); + pubsub_connector_free(c); + }; + + setup_full_capture_of_logs(LOG_WARN); + dispatcher = pubsub_builder_finalize(b, NULL); + b = NULL; + tt_assert(dispatcher == NULL); + + expect_log_msg_containing("has multiple publishers, but at least one is " + "marked as exclusive."); + expect_log_msg_containing("has multiple subscribers, but at least one is " + "marked as exclusive."); + + done: + pubsub_builder_free(b); + dispatch_free(dispatcher); + teardown_capture_of_logs(); +} + +#define T(name, flags) \ + { #name, test_pubsub_build_ ## name , (flags), NULL, NULL } + +struct testcase_t pubsub_build_tests[] = { + T(types_ok, TT_FORK), + T(types_decls_conflict, TT_FORK), + T(unused_message, TT_FORK), + T(missing_pubsub, TT_FORK), + T(stub_pubsub, TT_FORK), + T(channels_conflict, TT_FORK), + T(types_conflict, TT_FORK), + T(pubsub_same, TT_FORK), + T(pubsub_multi, TT_FORK), + T(sub_many, TT_FORK), + T(excl_ok, TT_FORK), + T(excl_bad, TT_FORK), + END_OF_TESTCASES +}; diff --git a/src/test/test_pubsub_msg.c b/src/test/test_pubsub_msg.c new file mode 100644 index 0000000000..3054db885d --- /dev/null +++ b/src/test/test_pubsub_msg.c @@ -0,0 +1,305 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define DISPATCH_PRIVATE + +#include "test/test.h" + +#include "lib/dispatch/dispatch.h" +#include "lib/dispatch/dispatch_naming.h" +#include "lib/dispatch/dispatch_st.h" +#include "lib/dispatch/msgtypes.h" +#include "lib/pubsub/pubsub_flags.h" +#include "lib/pubsub/pub_binding_st.h" +#include "lib/pubsub/pubsub_build.h" +#include "lib/pubsub/pubsub_builder_st.h" +#include "lib/pubsub/pubsub_connect.h" +#include "lib/pubsub/pubsub_publish.h" + +#include "lib/log/escape.h" +#include "lib/malloc/malloc.h" +#include "lib/string/printf.h" + +#include <stdio.h> +#include <string.h> + +static char * +ex_str_fmt(msg_aux_data_t aux) +{ + return esc_for_log(aux.ptr); +} +static void +ex_str_free(msg_aux_data_t aux) +{ + tor_free_(aux.ptr); +} +static dispatch_typefns_t stringfns = { + .free_fn = ex_str_free, + .fmt_fn = ex_str_fmt +}; + +// We're using the lowest-level publish/subscribe logic here, to avoid the +// pubsub_macros.h macros and just test the dispatch core. We'll use a string +// type for everything. + +#define DECLARE_MESSAGE(suffix) \ + static pub_binding_t pub_binding_##suffix; \ + static int msg_received_##suffix = 0; \ + static void recv_msg_##suffix(const msg_t *m) { \ + (void)m; \ + ++msg_received_##suffix; \ + } \ + EAT_SEMICOLON + +#define ADD_PUBLISH(binding_suffix, subsys, channel, msg, flags) \ + STMT_BEGIN { \ + con = pubsub_connector_for_subsystem(builder, \ + get_subsys_id(#subsys)); \ + pubsub_add_pub_(con, &pub_binding_##binding_suffix, \ + get_channel_id(#channel), \ + get_message_id(#msg), get_msg_type_id("string"), \ + (flags), __FILE__, __LINE__); \ + pubsub_connector_free(con); \ + } STMT_END + +#define ADD_SUBSCRIBE(hook_suffix, subsys, channel, msg, flags) \ + STMT_BEGIN { \ + con = pubsub_connector_for_subsystem(builder, \ + get_subsys_id(#subsys)); \ + pubsub_add_sub_(con, recv_msg_##hook_suffix, \ + get_channel_id(#channel), \ + get_message_id(#msg), get_msg_type_id("string"), \ + (flags), __FILE__, __LINE__); \ + pubsub_connector_free(con); \ + } STMT_END + +#define SEND(binding_suffix, val) \ + STMT_BEGIN { \ + msg_aux_data_t data_; \ + data_.ptr = tor_strdup(val); \ + pubsub_pub_(&pub_binding_##binding_suffix, data_); \ + } STMT_END + +DECLARE_MESSAGE(msg1); +DECLARE_MESSAGE(msg2); +DECLARE_MESSAGE(msg3); +DECLARE_MESSAGE(msg4); +DECLARE_MESSAGE(msg5); + +static smartlist_t *strings_received = NULL; +static void +recv_msg_copy_string(const msg_t *m) +{ + const char *s = m->aux_data__.ptr; + smartlist_add(strings_received, tor_strdup(s)); +} + +static void * +setup_dispatcher(const struct testcase_t *testcase) +{ + (void)testcase; + pubsub_builder_t *builder = pubsub_builder_new(); + pubsub_connector_t *con; + + { + con = pubsub_connector_for_subsystem(builder, get_subsys_id("types")); + pubsub_connector_register_type_(con, + get_msg_type_id("string"), + &stringfns, + "nowhere.c", 99); + pubsub_connector_free(con); + } + // message1 has one publisher and one subscriber. + ADD_PUBLISH(msg1, sys1, main, message1, 0); + ADD_SUBSCRIBE(msg1, sys2, main, message1, 0); + + // message2 has a publisher and a stub subscriber. + ADD_PUBLISH(msg2, sys1, main, message2, 0); + ADD_SUBSCRIBE(msg2, sys2, main, message2, DISP_FLAG_STUB); + + // message3 has a publisher and three subscribers. + ADD_PUBLISH(msg3, sys1, main, message3, 0); + ADD_SUBSCRIBE(msg3, sys2, main, message3, 0); + ADD_SUBSCRIBE(msg3, sys3, main, message3, 0); + ADD_SUBSCRIBE(msg3, sys4, main, message3, 0); + + // message4 has one publisher and two subscribers, but it's on another + // channel. + ADD_PUBLISH(msg4, sys2, other, message4, 0); + ADD_SUBSCRIBE(msg4, sys1, other, message4, 0); + ADD_SUBSCRIBE(msg4, sys3, other, message4, 0); + + // message5 has a huge number of recipients. + ADD_PUBLISH(msg5, sys3, main, message5, 0); + ADD_SUBSCRIBE(msg5, sys4, main, message5, 0); + ADD_SUBSCRIBE(msg5, sys5, main, message5, 0); + ADD_SUBSCRIBE(msg5, sys6, main, message5, 0); + ADD_SUBSCRIBE(msg5, sys7, main, message5, 0); + ADD_SUBSCRIBE(msg5, sys8, main, message5, 0); + for (int i = 0; i < 1000-5; ++i) { + char *sys; + tor_asprintf(&sys, "xsys-%d", i); + con = pubsub_connector_for_subsystem(builder, get_subsys_id(sys)); + pubsub_add_sub_(con, recv_msg_copy_string, + get_channel_id("main"), + get_message_id("message5"), + get_msg_type_id("string"), 0, "here", 100); + pubsub_connector_free(con); + tor_free(sys); + } + + return pubsub_builder_finalize(builder, NULL); +} + +static int +cleanup_dispatcher(const struct testcase_t *testcase, void *dispatcher_) +{ + (void)testcase; + dispatch_t *dispatcher = dispatcher_; + dispatch_free(dispatcher); + return 1; +} + +static const struct testcase_setup_t dispatcher_setup = { + setup_dispatcher, cleanup_dispatcher +}; + +static void +test_pubsub_msg_minimal(void *arg) +{ + dispatch_t *d = arg; + + tt_int_op(0, OP_EQ, msg_received_msg1); + SEND(msg1, "hello world"); + tt_int_op(0, OP_EQ, msg_received_msg1); // hasn't actually arrived yet. + + tt_int_op(0, OP_EQ, dispatch_flush(d, get_channel_id("main"), 1000)); + tt_int_op(1, OP_EQ, msg_received_msg1); // we got the message! + + done: + ; +} + +static void +test_pubsub_msg_send_to_stub(void *arg) +{ + dispatch_t *d = arg; + + tt_int_op(0, OP_EQ, msg_received_msg2); + SEND(msg2, "hello silence"); + tt_int_op(0, OP_EQ, msg_received_msg2); // hasn't actually arrived yet. + + tt_int_op(0, OP_EQ, dispatch_flush(d, get_channel_id("main"), 1000)); + tt_int_op(0, OP_EQ, msg_received_msg2); // doesn't arrive -- stub hook. + + done: + ; +} + +static void +test_pubsub_msg_cancel_msgs(void *arg) +{ + dispatch_t *d = arg; + + tt_int_op(0, OP_EQ, msg_received_msg1); + for (int i = 0; i < 100; ++i) { + SEND(msg1, "hello world"); + } + tt_int_op(0, OP_EQ, msg_received_msg1); // hasn't actually arrived yet. + + tt_int_op(0, OP_EQ, dispatch_flush(d, get_channel_id("main"), 10)); + tt_int_op(10, OP_EQ, msg_received_msg1); // we got the message 10 times. + + // At this point, the dispatcher will be freed with queued, undelivered + // messages. + done: + ; +} + +struct alertfn_target { + dispatch_t *d; + channel_id_t ch; + int count; +}; +static void +alertfn_generic(dispatch_t *d, channel_id_t ch, void *arg) +{ + struct alertfn_target *t = arg; + tt_ptr_op(d, OP_EQ, t->d); + tt_int_op(ch, OP_EQ, t->ch); + ++t->count; + done: + ; +} + +static void +test_pubsub_msg_alertfns(void *arg) +{ + dispatch_t *d = arg; + struct alertfn_target ch1_a = { d, get_channel_id("main"), 0 }; + struct alertfn_target ch2_a = { d, get_channel_id("other"), 0 }; + + tt_int_op(0, OP_EQ, + dispatch_set_alert_fn(d, get_channel_id("main"), + alertfn_generic, &ch1_a)); + tt_int_op(0, OP_EQ, + dispatch_set_alert_fn(d, get_channel_id("other"), + alertfn_generic, &ch2_a)); + + SEND(msg3, "hello"); + tt_int_op(ch1_a.count, OP_EQ, 1); + SEND(msg3, "world"); + tt_int_op(ch1_a.count, OP_EQ, 1); // only the first message sends an alert + tt_int_op(ch2_a.count, OP_EQ, 0); // no alert for 'other' + + SEND(msg4, "worse things happen in C"); + tt_int_op(ch2_a.count, OP_EQ, 1); + + // flush the first (main) channel... + tt_int_op(0, OP_EQ, dispatch_flush(d, get_channel_id("main"), 1000)); + tt_int_op(6, OP_EQ, msg_received_msg3); // 3 subscribers, 2 instances. + + // now that the main channel is flushed, sending another message on it + // starts another alert. + tt_int_op(ch1_a.count, OP_EQ, 1); + SEND(msg1, "plover"); + tt_int_op(ch1_a.count, OP_EQ, 2); + tt_int_op(ch2_a.count, OP_EQ, 1); + + done: + ; +} + +/* try more than N_FAST_FNS hooks on msg5 */ +static void +test_pubsub_msg_many_hooks(void *arg) +{ + dispatch_t *d = arg; + strings_received = smartlist_new(); + + tt_int_op(0, OP_EQ, msg_received_msg5); + SEND(msg5, "hello world"); + tt_int_op(0, OP_EQ, msg_received_msg5); + tt_int_op(0, OP_EQ, smartlist_len(strings_received)); + + tt_int_op(0, OP_EQ, dispatch_flush(d, get_channel_id("main"), 100000)); + tt_int_op(5, OP_EQ, msg_received_msg5); + tt_int_op(995, OP_EQ, smartlist_len(strings_received)); + + done: + SMARTLIST_FOREACH(strings_received, char *, s, tor_free(s)); + smartlist_free(strings_received); +} + +#define T(name) \ + { #name, test_pubsub_msg_ ## name , TT_FORK, \ + &dispatcher_setup, NULL } + +struct testcase_t pubsub_msg_tests[] = { + T(minimal), + T(send_to_stub), + T(cancel_msgs), + T(alertfns), + T(many_hooks), + END_OF_TESTCASES +}; diff --git a/src/test/test_rebind.py b/src/test/test_rebind.py index 30a587858f..3fc3deb68e 100644 --- a/src/test/test_rebind.py +++ b/src/test/test_rebind.py @@ -1,4 +1,7 @@ +# Future imports for Python 2.7, mandatory in 3.0 +from __future__ import division from __future__ import print_function +from __future__ import unicode_literals import errno import logging @@ -22,9 +25,10 @@ def skip(msg): def try_connecting_to_socksport(): socks_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - if socks_socket.connect_ex(('127.0.0.1', socks_port)): + e = socks_socket.connect_ex(('127.0.0.1', socks_port)) + if e: tor_process.terminate() - fail('Cannot connect to SOCKSPort') + fail('Cannot connect to SOCKSPort: error ' + os.strerror(e)) socks_socket.close() def wait_for_log(s): diff --git a/src/test/test_rebind.sh b/src/test/test_rebind.sh index ea2012957e..879008c1c1 100755 --- a/src/test/test_rebind.sh +++ b/src/test/test_rebind.sh @@ -1,24 +1,60 @@ #!/bin/sh +umask 077 +set -e set -x +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if [ -d "$f" ]; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + UNAME_OS=$(uname -s | cut -d_ -f1) if test "$UNAME_OS" = 'CYGWIN' || \ test "$UNAME_OS" = 'MSYS' || \ test "$UNAME_OS" = 'MINGW'; then if test "$APPVEYOR" = 'True'; then - echo "This test is disabled on Windows CI, as it requires firewall examptions. Skipping." >&2 + echo "This test is disabled on Windows CI, as it requires firewall exemptions. Skipping." >&2 exit 77 fi fi -exitcode=0 +# find the tor binary +if [ $# -ge 1 ]; then + TOR_BINARY="${1}" + shift +else + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" +fi + +TOR_BINARY="$(abspath "$TOR_BINARY")" + +echo "TOR BINARY IS ${TOR_BINARY}" + +if "${TOR_BINARY}" --list-modules | grep -q "relay: no"; then + echo "This test requires the relay module. Skipping." >&2 + exit 77 +fi tmpdir= -clean () { test -n "$tmpdir" && test -d "$tmpdir" && rm -rf "$tmpdir" || :; } +clean () { + if [ -n "$tmpdir" ] && [ -d "$tmpdir" ]; then + rm -rf "$tmpdir" + fi +} + trap clean EXIT HUP INT TERM -tmpdir="`mktemp -d -t tor_rebind_test.XXXXXX`" +tmpdir="$(mktemp -d -t tor_rebind_test.XXXXXX)" if [ -z "$tmpdir" ]; then echo >&2 mktemp failed exit 2 @@ -27,6 +63,6 @@ elif [ ! -d "$tmpdir" ]; then exit 3 fi -"${PYTHON:-python}" "${abs_top_srcdir:-.}/src/test/test_rebind.py" "${TESTING_TOR_BINARY}" "$tmpdir" +"${PYTHON:-python}" "${abs_top_srcdir:-.}/src/test/test_rebind.py" "${TOR_BINARY}" "$tmpdir" exit $? diff --git a/src/test/test_relay.c b/src/test/test_relay.c index 0b7a7be332..066aeaa7b3 100644 --- a/src/test/test_relay.c +++ b/src/test/test_relay.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define CIRCUITBUILD_PRIVATE @@ -10,7 +10,6 @@ #include "core/or/channeltls.h" #include "feature/stats/rephist.h" #include "core/or/relay.h" -#include "feature/stats/rephist.h" #include "lib/container/order.h" /* For init/free stuff */ #include "core/or/scheduler.h" @@ -21,42 +20,10 @@ /* Test suite stuff */ #include "test/test.h" #include "test/fakechans.h" - -static or_circuit_t * new_fake_orcirc(channel_t *nchan, channel_t *pchan); +#include "test/fakecircs.h" static void test_relay_append_cell_to_circuit_queue(void *arg); -static or_circuit_t * -new_fake_orcirc(channel_t *nchan, channel_t *pchan) -{ - or_circuit_t *orcirc = NULL; - circuit_t *circ = NULL; - - orcirc = tor_malloc_zero(sizeof(*orcirc)); - circ = &(orcirc->base_); - circ->magic = OR_CIRCUIT_MAGIC; - - circuit_set_n_circid_chan(circ, get_unique_circ_id_by_chan(nchan), nchan); - cell_queue_init(&(circ->n_chan_cells)); - - circ->n_hop = NULL; - circ->streams_blocked_on_n_chan = 0; - circ->streams_blocked_on_p_chan = 0; - circ->n_delete_pending = 0; - circ->p_delete_pending = 0; - circ->received_destroy = 0; - circ->state = CIRCUIT_STATE_OPEN; - circ->purpose = CIRCUIT_PURPOSE_OR; - circ->package_window = CIRCWINDOW_START_MAX; - circ->deliver_window = CIRCWINDOW_START_MAX; - circ->n_chan_create_cell = NULL; - - circuit_set_p_circid_chan(orcirc, get_unique_circ_id_by_chan(pchan), pchan); - cell_queue_init(&(orcirc->p_chan_cells)); - - return orcirc; -} - static void assert_circuit_ok_mock(const circuit_t *c) { @@ -145,7 +112,7 @@ test_relay_close_circuit(void *arg) cell_queue_clear(&orcirc->base_.n_chan_cells); cell_queue_clear(&orcirc->p_chan_cells); } - tor_free(orcirc); + free_fake_orcirc(orcirc); free_fake_channel(nchan); free_fake_channel(pchan); UNMOCK(assert_circuit_ok); @@ -218,7 +185,7 @@ test_relay_append_cell_to_circuit_queue(void *arg) cell_queue_clear(&orcirc->base_.n_chan_cells); cell_queue_clear(&orcirc->p_chan_cells); } - tor_free(orcirc); + free_fake_orcirc(orcirc); free_fake_channel(nchan); free_fake_channel(pchan); diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index 0623583511..da9e791fb6 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /* Unit tests for handling different kinds of relay cell */ @@ -17,6 +17,7 @@ #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/connection_edge.h" +#include "core/or/sendme.h" #include "core/or/relay.h" #include "test/test.h" #include "test/log_test_helpers.h" @@ -29,7 +30,6 @@ #include "core/or/half_edge_st.h" #include "feature/client/circpathbias.h" -#include "core/or/connection_edge.h" static int srm_ncalls; static entry_connection_t *srm_conn; @@ -812,7 +812,11 @@ test_circbw_relay(void *arg) ASSERT_UNCOUNTED_BW(); /* Sendme on circuit with non-full window: counted */ - PACK_CELL(0, RELAY_COMMAND_SENDME, "Data1234"); + PACK_CELL(0, RELAY_COMMAND_SENDME, ""); + /* Recording a cell, the window is updated after decryption so off by one in + * order to record and then we process it with the proper window. */ + circ->cpath->package_window = 901; + sendme_record_cell_digest_on_circ(TO_CIRCUIT(circ), circ->cpath); circ->cpath->package_window = 900; connection_edge_process_relay_cell(&cell, TO_CIRCUIT(circ), edgeconn, circ->cpath); diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index fe6889e521..737c243e2d 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -1,8 +1,10 @@ /* Copyright 2001-2004 Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#define CRYPT_PATH_PRIVATE + #include "core/or/or.h" #include "core/or/circuitbuild.h" #define CIRCUITLIST_PRIVATE @@ -10,7 +12,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "core/or/relay.h" #include "core/crypto/relay_crypto.h" - +#include "core/or/crypt_path.h" #include "core/or/cell_st.h" #include "core/or/or_circuit_st.h" #include "core/or/origin_circuit_st.h" @@ -49,10 +51,10 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { crypt_path_t *hop = tor_malloc_zero(sizeof(*hop)); - relay_crypto_init(&hop->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), - 0, 0); + relay_crypto_init(&hop->pvt_crypto, KEY_MATERIAL[i], + sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; - onion_append_to_cpath(&cs->origin_circ->cpath, hop); + cpath_extend_linked_list(&cs->origin_circ->cpath, hop); tt_ptr_op(hop, OP_EQ, cs->origin_circ->cpath->prev); } diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index 8b0e2df485..06167635c1 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -21,8 +21,6 @@ #include "test/rend_test_helpers.h" #include "test/log_test_helpers.h" -#define NS_MODULE rend_cache - static const int RECENT_TIME = -10; static const int TIME_IN_THE_PAST = -(REND_CACHE_MAX_AGE + \ REND_CACHE_MAX_SKEW + 60); @@ -369,13 +367,12 @@ test_rend_cache_store_v2_desc_as_client_with_different_time(void *data) rend_data_free(mock_rend_query); } -#define NS_SUBMODULE lookup_v2_desc_as_dir -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); +static const routerinfo_t *rcache_lookup_v2_as_dir_get_my_routerinfo(void); static routerinfo_t *mock_routerinfo; static const routerinfo_t * -NS(router_get_my_routerinfo)(void) +rcache_lookup_v2_as_dir_get_my_routerinfo(void) { if (!mock_routerinfo) { mock_routerinfo = tor_malloc(sizeof(routerinfo_t)); @@ -395,7 +392,8 @@ test_rend_cache_lookup_v2_desc_as_dir(void *data) (void)data; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + rcache_lookup_v2_as_dir_get_my_routerinfo); rend_cache_init(); @@ -418,20 +416,17 @@ test_rend_cache_lookup_v2_desc_as_dir(void *data) tt_assert(ret_desc); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); tor_free(mock_routerinfo); rend_cache_free_all(); rend_encoded_v2_service_descriptor_free(desc_holder); tor_free(service_id); } -#undef NS_SUBMODULE - -#define NS_SUBMODULE store_v2_desc_as_dir -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); +static const routerinfo_t *rcache_store_v2_as_dir_get_my_routerinfo(void); static const routerinfo_t * -NS(router_get_my_routerinfo)(void) +rcache_store_v2_as_dir_get_my_routerinfo(void) { return mock_routerinfo; } @@ -444,7 +439,8 @@ test_rend_cache_store_v2_desc_as_dir(void *data) rend_encoded_v2_service_descriptor_t *desc_holder = NULL; char *service_id = NULL; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + rcache_store_v2_as_dir_get_my_routerinfo); rend_cache_init(); @@ -485,7 +481,7 @@ test_rend_cache_store_v2_desc_as_dir(void *data) tt_int_op(ret, OP_EQ, 0); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); rend_encoded_v2_service_descriptor_free(desc_holder); tor_free(service_id); rend_cache_free_all(); @@ -505,7 +501,8 @@ test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data) rend_encoded_v2_service_descriptor_t *desc_holder_newer; rend_encoded_v2_service_descriptor_t *desc_holder_older; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + rcache_store_v2_as_dir_get_my_routerinfo); rend_cache_init(); @@ -543,7 +540,7 @@ test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data) tt_int_op(ret, OP_EQ, 0); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); rend_cache_free_all(); rend_service_descriptor_free(generated); tor_free(service_id); @@ -568,7 +565,8 @@ test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data) rend_encoded_v2_service_descriptor_t *desc_holder_one = NULL; rend_encoded_v2_service_descriptor_t *desc_holder_two = NULL; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + rcache_store_v2_as_dir_get_my_routerinfo); rend_cache_init(); @@ -602,7 +600,7 @@ test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data) tt_int_op(ret, OP_EQ, 0); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); rend_cache_free_all(); rend_service_descriptor_free(generated); tor_free(service_id); @@ -613,8 +611,6 @@ test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data) rend_encoded_v2_service_descriptor_free(desc_holder_two); } -#undef NS_SUBMODULE - static void test_rend_cache_init(void *data) { @@ -1077,8 +1073,6 @@ test_rend_cache_intro_failure_note(void *data) rend_cache_free_all(); } -#define NS_SUBMODULE clean_v2_descs_as_dir - static void test_rend_cache_clean_v2_descs_as_dir(void *data) { @@ -1120,8 +1114,6 @@ test_rend_cache_clean_v2_descs_as_dir(void *data) rend_cache_free_all(); } -#undef NS_SUBMODULE - static void test_rend_cache_entry_allocation(void *data) { diff --git a/src/test/test_replay.c b/src/test/test_replay.c index 28a508bf4d..1487b0a29d 100644 --- a/src/test/test_replay.c +++ b/src/test/test_replay.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2012-2019, The Tor Project, Inc. */ +/* Copyright (c) 2012-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define REPLAYCACHE_PRIVATE diff --git a/src/test/test_rng.c b/src/test/test_rng.c new file mode 100644 index 0000000000..ebaffb74f5 --- /dev/null +++ b/src/test/test_rng.c @@ -0,0 +1,59 @@ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/* + * Example usage: + * + * ./src/test/test-rng --emit | dieharder -g 200 -a + * + * Remember, dieharder can tell you that your RNG is completely broken, but if + * your RNG is not _completely_ broken, dieharder cannot tell you whether your + * RNG is actually secure. + */ + +#include "orconfig.h" + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#include <stdio.h> +#include <string.h> +#include <errno.h> + +#include "lib/crypt_ops/crypto_rand.h" + +int +main(int argc, char **argv) +{ + uint8_t buf[0x123]; + + if (argc != 2 || strcmp(argv[1], "--emit")) { + fprintf(stderr, "If you want me to fill stdout with a bunch of random " + "bytes, you need to say --emit.\n"); + return 1; + } + + if (crypto_seed_rng() < 0) { + fprintf(stderr, "Can't seed RNG.\n"); + return 1; + } + +#if 0 + while (1) { + crypto_rand(buf, sizeof(buf)); + if (write(1 /*stdout*/, buf, sizeof(buf)) != sizeof(buf)) { + fprintf(stderr, "write() failed: %s\n", strerror(errno)); + return 1; + } + } +#endif /* 0 */ + + crypto_fast_rng_t *rng = crypto_fast_rng_new(); + while (1) { + crypto_fast_rng_getbytes(rng, buf, sizeof(buf)); + if (write(1 /*stdout*/, buf, sizeof(buf)) != sizeof(buf)) { + fprintf(stderr, "write() failed: %s\n", strerror(errno)); + return 1; + } + } +} diff --git a/src/test/test_router.c b/src/test/test_router.c index e0d3adfdbd..cf0c2b3dd1 100644 --- a/src/test/test_router.c +++ b/src/test/test_router.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* Copyright (c) 2017, isis agora lovecruft */ /* See LICENSE for licensing information */ @@ -9,13 +9,20 @@ #define CONFIG_PRIVATE #define CONNECTION_PRIVATE +#define ROUTER_PRIVATE + #include "core/or/or.h" #include "app/config/config.h" #include "core/mainloop/mainloop.h" #include "core/mainloop/connection.h" #include "feature/hibernate/hibernate.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/networkstatus_st.h" +#include "feature/nodelist/node_st.h" +#include "feature/nodelist/nodelist.h" #include "feature/nodelist/routerinfo_st.h" #include "feature/nodelist/routerlist.h" +#include "feature/nodelist/routerstatus_st.h" #include "feature/relay/router.h" #include "feature/stats/rephist.h" #include "lib/crypt_ops/crypto_curve25519.h" @@ -28,12 +35,13 @@ #include "test/test.h" #include "test/log_test_helpers.h" -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); +static const routerinfo_t * rtr_tests_router_get_my_routerinfo(void); +ATTR_UNUSED static int rtr_tests_router_get_my_routerinfo_called = 0; static routerinfo_t* mock_routerinfo; static const routerinfo_t* -NS(router_get_my_routerinfo)(void) +rtr_tests_router_get_my_routerinfo(void) { crypto_pk_t* ident_key; crypto_pk_t* tap_key; @@ -83,20 +91,24 @@ test_router_dump_router_to_string_no_bridge_distribution_method(void *arg) char* found = NULL; (void)arg; - NS_MOCK(router_get_my_routerinfo); + MOCK(router_get_my_routerinfo, + rtr_tests_router_get_my_routerinfo); options->ORPort_set = 1; options->BridgeRelay = 1; /* Generate keys which router_dump_router_to_string() expects to exist. */ - tt_int_op(0, ==, curve25519_keypair_generate(&ntor_keypair, 0)); - tt_int_op(0, ==, ed25519_keypair_generate(&signing_keypair, 0)); + tt_int_op(0, OP_EQ, curve25519_keypair_generate(&ntor_keypair, 0)); + tt_int_op(0, OP_EQ, ed25519_keypair_generate(&signing_keypair, 0)); /* Set up part of our routerinfo_t so that we don't trigger any other * assertions in router_dump_router_to_string(). */ router = (routerinfo_t*)router_get_my_routerinfo(); - tt_ptr_op(router, !=, NULL); + tt_ptr_op(router, OP_NE, NULL); + /* The real router_get_my_routerinfo() looks up onion_curve25519_pkey using + * get_current_curve25519_keypair(), but we don't initialise static data in + * this test. */ router->onion_curve25519_pkey = &ntor_keypair.pubkey; /* Generate our server descriptor and ensure that the substring @@ -109,12 +121,12 @@ test_router_dump_router_to_string_no_bridge_distribution_method(void *arg) &ntor_keypair, &signing_keypair); crypto_pk_free(onion_pkey); - tt_ptr_op(desc, !=, NULL); + tt_ptr_op(desc, OP_NE, NULL); found = strstr(desc, needle); - tt_ptr_op(found, !=, NULL); + tt_ptr_op(found, OP_NE, NULL); done: - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(router_get_my_routerinfo); tor_free(desc); } @@ -237,6 +249,247 @@ test_router_check_descriptor_bandwidth_changed(void *arg) UNMOCK(we_are_hibernating); } +static networkstatus_t *mock_ns = NULL; +static networkstatus_t * +mock_networkstatus_get_live_consensus(time_t now) +{ + (void)now; + return mock_ns; +} + +static routerstatus_t *mock_rs = NULL; +static const routerstatus_t * +mock_networkstatus_vote_find_entry(networkstatus_t *ns, const char *digest) +{ + (void)ns; + (void)digest; + return mock_rs; +} + +static void +test_router_mark_if_too_old(void *arg) +{ + (void)arg; + time_t now = approx_time(); + MOCK(networkstatus_get_live_consensus, + mock_networkstatus_get_live_consensus); + MOCK(networkstatus_vote_find_entry, mock_networkstatus_vote_find_entry); + + routerstatus_t rs; + networkstatus_t ns; + memset(&rs, 0, sizeof(rs)); + memset(&ns, 0, sizeof(ns)); + mock_ns = &ns; + mock_ns->valid_after = now-3600; + mock_rs = &rs; + mock_rs->published_on = now - 10; + + // no reason to mark this time. + desc_clean_since = now-10; + desc_dirty_reason = NULL; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, now-10); + + // Doesn't appear in consensus? Still don't mark it. + mock_ns = NULL; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, now-10); + mock_ns = &ns; + + // No new descriptor in a long time? Mark it. + desc_clean_since = now - 3600 * 96; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, 0); + tt_str_op(desc_dirty_reason, OP_EQ, "time for new descriptor"); + + // Version in consensus published a long time ago? We won't mark it + // if it's been clean for only a short time. + desc_clean_since = now - 10; + desc_dirty_reason = NULL; + mock_rs->published_on = now - 3600 * 96; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, now - 10); + + // ... but if it's been clean a while, we mark. + desc_clean_since = now - 2 * 3600; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, 0); + tt_str_op(desc_dirty_reason, OP_EQ, + "version listed in consensus is quite old"); + + // same deal if we're marked stale. + desc_clean_since = now - 2 * 3600; + desc_dirty_reason = NULL; + mock_rs->published_on = now - 10; + mock_rs->is_staledesc = 1; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, 0); + tt_str_op(desc_dirty_reason, OP_EQ, + "listed as stale in consensus"); + + // same deal if we're absent from the consensus. + desc_clean_since = now - 2 * 3600; + desc_dirty_reason = NULL; + mock_rs = NULL; + mark_my_descriptor_dirty_if_too_old(now); + tt_i64_op(desc_clean_since, OP_EQ, 0); + tt_str_op(desc_dirty_reason, OP_EQ, + "not listed in consensus"); + + done: + UNMOCK(networkstatus_get_live_consensus); + UNMOCK(networkstatus_vote_find_entry); +} + +static node_t fake_node; +static const node_t * +mock_node_get_by_nickname(const char *name, unsigned flags) +{ + (void)flags; + if (!strcasecmp(name, "crumpet")) + return &fake_node; + else + return NULL; +} + +static void +test_router_get_my_family(void *arg) +{ + (void)arg; + or_options_t *options = options_new(); + smartlist_t *sl = NULL; + char *join = NULL; + // Overwrite the result of router_get_my_identity_digest(). This + // happens to be okay, but only for testing. + set_server_identity_key_digest_testing( + (const uint8_t*)"holeinthebottomofthe"); + + setup_capture_of_logs(LOG_WARN); + + // No family listed -- so there's no list. + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_EQ, NULL); + expect_no_log_entry(); + +#define CLEAR() do { \ + if (sl) { \ + SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp)); \ + smartlist_free(sl); \ + } \ + tor_free(join); \ + mock_clean_saved_logs(); \ + } while (0) + + // Add a single nice friendly hex member. This should be enough + // to have our own ID added. + tt_ptr_op(options->MyFamily, OP_EQ, NULL); + config_line_append(&options->MyFamily, "MyFamily", + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); + + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_NE, NULL); + tt_int_op(smartlist_len(sl), OP_EQ, 2); + join = smartlist_join_strings(sl, " ", 0, NULL); + tt_str_op(join, OP_EQ, + "$686F6C65696E746865626F74746F6D6F66746865 " + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); + expect_no_log_entry(); + CLEAR(); + + // Add a hex member with a ~. The ~ part should get removed. + config_line_append(&options->MyFamily, "MyFamily", + "$0123456789abcdef0123456789abcdef01234567~Muffin"); + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_NE, NULL); + tt_int_op(smartlist_len(sl), OP_EQ, 3); + join = smartlist_join_strings(sl, " ", 0, NULL); + tt_str_op(join, OP_EQ, + "$0123456789ABCDEF0123456789ABCDEF01234567 " + "$686F6C65696E746865626F74746F6D6F66746865 " + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); + expect_no_log_entry(); + CLEAR(); + + // Nickname lookup will fail, so a nickname will appear verbatim. + config_line_append(&options->MyFamily, "MyFamily", + "BAGEL"); + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_NE, NULL); + tt_int_op(smartlist_len(sl), OP_EQ, 4); + join = smartlist_join_strings(sl, " ", 0, NULL); + tt_str_op(join, OP_EQ, + "$0123456789ABCDEF0123456789ABCDEF01234567 " + "$686F6C65696E746865626F74746F6D6F66746865 " + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA " + "bagel"); + expect_single_log_msg_containing( + "There is a router named \"BAGEL\" in my declared family, but " + "I have no descriptor for it."); + CLEAR(); + + // A bogus digest should fail entirely. + config_line_append(&options->MyFamily, "MyFamily", + "$painauchocolat"); + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_NE, NULL); + tt_int_op(smartlist_len(sl), OP_EQ, 4); + join = smartlist_join_strings(sl, " ", 0, NULL); + tt_str_op(join, OP_EQ, + "$0123456789ABCDEF0123456789ABCDEF01234567 " + "$686F6C65696E746865626F74746F6D6F66746865 " + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA " + "bagel"); + // "BAGEL" is still there, but it won't make a warning, because we already + // warned about it. + expect_single_log_msg_containing( + "There is a router named \"$painauchocolat\" in my declared " + "family, but that isn't a legal digest or nickname. Skipping it."); + CLEAR(); + + // Let's introduce a node we can look up by nickname + memset(&fake_node, 0, sizeof(fake_node)); + memcpy(fake_node.identity, "whydoyouasknonononon", DIGEST_LEN); + MOCK(node_get_by_nickname, mock_node_get_by_nickname); + + config_line_append(&options->MyFamily, "MyFamily", + "CRUmpeT"); + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_NE, NULL); + tt_int_op(smartlist_len(sl), OP_EQ, 5); + join = smartlist_join_strings(sl, " ", 0, NULL); + tt_str_op(join, OP_EQ, + "$0123456789ABCDEF0123456789ABCDEF01234567 " + "$686F6C65696E746865626F74746F6D6F66746865 " + "$776879646F796F7561736B6E6F6E6F6E6F6E6F6E " + "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA " + "bagel"); + // "BAGEL" is still there, but it won't make a warning, because we already + // warned about it. Some with "$painauchocolat". + expect_single_log_msg_containing( + "There is a router named \"CRUmpeT\" in my declared " + "family, but it wasn't listed by digest. Please consider saying " + "$776879646F796F7561736B6E6F6E6F6E6F6E6F6E instead, if that's " + "what you meant."); + CLEAR(); + UNMOCK(node_get_by_nickname); + + // Try a singleton list containing only us: It should give us NULL. + config_free_lines(options->MyFamily); + config_line_append(&options->MyFamily, "MyFamily", + "$686F6C65696E746865626F74746F6D6F66746865"); + sl = get_my_declared_family(options); + tt_ptr_op(sl, OP_EQ, NULL); + expect_no_log_entry(); + + done: + or_options_free(options); + teardown_capture_of_logs(); + CLEAR(); + UNMOCK(node_get_by_nickname); + +#undef CLEAR +} + static smartlist_t *fake_connection_array = NULL; static smartlist_t * mock_get_connection_array(void) @@ -354,6 +607,8 @@ test_router_get_advertised_or_port_localhost(void *arg) struct testcase_t router_tests[] = { ROUTER_TEST(check_descriptor_bandwidth_changed, TT_FORK), ROUTER_TEST(dump_router_to_string_no_bridge_distribution_method, TT_FORK), + ROUTER_TEST(mark_if_too_old, TT_FORK), + ROUTER_TEST(get_my_family, TT_FORK), ROUTER_TEST(get_advertised_or_port, TT_FORK), ROUTER_TEST(get_advertised_or_port_localhost, TT_FORK), END_OF_TESTCASES diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 727fa5660f..fc437dccc0 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -399,7 +399,7 @@ test_routerkeys_ed_key_init_split(void *arg) tt_assert(kp2 != NULL); tt_assert(cert == NULL); tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey)); - tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey, + tt_assert(fast_mem_is_zero((char*)kp2->seckey.seckey, sizeof(kp2->seckey.seckey))); ed25519_keypair_free(kp2); kp2 = NULL; @@ -409,7 +409,7 @@ test_routerkeys_ed_key_init_split(void *arg) tt_assert(kp2 != NULL); tt_assert(cert == NULL); tt_mem_op(&kp1->pubkey, OP_EQ, &kp2->pubkey, sizeof(kp2->pubkey)); - tt_assert(tor_mem_is_zero((char*)kp2->seckey.seckey, + tt_assert(fast_mem_is_zero((char*)kp2->seckey.seckey, sizeof(kp2->seckey.seckey))); ed25519_keypair_free(kp2); kp2 = NULL; @@ -455,11 +455,11 @@ test_routerkeys_ed_keys_init_all(void *arg) options->TestingLinkKeySlop = 2*3600; #ifdef _WIN32 - mkdir(dir); - mkdir(keydir); + tt_int_op(0, OP_EQ, mkdir(dir)); + tt_int_op(0, OP_EQ, mkdir(keydir)); #else - mkdir(dir, 0700); - mkdir(keydir, 0700); + tt_int_op(0, OP_EQ, mkdir(dir, 0700)); + tt_int_op(0, OP_EQ, mkdir(keydir, 0700)); #endif /* defined(_WIN32) */ options->DataDirectory = dir; diff --git a/src/test/test_routerlist.c b/src/test/test_routerlist.c index 95c9176faa..f2a83c18a3 100644 --- a/src/test/test_routerlist.c +++ b/src/test/test_routerlist.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -46,7 +46,7 @@ #include "feature/nodelist/routerstatus_st.h" #include "lib/encoding/confline.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "test/test.h" #include "test/test_dir_common.h" @@ -265,7 +265,9 @@ test_router_pick_directory_server_impl(void *arg) /* Init SR subsystem. */ MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); - mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); sr_init(0); UNMOCK(get_my_v3_authority_cert); @@ -275,7 +277,9 @@ test_router_pick_directory_server_impl(void *arg) construct_consensus(&consensus_text_md, now); tt_assert(consensus_text_md); - con_md = networkstatus_parse_vote_from_string(consensus_text_md, NULL, + con_md = networkstatus_parse_vote_from_string(consensus_text_md, + strlen(consensus_text_md), + NULL, NS_TYPE_CONSENSUS); tt_assert(con_md); tt_int_op(con_md->flavor,OP_EQ, FLAV_MICRODESC); @@ -301,7 +305,6 @@ test_router_pick_directory_server_impl(void *arg) tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_until + 24*60*60)); /* These times are outside the test validity period */ - tt_assert(networkstatus_consensus_is_bootstrapping(now)); tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60)); tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60)); @@ -475,7 +478,9 @@ test_directory_guard_fetch_with_no_dirinfo(void *arg) /* Initialize the SRV subsystem */ MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); - mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); sr_init(0); UNMOCK(get_my_v3_authority_cert); @@ -626,7 +631,7 @@ mock_clock_skew_warning(const connection_t *conn, long apparent_skew, (void)conn; mock_apparent_skew = apparent_skew; tt_int_op(trusted, OP_EQ, 1); - tt_int_op(domain, OP_EQ, LD_GENERAL); + tt_i64_op(domain, OP_EQ, LD_GENERAL); tt_str_op(received, OP_EQ, "microdesc flavor consensus"); tt_str_op(source, OP_EQ, "CONSENSUS"); done: @@ -648,7 +653,9 @@ test_skew_common(void *arg, time_t now, unsigned long *offset) /* Initialize the SRV subsystem */ MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); - mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); sr_init(0); UNMOCK(get_my_v3_authority_cert); @@ -662,7 +669,8 @@ test_skew_common(void *arg, time_t now, unsigned long *offset) MOCK(clock_skew_warning, mock_clock_skew_warning); /* Caller will call teardown_capture_of_logs() */ setup_capture_of_logs(LOG_WARN); - retval = networkstatus_set_current_consensus(consensus, "microdesc", 0, + retval = networkstatus_set_current_consensus(consensus, strlen(consensus), + "microdesc", 0, NULL); done: diff --git a/src/test/test_routerset.c b/src/test/test_routerset.c index c45f0e1595..892ac6e210 100644 --- a/src/test/test_routerset.c +++ b/src/test/test_routerset.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define ROUTERSET_PRIVATE @@ -18,17 +18,13 @@ #include "test/test.h" -#define NS_MODULE routerset - -#define NS_SUBMODULE routerset_new - /* * Functional (blackbox) test to determine that each member of the routerset * is non-NULL */ static void -NS(test_main)(void *arg) +test_rset_new(void *arg) { routerset_t *rs; (void)arg; @@ -46,15 +42,12 @@ NS(test_main)(void *arg) routerset_free(rs); } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_get_countryname - /* * Functional test to strip the braces from a "{xx}" country code string. */ static void -NS(test_main)(void *arg) +test_rset_get_countryname(void *arg) { const char *input; char *name; @@ -91,257 +84,272 @@ NS(test_main)(void *arg) tor_free(name); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_refresh_counties, geoip_not_loaded) - /* * Structural (whitebox) test for routerset_refresh_counties, when the GeoIP DB * is not loaded. */ -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); -NS_DECL(int, geoip_get_n_countries, (void)); +static int rset_refresh_geoip_not_loaded_geoip_is_loaded(sa_family_t family); +static int rset_refresh_geoip_not_loaded_geoip_is_loaded_called = 0; +static int rset_refresh_geoip_not_loaded_geoip_get_n_countries(void); +static int rset_refresh_geoip_not_loaded_geoip_get_n_countries_called = 0; static void -NS(test_main)(void *arg) +test_rset_refresh_geoip_not_loaded(void *arg) { routerset_t *set = routerset_new(); (void)arg; - NS_MOCK(geoip_is_loaded); - NS_MOCK(geoip_get_n_countries); + MOCK(geoip_is_loaded, + rset_refresh_geoip_not_loaded_geoip_is_loaded); + MOCK(geoip_get_n_countries, + rset_refresh_geoip_not_loaded_geoip_get_n_countries); routerset_refresh_countries(set); tt_ptr_op(set->countries, OP_EQ, NULL); tt_int_op(set->n_countries, OP_EQ, 0); - tt_int_op(CALLED(geoip_is_loaded), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_n_countries), OP_EQ, 0); + tt_int_op(rset_refresh_geoip_not_loaded_geoip_is_loaded_called, OP_EQ, 1); + tt_int_op(rset_refresh_geoip_not_loaded_geoip_get_n_countries_called, + OP_EQ, 0); done: - NS_UNMOCK(geoip_is_loaded); - NS_UNMOCK(geoip_get_n_countries); + UNMOCK(geoip_is_loaded); + UNMOCK(geoip_get_n_countries); routerset_free(set); } static int -NS(geoip_is_loaded)(sa_family_t family) +rset_refresh_geoip_not_loaded_geoip_is_loaded(sa_family_t family) { (void)family; - CALLED(geoip_is_loaded)++; + rset_refresh_geoip_not_loaded_geoip_is_loaded_called++; return 0; } static int -NS(geoip_get_n_countries)(void) +rset_refresh_geoip_not_loaded_geoip_get_n_countries(void) { - CALLED(geoip_get_n_countries)++; + rset_refresh_geoip_not_loaded_geoip_get_n_countries_called++; return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_refresh_counties, no_countries) - /* * Structural test for routerset_refresh_counties, when there are no countries. */ -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); -NS_DECL(int, geoip_get_n_countries, (void)); -NS_DECL(country_t, geoip_get_country, (const char *country)); +static int rset_refresh_no_countries_geoip_is_loaded(sa_family_t family); +static int rset_refresh_no_countries_geoip_is_loaded_called = 0; +static int rset_refresh_no_countries_geoip_get_n_countries(void); +static int rset_refresh_no_countries_geoip_get_n_countries_called = 0; +static country_t rset_refresh_no_countries_geoip_get_country( + const char *country); +static int rset_refresh_no_countries_geoip_get_country_called = 0; static void -NS(test_main)(void *arg) +test_rset_refresh_no_countries(void *arg) { routerset_t *set = routerset_new(); (void)arg; - NS_MOCK(geoip_is_loaded); - NS_MOCK(geoip_get_n_countries); - NS_MOCK(geoip_get_country); + MOCK(geoip_is_loaded, + rset_refresh_no_countries_geoip_is_loaded); + MOCK(geoip_get_n_countries, + rset_refresh_no_countries_geoip_get_n_countries); + MOCK(geoip_get_country, + rset_refresh_no_countries_geoip_get_country); routerset_refresh_countries(set); tt_ptr_op(set->countries, OP_NE, NULL); tt_int_op(set->n_countries, OP_EQ, 1); tt_int_op((unsigned int)(*set->countries), OP_EQ, 0); - tt_int_op(CALLED(geoip_is_loaded), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_n_countries), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_country), OP_EQ, 0); + tt_int_op(rset_refresh_no_countries_geoip_is_loaded_called, OP_EQ, 1); + tt_int_op(rset_refresh_no_countries_geoip_get_n_countries_called, OP_EQ, 1); + tt_int_op(rset_refresh_no_countries_geoip_get_country_called, OP_EQ, 0); done: - NS_UNMOCK(geoip_is_loaded); - NS_UNMOCK(geoip_get_n_countries); - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_is_loaded); + UNMOCK(geoip_get_n_countries); + UNMOCK(geoip_get_country); routerset_free(set); } static int -NS(geoip_is_loaded)(sa_family_t family) +rset_refresh_no_countries_geoip_is_loaded(sa_family_t family) { (void)family; - CALLED(geoip_is_loaded)++; + rset_refresh_no_countries_geoip_is_loaded_called++; return 1; } static int -NS(geoip_get_n_countries)(void) +rset_refresh_no_countries_geoip_get_n_countries(void) { - CALLED(geoip_get_n_countries)++; + rset_refresh_no_countries_geoip_get_n_countries_called++; return 1; } static country_t -NS(geoip_get_country)(const char *countrycode) +rset_refresh_no_countries_geoip_get_country(const char *countrycode) { (void)countrycode; - CALLED(geoip_get_country)++; + rset_refresh_no_countries_geoip_get_country_called++; return 1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_refresh_counties, one_valid_country) - /* * Structural test for routerset_refresh_counties, with one valid country. */ -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); -NS_DECL(int, geoip_get_n_countries, (void)); -NS_DECL(country_t, geoip_get_country, (const char *country)); +static int rset_refresh_one_valid_country_geoip_is_loaded(sa_family_t family); +static int rset_refresh_one_valid_country_geoip_is_loaded_called = 0; +static int rset_refresh_one_valid_country_geoip_get_n_countries(void); +static int rset_refresh_one_valid_country_geoip_get_n_countries_called = 0; +static country_t rset_refresh_one_valid_country_geoip_get_country( + const char *country); +static int rset_refresh_one_valid_country_geoip_get_country_called = 0; static void -NS(test_main)(void *arg) +test_rset_refresh_one_valid_country(void *arg) { routerset_t *set = routerset_new(); (void)arg; - NS_MOCK(geoip_is_loaded); - NS_MOCK(geoip_get_n_countries); - NS_MOCK(geoip_get_country); + MOCK(geoip_is_loaded, + rset_refresh_one_valid_country_geoip_is_loaded); + MOCK(geoip_get_n_countries, + rset_refresh_one_valid_country_geoip_get_n_countries); + MOCK(geoip_get_country, + rset_refresh_one_valid_country_geoip_get_country); smartlist_add(set->country_names, tor_strndup("foo", 3)); routerset_refresh_countries(set); tt_ptr_op(set->countries, OP_NE, NULL); tt_int_op(set->n_countries, OP_EQ, 2); - tt_int_op(CALLED(geoip_is_loaded), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_n_countries), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_country), OP_EQ, 1); + tt_int_op(rset_refresh_one_valid_country_geoip_is_loaded_called, OP_EQ, 1); + tt_int_op(rset_refresh_one_valid_country_geoip_get_n_countries_called, + OP_EQ, 1); + tt_int_op(rset_refresh_one_valid_country_geoip_get_country_called, OP_EQ, 1); tt_int_op((unsigned int)(*set->countries), OP_NE, 0); done: - NS_UNMOCK(geoip_is_loaded); - NS_UNMOCK(geoip_get_n_countries); - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_is_loaded); + UNMOCK(geoip_get_n_countries); + UNMOCK(geoip_get_country); routerset_free(set); } static int -NS(geoip_is_loaded)(sa_family_t family) +rset_refresh_one_valid_country_geoip_is_loaded(sa_family_t family) { (void)family; - CALLED(geoip_is_loaded)++; + rset_refresh_one_valid_country_geoip_is_loaded_called++; return 1; } static int -NS(geoip_get_n_countries)(void) +rset_refresh_one_valid_country_geoip_get_n_countries(void) { - CALLED(geoip_get_n_countries)++; + rset_refresh_one_valid_country_geoip_get_n_countries_called++; return 2; } static country_t -NS(geoip_get_country)(const char *countrycode) +rset_refresh_one_valid_country_geoip_get_country(const char *countrycode) { (void)countrycode; - CALLED(geoip_get_country)++; + rset_refresh_one_valid_country_geoip_get_country_called++; return 1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_refresh_counties, one_invalid_country) - /* * Structural test for routerset_refresh_counties, with one invalid * country code.. */ -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); -NS_DECL(int, geoip_get_n_countries, (void)); -NS_DECL(country_t, geoip_get_country, (const char *country)); +static int rset_refresh_one_invalid_country_geoip_is_loaded( + sa_family_t family); +static int rset_refresh_one_invalid_country_geoip_is_loaded_called = 0; +static int rset_refresh_one_invalid_country_geoip_get_n_countries(void); +static int rset_refresh_one_invalid_country_geoip_get_n_countries_called = 0; +static country_t rset_refresh_one_invalid_country_geoip_get_country( + const char *country); +static int rset_refresh_one_invalid_country_geoip_get_country_called = 0; static void -NS(test_main)(void *arg) +test_rset_refresh_one_invalid_country(void *arg) { routerset_t *set = routerset_new(); (void)arg; - NS_MOCK(geoip_is_loaded); - NS_MOCK(geoip_get_n_countries); - NS_MOCK(geoip_get_country); + MOCK(geoip_is_loaded, + rset_refresh_one_invalid_country_geoip_is_loaded); + MOCK(geoip_get_n_countries, + rset_refresh_one_invalid_country_geoip_get_n_countries); + MOCK(geoip_get_country, + rset_refresh_one_invalid_country_geoip_get_country); smartlist_add(set->country_names, tor_strndup("foo", 3)); routerset_refresh_countries(set); tt_ptr_op(set->countries, OP_NE, NULL); tt_int_op(set->n_countries, OP_EQ, 2); - tt_int_op(CALLED(geoip_is_loaded), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_n_countries), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_country), OP_EQ, 1); + tt_int_op(rset_refresh_one_invalid_country_geoip_is_loaded_called, OP_EQ, 1); + tt_int_op(rset_refresh_one_invalid_country_geoip_get_n_countries_called, + OP_EQ, 1); + tt_int_op(rset_refresh_one_invalid_country_geoip_get_country_called, + OP_EQ, 1); tt_int_op((unsigned int)(*set->countries), OP_EQ, 0); done: - NS_UNMOCK(geoip_is_loaded); - NS_UNMOCK(geoip_get_n_countries); - NS_UNMOCK(geoip_get_country); + UNMOCK(geoip_is_loaded); + UNMOCK(geoip_get_n_countries); + UNMOCK(geoip_get_country); routerset_free(set); } static int -NS(geoip_is_loaded)(sa_family_t family) +rset_refresh_one_invalid_country_geoip_is_loaded(sa_family_t family) { (void)family; - CALLED(geoip_is_loaded)++; + rset_refresh_one_invalid_country_geoip_is_loaded_called++; return 1; } static int -NS(geoip_get_n_countries)(void) +rset_refresh_one_invalid_country_geoip_get_n_countries(void) { - CALLED(geoip_get_n_countries)++; + rset_refresh_one_invalid_country_geoip_get_n_countries_called++; return 2; } static country_t -NS(geoip_get_country)(const char *countrycode) +rset_refresh_one_invalid_country_geoip_get_country(const char *countrycode) { (void)countrycode; - CALLED(geoip_get_country)++; + rset_refresh_one_invalid_country_geoip_get_country_called++; return -1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, malformed) - /* * Functional test, with a malformed string to parse. */ static void -NS(test_main)(void *arg) +test_rset_parse_malformed(void *arg) { routerset_t *set = routerset_new(); const char *s = "_"; @@ -356,16 +364,13 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, valid_hexdigest) - /* * Functional test for routerset_parse, that routerset_parse returns 0 * on a valid hexdigest entry. */ static void -NS(test_main)(void *arg) +test_rset_parse_valid_hexdigest(void *arg) { routerset_t *set; const char *s; @@ -382,15 +387,12 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, valid_nickname) - /* * Functional test for routerset_parse, when given a valid nickname as input. */ static void -NS(test_main)(void *arg) +test_rset_parse_valid_nickname(void *arg) { routerset_t *set; const char *s; @@ -407,15 +409,12 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, get_countryname) - /* * Functional test for routerset_parse, when given a valid countryname. */ static void -NS(test_main)(void *arg) +test_rset_parse_get_countryname(void *arg) { routerset_t *set; const char *s; @@ -432,158 +431,158 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, policy_wildcard) - /* * Structural test for routerset_parse, when given a valid wildcard policy. */ -NS_DECL(addr_policy_t *, router_parse_addr_policy_item_from_string, - (const char *s, int assume_action, int *malformed_list)); +static addr_policy_t * rset_parse_policy_wildcard_parse_item_from_string( + const char *s, int assume_action, int *malformed_list); +static int rset_parse_policy_wildcard_parse_item_from_string_called = 0; -static addr_policy_t *NS(mock_addr_policy); +static addr_policy_t *rset_parse_policy_wildcard_mock_addr_policy; static void -NS(test_main)(void *arg) +test_rset_parse_policy_wildcard(void *arg) { routerset_t *set; const char *s; int r; (void)arg; - NS_MOCK(router_parse_addr_policy_item_from_string); - NS(mock_addr_policy) = tor_malloc_zero(sizeof(addr_policy_t)); + MOCK(router_parse_addr_policy_item_from_string, + rset_parse_policy_wildcard_parse_item_from_string); + rset_parse_policy_wildcard_mock_addr_policy = + tor_malloc_zero(sizeof(addr_policy_t)); set = routerset_new(); s = "*"; r = routerset_parse(set, s, ""); tt_int_op(r, OP_EQ, 0); tt_int_op(smartlist_len(set->policies), OP_NE, 0); - tt_int_op(CALLED(router_parse_addr_policy_item_from_string), OP_EQ, 1); + tt_int_op(rset_parse_policy_wildcard_parse_item_from_string_called, + OP_EQ, 1); done: routerset_free(set); } addr_policy_t * -NS(router_parse_addr_policy_item_from_string)(const char *s, +rset_parse_policy_wildcard_parse_item_from_string(const char *s, int assume_action, int *malformed_list) { (void)s; (void)assume_action; (void)malformed_list; - CALLED(router_parse_addr_policy_item_from_string)++; + rset_parse_policy_wildcard_parse_item_from_string_called++; - return NS(mock_addr_policy); + return rset_parse_policy_wildcard_mock_addr_policy; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, policy_ipv4) - /* * Structural test for routerset_parse, when given a valid IPv4 address * literal policy. */ -NS_DECL(addr_policy_t *, router_parse_addr_policy_item_from_string, - (const char *s, int assume_action, int *bogus)); +static addr_policy_t * rset_parse_policy_ipv4_parse_item_from_string( + const char *s, int assume_action, int *bogus); +static int rset_parse_policy_ipv4_parse_item_from_string_called = 0; -static addr_policy_t *NS(mock_addr_policy); +static addr_policy_t *rset_parse_policy_ipv4_mock_addr_policy; static void -NS(test_main)(void *arg) +test_rset_parse_policy_ipv4(void *arg) { routerset_t *set; const char *s; int r; (void)arg; - NS_MOCK(router_parse_addr_policy_item_from_string); - NS(mock_addr_policy) = tor_malloc_zero(sizeof(addr_policy_t)); + MOCK(router_parse_addr_policy_item_from_string, + rset_parse_policy_ipv4_parse_item_from_string); + rset_parse_policy_ipv4_mock_addr_policy = + tor_malloc_zero(sizeof(addr_policy_t)); set = routerset_new(); s = "127.0.0.1"; r = routerset_parse(set, s, ""); tt_int_op(r, OP_EQ, 0); tt_int_op(smartlist_len(set->policies), OP_NE, 0); - tt_int_op(CALLED(router_parse_addr_policy_item_from_string), OP_EQ, 1); + tt_int_op(rset_parse_policy_ipv4_parse_item_from_string_called, OP_EQ, 1); done: routerset_free(set); } addr_policy_t * -NS(router_parse_addr_policy_item_from_string)(const char *s, int assume_action, - int *bogus) +rset_parse_policy_ipv4_parse_item_from_string( + const char *s, int assume_action, + int *bogus) { (void)s; (void)assume_action; - CALLED(router_parse_addr_policy_item_from_string)++; + rset_parse_policy_ipv4_parse_item_from_string_called++; *bogus = 0; - return NS(mock_addr_policy); + return rset_parse_policy_ipv4_mock_addr_policy; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_parse, policy_ipv6) - /* * Structural test for routerset_parse, when given a valid IPv6 address * literal policy. */ -NS_DECL(addr_policy_t *, router_parse_addr_policy_item_from_string, - (const char *s, int assume_action, int *bad)); +static addr_policy_t * rset_parse_policy_ipv6_parse_item_from_string( + const char *s, int assume_action, int *bad); +static int rset_parse_policy_ipv6_parse_item_from_string_called = 0; -static addr_policy_t *NS(mock_addr_policy); +static addr_policy_t *rset_parse_policy_ipv6_mock_addr_policy; static void -NS(test_main)(void *arg) +test_rset_parse_policy_ipv6(void *arg) { routerset_t *set; const char *s; int r; (void)arg; - NS_MOCK(router_parse_addr_policy_item_from_string); - NS(mock_addr_policy) = tor_malloc_zero(sizeof(addr_policy_t)); + MOCK(router_parse_addr_policy_item_from_string, + rset_parse_policy_ipv6_parse_item_from_string); + rset_parse_policy_ipv6_mock_addr_policy = + tor_malloc_zero(sizeof(addr_policy_t)); set = routerset_new(); s = "::1"; r = routerset_parse(set, s, ""); tt_int_op(r, OP_EQ, 0); tt_int_op(smartlist_len(set->policies), OP_NE, 0); - tt_int_op(CALLED(router_parse_addr_policy_item_from_string), OP_EQ, 1); + tt_int_op(rset_parse_policy_ipv6_parse_item_from_string_called, OP_EQ, 1); done: routerset_free(set); } addr_policy_t * -NS(router_parse_addr_policy_item_from_string)(const char *s, +rset_parse_policy_ipv6_parse_item_from_string(const char *s, int assume_action, int *bad) { (void)s; (void)assume_action; - CALLED(router_parse_addr_policy_item_from_string)++; + rset_parse_policy_ipv6_parse_item_from_string_called++; *bad = 0; - return NS(mock_addr_policy); + return rset_parse_policy_ipv6_mock_addr_policy; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_union, source_bad) - /* * Structural test for routerset_union, when given a bad source argument. */ -NS_DECL(smartlist_t *, smartlist_new, (void)); +static smartlist_t * rset_union_source_bad_smartlist_new(void); +static int rset_union_source_bad_smartlist_new_called = 0; static void -NS(test_main)(void *arg) +test_rset_union_source_bad(void *arg) { routerset_t *set, *bad_set; (void)arg; @@ -593,16 +592,17 @@ NS(test_main)(void *arg) smartlist_free(bad_set->list); bad_set->list = NULL; - NS_MOCK(smartlist_new); + MOCK(smartlist_new, + rset_union_source_bad_smartlist_new); routerset_union(set, NULL); - tt_int_op(CALLED(smartlist_new), OP_EQ, 0); + tt_int_op(rset_union_source_bad_smartlist_new_called, OP_EQ, 0); routerset_union(set, bad_set); - tt_int_op(CALLED(smartlist_new), OP_EQ, 0); + tt_int_op(rset_union_source_bad_smartlist_new_called, OP_EQ, 0); done: - NS_UNMOCK(smartlist_new); + UNMOCK(smartlist_new); routerset_free(set); /* Just recreate list, so we can simply use routerset_free. */ @@ -611,22 +611,19 @@ NS(test_main)(void *arg) } static smartlist_t * -NS(smartlist_new)(void) +rset_union_source_bad_smartlist_new(void) { - CALLED(smartlist_new)++; + rset_union_source_bad_smartlist_new_called++; return NULL; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_union, one) - /* * Functional test for routerset_union. */ static void -NS(test_main)(void *arg) +test_rset_union_one(void *arg) { routerset_t *src = routerset_new(); routerset_t *tgt; @@ -643,15 +640,12 @@ NS(test_main)(void *arg) routerset_free(tgt); } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_is_list - /* * Functional tests for routerset_is_list. */ static void -NS(test_main)(void *arg) +test_rset_is_list(void *arg) { routerset_t *set; addr_policy_t *policy; @@ -696,15 +690,12 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_needs_geoip - /* * Functional tests for routerset_needs_geoip. */ static void -NS(test_main)(void *arg) +test_rset_needs_geoip(void *arg) { routerset_t *set; int needs_geoip; @@ -731,15 +722,12 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_is_empty - /* * Functional tests for routerset_is_empty. */ static void -NS(test_main)(void *arg) +test_rset_is_empty(void *arg) { routerset_t *set = NULL; int is_empty; @@ -765,16 +753,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, null_set_or_null_set_list) - /* * Functional test for routerset_contains, when given a NULL set or the * set has a NULL list. */ static void -NS(test_main)(void *arg) +test_rset_contains_null_set_or_list(void *arg) { routerset_t *set = NULL; int contains; @@ -794,16 +779,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_null_nickname) - /* * Functional test for routerset_contains, when given a valid routerset but a * NULL nickname. */ static void -NS(test_main)(void *arg) +test_rset_contains_null_nickname(void *arg) { routerset_t *set = routerset_new(); char *nickname = NULL; @@ -819,16 +801,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_nickname) - /* * Functional test for routerset_contains, when given a valid routerset * and the nickname is in the routerset. */ static void -NS(test_main)(void *arg) +test_rset_contains_nickname(void *arg) { routerset_t *set = routerset_new(); const char *nickname; @@ -845,16 +824,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_no_nickname) - /* * Functional test for routerset_contains, when given a valid routerset * and the nickname is not in the routerset. */ static void -NS(test_main)(void *arg) +test_rset_contains_no_nickname(void *arg) { routerset_t *set = routerset_new(); int contains; @@ -869,16 +845,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_digest) - /* * Functional test for routerset_contains, when given a valid routerset * and the digest is contained in the routerset. */ static void -NS(test_main)(void *arg) +test_rset_contains_digest(void *arg) { routerset_t *set = routerset_new(); int contains; @@ -894,16 +867,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_no_digest) - /* * Functional test for routerset_contains, when given a valid routerset * and the digest is not contained in the routerset. */ static void -NS(test_main)(void *arg) +test_rset_contains_no_digest(void *arg) { routerset_t *set = routerset_new(); int contains; @@ -920,16 +890,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_null_digest) - /* * Functional test for routerset_contains, when given a valid routerset * and the digest is NULL. */ static void -NS(test_main)(void *arg) +test_rset_contains_null_digest(void *arg) { routerset_t *set = routerset_new(); int contains; @@ -945,34 +912,34 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_addr) - /* * Structural test for routerset_contains, when given a valid routerset * and the address is rejected by policy. */ -NS_DECL(addr_policy_result_t, compare_tor_addr_to_addr_policy, - (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)); +static addr_policy_result_t rset_contains_addr_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, + const smartlist_t *policy); +static int rset_contains_addr_cmp_addr_to_policy_called = 0; static tor_addr_t MOCK_TOR_ADDR; #define MOCK_TOR_ADDR_PTR (&MOCK_TOR_ADDR) static void -NS(test_main)(void *arg) +test_rset_contains_addr(void *arg) { routerset_t *set = routerset_new(); tor_addr_t *addr = MOCK_TOR_ADDR_PTR; int contains; (void)arg; - NS_MOCK(compare_tor_addr_to_addr_policy); + MOCK(compare_tor_addr_to_addr_policy, + rset_contains_addr_cmp_addr_to_policy); contains = routerset_contains(set, addr, 0, NULL, NULL, 0); routerset_free(set); - tt_int_op(CALLED(compare_tor_addr_to_addr_policy), OP_EQ, 1); + tt_int_op(rset_contains_addr_cmp_addr_to_policy_called, OP_EQ, 1); tt_int_op(contains, OP_EQ, 3); done: @@ -980,12 +947,12 @@ NS(test_main)(void *arg) } addr_policy_result_t -NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, +rset_contains_addr_cmp_addr_to_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy) { (void)port; (void)policy; - CALLED(compare_tor_addr_to_addr_policy)++; + rset_contains_addr_cmp_addr_to_policy_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); return ADDR_POLICY_REJECTED; @@ -993,31 +960,31 @@ NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_no_addr) - /* * Structural test for routerset_contains, when given a valid routerset * and the address is not rejected by policy. */ -NS_DECL(addr_policy_result_t, compare_tor_addr_to_addr_policy, - (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)); +static addr_policy_result_t rset_contains_no_addr_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, + const smartlist_t *policy); +static int rset_contains_no_addr_cmp_addr_to_policy_called = 0; static void -NS(test_main)(void *arg) +test_rset_contains_no_addr(void *arg) { routerset_t *set = routerset_new(); tor_addr_t *addr = MOCK_TOR_ADDR_PTR; int contains; (void)arg; - NS_MOCK(compare_tor_addr_to_addr_policy); + MOCK(compare_tor_addr_to_addr_policy, + rset_contains_no_addr_cmp_addr_to_policy); contains = routerset_contains(set, addr, 0, NULL, NULL, 0); routerset_free(set); - tt_int_op(CALLED(compare_tor_addr_to_addr_policy), OP_EQ, 1); + tt_int_op(rset_contains_no_addr_cmp_addr_to_policy_called, OP_EQ, 1); tt_int_op(contains, OP_EQ, 0); done: @@ -1025,12 +992,12 @@ NS(test_main)(void *arg) } addr_policy_result_t -NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, +rset_contains_no_addr_cmp_addr_to_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy) { (void)port; (void)policy; - CALLED(compare_tor_addr_to_addr_policy)++; + rset_contains_no_addr_cmp_addr_to_policy_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); return ADDR_POLICY_ACCEPTED; @@ -1039,25 +1006,25 @@ NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, set_and_null_addr) - /* * Structural test for routerset_contains, when given a valid routerset * and the address is NULL. */ -NS_DECL(addr_policy_result_t, compare_tor_addr_to_addr_policy, - (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)); +static addr_policy_result_t rset_contains_null_addr_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, + const smartlist_t *policy); +static int rset_contains_null_addr_cmp_addr_to_policy_called = 0; static void -NS(test_main)(void *arg) +test_rset_contains_null_addr(void *arg) { routerset_t *set = routerset_new(); int contains; (void)arg; - NS_MOCK(compare_tor_addr_to_addr_policy); + MOCK(compare_tor_addr_to_addr_policy, + rset_contains_null_addr_cmp_addr_to_policy); contains = routerset_contains(set, NULL, 0, NULL, NULL, 0); routerset_free(set); @@ -1069,12 +1036,13 @@ NS(test_main)(void *arg) } addr_policy_result_t -NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, +rset_contains_null_addr_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, const smartlist_t *policy) { (void)port; (void)policy; - CALLED(compare_tor_addr_to_addr_policy)++; + rset_contains_null_addr_cmp_addr_to_policy_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); return ADDR_POLICY_ACCEPTED; @@ -1083,27 +1051,30 @@ NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, countries_no_geoip) - /* * Structural test for routerset_contains, when there is no matching country * for the address. */ -NS_DECL(addr_policy_result_t, compare_tor_addr_to_addr_policy, - (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)); -NS_DECL(int, geoip_get_country_by_addr, (const tor_addr_t *addr)); +static addr_policy_result_t rset_countries_no_geoip_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, + const smartlist_t *policy); +static int rset_countries_no_geoip_cmp_addr_to_policy_called = 0; +static int rset_countries_no_geoip_geoip_get_country_by_addr( + const tor_addr_t *addr); +static int rset_countries_no_geoip_geoip_get_country_by_addr_called = 0; static void -NS(test_main)(void *arg) +test_rset_countries_no_geoip(void *arg) { routerset_t *set = routerset_new(); int contains = 1; (void)arg; - NS_MOCK(compare_tor_addr_to_addr_policy); - NS_MOCK(geoip_get_country_by_addr); + MOCK(compare_tor_addr_to_addr_policy, + rset_countries_no_geoip_cmp_addr_to_policy); + MOCK(geoip_get_country_by_addr, + rset_countries_no_geoip_geoip_get_country_by_addr); set->countries = bitarray_init_zero(1); bitarray_set(set->countries, 1); @@ -1111,20 +1082,23 @@ NS(test_main)(void *arg) routerset_free(set); tt_int_op(contains, OP_EQ, 0); - tt_int_op(CALLED(compare_tor_addr_to_addr_policy), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_country_by_addr), OP_EQ, 1); + tt_int_op(rset_countries_no_geoip_cmp_addr_to_policy_called, + OP_EQ, 1); + tt_int_op(rset_countries_no_geoip_geoip_get_country_by_addr_called, + OP_EQ, 1); done: ; } addr_policy_result_t -NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, +rset_countries_no_geoip_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, const smartlist_t *policy) { (void)port; (void)policy; - CALLED(compare_tor_addr_to_addr_policy)++; + rset_countries_no_geoip_cmp_addr_to_policy_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); done: @@ -1132,36 +1106,39 @@ NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, } int -NS(geoip_get_country_by_addr)(const tor_addr_t *addr) +rset_countries_no_geoip_geoip_get_country_by_addr(const tor_addr_t *addr) { - CALLED(geoip_get_country_by_addr)++; + rset_countries_no_geoip_geoip_get_country_by_addr_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); done: return -1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains, countries_geoip) - /* * Structural test for routerset_contains, when there a matching country * for the address. */ -NS_DECL(addr_policy_result_t, compare_tor_addr_to_addr_policy, - (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)); -NS_DECL(int, geoip_get_country_by_addr, (const tor_addr_t *addr)); +static addr_policy_result_t rset_countries_geoip_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, + const smartlist_t *policy); +static int rset_countries_geoip_cmp_addr_to_policy_called = 0; +static int rset_countries_geoip_geoip_get_country_by_addr( + const tor_addr_t *addr); +static int rset_countries_geoip_geoip_get_country_by_addr_called = 0; static void -NS(test_main)(void *arg) +test_rset_countries_geoip(void *arg) { routerset_t *set = routerset_new(); int contains = 1; (void)arg; - NS_MOCK(compare_tor_addr_to_addr_policy); - NS_MOCK(geoip_get_country_by_addr); + MOCK(compare_tor_addr_to_addr_policy, + rset_countries_geoip_cmp_addr_to_policy); + MOCK(geoip_get_country_by_addr, + rset_countries_geoip_geoip_get_country_by_addr); set->n_countries = 2; set->countries = bitarray_init_zero(1); @@ -1170,20 +1147,24 @@ NS(test_main)(void *arg) routerset_free(set); tt_int_op(contains, OP_EQ, 2); - tt_int_op(CALLED(compare_tor_addr_to_addr_policy), OP_EQ, 1); - tt_int_op(CALLED(geoip_get_country_by_addr), OP_EQ, 1); + tt_int_op( + rset_countries_geoip_cmp_addr_to_policy_called, + OP_EQ, 1); + tt_int_op(rset_countries_geoip_geoip_get_country_by_addr_called, + OP_EQ, 1); done: ; } addr_policy_result_t -NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, +rset_countries_geoip_cmp_addr_to_policy( + const tor_addr_t *addr, uint16_t port, const smartlist_t *policy) { (void)port; (void)policy; - CALLED(compare_tor_addr_to_addr_policy)++; + rset_countries_geoip_cmp_addr_to_policy_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); done: @@ -1191,25 +1172,22 @@ NS(compare_tor_addr_to_addr_policy)(const tor_addr_t *addr, uint16_t port, } int -NS(geoip_get_country_by_addr)(const tor_addr_t *addr) +rset_countries_geoip_geoip_get_country_by_addr(const tor_addr_t *addr) { - CALLED(geoip_get_country_by_addr)++; + rset_countries_geoip_geoip_get_country_by_addr_called++; tt_ptr_op(addr, OP_EQ, MOCK_TOR_ADDR_PTR); done: return 1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_add_unknown_ccs, only_flag_and_no_ccs) - /* * Functional test for routerset_add_unknown_ccs, where only_if_some_cc_set * is set and there are no country names. */ static void -NS(test_main)(void *arg) +test_rset_add_unknown_ccs_only_flag(void *arg) { routerset_t *set = routerset_new(); routerset_t **setp = &set; @@ -1224,26 +1202,26 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_add_unknown_ccs, creates_set) - /* * Functional test for routerset_add_unknown_ccs, where the set argument * is created if passed in as NULL. */ /* The mock is only used to stop the test from asserting erroneously. */ -NS_DECL(country_t, geoip_get_country, (const char *country)); +static country_t rset_add_unknown_ccs_creates_set_geoip_get_country( + const char *country); +static int rset_add_unknown_ccs_creates_set_geoip_get_country_called = 0; static void -NS(test_main)(void *arg) +test_rset_add_unknown_ccs_creates_set(void *arg) { routerset_t *set = NULL; routerset_t **setp = &set; int r; (void)arg; - NS_MOCK(geoip_get_country); + MOCK(geoip_get_country, + rset_add_unknown_ccs_creates_set_geoip_get_country); r = routerset_add_unknown_ccs(setp, 0); @@ -1256,35 +1234,38 @@ NS(test_main)(void *arg) } country_t -NS(geoip_get_country)(const char *country) +rset_add_unknown_ccs_creates_set_geoip_get_country(const char *country) { (void)country; - CALLED(geoip_get_country)++; + rset_add_unknown_ccs_creates_set_geoip_get_country_called++; return -1; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_add_unknown_ccs, add_unknown) - /* * Structural test for routerset_add_unknown_ccs, that the "{??}" * country code is added to the list. */ -NS_DECL(country_t, geoip_get_country, (const char *country)); -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); +static country_t rset_add_unknown_ccs_add_unknown_geoip_get_country( + const char *country); +static int rset_add_unknown_ccs_add_unknown_geoip_get_country_called = 0; +static int rset_add_unknown_ccs_add_unknown_geoip_is_loaded( + sa_family_t family); +static int rset_add_unknown_ccs_add_unknown_geoip_is_loaded_called = 0; static void -NS(test_main)(void *arg) +test_rset_add_unknown_ccs_add_unknown(void *arg) { routerset_t *set = routerset_new(); routerset_t **setp = &set; int r; (void)arg; - NS_MOCK(geoip_get_country); - NS_MOCK(geoip_is_loaded); + MOCK(geoip_get_country, + rset_add_unknown_ccs_add_unknown_geoip_get_country); + MOCK(geoip_is_loaded, + rset_add_unknown_ccs_add_unknown_geoip_is_loaded); r = routerset_add_unknown_ccs(setp, 0); @@ -1298,11 +1279,11 @@ NS(test_main)(void *arg) } country_t -NS(geoip_get_country)(const char *country) +rset_add_unknown_ccs_add_unknown_geoip_get_country(const char *country) { int arg_is_qq, arg_is_a1; - CALLED(geoip_get_country)++; + rset_add_unknown_ccs_add_unknown_geoip_get_country_called++; arg_is_qq = !strcmp(country, "??"); arg_is_a1 = !strcmp(country, "A1"); @@ -1317,9 +1298,9 @@ NS(geoip_get_country)(const char *country) } int -NS(geoip_is_loaded)(sa_family_t family) +rset_add_unknown_ccs_add_unknown_geoip_is_loaded(sa_family_t family) { - CALLED(geoip_is_loaded)++; + rset_add_unknown_ccs_add_unknown_geoip_is_loaded_called++; tt_int_op(family, OP_EQ, AF_INET); @@ -1327,27 +1308,29 @@ NS(geoip_is_loaded)(sa_family_t family) return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_add_unknown_ccs, add_a1) - /* * Structural test for routerset_add_unknown_ccs, that the "{a1}" * country code is added to the list. */ -NS_DECL(country_t, geoip_get_country, (const char *country)); -NS_DECL(int, geoip_is_loaded, (sa_family_t family)); +static country_t rset_add_unknown_ccs_add_a1_geoip_get_country( + const char *country); +static int rset_add_unknown_ccs_add_a1_geoip_get_country_called = 0; +static int rset_add_unknown_ccs_add_a1_geoip_is_loaded(sa_family_t family); +static int rset_add_unknown_ccs_add_a1_geoip_is_loaded_called = 0; static void -NS(test_main)(void *arg) +test_rset_add_unknown_ccs_add_a1(void *arg) { routerset_t *set = routerset_new(); routerset_t **setp = &set; int r; (void)arg; - NS_MOCK(geoip_get_country); - NS_MOCK(geoip_is_loaded); + MOCK(geoip_get_country, + rset_add_unknown_ccs_add_a1_geoip_get_country); + MOCK(geoip_is_loaded, + rset_add_unknown_ccs_add_a1_geoip_is_loaded); r = routerset_add_unknown_ccs(setp, 0); @@ -1361,11 +1344,11 @@ NS(test_main)(void *arg) } country_t -NS(geoip_get_country)(const char *country) +rset_add_unknown_ccs_add_a1_geoip_get_country(const char *country) { int arg_is_qq, arg_is_a1; - CALLED(geoip_get_country)++; + rset_add_unknown_ccs_add_a1_geoip_get_country_called++; arg_is_qq = !strcmp(country, "??"); arg_is_a1 = !strcmp(country, "A1"); @@ -1380,9 +1363,9 @@ NS(geoip_get_country)(const char *country) } int -NS(geoip_is_loaded)(sa_family_t family) +rset_add_unknown_ccs_add_a1_geoip_is_loaded(sa_family_t family) { - CALLED(geoip_is_loaded)++; + rset_add_unknown_ccs_add_a1_geoip_is_loaded_called++; tt_int_op(family, OP_EQ, AF_INET); @@ -1390,15 +1373,12 @@ NS(geoip_is_loaded)(sa_family_t family) return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_contains_extendinfo - /* * Functional test for routerset_contains_extendinfo. */ static void -NS(test_main)(void *arg) +test_rset_contains_extendinfo(void *arg) { routerset_t *set = routerset_new(); extend_info_t ei; @@ -1418,15 +1398,12 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_contains_router - /* * Functional test for routerset_contains_router. */ static void -NS(test_main)(void *arg) +test_rset_contains_router(void *arg) { routerset_t *set = routerset_new(); routerinfo_t ri; @@ -1446,9 +1423,6 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_contains_routerstatus - /* * Functional test for routerset_contains_routerstatus. */ @@ -1458,7 +1432,7 @@ NS(test_main)(void *arg) // a bit more or test a bit more. static void -NS(test_main)(void *arg) +test_rset_contains_routerstatus(void *arg) { routerset_t *set = routerset_new(); routerstatus_t rs; @@ -1479,46 +1453,41 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains_node, none) - /* * Functional test for routerset_contains_node, when the node has no * routerset or routerinfo. */ -static node_t NS(mock_node); +static node_t rset_contains_none_mock_node; static void -NS(test_main)(void *arg) +test_rset_contains_none(void *arg) { routerset_t *set = routerset_new(); int r; (void)arg; - memset(&NS(mock_node), 0, sizeof(NS(mock_node))); - NS(mock_node).ri = NULL; - NS(mock_node).rs = NULL; + memset(&rset_contains_none_mock_node, 0, + sizeof(rset_contains_none_mock_node)); + rset_contains_none_mock_node.ri = NULL; + rset_contains_none_mock_node.rs = NULL; - r = routerset_contains_node(set, &NS(mock_node)); + r = routerset_contains_node(set, &rset_contains_none_mock_node); tt_int_op(r, OP_EQ, 0); done: routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains_node, routerstatus) - /* * Functional test for routerset_contains_node, when the node has a * routerset and no routerinfo. */ -static node_t NS(mock_node); +static node_t rset_contains_rs_mock_node; static void -NS(test_main)(void *arg) +test_rset_contains_rs(void *arg) { routerset_t *set = routerset_new(); int r; @@ -1530,27 +1499,24 @@ NS(test_main)(void *arg) strncpy(rs.nickname, nickname, sizeof(rs.nickname) - 1); rs.nickname[sizeof(rs.nickname) - 1] = '\0'; - memset(&NS(mock_node), 0, sizeof(NS(mock_node))); - NS(mock_node).ri = NULL; - NS(mock_node).rs = &rs; + memset(&rset_contains_rs_mock_node, 0, sizeof(rset_contains_rs_mock_node)); + rset_contains_rs_mock_node.ri = NULL; + rset_contains_rs_mock_node.rs = &rs; - r = routerset_contains_node(set, &NS(mock_node)); + r = routerset_contains_node(set, &rset_contains_rs_mock_node); tt_int_op(r, OP_EQ, 4); done: routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_contains_node, routerinfo) - /* * Functional test for routerset_contains_node, when the node has no * routerset and a routerinfo. */ static void -NS(test_main)(void *arg) +test_rset_contains_routerinfo(void *arg) { routerset_t *set = routerset_new(); int r; @@ -1573,16 +1539,13 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, no_routerset) - /* * Functional test for routerset_get_all_nodes, when routerset is NULL or * the routerset list is NULL. */ static void -NS(test_main)(void *arg) +test_rset_get_all_no_routerset(void *arg) { smartlist_t *out = smartlist_new(); routerset_t *set = NULL; @@ -1606,30 +1569,29 @@ NS(test_main)(void *arg) smartlist_free(out); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, list_with_no_nodes) - /* * Structural test for routerset_get_all_nodes, when the routerset list * is empty. */ -NS_DECL(const node_t *, node_get_by_nickname, - (const char *nickname, unsigned flags)); -static const char *NS(mock_nickname); +static const node_t * rset_get_all_l_no_nodes_node_get_by_nickname( + const char *nickname, unsigned flags); +static int rset_get_all_l_no_nodes_node_get_by_nickname_called = 0; +static const char *rset_get_all_l_no_nodes_mock_nickname; static void -NS(test_main)(void *arg) +test_rset_get_all_l_no_nodes(void *arg) { smartlist_t *out = smartlist_new(); routerset_t *set = routerset_new(); int out_len; (void)arg; - NS_MOCK(node_get_by_nickname); + MOCK(node_get_by_nickname, + rset_get_all_l_no_nodes_node_get_by_nickname); - NS(mock_nickname) = "foo"; - smartlist_add_strdup(set->list, NS(mock_nickname)); + rset_get_all_l_no_nodes_mock_nickname = "foo"; + smartlist_add_strdup(set->list, rset_get_all_l_no_nodes_mock_nickname); routerset_get_all_nodes(out, set, NULL, 0); out_len = smartlist_len(out); @@ -1638,49 +1600,49 @@ NS(test_main)(void *arg) routerset_free(set); tt_int_op(out_len, OP_EQ, 0); - tt_int_op(CALLED(node_get_by_nickname), OP_EQ, 1); + tt_int_op(rset_get_all_l_no_nodes_node_get_by_nickname_called, OP_EQ, 1); done: ; } const node_t * -NS(node_get_by_nickname)(const char *nickname, unsigned flags) +rset_get_all_l_no_nodes_node_get_by_nickname(const char *nickname, + unsigned flags) { - CALLED(node_get_by_nickname)++; - tt_str_op(nickname, OP_EQ, NS(mock_nickname)); + rset_get_all_l_no_nodes_node_get_by_nickname_called++; + tt_str_op(nickname, OP_EQ, rset_get_all_l_no_nodes_mock_nickname); tt_uint_op(flags, OP_EQ, 0); done: return NULL; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, list_flag_not_running) - /* * Structural test for routerset_get_all_nodes, with the running_only flag * is set but the nodes are not running. */ -NS_DECL(const node_t *, node_get_by_nickname, - (const char *nickname, unsigned flags)); -static const char *NS(mock_nickname); -static node_t NS(mock_node); +static const node_t * rset_get_all_l_not_running_node_get_by_nickname( + const char *nickname, unsigned flags); +static int rset_get_all_l_not_running_node_get_by_nickname_called = 0; +static const char *rset_get_all_l_not_running_mock_nickname; +static node_t rset_get_all_l_not_running_mock_node; static void -NS(test_main)(void *arg) +test_rset_get_all_l_not_running(void *arg) { smartlist_t *out = smartlist_new(); routerset_t *set = routerset_new(); int out_len; (void)arg; - NS_MOCK(node_get_by_nickname); + MOCK(node_get_by_nickname, + rset_get_all_l_not_running_node_get_by_nickname); - NS(mock_node).is_running = 0; - NS(mock_nickname) = "foo"; - smartlist_add_strdup(set->list, NS(mock_nickname)); + rset_get_all_l_not_running_mock_node.is_running = 0; + rset_get_all_l_not_running_mock_nickname = "foo"; + smartlist_add_strdup(set->list, rset_get_all_l_not_running_mock_nickname); routerset_get_all_nodes(out, set, NULL, 1); out_len = smartlist_len(out); @@ -1689,37 +1651,36 @@ NS(test_main)(void *arg) routerset_free(set); tt_int_op(out_len, OP_EQ, 0); - tt_int_op(CALLED(node_get_by_nickname), OP_EQ, 1); + tt_int_op(rset_get_all_l_not_running_node_get_by_nickname_called, OP_EQ, 1); done: ; } const node_t * -NS(node_get_by_nickname)(const char *nickname, unsigned flags) +rset_get_all_l_not_running_node_get_by_nickname(const char *nickname, + unsigned flags) { - CALLED(node_get_by_nickname)++; - tt_str_op(nickname, OP_EQ, NS(mock_nickname)); + rset_get_all_l_not_running_node_get_by_nickname_called++; + tt_str_op(nickname, OP_EQ, rset_get_all_l_not_running_mock_nickname); tt_int_op(flags, OP_EQ, 0); done: - return &NS(mock_node); + return &rset_get_all_l_not_running_mock_node; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, list) - /* * Structural test for routerset_get_all_nodes. */ -NS_DECL(const node_t *, node_get_by_nickname, - (const char *nickname, unsigned flags)); -static char *NS(mock_nickname); -static node_t NS(mock_node); +static const node_t * rset_get_all_list_node_get_by_nickname( + const char *nickname, unsigned flags); +static int rset_get_all_list_node_get_by_nickname_called = 0; +static char *rset_get_all_list_mock_nickname; +static node_t rset_get_all_list_mock_node; static void -NS(test_main)(void *arg) +test_rset_get_all_list(void *arg) { smartlist_t *out = smartlist_new(); routerset_t *set = routerset_new(); @@ -1727,10 +1688,11 @@ NS(test_main)(void *arg) node_t *ent; (void)arg; - NS_MOCK(node_get_by_nickname); + MOCK(node_get_by_nickname, + rset_get_all_list_node_get_by_nickname); - NS(mock_nickname) = tor_strdup("foo"); - smartlist_add(set->list, NS(mock_nickname)); + rset_get_all_list_mock_nickname = tor_strdup("foo"); + smartlist_add(set->list, rset_get_all_list_mock_nickname); routerset_get_all_nodes(out, set, NULL, 0); out_len = smartlist_len(out); @@ -1740,127 +1702,122 @@ NS(test_main)(void *arg) routerset_free(set); tt_int_op(out_len, OP_EQ, 1); - tt_ptr_op(ent, OP_EQ, &NS(mock_node)); - tt_int_op(CALLED(node_get_by_nickname), OP_EQ, 1); + tt_ptr_op(ent, OP_EQ, &rset_get_all_list_mock_node); + tt_int_op(rset_get_all_list_node_get_by_nickname_called, OP_EQ, 1); done: ; } const node_t * -NS(node_get_by_nickname)(const char *nickname, unsigned flags) +rset_get_all_list_node_get_by_nickname(const char *nickname, unsigned flags) { - CALLED(node_get_by_nickname)++; - tt_str_op(nickname, OP_EQ, NS(mock_nickname)); + rset_get_all_list_node_get_by_nickname_called++; + tt_str_op(nickname, OP_EQ, rset_get_all_list_mock_nickname); tt_int_op(flags, OP_EQ, 0); done: - return &NS(mock_node); + return &rset_get_all_list_mock_node; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, nodelist_with_no_nodes) - /* * Structural test for routerset_get_all_nodes, when the nodelist has no nodes. */ -NS_DECL(smartlist_t *, nodelist_get_list, (void)); - -static smartlist_t *NS(mock_smartlist); +static const smartlist_t * rset_get_all_n_no_nodes_nodelist_get_list(void); +static int rset_get_all_n_no_nodes_nodelist_get_list_called = 0; +static smartlist_t *rset_get_all_n_no_nodes_mock_smartlist; static void -NS(test_main)(void *arg) +test_rset_get_all_n_no_nodes(void *arg) { routerset_t *set = routerset_new(); smartlist_t *out = smartlist_new(); int r; (void)arg; - NS_MOCK(nodelist_get_list); + MOCK(nodelist_get_list, + rset_get_all_n_no_nodes_nodelist_get_list); smartlist_add_strdup(set->country_names, "{xx}"); - NS(mock_smartlist) = smartlist_new(); + rset_get_all_n_no_nodes_mock_smartlist = smartlist_new(); routerset_get_all_nodes(out, set, NULL, 1); r = smartlist_len(out); routerset_free(set); smartlist_free(out); - smartlist_free(NS(mock_smartlist)); + smartlist_free(rset_get_all_n_no_nodes_mock_smartlist); tt_int_op(r, OP_EQ, 0); - tt_int_op(CALLED(nodelist_get_list), OP_EQ, 1); + tt_int_op(rset_get_all_n_no_nodes_nodelist_get_list_called, OP_EQ, 1); done: ; } -smartlist_t * -NS(nodelist_get_list)(void) +const smartlist_t * +rset_get_all_n_no_nodes_nodelist_get_list(void) { - CALLED(nodelist_get_list)++; + rset_get_all_n_no_nodes_nodelist_get_list_called++; - return NS(mock_smartlist); + return rset_get_all_n_no_nodes_mock_smartlist; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_get_all_nodes, nodelist_flag_not_running) - /* * Structural test for routerset_get_all_nodes, with a non-list routerset * the running_only flag is set, but the nodes are not running. */ -NS_DECL(smartlist_t *, nodelist_get_list, (void)); +static const smartlist_t * rset_get_all_n_not_running_nodelist_get_list(void); +static int rset_get_all_n_not_running_nodelist_get_list_called = 0; -static smartlist_t *NS(mock_smartlist); -static node_t NS(mock_node); +static smartlist_t *rset_get_all_n_not_running_mock_smartlist; +static node_t rset_get_all_n_not_running_mock_node; static void -NS(test_main)(void *arg) +test_rset_get_all_n_not_running(void *arg) { routerset_t *set = routerset_new(); smartlist_t *out = smartlist_new(); int r; (void)arg; - NS_MOCK(nodelist_get_list); + MOCK(nodelist_get_list, + rset_get_all_n_not_running_nodelist_get_list); smartlist_add_strdup(set->country_names, "{xx}"); - NS(mock_smartlist) = smartlist_new(); - NS(mock_node).is_running = 0; - smartlist_add(NS(mock_smartlist), (void *)&NS(mock_node)); + rset_get_all_n_not_running_mock_smartlist = smartlist_new(); + rset_get_all_n_not_running_mock_node.is_running = 0; + smartlist_add(rset_get_all_n_not_running_mock_smartlist, + (void *)&rset_get_all_n_not_running_mock_node); routerset_get_all_nodes(out, set, NULL, 1); r = smartlist_len(out); routerset_free(set); smartlist_free(out); - smartlist_free(NS(mock_smartlist)); + smartlist_free(rset_get_all_n_not_running_mock_smartlist); tt_int_op(r, OP_EQ, 0); - tt_int_op(CALLED(nodelist_get_list), OP_EQ, 1); + tt_int_op(rset_get_all_n_not_running_nodelist_get_list_called, OP_EQ, 1); done: ; } -smartlist_t * -NS(nodelist_get_list)(void) +const smartlist_t * +rset_get_all_n_not_running_nodelist_get_list(void) { - CALLED(nodelist_get_list)++; + rset_get_all_n_not_running_nodelist_get_list_called++; - return NS(mock_smartlist); + return rset_get_all_n_not_running_mock_smartlist; } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_subtract_nodes - /* * Functional test for routerset_subtract_nodes. */ static void -NS(test_main)(void *arg) +test_rset_subtract_nodes(void *arg) { routerset_t *set = routerset_new(); smartlist_t *list = smartlist_new(); @@ -1885,15 +1842,12 @@ NS(test_main)(void *arg) smartlist_free(list); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_subtract_nodes, null_routerset) - /* * Functional test for routerset_subtract_nodes, with a NULL routerset. */ static void -NS(test_main)(void *arg) +test_rset_subtract_nodes_null_routerset(void *arg) { routerset_t *set = NULL; smartlist_t *list = smartlist_new(); @@ -1915,15 +1869,12 @@ NS(test_main)(void *arg) smartlist_free(list); } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_to_string - /* * Functional test for routerset_to_string. */ static void -NS(test_main)(void *arg) +test_rset_to_string(void *arg) { routerset_t *set = NULL; char *s = NULL; @@ -1960,15 +1911,12 @@ NS(test_main)(void *arg) routerset_free(set); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_equal, empty_empty) - /* * Functional test for routerset_equal, with both routersets empty. */ static void -NS(test_main)(void *arg) +test_rset_equal_empty_empty(void *arg) { routerset_t *a = routerset_new(), *b = routerset_new(); int r; @@ -1984,15 +1932,12 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_equal, empty_not_empty) - /* * Functional test for routerset_equal, with one routersets empty. */ static void -NS(test_main)(void *arg) +test_rset_equal_empty_not_empty(void *arg) { routerset_t *a = routerset_new(), *b = routerset_new(); int r; @@ -2008,16 +1953,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_equal, differing_lengths) - /* * Functional test for routerset_equal, with the routersets having * differing lengths. */ static void -NS(test_main)(void *arg) +test_rset_equal_differing_lengths(void *arg) { routerset_t *a = routerset_new(), *b = routerset_new(); int r; @@ -2035,16 +1977,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_equal, unequal) - /* * Functional test for routerset_equal, with the routersets being * different. */ static void -NS(test_main)(void *arg) +test_rset_equal_unequal(void *arg) { routerset_t *a = routerset_new(), *b = routerset_new(); int r; @@ -2061,16 +2000,13 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_equal, equal) - /* * Functional test for routerset_equal, with the routersets being * equal. */ static void -NS(test_main)(void *arg) +test_rset_equal_equal(void *arg) { routerset_t *a = routerset_new(), *b = routerset_new(); int r; @@ -2087,147 +2023,176 @@ NS(test_main)(void *arg) ; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(routerset_free, null_routerset) - /* * Structural test for routerset_free, where the routerset is NULL. */ -NS_DECL(void, smartlist_free_, (smartlist_t *sl)); +static void rset_free_null_routerset_smartlist_free_(smartlist_t *sl); +static int rset_free_null_routerset_smartlist_free__called = 0; static void -NS(test_main)(void *arg) +test_rset_free_null_routerset(void *arg) { (void)arg; - NS_MOCK(smartlist_free_); + MOCK(smartlist_free_, + rset_free_null_routerset_smartlist_free_); routerset_free_(NULL); - tt_int_op(CALLED(smartlist_free_), OP_EQ, 0); + tt_int_op(rset_free_null_routerset_smartlist_free__called, OP_EQ, 0); done: ; } void -NS(smartlist_free_)(smartlist_t *s) +rset_free_null_routerset_smartlist_free_(smartlist_t *s) { (void)s; - CALLED(smartlist_free_)++; + rset_free_null_routerset_smartlist_free__called++; } -#undef NS_SUBMODULE -#define NS_SUBMODULE routerset_free - /* * Structural test for routerset_free. */ -NS_DECL(void, smartlist_free_, (smartlist_t *sl)); -NS_DECL(void, strmap_free_,(strmap_t *map, void (*free_val)(void*))); -NS_DECL(void, digestmap_free_, (digestmap_t *map, void (*free_val)(void*))); +static void rset_free_smartlist_free_(smartlist_t *sl); +static int rset_free_smartlist_free__called = 0; +static void rset_free_strmap_free_(strmap_t *map, void (*free_val)(void*)); +static int rset_free_strmap_free__called = 0; +static void rset_free_digestmap_free_(digestmap_t *map, + void (*free_val)(void*)); +static int rset_free_digestmap_free__called = 0; static void -NS(test_main)(void *arg) +test_rset_free(void *arg) { routerset_t *routerset = routerset_new(); (void)arg; - NS_MOCK(smartlist_free_); - NS_MOCK(strmap_free_); - NS_MOCK(digestmap_free_); + MOCK(smartlist_free_, + rset_free_smartlist_free_); + MOCK(strmap_free_, + rset_free_strmap_free_); + MOCK(digestmap_free_, + rset_free_digestmap_free_); routerset_free(routerset); - tt_int_op(CALLED(smartlist_free_), OP_NE, 0); - tt_int_op(CALLED(strmap_free_), OP_NE, 0); - tt_int_op(CALLED(digestmap_free_), OP_NE, 0); + tt_int_op(rset_free_smartlist_free__called, OP_NE, 0); + tt_int_op(rset_free_strmap_free__called, OP_NE, 0); + tt_int_op(rset_free_digestmap_free__called, OP_NE, 0); done: ; } void -NS(smartlist_free_)(smartlist_t *s) +rset_free_smartlist_free_(smartlist_t *s) { - CALLED(smartlist_free_)++; + rset_free_smartlist_free__called++; smartlist_free___real(s); } void -NS(strmap_free_)(strmap_t *map, void (*free_val)(void*)) +rset_free_strmap_free_(strmap_t *map, void (*free_val)(void*)) { - CALLED(strmap_free_)++; + rset_free_strmap_free__called++; strmap_free___real(map, free_val); } void -NS(digestmap_free_)(digestmap_t *map, void (*free_val)(void*)) +rset_free_digestmap_free_(digestmap_t *map, void (*free_val)(void*)) { - CALLED(digestmap_free_)++; + rset_free_digestmap_free__called++; digestmap_free___real(map, free_val); } -#undef NS_SUBMODULE - struct testcase_t routerset_tests[] = { - TEST_CASE(routerset_new), - TEST_CASE(routerset_get_countryname), - TEST_CASE(routerset_is_list), - TEST_CASE(routerset_needs_geoip), - TEST_CASE(routerset_is_empty), - TEST_CASE_ASPECT(routerset_contains, null_set_or_null_set_list), - TEST_CASE_ASPECT(routerset_contains, set_and_nickname), - TEST_CASE_ASPECT(routerset_contains, set_and_null_nickname), - TEST_CASE_ASPECT(routerset_contains, set_and_no_nickname), - TEST_CASE_ASPECT(routerset_contains, set_and_digest), - TEST_CASE_ASPECT(routerset_contains, set_and_no_digest), - TEST_CASE_ASPECT(routerset_contains, set_and_null_digest), - TEST_CASE_ASPECT(routerset_contains, set_and_addr), - TEST_CASE_ASPECT(routerset_contains, set_and_no_addr), - TEST_CASE_ASPECT(routerset_contains, set_and_null_addr), - TEST_CASE_ASPECT(routerset_contains, countries_no_geoip), - TEST_CASE_ASPECT(routerset_contains, countries_geoip), - TEST_CASE_ASPECT(routerset_add_unknown_ccs, only_flag_and_no_ccs), - TEST_CASE_ASPECT(routerset_add_unknown_ccs, creates_set), - TEST_CASE_ASPECT(routerset_add_unknown_ccs, add_unknown), - TEST_CASE_ASPECT(routerset_add_unknown_ccs, add_a1), - TEST_CASE(routerset_contains_extendinfo), - TEST_CASE(routerset_contains_router), - TEST_CASE(routerset_contains_routerstatus), - TEST_CASE_ASPECT(routerset_contains_node, none), - TEST_CASE_ASPECT(routerset_contains_node, routerinfo), - TEST_CASE_ASPECT(routerset_contains_node, routerstatus), - TEST_CASE_ASPECT(routerset_get_all_nodes, no_routerset), - TEST_CASE_ASPECT(routerset_get_all_nodes, list_with_no_nodes), - TEST_CASE_ASPECT(routerset_get_all_nodes, list_flag_not_running), - TEST_CASE_ASPECT(routerset_get_all_nodes, list), - TEST_CASE_ASPECT(routerset_get_all_nodes, nodelist_with_no_nodes), - TEST_CASE_ASPECT(routerset_get_all_nodes, nodelist_flag_not_running), - TEST_CASE_ASPECT(routerset_refresh_counties, geoip_not_loaded), - TEST_CASE_ASPECT(routerset_refresh_counties, no_countries), - TEST_CASE_ASPECT(routerset_refresh_counties, one_valid_country), - TEST_CASE_ASPECT(routerset_refresh_counties, one_invalid_country), - TEST_CASE_ASPECT(routerset_union, source_bad), - TEST_CASE_ASPECT(routerset_union, one), - TEST_CASE_ASPECT(routerset_parse, malformed), - TEST_CASE_ASPECT(routerset_parse, valid_hexdigest), - TEST_CASE_ASPECT(routerset_parse, valid_nickname), - TEST_CASE_ASPECT(routerset_parse, get_countryname), - TEST_CASE_ASPECT(routerset_parse, policy_wildcard), - TEST_CASE_ASPECT(routerset_parse, policy_ipv4), - TEST_CASE_ASPECT(routerset_parse, policy_ipv6), - TEST_CASE(routerset_subtract_nodes), - TEST_CASE_ASPECT(routerset_subtract_nodes, null_routerset), - TEST_CASE(routerset_to_string), - TEST_CASE_ASPECT(routerset_equal, empty_empty), - TEST_CASE_ASPECT(routerset_equal, empty_not_empty), - TEST_CASE_ASPECT(routerset_equal, differing_lengths), - TEST_CASE_ASPECT(routerset_equal, unequal), - TEST_CASE_ASPECT(routerset_equal, equal), - TEST_CASE_ASPECT(routerset_free, null_routerset), - TEST_CASE(routerset_free), + { "new", test_rset_new, TT_FORK, NULL, NULL }, + { "get_countryname", test_rset_get_countryname, TT_FORK, NULL, NULL }, + { "is_list", test_rset_is_list, TT_FORK, NULL, NULL }, + { "needs_geoip", test_rset_needs_geoip, TT_FORK, NULL, NULL }, + { "is_empty", test_rset_is_empty, TT_FORK, NULL, NULL }, + { "contains_null_set_or_list", test_rset_contains_null_set_or_list, + TT_FORK, NULL, NULL }, + { "contains_nickname", test_rset_contains_nickname, TT_FORK, NULL, NULL }, + { "contains_null_nickname", test_rset_contains_null_nickname, + TT_FORK, NULL, NULL }, + { "contains_no_nickname", test_rset_contains_no_nickname, + TT_FORK, NULL, NULL }, + { "contains_digest", test_rset_contains_digest, TT_FORK, NULL, NULL }, + { "contains_no_digest", test_rset_contains_no_digest, TT_FORK, NULL, NULL }, + { "contains_null_digest", test_rset_contains_null_digest, + TT_FORK, NULL, NULL }, + { "contains_addr", test_rset_contains_addr, TT_FORK, NULL, NULL }, + { "contains_no_addr", test_rset_contains_no_addr, TT_FORK, NULL, NULL }, + { "contains_null_addr", test_rset_contains_null_addr, TT_FORK, NULL, NULL }, + { "contains_countries_no_geoip", test_rset_countries_no_geoip, + TT_FORK, NULL, NULL }, + { "contains_countries_geoip", test_rset_countries_geoip, + TT_FORK, NULL, NULL }, + { "add_unknown_ccs_only_flag", test_rset_add_unknown_ccs_only_flag, + TT_FORK, NULL, NULL }, + { "add_unknown_ccs_creates_set", test_rset_add_unknown_ccs_creates_set, + TT_FORK, NULL, NULL }, + { "add_unknown_ccs_add_unknown", test_rset_add_unknown_ccs_add_unknown, + TT_FORK, NULL, NULL }, + { "add_unknown_ccs_add_a1", test_rset_add_unknown_ccs_add_a1, + TT_FORK, NULL, NULL }, + { "contains_extendinfo", test_rset_contains_extendinfo, + TT_FORK, NULL, NULL }, + { "contains_router", test_rset_contains_router, TT_FORK, NULL, NULL }, + { "contains_routerstatus", test_rset_contains_routerstatus, + TT_FORK, NULL, NULL }, + { "contains_none", test_rset_contains_none, TT_FORK, NULL, NULL }, + { "contains_routerinfo", test_rset_contains_routerinfo, + TT_FORK, NULL, NULL }, + { "contains_rs", test_rset_contains_rs, TT_FORK, NULL, NULL }, + { "get_all_no_routerset", test_rset_get_all_no_routerset, + TT_FORK, NULL, NULL }, + { "get_all_l_no_nodes", test_rset_get_all_l_no_nodes, TT_FORK, NULL, NULL }, + { "get_all_l_not_running", test_rset_get_all_l_not_running, + TT_FORK, NULL, NULL }, + { "get_all_list", test_rset_get_all_list, TT_FORK, NULL, NULL }, + { "get_all_n_no_nodes", test_rset_get_all_n_no_nodes, TT_FORK, NULL, NULL }, + { "get_all_n_not_running", test_rset_get_all_n_not_running, + TT_FORK, NULL, NULL }, + { "refresh_geoip_not_loaded", test_rset_refresh_geoip_not_loaded, + TT_FORK, NULL, NULL }, + { "refresh_no_countries", test_rset_refresh_no_countries, + TT_FORK, NULL, NULL }, + { "refresh_one_valid_country", test_rset_refresh_one_valid_country, + TT_FORK, NULL, NULL }, + { "refresh_one_invalid_country", test_rset_refresh_one_invalid_country, + TT_FORK, NULL, NULL }, + { "union_source_bad", test_rset_union_source_bad, TT_FORK, NULL, NULL }, + { "union_one", test_rset_union_one, TT_FORK, NULL, NULL }, + { "parse_malformed", test_rset_parse_malformed, TT_FORK, NULL, NULL }, + { "parse_valid_hexdigest", test_rset_parse_valid_hexdigest, + TT_FORK, NULL, NULL }, + { "parse_valid_nickname", test_rset_parse_valid_nickname, + TT_FORK, NULL, NULL }, + { "parse_get_countryname", test_rset_parse_get_countryname, + TT_FORK, NULL, NULL }, + { "parse_policy_wildcard", test_rset_parse_policy_wildcard, + TT_FORK, NULL, NULL }, + { "parse_policy_ipv4", test_rset_parse_policy_ipv4, TT_FORK, NULL, NULL }, + { "parse_policy_ipv6", test_rset_parse_policy_ipv6, TT_FORK, NULL, NULL }, + { "subtract_nodes", test_rset_subtract_nodes, TT_FORK, NULL, NULL }, + { "subtract_nodes_null_routerset", test_rset_subtract_nodes_null_routerset, + TT_FORK, NULL, NULL }, + { "to_string", test_rset_to_string, TT_FORK, NULL, NULL }, + { "equal_empty_empty", test_rset_equal_empty_empty, TT_FORK, NULL, NULL }, + { "equal_empty_not_empty", test_rset_equal_empty_not_empty, + TT_FORK, NULL, NULL }, + { "equal_differing_lengths", test_rset_equal_differing_lengths, + TT_FORK, NULL, NULL }, + { "equal_unequal", test_rset_equal_unequal, TT_FORK, NULL, NULL }, + { "equal_equal", test_rset_equal_equal, TT_FORK, NULL, NULL }, + { "free_null_routerset", test_rset_free_null_routerset, + TT_FORK, NULL, NULL }, + { "free", test_rset_free, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh index 00b3e88d37..804d2ada36 100755 --- a/src/test/test_rust.sh +++ b/src/test/test_rust.sh @@ -14,11 +14,12 @@ rustc_host=$(rustc -vV | grep host | sed 's/host: //') for cargo_toml_dir in "${abs_top_srcdir:-../../..}"/src/rust/*; do if [ -e "${cargo_toml_dir}/Cargo.toml" ]; then + # shellcheck disable=SC2086 cd "${abs_top_builddir:-../../..}/src/rust" && \ CARGO_TARGET_DIR="${abs_top_builddir:-../../..}/src/rust/target" \ - "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} \ + "${CARGO:-cargo}" test "${CARGO_ONLINE-'--frozen'}" \ --features "test_linking_hack" \ - --target $rustc_host \ + --target "$rustc_host" \ ${EXTRA_CARGO_OPTIONS} \ --manifest-path "${cargo_toml_dir}/Cargo.toml" || exitcode=1 fi diff --git a/src/test/test_scheduler.c b/src/test/test_scheduler.c index bf9c6a49cd..9ec15948e8 100644 --- a/src/test/test_scheduler.c +++ b/src/test/test_scheduler.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -6,8 +6,8 @@ #include <math.h> #define SCHEDULER_KIST_PRIVATE -#define TOR_CHANNEL_INTERNAL_ -#define CHANNEL_PRIVATE_ +#define CHANNEL_OBJECT_PRIVATE +#define CHANNEL_FILE_PRIVATE #include "core/or/or.h" #include "app/config/config.h" #include "lib/evloop/compat_libevent.h" @@ -15,7 +15,7 @@ #include "core/or/channeltls.h" #include "core/mainloop/connection.h" #include "feature/nodelist/networkstatus.h" -#define SCHEDULER_PRIVATE_ +#define SCHEDULER_PRIVATE #include "core/or/scheduler.h" /* Test suite stuff */ @@ -848,8 +848,8 @@ test_scheduler_initfree(void *arg) { (void)arg; - tt_ptr_op(channels_pending, ==, NULL); - tt_ptr_op(run_sched_ev, ==, NULL); + tt_ptr_op(channels_pending, OP_EQ, NULL); + tt_ptr_op(run_sched_ev, OP_EQ, NULL); MOCK(get_options, mock_get_options); set_scheduler_options(SCHEDULER_KIST); @@ -858,17 +858,17 @@ test_scheduler_initfree(void *arg) scheduler_init(); - tt_ptr_op(channels_pending, !=, NULL); - tt_ptr_op(run_sched_ev, !=, NULL); + tt_ptr_op(channels_pending, OP_NE, NULL); + tt_ptr_op(run_sched_ev, OP_NE, NULL); /* We have specified nothing in the torrc and there's no consensus so the * KIST scheduler is what should be in use */ - tt_ptr_op(the_scheduler, ==, get_kist_scheduler()); - tt_int_op(sched_run_interval, ==, 10); + tt_ptr_op(the_scheduler, OP_EQ, get_kist_scheduler()); + tt_int_op(sched_run_interval, OP_EQ, 10); scheduler_free_all(); - tt_ptr_op(channels_pending, ==, NULL); - tt_ptr_op(run_sched_ev, ==, NULL); + tt_ptr_op(channels_pending, OP_EQ, NULL); + tt_ptr_op(run_sched_ev, OP_EQ, NULL); done: UNMOCK(get_options); @@ -890,11 +890,11 @@ test_scheduler_can_use_kist(void *arg) res_should = scheduler_can_use_kist(); res_freq = kist_scheduler_run_interval(); #ifdef HAVE_KIST_SUPPORT - tt_int_op(res_should, ==, 1); + tt_int_op(res_should, OP_EQ, 1); #else /* HAVE_KIST_SUPPORT */ - tt_int_op(res_should, ==, 0); + tt_int_op(res_should, OP_EQ, 0); #endif /* HAVE_KIST_SUPPORT */ - tt_int_op(res_freq, ==, 1234); + tt_int_op(res_freq, OP_EQ, 1234); /* Test defer to consensus, but no consensus available */ clear_options(); @@ -902,11 +902,11 @@ test_scheduler_can_use_kist(void *arg) res_should = scheduler_can_use_kist(); res_freq = kist_scheduler_run_interval(); #ifdef HAVE_KIST_SUPPORT - tt_int_op(res_should, ==, 1); + tt_int_op(res_should, OP_EQ, 1); #else /* HAVE_KIST_SUPPORT */ - tt_int_op(res_should, ==, 0); + tt_int_op(res_should, OP_EQ, 0); #endif /* HAVE_KIST_SUPPORT */ - tt_int_op(res_freq, ==, 10); + tt_int_op(res_freq, OP_EQ, 10); /* Test defer to consensus, and kist consensus available */ MOCK(networkstatus_get_param, mock_kist_networkstatus_get_param); @@ -915,11 +915,11 @@ test_scheduler_can_use_kist(void *arg) res_should = scheduler_can_use_kist(); res_freq = kist_scheduler_run_interval(); #ifdef HAVE_KIST_SUPPORT - tt_int_op(res_should, ==, 1); + tt_int_op(res_should, OP_EQ, 1); #else /* HAVE_KIST_SUPPORT */ - tt_int_op(res_should, ==, 0); + tt_int_op(res_should, OP_EQ, 0); #endif /* HAVE_KIST_SUPPORT */ - tt_int_op(res_freq, ==, 12); + tt_int_op(res_freq, OP_EQ, 12); UNMOCK(networkstatus_get_param); /* Test defer to consensus, and vanilla consensus available */ @@ -928,8 +928,8 @@ test_scheduler_can_use_kist(void *arg) mocked_options.KISTSchedRunInterval = 0; res_should = scheduler_can_use_kist(); res_freq = kist_scheduler_run_interval(); - tt_int_op(res_should, ==, 0); - tt_int_op(res_freq, ==, 0); + tt_int_op(res_should, OP_EQ, 0); + tt_int_op(res_freq, OP_EQ, 0); UNMOCK(networkstatus_get_param); done: @@ -956,7 +956,7 @@ test_scheduler_ns_changed(void *arg) set_scheduler_options(SCHEDULER_KIST); set_scheduler_options(SCHEDULER_VANILLA); - tt_ptr_op(the_scheduler, ==, NULL); + tt_ptr_op(the_scheduler, OP_EQ, NULL); /* Change from vanilla to kist via consensus */ the_scheduler = get_vanilla_scheduler(); @@ -964,9 +964,9 @@ test_scheduler_ns_changed(void *arg) scheduler_notify_networkstatus_changed(); UNMOCK(networkstatus_get_param); #ifdef HAVE_KIST_SUPPORT - tt_ptr_op(the_scheduler, ==, get_kist_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_kist_scheduler()); #else - tt_ptr_op(the_scheduler, ==, get_vanilla_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_vanilla_scheduler()); #endif /* Change from kist to vanilla via consensus */ @@ -974,7 +974,7 @@ test_scheduler_ns_changed(void *arg) MOCK(networkstatus_get_param, mock_vanilla_networkstatus_get_param); scheduler_notify_networkstatus_changed(); UNMOCK(networkstatus_get_param); - tt_ptr_op(the_scheduler, ==, get_vanilla_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_vanilla_scheduler()); /* Doesn't change when using KIST */ the_scheduler = get_kist_scheduler(); @@ -982,9 +982,9 @@ test_scheduler_ns_changed(void *arg) scheduler_notify_networkstatus_changed(); UNMOCK(networkstatus_get_param); #ifdef HAVE_KIST_SUPPORT - tt_ptr_op(the_scheduler, ==, get_kist_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_kist_scheduler()); #else - tt_ptr_op(the_scheduler, ==, get_vanilla_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_vanilla_scheduler()); #endif /* Doesn't change when using vanilla */ @@ -992,7 +992,7 @@ test_scheduler_ns_changed(void *arg) MOCK(networkstatus_get_param, mock_vanilla_networkstatus_get_param); scheduler_notify_networkstatus_changed(); UNMOCK(networkstatus_get_param); - tt_ptr_op(the_scheduler, ==, get_vanilla_scheduler()); + tt_ptr_op(the_scheduler, OP_EQ, get_vanilla_scheduler()); done: UNMOCK(get_options); diff --git a/src/test/test_sendme.c b/src/test/test_sendme.c new file mode 100644 index 0000000000..2ff4809124 --- /dev/null +++ b/src/test/test_sendme.c @@ -0,0 +1,365 @@ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/* Unit tests for handling different kinds of relay cell */ + +#define CIRCUITLIST_PRIVATE +#define NETWORKSTATUS_PRIVATE +#define SENDME_PRIVATE +#define RELAY_PRIVATE + +#include "core/or/circuit_st.h" +#include "core/or/or_circuit_st.h" +#include "core/or/origin_circuit_st.h" +#include "core/or/circuitlist.h" +#include "core/or/relay.h" +#include "core/or/sendme.h" + +#include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/networkstatus_st.h" + +#include "lib/crypt_ops/crypto_digest.h" + +#include "test/test.h" +#include "test/log_test_helpers.h" + +static void +setup_mock_consensus(void) +{ + current_md_consensus = current_ns_consensus = + tor_malloc_zero(sizeof(networkstatus_t)); + current_md_consensus->net_params = smartlist_new(); + current_md_consensus->routerstatus_list = smartlist_new(); +} + +static void +free_mock_consensus(void) +{ + SMARTLIST_FOREACH(current_md_consensus->routerstatus_list, void *, r, + tor_free(r)); + smartlist_free(current_md_consensus->routerstatus_list); + smartlist_free(current_ns_consensus->net_params); + tor_free(current_ns_consensus); +} + +static void +test_v1_record_digest(void *arg) +{ + or_circuit_t *or_circ = NULL; + circuit_t *circ = NULL; + + (void) arg; + + /* Create our dummy circuit. */ + or_circ = or_circuit_new(1, NULL); + /* Points it to the OR circuit now. */ + circ = TO_CIRCUIT(or_circ); + + /* The package window has to be a multiple of CIRCWINDOW_INCREMENT minus 1 + * in order to catched the CIRCWINDOW_INCREMENT-nth cell. Try something that + * shouldn't be noted. */ + circ->package_window = CIRCWINDOW_INCREMENT; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_assert(!circ->sendme_last_digests); + + /* This should work now. Package window at CIRCWINDOW_INCREMENT + 1. */ + circ->package_window++; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_assert(circ->sendme_last_digests); + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 1); + + /* Next cell in the package window shouldn't do anything. */ + circ->package_window++; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 1); + + /* The next CIRCWINDOW_INCREMENT should add one more digest. */ + circ->package_window = (CIRCWINDOW_INCREMENT * 2) + 1; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 2); + + done: + circuit_free_(circ); +} + +static void +test_v1_consensus_params(void *arg) +{ + (void) arg; + + setup_mock_consensus(); + tt_assert(current_md_consensus); + + /* Both zeroes. */ + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_emit_min_version=0"); + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_accept_min_version=0"); + tt_int_op(get_emit_min_version(), OP_EQ, 0); + tt_int_op(get_accept_min_version(), OP_EQ, 0); + smartlist_clear(current_md_consensus->net_params); + + /* Both ones. */ + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_emit_min_version=1"); + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_accept_min_version=1"); + tt_int_op(get_emit_min_version(), OP_EQ, 1); + tt_int_op(get_accept_min_version(), OP_EQ, 1); + smartlist_clear(current_md_consensus->net_params); + + /* Different values from each other. */ + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_emit_min_version=1"); + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_accept_min_version=0"); + tt_int_op(get_emit_min_version(), OP_EQ, 1); + tt_int_op(get_accept_min_version(), OP_EQ, 0); + smartlist_clear(current_md_consensus->net_params); + + /* Validate is the cell version is coherent with our internal default value + * and the one in the consensus. */ + smartlist_add(current_md_consensus->net_params, + (void *) "sendme_accept_min_version=1"); + /* Minimum acceptable value is 1. */ + tt_int_op(cell_version_can_be_handled(1), OP_EQ, true); + /* Minimum acceptable value is 1 so a cell version of 0 is refused. */ + tt_int_op(cell_version_can_be_handled(0), OP_EQ, false); + + done: + free_mock_consensus(); +} + +static void +test_v1_build_cell(void *arg) +{ + uint8_t payload[RELAY_PAYLOAD_SIZE], digest[DIGEST_LEN]; + ssize_t ret; + crypto_digest_t *cell_digest = NULL; + or_circuit_t *or_circ = NULL; + circuit_t *circ = NULL; + + (void) arg; + + or_circ = or_circuit_new(1, NULL); + circ = TO_CIRCUIT(or_circ); + circ->sendme_last_digests = smartlist_new(); + + cell_digest = crypto_digest_new(); + tt_assert(cell_digest); + crypto_digest_add_bytes(cell_digest, "AAAAAAAAAAAAAAAAAAAA", 20); + crypto_digest_get_digest(cell_digest, (char *) digest, sizeof(digest)); + smartlist_add(circ->sendme_last_digests, tor_memdup(digest, sizeof(digest))); + + /* SENDME v1 payload is 3 bytes + 20 bytes digest. See spec. */ + ret = build_cell_payload_v1(digest, payload); + tt_int_op(ret, OP_EQ, 23); + + /* Validation. */ + + /* An empty payload means SENDME version 0 thus valid. */ + tt_int_op(sendme_is_valid(circ, payload, 0), OP_EQ, true); + /* Current phoney digest should have been popped. */ + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 0); + + /* An unparseable cell means invalid. */ + setup_full_capture_of_logs(LOG_INFO); + tt_int_op(sendme_is_valid(circ, (const uint8_t *) "A", 1), OP_EQ, false); + expect_log_msg_containing("Unparseable SENDME cell received. " + "Closing circuit."); + teardown_capture_of_logs(); + + /* No cell digest recorded for this. */ + setup_full_capture_of_logs(LOG_INFO); + tt_int_op(sendme_is_valid(circ, payload, sizeof(payload)), OP_EQ, false); + expect_log_msg_containing("We received a SENDME but we have no cell digests " + "to match. Closing circuit."); + teardown_capture_of_logs(); + + /* Note the wrong digest in the circuit, cell should fail validation. */ + circ->package_window = CIRCWINDOW_INCREMENT + 1; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 1); + setup_full_capture_of_logs(LOG_INFO); + tt_int_op(sendme_is_valid(circ, payload, sizeof(payload)), OP_EQ, false); + /* After a validation, the last digests is always popped out. */ + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 0); + expect_log_msg_containing("SENDME v1 cell digest do not match."); + teardown_capture_of_logs(); + + /* Record the cell digest into the circuit, cell should validate. */ + memcpy(or_circ->crypto.sendme_digest, digest, sizeof(digest)); + circ->package_window = CIRCWINDOW_INCREMENT + 1; + sendme_record_cell_digest_on_circ(circ, NULL); + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 1); + tt_int_op(sendme_is_valid(circ, payload, sizeof(payload)), OP_EQ, true); + /* After a validation, the last digests is always popped out. */ + tt_int_op(smartlist_len(circ->sendme_last_digests), OP_EQ, 0); + + done: + crypto_digest_free(cell_digest); + circuit_free_(circ); +} + +static void +test_cell_payload_pad(void *arg) +{ + size_t pad_offset, payload_len, expected_offset; + + (void) arg; + + /* Offset should be 0, not enough room for padding. */ + payload_len = RELAY_PAYLOAD_SIZE; + pad_offset = get_pad_cell_offset(payload_len); + tt_int_op(pad_offset, OP_EQ, 0); + tt_int_op(CELL_PAYLOAD_SIZE - pad_offset, OP_LE, CELL_PAYLOAD_SIZE); + + /* Still no room because we keep 4 extra bytes. */ + pad_offset = get_pad_cell_offset(payload_len - 4); + tt_int_op(pad_offset, OP_EQ, 0); + tt_int_op(CELL_PAYLOAD_SIZE - pad_offset, OP_LE, CELL_PAYLOAD_SIZE); + + /* We should have 1 byte of padding. Meaning, the offset should be the + * CELL_PAYLOAD_SIZE minus 1 byte. */ + expected_offset = CELL_PAYLOAD_SIZE - 1; + pad_offset = get_pad_cell_offset(payload_len - 5); + tt_int_op(pad_offset, OP_EQ, expected_offset); + tt_int_op(CELL_PAYLOAD_SIZE - pad_offset, OP_LE, CELL_PAYLOAD_SIZE); + + /* Now some arbitrary small payload length. The cell size is header + 10 + + * extra 4 bytes we keep so the offset should be there. */ + expected_offset = RELAY_HEADER_SIZE + 10 + 4; + pad_offset = get_pad_cell_offset(10); + tt_int_op(pad_offset, OP_EQ, expected_offset); + tt_int_op(CELL_PAYLOAD_SIZE - pad_offset, OP_LE, CELL_PAYLOAD_SIZE); + + /* Data length of 0. */ + expected_offset = RELAY_HEADER_SIZE + 4; + pad_offset = get_pad_cell_offset(0); + tt_int_op(pad_offset, OP_EQ, expected_offset); + tt_int_op(CELL_PAYLOAD_SIZE - pad_offset, OP_LE, CELL_PAYLOAD_SIZE); + + done: + ; +} + +static void +test_cell_version_validation(void *arg) +{ + (void) arg; + + /* We currently only support up to SENDME_MAX_SUPPORTED_VERSION so we are + * going to test the boundaries there. */ + + tt_assert(cell_version_can_be_handled(SENDME_MAX_SUPPORTED_VERSION)); + + /* Version below our supported should pass. */ + tt_assert(cell_version_can_be_handled(SENDME_MAX_SUPPORTED_VERSION - 1)); + + /* Extra version from our supported should fail. */ + tt_assert(!cell_version_can_be_handled(SENDME_MAX_SUPPORTED_VERSION + 1)); + + /* Simple check for version 0. */ + tt_assert(cell_version_can_be_handled(0)); + + /* We MUST handle the default cell version that we emit or accept. */ + tt_assert(cell_version_can_be_handled(SENDME_EMIT_MIN_VERSION_DEFAULT)); + tt_assert(cell_version_can_be_handled(SENDME_ACCEPT_MIN_VERSION_DEFAULT)); + + done: + ; +} + +/* check our decisions about how much stuff to put into relay cells. */ +static void +test_package_payload_len(void *arg) +{ + (void)arg; + /* this is not a real circuit: it only has the fields needed for this + * test. */ + circuit_t *c = tor_malloc_zero(sizeof(circuit_t)); + + /* check initial conditions. */ + circuit_reset_sendme_randomness(c); + tt_assert(! c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_GE, CIRCWINDOW_INCREMENT / 2); + tt_int_op(c->send_randomness_after_n_cells, OP_LT, CIRCWINDOW_INCREMENT); + + /* We have a bunch of cells before we need to send randomness, so the first + * few can be packaged full. */ + int initial = c->send_randomness_after_n_cells; + size_t n = connection_edge_get_inbuf_bytes_to_package(10000, 0, c); + tt_uint_op(RELAY_PAYLOAD_SIZE, OP_EQ, n); + n = connection_edge_get_inbuf_bytes_to_package(95000, 1, c); + tt_uint_op(RELAY_PAYLOAD_SIZE, OP_EQ, n); + tt_int_op(c->send_randomness_after_n_cells, OP_EQ, initial - 2); + + /* If package_partial isn't set, we won't package a partially full cell at + * all. */ + n = connection_edge_get_inbuf_bytes_to_package(RELAY_PAYLOAD_SIZE-1, 0, c); + tt_int_op(n, OP_EQ, 0); + /* no change in our state, since nothing was sent. */ + tt_assert(! c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_EQ, initial - 2); + + /* If package_partial is set and the partial cell is not going to have + * _enough_ randomness, we package it, but we don't consider ourselves to + * have sent a sufficiently random cell. */ + n = connection_edge_get_inbuf_bytes_to_package(RELAY_PAYLOAD_SIZE-1, 1, c); + tt_int_op(n, OP_EQ, RELAY_PAYLOAD_SIZE-1); + tt_assert(! c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_EQ, initial - 3); + + /* Make sure we set have_set_sufficiently_random_cell as appropriate. */ + n = connection_edge_get_inbuf_bytes_to_package(RELAY_PAYLOAD_SIZE-64, 1, c); + tt_int_op(n, OP_EQ, RELAY_PAYLOAD_SIZE-64); + tt_assert(c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_EQ, initial - 4); + + /* Now let's look at what happens when we get down to zero. Since we have + * sent a sufficiently random cell, we will not force this one to have a gap. + */ + c->send_randomness_after_n_cells = 0; + n = connection_edge_get_inbuf_bytes_to_package(10000, 1, c); + tt_int_op(n, OP_EQ, RELAY_PAYLOAD_SIZE); + /* Now these will be reset. */ + tt_assert(! c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_GE, + CIRCWINDOW_INCREMENT / 2 - 1); + + /* What would happen if we hadn't sent a sufficiently random cell? */ + c->send_randomness_after_n_cells = 0; + n = connection_edge_get_inbuf_bytes_to_package(10000, 1, c); + const size_t reduced_payload_size = RELAY_PAYLOAD_SIZE - 4 - 16; + tt_int_op(n, OP_EQ, reduced_payload_size); + /* Now these will be reset. */ + tt_assert(! c->have_sent_sufficiently_random_cell); + tt_int_op(c->send_randomness_after_n_cells, OP_GE, + CIRCWINDOW_INCREMENT / 2 - 1); + + /* Here is a fun case: if it's time to package a small cell, then + * package_partial==0 should mean we accept that many bytes. + */ + c->send_randomness_after_n_cells = 0; + n = connection_edge_get_inbuf_bytes_to_package(reduced_payload_size, 0, c); + tt_int_op(n, OP_EQ, reduced_payload_size); + + done: + tor_free(c); +} + +struct testcase_t sendme_tests[] = { + { "v1_record_digest", test_v1_record_digest, TT_FORK, + NULL, NULL }, + { "v1_consensus_params", test_v1_consensus_params, TT_FORK, + NULL, NULL }, + { "v1_build_cell", test_v1_build_cell, TT_FORK, + NULL, NULL }, + { "cell_payload_pad", test_cell_payload_pad, TT_FORK, + NULL, NULL }, + { "cell_version_validation", test_cell_version_validation, TT_FORK, + NULL, NULL }, + { "package_payload_len", test_package_payload_len, 0, NULL, NULL }, + + END_OF_TESTCASES +}; diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c index 413dfbeb03..9e49e835c9 100644 --- a/src/test/test_shared_random.c +++ b/src/test/test_shared_random.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* Copyright (c) 2016-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define SHARED_RANDOM_PRIVATE @@ -21,7 +21,7 @@ #include "feature/nodelist/dirlist.h" #include "feature/dirparse/authcert_parse.h" #include "feature/hs_common/shared_random_client.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" #include "feature/dirclient/dir_server_st.h" #include "feature/nodelist/networkstatus_st.h" @@ -58,14 +58,17 @@ trusteddirserver_get_by_v3_auth_digest_m(const char *digest) } /* Setup a minimal dirauth environment by initializing the SR state and - * making sure the options are set to be an authority directory. */ + * making sure the options are set to be an authority directory. + * You must only call this function once per process. */ static void init_authority_state(void) { MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); or_options_t *options = get_options_mutable(); - mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); tt_assert(mock_cert); options->AuthoritativeDir = 1; tt_int_op(load_ed_keys(options, time(NULL)), OP_GE, 0); @@ -201,7 +204,7 @@ test_get_state_valid_until_time(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:00:01 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); valid_until_time = get_state_valid_until_time(current_time); /* Compare it with the correct result */ @@ -213,7 +216,7 @@ test_get_state_valid_until_time(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 19:22:00 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); valid_until_time = get_state_valid_until_time(current_time); format_iso_time(tbuf, valid_until_time); @@ -224,7 +227,7 @@ test_get_state_valid_until_time(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 23:59:00 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); valid_until_time = get_state_valid_until_time(current_time); format_iso_time(tbuf, valid_until_time); @@ -235,7 +238,7 @@ test_get_state_valid_until_time(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:00:00 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); valid_until_time = get_state_valid_until_time(current_time); format_iso_time(tbuf, valid_until_time); @@ -275,7 +278,7 @@ test_get_start_time_of_current_run(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:00:01 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); run_start_time = sr_state_get_start_time_of_current_protocol_run(); /* Compare it with the correct result */ @@ -287,7 +290,7 @@ test_get_start_time_of_current_run(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 23:59:59 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); run_start_time = sr_state_get_start_time_of_current_protocol_run(); /* Compare it with the correct result */ @@ -299,7 +302,7 @@ test_get_start_time_of_current_run(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:00:00 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); run_start_time = sr_state_get_start_time_of_current_protocol_run(); /* Compare it with the correct result */ @@ -323,12 +326,13 @@ test_get_start_time_of_current_run(void *arg) retval = parse_rfc1123_time("Mon, 19 Apr 2015 23:00:00 UTC", &mock_consensus.valid_after); + tt_int_op(retval, OP_EQ, 0); retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:08:00 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); update_approx_time(current_time); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); run_start_time = sr_state_get_start_time_of_current_protocol_run(); @@ -336,7 +340,7 @@ test_get_start_time_of_current_run(void *arg) format_iso_time(tbuf, run_start_time); tt_str_op("2015-04-19 00:00:00", OP_EQ, tbuf); /* Check that voting_schedule.interval_starts is at 01:00 (see above) */ - time_t interval_starts = voting_schedule_get_next_valid_after_time(); + time_t interval_starts = dirauth_sched_get_next_valid_after_time(); format_iso_time(tbuf, interval_starts); tt_str_op("2015-04-20 01:00:00", OP_EQ, tbuf); } @@ -356,7 +360,7 @@ test_get_start_time_of_current_run(void *arg) retval = parse_rfc1123_time("Mon, 20 Apr 2015 00:15:32 UTC", ¤t_time); tt_int_op(retval, OP_EQ, 0); - voting_schedule_recalculate_timing(get_options(), current_time); + dirauth_sched_recalculate_timing(get_options(), current_time); run_start_time = sr_state_get_start_time_of_current_protocol_run(); /* Compare it with the correct result */ @@ -388,13 +392,13 @@ test_get_start_time_functions(void *arg) tt_int_op(retval, OP_EQ, 0); time_t now = mock_consensus.valid_after; - voting_schedule_recalculate_timing(get_options(), now); + dirauth_sched_recalculate_timing(get_options(), now); time_t start_time_of_protocol_run = sr_state_get_start_time_of_current_protocol_run(); tt_assert(start_time_of_protocol_run); /* Check that the round start time of the beginning of the run, is itself */ - tt_int_op(get_start_time_of_current_round(), OP_EQ, + tt_int_op(dirauth_sched_get_cur_valid_after_time(), OP_EQ, start_time_of_protocol_run); done: @@ -438,7 +442,9 @@ test_sr_commit(void *arg) { /* Setup a minimal dirauth environment for this test */ or_options_t *options = get_options_mutable(); - auth_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + auth_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); tt_assert(auth_cert); options->AuthoritativeDir = 1; @@ -457,12 +463,12 @@ test_sr_commit(void *arg) /* We should have a reveal value. */ tt_assert(commit_has_reveal_value(our_commit)); /* We should have a random value. */ - tt_assert(!tor_mem_is_zero((char *) our_commit->random_number, + tt_assert(!fast_mem_is_zero((char *) our_commit->random_number, sizeof(our_commit->random_number))); /* Commit and reveal timestamp should be the same. */ tt_u64_op(our_commit->commit_ts, OP_EQ, our_commit->reveal_ts); /* We should have a hashed reveal. */ - tt_assert(!tor_mem_is_zero(our_commit->hashed_reveal, + tt_assert(!fast_mem_is_zero(our_commit->hashed_reveal, sizeof(our_commit->hashed_reveal))); /* Do we have a valid encoded commit and reveal. Note the following only * tests if the generated values are correct. Their could be a bug in @@ -849,7 +855,9 @@ test_sr_setup_commits(void) { /* Setup a minimal dirauth environment for this test */ or_options_t *options = get_options_mutable(); - auth_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL); + auth_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, + strlen(AUTHORITY_CERT_1), + NULL); tt_assert(auth_cert); options->AuthoritativeDir = 1; @@ -1087,73 +1095,99 @@ test_sr_get_majority_srv_from_votes(void *arg) smartlist_free(votes); } +/* Testing sr_srv_dup(). */ static void -test_utils(void *arg) +test_sr_svr_dup(void *arg) { - (void) arg; + (void)arg; - /* Testing srv_dup(). */ - { - sr_srv_t *srv = NULL, *dup_srv = NULL; - const char *srv_value = - "1BDB7C3E973936E4D13A49F37C859B3DC69C429334CF9412E3FEF6399C52D47A"; - srv = tor_malloc_zero(sizeof(*srv)); - srv->num_reveals = 42; - memcpy(srv->value, srv_value, sizeof(srv->value)); - dup_srv = srv_dup(srv); - tt_assert(dup_srv); - tt_u64_op(dup_srv->num_reveals, OP_EQ, srv->num_reveals); - tt_mem_op(dup_srv->value, OP_EQ, srv->value, sizeof(srv->value)); - tor_free(srv); - tor_free(dup_srv); - } + sr_srv_t *srv = NULL, *dup_srv = NULL; + const char *srv_value = + "1BDB7C3E973936E4D13A49F37C859B3DC69C429334CF9412E3FEF6399C52D47A"; + srv = tor_malloc_zero(sizeof(*srv)); + srv->num_reveals = 42; + memcpy(srv->value, srv_value, sizeof(srv->value)); + dup_srv = sr_srv_dup(srv); + tt_assert(dup_srv); + tt_u64_op(dup_srv->num_reveals, OP_EQ, srv->num_reveals); + tt_mem_op(dup_srv->value, OP_EQ, srv->value, sizeof(srv->value)); - /* Testing commitments_are_the_same(). Currently, the check is to test the - * value of the encoded commit so let's make sure that actually works. */ - { - /* Payload of 57 bytes that is the length of sr_commit_t->encoded_commit. - * 56 bytes of payload and a NUL terminated byte at the end ('\x00') - * which comes down to SR_COMMIT_BASE64_LEN + 1. */ - const char *payload = - "\x5d\xb9\x60\xb6\xcc\x51\x68\x52\x31\xd9\x88\x88\x71\x71\xe0\x30" - "\x59\x55\x7f\xcd\x61\xc0\x4b\x05\xb8\xcd\xc1\x48\xe9\xcd\x16\x1f" - "\x70\x15\x0c\xfc\xd3\x1a\x75\xd0\x93\x6c\xc4\xe0\x5c\xbe\xe2\x18" - "\xc7\xaf\x72\xb6\x7c\x9b\x52\x00"; - sr_commit_t commit1, commit2; - memcpy(commit1.encoded_commit, payload, sizeof(commit1.encoded_commit)); - memcpy(commit2.encoded_commit, payload, sizeof(commit2.encoded_commit)); - tt_int_op(commitments_are_the_same(&commit1, &commit2), OP_EQ, 1); - /* Let's corrupt one of them. */ - memset(commit1.encoded_commit, 'A', sizeof(commit1.encoded_commit)); - tt_int_op(commitments_are_the_same(&commit1, &commit2), OP_EQ, 0); - } + done: + tor_free(srv); + tor_free(dup_srv); +} - /* Testing commit_is_authoritative(). */ - { - crypto_pk_t *k = crypto_pk_new(); - char digest[DIGEST_LEN]; - sr_commit_t commit; +/* Testing commitments_are_the_same(). Currently, the check is to test the + * value of the encoded commit so let's make sure that actually works. */ +static void +test_commitments_are_the_same(void *arg) +{ + (void)arg; + + /* Payload of 57 bytes that is the length of sr_commit_t->encoded_commit. + * 56 bytes of payload and a NUL terminated byte at the end ('\x00') + * which comes down to SR_COMMIT_BASE64_LEN + 1. */ + const char *payload = + "\x5d\xb9\x60\xb6\xcc\x51\x68\x52\x31\xd9\x88\x88\x71\x71\xe0\x30" + "\x59\x55\x7f\xcd\x61\xc0\x4b\x05\xb8\xcd\xc1\x48\xe9\xcd\x16\x1f" + "\x70\x15\x0c\xfc\xd3\x1a\x75\xd0\x93\x6c\xc4\xe0\x5c\xbe\xe2\x18" + "\xc7\xaf\x72\xb6\x7c\x9b\x52\x00"; + sr_commit_t commit1, commit2; + memcpy(commit1.encoded_commit, payload, sizeof(commit1.encoded_commit)); + memcpy(commit2.encoded_commit, payload, sizeof(commit2.encoded_commit)); + tt_int_op(commitments_are_the_same(&commit1, &commit2), OP_EQ, 1); + /* Let's corrupt one of them. */ + memset(commit1.encoded_commit, 'A', sizeof(commit1.encoded_commit)); + tt_int_op(commitments_are_the_same(&commit1, &commit2), OP_EQ, 0); - tt_assert(!crypto_pk_generate_key(k)); + done: + return; +} - tt_int_op(0, OP_EQ, crypto_pk_get_digest(k, digest)); - memcpy(commit.rsa_identity, digest, sizeof(commit.rsa_identity)); - tt_int_op(commit_is_authoritative(&commit, digest), OP_EQ, 1); - /* Change the pubkey. */ - memset(commit.rsa_identity, 0, sizeof(commit.rsa_identity)); - tt_int_op(commit_is_authoritative(&commit, digest), OP_EQ, 0); - crypto_pk_free(k); - } +/* Testing commit_is_authoritative(). */ +static void +test_commit_is_authoritative(void *arg) +{ + (void)arg; - /* Testing get_phase_str(). */ - { - tt_str_op(get_phase_str(SR_PHASE_REVEAL), OP_EQ, "reveal"); - tt_str_op(get_phase_str(SR_PHASE_COMMIT), OP_EQ, "commit"); - } + crypto_pk_t *k = crypto_pk_new(); + char digest[DIGEST_LEN]; + sr_commit_t commit; + + tt_assert(!crypto_pk_generate_key(k)); + + tt_int_op(0, OP_EQ, crypto_pk_get_digest(k, digest)); + memcpy(commit.rsa_identity, digest, sizeof(commit.rsa_identity)); + tt_int_op(commit_is_authoritative(&commit, digest), OP_EQ, 1); + /* Change the pubkey. */ + memset(commit.rsa_identity, 0, sizeof(commit.rsa_identity)); + tt_int_op(commit_is_authoritative(&commit, digest), OP_EQ, 0); + + done: + crypto_pk_free(k); +} + +static void +test_get_phase_str(void *arg) +{ + (void)arg; + + tt_str_op(get_phase_str(SR_PHASE_REVEAL), OP_EQ, "reveal"); + tt_str_op(get_phase_str(SR_PHASE_COMMIT), OP_EQ, "commit"); + + done: + return; +} + +/* Test utils that depend on authority state */ +static void +test_utils_auth(void *arg) +{ + (void)arg; + init_authority_state(); /* Testing phase transition */ { - init_authority_state(); set_sr_phase(SR_PHASE_COMMIT); tt_int_op(is_phase_transition(SR_PHASE_REVEAL), OP_EQ, 1); tt_int_op(is_phase_transition(SR_PHASE_COMMIT), OP_EQ, 0); @@ -1164,8 +1198,193 @@ test_utils(void *arg) tt_int_op(is_phase_transition(42), OP_EQ, 1); } + /* Testing get, set, delete, clean SRVs */ + + { + /* Just set the previous SRV */ + test_sr_setup_srv(0); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + state_del_previous_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + } + + { + /* Delete the SRVs one at a time */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + state_del_current_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + state_del_previous_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And in the opposite order */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + state_del_previous_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + state_del_current_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And both at once */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_clean_srvs(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And do the gets and sets multiple times */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + state_del_previous_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + state_del_previous_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_clean_srvs(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + state_del_current_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + sr_state_clean_srvs(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + state_del_current_srv(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + } + + { + /* Now set the SRVs to NULL instead */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_set_current_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + sr_state_set_previous_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And in the opposite order */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_set_previous_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_set_current_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And both at once */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_clean_srvs(); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + + /* And do the gets and sets multiple times */ + test_sr_setup_srv(1); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_set_previous_srv(NULL); + sr_state_set_previous_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + sr_state_set_current_srv(NULL); + sr_state_set_previous_srv(NULL); + sr_state_set_current_srv(NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_EQ, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); + } + + { + /* Now copy the values across */ + test_sr_setup_srv(1); + /* Check that the pointers are non-NULL, and different from each other */ + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv()); + /* Check that the content is different */ + tt_mem_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv(), sizeof(sr_srv_t)); + /* Set the current to the previous: the protocol goes the other way */ + sr_state_set_current_srv(sr_srv_dup(sr_state_get_previous_srv())); + /* Check that the pointers are non-NULL, and different from each other */ + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv()); + /* Check that the content is the same */ + tt_mem_op(sr_state_get_previous_srv(), OP_EQ, + sr_state_get_current_srv(), sizeof(sr_srv_t)); + } + + { + /* Now copy a value onto itself */ + test_sr_setup_srv(1); + /* Check that the pointers are non-NULL, and different from each other */ + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv()); + /* Take a copy of the old value */ + sr_srv_t old_current_srv; + memcpy(&old_current_srv, sr_state_get_current_srv(), sizeof(sr_srv_t)); + /* Check that the content is different */ + tt_mem_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv(), sizeof(sr_srv_t)); + /* Set the current to the current: the protocol never replaces an SRV with + * the same value */ + sr_state_set_current_srv(sr_srv_dup(sr_state_get_current_srv())); + /* Check that the pointers are non-NULL, and different from each other */ + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_current_srv(), OP_NE, NULL); + tt_ptr_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv()); + /* Check that the content is different between current and previous */ + tt_mem_op(sr_state_get_previous_srv(), OP_NE, + sr_state_get_current_srv(), sizeof(sr_srv_t)); + /* Check that the content is the same as the old content */ + tt_mem_op(&old_current_srv, OP_EQ, + sr_state_get_current_srv(), sizeof(sr_srv_t)); + } + + /* I don't think we can say "expect a BUG()" in our tests. */ +#if 0 + { + /* Now copy a value onto itself without sr_srv_dup(). + * This should fail with a BUG() warning. */ + test_sr_setup_srv(1); + sr_state_set_current_srv(sr_state_get_current_srv()); + sr_state_set_previous_srv(sr_state_get_previous_srv()); + } +#endif /* 0 */ + done: - return; + sr_state_free_all(); } static void @@ -1173,6 +1392,7 @@ test_state_transition(void *arg) { sr_state_t *state = NULL; time_t now = time(NULL); + sr_srv_t *cur = NULL; (void) arg; @@ -1211,44 +1431,47 @@ test_state_transition(void *arg) /* Test SRV rotation in our state. */ { - const sr_srv_t *cur, *prev; test_sr_setup_srv(1); - cur = sr_state_get_current_srv(); + tt_assert(sr_state_get_current_srv()); + /* Take a copy of the data, because the state owns the pointer */ + cur = sr_srv_dup(sr_state_get_current_srv()); tt_assert(cur); - /* After, current srv should be the previous and then set to NULL. */ + /* After, the previous SRV should be the same as the old current SRV, and + * the current SRV should be set to NULL */ state_rotate_srv(); - prev = sr_state_get_previous_srv(); - tt_assert(prev == cur); + tt_mem_op(sr_state_get_previous_srv(), OP_EQ, cur, sizeof(sr_srv_t)); tt_ptr_op(sr_state_get_current_srv(), OP_EQ, NULL); sr_state_clean_srvs(); + tor_free(cur); } /* New protocol run. */ { - const sr_srv_t *cur; /* Setup some new SRVs so we can confirm that a new protocol run * actually makes them rotate and compute new ones. */ test_sr_setup_srv(1); - cur = sr_state_get_current_srv(); - tt_assert(cur); + tt_assert(sr_state_get_current_srv()); + /* Take a copy of the data, because the state owns the pointer */ + cur = sr_srv_dup(sr_state_get_current_srv()); set_sr_phase(SR_PHASE_REVEAL); MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m); new_protocol_run(now); UNMOCK(get_my_v3_authority_cert); /* Rotation happened. */ - tt_assert(sr_state_get_previous_srv() == cur); + tt_mem_op(sr_state_get_previous_srv(), OP_EQ, cur, sizeof(sr_srv_t)); /* We are going into COMMIT phase so we had to rotate our SRVs. Usually * our current SRV would be NULL but a new protocol run should make us * compute a new SRV. */ tt_assert(sr_state_get_current_srv()); /* Also, make sure we did change the current. */ - tt_assert(sr_state_get_current_srv() != cur); + tt_mem_op(sr_state_get_current_srv(), OP_NE, cur, sizeof(sr_srv_t)); /* We should have our commitment alone. */ tt_int_op(digestmap_size(state->commits), OP_EQ, 1); tt_int_op(state->n_reveal_rounds, OP_EQ, 0); tt_int_op(state->n_commit_rounds, OP_EQ, 0); /* 46 here since we were at 45 just before. */ tt_u64_op(state->n_protocol_runs, OP_EQ, 46); + tor_free(cur); } /* Cleanup of SRVs. */ @@ -1259,6 +1482,7 @@ test_state_transition(void *arg) } done: + tor_free(cur); sr_state_free_all(); } @@ -1454,7 +1678,13 @@ struct testcase_t sr_tests[] = { { "sr_compute_srv", test_sr_compute_srv, TT_FORK, NULL, NULL }, { "sr_get_majority_srv_from_votes", test_sr_get_majority_srv_from_votes, TT_FORK, NULL, NULL }, - { "utils", test_utils, TT_FORK, NULL, NULL }, + { "sr_svr_dup", test_sr_svr_dup, TT_FORK, NULL, NULL }, + { "commitments_are_the_same", test_commitments_are_the_same, TT_FORK, NULL, + NULL }, + { "commit_is_authoritative", test_commit_is_authoritative, TT_FORK, NULL, + NULL }, + { "get_phase_str", test_get_phase_str, TT_FORK, NULL, NULL }, + { "utils_auth", test_utils_auth, TT_FORK, NULL, NULL }, { "state_transition", test_state_transition, TT_FORK, NULL, NULL }, { "state_update", test_state_update, TT_FORK, NULL, NULL }, diff --git a/src/test/test_slow.c b/src/test/test_slow.c index bda67b2d92..49b1066dac 100644 --- a/src/test/test_slow.c +++ b/src/test/test_slow.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -20,7 +20,9 @@ struct testgroup_t testgroups[] = { { "slow/crypto/", slow_crypto_tests }, - { "slow/util/", slow_util_tests }, + { "slow/process/", slow_process_tests }, + { "slow/prob_distr/", slow_stochastic_prob_distr_tests }, + { "slow/ptr/", slow_ptr_tests }, END_OF_GROUPS }; diff --git a/src/test/test_socks.c b/src/test/test_socks.c index 3686e1036b..4a465c7361 100644 --- a/src/test/test_socks.c +++ b/src/test/test_socks.c @@ -1,10 +1,10 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "app/config/config.h" #include "core/mainloop/connection.h" #include "core/proto/proto_socks.h" @@ -399,6 +399,43 @@ test_socks_5_supported_commands(void *ptr) tt_int_op(0,OP_EQ, buf_datalen(buf)); + socks_request_clear(socks); + + /* SOCKS 5 Send RESOLVE_PTR [F1] for an IPv6 address */ + ADD_DATA(buf, "\x05\x01\x00"); + ADD_DATA(buf, "\x05\xF1\x00\x04" + "\x20\x01\x0d\xb8\x85\xa3\x00\x00\x00\x00\x8a\x2e\x03\x70\x73\x34" + "\x12\x34"); + tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks, + get_options()->SafeSocks), + OP_EQ, 1); + tt_int_op(5,OP_EQ, socks->socks_version); + tt_int_op(2,OP_EQ, socks->replylen); + tt_int_op(5,OP_EQ, socks->reply[0]); + tt_int_op(0,OP_EQ, socks->reply[1]); + tt_str_op("[2001:db8:85a3::8a2e:370:7334]",OP_EQ, socks->address); + + tt_int_op(0,OP_EQ, buf_datalen(buf)); + + socks_request_clear(socks); + + /* SOCKS 5 Send RESOLVE_PTR [F1] for a an IPv6 address written as a + * string with brackets */ + ADD_DATA(buf, "\x05\x01\x00"); + ADD_DATA(buf, "\x05\xF1\x00\x03\x1e"); + ADD_DATA(buf, "[2001:db8:85a3::8a2e:370:7334]"); + ADD_DATA(buf, "\x12\x34"); + tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks, + get_options()->SafeSocks), + OP_EQ, 1); + tt_int_op(5,OP_EQ, socks->socks_version); + tt_int_op(2,OP_EQ, socks->replylen); + tt_int_op(5,OP_EQ, socks->reply[0]); + tt_int_op(0,OP_EQ, socks->reply[1]); + tt_str_op("[2001:db8:85a3::8a2e:370:7334]",OP_EQ, socks->address); + + tt_int_op(0,OP_EQ, buf_datalen(buf)); + done: ; } diff --git a/src/test/test_stats.c b/src/test/test_stats.c new file mode 100644 index 0000000000..291473ebc9 --- /dev/null +++ b/src/test/test_stats.c @@ -0,0 +1,258 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_stats.c + * \brief Unit tests for the statistics (reputation history) module. + **/ + +#include "orconfig.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "app/config/or_state_st.h" +#include "test/rng_test_helpers.h" + +#include <stdio.h> + +#ifdef _WIN32 +/* For mkdir() */ +#include <direct.h> +#else +#include <dirent.h> +#endif /* defined(_WIN32) */ + +#include <math.h> + +/* These macros pull in declarations for some functions and structures that + * are typically file-private. */ +#define CIRCUITSTATS_PRIVATE +#define CIRCUITLIST_PRIVATE +#define MAINLOOP_PRIVATE +#define STATEFILE_PRIVATE + +#include "core/or/or.h" +#include "lib/err/backtrace.h" +#include "lib/buf/buffers.h" +#include "core/or/circuitstats.h" +#include "app/config/config.h" +#include "test/test.h" +#include "core/mainloop/mainloop.h" +#include "lib/memarea/memarea.h" +#include "feature/stats/rephist.h" +#include "app/config/statefile.h" + +/** Run unit tests for some stats code. */ +static void +test_stats(void *arg) +{ + time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */ + char *s = NULL; + int i; + + /* Start with testing exit port statistics; we shouldn't collect exit + * stats without initializing them. */ + (void)arg; + rep_hist_note_exit_stream_opened(80); + rep_hist_note_exit_bytes(80, 100, 10000); + s = rep_hist_format_exit_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Initialize stats, note some streams and bytes, and generate history + * string. */ + rep_hist_exit_stats_init(now); + rep_hist_note_exit_stream_opened(80); + rep_hist_note_exit_bytes(80, 100, 10000); + rep_hist_note_exit_stream_opened(443); + rep_hist_note_exit_bytes(443, 100, 10000); + rep_hist_note_exit_bytes(443, 100, 10000); + s = rep_hist_format_exit_stats(now + 86400); + tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "exit-kibibytes-written 80=1,443=1,other=0\n" + "exit-kibibytes-read 80=10,443=20,other=0\n" + "exit-streams-opened 80=4,443=4,other=0\n",OP_EQ, s); + tor_free(s); + + /* Add a few bytes on 10 more ports and ensure that only the top 10 + * ports are contained in the history string. */ + for (i = 50; i < 60; i++) { + rep_hist_note_exit_bytes(i, i, i); + rep_hist_note_exit_stream_opened(i); + } + s = rep_hist_format_exit_stats(now + 86400); + tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "exit-kibibytes-written 52=1,53=1,54=1,55=1,56=1,57=1,58=1," + "59=1,80=1,443=1,other=1\n" + "exit-kibibytes-read 52=1,53=1,54=1,55=1,56=1,57=1,58=1," + "59=1,80=10,443=20,other=1\n" + "exit-streams-opened 52=4,53=4,54=4,55=4,56=4,57=4,58=4," + "59=4,80=4,443=4,other=4\n",OP_EQ, s); + tor_free(s); + + /* Stop collecting stats, add some bytes, and ensure we don't generate + * a history string. */ + rep_hist_exit_stats_term(); + rep_hist_note_exit_bytes(80, 100, 10000); + s = rep_hist_format_exit_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Re-start stats, add some bytes, reset stats, and see what history we + * get when observing no streams or bytes at all. */ + rep_hist_exit_stats_init(now); + rep_hist_note_exit_stream_opened(80); + rep_hist_note_exit_bytes(80, 100, 10000); + rep_hist_reset_exit_stats(now); + s = rep_hist_format_exit_stats(now + 86400); + tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "exit-kibibytes-written other=0\n" + "exit-kibibytes-read other=0\n" + "exit-streams-opened other=0\n",OP_EQ, s); + tor_free(s); + + /* Continue with testing connection statistics; we shouldn't collect + * conn stats without initializing them. */ + rep_hist_note_or_conn_bytes(1, 20, 400, now); + s = rep_hist_format_conn_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Initialize stats, note bytes, and generate history string. */ + rep_hist_conn_stats_init(now); + rep_hist_note_or_conn_bytes(1, 30000, 400000, now); + rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5); + rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10); + rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); + s = rep_hist_format_conn_stats(now + 86400); + tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,1,0\n",OP_EQ, s); + tor_free(s); + + /* Stop collecting stats, add some bytes, and ensure we don't generate + * a history string. */ + rep_hist_conn_stats_term(); + rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); + s = rep_hist_format_conn_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Re-start stats, add some bytes, reset stats, and see what history we + * get when observing no bytes at all. */ + rep_hist_conn_stats_init(now); + rep_hist_note_or_conn_bytes(1, 30000, 400000, now); + rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5); + rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10); + rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15); + rep_hist_reset_conn_stats(now); + s = rep_hist_format_conn_stats(now + 86400); + tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,0,0\n",OP_EQ, s); + tor_free(s); + + /* Continue with testing buffer statistics; we shouldn't collect buffer + * stats without initializing them. */ + rep_hist_add_buffer_stats(2.0, 2.0, 20); + s = rep_hist_format_buffer_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Initialize stats, add statistics for a single circuit, and generate + * the history string. */ + rep_hist_buffer_stats_init(now); + rep_hist_add_buffer_stats(2.0, 2.0, 20); + s = rep_hist_format_buffer_stats(now + 86400); + tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "cell-processed-cells 20,0,0,0,0,0,0,0,0,0\n" + "cell-queued-cells 2.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00," + "0.00,0.00\n" + "cell-time-in-queue 2,0,0,0,0,0,0,0,0,0\n" + "cell-circuits-per-decile 1\n",OP_EQ, s); + tor_free(s); + + /* Add nineteen more circuit statistics to the one that's already in the + * history to see that the math works correctly. */ + for (i = 21; i < 30; i++) + rep_hist_add_buffer_stats(2.0, 2.0, i); + for (i = 20; i < 30; i++) + rep_hist_add_buffer_stats(3.5, 3.5, i); + s = rep_hist_format_buffer_stats(now + 86400); + tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "cell-processed-cells 29,28,27,26,25,24,23,22,21,20\n" + "cell-queued-cells 2.75,2.75,2.75,2.75,2.75,2.75,2.75,2.75," + "2.75,2.75\n" + "cell-time-in-queue 3,3,3,3,3,3,3,3,3,3\n" + "cell-circuits-per-decile 2\n",OP_EQ, s); + tor_free(s); + + /* Stop collecting stats, add statistics for one circuit, and ensure we + * don't generate a history string. */ + rep_hist_buffer_stats_term(); + rep_hist_add_buffer_stats(2.0, 2.0, 20); + s = rep_hist_format_buffer_stats(now + 86400); + tt_ptr_op(s, OP_EQ, NULL); + + /* Re-start stats, add statistics for one circuit, reset stats, and make + * sure that the history has all zeros. */ + rep_hist_buffer_stats_init(now); + rep_hist_add_buffer_stats(2.0, 2.0, 20); + rep_hist_reset_buffer_stats(now); + s = rep_hist_format_buffer_stats(now + 86400); + tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n" + "cell-processed-cells 0,0,0,0,0,0,0,0,0,0\n" + "cell-queued-cells 0.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00," + "0.00,0.00\n" + "cell-time-in-queue 0,0,0,0,0,0,0,0,0,0\n" + "cell-circuits-per-decile 0\n",OP_EQ, s); + + done: + tor_free(s); +} + +/** Run unit tests the mtbf stats code. */ +static void +test_rephist_mtbf(void *arg) +{ + (void)arg; + + time_t now = 1572500000; /* 2010-10-31 05:33:20 UTC */ + time_t far_future = MAX(now, time(NULL)) + 365*24*60*60; + int r; + + /* Make a temporary datadir for these tests */ + char *ddir_fname = tor_strdup(get_fname_rnd("datadir_mtbf")); + tor_free(get_options_mutable()->DataDirectory); + get_options_mutable()->DataDirectory = tor_strdup(ddir_fname); + check_private_dir(ddir_fname, CPD_CREATE, NULL); + + rep_history_clean(far_future); + + /* No data */ + + r = rep_hist_load_mtbf_data(now); + tt_int_op(r, OP_EQ, -1); + rep_history_clean(far_future); + + /* Blank data */ + + r = rep_hist_record_mtbf_data(now, 0); + tt_int_op(r, OP_EQ, 0); + r = rep_hist_load_mtbf_data(now); + tt_int_op(r, OP_EQ, 0); + rep_history_clean(far_future); + + r = rep_hist_record_mtbf_data(now, 1); + tt_int_op(r, OP_EQ, 0); + r = rep_hist_load_mtbf_data(now); + tt_int_op(r, OP_EQ, 0); + rep_history_clean(far_future); + + done: + rep_history_clean(far_future); + tor_free(ddir_fname); +} + +#define ENT(name) \ + { #name, test_ ## name , 0, NULL, NULL } +#define FORK(name) \ + { #name, test_ ## name , TT_FORK, NULL, NULL } + +struct testcase_t stats_tests[] = { + FORK(stats), + ENT(rephist_mtbf), + + END_OF_TESTCASES +}; diff --git a/src/test/test_status.c b/src/test/test_status.c index 9c47469975..82afe0fd2a 100644 --- a/src/test/test_status.c +++ b/src/test/test_status.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2019, The Tor Project, Inc. */ +/* Copyright (c) 2014-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define STATUS_PRIVATE @@ -33,10 +33,6 @@ #include "test/test.h" -#define NS_MODULE status - -#define NS_SUBMODULE count_circuits - /* * Test that count_circuits() is correctly counting the number of * global circuits. @@ -44,10 +40,10 @@ static smartlist_t * mock_global_circuitlist = NULL; -NS_DECL(smartlist_t *, circuit_get_global_list, (void)); +static smartlist_t * status_count_circuits_circuit_get_global_list(void); static void -NS(test_main)(void *arg) +test_status_count_circuits(void *arg) { /* Choose origin_circuit_t wlog. */ origin_circuit_t *mock_circuit1, *mock_circuit2; @@ -61,7 +57,8 @@ NS(test_main)(void *arg) smartlist_add(mock_global_circuitlist, TO_CIRCUIT(mock_circuit1)); smartlist_add(mock_global_circuitlist, TO_CIRCUIT(mock_circuit2)); - NS_MOCK(circuit_get_global_list); + MOCK(circuit_get_global_list, + status_count_circuits_circuit_get_global_list); actual_circuits = count_circuits(); @@ -72,25 +69,22 @@ NS(test_main)(void *arg) tor_free(mock_circuit2); smartlist_free(mock_global_circuitlist); mock_global_circuitlist = NULL; - NS_UNMOCK(circuit_get_global_list); + UNMOCK(circuit_get_global_list); } static smartlist_t * -NS(circuit_get_global_list)(void) +status_count_circuits_circuit_get_global_list(void) { return mock_global_circuitlist; } -#undef NS_SUBMODULE -#define NS_SUBMODULE secs_to_uptime - /* * Test that secs_to_uptime() is converting the number of seconds that * Tor is up for into the appropriate string form containing hours and minutes. */ static void -NS(test_main)(void *arg) +test_status_secs_to_uptime(void *arg) { const char *expected; char *actual; @@ -161,9 +155,6 @@ NS(test_main)(void *arg) tor_free(actual); } -#undef NS_SUBMODULE -#define NS_SUBMODULE bytes_to_usage - /* * Test that bytes_to_usage() is correctly converting the number of bytes that * Tor has read/written into the appropriate string form containing kilobytes, @@ -171,7 +162,7 @@ NS(test_main)(void *arg) */ static void -NS(test_main)(void *arg) +test_status_bytes_to_usage(void *arg) { const char *expected; char *actual; @@ -242,29 +233,30 @@ NS(test_main)(void *arg) tor_free(actual); } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, fails) - /* * Tests that log_heartbeat() fails when in the public server mode, * not hibernating, and we couldn't get the current routerinfo. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); +static double status_hb_fails_tls_get_write_overhead_ratio(void); +static int status_hb_fails_we_are_hibernating(void); +static int status_hb_fails_public_server_mode(const or_options_t *options); +static const routerinfo_t * status_hb_fails_router_get_my_routerinfo(void); static void -NS(test_main)(void *arg) +test_status_hb_fails(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(router_get_my_routerinfo); + MOCK(tls_get_write_overhead_ratio, + status_hb_fails_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_fails_we_are_hibernating); + MOCK(public_server_mode, + status_hb_fails_public_server_mode); + MOCK(router_get_my_routerinfo, + status_hb_fails_router_get_my_routerinfo); expected = -1; actual = log_heartbeat(0); @@ -272,26 +264,26 @@ NS(test_main)(void *arg) tt_int_op(actual, OP_EQ, expected); done: - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(router_get_my_routerinfo); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(router_get_my_routerinfo); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_fails_tls_get_write_overhead_ratio(void) { return 2.0; } static int -NS(we_are_hibernating)(void) +status_hb_fails_we_are_hibernating(void) { return 0; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_fails_public_server_mode(const or_options_t *options) { (void)options; @@ -299,43 +291,51 @@ NS(public_server_mode)(const or_options_t *options) } static const routerinfo_t * -NS(router_get_my_routerinfo)(void) +status_hb_fails_router_get_my_routerinfo(void) { return NULL; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, not_in_consensus) - /* * Tests that log_heartbeat() logs appropriately if we are not in the cached * consensus. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(const routerinfo_t *, router_get_my_routerinfo, (void)); -NS_DECL(const node_t *, node_get_by_id, (const char *identity_digest)); -NS_DECL(void, logv, (int severity, log_domain_mask_t domain, - const char *funcname, const char *suffix, const char *format, va_list ap)); -NS_DECL(int, server_mode, (const or_options_t *options)); +static double status_hb_not_in_consensus_tls_get_write_overhead_ratio(void); +static int status_hb_not_in_consensus_we_are_hibernating(void); +static int status_hb_not_in_consensus_public_server_mode( + const or_options_t *options); +static const routerinfo_t *status_hb_not_in_consensus_get_my_routerinfo(void); +static const node_t * status_hb_not_in_consensus_node_get_by_id( + const char *identity_digest); +static void status_hb_not_in_consensus_logv( + int severity, log_domain_mask_t domain, const char *funcname, + const char *suffix, const char *format, va_list ap); +static int status_hb_not_in_consensus_logv_called = 0; +static int status_hb_not_in_consensus_server_mode(const or_options_t *options); static routerinfo_t *mock_routerinfo; static void -NS(test_main)(void *arg) +test_status_hb_not_in_consensus(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(router_get_my_routerinfo); - NS_MOCK(node_get_by_id); - NS_MOCK(logv); - NS_MOCK(server_mode); + MOCK(tls_get_write_overhead_ratio, + status_hb_not_in_consensus_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_not_in_consensus_we_are_hibernating); + MOCK(public_server_mode, + status_hb_not_in_consensus_public_server_mode); + MOCK(router_get_my_routerinfo, + status_hb_not_in_consensus_get_my_routerinfo); + MOCK(node_get_by_id, + status_hb_not_in_consensus_node_get_by_id); + MOCK(logv, + status_hb_not_in_consensus_logv); + MOCK(server_mode, + status_hb_not_in_consensus_server_mode); log_global_min_severity_ = LOG_DEBUG; onion_handshakes_requested[ONION_HANDSHAKE_TYPE_TAP] = 1; @@ -347,33 +347,33 @@ NS(test_main)(void *arg) actual = log_heartbeat(0); tt_int_op(actual, OP_EQ, expected); - tt_int_op(CALLED(logv), OP_EQ, 6); + tt_int_op(status_hb_not_in_consensus_logv_called, OP_EQ, 6); done: - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(router_get_my_routerinfo); - NS_UNMOCK(node_get_by_id); - NS_UNMOCK(logv); - NS_UNMOCK(server_mode); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(router_get_my_routerinfo); + UNMOCK(node_get_by_id); + UNMOCK(logv); + UNMOCK(server_mode); tor_free(mock_routerinfo); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_not_in_consensus_tls_get_write_overhead_ratio(void) { return 1.0; } static int -NS(we_are_hibernating)(void) +status_hb_not_in_consensus_we_are_hibernating(void) { return 0; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_not_in_consensus_public_server_mode(const or_options_t *options) { (void)options; @@ -381,7 +381,7 @@ NS(public_server_mode)(const or_options_t *options) } static const routerinfo_t * -NS(router_get_my_routerinfo)(void) +status_hb_not_in_consensus_get_my_routerinfo(void) { mock_routerinfo = tor_malloc(sizeof(routerinfo_t)); @@ -389,7 +389,7 @@ NS(router_get_my_routerinfo)(void) } static const node_t * -NS(node_get_by_id)(const char *identity_digest) +status_hb_not_in_consensus_node_get_by_id(const char *identity_digest) { (void)identity_digest; @@ -397,14 +397,14 @@ NS(node_get_by_id)(const char *identity_digest) } static void -NS(logv)(int severity, log_domain_mask_t domain, +status_hb_not_in_consensus_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) { - switch (CALLED(logv)) + switch (status_hb_not_in_consensus_logv_called) { case 0: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -412,7 +412,7 @@ NS(logv)(int severity, log_domain_mask_t domain, break; case 1: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -429,7 +429,7 @@ NS(logv)(int severity, log_domain_mask_t domain, break; case 3: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "rep_hist_log_circuit_handshake_stats"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); @@ -442,19 +442,20 @@ NS(logv)(int severity, log_domain_mask_t domain, break; case 4: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "rep_hist_log_link_protocol_counts"), OP_NE, NULL); break; case 5: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); - tt_str_op(format, OP_EQ, "DoS mitigation since startup:%s%s%s%s"); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); + tt_str_op(format, OP_EQ, "DoS mitigation since startup:%s%s%s%s%s"); tt_str_op(va_arg(ap, char *), OP_EQ, " 0 circuits killed with too many cells."); tt_str_op(va_arg(ap, char *), OP_EQ, " [cc not enabled]"); tt_str_op(va_arg(ap, char *), OP_EQ, " [conn not enabled]"); tt_str_op(va_arg(ap, char *), OP_EQ, ""); + tt_str_op(va_arg(ap, char *), OP_EQ, " 0 INTRODUCE2 rejected."); break; default: tt_abort_msg("unexpected call to logv()"); // TODO: prettyprint args @@ -462,51 +463,58 @@ NS(logv)(int severity, log_domain_mask_t domain, } done: - CALLED(logv)++; + status_hb_not_in_consensus_logv_called++; } static int -NS(server_mode)(const or_options_t *options) +status_hb_not_in_consensus_server_mode(const or_options_t *options) { (void)options; return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, simple) - /* * Tests that log_heartbeat() correctly logs heartbeat information * normally. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(long, get_uptime, (void)); -NS_DECL(uint64_t, get_bytes_read, (void)); -NS_DECL(uint64_t, get_bytes_written, (void)); -NS_DECL(void, logv, (int severity, log_domain_mask_t domain, - const char *funcname, const char *suffix, const char *format, va_list ap)); -NS_DECL(int, server_mode, (const or_options_t *options)); +static double status_hb_simple_tls_get_write_overhead_ratio(void); +static int status_hb_simple_we_are_hibernating(void); +static int status_hb_simple_public_server_mode(const or_options_t *options); +static long status_hb_simple_get_uptime(void); +static uint64_t status_hb_simple_get_bytes_read(void); +static uint64_t status_hb_simple_get_bytes_written(void); +static void status_hb_simple_logv(int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, + const char *format, va_list ap); +ATTR_UNUSED static int status_hb_simple_logv_called = 0; +static int status_hb_simple_server_mode(const or_options_t *options); -static int NS(n_msgs) = 0; +static int status_hb_simple_n_msgs = 0; static void -NS(test_main)(void *arg) +test_status_hb_simple(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(get_uptime); - NS_MOCK(get_bytes_read); - NS_MOCK(get_bytes_written); - NS_MOCK(logv); - NS_MOCK(server_mode); + MOCK(tls_get_write_overhead_ratio, + status_hb_simple_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_simple_we_are_hibernating); + MOCK(public_server_mode, + status_hb_simple_public_server_mode); + MOCK(get_uptime, + status_hb_simple_get_uptime); + MOCK(get_bytes_read, + status_hb_simple_get_bytes_read); + MOCK(get_bytes_written, + status_hb_simple_get_bytes_written); + MOCK(logv, + status_hb_simple_logv); + MOCK(server_mode, + status_hb_simple_server_mode); log_global_min_severity_ = LOG_DEBUG; @@ -514,33 +522,33 @@ NS(test_main)(void *arg) actual = log_heartbeat(0); tt_int_op(actual, OP_EQ, expected); - tt_int_op(NS(n_msgs), OP_EQ, 1); + tt_int_op(status_hb_simple_n_msgs, OP_EQ, 1); done: - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(get_uptime); - NS_UNMOCK(get_bytes_read); - NS_UNMOCK(get_bytes_written); - NS_UNMOCK(logv); - NS_UNMOCK(server_mode); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(get_uptime); + UNMOCK(get_bytes_read); + UNMOCK(get_bytes_written); + UNMOCK(logv); + UNMOCK(server_mode); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_simple_tls_get_write_overhead_ratio(void) { return 1.0; } static int -NS(we_are_hibernating)(void) +status_hb_simple_we_are_hibernating(void) { return 1; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_simple_public_server_mode(const or_options_t *options) { (void)options; @@ -548,33 +556,34 @@ NS(public_server_mode)(const or_options_t *options) } static long -NS(get_uptime)(void) +status_hb_simple_get_uptime(void) { return 0; } static uint64_t -NS(get_bytes_read)(void) +status_hb_simple_get_bytes_read(void) { return 0; } static uint64_t -NS(get_bytes_written)(void) +status_hb_simple_get_bytes_written(void) { return 0; } static void -NS(logv)(int severity, log_domain_mask_t domain, const char *funcname, +status_hb_simple_logv(int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, const char *format, va_list ap) { if (severity == LOG_INFO) return; - ++NS(n_msgs); + ++status_hb_simple_n_msgs; tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -591,54 +600,69 @@ NS(logv)(int severity, log_domain_mask_t domain, const char *funcname, } static int -NS(server_mode)(const or_options_t *options) +status_hb_simple_server_mode(const or_options_t *options) { (void)options; return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, calls_log_accounting) - /* * Tests that log_heartbeat() correctly logs heartbeat information * and accounting information when configured. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(long, get_uptime, (void)); -NS_DECL(uint64_t, get_bytes_read, (void)); -NS_DECL(uint64_t, get_bytes_written, (void)); -NS_DECL(void, logv, (int severity, log_domain_mask_t domain, - const char *funcname, const char *suffix, const char *format, va_list ap)); -NS_DECL(int, server_mode, (const or_options_t *options)); -NS_DECL(or_state_t *, get_or_state, (void)); -NS_DECL(int, accounting_is_enabled, (const or_options_t *options)); -NS_DECL(time_t, accounting_get_end_time, (void)); - -static or_state_t * NS(mock_state) = NULL; -static or_options_t * NS(mock_options) = NULL; +static double status_hb_calls_log_accounting_tls_get_write_overhead_ratio( + void); +static int status_hb_calls_log_accounting_we_are_hibernating(void); +static int status_hb_calls_log_accounting_public_server_mode( + const or_options_t *options); +static long status_hb_calls_log_accounting_get_uptime(void); +static uint64_t status_hb_calls_log_accounting_get_bytes_read(void); +static uint64_t status_hb_calls_log_accounting_get_bytes_written(void); +static void status_hb_calls_log_accounting_logv( + int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, + const char *format, va_list ap); +static int status_hb_calls_log_accounting_logv_called = 0; +static int status_hb_calls_log_accounting_server_mode( + const or_options_t *options); +static or_state_t * status_hb_calls_log_accounting_get_or_state(void); +static int status_hb_calls_log_accounting_accounting_is_enabled( + const or_options_t *options); +static time_t status_hb_calls_log_accounting_accounting_get_end_time(void); + +static or_state_t * status_hb_calls_log_accounting_mock_state = NULL; +static or_options_t * status_hb_calls_log_accounting_mock_options = NULL; static void -NS(test_main)(void *arg) +test_status_hb_calls_log_accounting(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(get_uptime); - NS_MOCK(get_bytes_read); - NS_MOCK(get_bytes_written); - NS_MOCK(logv); - NS_MOCK(server_mode); - NS_MOCK(get_or_state); - NS_MOCK(accounting_is_enabled); - NS_MOCK(accounting_get_end_time); + MOCK(tls_get_write_overhead_ratio, + status_hb_calls_log_accounting_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_calls_log_accounting_we_are_hibernating); + MOCK(public_server_mode, + status_hb_calls_log_accounting_public_server_mode); + MOCK(get_uptime, + status_hb_calls_log_accounting_get_uptime); + MOCK(get_bytes_read, + status_hb_calls_log_accounting_get_bytes_read); + MOCK(get_bytes_written, + status_hb_calls_log_accounting_get_bytes_written); + MOCK(logv, + status_hb_calls_log_accounting_logv); + MOCK(server_mode, + status_hb_calls_log_accounting_server_mode); + MOCK(get_or_state, + status_hb_calls_log_accounting_get_or_state); + MOCK(accounting_is_enabled, + status_hb_calls_log_accounting_accounting_is_enabled); + MOCK(accounting_get_end_time, + status_hb_calls_log_accounting_accounting_get_end_time); log_global_min_severity_ = LOG_DEBUG; @@ -646,37 +670,37 @@ NS(test_main)(void *arg) actual = log_heartbeat(0); tt_int_op(actual, OP_EQ, expected); - tt_int_op(CALLED(logv), OP_EQ, 3); + tt_int_op(status_hb_calls_log_accounting_logv_called, OP_EQ, 3); done: - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(get_uptime); - NS_UNMOCK(get_bytes_read); - NS_UNMOCK(get_bytes_written); - NS_UNMOCK(logv); - NS_UNMOCK(server_mode); - NS_UNMOCK(accounting_is_enabled); - NS_UNMOCK(accounting_get_end_time); - tor_free_(NS(mock_state)); - tor_free_(NS(mock_options)); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(get_uptime); + UNMOCK(get_bytes_read); + UNMOCK(get_bytes_written); + UNMOCK(logv); + UNMOCK(server_mode); + UNMOCK(accounting_is_enabled); + UNMOCK(accounting_get_end_time); + tor_free_(status_hb_calls_log_accounting_mock_state); + tor_free_(status_hb_calls_log_accounting_mock_options); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_calls_log_accounting_tls_get_write_overhead_ratio(void) { return 1.0; } static int -NS(we_are_hibernating)(void) +status_hb_calls_log_accounting_we_are_hibernating(void) { return 0; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_calls_log_accounting_public_server_mode(const or_options_t *options) { (void)options; @@ -684,32 +708,32 @@ NS(public_server_mode)(const or_options_t *options) } static long -NS(get_uptime)(void) +status_hb_calls_log_accounting_get_uptime(void) { return 0; } static uint64_t -NS(get_bytes_read)(void) +status_hb_calls_log_accounting_get_bytes_read(void) { return 0; } static uint64_t -NS(get_bytes_written)(void) +status_hb_calls_log_accounting_get_bytes_written(void) { return 0; } static void -NS(logv)(int severity, log_domain_mask_t domain, +status_hb_calls_log_accounting_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) { - switch (CALLED(logv)) + switch (status_hb_calls_log_accounting_logv_called) { case 0: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -723,7 +747,7 @@ NS(logv)(int severity, log_domain_mask_t domain, break; case 1: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_accounting"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -750,11 +774,11 @@ NS(logv)(int severity, log_domain_mask_t domain, } done: - CALLED(logv)++; + status_hb_calls_log_accounting_logv_called++; } static int -NS(server_mode)(const or_options_t *options) +status_hb_calls_log_accounting_server_mode(const or_options_t *options) { (void)options; @@ -762,7 +786,8 @@ NS(server_mode)(const or_options_t *options) } static int -NS(accounting_is_enabled)(const or_options_t *options) +status_hb_calls_log_accounting_accounting_is_enabled( + const or_options_t *options) { (void)options; @@ -770,55 +795,71 @@ NS(accounting_is_enabled)(const or_options_t *options) } static time_t -NS(accounting_get_end_time)(void) +status_hb_calls_log_accounting_accounting_get_end_time(void) { return 60; } static or_state_t * -NS(get_or_state)(void) +status_hb_calls_log_accounting_get_or_state(void) { - NS(mock_state) = tor_malloc_zero(sizeof(or_state_t)); - NS(mock_state)->AccountingBytesReadInInterval = 0; - NS(mock_state)->AccountingBytesWrittenInInterval = 0; - - return NS(mock_state); + status_hb_calls_log_accounting_mock_state = + tor_malloc_zero(sizeof(or_state_t)); + status_hb_calls_log_accounting_mock_state + ->AccountingBytesReadInInterval = 0; + status_hb_calls_log_accounting_mock_state + ->AccountingBytesWrittenInInterval = 0; + + return status_hb_calls_log_accounting_mock_state; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, packaged_cell_fullness) - /* * Tests that log_heartbeat() correctly logs packaged cell * fullness information. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(long, get_uptime, (void)); -NS_DECL(uint64_t, get_bytes_read, (void)); -NS_DECL(uint64_t, get_bytes_written, (void)); -NS_DECL(void, logv, (int severity, log_domain_mask_t domain, - const char *funcname, const char *suffix, const char *format, va_list ap)); -NS_DECL(int, server_mode, (const or_options_t *options)); -NS_DECL(int, accounting_is_enabled, (const or_options_t *options)); +static double status_hb_packaged_cell_fullness_tls_get_write_overhead_ratio( + void); +static int status_hb_packaged_cell_fullness_we_are_hibernating(void); +static int status_hb_packaged_cell_fullness_public_server_mode( + const or_options_t *options); +static long status_hb_packaged_cell_fullness_get_uptime(void); +static uint64_t status_hb_packaged_cell_fullness_get_bytes_read(void); +static uint64_t status_hb_packaged_cell_fullness_get_bytes_written(void); +static void status_hb_packaged_cell_fullness_logv( + int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, + const char *format, va_list ap); +static int status_hb_packaged_cell_fullness_logv_called = 0; +static int status_hb_packaged_cell_fullness_server_mode( + const or_options_t *options); +static int status_hb_packaged_cell_fullness_accounting_is_enabled( + const or_options_t *options); static void -NS(test_main)(void *arg) +test_status_hb_packaged_cell_fullness(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(get_uptime); - NS_MOCK(get_bytes_read); - NS_MOCK(get_bytes_written); - NS_MOCK(logv); - NS_MOCK(server_mode); - NS_MOCK(accounting_is_enabled); + MOCK(tls_get_write_overhead_ratio, + status_hb_packaged_cell_fullness_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_packaged_cell_fullness_we_are_hibernating); + MOCK(public_server_mode, + status_hb_packaged_cell_fullness_public_server_mode); + MOCK(get_uptime, + status_hb_packaged_cell_fullness_get_uptime); + MOCK(get_bytes_read, + status_hb_packaged_cell_fullness_get_bytes_read); + MOCK(get_bytes_written, + status_hb_packaged_cell_fullness_get_bytes_written); + MOCK(logv, + status_hb_packaged_cell_fullness_logv); + MOCK(server_mode, + status_hb_packaged_cell_fullness_server_mode); + MOCK(accounting_is_enabled, + status_hb_packaged_cell_fullness_accounting_is_enabled); log_global_min_severity_ = LOG_DEBUG; stats_n_data_bytes_packaged = RELAY_PAYLOAD_SIZE; @@ -827,36 +868,37 @@ NS(test_main)(void *arg) actual = log_heartbeat(0); tt_int_op(actual, OP_EQ, expected); - tt_int_op(CALLED(logv), OP_EQ, 2); + tt_int_op(status_hb_packaged_cell_fullness_logv_called, OP_EQ, 2); done: stats_n_data_bytes_packaged = 0; stats_n_data_cells_packaged = 0; - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(get_uptime); - NS_UNMOCK(get_bytes_read); - NS_UNMOCK(get_bytes_written); - NS_UNMOCK(logv); - NS_UNMOCK(server_mode); - NS_UNMOCK(accounting_is_enabled); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(get_uptime); + UNMOCK(get_bytes_read); + UNMOCK(get_bytes_written); + UNMOCK(logv); + UNMOCK(server_mode); + UNMOCK(accounting_is_enabled); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_packaged_cell_fullness_tls_get_write_overhead_ratio(void) { return 1.0; } static int -NS(we_are_hibernating)(void) +status_hb_packaged_cell_fullness_we_are_hibernating(void) { return 0; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_packaged_cell_fullness_public_server_mode( + const or_options_t *options) { (void)options; @@ -864,32 +906,33 @@ NS(public_server_mode)(const or_options_t *options) } static long -NS(get_uptime)(void) +status_hb_packaged_cell_fullness_get_uptime(void) { return 0; } static uint64_t -NS(get_bytes_read)(void) +status_hb_packaged_cell_fullness_get_bytes_read(void) { return 0; } static uint64_t -NS(get_bytes_written)(void) +status_hb_packaged_cell_fullness_get_bytes_written(void) { return 0; } static void -NS(logv)(int severity, log_domain_mask_t domain, const char *funcname, +status_hb_packaged_cell_fullness_logv(int severity, + log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) { - switch (CALLED(logv)) + switch (status_hb_packaged_cell_fullness_logv_called) { case 0: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -903,7 +946,7 @@ NS(logv)(int severity, log_domain_mask_t domain, const char *funcname, break; case 1: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -918,11 +961,11 @@ NS(logv)(int severity, log_domain_mask_t domain, const char *funcname, } done: - CALLED(logv)++; + status_hb_packaged_cell_fullness_logv_called++; } static int -NS(server_mode)(const or_options_t *options) +status_hb_packaged_cell_fullness_server_mode(const or_options_t *options) { (void)options; @@ -930,47 +973,60 @@ NS(server_mode)(const or_options_t *options) } static int -NS(accounting_is_enabled)(const or_options_t *options) +status_hb_packaged_cell_fullness_accounting_is_enabled( + const or_options_t *options) { (void)options; return 0; } -#undef NS_SUBMODULE -#define NS_SUBMODULE ASPECT(log_heartbeat, tls_write_overhead) - /* * Tests that log_heartbeat() correctly logs the TLS write overhead information * when the TLS write overhead ratio exceeds 1. */ -NS_DECL(double, tls_get_write_overhead_ratio, (void)); -NS_DECL(int, we_are_hibernating, (void)); -NS_DECL(int, public_server_mode, (const or_options_t *options)); -NS_DECL(long, get_uptime, (void)); -NS_DECL(uint64_t, get_bytes_read, (void)); -NS_DECL(uint64_t, get_bytes_written, (void)); -NS_DECL(void, logv, (int severity, log_domain_mask_t domain, - const char *funcname, const char *suffix, const char *format, va_list ap)); -NS_DECL(int, server_mode, (const or_options_t *options)); -NS_DECL(int, accounting_is_enabled, (const or_options_t *options)); +static double status_hb_tls_write_overhead_tls_get_write_overhead_ratio(void); +static int status_hb_tls_write_overhead_we_are_hibernating(void); +static int status_hb_tls_write_overhead_public_server_mode( + const or_options_t *options); +static long status_hb_tls_write_overhead_get_uptime(void); +static uint64_t status_hb_tls_write_overhead_get_bytes_read(void); +static uint64_t status_hb_tls_write_overhead_get_bytes_written(void); +static void status_hb_tls_write_overhead_logv( + int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, + const char *format, va_list ap); +static int status_hb_tls_write_overhead_logv_called = 0; +static int status_hb_tls_write_overhead_server_mode( + const or_options_t *options); +static int status_hb_tls_write_overhead_accounting_is_enabled( + const or_options_t *options); static void -NS(test_main)(void *arg) +test_status_hb_tls_write_overhead(void *arg) { int expected, actual; (void)arg; - NS_MOCK(tls_get_write_overhead_ratio); - NS_MOCK(we_are_hibernating); - NS_MOCK(public_server_mode); - NS_MOCK(get_uptime); - NS_MOCK(get_bytes_read); - NS_MOCK(get_bytes_written); - NS_MOCK(logv); - NS_MOCK(server_mode); - NS_MOCK(accounting_is_enabled); + MOCK(tls_get_write_overhead_ratio, + status_hb_tls_write_overhead_tls_get_write_overhead_ratio); + MOCK(we_are_hibernating, + status_hb_tls_write_overhead_we_are_hibernating); + MOCK(public_server_mode, + status_hb_tls_write_overhead_public_server_mode); + MOCK(get_uptime, + status_hb_tls_write_overhead_get_uptime); + MOCK(get_bytes_read, + status_hb_tls_write_overhead_get_bytes_read); + MOCK(get_bytes_written, + status_hb_tls_write_overhead_get_bytes_written); + MOCK(logv, + status_hb_tls_write_overhead_logv); + MOCK(server_mode, + status_hb_tls_write_overhead_server_mode); + MOCK(accounting_is_enabled, + status_hb_tls_write_overhead_accounting_is_enabled); stats_n_data_cells_packaged = 0; log_global_min_severity_ = LOG_DEBUG; @@ -978,34 +1034,34 @@ NS(test_main)(void *arg) actual = log_heartbeat(0); tt_int_op(actual, OP_EQ, expected); - tt_int_op(CALLED(logv), OP_EQ, 2); + tt_int_op(status_hb_tls_write_overhead_logv_called, OP_EQ, 2); done: - NS_UNMOCK(tls_get_write_overhead_ratio); - NS_UNMOCK(we_are_hibernating); - NS_UNMOCK(public_server_mode); - NS_UNMOCK(get_uptime); - NS_UNMOCK(get_bytes_read); - NS_UNMOCK(get_bytes_written); - NS_UNMOCK(logv); - NS_UNMOCK(server_mode); - NS_UNMOCK(accounting_is_enabled); + UNMOCK(tls_get_write_overhead_ratio); + UNMOCK(we_are_hibernating); + UNMOCK(public_server_mode); + UNMOCK(get_uptime); + UNMOCK(get_bytes_read); + UNMOCK(get_bytes_written); + UNMOCK(logv); + UNMOCK(server_mode); + UNMOCK(accounting_is_enabled); } static double -NS(tls_get_write_overhead_ratio)(void) +status_hb_tls_write_overhead_tls_get_write_overhead_ratio(void) { return 2.0; } static int -NS(we_are_hibernating)(void) +status_hb_tls_write_overhead_we_are_hibernating(void) { return 0; } static int -NS(public_server_mode)(const or_options_t *options) +status_hb_tls_write_overhead_public_server_mode(const or_options_t *options) { (void)options; @@ -1013,32 +1069,32 @@ NS(public_server_mode)(const or_options_t *options) } static long -NS(get_uptime)(void) +status_hb_tls_write_overhead_get_uptime(void) { return 0; } static uint64_t -NS(get_bytes_read)(void) +status_hb_tls_write_overhead_get_bytes_read(void) { return 0; } static uint64_t -NS(get_bytes_written)(void) +status_hb_tls_write_overhead_get_bytes_written(void) { return 0; } static void -NS(logv)(int severity, log_domain_mask_t domain, +status_hb_tls_write_overhead_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) { - switch (CALLED(logv)) + switch (status_hb_tls_write_overhead_logv_called) { case 0: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -1052,7 +1108,7 @@ NS(logv)(int severity, log_domain_mask_t domain, break; case 1: tt_int_op(severity, OP_EQ, LOG_NOTICE); - tt_int_op(domain, OP_EQ, LD_HEARTBEAT); + tt_u64_op(domain, OP_EQ, LD_HEARTBEAT); tt_ptr_op(strstr(funcname, "log_heartbeat"), OP_NE, NULL); tt_ptr_op(suffix, OP_EQ, NULL); tt_str_op(format, OP_EQ, @@ -1067,11 +1123,11 @@ NS(logv)(int severity, log_domain_mask_t domain, } done: - CALLED(logv)++; + status_hb_tls_write_overhead_logv_called++; } static int -NS(server_mode)(const or_options_t *options) +status_hb_tls_write_overhead_server_mode(const or_options_t *options) { (void)options; @@ -1079,24 +1135,26 @@ NS(server_mode)(const or_options_t *options) } static int -NS(accounting_is_enabled)(const or_options_t *options) +status_hb_tls_write_overhead_accounting_is_enabled(const or_options_t *options) { (void)options; return 0; } -#undef NS_SUBMODULE - struct testcase_t status_tests[] = { - TEST_CASE(count_circuits), - TEST_CASE(secs_to_uptime), - TEST_CASE(bytes_to_usage), - TEST_CASE_ASPECT(log_heartbeat, fails), - TEST_CASE_ASPECT(log_heartbeat, simple), - TEST_CASE_ASPECT(log_heartbeat, not_in_consensus), - TEST_CASE_ASPECT(log_heartbeat, calls_log_accounting), - TEST_CASE_ASPECT(log_heartbeat, packaged_cell_fullness), - TEST_CASE_ASPECT(log_heartbeat, tls_write_overhead), + { "count_circuits", test_status_count_circuits, TT_FORK, NULL, NULL }, + { "secs_to_uptime", test_status_secs_to_uptime, TT_FORK, NULL, NULL }, + { "bytes_to_usage", test_status_bytes_to_usage, TT_FORK, NULL, NULL }, + { "hb_fails", test_status_hb_fails, TT_FORK, NULL, NULL }, + { "hb_simple", test_status_hb_simple, TT_FORK, NULL, NULL }, + { "hb_not_in_consensus", test_status_hb_not_in_consensus, + TT_FORK, NULL, NULL }, + { "hb_calls_log_accounting", test_status_hb_calls_log_accounting, + TT_FORK, NULL, NULL }, + { "hb_packaged_cell_fullness", test_status_hb_packaged_cell_fullness, + TT_FORK, NULL, NULL }, + { "hb_tls_write_overhead", test_status_hb_tls_write_overhead, + TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_storagedir.c b/src/test/test_storagedir.c index 24e45c7428..eb3779cfee 100644 --- a/src/test/test_storagedir.c +++ b/src/test/test_storagedir.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* Copyright (c) 2017-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" diff --git a/src/test/test_switch_id.c b/src/test/test_switch_id.c index baddf8d66e..f97af55d17 100644 --- a/src/test/test_switch_id.c +++ b/src/test/test_switch_id.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2015-2019, The Tor Project, Inc. */ +/* Copyright (c) 2015-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" @@ -32,6 +32,46 @@ static const struct { }; #if !defined(_WIN32) + +/* Returns the first port that we think we can bind to without special + * permissions. Usually this function returns 1024. */ +static uint16_t +unprivileged_port_range_start(void) +{ + uint16_t result = 1024; + +#if defined(__linux__) + char *content = NULL; + + content = read_file_to_str( + "/proc/sys/net/ipv4/ip_unprivileged_port_start", + 0, + NULL); + + if (content != NULL) { + int ok = 1; + uint16_t tmp_result; + + tmp_result = (uint16_t)tor_parse_long(content, 10, 0, 65535, &ok, NULL); + + if (ok) { + result = tmp_result; + } else { + fprintf(stderr, + "Unable to convert ip_unprivileged_port_start to integer: %s\n", + content); + } + } + + tor_free(content); +#endif /* defined(__linux__) */ + + return result; +} + +#define PORT_TEST_RANGE_START 600 +#define PORT_TEST_RANGE_END 1024 + /* 0 on no, 1 on yes, -1 on failure. */ static int check_can_bind_low_ports(void) @@ -41,7 +81,7 @@ check_can_bind_low_ports(void) memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; - for (port = 600; port < 1024; ++port) { + for (port = PORT_TEST_RANGE_START; port < PORT_TEST_RANGE_END; ++port) { sin.sin_port = htons(port); tor_socket_t fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (! SOCKET_OK(fd)) { @@ -87,7 +127,7 @@ main(int argc, char **argv) fprintf(stderr, "This test is not supported on your OS.\n"); return 77; -#else /* !(defined(_WIN32)) */ +#else /* !defined(_WIN32) */ const char *username; const char *testname; if (argc != 3) { @@ -149,10 +189,24 @@ main(int argc, char **argv) /* Succeed if we can do a setuid with capability retention, and doing so * does not make us lose the ability to bind low ports */ { - int keepcaps = (test_id == TEST_SETUID_KEEPCAPS); + const int keepcaps = (test_id == TEST_SETUID_KEEPCAPS); okay = switch_id(username, keepcaps ? SWITCH_ID_KEEP_BINDLOW : 0) == 0; + if (okay) { - okay = check_can_bind_low_ports() == keepcaps; + /* Only run this check if there are ports we may not be able to bind + * to. */ + const uint16_t min_port = unprivileged_port_range_start(); + + if (min_port >= PORT_TEST_RANGE_START && + min_port < PORT_TEST_RANGE_END) { + okay = check_can_bind_low_ports() == keepcaps; + } else { + fprintf(stderr, + "Skipping check for whether we can bind to any " + "privileged ports as the user system seems to " + "allow us to bind to ports even without any " + "capabilities set.\n"); + } } break; } diff --git a/src/test/test_switch_id.sh b/src/test/test_switch_id.sh index 79c44f2eb1..b13bf7602f 100755 --- a/src/test/test_switch_id.sh +++ b/src/test/test_switch_id.sh @@ -1,11 +1,11 @@ #!/bin/sh -if test "`id -u`" != '0'; then +if test "$(id -u)" != '0'; then echo "This test only works when run as root. Skipping." >&2 exit 77 fi -if test "`id -u nobody`" = ""; then +if test "$(id -u nobody)" = ""; then echo "This test requires that your system have a 'nobody' user. Sorry." >&2 exit 1 fi diff --git a/src/test/test_threads.c b/src/test/test_threads.c index 4a5ecc6fae..d5a1834aef 100644 --- a/src/test/test_threads.c +++ b/src/test/test_threads.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -155,7 +155,7 @@ test_threads_basic(void *arg) tor_mutex_free(thread_test_start2_); } -typedef struct cv_testinfo_s { +typedef struct cv_testinfo_t { tor_cond_t *cond; tor_mutex_t *mutex; int value; diff --git a/src/test/test_token_bucket.c b/src/test/test_token_bucket.c new file mode 100644 index 0000000000..cf315f2944 --- /dev/null +++ b/src/test/test_token_bucket.c @@ -0,0 +1,152 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_bwmgt.c + * \brief tests for bandwidth management / token bucket functions + */ + +#define TOKEN_BUCKET_PRIVATE + +#include "core/or/or.h" +#include "test/test.h" + +#include "lib/evloop/token_bucket.h" + +// an imaginary time, in timestamp units. Chosen so it will roll over. +static const uint32_t START_TS = UINT32_MAX - 1000; +static const uint32_t RATE = 10; +static const uint32_t BURST = 50; + +static void +test_token_bucket_ctr_init(void *arg) +{ + (void) arg; + token_bucket_ctr_t tb; + + token_bucket_ctr_init(&tb, RATE, BURST, START_TS); + tt_uint_op(tb.cfg.rate, OP_EQ, RATE); + tt_uint_op(tb.cfg.burst, OP_EQ, BURST); + tt_uint_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS); + tt_int_op(tb.counter.bucket, OP_EQ, BURST); + + done: + ; +} + +static void +test_token_bucket_ctr_adjust(void *arg) +{ + (void) arg; + token_bucket_ctr_t tb; + + token_bucket_ctr_init(&tb, RATE, BURST, START_TS); + + /* Increase burst. */ + token_bucket_ctr_adjust(&tb, RATE, BURST * 2); + tt_uint_op(tb.cfg.rate, OP_EQ, RATE); + tt_uint_op(tb.counter.bucket, OP_EQ, BURST); + tt_uint_op(tb.cfg.burst, OP_EQ, BURST * 2); + + /* Decrease burst but still above bucket value. */ + token_bucket_ctr_adjust(&tb, RATE, BURST + 10); + tt_uint_op(tb.cfg.rate, OP_EQ, RATE); + tt_uint_op(tb.counter.bucket, OP_EQ, BURST); + tt_uint_op(tb.cfg.burst, OP_EQ, BURST + 10); + + /* Decrease burst below bucket value. */ + token_bucket_ctr_adjust(&tb, RATE, BURST - 1); + tt_uint_op(tb.cfg.rate, OP_EQ, RATE); + tt_uint_op(tb.counter.bucket, OP_EQ, BURST - 1); + tt_uint_op(tb.cfg.burst, OP_EQ, BURST - 1); + + /* Change rate. */ + token_bucket_ctr_adjust(&tb, RATE * 2, BURST); + tt_uint_op(tb.cfg.rate, OP_EQ, RATE * 2); + tt_uint_op(tb.counter.bucket, OP_EQ, BURST - 1); + tt_uint_op(tb.cfg.burst, OP_EQ, BURST); + + done: + ; +} + +static void +test_token_bucket_ctr_dec(void *arg) +{ + (void) arg; + token_bucket_ctr_t tb; + + token_bucket_ctr_init(&tb, RATE, BURST, START_TS); + + /* Simple decrement by one. */ + tt_uint_op(0, OP_EQ, token_bucket_ctr_dec(&tb, 1)); + tt_uint_op(tb.counter.bucket, OP_EQ, BURST - 1); + + /* Down to 0. Becomes empty. */ + tt_uint_op(true, OP_EQ, token_bucket_ctr_dec(&tb, BURST - 1)); + tt_uint_op(tb.counter.bucket, OP_EQ, 0); + + /* Reset and try to underflow. */ + token_bucket_ctr_init(&tb, RATE, BURST, START_TS); + tt_uint_op(true, OP_EQ, token_bucket_ctr_dec(&tb, BURST + 1)); + tt_int_op(tb.counter.bucket, OP_EQ, -1); + + /* Keep underflowing shouldn't flag the bucket as empty. */ + tt_uint_op(false, OP_EQ, token_bucket_ctr_dec(&tb, BURST)); + tt_int_op(tb.counter.bucket, OP_EQ, - (int32_t) (BURST + 1)); + + done: + ; +} + +static void +test_token_bucket_ctr_refill(void *arg) +{ + (void) arg; + token_bucket_ctr_t tb; + + token_bucket_ctr_init(&tb, RATE, BURST, START_TS); + + /* Reduce of half the bucket and let a single second go before refill. */ + token_bucket_ctr_dec(&tb, BURST / 2); + tt_int_op(tb.counter.bucket, OP_EQ, BURST / 2); + token_bucket_ctr_refill(&tb, START_TS + 1); + tt_int_op(tb.counter.bucket, OP_EQ, (BURST / 2) + RATE); + tt_int_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS + 1); + + /* No time change, nothing should move. */ + token_bucket_ctr_refill(&tb, START_TS + 1); + tt_int_op(tb.counter.bucket, OP_EQ, (BURST / 2) + RATE); + tt_int_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS + 1); + + /* Add 99 seconds, bucket should be back to a full BURST. */ + token_bucket_ctr_refill(&tb, START_TS + 99); + tt_int_op(tb.counter.bucket, OP_EQ, BURST); + tt_int_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS + 99); + + /* Empty bucket at once. */ + token_bucket_ctr_dec(&tb, BURST); + tt_int_op(tb.counter.bucket, OP_EQ, 0); + /* On second passes. */ + token_bucket_ctr_refill(&tb, START_TS + 100); + tt_int_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS + 100); + tt_int_op(tb.counter.bucket, OP_EQ, RATE); + /* A second second passes. */ + token_bucket_ctr_refill(&tb, START_TS + 101); + tt_int_op(tb.last_refilled_at_timestamp, OP_EQ, START_TS + 101); + tt_int_op(tb.counter.bucket, OP_EQ, RATE * 2); + + done: + ; +} + +#define TOKEN_BUCKET(name) \ + { #name, test_token_bucket_ ## name , 0, NULL, NULL } + +struct testcase_t token_bucket_tests[] = { + TOKEN_BUCKET(ctr_init), + TOKEN_BUCKET(ctr_adjust), + TOKEN_BUCKET(ctr_dec), + TOKEN_BUCKET(ctr_refill), + END_OF_TESTCASES +}; diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 853abc4f91..12ba873650 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define TORTLS_PRIVATE @@ -225,12 +225,12 @@ test_tortls_tor_tls_get_error(void *data) done: UNMOCK(tor_tls_cert_matches_key); - NS_UNMOCK(logv); + UNMOCK(logv); crypto_pk_free(key1); crypto_pk_free(key2); tor_tls_free(tls); } -#endif +#endif /* defined(ENABLE_OPENSSL) */ static void test_tortls_x509_cert_get_id_digests(void *ignored) @@ -347,7 +347,7 @@ test_tortls_server_got_renegotiate(void *ignored) done: tor_free(tls); } -#endif +#endif /* defined(ENABLE_OPENSSL) */ static void test_tortls_evaluate_ecgroup_for_tls(void *ignored) @@ -598,7 +598,7 @@ struct testcase_t tortls_tests[] = { LOCAL_TEST_CASE(get_forced_write_size, 0), LOCAL_TEST_CASE(used_v1_handshake, TT_FORK), LOCAL_TEST_CASE(server_got_renegotiate, 0), -#endif +#endif /* defined(ENABLE_OPENSSL) */ LOCAL_TEST_CASE(evaluate_ecgroup_for_tls, 0), LOCAL_TEST_CASE(double_init, TT_FORK), LOCAL_TEST_CASE(address, TT_FORK), diff --git a/src/test/test_tortls.h b/src/test/test_tortls.h index 1a8b117d0f..21c6fa0a8f 100644 --- a/src/test/test_tortls.h +++ b/src/test/test_tortls.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef TEST_TORTLS_H @@ -10,4 +10,4 @@ extern const char *notCompletelyValidCertString; extern const char *validCertString; extern const char *caCertString; -#endif +#endif /* !defined(TEST_TORTLS_H) */ diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c index 81c65d7446..c1a87fbb4f 100644 --- a/src/test/test_tortls_openssl.c +++ b/src/test/test_tortls_openssl.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define TORTLS_PRIVATE @@ -16,7 +16,7 @@ /* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ -DISABLE_GCC_WARNING(redundant-decls) +DISABLE_GCC_WARNING("-Wredundant-decls") #include <openssl/opensslv.h> @@ -29,7 +29,7 @@ DISABLE_GCC_WARNING(redundant-decls) #include <openssl/evp.h> #include <openssl/bn.h> -ENABLE_GCC_WARNING(redundant-decls) +ENABLE_GCC_WARNING("-Wredundant-decls") #include "core/or/or.h" #include "lib/log/log.h" @@ -46,8 +46,6 @@ ENABLE_GCC_WARNING(redundant-decls) #include "test/log_test_helpers.h" #include "test/test_tortls.h" -#define NS_MODULE tortls - #ifndef HAVE_SSL_STATE #define OPENSSL_OPAQUE #endif @@ -123,8 +121,6 @@ test_tortls_tor_tls_new(void *data) tor_tls_free_all(); } -#define NS_MODULE tortls - static void library_init(void) { @@ -133,7 +129,7 @@ library_init(void) #else SSL_library_init(); SSL_load_error_strings(); -#endif +#endif /* defined(OPENSSL_1_1_API) */ } static void @@ -476,7 +472,7 @@ fake_x509_free(X509 *cert) tor_free(cert); } } -#endif +#endif /* !defined(OPENSSL_OPAQUE) */ #ifndef OPENSSL_OPAQUE static void diff --git a/src/test/test_util.c b/src/test/test_util.c index 7f07370998..00626c7ec0 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -1,27 +1,26 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" -#define COMPAT_PRIVATE #define COMPAT_TIME_PRIVATE -#define CONTROL_PRIVATE -#define UTIL_PRIVATE #define UTIL_MALLOC_PRIVATE -#define SOCKET_PRIVATE -#define SUBPROCESS_PRIVATE +#define PROCESS_WIN32_PRIVATE #include "lib/testsupport/testsupport.h" #include "core/or/or.h" -#include "lib/container/buffers.h" +#include "lib/buf/buffers.h" #include "app/config/config.h" #include "feature/control/control.h" +#include "feature/control/control_proto.h" #include "feature/client/transports.h" #include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_rand.h" +#include "lib/defs/time.h" #include "test/test.h" #include "lib/memarea/memarea.h" #include "lib/process/waitpid.h" +#include "lib/process/process_win32.h" #include "test/log_test_helpers.h" #include "lib/compress/compress.h" #include "lib/compress/compress_zstd.h" @@ -30,8 +29,8 @@ #include "lib/fs/winlib.h" #include "lib/process/env.h" #include "lib/process/pidfile.h" -#include "lib/process/subprocess.h" #include "lib/intmath/weakrng.h" +#include "lib/intmath/muldiv.h" #include "lib/thread/numcpus.h" #include "lib/math/fp.h" #include "lib/math/laplace.h" @@ -39,6 +38,7 @@ #include "lib/time/tvdiff.h" #include "lib/encoding/confline.h" #include "lib/net/socketpair.h" +#include "lib/malloc/map_anon.h" #ifdef HAVE_PWD_H #include <pwd.h> @@ -58,6 +58,12 @@ #ifdef HAVE_UNISTD_H #include <unistd.h> #endif +#ifdef HAVE_SYS_MMAN_H +#include <sys/mman.h> +#endif +#ifdef HAVE_SYS_WAIT_H +#include <sys/wait.h> +#endif #ifdef _WIN32 #include <tchar.h> @@ -66,9 +72,36 @@ #include <ctype.h> #include <float.h> +/* These platforms don't have meaningful pwdb or homedirs. */ +#if defined(_WIN32) || defined(__ANDROID__) +#define DISABLE_PWDB_TESTS +#endif + #define INFINITY_DBL ((double)INFINITY) #define NAN_DBL ((double)NAN) +/** Test the tor_isinf() wrapper */ +static void +test_tor_isinf(void *arg) +{ + (void) arg; + + tt_assert(tor_isinf(INFINITY_DBL)); + + tt_assert(!tor_isinf(NAN_DBL)); + tt_assert(!tor_isinf(DBL_EPSILON)); + tt_assert(!tor_isinf(DBL_MAX)); + tt_assert(!tor_isinf(DBL_MIN)); + + tt_assert(!tor_isinf(0.0)); + tt_assert(!tor_isinf(0.1)); + tt_assert(!tor_isinf(3)); + tt_assert(!tor_isinf(3.14)); + + done: + ; +} + /* XXXX this is a minimal wrapper to make the unit tests compile with the * changed tor_timegm interface. */ static time_t @@ -322,6 +355,7 @@ test_util_write_chunks_to_file(void *arg) tor_free(temp_str); } +#ifndef COCCI #define _TFE(a, b, f) tt_int_op((a).f, OP_EQ, (b).f) /** test the minimum set of struct tm fields needed for a unique epoch value * this is also the set we use to test tor_timegm */ @@ -334,6 +368,7 @@ test_util_write_chunks_to_file(void *arg) _TFE(a, b, tm_min ); \ _TFE(a, b, tm_sec ); \ TT_STMT_END +#endif /* !defined(COCCI) */ static void test_util_time(void *arg) @@ -452,7 +487,6 @@ test_util_time(void *arg) /* Assume tv_usec is an unsigned integer until proven otherwise */ #define TV_USEC_MAX UINT_MAX -#define TOR_USEC_PER_SEC 1000000 /* Overflows in the result type */ @@ -1864,7 +1898,57 @@ test_util_config_line_crlf(void *arg) tor_free(k); tor_free(v); } -#ifndef _WIN32 +static void +test_util_config_line_partition(void *arg) +{ + (void)arg; + config_line_t *lines = NULL, *orig, *rest = NULL; + + config_line_append(&lines, "Header", "X"); + config_line_append(&lines, "Item", "Y"); + config_line_append(&lines, "Thing", "Z"); + + config_line_append(&lines, "HEADER", "X2"); + + config_line_append(&lines, "header", "X3"); + config_line_append(&lines, "Item3", "Foob"); + + /* set up h2 and h3 to point to the places where we hope the headers will + be. */ + config_line_t *h2 = lines->next->next->next; + config_line_t *h3 = h2->next; + tt_str_op(h2->key, OP_EQ, "HEADER"); + tt_str_op(h3->key, OP_EQ, "header"); + + orig = lines; + rest = config_lines_partition(lines, "Header"); + tt_ptr_op(lines, OP_EQ, orig); + tt_ptr_op(rest, OP_EQ, h2); + tt_str_op(lines->next->key, OP_EQ, "Item"); + tt_str_op(lines->next->next->key, OP_EQ, "Thing"); + tt_ptr_op(lines->next->next->next, OP_EQ, NULL); + config_free_lines(lines); + + orig = lines = rest; + rest = config_lines_partition(lines, "Header"); + tt_ptr_op(lines, OP_EQ, orig); + tt_ptr_op(rest, OP_EQ, h3); + tt_ptr_op(lines->next, OP_EQ, NULL); + config_free_lines(lines); + + orig = lines = rest; + rest = config_lines_partition(lines, "Header"); + tt_ptr_op(lines, OP_EQ, orig); + tt_ptr_op(rest, OP_EQ, NULL); + tt_str_op(lines->next->key, OP_EQ, "Item3"); + tt_ptr_op(lines->next->next, OP_EQ, NULL); + + done: + config_free_lines(lines); + config_free_lines(rest); +} + +#ifndef DISABLE_PWDB_TESTS static void test_util_expand_filename(void *arg) { @@ -1961,7 +2045,7 @@ test_util_expand_filename(void *arg) done: tor_free(str); } -#endif /* !defined(_WIN32) */ +#endif /* !defined(DISABLE_PWDB_TESTS) */ /** Test tor_escape_str_for_pt_args(). */ static void @@ -2106,14 +2190,14 @@ test_util_strmisc(void *arg) /* Test mem_is_zero */ memset(buf,0,128); buf[128] = 'x'; - tt_assert(tor_mem_is_zero(buf, 10)); - tt_assert(tor_mem_is_zero(buf, 20)); - tt_assert(tor_mem_is_zero(buf, 128)); - tt_assert(!tor_mem_is_zero(buf, 129)); + tt_assert(fast_mem_is_zero(buf, 10)); + tt_assert(fast_mem_is_zero(buf, 20)); + tt_assert(fast_mem_is_zero(buf, 128)); + tt_assert(!fast_mem_is_zero(buf, 129)); buf[60] = (char)255; - tt_assert(!tor_mem_is_zero(buf, 128)); + tt_assert(!fast_mem_is_zero(buf, 128)); buf[0] = (char)1; - tt_assert(!tor_mem_is_zero(buf, 10)); + tt_assert(!fast_mem_is_zero(buf, 10)); /* Test 'escaped' */ tt_ptr_op(escaped(NULL), OP_EQ, NULL); @@ -2227,15 +2311,6 @@ test_util_strmisc(void *arg) tt_int_op(strcmp_opt(NULL, "foo"), OP_LT, 0); tt_int_op(strcmp_opt("foo", NULL), OP_GT, 0); - /* Test strcmp_len */ - tt_int_op(strcmp_len("foo", "bar", 3), OP_GT, 0); - tt_int_op(strcmp_len("foo", "bar", 2), OP_LT, 0); - tt_int_op(strcmp_len("foo2", "foo1", 4), OP_GT, 0); - tt_int_op(strcmp_len("foo2", "foo1", 3), OP_LT, 0); /* Really stop at len */ - tt_int_op(strcmp_len("foo2", "foo", 3), OP_EQ, 0); /* Really stop at len */ - tt_int_op(strcmp_len("blah", "", 4), OP_GT, 0); - tt_int_op(strcmp_len("blah", "", 0), OP_EQ, 0); - done: tor_free(cp_tmp); } @@ -3817,7 +3892,7 @@ test_util_memarea(void *arg) tt_int_op(((uintptr_t)p3) % sizeof(void*),OP_EQ, 0); tt_assert(!memarea_owns_ptr(area, p3+8192)); tt_assert(!memarea_owns_ptr(area, p3+30)); - tt_assert(tor_mem_is_zero(p2, 52)); + tt_assert(fast_mem_is_zero(p2, 52)); /* Make sure we don't overalign. */ p1 = memarea_alloc(area, 1); p2 = memarea_alloc(area, 1); @@ -4098,6 +4173,13 @@ test_util_string_is_utf8(void *ptr) tt_int_op(1, OP_EQ, string_is_utf8("ascii\x7f\n", 7)); tt_int_op(1, OP_EQ, string_is_utf8("Risqu\u00e9=1", 9)); + /* Test the utf8_no_bom function */ + tt_int_op(0, OP_EQ, string_is_utf8_no_bom("\uFEFF", 3)); + tt_int_op(0, OP_EQ, string_is_utf8_no_bom("\uFFFE", 3)); + tt_int_op(0, OP_EQ, string_is_utf8_no_bom("\uFEFFlove", 7)); + tt_int_op(1, OP_EQ, string_is_utf8_no_bom("loveandrespect", + strlen("loveandrespect"))); + // Validate exactly 'len' bytes. tt_int_op(0, OP_EQ, string_is_utf8("\0\x80", 2)); tt_int_op(0, OP_EQ, string_is_utf8("Risqu\u00e9=1", 6)); @@ -4125,10 +4207,43 @@ test_util_string_is_utf8(void *ptr) tt_int_op(0, OP_EQ, string_is_utf8("\xed\xbf\xbf", 3)); tt_int_op(1, OP_EQ, string_is_utf8("\xee\x80\x80", 3)); - // The maximum legal codepoint, 10FFFF. + // The minimum legal codepoint, 0x00. + tt_int_op(1, OP_EQ, string_is_utf8("\0", 1)); + + // The maximum legal codepoint, 0x10FFFF. tt_int_op(1, OP_EQ, string_is_utf8("\xf4\x8f\xbf\xbf", 4)); tt_int_op(0, OP_EQ, string_is_utf8("\xf4\x90\x80\x80", 4)); + /* Test cases that vary between programming languages / + * UTF-8 implementations. + * Source: POC||GTFO 19, page 43 + * https://www.alchemistowl.org/pocorgtfo/ + */ + + // Invalid (in most implementations) + // surrogate + tt_int_op(0, OP_EQ, string_is_utf8("\xed\xa0\x81", 3)); + // nullsurrog + tt_int_op(0, OP_EQ, string_is_utf8("\x30\x00\xed\xa0\x81", 5)); + // threehigh + tt_int_op(0, OP_EQ, string_is_utf8("\xed\xbf\xbf", 3)); + // fourhigh + tt_int_op(0, OP_EQ, string_is_utf8("\xf4\x90\xbf\xbf", 4)); + // fivebyte + tt_int_op(0, OP_EQ, string_is_utf8("\xfb\x80\x80\x80\x80", 5)); + // sixbyte + tt_int_op(0, OP_EQ, string_is_utf8("\xfd\x80\x80\x80\x80", 5)); + // sixhigh + tt_int_op(0, OP_EQ, string_is_utf8("\xfd\xbf\xbf\xbf\xbf", 5)); + + // Valid (in most implementations) + // fourbyte + tt_int_op(1, OP_EQ, string_is_utf8("\xf0\x90\x8d\x88", 4)); + // fourbyte2 + tt_int_op(1, OP_EQ, string_is_utf8("\xf0\xbf\xbf\xbf", 4)); + // nullbyte + tt_int_op(1, OP_EQ, string_is_utf8("\x30\x31\x32\x00\x33", 5)); + done: ; } @@ -4368,204 +4483,6 @@ test_util_load_win_lib(void *ptr) } #endif /* defined(_WIN32) */ -#ifndef _WIN32 -static void -clear_hex_errno(char *hex_errno) -{ - memset(hex_errno, '\0', HEX_ERRNO_SIZE + 1); -} - -static void -test_util_exit_status(void *ptr) -{ - /* Leave an extra byte for a \0 so we can do string comparison */ - char hex_errno[HEX_ERRNO_SIZE + 1]; - int n; - - (void)ptr; - - clear_hex_errno(hex_errno); - tt_str_op("",OP_EQ, hex_errno); - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0, 0, hex_errno); - tt_str_op("0/0\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - -#if SIZEOF_INT == 4 - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0, 0x7FFFFFFF, hex_errno); - tt_str_op("0/7FFFFFFF\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0xFF, -0x80000000, hex_errno); - tt_str_op("FF/-80000000\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - tt_int_op(n,OP_EQ, HEX_ERRNO_SIZE); - -#elif SIZEOF_INT == 8 - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0, 0x7FFFFFFFFFFFFFFF, hex_errno); - tt_str_op("0/7FFFFFFFFFFFFFFF\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0xFF, -0x8000000000000000, hex_errno); - tt_str_op("FF/-8000000000000000\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - tt_int_op(n,OP_EQ, HEX_ERRNO_SIZE); - -#endif /* SIZEOF_INT == 4 || ... */ - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0x7F, 0, hex_errno); - tt_str_op("7F/0\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - - clear_hex_errno(hex_errno); - n = format_helper_exit_status(0x08, -0x242, hex_errno); - tt_str_op("8/-242\n",OP_EQ, hex_errno); - tt_int_op(n,OP_EQ, strlen(hex_errno)); - - clear_hex_errno(hex_errno); - tt_str_op("",OP_EQ, hex_errno); - - done: - ; -} -#endif /* !defined(_WIN32) */ - -#ifndef _WIN32 -static void -test_util_string_from_pipe(void *ptr) -{ - int test_pipe[2] = {-1, -1}; - int retval = 0; - enum stream_status status = IO_STREAM_TERM; - ssize_t retlen; - char buf[4] = { 0 }; - - (void)ptr; - - errno = 0; - - /* Set up a pipe to test on */ - retval = pipe(test_pipe); - tt_int_op(retval, OP_EQ, 0); - - /* Send in a string. */ - retlen = write(test_pipe[1], "ABC", 3); - tt_int_op(retlen, OP_EQ, 3); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "ABC"); - errno = 0; - - /* Send in a string that contains a nul. */ - retlen = write(test_pipe[1], "AB\0", 3); - tt_int_op(retlen, OP_EQ, 3); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "AB"); - errno = 0; - - /* Send in a string that contains a nul only. */ - retlen = write(test_pipe[1], "\0", 1); - tt_int_op(retlen, OP_EQ, 1); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, ""); - errno = 0; - - /* Send in a string that contains a trailing newline. */ - retlen = write(test_pipe[1], "AB\n", 3); - tt_int_op(retlen, OP_EQ, 3); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "AB"); - errno = 0; - - /* Send in a string that contains a newline only. */ - retlen = write(test_pipe[1], "\n", 1); - tt_int_op(retlen, OP_EQ, 1); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, ""); - errno = 0; - - /* Send in a string and check that we nul terminate return values. */ - retlen = write(test_pipe[1], "AAA", 3); - tt_int_op(retlen, OP_EQ, 3); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "AAA"); - tt_mem_op(buf, OP_EQ, "AAA\0", sizeof(buf)); - errno = 0; - - retlen = write(test_pipe[1], "B", 1); - tt_int_op(retlen, OP_EQ, 1); - - memset(buf, '\xff', sizeof(buf)); - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "B"); - tt_mem_op(buf, OP_EQ, "B\0\xff\xff", sizeof(buf)); - errno = 0; - - /* Send in multiple lines. */ - retlen = write(test_pipe[1], "A\nB", 3); - tt_int_op(retlen, OP_EQ, 3); - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "A\nB"); - errno = 0; - - /* Send in a line and close */ - retlen = write(test_pipe[1], "AB", 2); - tt_int_op(retlen, OP_EQ, 2); - retval = close(test_pipe[1]); - tt_int_op(retval, OP_EQ, 0); - test_pipe[1] = -1; - - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_OKAY); - tt_str_op(buf, OP_EQ, "AB"); - errno = 0; - - /* Check for EOF */ - status = get_string_from_pipe(test_pipe[0], buf, sizeof(buf)-1); - tt_int_op(errno, OP_EQ, 0); - tt_int_op(status, OP_EQ, IO_STREAM_CLOSED); - errno = 0; - - done: - if (test_pipe[0] != -1) - close(test_pipe[0]); - if (test_pipe[1] != -1) - close(test_pipe[1]); -} - -#endif /* !defined(_WIN32) */ - /** * Test for format_hex_number_sigsafe() */ @@ -4660,57 +4577,6 @@ test_util_format_dec_number(void *ptr) return; } -/** - * Test that we can properly format a Windows command line - */ -static void -test_util_join_win_cmdline(void *ptr) -{ - /* Based on some test cases from "Parsing C++ Command-Line Arguments" in - * MSDN but we don't exercise all quoting rules because tor_join_win_cmdline - * will try to only generate simple cases for the child process to parse; - * i.e. we never embed quoted strings in arguments. */ - - const char *argvs[][4] = { - {"a", "bb", "CCC", NULL}, // Normal - {NULL, NULL, NULL, NULL}, // Empty argument list - {"", NULL, NULL, NULL}, // Empty argument - {"\"a", "b\"b", "CCC\"", NULL}, // Quotes - {"a\tbc", "dd dd", "E", NULL}, // Whitespace - {"a\\\\\\b", "de fg", "H", NULL}, // Backslashes - {"a\\\"b", "\\c", "D\\", NULL}, // Backslashes before quote - {"a\\\\b c", "d", "E", NULL}, // Backslashes not before quote - { NULL } // Terminator - }; - - const char *cmdlines[] = { - "a bb CCC", - "", - "\"\"", - "\\\"a b\\\"b CCC\\\"", - "\"a\tbc\" \"dd dd\" E", - "a\\\\\\b \"de fg\" H", - "a\\\\\\\"b \\c D\\", - "\"a\\\\b c\" d E", - NULL // Terminator - }; - - int i; - char *joined_argv = NULL; - - (void)ptr; - - for (i=0; cmdlines[i]!=NULL; i++) { - log_info(LD_GENERAL, "Joining argvs[%d], expecting <%s>", i, cmdlines[i]); - joined_argv = tor_join_win_cmdline(argvs[i]); - tt_str_op(cmdlines[i],OP_EQ, joined_argv); - tor_free(joined_argv); - } - - done: - tor_free(joined_argv); -} - #define MAX_SPLIT_LINE_COUNT 4 struct split_lines_test_t { const char *orig_line; // Line to be split (may contain \0's) @@ -4718,67 +4584,6 @@ struct split_lines_test_t { const char *split_line[MAX_SPLIT_LINE_COUNT]; // Split lines }; -/** - * Test that we properly split a buffer into lines - */ -static void -test_util_split_lines(void *ptr) -{ - /* Test cases. orig_line of last test case must be NULL. - * The last element of split_line[i] must be NULL. */ - struct split_lines_test_t tests[] = { - {"", 0, {NULL}}, - {"foo", 3, {"foo", NULL}}, - {"\n\rfoo\n\rbar\r\n", 12, {"foo", "bar", NULL}}, - {"fo o\r\nb\tar", 10, {"fo o", "b.ar", NULL}}, - {"\x0f""f\0o\0\n\x01""b\0r\0\r", 12, {".f.o.", ".b.r.", NULL}}, - {"line 1\r\nline 2", 14, {"line 1", "line 2", NULL}}, - {"line 1\r\n\r\nline 2", 16, {"line 1", "line 2", NULL}}, - {"line 1\r\n\r\r\r\nline 2", 18, {"line 1", "line 2", NULL}}, - {"line 1\r\n\n\n\n\rline 2", 18, {"line 1", "line 2", NULL}}, - {"line 1\r\n\r\t\r\nline 3", 18, {"line 1", ".", "line 3", NULL}}, - {"\n\t\r\t\nline 3", 11, {".", ".", "line 3", NULL}}, - {NULL, 0, { NULL }} - }; - - int i, j; - char *orig_line=NULL; - smartlist_t *sl=NULL; - - (void)ptr; - - for (i=0; tests[i].orig_line; i++) { - sl = smartlist_new(); - /* Allocate space for string and trailing NULL */ - orig_line = tor_memdup(tests[i].orig_line, tests[i].orig_length + 1); - tor_split_lines(sl, orig_line, tests[i].orig_length); - - j = 0; - log_info(LD_GENERAL, "Splitting test %d of length %d", - i, tests[i].orig_length); - SMARTLIST_FOREACH_BEGIN(sl, const char *, line) { - /* Check we have not got too many lines */ - tt_int_op(MAX_SPLIT_LINE_COUNT, OP_GT, j); - /* Check that there actually should be a line here */ - tt_ptr_op(tests[i].split_line[j], OP_NE, NULL); - log_info(LD_GENERAL, "Line %d of test %d, should be <%s>", - j, i, tests[i].split_line[j]); - /* Check that the line is as expected */ - tt_str_op(line,OP_EQ, tests[i].split_line[j]); - j++; - } SMARTLIST_FOREACH_END(line); - /* Check that we didn't miss some lines */ - tt_ptr_op(NULL,OP_EQ, tests[i].split_line[j]); - tor_free(orig_line); - smartlist_free(sl); - sl = NULL; - } - - done: - tor_free(orig_line); - smartlist_free(sl); -} - static void test_util_di_ops(void *arg) { @@ -4865,6 +4670,35 @@ test_util_di_ops(void *arg) } static void +test_util_memcpy_iftrue_timei(void *arg) +{ + (void)arg; + char buf1[25]; + char buf2[25]; + char buf3[25]; + + for (int i = 0; i < 100; ++i) { + crypto_rand(buf1, sizeof(buf1)); + crypto_rand(buf2, sizeof(buf2)); + memcpy(buf3, buf1, sizeof(buf1)); + + /* We just copied buf1 into buf3. Now we're going to copy buf2 into buf2, + iff our coin flip comes up heads. */ + bool coinflip = crypto_rand_int(2) == 0; + + memcpy_if_true_timei(coinflip, buf3, buf2, sizeof(buf3)); + + if (coinflip) { + tt_mem_op(buf3, OP_EQ, buf2, sizeof(buf2)); + } else { + tt_mem_op(buf3, OP_EQ, buf1, sizeof(buf1)); + } + } + done: + ; +} + +static void test_util_di_map(void *arg) { (void)arg; @@ -5730,6 +5564,13 @@ test_util_socketpair(void *arg) tt_skip(); } #endif /* defined(__FreeBSD__) */ +#ifdef ENETUNREACH + if (ersatz && socketpair_result == -ENETUNREACH) { + /* We can also fail with -ENETUNREACH if we have no network stack at + * all. */ + tt_skip(); + } +#endif /* defined(ENETUNREACH) */ tt_int_op(0, OP_EQ, socketpair_result); tt_assert(SOCKET_OK(fds[0])); @@ -5858,7 +5699,7 @@ test_util_hostname_validation(void *arg) tt_assert(string_is_valid_nonrfc_hostname("luck.y13.")); // We allow punycode TLDs. For examples, see - // http://data.iana.org/TLD/tlds-alpha-by-domain.txt + // https://data.iana.org/TLD/tlds-alpha-by-domain.txt tt_assert(string_is_valid_nonrfc_hostname("example.xn--l1acc")); done: @@ -5882,6 +5723,18 @@ test_util_ipv4_validation(void *arg) } static void +test_util_ipv6_validation(void *arg) +{ + (void)arg; + + tt_assert(string_is_valid_ipv6_address("2a00:1450:401b:800::200e")); + tt_assert(!string_is_valid_ipv6_address("11:22::33:44:")); + + done: + return; +} + +static void test_util_writepid(void *arg) { (void) arg; @@ -5965,7 +5818,7 @@ test_util_touch_file(void *arg) ; } -#ifndef _WIN32 +#ifndef DISABLE_PWDB_TESTS static void test_util_pwdb(void *arg) { @@ -6037,7 +5890,7 @@ test_util_pwdb(void *arg) tor_free(dir); teardown_capture_of_logs(); } -#endif /* !defined(_WIN32) */ +#endif /* !defined(DISABLE_PWDB_TESTS) */ static void test_util_calloc_check(void *arg) @@ -6285,6 +6138,14 @@ test_util_nowrap_math(void *arg) tt_u64_op(UINT32_MAX, OP_EQ, tor_add_u32_nowrap(2, UINT32_MAX-1)); tt_u64_op(UINT32_MAX, OP_EQ, tor_add_u32_nowrap(UINT32_MAX, UINT32_MAX)); + tt_u64_op(0, OP_EQ, tor_mul_u64_nowrap(0, 0)); + tt_u64_op(1, OP_EQ, tor_mul_u64_nowrap(1, 1)); + tt_u64_op(2, OP_EQ, tor_mul_u64_nowrap(2, 1)); + tt_u64_op(4, OP_EQ, tor_mul_u64_nowrap(2, 2)); + tt_u64_op(UINT64_MAX, OP_EQ, tor_mul_u64_nowrap(UINT64_MAX, 1)); + tt_u64_op(UINT64_MAX, OP_EQ, tor_mul_u64_nowrap(2, UINT64_MAX)); + tt_u64_op(UINT64_MAX, OP_EQ, tor_mul_u64_nowrap(UINT64_MAX, UINT64_MAX)); + done: ; } @@ -6394,40 +6255,168 @@ test_util_get_unquoted_path(void *arg) tor_free(r); } +static void +test_util_map_anon(void *arg) +{ + (void)arg; + char *ptr = NULL; + size_t sz = 16384; + unsigned inherit=0; + + /* Basic checks. */ + ptr = tor_mmap_anonymous(sz, 0, &inherit); + tt_ptr_op(ptr, OP_NE, 0); + tt_int_op(inherit, OP_EQ, INHERIT_RES_KEEP); + ptr[sz-1] = 3; + tt_int_op(ptr[0], OP_EQ, 0); + tt_int_op(ptr[sz-2], OP_EQ, 0); + tt_int_op(ptr[sz-1], OP_EQ, 3); + + /* Try again, with a private (non-swappable) mapping. */ + tor_munmap_anonymous(ptr, sz); + ptr = tor_mmap_anonymous(sz, ANONMAP_PRIVATE, &inherit); + tt_ptr_op(ptr, OP_NE, 0); + tt_int_op(inherit, OP_EQ, INHERIT_RES_KEEP); + ptr[sz-1] = 10; + tt_int_op(ptr[0], OP_EQ, 0); + tt_int_op(ptr[sz/2], OP_EQ, 0); + tt_int_op(ptr[sz-1], OP_EQ, 10); + + /* Now let's test a drop-on-fork mapping. */ + tor_munmap_anonymous(ptr, sz); + ptr = tor_mmap_anonymous(sz, ANONMAP_NOINHERIT, &inherit); + tt_ptr_op(ptr, OP_NE, 0); + ptr[sz-1] = 10; + tt_int_op(ptr[0], OP_EQ, 0); + tt_int_op(ptr[sz/2], OP_EQ, 0); + tt_int_op(ptr[sz-1], OP_EQ, 10); + + done: + tor_munmap_anonymous(ptr, sz); +} + +static void +test_util_map_anon_nofork(void *arg) +{ + (void)arg; +#ifdef _WIN32 + /* The operating system doesn't support forking. */ + tt_skip(); + done: + ; +#else /* !defined(_WIN32) */ + /* We have the right OS support. We're going to try marking the buffer as + * either zero-on-fork or as drop-on-fork, whichever is supported. Then we + * will fork and send a byte back to the parent process. This will either + * crash, or send zero. */ + + char *ptr = NULL; + const char TEST_VALUE = 0xd0; + size_t sz = 16384; + int pipefd[2] = {-1, -1}; + unsigned inherit=0; + + tor_munmap_anonymous(ptr, sz); + ptr = tor_mmap_anonymous(sz, ANONMAP_NOINHERIT, &inherit); + tt_ptr_op(ptr, OP_NE, 0); + memset(ptr, (uint8_t)TEST_VALUE, sz); + + tt_int_op(0, OP_EQ, pipe(pipefd)); + pid_t child = fork(); + if (child == 0) { + /* We're in the child. */ + close(pipefd[0]); + ssize_t r = write(pipefd[1], &ptr[sz-1], 1); /* This may crash. */ + close(pipefd[1]); + if (r < 0) + exit(1); + exit(0); + } + tt_int_op(child, OP_GT, 0); + /* In the parent. */ + close(pipefd[1]); + pipefd[1] = -1; + char buf[1]; + ssize_t r = read(pipefd[0], buf, 1); + + if (inherit == INHERIT_RES_ZERO) { + // We should be seeing clear-on-fork behavior. + tt_int_op((int)r, OP_EQ, 1); // child should send us a byte. + tt_int_op(buf[0], OP_EQ, 0); // that byte should be zero. + } else if (inherit == INHERIT_RES_DROP) { + // We should be seeing noinherit behavior. + tt_int_op(r, OP_LE, 0); // child said nothing; it should have crashed. + } else { + // noinherit isn't implemented. + tt_int_op(inherit, OP_EQ, INHERIT_RES_KEEP); + tt_int_op((int)r, OP_EQ, 1); // child should send us a byte. + tt_int_op(buf[0], OP_EQ, TEST_VALUE); // that byte should be TEST_VALUE. + } + + int ws; + waitpid(child, &ws, 0); + +#ifndef NOINHERIT_CAN_FAIL + /* Only if NOINHERIT_CAN_FAIL should it be possible for us to get + * INHERIT_KEEP behavior in this case. */ + tt_int_op(inherit, OP_NE, INHERIT_RES_KEEP); +#else + if (inherit == INHERIT_RES_KEEP) { + /* Call this test "skipped", not "passed", since noinherit wasn't + * implemented. */ + tt_skip(); + } +#endif /* !defined(NOINHERIT_CAN_FAIL) */ + + done: + tor_munmap_anonymous(ptr, sz); + if (pipefd[0] >= 0) { + close(pipefd[0]); + } + if (pipefd[1] >= 0) { + close(pipefd[1]); + } +#endif /* defined(_WIN32) */ +} + +#ifndef COCCI #define UTIL_LEGACY(name) \ - { #name, test_util_ ## name , 0, NULL, NULL } + { (#name), test_util_ ## name , 0, NULL, NULL } #define UTIL_TEST(name, flags) \ - { #name, test_util_ ## name, flags, NULL, NULL } + { (#name), test_util_ ## name, flags, NULL, NULL } #define COMPRESS(name, identifier) \ - { "compress/" #name, test_util_compress, 0, &compress_setup, \ + { ("compress/" #name), test_util_compress, 0, &compress_setup, \ (char*)(identifier) } #define COMPRESS_CONCAT(name, identifier) \ - { "compress_concat/" #name, test_util_decompress_concatenated, 0, \ + { ("compress_concat/" #name), test_util_decompress_concatenated, 0, \ &compress_setup, \ (char*)(identifier) } #define COMPRESS_JUNK(name, identifier) \ - { "compress_junk/" #name, test_util_decompress_junk, 0, \ + { ("compress_junk/" #name), test_util_decompress_junk, 0, \ &compress_setup, \ (char*)(identifier) } #define COMPRESS_DOS(name, identifier) \ - { "compress_dos/" #name, test_util_decompress_dos, 0, \ + { ("compress_dos/" #name), test_util_decompress_dos, 0, \ &compress_setup, \ (char*)(identifier) } #ifdef _WIN32 -#define UTIL_TEST_NO_WIN(n, f) { #n, NULL, TT_SKIP, NULL, NULL } #define UTIL_TEST_WIN_ONLY(n, f) UTIL_TEST(n, (f)) -#define UTIL_LEGACY_NO_WIN(n) UTIL_TEST_NO_WIN(n, 0) #else -#define UTIL_TEST_NO_WIN(n, f) UTIL_TEST(n, (f)) -#define UTIL_TEST_WIN_ONLY(n, f) { #n, NULL, TT_SKIP, NULL, NULL } -#define UTIL_LEGACY_NO_WIN(n) UTIL_LEGACY(n) -#endif /* defined(_WIN32) */ +#define UTIL_TEST_WIN_ONLY(n, f) { (#n), NULL, TT_SKIP, NULL, NULL } +#endif + +#ifdef DISABLE_PWDB_TESTS +#define UTIL_TEST_PWDB(n, f) { (#n), NULL, TT_SKIP, NULL, NULL } +#else +#define UTIL_TEST_PWDB(n, f) UTIL_TEST(n, (f)) +#endif +#endif /* !defined(COCCI) */ struct testcase_t util_tests[] = { UTIL_LEGACY(time), @@ -6437,7 +6426,8 @@ struct testcase_t util_tests[] = { UTIL_LEGACY(config_line_comment_character), UTIL_LEGACY(config_line_escaped_content), UTIL_LEGACY(config_line_crlf), - UTIL_LEGACY_NO_WIN(expand_filename), + UTIL_TEST(config_line_partition, 0), + UTIL_TEST_PWDB(expand_filename, 0), UTIL_LEGACY(escape_string_socks), UTIL_LEGACY(string_is_key_value), UTIL_LEGACY(strmisc), @@ -6473,6 +6463,7 @@ struct testcase_t util_tests[] = { UTIL_LEGACY(path_is_relative), UTIL_LEGACY(strtok), UTIL_LEGACY(di_ops), + UTIL_TEST(memcpy_iftrue_timei, 0), UTIL_TEST(di_map, 0), UTIL_TEST(round_to_next_multiple_of, 0), UTIL_TEST(laplace, 0), @@ -6487,12 +6478,8 @@ struct testcase_t util_tests[] = { UTIL_TEST(nowrap_math, 0), UTIL_TEST(num_cpus, 0), UTIL_TEST_WIN_ONLY(load_win_lib, 0), - UTIL_TEST_NO_WIN(exit_status, 0), - UTIL_TEST_NO_WIN(string_from_pipe, 0), UTIL_TEST(format_hex_number, 0), UTIL_TEST(format_dec_number, 0), - UTIL_TEST(join_win_cmdline, 0), - UTIL_TEST(split_lines, 0), UTIL_TEST(n_bits_set, 0), UTIL_TEST(eat_whitespace, 0), UTIL_TEST(sl_new_from_text_lines, 0), @@ -6510,6 +6497,7 @@ struct testcase_t util_tests[] = { UTIL_TEST(mathlog, 0), UTIL_TEST(fraction, 0), UTIL_TEST(weak_random, 0), + { "tor_isinf", test_tor_isinf, TT_FORK, NULL, NULL }, { "socket_ipv4", test_util_socket, TT_FORK, &passthrough_setup, (void*)"4" }, { "socket_ipv6", test_util_socket, TT_FORK, @@ -6522,10 +6510,11 @@ struct testcase_t util_tests[] = { UTIL_TEST(hostname_validation, 0), UTIL_TEST(dest_validation_edgecase, 0), UTIL_TEST(ipv4_validation, 0), + UTIL_TEST(ipv6_validation, 0), UTIL_TEST(writepid, 0), UTIL_TEST(get_avail_disk_space, 0), UTIL_TEST(touch_file, 0), - UTIL_TEST_NO_WIN(pwdb, TT_FORK), + UTIL_TEST_PWDB(pwdb, TT_FORK), UTIL_TEST(calloc_check, 0), UTIL_TEST(monotonic_time, 0), UTIL_TEST(monotonic_time_ratchet, TT_FORK), @@ -6533,5 +6522,7 @@ struct testcase_t util_tests[] = { UTIL_TEST(monotonic_time_add_msec, 0), UTIL_TEST(htonll, 0), UTIL_TEST(get_unquoted_path, 0), + UTIL_TEST(map_anon, 0), + UTIL_TEST(map_anon_nofork, 0), END_OF_TESTCASES }; diff --git a/src/test/test_util_format.c b/src/test/test_util_format.c index d344d0e95c..726e8e7427 100644 --- a/src/test/test_util_format.c +++ b/src/test/test_util_format.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" @@ -7,11 +7,8 @@ #include "test/test.h" #include "lib/crypt_ops/crypto_rand.h" -#define UTIL_FORMAT_PRIVATE #include "lib/encoding/binascii.h" -#define NS_MODULE util_format - static void test_util_format_unaligned_accessors(void *ignored) { @@ -346,7 +343,7 @@ test_util_format_base32_decode(void *arg) const char *src = "mjwgc2dcnrswqmjs"; ret = base32_decode(dst, strlen(expected), src, strlen(src)); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, 10); tt_str_op(expected, OP_EQ, dst); } @@ -357,7 +354,7 @@ test_util_format_base32_decode(void *arg) const char *src = "mjwgc2dcnrswq"; ret = base32_decode(dst, strlen(expected), src, strlen(src)); - tt_int_op(ret, OP_EQ, 0); + tt_int_op(ret, OP_EQ, 8); tt_mem_op(expected, OP_EQ, dst, strlen(expected)); } @@ -367,7 +364,7 @@ test_util_format_base32_decode(void *arg) ret = base32_decode(dst, real_dstlen, "#abcde", 6); tt_int_op(ret, OP_EQ, -1); /* Make sure the destination buffer has been zeroed even on error. */ - tt_int_op(tor_mem_is_zero(dst, real_dstlen), OP_EQ, 1); + tt_int_op(fast_mem_is_zero(dst, real_dstlen), OP_EQ, 1); } done: @@ -392,10 +389,13 @@ test_util_format_encoded_size(void *arg) base64_encode(outbuf, sizeof(outbuf), (char *)inbuf, i, 0); tt_int_op(strlen(outbuf), OP_EQ, base64_encode_size(i, 0)); + tt_int_op(i, OP_LE, base64_decode_maxsize(strlen(outbuf))); + base64_encode(outbuf, sizeof(outbuf), (char *)inbuf, i, BASE64_ENCODE_MULTILINE); tt_int_op(strlen(outbuf), OP_EQ, base64_encode_size(i, BASE64_ENCODE_MULTILINE)); + tt_int_op(i, OP_LE, base64_decode_maxsize(strlen(outbuf))); } done: @@ -417,4 +417,3 @@ struct testcase_t util_format_tests[] = { { "encoded_size", test_util_format_encoded_size, 0, NULL, NULL }, END_OF_TESTCASES }; - diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c index 4d04eb6dfc..fc79fe9b1f 100644 --- a/src/test/test_util_process.c +++ b/src/test/test_util_process.c @@ -1,7 +1,6 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -#define UTIL_PROCESS_PRIVATE #include "orconfig.h" #include "core/or/or.h" @@ -12,7 +11,6 @@ #include "test/log_test_helpers.h" #ifndef _WIN32 -#define NS_MODULE util_process static void temp_callback(int r, void *s) @@ -69,15 +67,16 @@ test_util_process_clear_waitpid_callback(void *ignored) } #endif /* !defined(_WIN32) */ +#ifndef COCCI #ifndef _WIN32 -#define TEST(name) { #name, test_util_process_##name, 0, NULL, NULL } +#define TEST(name) { (#name), test_util_process_##name, 0, NULL, NULL } #else -#define TEST(name) { #name, NULL, TT_SKIP, NULL, NULL } +#define TEST(name) { (#name), NULL, TT_SKIP, NULL, NULL } #endif +#endif /* !defined(COCCI) */ struct testcase_t util_process_tests[] = { TEST(set_waitpid_callback), TEST(clear_waitpid_callback), END_OF_TESTCASES }; - diff --git a/src/test/test_util_slow.c b/src/test/test_util_slow.c deleted file mode 100644 index 29e30eaa11..0000000000 --- a/src/test/test_util_slow.c +++ /dev/null @@ -1,396 +0,0 @@ -/* Copyright (c) 2001-2004, Roger Dingledine. - * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -#include "orconfig.h" -#define UTIL_PRIVATE -#define SUBPROCESS_PRIVATE -#include "lib/crypt_ops/crypto_cipher.h" -#include "lib/log/log.h" -#include "lib/process/subprocess.h" -#include "lib/process/waitpid.h" -#include "lib/string/printf.h" -#include "lib/time/compat_time.h" -#include "test/test.h" - -#include <errno.h> -#include <string.h> - -#ifndef BUILDDIR -#define BUILDDIR "." -#endif - -#ifdef _WIN32 -#define notify_pending_waitpid_callbacks() STMT_NIL -#define TEST_CHILD "test-child.exe" -#define EOL "\r\n" -#else -#define TEST_CHILD (BUILDDIR "/src/test/test-child") -#define EOL "\n" -#endif /* defined(_WIN32) */ - -#ifdef _WIN32 -/* I've assumed Windows doesn't have the gap between fork and exec - * that causes the race condition on unix-like platforms */ -#define MATCH_PROCESS_STATUS(s1,s2) ((s1) == (s2)) - -#else /* !(defined(_WIN32)) */ -/* work around a race condition of the timing of SIGCHLD handler updates - * to the process_handle's fields, and checks of those fields - * - * TODO: Once we can signal failure to exec, change PROCESS_STATUS_RUNNING to - * PROCESS_STATUS_ERROR (and similarly with *_OR_NOTRUNNING) */ -#define PROCESS_STATUS_RUNNING_OR_NOTRUNNING (PROCESS_STATUS_RUNNING+1) -#define IS_RUNNING_OR_NOTRUNNING(s) \ - ((s) == PROCESS_STATUS_RUNNING || (s) == PROCESS_STATUS_NOTRUNNING) -/* well, this is ugly */ -#define MATCH_PROCESS_STATUS(s1,s2) \ - ( (s1) == (s2) \ - ||((s1) == PROCESS_STATUS_RUNNING_OR_NOTRUNNING \ - && IS_RUNNING_OR_NOTRUNNING(s2)) \ - ||((s2) == PROCESS_STATUS_RUNNING_OR_NOTRUNNING \ - && IS_RUNNING_OR_NOTRUNNING(s1))) - -#endif /* defined(_WIN32) */ - -/** Helper function for testing tor_spawn_background */ -static void -run_util_spawn_background(const char *argv[], const char *expected_out, - const char *expected_err, int expected_exit, - int expected_status) -{ - int retval, exit_code; - ssize_t pos; - process_handle_t *process_handle=NULL; - char stdout_buf[100], stderr_buf[100]; - int status; - - /* Start the program */ -#ifdef _WIN32 - status = tor_spawn_background(NULL, argv, NULL, &process_handle); -#else - status = tor_spawn_background(argv[0], argv, NULL, &process_handle); -#endif - - notify_pending_waitpid_callbacks(); - - /* the race condition doesn't affect status, - * because status isn't updated by the SIGCHLD handler, - * but we still need to handle PROCESS_STATUS_RUNNING_OR_NOTRUNNING */ - tt_assert(MATCH_PROCESS_STATUS(expected_status, status)); - if (status == PROCESS_STATUS_ERROR) { - tt_ptr_op(process_handle, OP_EQ, NULL); - return; - } - - tt_ptr_op(process_handle, OP_NE, NULL); - - /* When a spawned process forks, fails, then exits very quickly, - * (this typically occurs when exec fails) - * there is a race condition between the SIGCHLD handler - * updating the process_handle's fields, and this test - * checking the process status in those fields. - * The SIGCHLD update can occur before or after the code below executes. - * This causes intermittent failures in spawn_background_fail(), - * typically when the machine is under load. - * We use PROCESS_STATUS_RUNNING_OR_NOTRUNNING to avoid this issue. */ - - /* the race condition affects the change in - * process_handle->status from RUNNING to NOTRUNNING */ - tt_assert(MATCH_PROCESS_STATUS(expected_status, process_handle->status)); - -#ifndef _WIN32 - notify_pending_waitpid_callbacks(); - /* the race condition affects the change in - * process_handle->waitpid_cb to NULL, - * so we skip the check if expected_status is ambiguous, - * that is, PROCESS_STATUS_RUNNING_OR_NOTRUNNING */ - tt_assert(process_handle->waitpid_cb != NULL - || expected_status == PROCESS_STATUS_RUNNING_OR_NOTRUNNING); -#endif /* !defined(_WIN32) */ - -#ifdef _WIN32 - tt_assert(process_handle->stdout_pipe != INVALID_HANDLE_VALUE); - tt_assert(process_handle->stderr_pipe != INVALID_HANDLE_VALUE); - tt_assert(process_handle->stdin_pipe != INVALID_HANDLE_VALUE); -#else - tt_assert(process_handle->stdout_pipe >= 0); - tt_assert(process_handle->stderr_pipe >= 0); - tt_assert(process_handle->stdin_pipe >= 0); -#endif /* defined(_WIN32) */ - - /* Check stdout */ - pos = tor_read_all_from_process_stdout(process_handle, stdout_buf, - sizeof(stdout_buf) - 1); - tt_assert(pos >= 0); - stdout_buf[pos] = '\0'; - tt_int_op(strlen(expected_out),OP_EQ, pos); - tt_str_op(expected_out,OP_EQ, stdout_buf); - - notify_pending_waitpid_callbacks(); - - /* Check it terminated correctly */ - retval = tor_get_exit_code(process_handle, 1, &exit_code); - tt_int_op(PROCESS_EXIT_EXITED,OP_EQ, retval); - tt_int_op(expected_exit,OP_EQ, exit_code); - // TODO: Make test-child exit with something other than 0 - -#ifndef _WIN32 - notify_pending_waitpid_callbacks(); - tt_ptr_op(process_handle->waitpid_cb, OP_EQ, NULL); -#endif - - /* Check stderr */ - pos = tor_read_all_from_process_stderr(process_handle, stderr_buf, - sizeof(stderr_buf) - 1); - tt_assert(pos >= 0); - stderr_buf[pos] = '\0'; - tt_str_op(expected_err,OP_EQ, stderr_buf); - tt_int_op(strlen(expected_err),OP_EQ, pos); - - notify_pending_waitpid_callbacks(); - - done: - if (process_handle) - tor_process_handle_destroy(process_handle, 1); -} - -/** Check that we can launch a process and read the output */ -static void -test_util_spawn_background_ok(void *ptr) -{ - const char *argv[] = {TEST_CHILD, "--test", NULL}; - const char *expected_out = "OUT"EOL "--test"EOL "SLEEPING"EOL "DONE" EOL; - const char *expected_err = "ERR"EOL; - - (void)ptr; - - run_util_spawn_background(argv, expected_out, expected_err, 0, - PROCESS_STATUS_RUNNING); -} - -/** Check that failing to find the executable works as expected */ -static void -test_util_spawn_background_fail(void *ptr) -{ - const char *argv[] = {BUILDDIR "/src/test/no-such-file", "--test", NULL}; - const char *expected_err = ""; - char expected_out[1024]; - char code[32]; -#ifdef _WIN32 - const int expected_status = PROCESS_STATUS_ERROR; -#else - /* TODO: Once we can signal failure to exec, set this to be - * PROCESS_STATUS_RUNNING_OR_ERROR */ - const int expected_status = PROCESS_STATUS_RUNNING_OR_NOTRUNNING; -#endif /* defined(_WIN32) */ - - memset(expected_out, 0xf0, sizeof(expected_out)); - memset(code, 0xf0, sizeof(code)); - - (void)ptr; - - tor_snprintf(code, sizeof(code), "%x/%x", - 9 /* CHILD_STATE_FAILEXEC */ , ENOENT); - tor_snprintf(expected_out, sizeof(expected_out), - "ERR: Failed to spawn background process - code %s\n", code); - - run_util_spawn_background(argv, expected_out, expected_err, 255, - expected_status); -} - -/** Test that reading from a handle returns a partial read rather than - * blocking */ -static void -test_util_spawn_background_partial_read_impl(int exit_early) -{ - const int expected_exit = 0; - const int expected_status = PROCESS_STATUS_RUNNING; - - int retval, exit_code; - ssize_t pos = -1; - process_handle_t *process_handle=NULL; - int status; - char stdout_buf[100], stderr_buf[100]; - - const char *argv[] = {TEST_CHILD, "--test", NULL}; - const char *expected_out[] = { "OUT" EOL "--test" EOL "SLEEPING" EOL, - "DONE" EOL, - NULL }; - const char *expected_err = "ERR" EOL; - -#ifndef _WIN32 - int eof = 0; -#endif - int expected_out_ctr; - - if (exit_early) { - argv[1] = "--hang"; - expected_out[0] = "OUT"EOL "--hang"EOL "SLEEPING" EOL; - } - - /* Start the program */ -#ifdef _WIN32 - status = tor_spawn_background(NULL, argv, NULL, &process_handle); -#else - status = tor_spawn_background(argv[0], argv, NULL, &process_handle); -#endif - tt_int_op(expected_status,OP_EQ, status); - tt_assert(process_handle); - tt_int_op(expected_status,OP_EQ, process_handle->status); - - /* Check stdout */ - for (expected_out_ctr = 0; expected_out[expected_out_ctr] != NULL;) { -#ifdef _WIN32 - pos = tor_read_all_handle(process_handle->stdout_pipe, stdout_buf, - sizeof(stdout_buf) - 1, NULL); -#else - /* Check that we didn't read the end of file last time */ - tt_assert(!eof); - pos = tor_read_all_handle(process_handle->stdout_pipe, stdout_buf, - sizeof(stdout_buf) - 1, NULL, &eof); -#endif /* defined(_WIN32) */ - log_info(LD_GENERAL, "tor_read_all_handle() returned %d", (int)pos); - - /* We would have blocked, keep on trying */ - if (0 == pos) - continue; - - tt_assert(pos > 0); - stdout_buf[pos] = '\0'; - tt_str_op(expected_out[expected_out_ctr],OP_EQ, stdout_buf); - tt_int_op(strlen(expected_out[expected_out_ctr]),OP_EQ, pos); - expected_out_ctr++; - } - - if (exit_early) { - tor_process_handle_destroy(process_handle, 1); - process_handle = NULL; - goto done; - } - - /* The process should have exited without writing more */ -#ifdef _WIN32 - pos = tor_read_all_handle(process_handle->stdout_pipe, stdout_buf, - sizeof(stdout_buf) - 1, - process_handle); - tt_int_op(0,OP_EQ, pos); -#else /* !(defined(_WIN32)) */ - if (!eof) { - /* We should have got all the data, but maybe not the EOF flag */ - pos = tor_read_all_handle(process_handle->stdout_pipe, stdout_buf, - sizeof(stdout_buf) - 1, - process_handle, &eof); - tt_int_op(0,OP_EQ, pos); - tt_assert(eof); - } - /* Otherwise, we got the EOF on the last read */ -#endif /* defined(_WIN32) */ - - /* Check it terminated correctly */ - retval = tor_get_exit_code(process_handle, 1, &exit_code); - tt_int_op(PROCESS_EXIT_EXITED,OP_EQ, retval); - tt_int_op(expected_exit,OP_EQ, exit_code); - - // TODO: Make test-child exit with something other than 0 - - /* Check stderr */ - pos = tor_read_all_from_process_stderr(process_handle, stderr_buf, - sizeof(stderr_buf) - 1); - tt_assert(pos >= 0); - stderr_buf[pos] = '\0'; - tt_str_op(expected_err,OP_EQ, stderr_buf); - tt_int_op(strlen(expected_err),OP_EQ, pos); - - done: - tor_process_handle_destroy(process_handle, 1); -} - -static void -test_util_spawn_background_partial_read(void *arg) -{ - (void)arg; - test_util_spawn_background_partial_read_impl(0); -} - -static void -test_util_spawn_background_exit_early(void *arg) -{ - (void)arg; - test_util_spawn_background_partial_read_impl(1); -} - -static void -test_util_spawn_background_waitpid_notify(void *arg) -{ - int retval, exit_code; - process_handle_t *process_handle=NULL; - int status; - int ms_timer; - - const char *argv[] = {TEST_CHILD, "--fast", NULL}; - - (void) arg; - -#ifdef _WIN32 - status = tor_spawn_background(NULL, argv, NULL, &process_handle); -#else - status = tor_spawn_background(argv[0], argv, NULL, &process_handle); -#endif - - tt_int_op(status, OP_EQ, PROCESS_STATUS_RUNNING); - tt_ptr_op(process_handle, OP_NE, NULL); - - /* We're not going to look at the stdout/stderr output this time. Instead, - * we're testing whether notify_pending_waitpid_calbacks() can report the - * process exit (on unix) and/or whether tor_get_exit_code() can notice it - * (on windows) */ - -#ifndef _WIN32 - ms_timer = 30*1000; - tt_ptr_op(process_handle->waitpid_cb, OP_NE, NULL); - while (process_handle->waitpid_cb && ms_timer > 0) { - tor_sleep_msec(100); - ms_timer -= 100; - notify_pending_waitpid_callbacks(); - } - tt_int_op(ms_timer, OP_GT, 0); - tt_ptr_op(process_handle->waitpid_cb, OP_EQ, NULL); -#endif /* !defined(_WIN32) */ - - ms_timer = 30*1000; - while (((retval = tor_get_exit_code(process_handle, 0, &exit_code)) - == PROCESS_EXIT_RUNNING) && ms_timer > 0) { - tor_sleep_msec(100); - ms_timer -= 100; - } - tt_int_op(ms_timer, OP_GT, 0); - - tt_int_op(retval, OP_EQ, PROCESS_EXIT_EXITED); - - done: - tor_process_handle_destroy(process_handle, 1); -} - -#undef TEST_CHILD -#undef EOL - -#undef MATCH_PROCESS_STATUS - -#ifndef _WIN32 -#undef PROCESS_STATUS_RUNNING_OR_NOTRUNNING -#undef IS_RUNNING_OR_NOTRUNNING -#endif - -#define UTIL_TEST(name, flags) \ - { #name, test_util_ ## name, flags, NULL, NULL } - -struct testcase_t slow_util_tests[] = { - UTIL_TEST(spawn_background_ok, 0), - UTIL_TEST(spawn_background_fail, 0), - UTIL_TEST(spawn_background_partial_read, 0), - UTIL_TEST(spawn_background_exit_early, 0), - UTIL_TEST(spawn_background_waitpid_notify, 0), - END_OF_TESTCASES -}; diff --git a/src/test/test_voting_flags.c b/src/test/test_voting_flags.c new file mode 100644 index 0000000000..ae89e43889 --- /dev/null +++ b/src/test/test_voting_flags.c @@ -0,0 +1,193 @@ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" + +#define VOTEFLAGS_PRIVATE + +#include "core/or/or.h" + +#include "feature/dirauth/voteflags.h" +#include "feature/dirauth/dirauth_options_st.h" +#include "feature/nodelist/node_st.h" +#include "feature/nodelist/routerstatus_st.h" +#include "feature/nodelist/routerinfo_st.h" + +#include "app/config/config.h" + +#include "test/test.h" +#include "test/opts_test_helpers.h" + +typedef struct { + time_t now; + routerinfo_t ri; + node_t node; + + routerstatus_t expected; +} flag_vote_test_cfg_t; + +static void +setup_cfg(flag_vote_test_cfg_t *c) +{ + memset(c, 0, sizeof(*c)); + + c->now = approx_time(); + + c->ri.nickname = (char *) "testing100"; + strlcpy(c->expected.nickname, "testing100", sizeof(c->expected.nickname)); + + memset(c->ri.cache_info.identity_digest, 0xff, DIGEST_LEN); + memset(c->ri.cache_info.signed_descriptor_digest, 0xee, DIGEST_LEN); + + c->ri.cache_info.published_on = c->now - 100; + c->expected.published_on = c->now - 100; + + c->ri.addr = 0x7f010105; + c->expected.addr = 0x7f010105; + c->ri.or_port = 9090; + c->expected.or_port = 9090; + + tor_addr_make_null(&c->ri.ipv6_addr, AF_INET6); + tor_addr_make_null(&c->expected.ipv6_addr, AF_INET6); + + // By default we have no loaded information about stability or speed, + // so we'll default to voting "yeah sure." on these two. + c->expected.is_fast = 1; + c->expected.is_stable = 1; +} + +static bool +check_result(flag_vote_test_cfg_t *c) +{ + bool result = false; + routerstatus_t rs; + memset(&rs, 0, sizeof(rs)); + dirauth_set_routerstatus_from_routerinfo(&rs, &c->node, &c->ri, c->now, 0); + + tt_i64_op(rs.published_on, OP_EQ, c->expected.published_on); + tt_str_op(rs.nickname, OP_EQ, c->expected.nickname); + + // identity_digest and descriptor_digest are not set here. + + tt_uint_op(rs.addr, OP_EQ, c->expected.addr); + tt_uint_op(rs.or_port, OP_EQ, c->expected.or_port); + tt_uint_op(rs.dir_port, OP_EQ, c->expected.dir_port); + + tt_assert(tor_addr_eq(&rs.ipv6_addr, &c->expected.ipv6_addr)); + tt_uint_op(rs.ipv6_orport, OP_EQ, c->expected.ipv6_orport); + +#define FLAG(flagname) \ + tt_uint_op(rs.flagname, OP_EQ, c->expected.flagname) + + FLAG(is_authority); + FLAG(is_exit); + FLAG(is_stable); + FLAG(is_fast); + FLAG(is_flagged_running); + FLAG(is_named); + FLAG(is_unnamed); + FLAG(is_valid); + FLAG(is_possible_guard); + FLAG(is_bad_exit); + FLAG(is_hs_dir); + FLAG(is_v2_dir); + FLAG(is_staledesc); + FLAG(has_bandwidth); + FLAG(has_exitsummary); + FLAG(bw_is_unmeasured); + + result = true; + + done: + return result; +} + +static void +test_voting_flags_minimal(void *arg) +{ + flag_vote_test_cfg_t *cfg = arg; + (void) check_result(cfg); +} + +static void +test_voting_flags_ipv6(void *arg) +{ + flag_vote_test_cfg_t *cfg = arg; + + tt_assert(tor_addr_parse(&cfg->ri.ipv6_addr, "f00::b42") == AF_INET6); + cfg->ri.ipv6_orport = 9091; + // no change in expected results, since we aren't set up with ipv6 + // connectivity. + if (!check_result(cfg)) + goto done; + + get_dirauth_options(get_options_mutable())->AuthDirHasIPv6Connectivity = 1; + // no change in expected results, since last_reachable6 won't be set. + if (!check_result(cfg)) + goto done; + + cfg->node.last_reachable6 = cfg->now - 10; + // now that lastreachable6 is set, we expect to see the result. + tt_assert(tor_addr_parse(&cfg->expected.ipv6_addr, "f00::b42") == AF_INET6); + cfg->expected.ipv6_orport = 9091; + if (!check_result(cfg)) + goto done; + done: + ; +} + +static void +test_voting_flags_staledesc(void *arg) +{ + flag_vote_test_cfg_t *cfg = arg; + time_t now = cfg->now; + + cfg->ri.cache_info.published_on = now - DESC_IS_STALE_INTERVAL + 10; + cfg->expected.published_on = now - DESC_IS_STALE_INTERVAL + 10; + // no change in expectations for is_staledesc + if (!check_result(cfg)) + goto done; + + cfg->ri.cache_info.published_on = now - DESC_IS_STALE_INTERVAL - 10; + cfg->expected.published_on = now - DESC_IS_STALE_INTERVAL - 10; + cfg->expected.is_staledesc = 1; + if (!check_result(cfg)) + goto done; + + done: + ; +} + +static void * +setup_voting_flags_test(const struct testcase_t *testcase) +{ + (void)testcase; + flag_vote_test_cfg_t *cfg = tor_malloc_zero(sizeof(*cfg)); + setup_cfg(cfg); + return cfg; +} + +static int +teardown_voting_flags_test(const struct testcase_t *testcase, void *arg) +{ + (void)testcase; + flag_vote_test_cfg_t *cfg = arg; + tor_free(cfg); + return 1; +} + +static const struct testcase_setup_t voting_flags_setup = { + .setup_fn = setup_voting_flags_test, + .cleanup_fn = teardown_voting_flags_test, +}; + +#define T(name,flags) \ + { #name, test_voting_flags_##name, (flags), &voting_flags_setup, NULL } + +struct testcase_t voting_flags_tests[] = { + T(minimal, 0), + T(ipv6, TT_FORK), + // TODO: Add more of these tests. + T(staledesc, TT_FORK), + END_OF_TESTCASES +}; diff --git a/src/test/test_voting_schedule.c b/src/test/test_voting_schedule.c index ba4d53a4ae..df64b79167 100644 --- a/src/test/test_voting_schedule.c +++ b/src/test/test_voting_schedule.c @@ -1,17 +1,18 @@ -/* Copyright (c) 2018-2019, The Tor Project, Inc. */ +/* Copyright (c) 2018-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" #include "core/or/or.h" -#include "feature/dircommon/voting_schedule.h" +#include "feature/dirauth/voting_schedule.h" +#include "feature/nodelist/networkstatus.h" #include "test/test.h" static void test_voting_schedule_interval_start(void *arg) { -#define next_interval voting_schedule_get_start_of_next_interval +#define next_interval voting_sched_get_start_of_interval_after (void)arg; char buf[ISO_TIME_LEN+1]; @@ -61,4 +62,3 @@ struct testcase_t voting_schedule_tests[] = { VS(interval_start, 0), END_OF_TESTCASES }; - diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c index c58634da5c..3734c08e48 100644 --- a/src/test/test_workqueue.c +++ b/src/test/test_workqueue.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "core/or/or.h" @@ -32,7 +32,7 @@ int handled_len; bitarray_t *handled; #endif -typedef struct state_s { +typedef struct state_t { int magic; int n_handled; crypto_pk_t *rsa; @@ -40,13 +40,13 @@ typedef struct state_s { int is_shutdown; } state_t; -typedef struct rsa_work_s { +typedef struct rsa_work_t { int serial; uint8_t msg[128]; uint8_t msglen; } rsa_work_t; -typedef struct ecdh_work_s { +typedef struct ecdh_work_t { int serial; union { curve25519_public_key_t pk; @@ -63,7 +63,7 @@ mark_handled(int serial) tor_assert(! bitarray_is_set(handled, serial)); bitarray_set(handled, serial); tor_mutex_release(&bitmap_mutex); -#else /* !(defined(TRACK_RESPONSES)) */ +#else /* !defined(TRACK_RESPONSES) */ (void)serial; #endif /* defined(TRACK_RESPONSES) */ } @@ -339,7 +339,7 @@ main(int argc, char **argv) replyqueue_t *rq; threadpool_t *tp; int i; - tor_libevent_cfg evcfg; + tor_libevent_cfg_t evcfg; uint32_t as_flags = 0; for (i = 1; i < argc; ++i) { diff --git a/src/test/test_workqueue_cancel.sh b/src/test/test_workqueue_cancel.sh index f7c663171e..e50b884f26 100755 --- a/src/test/test_workqueue_cancel.sh +++ b/src/test/test_workqueue_cancel.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue -C 1 +"${builddir:-.}/src/test/test_workqueue" -C 1 diff --git a/src/test/test_workqueue_efd.sh b/src/test/test_workqueue_efd.sh index 4d89396819..592841fc91 100755 --- a/src/test/test_workqueue_efd.sh +++ b/src/test/test_workqueue_efd.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue \ +"${builddir:-.}/src/test/test_workqueue" \ --no-eventfd2 --no-pipe2 --no-pipe --no-socketpair diff --git a/src/test/test_workqueue_efd2.sh b/src/test/test_workqueue_efd2.sh index 7cfff45ff3..4cf1b76cbe 100755 --- a/src/test/test_workqueue_efd2.sh +++ b/src/test/test_workqueue_efd2.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue \ +"${builddir:-.}/src/test/test_workqueue" \ --no-eventfd --no-pipe2 --no-pipe --no-socketpair diff --git a/src/test/test_workqueue_pipe.sh b/src/test/test_workqueue_pipe.sh index afcef87853..fc3ef34c6c 100755 --- a/src/test/test_workqueue_pipe.sh +++ b/src/test/test_workqueue_pipe.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue \ +"${builddir:-.}/src/test/test_workqueue" \ --no-eventfd2 --no-eventfd --no-pipe2 --no-socketpair diff --git a/src/test/test_workqueue_pipe2.sh b/src/test/test_workqueue_pipe2.sh index a20a1427e0..7f19ea880d 100755 --- a/src/test/test_workqueue_pipe2.sh +++ b/src/test/test_workqueue_pipe2.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue \ +"${builddir:-.}/src/test/test_workqueue" \ --no-eventfd2 --no-eventfd --no-pipe --no-socketpair diff --git a/src/test/test_workqueue_socketpair.sh b/src/test/test_workqueue_socketpair.sh index 76af79746d..1ee1776447 100755 --- a/src/test/test_workqueue_socketpair.sh +++ b/src/test/test_workqueue_socketpair.sh @@ -1,4 +1,4 @@ #!/bin/sh -${builddir:-.}/src/test/test_workqueue \ +"${builddir:-.}/src/test/test_workqueue" \ --no-eventfd2 --no-eventfd --no-pipe2 --no-pipe diff --git a/src/test/test_x509.c b/src/test/test_x509.c index 792849ae4b..94e7db33de 100644 --- a/src/test/test_x509.c +++ b/src/test/test_x509.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2019, The Tor Project, Inc. */ +/* Copyright (c) 2010-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define TOR_X509_PRIVATE diff --git a/src/test/test_zero_length_keys.sh b/src/test/test_zero_length_keys.sh index 84ca513b0a..b944d9bf3f 100755 --- a/src/test/test_zero_length_keys.sh +++ b/src/test/test_zero_length_keys.sh @@ -1,10 +1,44 @@ #!/bin/sh # Check that tor regenerates keys when key files are zero-length +umask 077 +set -e + +# emulate realpath(), in case coreutils or equivalent is not installed. +abspath() { + f="$*" + if [ -d "$f" ]; then + dir="$f" + base="" + else + dir="$(dirname "$f")" + base="/$(basename "$f")" + fi + dir="$(cd "$dir" && pwd)" + echo "$dir$base" +} + +# find the tor binary +if [ $# -ge 1 ]; then + TOR_BINARY="${1}" + shift +else + TOR_BINARY="${TESTING_TOR_BINARY:-./src/app/tor}" +fi + +TOR_BINARY="$(abspath "$TOR_BINARY")" + +echo "TOR BINARY IS ${TOR_BINARY}" + +if "$TOR_BINARY" --list-modules | grep -q "relay: no"; then + echo "This test requires the relay module. Skipping." >&2 + exit 77 +fi + exitcode=0 -"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "${builddir:-.}/src/app/tor" -z || exitcode=1 -"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "${builddir:-.}/src/app/tor" -d || exitcode=1 -"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "${builddir:-.}/src/app/tor" -e || exitcode=1 +"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "$TOR_BINARY" -z || exitcode=1 +"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "$TOR_BINARY" -d || exitcode=1 +"${SHELL:-sh}" "${abs_top_srcdir:-.}/src/test/zero_length_keys.sh" "$TOR_BINARY" -e || exitcode=1 exit ${exitcode} diff --git a/src/test/testing_common.c b/src/test/testing_common.c index daa7aa524a..d68dfa4047 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -12,6 +12,7 @@ #include "orconfig.h" #include "core/or/or.h" #include "feature/control/control.h" +#include "feature/control/control_events.h" #include "app/config/config.h" #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_ed25519.h" @@ -25,6 +26,8 @@ #include "lib/compress/compress.h" #include "lib/evloop/compat_libevent.h" #include "lib/crypt_ops/crypto_init.h" +#include "lib/version/torversion.h" +#include "app/main/subsysmgr.h" #include <stdio.h> #ifdef HAVE_FCNTL_H @@ -86,7 +89,18 @@ setup_directory(void) (int)getpid(), rnd32); r = mkdir(temp_dir); } -#else /* !(defined(_WIN32)) */ +#elif defined(__ANDROID__) + /* tor might not like the default perms, so create a subdir */ + tor_snprintf(temp_dir, sizeof(temp_dir), + "/data/local/tmp/tor_%d_%d_%s", + (int) getuid(), (int) getpid(), rnd32); + r = mkdir(temp_dir, 0700); + if (r) { + fprintf(stderr, "Can't create directory %s:", temp_dir); + perror(""); + exit(1); + } +#else /* !defined(_WIN32) */ tor_snprintf(temp_dir, sizeof(temp_dir), "/tmp/tor_test_%d_%s", (int) getpid(), rnd32); r = mkdir(temp_dir, 0700); @@ -94,7 +108,7 @@ setup_directory(void) /* undo sticky bit so tests don't get confused. */ r = chown(temp_dir, getuid(), getgid()); } -#endif /* defined(_WIN32) */ +#endif /* defined(_WIN32) || ... */ if (r) { fprintf(stderr, "Can't create directory %s:", temp_dir); perror(""); @@ -230,17 +244,17 @@ void tinytest_prefork(void) { free_pregenerated_keys(); - crypto_prefork(); + subsystems_prefork(); } void tinytest_postfork(void) { - crypto_postfork(); + subsystems_postfork(); init_pregenerated_keys(); } static void -log_callback_failure(int severity, uint32_t domain, const char *msg) +log_callback_failure(int severity, log_domain_mask_t domain, const char *msg) { (void)msg; if (severity == LOG_ERR || (domain & LD_BUG)) { @@ -259,24 +273,18 @@ main(int c, const char **v) int loglevel = LOG_ERR; int accel_crypto = 0; - /* We must initialise logs before we call tor_assert() */ - init_logging(1); + subsystems_init(); - update_approx_time(time(NULL)); options = options_new(); - tor_threads_init(); - tor_compress_init(); - - network_init(); - - monotime_init(); - struct tor_libevent_cfg cfg; + struct tor_libevent_cfg_t cfg; memset(&cfg, 0, sizeof(cfg)); tor_libevent_initialize(&cfg); control_initialize_event_queue(); - configure_backtrace_handler(get_version()); + + /* Don't add default logs; the tests manage their own. */ + quiet_level = QUIET_SILENT; unsigned num=1, den=1; @@ -316,7 +324,7 @@ main(int c, const char **v) memset(&s, 0, sizeof(s)); set_log_severity_config(loglevel, LOG_ERR, &s); /* ALWAYS log bug warnings. */ - s.masks[LOG_WARN-LOG_ERR] |= LD_BUG; + s.masks[SEVERITY_MASK_IDX(LOG_WARN)] |= LD_BUG; add_stream_log(&s, "", fileno(stdout)); } { @@ -324,9 +332,10 @@ main(int c, const char **v) log_severity_list_t s; memset(&s, 0, sizeof(s)); set_log_severity_config(LOG_ERR, LOG_ERR, &s); - s.masks[LOG_WARN-LOG_ERR] |= LD_BUG; + s.masks[SEVERITY_MASK_IDX(LOG_WARN)] |= LD_BUG; add_callback_log(&s, log_callback_failure); } + flush_log_messages_from_startup(); init_protocol_warning_severity_level(); options->command = CMD_RUN_UNITTESTS; @@ -343,6 +352,7 @@ main(int c, const char **v) initialize_mainloop_events(); options_init(options); options->DataDirectory = tor_strdup(temp_dir); + options->DataDirectory_option = tor_strdup(temp_dir); tor_asprintf(&options->KeyDirectory, "%s"PATH_SEPARATOR"keys", options->DataDirectory); options->CacheDirectory = tor_strdup(temp_dir); @@ -409,8 +419,6 @@ main(int c, const char **v) free_pregenerated_keys(); - crypto_global_cleanup(); - if (have_failed) return 1; else diff --git a/src/test/testing_rsakeys.c b/src/test/testing_rsakeys.c index 0f22d4e01b..e058f72d01 100644 --- a/src/test/testing_rsakeys.c +++ b/src/test/testing_rsakeys.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2019, The Tor Project, Inc. */ + * Copyright (c) 2007-2020, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "lib/crypt_ops/crypto_rand.h" @@ -448,7 +448,8 @@ static int next_key_idx_2048; static crypto_pk_t * pk_generate_internal(int bits) { - tor_assert(bits == 2048 || bits == 1024); + tor_assertf(bits == 2048 || bits == 1024, + "Wrong key size: %d", bits); #ifdef USE_PREGENERATED_RSA_KEYS int *idxp; @@ -467,7 +468,7 @@ pk_generate_internal(int bits) *idxp += crypto_rand_int_range(1,3); *idxp %= n_pregen; return crypto_pk_dup_key(pregen_array[*idxp]); -#else /* !(defined(USE_PREGENERATED_RSA_KEYS)) */ +#else /* !defined(USE_PREGENERATED_RSA_KEYS) */ crypto_pk_t *result; int res; result = crypto_pk_new(); diff --git a/src/test/zero_length_keys.sh b/src/test/zero_length_keys.sh index 5635bdfd89..1702d11245 100755 --- a/src/test/zero_length_keys.sh +++ b/src/test/zero_length_keys.sh @@ -19,7 +19,7 @@ # 3: a command failed - the test could not be completed # -if [ $# -eq 0 ] || [ ! -f ${1} ] || [ ! -x ${1} ]; then +if [ $# -eq 0 ] || [ ! -f "${1}" ] || [ ! -x "${1}" ]; then echo "Usage: ${0} PATH_TO_TOR [-z|-d|-e]" exit 1 elif [ $# -eq 1 ]; then @@ -31,7 +31,7 @@ else #[$# -gt 1 ]; then shift fi -DATA_DIR=`mktemp -d -t tor_zero_length_keys.XXXXXX` +DATA_DIR=$(mktemp -d -t tor_zero_length_keys.XXXXXX) if [ -z "$DATA_DIR" ]; then echo "Failure: mktemp invocation returned empty string" >&2 exit 3 @@ -40,7 +40,7 @@ if [ ! -d "$DATA_DIR" ]; then echo "Failure: mktemp invocation result doesn't point to directory" >&2 exit 3 fi -trap "rm -rf '$DATA_DIR'" 0 +trap 'rm -rf "$DATA_DIR"' 0 touch "$DATA_DIR"/empty_torrc touch "$DATA_DIR"/empty_defaults_torrc |