| Age | Commit message (Collapse) | Author |
|---|
|
Using a test vector in python, test both hs_build_hsdir_index() and
hs_build_hs_index().
This commit also adds the hs_build_address.py to EXTRA_DIST which was missing.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Requires chutney master 50f64ea or later.
Implements ticket 22437.
|
|
|
|
- make tor_util static library name configurable
- fix Rust libary dependency order for Windows
|
|
|
|
Move tests from test_hs_service.c to this file.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Move the ntor test from test_hs_service.c to this file.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Move ESTABLISH_INTRO tests from test_hs_service.c to this new file.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
* CLOSES #17639.
* ADDS new --key-expiration commandline option which prints when the
signing key expires.
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Move code to create connection streams and rend_data structures to
test_helpers so that we can use them from the e2e rendezvous circuit
unittests.
|
|
|
|
This adds a couple of configure commands to control whether we're
requiring all dependencies to be available locally (default) or not
(--enable-cargo-online-mode). When building from a tarball, we require
the RUST_DEPENDENCIES variable to point to the local repository of
crates. This also adds src/ext/rust as a git submodule that contains
such a local repository for easy setup.
|
|
Passing --enable-cargo-online-mode during configure allows cargo to make
network requests while building Tor or running tests. If this flag is
not supplied, the dependencies need to be available in the form of a
local mirror.
|
|
|
|
This gives an indication in the log that Tor was built with Rust
support, as well as laying some groundwork for further string-returning
APIs to be converted to Rust
|
|
|
|
Create the hs_test_helpers.{c|h} files that contains helper functions to
create introduction point, descriptor and compare descriptor.
Used by both the hs cache and hs descriptor tests. Unify them to avoid code
duplication.
Also, this commit fixes the usage of the signing key that was wrongly used
when creating a cross signed certificate.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
This defense will cause Cisco, Juniper, Fortinet, and other routers operating
in the default configuration to collapse netflow records that would normally
be split due to the 15 second flow idle timeout.
Collapsing these records should greatly reduce the utility of default netflow
data for correlation attacks, since all client-side records should become 30
minute chunks of total bytes sent/received, rather than creating multiple
separate records for every webpage load/ssh command interaction/XMPP chat/whatever
else happens to be inactive for more than 15 seconds.
The defense adds consensus parameters to govern the range of timeout values
for sending padding packets, as well as for keeping connections open.
The defense only sends padding when connections are otherwise inactive, and it
does not pad connections used solely for directory traffic at all. By default
it also doesn't pad inter-relay connections.
Statistics on the total padding in the last 24 hours are exported to the
extra-info descriptors.
|
|
Introduce a way to optionally enable Rust integration for our builds. No
actual Rust code is added yet and specifying the flag has no effect
other than failing the build if rustc and cargo are unavailable.
|
|
This commit adds the src/trace directory containing the basics for our tracing
subsystem. It is not used in the code base. The "src/trace/debug.h" file
contains an example on how we can map our tor trace events to log_debug().
The tracing subsystem can only be enabled by tracing framework at compile
time. This commit introduces the "--enable-tracing-debug" option that will
make all "tor_trace()" function be maped to "log_debug()".
Closes #13802
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
This patch adds support for enabling support for Zstandard to our configure
script. By default, the --enable-zstd option is set to "auto" which means if
libzstd is available we'll build Tor with Zstandard support.
See: https://bugs.torproject.org/21662
|
|
This patch adds support for enabling support for LZMA to our configure
script. By default, the --enable-lzma option is set to "auto" which
means if liblzma is available we'll build Tor with LZMA support.
See: https://bugs.torproject.org/21662
|
|
Initial tests. These just try adding a few consensuses, looking
them up, and making sure that consensus diffs are generated in a
more or less reasonable-looking way. It's enough for 87% coverage,
but it leaves out a lot of functionality.
|
|
|
|
This test is identical to the ./src/test/test_ntor.sh integration test.
|
|
|
|
|
|
|
|
Create a new test_crypto_openssl to test openssl-only crypto.c
functionality.
|
|
|
|
We could use one of these for holding "junk" descriptors and
unparseable things -- but we'll _need_ it for having cached
consensuses and diffs between them.
|
|
(This commit was extracted by nickm based on the final outcome of
the project, taking only the changes in the files touched by this
commit from the consdiff_rebased branch. The directory-system
changes are going to get worked on separately.)
|
|
I had forgotten to include the fuzz_static_testcases.sh script in
EXTRA_DIST.
|
|
This isn't fuzzing per se, so much as replaying the highlights of
past fuzzer runs.
|
|
|
|
Test for both v2 and v3 ESTABLISH_INTRO handling.
|
|
|
|
Conflicts:
src/or/rendclient.c
src/or/rendcommon.c
src/or/routerparse.c
src/test/test_dir.c
src/trunnel/ed25519_cert.h
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
|
|
|
|
This patch moves the pregenerated RSA key logic into a new
testing_rsakeys.c.
Also, it adds support for RSA2048, since the link handshake tests
want that.
Also, it includes pregenerated keys, rather than trying to actually
generate the keys at startup, since generating even a small handful
of RSA2048 keys makes for an annoying delay.
|
|
|
|
|
|
This requires a recent version of chutney, with the single onion
network flavours (git c72a652 or later).
Closes ticket #20072.
|
|
Requires a recent version of chutney.
Also remove bridges+hs, as it's somewhat redundant.
|
