| Age | Commit message (Collapse) | Author |
|---|
|
Test that TestingDirAuthVote{Exit,Guard,HSDir}[Strict] work on
routersets matching all routers, one router, and no routers.
TestingDirAuthVote{Exit,Guard,HSDir} set the corresponding flag
on routerstatuses which match the routerset, but leave other flags
unmodified.
TestingDirAuthVote{Exit,Guard,HSDir}Strict clear the corresponding flag
on routerstatuses which don't match the routerset.
|
|
|
|
|
|
Fixed numerous conflicts, and ported code to use new base64 api.
|
|
Extrainfo documents are now ed-signed just as are router
descriptors, according to proposal 220. This patch also includes
some more tests for successful/failing parsing, and fixes a crash
bug in ed25519 descriptor parsing.
|
|
Also, add a trivial ed25519-signed routerinfo to the tests.
|
|
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors. That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
|
|
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
|
|
|
|
|
|
Conflicts:
src/test/test_dir.c
|
|
|
|
Conflicts:
src/or/directory.c
src/or/routerlist.c
src/or/routerlist.h
src/test/include.am
src/test/test.c
|
|
This implementation includes tests and a little documentation.
|
|
Fixes 13762.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Part of fix for 13172
|
|
Fixes bug 13661; bugfix on 0.0.8pre1.
|
|
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code. Right?
|
|
By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.
|
|
1. The test that adds things to the cache needs to set the clock back so
that the descriptors it adds are valid.
2. We split ROUTER_NOT_NEW into ROUTER_TOO_OLD, so that we can
distinguish "already had it" from "rejected because of old published
date".
3. We make extrainfo_insert() return a was_router_added_t, and we
make its caller use it correctly. This is probably redundant with
the extrainfo_is_bogus flag.
|
|
These tests make sure that entries are actually marked
undownloadable as appropriate.
|
|
We didn't really have test coverage for these parsing functions, so
I went and made some. These tests also verify that the parsing
functions set the list of invalid digests correctly.
|
|
One pain point in evolving the Tor design and implementing has been
adding code that makes clients reject directory documents that they
previously would have accepted, if those descriptors actually exist.
When this happened, the clients would get the document, reject it,
and then decide to try downloading it again, ad infinitum. This
problem becomes particularly obnoxious with authorities, since if
some authorities accept a descriptor that others don't, the ones
that don't accept it would go crazy trying to re-fetch it over and
over. (See for example ticket #9286.)
This patch tries to solve this problem by tracking, if a descriptor
isn't parseable, what its digest was, and whether it is invalid
because of some flaw that applies to the portion containing the
digest. (This excludes RSA signature problems: RSA signatures
aren't included in the digest. This means that a directory
authority can still put another directory authority into a loop by
mentioning a descriptor, and then serving that descriptor with an
invalid RSA signatures. But that would also make the misbehaving
directory authority get DoSed by the server it's attacking, so it's
not much of an issue.)
We already have a mechanism to mark something undownloadable with
downloadstatus_mark_impossible(); we use that here for
microdescriptors, extrainfos, and router descriptors.
Unit tests to follow in another patch.
Closes ticket #11243.
|
|
Fix compilation warnings
|
|
Also, sort test suites alphabetically.
|
|
|
|
These wrappers went into place when the default type for our unit
test functions changed from "void fn(void)" to "void fn(void *arg)".
To generate this patch, I did the same hokey-pokey as before with
replacing all operators used as macro arguments, then I ran a
coccinelle script, then I ran perl script to fix up everything that
used legacy_test_helper, then I manually removed the
legacy_test_helper functions, then I ran a final perl script to put
the operators back how they were.
==============================
#!/usr/bin/perl -w -i -p
s/==,/_X_EQ_,/g;
s/!=,/_X_NE_,/g;
s/<,/_X_LT_,/g;
s/>,/_X_GT_,/g;
s/>=,/_X_GEQ_,/g;
s/<=,/_X_LEQ_,/g;
--------------------
@@
identifier func =~ "test_.*$";
statement S, S2;
@@
static void func (
-void
+void *arg
)
{
... when != S2
+(void) arg;
S
...
}
--------------------
#!/usr/bin/perl -w -i -p
s/, *legacy_test_helper, *([^,]+), *\&legacy_setup, *([^\}]+) *}/, $2, $1, NULL, NULL }/g;
--------------------
#!/usr/bin/perl -w -i -p
s/_X_NEQ_/!=/g;
s/_X_NE_/!=/g;
s/_X_EQ_/==/g;
s/_X_GT_/>/g;
s/_X_LT_/</g;
s/_X_GEQ_/>=/g;
s/_X_LEQ_/<=/g;
--------------------
|
|
|
|
This should get rid of most of the users of the old test_*
functions. Some are in macros and will need manual cleanup, though.
This patch is for 13119, and was automatically generated with these
scripts. The perl scripts are there because coccinelle hates
operators as macro arguments.
------------------------------
s/==,/_X_EQ_,/g;
s/!=,/_X_NE_,/g;
s/<,/_X_LT_,/g;
s/>,/_X_GT_,/g;
s/>=,/_X_GEQ_,/g;
s/<=,/_X_LEQ_,/g;
------------------------------
@@
expression a;
identifier func;
@@
func (...) {
<...
-test_fail_msg
+TT_DIE
(
+(
a
+)
)
...>
}
@@
identifier func;
@@
func (...) {
<...
-test_fail()
+TT_DIE(("Assertion failed."))
...>
}
@@
expression a;
identifier func;
@@
func (...) {
<...
-test_assert
+tt_assert
(a)
...>
}
@@
expression a, b;
identifier func;
@@
func (...) {
<...
-test_eq
+tt_int_op
(a,
+_X_EQ_,
b)
...>
}
@@
expression a, b;
identifier func;
@@
func (...) {
<...
-test_neq
+tt_int_op
(a,
+_X_NEQ_,
b)
...>
}
@@
expression a, b;
identifier func;
@@
func (...) {
<...
-test_streq
+tt_str_op
(a,
+_X_EQ_,
b)
...>
}
@@
expression a, b;
identifier func;
@@
func (...) {
<...
-test_strneq
+tt_str_op
(a,
+_X_NEQ_,
b)
...>
}
@@
expression a, b;
identifier func;
@@
func (...) {
<...
-test_eq_ptr
+tt_ptr_op
(a,
+_X_EQ_,
b)
...>
}
@@
expression a, b;
identifier func;
@@
func() {
<...
-test_neq_ptr
+tt_ptr_op
(a,
+_X_NEQ_,
b)
...>
}
@@
expression a, b, len;
identifier func;
@@
func (...) {
<...
-test_memeq
+tt_mem_op
(a,
+_X_EQ_,
b, len)
...>
}
@@
expression a, b, len;
identifier func;
@@
func (...) {
<...
-test_memneq
+tt_mem_op
(a,
+_X_NEQ_,
b, len)
...>
}
------------------------------
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a == b
+a, _X_EQ_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a == b
+a, _X_EQ_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a == b
+a, _X_EQ_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a == b
+a, _X_EQ_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a == b
+a, _X_EQ_, b
)
...>
}
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a != b
+a, _X_NEQ_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a != b
+a, _X_NEQ_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a != b
+a, _X_NEQ_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a != b
+a, _X_NEQ_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a != b
+a, _X_NEQ_, b
)
...>
}
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a >= b
+a, _X_GEQ_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a >= b
+a, _X_GEQ_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a >= b
+a, _X_GEQ_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a >= b
+a, _X_GEQ_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a >= b
+a, _X_GEQ_, b
)
...>
}
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a <= b
+a, _X_LEQ_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a <= b
+a, _X_LEQ_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a <= b
+a, _X_LEQ_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a <= b
+a, _X_LEQ_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a <= b
+a, _X_LEQ_, b
)
...>
}
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a > b
+a, _X_GT_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a > b
+a, _X_GT_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a > b
+a, _X_GT_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a > b
+a, _X_GT_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a > b
+a, _X_GT_, b
)
...>
}
@@
char a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a < b
+a, _X_LT_, b
)
...>
}
@@
int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a < b
+a, _X_LT_, b
)
...>
}
@@
long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_int_op
(
-a < b
+a, _X_LT_, b
)
...>
}
@@
unsigned int a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a < b
+a, _X_LT_, b
)
...>
}
@@
unsigned long a, b;
identifier func;
@@
func (...) {
<...
-tt_assert
+tt_uint_op
(
-a < b
+a, _X_LT_, b
)
...>
}
------------------------------
s/_X_NEQ_/!=/g;
s/_X_NE_/!=/g;
s/_X_EQ_/==/g;
s/_X_GT_/>/g;
s/_X_LT_/</g;
s/_X_GEQ_/>=/g;
s/_X_LEQ_/<=/g;
s/test_mem_op\(/tt_mem_op\(/g;
|
|
|
|
Patch from teor; part of 13104
|
|
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
|
|
Also remove a test for the way that we generated parameter votes
before consensus method 12.
|
|
Before the 11825 fix, these were all silently ignored.
|
|
|
|
|
|
Conflicts:
src/or/router.c
src/test/test_dir.c
|
|
Thanks, Coverity! (CID 1171414, 1171415, 1171416)
|
|
(This was a squash commit, but I forgot to squash it. Sorry! --Nick)
|
|
The remaining vestige is that we continue to publish the V2dir flag,
and that, for the controller, we continue to emit v2 directory
formats when requested.
|
|
|
|
In proposal 157, we added a cross-certification element for
directory authority certificates. We implemented it in
0.2.1.9-alpha. All Tor directory authorities now generate it.
Here, as planned, make it required, so that we can finally close
proposal 157.
The biggest change in the code is in the unit test data, where some
old hardcoded certs that we made long ago have become no longer
valid and now need to be replaced.
|
|
|
|
|
