Merge branch 'maint-0.2.9' into maint-0.3.3
[tor.git] / src / test / test_hs_cache.c
blob458ce1a92e87dea20544d2fa572e4d001474df10
1 /* Copyright (c) 2016-2017, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 /**
5 * \file test_hs_cache.c
6 * \brief Test hidden service caches.
7 */
9 #define CONNECTION_PRIVATE
10 #define DIRECTORY_PRIVATE
11 #define HS_CACHE_PRIVATE
13 #include "ed25519_cert.h"
14 #include "hs_cache.h"
15 #include "rendcache.h"
16 #include "directory.h"
17 #include "networkstatus.h"
18 #include "connection.h"
19 #include "proto_http.h"
21 #include "hs_test_helpers.h"
22 #include "test_helpers.h"
23 #include "test.h"
25 /* Static variable used to encoded the HSDir query. */
26 static char query_b64[256];
28 /* Build an HSDir query using a ed25519 public key. */
29 static const char *
30 helper_get_hsdir_query(const hs_descriptor_t *desc)
32 ed25519_public_to_base64(query_b64, &desc->plaintext_data.blinded_pubkey);
33 return query_b64;
36 static void
37 init_test(void)
39 /* Always needed. Initialize the subsystem. */
40 hs_cache_init();
41 /* We need the v2 cache since our OOM and cache cleanup does poke at it. */
42 rend_cache_init();
45 static void
46 test_directory(void *arg)
48 int ret;
49 size_t oom_size;
50 char *desc1_str = NULL;
51 const char *desc_out;
52 ed25519_keypair_t signing_kp1;
53 hs_descriptor_t *desc1 = NULL;
55 (void) arg;
57 init_test();
58 /* Generate a valid descriptor with normal values. */
59 ret = ed25519_keypair_generate(&signing_kp1, 0);
60 tt_int_op(ret, OP_EQ, 0);
61 desc1 = hs_helper_build_hs_desc_with_ip(&signing_kp1);
62 tt_assert(desc1);
63 ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str);
64 tt_int_op(ret, OP_EQ, 0);
66 /* Very first basic test, should be able to be stored, survive a
67 * clean, found with a lookup and then cleaned by our OOM. */
69 ret = hs_cache_store_as_dir(desc1_str);
70 tt_int_op(ret, OP_EQ, 0);
71 /* Re-add, it should fail since we already have it. */
72 ret = hs_cache_store_as_dir(desc1_str);
73 tt_int_op(ret, OP_EQ, -1);
74 /* Try to clean now which should be fine, there is at worst few seconds
75 * between the store and this call. */
76 hs_cache_clean_as_dir(time(NULL));
77 /* We should find it in our cache. */
78 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out);
79 tt_int_op(ret, OP_EQ, 1);
80 tt_str_op(desc_out, OP_EQ, desc1_str);
81 /* Tell our OOM to run and to at least remove a byte which will result in
82 * removing the descriptor from our cache. */
83 oom_size = hs_cache_handle_oom(time(NULL), 1);
84 tt_int_op(oom_size, OP_GE, 1);
85 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL);
86 tt_int_op(ret, OP_EQ, 0);
89 /* Store two descriptors and remove the expiring one only. */
91 ed25519_keypair_t signing_kp_zero;
92 ret = ed25519_keypair_generate(&signing_kp_zero, 0);
93 tt_int_op(ret, OP_EQ, 0);
94 hs_descriptor_t *desc_zero_lifetime;
95 desc_zero_lifetime = hs_helper_build_hs_desc_with_ip(&signing_kp_zero);
96 tt_assert(desc_zero_lifetime);
97 desc_zero_lifetime->plaintext_data.revision_counter = 1;
98 desc_zero_lifetime->plaintext_data.lifetime_sec = 0;
99 char *desc_zero_lifetime_str;
100 ret = hs_desc_encode_descriptor(desc_zero_lifetime, &signing_kp_zero,
101 &desc_zero_lifetime_str);
102 tt_int_op(ret, OP_EQ, 0);
104 ret = hs_cache_store_as_dir(desc1_str);
105 tt_int_op(ret, OP_EQ, 0);
106 ret = hs_cache_store_as_dir(desc_zero_lifetime_str);
107 tt_int_op(ret, OP_EQ, 0);
108 /* This one should clear out our zero lifetime desc. */
109 hs_cache_clean_as_dir(time(NULL));
110 /* We should find desc1 in our cache. */
111 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out);
112 tt_int_op(ret, OP_EQ, 1);
113 tt_str_op(desc_out, OP_EQ, desc1_str);
114 /* We should NOT find our zero lifetime desc in our cache. */
115 ret = hs_cache_lookup_as_dir(3,
116 helper_get_hsdir_query(desc_zero_lifetime),
117 NULL);
118 tt_int_op(ret, OP_EQ, 0);
119 /* Cleanup our entire cache. */
120 oom_size = hs_cache_handle_oom(time(NULL), 1);
121 tt_int_op(oom_size, OP_GE, 1);
122 hs_descriptor_free(desc_zero_lifetime);
123 tor_free(desc_zero_lifetime_str);
126 /* Throw junk at it. */
128 ret = hs_cache_store_as_dir("blah");
129 tt_int_op(ret, OP_EQ, -1);
130 /* Poor attempt at tricking the decoding. */
131 ret = hs_cache_store_as_dir("hs-descriptor 3\nJUNK");
132 tt_int_op(ret, OP_EQ, -1);
133 /* Undecodable base64 query. */
134 ret = hs_cache_lookup_as_dir(3, "blah", NULL);
135 tt_int_op(ret, OP_EQ, -1);
136 /* Decodable base64 query but wrong ed25519 size. */
137 ret = hs_cache_lookup_as_dir(3, "dW5pY29ybg==", NULL);
138 tt_int_op(ret, OP_EQ, -1);
141 /* Test descriptor replacement with revision counter. */
143 char *new_desc_str;
145 /* Add a descriptor. */
146 ret = hs_cache_store_as_dir(desc1_str);
147 tt_int_op(ret, OP_EQ, 0);
148 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out);
149 tt_int_op(ret, OP_EQ, 1);
150 /* Bump revision counter. */
151 desc1->plaintext_data.revision_counter++;
152 ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &new_desc_str);
153 tt_int_op(ret, OP_EQ, 0);
154 ret = hs_cache_store_as_dir(new_desc_str);
155 tt_int_op(ret, OP_EQ, 0);
156 /* Look it up, it should have been replaced. */
157 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out);
158 tt_int_op(ret, OP_EQ, 1);
159 tt_str_op(desc_out, OP_EQ, new_desc_str);
160 tor_free(new_desc_str);
163 done:
164 hs_descriptor_free(desc1);
165 tor_free(desc1_str);
168 static void
169 test_clean_as_dir(void *arg)
171 size_t ret;
172 char *desc1_str = NULL;
173 time_t now = time(NULL);
174 hs_descriptor_t *desc1 = NULL;
175 ed25519_keypair_t signing_kp1;
177 (void) arg;
179 init_test();
181 /* Generate a valid descriptor with values. */
182 ret = ed25519_keypair_generate(&signing_kp1, 0);
183 tt_int_op(ret, OP_EQ, 0);
184 desc1 = hs_helper_build_hs_desc_with_ip(&signing_kp1);
185 tt_assert(desc1);
186 ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str);
187 tt_int_op(ret, OP_EQ, 0);
188 ret = hs_cache_store_as_dir(desc1_str);
189 tt_int_op(ret, OP_EQ, 0);
191 /* With the lifetime being 3 hours, a cleanup shouldn't remove it. */
192 ret = cache_clean_v3_as_dir(now, 0);
193 tt_int_op(ret, OP_EQ, 0);
194 /* Should be present after clean up. */
195 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL);
196 tt_int_op(ret, OP_EQ, 1);
197 /* Set a cutoff 100 seconds in the past. It should not remove the entry
198 * since the entry is still recent enough. */
199 ret = cache_clean_v3_as_dir(now, now - 100);
200 tt_int_op(ret, OP_EQ, 0);
201 /* Should be present after clean up. */
202 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL);
203 tt_int_op(ret, OP_EQ, 1);
204 /* Set a cutoff of 100 seconds in the future. It should remove the entry
205 * that we've just added since it's not too old for the cutoff. */
206 ret = cache_clean_v3_as_dir(now, now + 100);
207 tt_int_op(ret, OP_GT, 0);
208 /* Shouldn't be present after clean up. */
209 ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL);
210 tt_int_op(ret, OP_EQ, 0);
212 done:
213 hs_descriptor_free(desc1);
214 tor_free(desc1_str);
217 /* Test helper: Fetch an HS descriptor from an HSDir (for the hidden service
218 with <b>blinded_key</b>. Return the received descriptor string. */
219 static char *
220 helper_fetch_desc_from_hsdir(const ed25519_public_key_t *blinded_key)
222 int retval;
224 char *received_desc = NULL;
225 char *hsdir_query_str = NULL;
227 /* The dir conn we are going to simulate */
228 dir_connection_t *conn = NULL;
230 /* First extract the blinded public key that we are going to use in our
231 query, and then build the actual query string. */
233 char hsdir_cache_key[ED25519_BASE64_LEN+1];
235 retval = ed25519_public_to_base64(hsdir_cache_key,
236 blinded_key);
237 tt_int_op(retval, OP_EQ, 0);
238 tor_asprintf(&hsdir_query_str, GET("/tor/hs/3/%s"), hsdir_cache_key);
241 /* Simulate an HTTP GET request to the HSDir */
242 conn = dir_connection_new(AF_INET);
243 tor_addr_from_ipv4h(&conn->base_.addr, 0x7f000001);
244 TO_CONN(conn)->linked = 1;/* Pretend the conn is encrypted :) */
245 retval = directory_handle_command_get(conn, hsdir_query_str,
246 NULL, 0);
247 tt_int_op(retval, OP_EQ, 0);
249 /* Read the descriptor that the HSDir just served us */
251 char *headers = NULL;
252 size_t body_used = 0;
254 fetch_from_buf_http(TO_CONN(conn)->outbuf, &headers, MAX_HEADERS_SIZE,
255 &received_desc, &body_used, HS_DESC_MAX_LEN, 0);
256 tor_free(headers);
259 done:
260 tor_free(hsdir_query_str);
261 if (conn)
262 connection_free_minimal(TO_CONN(conn));
264 return received_desc;
267 /* Publish a descriptor to the HSDir, then fetch it. Check that the received
268 descriptor matches the published one. */
269 static void
270 test_upload_and_download_hs_desc(void *arg)
272 int retval;
273 hs_descriptor_t *published_desc = NULL;
275 char *published_desc_str = NULL;
276 char *received_desc_str = NULL;
278 (void) arg;
280 /* Initialize HSDir cache subsystem */
281 init_test();
283 /* Test a descriptor not found in the directory cache. */
285 ed25519_public_key_t blinded_key;
286 memset(&blinded_key.pubkey, 'A', sizeof(blinded_key.pubkey));
287 received_desc_str = helper_fetch_desc_from_hsdir(&blinded_key);
288 tt_int_op(strlen(received_desc_str), OP_EQ, 0);
289 tor_free(received_desc_str);
292 /* Generate a valid descriptor with normal values. */
294 ed25519_keypair_t signing_kp;
295 retval = ed25519_keypair_generate(&signing_kp, 0);
296 tt_int_op(retval, OP_EQ, 0);
297 published_desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
298 tt_assert(published_desc);
299 retval = hs_desc_encode_descriptor(published_desc, &signing_kp,
300 &published_desc_str);
301 tt_int_op(retval, OP_EQ, 0);
304 /* Publish descriptor to the HSDir */
306 retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str);
307 tt_int_op(retval, OP_EQ, 200);
310 /* Simulate a fetch of the previously published descriptor */
312 const ed25519_public_key_t *blinded_key;
313 blinded_key = &published_desc->plaintext_data.blinded_pubkey;
314 received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
317 /* Verify we received the exact same descriptor we published earlier */
318 tt_str_op(received_desc_str, OP_EQ, published_desc_str);
319 tor_free(received_desc_str);
321 /* With a valid descriptor in the directory cache, try again an invalid. */
323 ed25519_public_key_t blinded_key;
324 memset(&blinded_key.pubkey, 'A', sizeof(blinded_key.pubkey));
325 received_desc_str = helper_fetch_desc_from_hsdir(&blinded_key);
326 tt_int_op(strlen(received_desc_str), OP_EQ, 0);
329 done:
330 tor_free(received_desc_str);
331 tor_free(published_desc_str);
332 hs_descriptor_free(published_desc);
335 /* Test that HSDirs reject outdated descriptors based on their revision
336 * counter. Also test that HSDirs correctly replace old descriptors with newer
337 * descriptors. */
338 static void
339 test_hsdir_revision_counter_check(void *arg)
341 int retval;
343 ed25519_keypair_t signing_kp;
345 hs_descriptor_t *published_desc = NULL;
346 char *published_desc_str = NULL;
348 uint8_t subcredential[DIGEST256_LEN];
349 char *received_desc_str = NULL;
350 hs_descriptor_t *received_desc = NULL;
352 (void) arg;
354 /* Initialize HSDir cache subsystem */
355 init_test();
357 /* Generate a valid descriptor with normal values. */
359 retval = ed25519_keypair_generate(&signing_kp, 0);
360 tt_int_op(retval, OP_EQ, 0);
361 published_desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
362 tt_assert(published_desc);
363 retval = hs_desc_encode_descriptor(published_desc, &signing_kp,
364 &published_desc_str);
365 tt_int_op(retval, OP_EQ, 0);
368 /* Publish descriptor to the HSDir */
370 retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str);
371 tt_int_op(retval, OP_EQ, 200);
374 /* Try publishing again with the same revision counter: Should fail. */
376 retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str);
377 tt_int_op(retval, OP_EQ, 400);
380 /* Fetch the published descriptor and validate the revision counter. */
382 const ed25519_public_key_t *blinded_key;
384 blinded_key = &published_desc->plaintext_data.blinded_pubkey;
385 hs_get_subcredential(&signing_kp.pubkey, blinded_key, subcredential);
386 received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
388 retval = hs_desc_decode_descriptor(received_desc_str,
389 subcredential, &received_desc);
390 tt_int_op(retval, OP_EQ, 0);
391 tt_assert(received_desc);
393 /* Check that the revision counter is correct */
394 tt_u64_op(received_desc->plaintext_data.revision_counter, OP_EQ, 42);
396 hs_descriptor_free(received_desc);
397 received_desc = NULL;
398 tor_free(received_desc_str);
401 /* Increment the revision counter and try again. Should work. */
403 published_desc->plaintext_data.revision_counter = 1313;
404 tor_free(published_desc_str);
405 retval = hs_desc_encode_descriptor(published_desc, &signing_kp,
406 &published_desc_str);
407 tt_int_op(retval, OP_EQ, 0);
409 retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str);
410 tt_int_op(retval, OP_EQ, 200);
413 /* Again, fetch the published descriptor and perform the revision counter
414 validation. The revision counter must have changed. */
416 const ed25519_public_key_t *blinded_key;
418 blinded_key = &published_desc->plaintext_data.blinded_pubkey;
419 received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
421 retval = hs_desc_decode_descriptor(received_desc_str,
422 subcredential, &received_desc);
423 tt_int_op(retval, OP_EQ, 0);
424 tt_assert(received_desc);
426 /* Check that the revision counter is the latest */
427 tt_u64_op(received_desc->plaintext_data.revision_counter, OP_EQ, 1313);
430 done:
431 hs_descriptor_free(published_desc);
432 hs_descriptor_free(received_desc);
433 tor_free(received_desc_str);
434 tor_free(published_desc_str);
437 static networkstatus_t mock_ns;
439 static networkstatus_t *
440 mock_networkstatus_get_live_consensus(time_t now)
442 (void) now;
443 return &mock_ns;
446 /** Test that we can store HS descriptors in the client HS cache. */
447 static void
448 test_client_cache(void *arg)
450 int retval;
451 ed25519_keypair_t signing_kp;
452 hs_descriptor_t *published_desc = NULL;
453 char *published_desc_str = NULL;
454 uint8_t wanted_subcredential[DIGEST256_LEN];
455 response_handler_args_t *args = NULL;
456 dir_connection_t *conn = NULL;
458 (void) arg;
460 /* Initialize HSDir cache subsystem */
461 init_test();
463 MOCK(networkstatus_get_live_consensus,
464 mock_networkstatus_get_live_consensus);
466 /* Set consensus time */
467 parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
468 &mock_ns.valid_after);
469 parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
470 &mock_ns.fresh_until);
471 parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC",
472 &mock_ns.valid_until);
474 /* Generate a valid descriptor with normal values. */
476 retval = ed25519_keypair_generate(&signing_kp, 0);
477 tt_int_op(retval, OP_EQ, 0);
478 published_desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
479 tt_assert(published_desc);
480 retval = hs_desc_encode_descriptor(published_desc, &signing_kp,
481 &published_desc_str);
482 tt_int_op(retval, OP_EQ, 0);
483 memcpy(wanted_subcredential, published_desc->subcredential, DIGEST256_LEN);
484 tt_assert(!tor_mem_is_zero((char*)wanted_subcredential, DIGEST256_LEN));
487 /* Test handle_response_fetch_hsdesc_v3() */
489 args = tor_malloc_zero(sizeof(response_handler_args_t));
490 args->status_code = 200;
491 args->reason = NULL;
492 args->body = published_desc_str;
493 args->body_len = strlen(published_desc_str);
495 conn = tor_malloc_zero(sizeof(dir_connection_t));
496 conn->hs_ident = tor_malloc_zero(sizeof(hs_ident_dir_conn_t));
497 ed25519_pubkey_copy(&conn->hs_ident->identity_pk, &signing_kp.pubkey);
500 /* store the descriptor! */
501 retval = handle_response_fetch_hsdesc_v3(conn, args);
502 tt_int_op(retval, == , 0);
504 /* Progress time a bit and attempt to clean cache: our desc should not be
505 * cleaned since we still in the same TP. */
507 parse_rfc1123_time("Sat, 27 Oct 1985 02:00:00 UTC",
508 &mock_ns.valid_after);
509 parse_rfc1123_time("Sat, 27 Oct 1985 03:00:00 UTC",
510 &mock_ns.fresh_until);
511 parse_rfc1123_time("Sat, 27 Oct 1985 05:00:00 UTC",
512 &mock_ns.valid_until);
514 /* fetch the descriptor and make sure it's there */
515 const hs_descriptor_t *cached_desc = NULL;
516 cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey);
517 tt_assert(cached_desc);
518 tt_mem_op(cached_desc->subcredential, OP_EQ, wanted_subcredential,
519 DIGEST256_LEN);
522 /* Progress time to next TP and check that desc was cleaned */
524 parse_rfc1123_time("Sat, 27 Oct 1985 12:00:00 UTC",
525 &mock_ns.valid_after);
526 parse_rfc1123_time("Sat, 27 Oct 1985 13:00:00 UTC",
527 &mock_ns.fresh_until);
528 parse_rfc1123_time("Sat, 27 Oct 1985 15:00:00 UTC",
529 &mock_ns.valid_until);
531 const hs_descriptor_t *cached_desc = NULL;
532 cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey);
533 tt_assert(!cached_desc);
536 done:
537 tor_free(args);
538 hs_descriptor_free(published_desc);
539 tor_free(published_desc_str);
540 if (conn) {
541 tor_free(conn->hs_ident);
542 tor_free(conn);
546 struct testcase_t hs_cache[] = {
547 /* Encoding tests. */
548 { "directory", test_directory, TT_FORK,
549 NULL, NULL },
550 { "clean_as_dir", test_clean_as_dir, TT_FORK,
551 NULL, NULL },
552 { "hsdir_revision_counter_check", test_hsdir_revision_counter_check, TT_FORK,
553 NULL, NULL },
554 { "upload_and_download_hs_desc", test_upload_and_download_hs_desc, TT_FORK,
555 NULL, NULL },
556 { "client_cache", test_client_cache, TT_FORK,
557 NULL, NULL },
559 END_OF_TESTCASES