search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'maint-0.4.0'
[tor.git] / src / test / test.c
blobb19bf3bd883d17048d860e72524fde538a6f239f
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 /**
7 * \file test.c
8 * \brief Unit tests for many pieces of the lower level Tor modules.
9 **/
10
11 #include "orconfig.h"
12 #include "lib/crypt_ops/crypto_dh.h"
13 #include "lib/crypt_ops/crypto_rand.h"
14 #include "app/config/or_state_st.h"
15 #include "test/rng_test_helpers.h"
16
17 #include <stdio.h>
18 #ifdef HAVE_FCNTL_H
19 #include <fcntl.h>
20 #endif
21
22 #ifdef _WIN32
23 /* For mkdir() */
24 #include <direct.h>
25 #else
26 #include <dirent.h>
27 #endif /* defined(_WIN32) */
28
29 #include <math.h>
30
31 /* These macros pull in declarations for some functions and structures that
32 * are typically file-private. */
33 #define ROUTER_PRIVATE
34 #define CIRCUITSTATS_PRIVATE
35 #define CIRCUITLIST_PRIVATE
36 #define MAINLOOP_PRIVATE
37 #define STATEFILE_PRIVATE
38
39 #include "core/or/or.h"
40 #include "lib/err/backtrace.h"
41 #include "lib/buf/buffers.h"
42 #include "core/or/circuitlist.h"
43 #include "core/or/circuitstats.h"
44 #include "lib/compress/compress.h"
45 #include "app/config/config.h"
46 #include "core/or/connection_edge.h"
47 #include "feature/rend/rendcommon.h"
48 #include "feature/rend/rendcache.h"
49 #include "feature/rend/rendparse.h"
50 #include "test/test.h"
51 #include "core/mainloop/mainloop.h"
52 #include "lib/memarea/memarea.h"
53 #include "core/or/onion.h"
54 #include "core/crypto/onion_ntor.h"
55 #include "core/crypto/onion_fast.h"
56 #include "core/crypto/onion_tap.h"
57 #include "core/or/policies.h"
58 #include "feature/stats/rephist.h"
59 #include "app/config/statefile.h"
60 #include "lib/crypt_ops/crypto_curve25519.h"
61
62 #include "core/or/extend_info_st.h"
63 #include "core/or/or_circuit_st.h"
64 #include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
65 #include "feature/rend/rend_intro_point_st.h"
66 #include "feature/rend/rend_service_descriptor_st.h"
67 #include "feature/relay/onion_queue.h"
68
69 /** Run unit tests for the onion handshake code. */
70 static void
71 test_onion_handshake(void *arg)
72 {
73 /* client-side */
74 crypto_dh_t *c_dh = NULL;
75 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
76 char c_keys[40];
77 /* server-side */
78 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
79 char s_keys[40];
80 int i;
81 /* shared */
82 crypto_pk_t *pk = NULL, *pk2 = NULL;
83
84 (void)arg;
85 pk = pk_generate(0);
86 pk2 = pk_generate(1);
87
88 /* client handshake 1. */
89 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
90 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
91
92 for (i = 1; i <= 3; ++i) {
93 crypto_pk_t *k1, *k2;
94 if (i==1) {
95 /* server handshake: only one key known. */
96 k1 = pk; k2 = NULL;
97 } else if (i==2) {
98 /* server handshake: try the right key first. */
99 k1 = pk; k2 = pk2;
100 } else {
101 /* server handshake: try the right key second. */
102 k1 = pk2; k2 = pk;
103 }
104
105 memset(s_buf, 0, TAP_ONIONSKIN_REPLY_LEN);
106 memset(s_keys, 0, 40);
107 tt_assert(! onion_skin_TAP_server_handshake(c_buf, k1, k2,
108 s_buf, s_keys, 40));
109
110 /* client handshake 2 */
111 memset(c_keys, 0, 40);
112 tt_assert(! onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys,
113 40, NULL));
114
115 tt_mem_op(c_keys,OP_EQ, s_keys, 40);
116 memset(s_buf, 0, 40);
117 tt_mem_op(c_keys,OP_NE, s_buf, 40);
118 }
119 done:
120 crypto_dh_free(c_dh);
121 crypto_pk_free(pk);
122 crypto_pk_free(pk2);
123 }
124
125 static void
126 test_bad_onion_handshake(void *arg)
127 {
128 char junk_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
129 char junk_buf2[TAP_ONIONSKIN_CHALLENGE_LEN];
130 /* client-side */
131 crypto_dh_t *c_dh = NULL;
132 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
133 char c_keys[40];
134 /* server-side */
135 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
136 char s_keys[40];
137 /* shared */
138 crypto_pk_t *pk = NULL, *pk2 = NULL;
139
140 (void)arg;
141
142 pk = pk_generate(0);
143 pk2 = pk_generate(1);
144
145 /* Server: Case 1: the encrypted data is degenerate. */
146 memset(junk_buf, 0, sizeof(junk_buf));
147 crypto_pk_obsolete_public_hybrid_encrypt(pk,
148 junk_buf2, TAP_ONIONSKIN_CHALLENGE_LEN,
149 junk_buf, DH1024_KEY_LEN,
150 PK_PKCS1_OAEP_PADDING, 1);
151 tt_int_op(-1, OP_EQ,
152 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
153 s_buf, s_keys, 40));
154
155 /* Server: Case 2: the encrypted data is not long enough. */
156 memset(junk_buf, 0, sizeof(junk_buf));
157 memset(junk_buf2, 0, sizeof(junk_buf2));
158 crypto_pk_public_encrypt(pk, junk_buf2, sizeof(junk_buf2),
159 junk_buf, 48, PK_PKCS1_OAEP_PADDING);
160 tt_int_op(-1, OP_EQ,
161 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
162 s_buf, s_keys, 40));
163
164 /* client handshake 1: do it straight. */
165 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
166 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
167
168 /* Server: Case 3: we just don't have the right key. */
169 tt_int_op(-1, OP_EQ,
170 onion_skin_TAP_server_handshake(c_buf, pk2, NULL,
171 s_buf, s_keys, 40));
172
173 /* Server: Case 4: The RSA-encrypted portion is corrupt. */
174 c_buf[64] ^= 33;
175 tt_int_op(-1, OP_EQ,
176 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
177 s_buf, s_keys, 40));
178 c_buf[64] ^= 33;
179
180 /* (Let the server proceed) */
181 tt_int_op(0, OP_EQ,
182 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
183 s_buf, s_keys, 40));
184
185 /* Client: Case 1: The server sent back junk. */
186 const char *msg = NULL;
187 s_buf[64] ^= 33;
188 tt_int_op(-1, OP_EQ,
189 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
190 s_buf[64] ^= 33;
191 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on onion handshake. "
192 "Bug or attack.");
193
194 /* Let the client finish; make sure it can. */
195 msg = NULL;
196 tt_int_op(0, OP_EQ,
197 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
198 tt_mem_op(s_keys,OP_EQ, c_keys, 40);
199 tt_ptr_op(msg, OP_EQ, NULL);
200
201 /* Client: Case 2: The server sent back a degenerate DH. */
202 memset(s_buf, 0, sizeof(s_buf));
203 tt_int_op(-1, OP_EQ,
204 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
205 tt_str_op(msg, OP_EQ, "DH computation failed.");
206
207 done:
208 crypto_dh_free(c_dh);
209 crypto_pk_free(pk);
210 crypto_pk_free(pk2);
211 }
212
213 static void
214 test_ntor_handshake(void *arg)
215 {
216 /* client-side */
217 ntor_handshake_state_t *c_state = NULL;
218 uint8_t c_buf[NTOR_ONIONSKIN_LEN];
219 uint8_t c_keys[400];
220
221 /* server-side */
222 di_digest256_map_t *s_keymap=NULL;
223 curve25519_keypair_t s_keypair;
224 uint8_t s_buf[NTOR_REPLY_LEN];
225 uint8_t s_keys[400];
226
227 /* shared */
228 const curve25519_public_key_t *server_pubkey;
229 uint8_t node_id[20] = "abcdefghijklmnopqrst";
230
231 (void) arg;
232
233 /* Make the server some keys */
234 curve25519_secret_key_generate(&s_keypair.seckey, 0);
235 curve25519_public_key_generate(&s_keypair.pubkey, &s_keypair.seckey);
236 dimap_add_entry(&s_keymap, s_keypair.pubkey.public_key, &s_keypair);
237 server_pubkey = &s_keypair.pubkey;
238
239 /* client handshake 1. */
240 memset(c_buf, 0, NTOR_ONIONSKIN_LEN);
241 tt_int_op(0, OP_EQ, onion_skin_ntor_create(node_id, server_pubkey,
242 &c_state, c_buf));
243
244 /* server handshake */
245 memset(s_buf, 0, NTOR_REPLY_LEN);
246 memset(s_keys, 0, 40);
247 tt_int_op(0, OP_EQ, onion_skin_ntor_server_handshake(c_buf, s_keymap, NULL,
248 node_id,
249 s_buf, s_keys, 400));
250
251 /* client handshake 2 */
252 memset(c_keys, 0, 40);
253 tt_int_op(0, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
254 c_keys, 400, NULL));
255
256 tt_mem_op(c_keys,OP_EQ, s_keys, 400);
257 memset(s_buf, 0, 40);
258 tt_mem_op(c_keys,OP_NE, s_buf, 40);
259
260 /* Now try with a bogus server response. Zero input should trigger
261 * All The Problems. */
262 memset(c_keys, 0, 400);
263 memset(s_buf, 0, NTOR_REPLY_LEN);
264 const char *msg = NULL;
265 tt_int_op(-1, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
266 c_keys, 400, &msg));
267 tt_str_op(msg, OP_EQ, "Zero output from curve25519 handshake");
268
269 done:
270 ntor_handshake_state_free(c_state);
271 dimap_free(s_keymap, NULL);
272 }
273
274 static void
275 test_fast_handshake(void *arg)
276 {
277 /* tests for the obsolete "CREATE_FAST" handshake. */
278 (void) arg;
279 fast_handshake_state_t *state = NULL;
280 uint8_t client_handshake[CREATE_FAST_LEN];
281 uint8_t server_handshake[CREATED_FAST_LEN];
282 uint8_t s_keys[100], c_keys[100];
283
284 /* First, test an entire handshake. */
285 memset(client_handshake, 0, sizeof(client_handshake));
286 tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake));
287 tt_assert(! tor_mem_is_zero((char*)client_handshake,
288 sizeof(client_handshake)));
289
290 tt_int_op(0, OP_EQ,
291 fast_server_handshake(client_handshake, server_handshake,
292 s_keys, 100));
293 const char *msg = NULL;
294 tt_int_op(0, OP_EQ,
295 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
296 tt_ptr_op(msg, OP_EQ, NULL);
297 tt_mem_op(s_keys, OP_EQ, c_keys, 100);
298
299 /* Now test a failing handshake. */
300 server_handshake[0] ^= 3;
301 tt_int_op(-1, OP_EQ,
302 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
303 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on fast handshake. "
304 "Bug or attack.");
305
306 done:
307 fast_handshake_state_free(state);
308 }
309
310 /** Run unit tests for the onion queues. */
311 static void
312 test_onion_queues(void *arg)
313 {
314 uint8_t buf1[TAP_ONIONSKIN_CHALLENGE_LEN] = {0};
315 uint8_t buf2[NTOR_ONIONSKIN_LEN] = {0};
316
317 or_circuit_t *circ1 = or_circuit_new(0, NULL);
318 or_circuit_t *circ2 = or_circuit_new(0, NULL);
319
320 create_cell_t *onionskin = NULL, *create2_ptr;
321 create_cell_t *create1 = tor_malloc_zero(sizeof(create_cell_t));
322 create_cell_t *create2 = tor_malloc_zero(sizeof(create_cell_t));
323 (void)arg;
324 create2_ptr = create2; /* remember, but do not free */
325
326 create_cell_init(create1, CELL_CREATE, ONION_HANDSHAKE_TYPE_TAP,
327 TAP_ONIONSKIN_CHALLENGE_LEN, buf1);
328 create_cell_init(create2, CELL_CREATE, ONION_HANDSHAKE_TYPE_NTOR,
329 NTOR_ONIONSKIN_LEN, buf2);
330
331 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
332 tt_int_op(0,OP_EQ, onion_pending_add(circ1, create1));
333 create1 = NULL;
334 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
335
336 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
337 tt_int_op(0,OP_EQ, onion_pending_add(circ2, create2));
338 create2 = NULL;
339 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
340
341 tt_ptr_op(circ2,OP_EQ, onion_next_task(&onionskin));
342 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
343 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
344 tt_ptr_op(onionskin, OP_EQ, create2_ptr);
345
346 clear_pending_onions();
347 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
348 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
349
350 done:
351 circuit_free_(TO_CIRCUIT(circ1));
352 circuit_free_(TO_CIRCUIT(circ2));
353 tor_free(create1);
354 tor_free(create2);
355 tor_free(onionskin);
356 }
357
358 static void
359 test_circuit_timeout(void *arg)
360 {
361 /* Plan:
362 * 1. Generate 1000 samples
363 * 2. Estimate parameters
364 * 3. If difference, repeat
365 * 4. Save state
366 * 5. load state
367 * 6. Estimate parameters
368 * 7. compare differences
369 */
370 circuit_build_times_t initial;
371 circuit_build_times_t estimate;
372 circuit_build_times_t final;
373 double timeout1, timeout2;
374 or_state_t *state=NULL;
375 int i, runs;
376 double close_ms;
377 (void)arg;
378
379 initialize_periodic_events();
380
381 circuit_build_times_init(&initial);
382 circuit_build_times_init(&estimate);
383 circuit_build_times_init(&final);
384
385 state = or_state_new();
386
387 // Use a deterministic RNG here, or else we'll get nondeterministic
388 // coverage in some of the circuitstats functions.
389 testing_enable_deterministic_rng();
390
391 circuitbuild_running_unit_tests();
392 #define timeout0 (build_time_t)(30*1000.0)
393 initial.Xm = 3000;
394 circuit_build_times_initial_alpha(&initial,
395 CBT_DEFAULT_QUANTILE_CUTOFF/100.0,
396 timeout0);
397 close_ms = MAX(circuit_build_times_calculate_timeout(&initial,
398 CBT_DEFAULT_CLOSE_QUANTILE/100.0),
399 CBT_DEFAULT_TIMEOUT_INITIAL_VALUE);
400 do {
401 for (i=0; i < CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE; i++) {
402 build_time_t sample = circuit_build_times_generate_sample(&initial,0,1);
403
404 if (sample > close_ms) {
405 circuit_build_times_add_time(&estimate, CBT_BUILD_ABANDONED);
406 } else {
407 circuit_build_times_add_time(&estimate, sample);
408 }
409 }
410 circuit_build_times_update_alpha(&estimate);
411 timeout1 = circuit_build_times_calculate_timeout(&estimate,
412 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
413 circuit_build_times_set_timeout(&estimate);
414 log_notice(LD_CIRC, "Timeout1 is %f, Xm is %d", timeout1, estimate.Xm);
415 /* 2% error */
416 } while (fabs(circuit_build_times_cdf(&initial, timeout0) -
417 circuit_build_times_cdf(&initial, timeout1)) > 0.02);
418
419 tt_int_op(estimate.total_build_times, OP_LE, CBT_NCIRCUITS_TO_OBSERVE);
420
421 circuit_build_times_update_state(&estimate, state);
422 circuit_build_times_free_timeouts(&final);
423 tt_int_op(circuit_build_times_parse_state(&final, state), OP_EQ, 0);
424
425 circuit_build_times_update_alpha(&final);
426 timeout2 = circuit_build_times_calculate_timeout(&final,
427 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
428
429 circuit_build_times_set_timeout(&final);
430 log_notice(LD_CIRC, "Timeout2 is %f, Xm is %d", timeout2, final.Xm);
431
432 /* 5% here because some accuracy is lost due to histogram conversion */
433 tt_assert(fabs(circuit_build_times_cdf(&initial, timeout0) -
434 circuit_build_times_cdf(&initial, timeout2)) < 0.05);
435
436 for (runs = 0; runs < 50; runs++) {
437 int build_times_idx = 0;
438 int total_build_times = 0;
439
440 final.close_ms = final.timeout_ms = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
441 estimate.close_ms = estimate.timeout_ms
442 = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
443
444 for (i = 0; i < CBT_DEFAULT_RECENT_CIRCUITS*2; i++) {
445 circuit_build_times_network_circ_success(&estimate);
446 circuit_build_times_add_time(&estimate,
447 circuit_build_times_generate_sample(&estimate, 0,
448 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
449
450 circuit_build_times_network_circ_success(&estimate);
451 circuit_build_times_add_time(&final,
452 circuit_build_times_generate_sample(&final, 0,
453 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
454 }
455
456 tt_assert(!circuit_build_times_network_check_changed(&estimate));
457 tt_assert(!circuit_build_times_network_check_changed(&final));
458
459 /* Reset liveness to be non-live */
460 final.liveness.network_last_live = 0;
461 estimate.liveness.network_last_live = 0;
462
463 build_times_idx = estimate.build_times_idx;
464 total_build_times = estimate.total_build_times;
465
466 tt_assert(circuit_build_times_network_check_live(&estimate));
467 tt_assert(circuit_build_times_network_check_live(&final));
468
469 circuit_build_times_count_close(&estimate, 0,
470 (time_t)(approx_time()-estimate.close_ms/1000.0-1));
471 circuit_build_times_count_close(&final, 0,
472 (time_t)(approx_time()-final.close_ms/1000.0-1));
473
474 tt_assert(!circuit_build_times_network_check_live(&estimate));
475 tt_assert(!circuit_build_times_network_check_live(&final));
476
477 log_info(LD_CIRC, "idx: %d %d, tot: %d %d",
478 build_times_idx, estimate.build_times_idx,
479 total_build_times, estimate.total_build_times);
480
481 /* Check rollback index. Should match top of loop. */
482 tt_assert(build_times_idx == estimate.build_times_idx);
483 // This can fail if estimate.total_build_times == 1000, because
484 // in that case, rewind actually causes us to lose timeouts
485 if (total_build_times != CBT_NCIRCUITS_TO_OBSERVE)
486 tt_assert(total_build_times == estimate.total_build_times);
487
488 /* Now simulate that the network has become live and we need
489 * a change */
490 circuit_build_times_network_is_live(&estimate);
491 circuit_build_times_network_is_live(&final);
492
493 for (i = 0; i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT; i++) {
494 circuit_build_times_count_timeout(&estimate, 1);
495
496 if (i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1) {
497 circuit_build_times_count_timeout(&final, 1);
498 }
499 }
500
501 tt_int_op(estimate.liveness.after_firsthop_idx, OP_EQ, 0);
502 tt_assert(final.liveness.after_firsthop_idx ==
503 CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1);
504
505 tt_assert(circuit_build_times_network_check_live(&estimate));
506 tt_assert(circuit_build_times_network_check_live(&final));
507
508 circuit_build_times_count_timeout(&final, 1);
509
510 /* Ensure return value for degenerate cases are clamped correctly */
511 initial.alpha = INT32_MAX;
512 tt_assert(circuit_build_times_calculate_timeout(&initial, .99999999) <=
513 INT32_MAX);
514 initial.alpha = 0;
515 tt_assert(circuit_build_times_calculate_timeout(&initial, .5) <=
516 INT32_MAX);
517 }
518
519 done:
520 circuit_build_times_free_timeouts(&initial);
521 circuit_build_times_free_timeouts(&estimate);
522 circuit_build_times_free_timeouts(&final);
523 or_state_free(state);
524 teardown_periodic_events();
525
526 testing_disable_deterministic_rng();
527 }
528
529 /** Test encoding and parsing of rendezvous service descriptors. */
530 static void
531 test_rend_fns(void *arg)
532 {
533 rend_service_descriptor_t *generated = NULL, *parsed = NULL;
534 char service_id[DIGEST_LEN];
535 char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
536 const char *next_desc;
537 smartlist_t *descs = smartlist_new();
538 char computed_desc_id[DIGEST_LEN];
539 char parsed_desc_id[DIGEST_LEN];
540 crypto_pk_t *pk1 = NULL, *pk2 = NULL;
541 time_t now;
542 char *intro_points_encrypted = NULL;
543 size_t intro_points_size;
544 size_t encoded_size;
545 int i;
546
547 (void)arg;
548
549 /* Initialize the service cache. */
550 rend_cache_init();
551
552 pk1 = pk_generate(0);
553 pk2 = pk_generate(1);
554 generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
555 generated->pk = crypto_pk_dup_key(pk1);
556 crypto_pk_get_digest(generated->pk, service_id);
557 base32_encode(service_id_base32, REND_SERVICE_ID_LEN_BASE32+1,
558 service_id, REND_SERVICE_ID_LEN);
559 now = time(NULL);
560 generated->timestamp = now;
561 generated->version = 2;
562 generated->protocols = 42;
563 generated->intro_nodes = smartlist_new();
564
565 for (i = 0; i < 3; i++) {
566 rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
567 crypto_pk_t *okey = pk_generate(2 + i);
568 intro->extend_info = tor_malloc_zero(sizeof(extend_info_t));
569 intro->extend_info->onion_key = okey;
570 crypto_pk_get_digest(intro->extend_info->onion_key,
571 intro->extend_info->identity_digest);
572 //crypto_rand(info->identity_digest, DIGEST_LEN); /* Would this work? */
573 intro->extend_info->nickname[0] = '$';
574 base16_encode(intro->extend_info->nickname + 1,
575 sizeof(intro->extend_info->nickname) - 1,
576 intro->extend_info->identity_digest, DIGEST_LEN);
577 /* Does not cover all IP addresses. */
578 tor_addr_from_ipv4h(&intro->extend_info->addr, crypto_rand_int(65536));
579 intro->extend_info->port = 1 + crypto_rand_int(65535);
580 intro->intro_key = crypto_pk_dup_key(pk2);
581 smartlist_add(generated->intro_nodes, intro);
582 }
583 int rv = rend_encode_v2_descriptors(descs, generated, now, 0,
584 REND_NO_AUTH, NULL, NULL);
585 tt_int_op(rv, OP_GT, 0);
586 rv = rend_compute_v2_desc_id(computed_desc_id, service_id_base32, NULL,
587 now, 0);
588 tt_int_op(rv, OP_EQ, 0);
589 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
590 smartlist_get(descs, 0))->desc_id, OP_EQ,
591 computed_desc_id, DIGEST_LEN);
592 rv = rend_parse_v2_service_descriptor(&parsed, parsed_desc_id,
593 &intro_points_encrypted, &intro_points_size, &encoded_size,
594 &next_desc,
595 ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0))
596 ->desc_str, 1);
597 tt_int_op(rv, OP_EQ, 0);
598 tt_assert(parsed);
599 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
600 smartlist_get(descs, 0))->desc_id,OP_EQ, parsed_desc_id, DIGEST_LEN);
601 tt_int_op(rend_parse_introduction_points(parsed, intro_points_encrypted,
602 intro_points_size),OP_EQ, 3);
603 tt_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk));
604 tt_int_op(parsed->timestamp,OP_EQ, now);
605 tt_int_op(parsed->version,OP_EQ, 2);
606 tt_int_op(parsed->protocols,OP_EQ, 42);
607 tt_int_op(smartlist_len(parsed->intro_nodes),OP_EQ, 3);
608 for (i = 0; i < smartlist_len(parsed->intro_nodes); i++) {
609 rend_intro_point_t *par_intro = smartlist_get(parsed->intro_nodes, i),
610 *gen_intro = smartlist_get(generated->intro_nodes, i);
611 extend_info_t *par_info = par_intro->extend_info;
612 extend_info_t *gen_info = gen_intro->extend_info;
613 tt_assert(!crypto_pk_cmp_keys(gen_info->onion_key, par_info->onion_key));
614 tt_mem_op(gen_info->identity_digest,OP_EQ, par_info->identity_digest,
615 DIGEST_LEN);
616 tt_str_op(gen_info->nickname,OP_EQ, par_info->nickname);
617 tt_assert(tor_addr_eq(&gen_info->addr, &par_info->addr));
618 tt_int_op(gen_info->port,OP_EQ, par_info->port);
619 }
620
621 rend_service_descriptor_free(parsed);
622 rend_service_descriptor_free(generated);
623 parsed = generated = NULL;
624
625 done:
626 if (descs) {
627 for (i = 0; i < smartlist_len(descs); i++)
628 rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
629 smartlist_free(descs);
630 }
631 if (parsed)
632 rend_service_descriptor_free(parsed);
633 if (generated)
634 rend_service_descriptor_free(generated);
635 if (pk1)
636 crypto_pk_free(pk1);
637 if (pk2)
638 crypto_pk_free(pk2);
639 tor_free(intro_points_encrypted);
640 }
641
642 /** Run unit tests for stats code. */
643 static void
644 test_stats(void *arg)
645 {
646 time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */
647 char *s = NULL;
648 int i;
649
650 /* Start with testing exit port statistics; we shouldn't collect exit
651 * stats without initializing them. */
652 (void)arg;
653 rep_hist_note_exit_stream_opened(80);
654 rep_hist_note_exit_bytes(80, 100, 10000);
655 s = rep_hist_format_exit_stats(now + 86400);
656 tt_ptr_op(s, OP_EQ, NULL);
657
658 /* Initialize stats, note some streams and bytes, and generate history
659 * string. */
660 rep_hist_exit_stats_init(now);
661 rep_hist_note_exit_stream_opened(80);
662 rep_hist_note_exit_bytes(80, 100, 10000);
663 rep_hist_note_exit_stream_opened(443);
664 rep_hist_note_exit_bytes(443, 100, 10000);
665 rep_hist_note_exit_bytes(443, 100, 10000);
666 s = rep_hist_format_exit_stats(now + 86400);
667 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
668 "exit-kibibytes-written 80=1,443=1,other=0\n"
669 "exit-kibibytes-read 80=10,443=20,other=0\n"
670 "exit-streams-opened 80=4,443=4,other=0\n",OP_EQ, s);
671 tor_free(s);
672
673 /* Add a few bytes on 10 more ports and ensure that only the top 10
674 * ports are contained in the history string. */
675 for (i = 50; i < 60; i++) {
676 rep_hist_note_exit_bytes(i, i, i);
677 rep_hist_note_exit_stream_opened(i);
678 }
679 s = rep_hist_format_exit_stats(now + 86400);
680 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
681 "exit-kibibytes-written 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
682 "59=1,80=1,443=1,other=1\n"
683 "exit-kibibytes-read 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
684 "59=1,80=10,443=20,other=1\n"
685 "exit-streams-opened 52=4,53=4,54=4,55=4,56=4,57=4,58=4,"
686 "59=4,80=4,443=4,other=4\n",OP_EQ, s);
687 tor_free(s);
688
689 /* Stop collecting stats, add some bytes, and ensure we don't generate
690 * a history string. */
691 rep_hist_exit_stats_term();
692 rep_hist_note_exit_bytes(80, 100, 10000);
693 s = rep_hist_format_exit_stats(now + 86400);
694 tt_ptr_op(s, OP_EQ, NULL);
695
696 /* Re-start stats, add some bytes, reset stats, and see what history we
697 * get when observing no streams or bytes at all. */
698 rep_hist_exit_stats_init(now);
699 rep_hist_note_exit_stream_opened(80);
700 rep_hist_note_exit_bytes(80, 100, 10000);
701 rep_hist_reset_exit_stats(now);
702 s = rep_hist_format_exit_stats(now + 86400);
703 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
704 "exit-kibibytes-written other=0\n"
705 "exit-kibibytes-read other=0\n"
706 "exit-streams-opened other=0\n",OP_EQ, s);
707 tor_free(s);
708
709 /* Continue with testing connection statistics; we shouldn't collect
710 * conn stats without initializing them. */
711 rep_hist_note_or_conn_bytes(1, 20, 400, now);
712 s = rep_hist_format_conn_stats(now + 86400);
713 tt_ptr_op(s, OP_EQ, NULL);
714
715 /* Initialize stats, note bytes, and generate history string. */
716 rep_hist_conn_stats_init(now);
717 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
718 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
719 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
720 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
721 s = rep_hist_format_conn_stats(now + 86400);
722 tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,1,0\n",OP_EQ, s);
723 tor_free(s);
724
725 /* Stop collecting stats, add some bytes, and ensure we don't generate
726 * a history string. */
727 rep_hist_conn_stats_term();
728 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
729 s = rep_hist_format_conn_stats(now + 86400);
730 tt_ptr_op(s, OP_EQ, NULL);
731
732 /* Re-start stats, add some bytes, reset stats, and see what history we
733 * get when observing no bytes at all. */
734 rep_hist_conn_stats_init(now);
735 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
736 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
737 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
738 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
739 rep_hist_reset_conn_stats(now);
740 s = rep_hist_format_conn_stats(now + 86400);
741 tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,0,0\n",OP_EQ, s);
742 tor_free(s);
743
744 /* Continue with testing buffer statistics; we shouldn't collect buffer
745 * stats without initializing them. */
746 rep_hist_add_buffer_stats(2.0, 2.0, 20);
747 s = rep_hist_format_buffer_stats(now + 86400);
748 tt_ptr_op(s, OP_EQ, NULL);
749
750 /* Initialize stats, add statistics for a single circuit, and generate
751 * the history string. */
752 rep_hist_buffer_stats_init(now);
753 rep_hist_add_buffer_stats(2.0, 2.0, 20);
754 s = rep_hist_format_buffer_stats(now + 86400);
755 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
756 "cell-processed-cells 20,0,0,0,0,0,0,0,0,0\n"
757 "cell-queued-cells 2.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
758 "0.00,0.00\n"
759 "cell-time-in-queue 2,0,0,0,0,0,0,0,0,0\n"
760 "cell-circuits-per-decile 1\n",OP_EQ, s);
761 tor_free(s);
762
763 /* Add nineteen more circuit statistics to the one that's already in the
764 * history to see that the math works correctly. */
765 for (i = 21; i < 30; i++)
766 rep_hist_add_buffer_stats(2.0, 2.0, i);
767 for (i = 20; i < 30; i++)
768 rep_hist_add_buffer_stats(3.5, 3.5, i);
769 s = rep_hist_format_buffer_stats(now + 86400);
770 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
771 "cell-processed-cells 29,28,27,26,25,24,23,22,21,20\n"
772 "cell-queued-cells 2.75,2.75,2.75,2.75,2.75,2.75,2.75,2.75,"
773 "2.75,2.75\n"
774 "cell-time-in-queue 3,3,3,3,3,3,3,3,3,3\n"
775 "cell-circuits-per-decile 2\n",OP_EQ, s);
776 tor_free(s);
777
778 /* Stop collecting stats, add statistics for one circuit, and ensure we
779 * don't generate a history string. */
780 rep_hist_buffer_stats_term();
781 rep_hist_add_buffer_stats(2.0, 2.0, 20);
782 s = rep_hist_format_buffer_stats(now + 86400);
783 tt_ptr_op(s, OP_EQ, NULL);
784
785 /* Re-start stats, add statistics for one circuit, reset stats, and make
786 * sure that the history has all zeros. */
787 rep_hist_buffer_stats_init(now);
788 rep_hist_add_buffer_stats(2.0, 2.0, 20);
789 rep_hist_reset_buffer_stats(now);
790 s = rep_hist_format_buffer_stats(now + 86400);
791 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
792 "cell-processed-cells 0,0,0,0,0,0,0,0,0,0\n"
793 "cell-queued-cells 0.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
794 "0.00,0.00\n"
795 "cell-time-in-queue 0,0,0,0,0,0,0,0,0,0\n"
796 "cell-circuits-per-decile 0\n",OP_EQ, s);
797
798 done:
799 tor_free(s);
800 }
801
802 #define ENT(name) \
803 { #name, test_ ## name , 0, NULL, NULL }
804 #define FORK(name) \
805 { #name, test_ ## name , TT_FORK, NULL, NULL }
806
807 static struct testcase_t test_array[] = {
808 ENT(onion_handshake),
809 { "bad_onion_handshake", test_bad_onion_handshake, 0, NULL, NULL },
810 ENT(onion_queues),
811 { "ntor_handshake", test_ntor_handshake, 0, NULL, NULL },
812 { "fast_handshake", test_fast_handshake, 0, NULL, NULL },
813 FORK(circuit_timeout),
814 FORK(rend_fns),
815 FORK(stats),
816
817 END_OF_TESTCASES
818 };
819
820 struct testgroup_t testgroups[] = {
821 { "", test_array },
822 { "accounting/", accounting_tests },
823 { "addr/", addr_tests },
824 { "address/", address_tests },
825 { "address_set/", address_set_tests },
826 { "bridges/", bridges_tests },
827 { "buffer/", buffer_tests },
828 { "bwmgt/", bwmgt_tests },
829 { "cellfmt/", cell_format_tests },
830 { "cellqueue/", cell_queue_tests },
831 { "channel/", channel_tests },
832 { "channelpadding/", channelpadding_tests },
833 { "channeltls/", channeltls_tests },
834 { "checkdir/", checkdir_tests },
835 { "circuitbuild/", circuitbuild_tests },
836 { "circuitpadding/", circuitpadding_tests },
837 { "circuitlist/", circuitlist_tests },
838 { "circuitmux/", circuitmux_tests },
839 { "circuitstats/", circuitstats_tests },
840 { "circuituse/", circuituse_tests },
841 { "compat/libevent/", compat_libevent_tests },
842 { "config/", config_tests },
843 { "connection/", connection_tests },
844 { "conscache/", conscache_tests },
845 { "consdiff/", consdiff_tests },
846 { "consdiffmgr/", consdiffmgr_tests },
847 { "container/", container_tests },
848 { "container/namemap/", namemap_tests },
849 { "control/", controller_tests },
850 { "control/btrack/", btrack_tests },
851 { "control/event/", controller_event_tests },
852 { "crypto/", crypto_tests },
853 { "crypto/ope/", crypto_ope_tests },
854 #ifdef ENABLE_OPENSSL
855 { "crypto/openssl/", crypto_openssl_tests },
856 #endif
857 { "crypto/pem/", pem_tests },
858 { "crypto/rng/", crypto_rng_tests },
859 { "dir/", dir_tests },
860 { "dir/md/", microdesc_tests },
861 { "dir/voting/flags/", voting_flags_tests },
862 { "dir/voting/schedule/", voting_schedule_tests },
863 { "dir_handle_get/", dir_handle_get_tests },
864 { "dispatch/", dispatch_tests, },
865 { "dns/", dns_tests },
866 { "dos/", dos_tests },
867 { "entryconn/", entryconn_tests },
868 { "entrynodes/", entrynodes_tests },
869 { "extorport/", extorport_tests },
870 { "geoip/", geoip_tests },
871 { "guardfraction/", guardfraction_tests },
872 { "hs_cache/", hs_cache },
873 { "hs_cell/", hs_cell_tests },
874 { "hs_client/", hs_client_tests },
875 { "hs_common/", hs_common_tests },
876 { "hs_config/", hs_config_tests },
877 { "hs_control/", hs_control_tests },
878 { "hs_descriptor/", hs_descriptor },
879 { "hs_intropoint/", hs_intropoint_tests },
880 { "hs_ntor/", hs_ntor_tests },
881 { "hs_service/", hs_service_tests },
882 { "introduce/", introduce_tests },
883 { "keypin/", keypin_tests },
884 { "legacy_hs/", hs_tests },
885 { "link-handshake/", link_handshake_tests },
886 { "mainloop/", mainloop_tests },
887 { "netinfo/", netinfo_tests },
888 { "nodelist/", nodelist_tests },
889 { "oom/", oom_tests },
890 { "oos/", oos_tests },
891 { "options/", options_tests },
892 { "parsecommon/", parsecommon_tests },
893 { "periodic-event/" , periodic_event_tests },
894 { "policy/" , policy_tests },
895 { "prob_distr/", prob_distr_tests },
896 { "procmon/", procmon_tests },
897 { "process/", process_tests },
898 { "proto/http/", proto_http_tests },
899 { "proto/misc/", proto_misc_tests },
900 { "protover/", protover_tests },
901 { "pt/", pt_tests },
902 { "pubsub/build/", pubsub_build_tests },
903 { "pubsub/msg/", pubsub_msg_tests },
904 { "relay/" , relay_tests },
905 { "relaycell/", relaycell_tests },
906 { "relaycrypt/", relaycrypt_tests },
907 { "rend_cache/", rend_cache_tests },
908 { "replaycache/", replaycache_tests },
909 { "router/", router_tests },
910 { "routerkeys/", routerkeys_tests },
911 { "routerlist/", routerlist_tests },
912 { "routerset/" , routerset_tests },
913 { "scheduler/", scheduler_tests },
914 { "sendme/", sendme_tests },
915 { "shared-random/", sr_tests },
916 { "socks/", socks_tests },
917 { "status/" , status_tests },
918 { "storagedir/", storagedir_tests },
919 { "tortls/", tortls_tests },
920 #ifndef ENABLE_NSS
921 { "tortls/openssl/", tortls_openssl_tests },
922 #endif
923 { "tortls/x509/", x509_tests },
924 { "util/", util_tests },
925 { "util/format/", util_format_tests },
926 { "util/handle/", handle_tests },
927 { "util/logging/", logging_tests },
928 { "util/process/", util_process_tests },
929 { "util/thread/", thread_tests },
930 END_OF_GROUPS
931 };
The Onion Router