search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'maint-0.4.0'
[tor.git] / src / test / test_options.c
blobf12e6b6763147c88b5b1c886c6a7fcc03bdccbc7
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 #define CONFIG_PRIVATE
7 #include "core/or/or.h"
8 #include "app/config/confparse.h"
9 #include "app/config/config.h"
10 #include "test/test.h"
11 #include "lib/geoip/geoip.h"
12
13 #define ROUTERSET_PRIVATE
14 #include "feature/nodelist/routerset.h"
15 #include "core/mainloop/mainloop.h"
16 #include "test/log_test_helpers.h"
17
18 #include "lib/sandbox/sandbox.h"
19 #include "lib/memarea/memarea.h"
20 #include "lib/osinfo/uname.h"
21 #include "lib/encoding/confline.h"
22 #include "core/or/policies.h"
23 #include "test/test_helpers.h"
24 #include "lib/net/resolve.h"
25
26 #ifdef HAVE_SYS_PARAM_H
27 #include <sys/param.h>
28 #endif
29
30 #define NS_MODULE test_options
31
32 typedef struct {
33 int severity;
34 uint32_t domain;
35 char *msg;
36 } logmsg_t;
37
38 static smartlist_t *messages = NULL;
39
40 static void
41 log_cback(int severity, uint32_t domain, const char *msg)
42 {
43 logmsg_t *x = tor_malloc(sizeof(*x));
44 x->severity = severity;
45 x->domain = domain;
46 x->msg = tor_strdup(msg);
47 if (!messages)
48 messages = smartlist_new();
49 smartlist_add(messages, x);
50 }
51
52 static void
53 setup_log_callback(void)
54 {
55 log_severity_list_t lst;
56 memset(&lst, 0, sizeof(lst));
57 lst.masks[LOG_ERR - LOG_ERR] = ~0;
58 lst.masks[LOG_WARN - LOG_ERR] = ~0;
59 lst.masks[LOG_NOTICE - LOG_ERR] = ~0;
60 add_callback_log(&lst, log_cback);
61 mark_logs_temp();
62 }
63
64 static char *
65 dump_logs(void)
66 {
67 smartlist_t *msgs;
68 char *out;
69 if (! messages)
70 return tor_strdup("");
71 msgs = smartlist_new();
72 SMARTLIST_FOREACH_BEGIN(messages, logmsg_t *, x) {
73 smartlist_add_asprintf(msgs, "[%s] %s",
74 log_level_to_string(x->severity), x->msg);
75 } SMARTLIST_FOREACH_END(x);
76 out = smartlist_join_strings(msgs, "", 0, NULL);
77 SMARTLIST_FOREACH(msgs, char *, cp, tor_free(cp));
78 smartlist_free(msgs);
79 return out;
80 }
81
82 static void
83 clear_log_messages(void)
84 {
85 if (!messages)
86 return;
87 SMARTLIST_FOREACH(messages, logmsg_t *, m,
88 { tor_free(m->msg); tor_free(m); });
89 smartlist_free(messages);
90 messages = NULL;
91 }
92
93 #define setup_options(opt,dflt) \
94 do { \
95 opt = options_new(); \
96 opt->command = CMD_RUN_TOR; \
97 options_init(opt); \
98 \
99 dflt = config_dup(&options_format, opt); \
100 clear_log_messages(); \
101 } while (0)
102
103 #define VALID_DIR_AUTH "DirAuthority dizum orport=443 v3ident=E8A9C45" \
104 "EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \
105 " 083C 538F 4403 8BBF A077 587D D755\n"
106 #define VALID_ALT_BRIDGE_AUTH \
107 "AlternateBridgeAuthority dizum orport=443 v3ident=E8A9C45" \
108 "EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \
109 " 083C 538F 4403 8BBF A077 587D D755\n"
110 #define VALID_ALT_DIR_AUTH \
111 "AlternateDirAuthority dizum orport=443 v3ident=E8A9C45" \
112 "EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \
113 " 083C 538F 4403 8BBF A077 587D D755\n"
114
115 static int
116 test_options_checklog(const char *configuration, int expect_log_severity,
117 const char *expect_log)
118 {
119 int found = 0, ret = -1;
120 char *actual_log = NULL;
121
122 if (messages) {
123 SMARTLIST_FOREACH_BEGIN(messages, logmsg_t *, m) {
124 if (m->severity == expect_log_severity &&
125 strstr(m->msg, expect_log)) {
126 found = 1;
127 break;
128 }
129 } SMARTLIST_FOREACH_END(m);
130 }
131 if (!found) {
132 actual_log = dump_logs();
133 TT_DIE(("Expected log message [%s] %s from <%s>, but got <%s>.",
134 log_level_to_string(expect_log_severity), expect_log,
135 configuration, actual_log));
136 }
137 ret = 0;
138
139 done:
140 tor_free(actual_log);
141 return ret;
142 }
143
144 static int
145 test_options_checkmsgs(const char *configuration,
146 const char *expect_errmsg,
147 int expect_log_severity,
148 const char *expect_log,
149 char *msg)
150 {
151 if (expect_errmsg && !msg) {
152 TT_DIE(("Expected error message <%s> from <%s>, but got none.",
153 expect_errmsg, configuration));
154 } else if (expect_errmsg && !strstr(msg, expect_errmsg)) {
155 TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.",
156 expect_errmsg, configuration, msg));
157 } else if (!expect_errmsg && msg) {
158 TT_DIE(("Expected no error message from <%s> but got <%s>.",
159 configuration, msg));
160 }
161 if (expect_log) {
162 return test_options_checklog(configuration, expect_log_severity,
163 expect_log);
164 }
165 return 0;
166
167 done:
168 return -1;
169 }
170
171 /* Which phases of config parsing/validation to check for messages/logs */
172 enum { PH_GETLINES, PH_ASSIGN, PH_VALIDATE };
173
174 static void
175 test_options_validate_impl(const char *configuration,
176 const char *expect_errmsg,
177 int expect_log_severity,
178 const char *expect_log,
179 int phase)
180 {
181 or_options_t *opt=NULL;
182 or_options_t *dflt;
183 config_line_t *cl=NULL;
184 char *msg=NULL;
185 int r;
186
187 setup_options(opt, dflt);
188
189 r = config_get_lines(configuration, &cl, 1);
190 if (phase == PH_GETLINES) {
191 if (test_options_checkmsgs(configuration, expect_errmsg,
192 expect_log_severity,
193 expect_log, msg))
194 goto done;
195 }
196 if (r)
197 goto done;
198
199 r = config_assign(&options_format, opt, cl, 0, &msg);
200 if (phase == PH_ASSIGN) {
201 if (test_options_checkmsgs(configuration, expect_errmsg,
202 expect_log_severity,
203 expect_log, msg))
204 goto done;
205 }
206 tt_int_op((r == 0), OP_EQ, (msg == NULL));
207 if (r)
208 goto done;
209
210 r = options_validate(NULL, opt, dflt, 0, &msg);
211 if (phase == PH_VALIDATE) {
212 if (test_options_checkmsgs(configuration, expect_errmsg,
213 expect_log_severity,
214 expect_log, msg))
215 goto done;
216 }
217 tt_int_op((r == 0), OP_EQ, (msg == NULL));
218
219 done:
220 escaped(NULL);
221 policies_free_all();
222 config_free_lines(cl);
223 or_options_free(opt);
224 or_options_free(dflt);
225 tor_free(msg);
226 clear_log_messages();
227 }
228
229 #define WANT_ERR(config, msg, ph) \
230 test_options_validate_impl((config), (msg), 0, NULL, (ph))
231 #define WANT_LOG(config, severity, msg, ph) \
232 test_options_validate_impl((config), NULL, (severity), (msg), (ph))
233 #define WANT_ERR_LOG(config, msg, severity, logmsg, ph) \
234 test_options_validate_impl((config), (msg), (severity), (logmsg), (ph))
235 #define OK(config, ph) \
236 test_options_validate_impl((config), NULL, 0, NULL, (ph))
237
238 static void
239 test_options_validate(void *arg)
240 {
241 (void)arg;
242 setup_log_callback();
243 sandbox_disable_getaddrinfo_cache();
244
245 WANT_ERR("ExtORPort 500000", "Invalid ExtORPort", PH_VALIDATE);
246
247 WANT_ERR_LOG("ServerTransportOptions trebuchet",
248 "ServerTransportOptions did not parse",
249 LOG_WARN, "Too few arguments", PH_VALIDATE);
250 OK("ServerTransportOptions trebuchet sling=snappy", PH_VALIDATE);
251 OK("ServerTransportOptions trebuchet sling=", PH_VALIDATE);
252 WANT_ERR_LOG("ServerTransportOptions trebuchet slingsnappy",
253 "ServerTransportOptions did not parse",
254 LOG_WARN, "\"slingsnappy\" is not a k=v", PH_VALIDATE);
255
256 WANT_ERR("DirPort 8080\nDirCache 0",
257 "DirPort configured but DirCache disabled.", PH_VALIDATE);
258 WANT_ERR("BridgeRelay 1\nDirCache 0",
259 "We're a bridge but DirCache is disabled.", PH_VALIDATE);
260
261 WANT_ERR_LOG("HeartbeatPeriod 21 snarks",
262 "Interval 'HeartbeatPeriod 21 snarks' is malformed or"
263 " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.",
264 PH_ASSIGN);
265 WANT_ERR_LOG("LogTimeGranularity 21 snarks",
266 "Msec interval 'LogTimeGranularity 21 snarks' is malformed or"
267 " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.",
268 PH_ASSIGN);
269 OK("HeartbeatPeriod 1 hour", PH_VALIDATE);
270 OK("LogTimeGranularity 100 milliseconds", PH_VALIDATE);
271
272 WANT_LOG("ControlSocket \"string with trailing garbage\" bogus", LOG_WARN,
273 "Error while parsing configuration: "
274 "Excess data after quoted string", PH_GETLINES);
275 WANT_LOG("ControlSocket \"bogus escape \\@\"", LOG_WARN,
276 "Error while parsing configuration: "
277 "Invalid escape sequence in quoted string", PH_GETLINES);
278
279 close_temp_logs();
280 clear_log_messages();
281 return;
282 }
283
284 #define MEGABYTEIFY(mb) (UINT64_C(mb) << 20)
285 static void
286 test_have_enough_mem_for_dircache(void *arg)
287 {
288 (void)arg;
289 or_options_t *opt=NULL;
290 or_options_t *dflt=NULL;
291 config_line_t *cl=NULL;
292 char *msg=NULL;
293 int r;
294 const char *configuration = "ORPort 8080\nDirCache 1", *expect_errmsg;
295
296 setup_options(opt, dflt);
297 setup_log_callback();
298 (void)dflt;
299
300 r = config_get_lines(configuration, &cl, 1);
301 tt_int_op(r, OP_EQ, 0);
302
303 r = config_assign(&options_format, opt, cl, 0, &msg);
304 tt_int_op(r, OP_EQ, 0);
305
306 /* 300 MB RAM available, DirCache enabled */
307 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg);
308 tt_int_op(r, OP_EQ, 0);
309 tt_ptr_op(msg, OP_EQ, NULL);
310
311 /* 200 MB RAM available, DirCache enabled */
312 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg);
313 tt_int_op(r, OP_EQ, -1);
314 expect_errmsg = "Being a directory cache (default) with less than ";
315 if (!strstr(msg, expect_errmsg)) {
316 TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.",
317 expect_errmsg, configuration, msg));
318 }
319 tor_free(msg);
320
321 config_free_lines(cl); cl = NULL;
322 configuration = "ORPort 8080\nDirCache 1\nBridgeRelay 1";
323 r = config_get_lines(configuration, &cl, 1);
324 tt_int_op(r, OP_EQ, 0);
325
326 r = config_assign(&options_format, opt, cl, 0, &msg);
327 tt_int_op(r, OP_EQ, 0);
328
329 /* 300 MB RAM available, DirCache enabled, Bridge */
330 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg);
331 tt_int_op(r, OP_EQ, 0);
332 tt_ptr_op(msg, OP_EQ, NULL);
333
334 /* 200 MB RAM available, DirCache enabled, Bridge */
335 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg);
336 tt_int_op(r, OP_EQ, -1);
337 expect_errmsg = "Running a Bridge with less than ";
338 if (!strstr(msg, expect_errmsg)) {
339 TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.",
340 expect_errmsg, configuration, msg));
341 }
342 tor_free(msg);
343
344 config_free_lines(cl); cl = NULL;
345 configuration = "ORPort 8080\nDirCache 0";
346 r = config_get_lines(configuration, &cl, 1);
347 tt_int_op(r, OP_EQ, 0);
348
349 r = config_assign(&options_format, opt, cl, 0, &msg);
350 tt_int_op(r, OP_EQ, 0);
351
352 /* 200 MB RAM available, DirCache disabled */
353 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg);
354 tt_int_op(r, OP_EQ, 0);
355 tt_ptr_op(msg, OP_EQ, NULL);
356
357 /* 300 MB RAM available, DirCache disabled */
358 r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg);
359 tt_int_op(r, OP_EQ, -1);
360 expect_errmsg = "DirCache is disabled and we are configured as a ";
361 if (!strstr(msg, expect_errmsg)) {
362 TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.",
363 expect_errmsg, configuration, msg));
364 }
365 tor_free(msg);
366
367 clear_log_messages();
368
369 done:
370 if (msg)
371 tor_free(msg);
372 or_options_free(dflt);
373 or_options_free(opt);
374 config_free_lines(cl);
375 return;
376 }
377
378 static const char *fixed_get_uname_result = NULL;
379
380 static const char *
381 fixed_get_uname(void)
382 {
383 return fixed_get_uname_result;
384 }
385
386 #define TEST_OPTIONS_OLD_VALUES "TestingV3AuthInitialVotingInterval 1800\n" \
387 "ClientBootstrapConsensusMaxInProgressTries 3\n" \
388 "TestingV3AuthInitialVoteDelay 300\n" \
389 "TestingV3AuthInitialDistDelay 300\n" \
390 "TestingClientMaxIntervalWithoutRequest 600\n" \
391 "TestingDirConnectionMaxStall 600\n" \
392
393 #define TEST_OPTIONS_DEFAULT_VALUES TEST_OPTIONS_OLD_VALUES \
394 "MaxClientCircuitsPending 1\n" \
395 "RendPostPeriod 1000\n" \
396 "KeepAlivePeriod 1\n" \
397 "ConnLimit 1\n" \
398 "V3AuthVotingInterval 300\n" \
399 "V3AuthVoteDelay 20\n" \
400 "V3AuthDistDelay 20\n" \
401 "V3AuthNIntervalsValid 3\n" \
402 "ClientUseIPv4 1\n" \
403 "VirtualAddrNetworkIPv4 127.192.0.0/10\n" \
404 "VirtualAddrNetworkIPv6 [FE80::]/10\n" \
405 "UseEntryGuards 1\n" \
406 "Schedulers Vanilla\n" \
407 "ClientDNSRejectInternalAddresses 1\n"
408
409 typedef struct {
410 or_options_t *old_opt;
411 or_options_t *opt;
412 or_options_t *def_opt;
413 } options_test_data_t;
414
415 static void free_options_test_data(options_test_data_t *td);
416
417 static options_test_data_t *
418 get_options_test_data(const char *conf)
419 {
420 int rv = -1;
421 char *msg = NULL;
422 config_line_t *cl=NULL;
423 options_test_data_t *result = tor_malloc(sizeof(options_test_data_t));
424 result->opt = options_new();
425 result->old_opt = options_new();
426 result->def_opt = options_new();
427
428 // XXX: Really, all of these options should be set to defaults
429 // with options_init(), but about a dozen tests break when I do that.
430 // Being kinda lame and just fixing the immedate breakage for now..
431 result->opt->ConnectionPadding = -1; // default must be "auto"
432 result->opt->DormantClientTimeout = 1800; // must be over 600.
433
434 rv = config_get_lines(conf, &cl, 1);
435 tt_int_op(rv, OP_EQ, 0);
436 rv = config_assign(&options_format, result->opt, cl, 0, &msg);
437 if (msg) {
438 /* Display the parse error message by comparing it with an empty string */
439 tt_str_op(msg, OP_EQ, "");
440 }
441 tt_int_op(rv, OP_EQ, 0);
442 config_free_lines(cl);
443 result->opt->LogTimeGranularity = 1;
444 result->opt->TokenBucketRefillInterval = 1;
445 rv = config_get_lines(TEST_OPTIONS_OLD_VALUES, &cl, 1);
446 tt_int_op(rv, OP_EQ, 0);
447 rv = config_assign(&options_format, result->def_opt, cl, 0, &msg);
448 if (msg) {
449 /* Display the parse error message by comparing it with an empty string */
450 tt_str_op(msg, OP_EQ, "");
451 }
452 tt_int_op(rv, OP_EQ, 0);
453
454 done:
455 config_free_lines(cl);
456 if (rv != 0) {
457 free_options_test_data(result);
458 result = NULL;
459 /* Callers expect a non-NULL result, so just die if we can't provide one.
460 */
461 tor_assert(0);
462 }
463 return result;
464 }
465
466 static void
467 free_options_test_data(options_test_data_t *td)
468 {
469 if (!td) return;
470 or_options_free(td->old_opt);
471 or_options_free(td->opt);
472 or_options_free(td->def_opt);
473 tor_free(td);
474 }
475
476 static void
477 test_options_validate__uname_for_server(void *ignored)
478 {
479 (void)ignored;
480 char *msg;
481
482 #ifndef _WIN32
483 int unset_home_env = 0;
484 if (setenv("HOME", "/home/john", 0) == 0)
485 unset_home_env = 1;
486 #endif
487
488 options_test_data_t *tdata = get_options_test_data(
489 "ORPort 127.0.0.1:5555");
490 setup_capture_of_logs(LOG_WARN);
491
492 MOCK(get_uname, fixed_get_uname);
493 fixed_get_uname_result = "Windows 95";
494 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
495 expect_log_msg("Tor is running as a server, but you"
496 " are running Windows 95; this probably won't work. See https://www"
497 ".torproject.org/docs/faq.html#BestOSForRelay for details.\n");
498 tor_free(msg);
499
500 fixed_get_uname_result = "Windows 98";
501 mock_clean_saved_logs();
502 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
503 expect_log_msg("Tor is running as a server, but you"
504 " are running Windows 98; this probably won't work. See https://www"
505 ".torproject.org/docs/faq.html#BestOSForRelay for details.\n");
506 tor_free(msg);
507
508 fixed_get_uname_result = "Windows Me";
509 mock_clean_saved_logs();
510 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
511 expect_log_msg("Tor is running as a server, but you"
512 " are running Windows Me; this probably won't work. See https://www"
513 ".torproject.org/docs/faq.html#BestOSForRelay for details.\n");
514 tor_free(msg);
515
516 fixed_get_uname_result = "Windows 2000";
517 mock_clean_saved_logs();
518 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
519 expect_no_log_entry();
520 tor_free(msg);
521
522 done:
523 UNMOCK(get_uname);
524 free_options_test_data(tdata);
525 tor_free(msg);
526 teardown_capture_of_logs();
527 #ifndef _WIN32
528 if (unset_home_env)
529 unsetenv("HOME");
530 #endif
531 }
532
533 static void
534 test_options_validate__outbound_addresses(void *ignored)
535 {
536 (void)ignored;
537 int ret;
538 char *msg;
539 options_test_data_t *tdata = get_options_test_data(
540 "OutboundBindAddress xxyy!!!sdfaf");
541
542 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
543 tt_int_op(ret, OP_EQ, -1);
544 tt_str_op(msg, OP_EQ, "Multiple outbound bind addresses configured: "
545 "xxyy!!!sdfaf");
546
547 done:
548 free_options_test_data(tdata);
549 tor_free(msg);
550 }
551
552 static void
553 test_options_validate__data_directory(void *ignored)
554 {
555 (void)ignored;
556 int ret;
557 char *msg;
558 options_test_data_t *tdata = get_options_test_data(
559 "DataDirectory longreallyl"
560 "ongLONGLONGlongreallylong"
561 "LONGLONGlongreallylongLON"
562 "GLONGlongreallylongLONGLO"
563 "NGlongreallylongLONGLONGl"
564 "ongreallylongLONGLONGlong"
565 "reallylongLONGLONGlongrea"
566 "llylongLONGLONGlongreally"
567 "longLONGLONGlongreallylon"
568 "gLONGLONGlongreallylongLO"
569 "NGLONGlongreallylongLONGL"
570 "ONGlongreallylongLONGLONG"
571 "longreallylongLONGLONGlon"
572 "greallylongLONGLONGlongre"
573 "allylongLONGLONGlongreall"
574 "ylongLONGLONGlongreallylo"
575 "ngLONGLONGlongreallylongL"
576 "ONGLONGlongreallylongLONG"
577 "LONG"); // 440 characters
578
579 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
580 tt_int_op(ret, OP_EQ, -1);
581 tt_str_op(msg, OP_EQ, "Invalid DataDirectory");
582
583 done:
584 free_options_test_data(tdata);
585 tor_free(msg);
586 }
587
588 static void
589 test_options_validate__nickname(void *ignored)
590 {
591 (void)ignored;
592 int ret;
593 char *msg;
594 options_test_data_t *tdata = get_options_test_data(
595 "Nickname ThisNickNameIsABitTooLong");
596
597 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
598 tt_int_op(ret, OP_EQ, -1);
599 tt_str_op(msg, OP_EQ,
600 "Nickname 'ThisNickNameIsABitTooLong', nicknames must be between "
601 "1 and 19 characters inclusive, and must contain only the "
602 "characters [a-zA-Z0-9].");
603 tor_free(msg);
604
605 free_options_test_data(tdata);
606 tdata = get_options_test_data("Nickname AMoreValidNick");
607 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
608 tt_int_op(ret, OP_EQ, -1);
609 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
610 tor_free(msg);
611
612 free_options_test_data(tdata);
613 tdata = get_options_test_data("DataDirectory /tmp/somewhere");
614 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
615 tt_int_op(ret, OP_EQ, -1);
616 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
617
618 done:
619 free_options_test_data(tdata);
620 tor_free(msg);
621 }
622
623 static void
624 test_options_validate__contactinfo(void *ignored)
625 {
626 (void)ignored;
627 int ret;
628 char *msg;
629 options_test_data_t *tdata = get_options_test_data(
630 "ORPort 127.0.0.1:5555");
631 setup_capture_of_logs(LOG_DEBUG);
632 tdata->opt->ContactInfo = NULL;
633
634 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
635 tt_int_op(ret, OP_EQ, -1);
636 expect_log_msg(
637 "Your ContactInfo config option is not"
638 " set. Please consider setting it, so we can contact you if your"
639 " server is misconfigured or something else goes wrong.\n");
640 tor_free(msg);
641
642 free_options_test_data(tdata);
643 tdata = get_options_test_data("ORPort 127.0.0.1:5555\n"
644 "ContactInfo hella@example.org");
645 mock_clean_saved_logs();
646 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
647 tt_int_op(ret, OP_EQ, -1);
648 expect_no_log_msg(
649 "Your ContactInfo config option is not"
650 " set. Please consider setting it, so we can contact you if your"
651 " server is misconfigured or something else goes wrong.\n");
652 tor_free(msg);
653
654 done:
655 teardown_capture_of_logs();
656 free_options_test_data(tdata);
657 tor_free(msg);
658 }
659
660 static void
661 test_options_validate__logs(void *ignored)
662 {
663 (void)ignored;
664 int ret;
665 (void)ret;
666 char *msg;
667 int orig_quiet_level = quiet_level;
668 options_test_data_t *tdata = get_options_test_data("");
669 tdata->opt->Logs = NULL;
670 tdata->opt->RunAsDaemon = 0;
671
672 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
673 tt_str_op(tdata->opt->Logs->key, OP_EQ, "Log");
674 tt_str_op(tdata->opt->Logs->value, OP_EQ, "notice stdout");
675 tor_free(msg);
676 tt_int_op(ret, OP_EQ, -1);
677
678 free_options_test_data(tdata);
679 tdata = get_options_test_data("");
680 tdata->opt->Logs = NULL;
681 tdata->opt->RunAsDaemon = 0;
682 quiet_level = 1;
683 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
684 tt_str_op(tdata->opt->Logs->key, OP_EQ, "Log");
685 tt_str_op(tdata->opt->Logs->value, OP_EQ, "warn stdout");
686 tor_free(msg);
687 tt_int_op(ret, OP_EQ, -1);
688
689 free_options_test_data(tdata);
690 tdata = get_options_test_data("");
691 tdata->opt->Logs = NULL;
692 tdata->opt->RunAsDaemon = 0;
693 quiet_level = 2;
694 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
695 tt_assert(!tdata->opt->Logs);
696 tor_free(msg);
697 tt_int_op(ret, OP_EQ, -1);
698
699 free_options_test_data(tdata);
700 tdata = get_options_test_data("");
701 tdata->opt->Logs = NULL;
702 tdata->opt->RunAsDaemon = 0;
703 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 1, &msg);
704 tt_assert(!tdata->opt->Logs);
705 tor_free(msg);
706 tt_int_op(ret, OP_EQ, -1);
707
708 free_options_test_data(tdata);
709 tdata = get_options_test_data("");
710 tdata->opt->Logs = NULL;
711 tdata->opt->RunAsDaemon = 1;
712 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
713 tt_assert(!tdata->opt->Logs);
714 tor_free(msg);
715 tt_int_op(ret, OP_EQ, -1);
716
717 free_options_test_data(tdata);
718 tdata = get_options_test_data("");
719 tdata->opt->RunAsDaemon = 0;
720 config_line_t *cl=NULL;
721 config_get_lines("Log foo", &cl, 1);
722 tdata->opt->Logs = cl;
723 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
724 tt_int_op((intptr_t)tdata->opt->Logs, OP_EQ, (intptr_t)cl);
725 tt_int_op(ret, OP_EQ, -1);
726
727 done:
728 quiet_level = orig_quiet_level;
729 free_options_test_data(tdata);
730 tor_free(msg);
731 }
732
733 /* static config_line_t * */
734 /* mock_config_line(const char *key, const char *val) */
735 /* { */
736 /* config_line_t *config_line = tor_malloc(sizeof(config_line_t)); */
737 /* memset(config_line, 0, sizeof(config_line_t)); */
738 /* config_line->key = tor_strdup(key); */
739 /* config_line->value = tor_strdup(val); */
740 /* return config_line; */
741 /* } */
742
743 static void
744 test_options_validate__authdir(void *ignored)
745 {
746 (void)ignored;
747 int ret;
748 char *msg;
749 setup_capture_of_logs(LOG_INFO);
750 options_test_data_t *tdata = get_options_test_data(
751 "AuthoritativeDirectory 1\n"
752 "Address this.should.not!exist!.example.org");
753
754 sandbox_disable_getaddrinfo_cache();
755
756 MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs);
757 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
758 UNMOCK(tor_addr_lookup);
759 tt_int_op(ret, OP_EQ, -1);
760 tt_str_op(msg, OP_EQ, "Failed to resolve/guess local address. See logs for"
761 " details.");
762 expect_log_msg("Could not resolve local Address "
763 "'this.should.not!exist!.example.org'. Failing.\n");
764 tor_free(msg);
765
766 free_options_test_data(tdata);
767 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
768 "Address 100.200.10.1");
769 mock_clean_saved_logs();
770 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
771 tt_int_op(ret, OP_EQ, -1);
772 tt_str_op(msg, OP_EQ, "Authoritative directory servers must set "
773 "ContactInfo");
774 tor_free(msg);
775
776 free_options_test_data(tdata);
777 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
778 "Address 100.200.10.1\n");
779 mock_clean_saved_logs();
780 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
781 tt_int_op(ret, OP_EQ, -1);
782 tt_str_op(msg, OP_EQ,
783 "Authoritative directory servers must set ContactInfo");
784 tor_free(msg);
785
786 free_options_test_data(tdata);
787 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
788 "Address 100.200.10.1\n"
789 "TestingTorNetwork 1\n");
790 mock_clean_saved_logs();
791 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
792 tt_int_op(ret, OP_EQ, -1);
793 tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
794 "AuthoritativeDir is set.");
795 tor_free(msg);
796
797 free_options_test_data(tdata);
798 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
799 "Address 100.200.10.1\n"
800 "ContactInfo hello@hello.com\n");
801 mock_clean_saved_logs();
802 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
803 tt_int_op(ret, OP_EQ, -1);
804 tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
805 "AuthoritativeDir is set.");
806 tor_free(msg);
807
808 free_options_test_data(tdata);
809 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
810 "Address 100.200.10.1\n"
811 "RecommendedVersions 1.2, 3.14\n"
812 "ContactInfo hello@hello.com\n");
813 mock_clean_saved_logs();
814 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
815 tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
816 tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14");
817 tor_free(msg);
818
819 free_options_test_data(tdata);
820 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
821 "Address 100.200.10.1\n"
822 "RecommendedVersions 1.2, 3.14\n"
823 "RecommendedClientVersions 25\n"
824 "RecommendedServerVersions 4.18\n"
825 "ContactInfo hello@hello.com\n");
826 mock_clean_saved_logs();
827 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
828 tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "25");
829 tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "4.18");
830 tor_free(msg);
831
832 free_options_test_data(tdata);
833 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
834 "Address 100.200.10.1\n"
835 "VersioningAuthoritativeDirectory 1\n"
836 "RecommendedVersions 1.2, 3.14\n"
837 "RecommendedClientVersions 25\n"
838 "RecommendedServerVersions 4.18\n"
839 "ContactInfo hello@hello.com\n");
840 mock_clean_saved_logs();
841 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
842 tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
843 "AuthoritativeDir is set.");
844 tor_free(msg);
845
846 free_options_test_data(tdata);
847 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
848 "Address 100.200.10.1\n"
849 "VersioningAuthoritativeDirectory 1\n"
850 "RecommendedServerVersions 4.18\n"
851 "ContactInfo hello@hello.com\n");
852 mock_clean_saved_logs();
853 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
854 tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
855 "Recommended*Versions.");
856 tor_free(msg);
857
858 free_options_test_data(tdata);
859 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
860 "Address 100.200.10.1\n"
861 "VersioningAuthoritativeDirectory 1\n"
862 "RecommendedClientVersions 4.18\n"
863 "ContactInfo hello@hello.com\n");
864 mock_clean_saved_logs();
865 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
866 tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
867 "Recommended*Versions.");
868 tor_free(msg);
869
870 free_options_test_data(tdata);
871 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
872 "Address 100.200.10.1\n"
873 "UseEntryGuards 1\n"
874 "ContactInfo hello@hello.com\n");
875 mock_clean_saved_logs();
876 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
877 expect_log_msg("Authoritative directory servers "
878 "can't set UseEntryGuards. Disabling.\n");
879 tt_int_op(tdata->opt->UseEntryGuards, OP_EQ, 0);
880 tor_free(msg);
881
882 free_options_test_data(tdata);
883 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
884 "Address 100.200.10.1\n"
885 "V3AuthoritativeDir 1\n"
886 "ContactInfo hello@hello.com\n");
887 mock_clean_saved_logs();
888 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
889 expect_log_msg("Authoritative directories always try"
890 " to download extra-info documents. Setting DownloadExtraInfo.\n");
891 tt_int_op(tdata->opt->DownloadExtraInfo, OP_EQ, 1);
892 tor_free(msg);
893
894 free_options_test_data(tdata);
895 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
896 "Address 100.200.10.1\n"
897 "DownloadExtraInfo 1\n"
898 "V3AuthoritativeDir 1\n"
899 "ContactInfo hello@hello.com\n");
900 mock_clean_saved_logs();
901 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
902 expect_no_log_msg("Authoritative directories always try"
903 " to download extra-info documents. Setting DownloadExtraInfo.\n");
904 tt_int_op(tdata->opt->DownloadExtraInfo, OP_EQ, 1);
905 tor_free(msg);
906
907 free_options_test_data(tdata);
908 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
909 "Address 100.200.10.1\n"
910 "ContactInfo hello@hello.com\n");
911 mock_clean_saved_logs();
912 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
913 tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
914 "AuthoritativeDir is set.");
915 tor_free(msg);
916
917 free_options_test_data(tdata);
918 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
919 "Address 100.200.10.1\n"
920 "BridgeAuthoritativeDir 1\n"
921 "ContactInfo hello@hello.com\n"
922 "V3BandwidthsFile non-existent-file\n");
923 mock_clean_saved_logs();
924 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
925 tt_str_op(msg, OP_EQ,
926 "Running as authoritative directory, but no DirPort set.");
927 tor_free(msg);
928
929 free_options_test_data(tdata);
930 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
931 "Address 100.200.10.1\n"
932 "BridgeAuthoritativeDir 1\n"
933 "ContactInfo hello@hello.com\n"
934 "V3BandwidthsFile non-existent-file\n");
935 mock_clean_saved_logs();
936 options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
937 tt_str_op(msg, OP_EQ,
938 "Running as authoritative directory, but no DirPort set.");
939 tor_free(msg);
940
941 free_options_test_data(tdata);
942 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
943 "Address 100.200.10.1\n"
944 "BridgeAuthoritativeDir 1\n"
945 "ContactInfo hello@hello.com\n"
946 "GuardfractionFile non-existent-file\n");
947 mock_clean_saved_logs();
948 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
949 tt_str_op(msg, OP_EQ,
950 "Running as authoritative directory, but no DirPort set.");
951 tor_free(msg);
952
953 free_options_test_data(tdata);
954 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
955 "Address 100.200.10.1\n"
956 "BridgeAuthoritativeDir 1\n"
957 "ContactInfo hello@hello.com\n"
958 "GuardfractionFile non-existent-file\n");
959 mock_clean_saved_logs();
960 options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
961 tt_str_op(msg, OP_EQ,
962 "Running as authoritative directory, but no DirPort set.");
963 tor_free(msg);
964
965 free_options_test_data(tdata);
966 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
967 "Address 100.200.10.1\n"
968 "BridgeAuthoritativeDir 1\n"
969 "ContactInfo hello@hello.com\n");
970 mock_clean_saved_logs();
971 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
972 tt_int_op(ret, OP_EQ, -1);
973 tt_str_op(msg, OP_EQ,
974 "Running as authoritative directory, but no DirPort set.");
975 tor_free(msg);
976
977 free_options_test_data(tdata);
978 tdata = get_options_test_data("AuthoritativeDirectory 1\n"
979 "Address 100.200.10.1\n"
980 "DirPort 999\n"
981 "BridgeAuthoritativeDir 1\n"
982 "ContactInfo hello@hello.com\n");
983 mock_clean_saved_logs();
984 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
985 tt_int_op(ret, OP_EQ, -1);
986 tt_str_op(msg, OP_EQ,
987 "Running as authoritative directory, but no ORPort set.");
988 tor_free(msg);
989
990 // TODO: This case can't be reached, since clientonly is used to
991 // check when parsing port lines as well.
992 /* free_options_test_data(tdata); */
993 /* tdata = get_options_test_data("AuthoritativeDirectory 1\n" */
994 /* "Address 100.200.10.1\n" */
995 /* "DirPort 999\n" */
996 /* "ORPort 888\n" */
997 /* "ClientOnly 1\n" */
998 /* "BridgeAuthoritativeDir 1\n" */
999 /* "ContactInfo hello@hello.com\n" ); */
1000 /* mock_clean_saved_logs(); */
1001 /* ret = options_validate(tdata->old_opt, tdata->opt, */
1002 /* tdata->def_opt, 0, &msg); */
1003 /* tt_int_op(ret, OP_EQ, -1); */
1004 /* tt_str_op(msg, OP_EQ, "Running as authoritative directory, " */
1005 /* "but ClientOnly also set."); */
1006
1007 done:
1008 teardown_capture_of_logs();
1009 // sandbox_free_getaddrinfo_cache();
1010 free_options_test_data(tdata);
1011 tor_free(msg);
1012 }
1013
1014 static void
1015 test_options_validate__relay_with_hidden_services(void *ignored)
1016 {
1017 (void)ignored;
1018 char *msg;
1019 setup_capture_of_logs(LOG_DEBUG);
1020 options_test_data_t *tdata = get_options_test_data(
1021 "ORPort 127.0.0.1:5555\n"
1022 "HiddenServiceDir "
1023 "/Library/Tor/var/lib/tor/hidden_service/\n"
1024 "HiddenServicePort 80 127.0.0.1:8080\n"
1025 );
1026
1027 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1028 expect_log_msg(
1029 "Tor is currently configured as a relay and a hidden service. "
1030 "That's not very secure: you should probably run your hidden servi"
1031 "ce in a separate Tor process, at least -- see "
1032 "https://trac.torproject.org/8742\n");
1033
1034 done:
1035 teardown_capture_of_logs();
1036 free_options_test_data(tdata);
1037 tor_free(msg);
1038 }
1039
1040 // TODO: it doesn't seem possible to hit the case of having no port lines at
1041 // all, since there will be a default created for SocksPort
1042 /* static void */
1043 /* test_options_validate__ports(void *ignored) */
1044 /* { */
1045 /* (void)ignored; */
1046 /* int ret; */
1047 /* char *msg; */
1048 /* setup_capture_of_logs(LOG_WARN); */
1049 /* options_test_data_t *tdata = get_options_test_data(""); */
1050 /* ret = options_validate(tdata->old_opt, tdata->opt, */
1051 /* tdata->def_opt, 0, &msg); */
1052 /* expect_log_msg("SocksPort, TransPort, NATDPort, DNSPort, and ORPort " */
1053 /* "are all undefined, and there aren't any hidden services " */
1054 /* "configured. " */
1055 /* " Tor will still run, but probably won't do anything.\n"); */
1056 /* done: */
1057 /* teardown_capture_of_logs(); */
1058 /* free_options_test_data(tdata); */
1059 /* tor_free(msg); */
1060 /* } */
1061
1062 static void
1063 test_options_validate__transproxy(void *ignored)
1064 {
1065 (void)ignored;
1066 int ret;
1067 char *msg;
1068 options_test_data_t *tdata;
1069
1070 #ifdef USE_TRANSPARENT
1071 // Test default trans proxy
1072 tdata = get_options_test_data("TransProxyType default\n");
1073
1074 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1075 tt_int_op(ret, OP_EQ, -1);
1076 tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_DEFAULT);
1077 tor_free(msg);
1078
1079 // Test pf-divert trans proxy
1080 free_options_test_data(tdata);
1081 tdata = get_options_test_data("TransProxyType pf-divert\n");
1082 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1083 tt_int_op(ret, OP_EQ, -1);
1084
1085 #if !defined(OpenBSD) && !defined( DARWIN )
1086 tt_str_op(msg, OP_EQ,
1087 "pf-divert is a OpenBSD-specific and OS X/Darwin-specific feature.");
1088 #else
1089 tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_PF_DIVERT);
1090 tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without "
1091 "any valid TransPort.");
1092 #endif /* !defined(OpenBSD) && !defined( DARWIN ) */
1093 tor_free(msg);
1094
1095 // Test tproxy trans proxy
1096 free_options_test_data(tdata);
1097 tdata = get_options_test_data("TransProxyType tproxy\n");
1098 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1099 tt_int_op(ret, OP_EQ, -1);
1100
1101 #if !defined(__linux__)
1102 tt_str_op(msg, OP_EQ, "TPROXY is a Linux-specific feature.");
1103 #else
1104 tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_TPROXY);
1105 tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid "
1106 "TransPort.");
1107 #endif /* !defined(__linux__) */
1108 tor_free(msg);
1109
1110 // Test ipfw trans proxy
1111 free_options_test_data(tdata);
1112 tdata = get_options_test_data("TransProxyType ipfw\n");
1113 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1114 tt_int_op(ret, OP_EQ, -1);
1115
1116 #ifndef KERNEL_MAY_SUPPORT_IPFW
1117 tt_str_op(msg, OP_EQ, "ipfw is a FreeBSD-specific and OS X/Darwin-specific "
1118 "feature.");
1119 #else
1120 tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_IPFW);
1121 tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid "
1122 "TransPort.");
1123 #endif /* !defined(KERNEL_MAY_SUPPORT_IPFW) */
1124 tor_free(msg);
1125
1126 // Test unknown trans proxy
1127 free_options_test_data(tdata);
1128 tdata = get_options_test_data("TransProxyType non-existent\n");
1129 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1130 tt_int_op(ret, OP_EQ, -1);
1131 tt_str_op(msg, OP_EQ, "Unrecognized value for TransProxyType");
1132 tor_free(msg);
1133
1134 // Test trans proxy success
1135 free_options_test_data(tdata);
1136 tdata = NULL;
1137
1138 #if defined(__linux__)
1139 tdata = get_options_test_data("TransProxyType tproxy\n"
1140 "TransPort 127.0.0.1:123\n");
1141 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1142 tt_int_op(ret, OP_EQ, -1);
1143 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
1144 #elif defined(KERNEL_MAY_SUPPORT_IPFW)
1145 tdata = get_options_test_data("TransProxyType ipfw\n"
1146 "TransPort 127.0.0.1:123\n");
1147 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1148 tt_int_op(ret, OP_EQ, -1);
1149 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
1150 tor_free(msg);
1151 #elif defined(OpenBSD)
1152 tdata = get_options_test_data("TransProxyType pf-divert\n"
1153 "TransPort 127.0.0.1:123\n");
1154 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1155 tt_int_op(ret, OP_EQ, -1);
1156 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
1157 tor_free(msg);
1158 #elif defined(__NetBSD__)
1159 tdata = get_options_test_data("TransProxyType default\n"
1160 "TransPort 127.0.0.1:123\n");
1161 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1162 tt_int_op(ret, OP_EQ, -1);
1163 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
1164 tor_free(msg);
1165 #endif /* defined(__linux__) || ... */
1166
1167 // Assert that a test has run for some TransProxyType
1168 tt_assert(tdata);
1169
1170 #else /* !(defined(USE_TRANSPARENT)) */
1171 tdata = get_options_test_data("TransPort 127.0.0.1:555\n");
1172
1173 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1174 tt_int_op(ret, OP_EQ, -1);
1175 tt_str_op(msg, OP_EQ, "TransPort is disabled in this build.");
1176 tor_free(msg);
1177 #endif /* defined(USE_TRANSPARENT) */
1178
1179 done:
1180 free_options_test_data(tdata);
1181 tor_free(msg);
1182 }
1183
1184 NS_DECL(country_t, geoip_get_country, (const char *country));
1185
1186 static country_t
1187 NS(geoip_get_country)(const char *countrycode)
1188 {
1189 (void)countrycode;
1190 CALLED(geoip_get_country)++;
1191
1192 return 1;
1193 }
1194
1195 static void
1196 test_options_validate__exclude_nodes(void *ignored)
1197 {
1198 (void)ignored;
1199
1200 NS_MOCK(geoip_get_country);
1201
1202 int ret;
1203 char *msg;
1204 setup_capture_of_logs(LOG_WARN);
1205 options_test_data_t *tdata = get_options_test_data(
1206 "ExcludeExitNodes {us}\n");
1207
1208 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1209 tt_int_op(ret, OP_EQ, -1);
1210 tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 1);
1211 tt_str_op((char *)
1212 (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)),
1213 OP_EQ, "{us}");
1214 tor_free(msg);
1215
1216 free_options_test_data(tdata);
1217 tdata = get_options_test_data("ExcludeNodes {cn}\n");
1218 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1219 tt_int_op(ret, OP_EQ, -1);
1220 tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 1);
1221 tt_str_op((char *)
1222 (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)),
1223 OP_EQ, "{cn}");
1224 tor_free(msg);
1225
1226 free_options_test_data(tdata);
1227 tdata = get_options_test_data("ExcludeNodes {cn}\n"
1228 "ExcludeExitNodes {us} {cn}\n");
1229 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1230 tt_int_op(ret, OP_EQ, -1);
1231 tt_int_op(smartlist_len(tdata->opt->ExcludeExitNodesUnion_->list), OP_EQ, 2);
1232 tt_str_op((char *)
1233 (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 0)),
1234 OP_EQ, "{us} {cn}");
1235 tt_str_op((char *)
1236 (smartlist_get(tdata->opt->ExcludeExitNodesUnion_->list, 1)),
1237 OP_EQ, "{cn}");
1238 tor_free(msg);
1239
1240 free_options_test_data(tdata);
1241 tdata = get_options_test_data("ExcludeNodes {cn}\n"
1242 "StrictNodes 1\n");
1243 mock_clean_saved_logs();
1244 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1245 tt_int_op(ret, OP_EQ, -1);
1246 expect_log_msg(
1247 "You have asked to exclude certain relays from all positions "
1248 "in your circuits. Expect hidden services and other Tor "
1249 "features to be broken in unpredictable ways.\n");
1250 tor_free(msg);
1251
1252 free_options_test_data(tdata);
1253 tdata = get_options_test_data("ExcludeNodes {cn}\n");
1254 mock_clean_saved_logs();
1255 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1256 tt_int_op(ret, OP_EQ, -1);
1257 expect_no_log_msg(
1258 "You have asked to exclude certain relays from all positions "
1259 "in your circuits. Expect hidden services and other Tor "
1260 "features to be broken in unpredictable ways.\n");
1261 tor_free(msg);
1262
1263 done:
1264 NS_UNMOCK(geoip_get_country);
1265 teardown_capture_of_logs();
1266 free_options_test_data(tdata);
1267 tor_free(msg);
1268 }
1269
1270 static void
1271 test_options_validate__node_families(void *ignored)
1272 {
1273 (void)ignored;
1274 int ret;
1275 char *msg;
1276 options_test_data_t *tdata = get_options_test_data(
1277 "NodeFamily flux, flax\n"
1278 "NodeFamily somewhere\n");
1279
1280 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1281 tt_int_op(ret, OP_EQ, -1);
1282 tt_assert(tdata->opt->NodeFamilySets);
1283 tt_int_op(smartlist_len(tdata->opt->NodeFamilySets), OP_EQ, 2);
1284 tt_str_op((char *)(smartlist_get(
1285 ((routerset_t *)smartlist_get(tdata->opt->NodeFamilySets, 0))->list, 0)),
1286 OP_EQ, "flux");
1287 tt_str_op((char *)(smartlist_get(
1288 ((routerset_t *)smartlist_get(tdata->opt->NodeFamilySets, 0))->list, 1)),
1289 OP_EQ, "flax");
1290 tt_str_op((char *)(smartlist_get(
1291 ((routerset_t *)smartlist_get(tdata->opt->NodeFamilySets, 1))->list, 0)),
1292 OP_EQ, "somewhere");
1293 tor_free(msg);
1294
1295 free_options_test_data(tdata);
1296 tdata = get_options_test_data("");
1297
1298 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1299 tt_int_op(ret, OP_EQ, -1);
1300 tt_assert(!tdata->opt->NodeFamilySets);
1301 tor_free(msg);
1302
1303 free_options_test_data(tdata);
1304 tdata = get_options_test_data("NodeFamily !flux\n");
1305
1306 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1307 tt_int_op(ret, OP_EQ, -1);
1308 tt_assert(tdata->opt->NodeFamilySets);
1309 tt_int_op(smartlist_len(tdata->opt->NodeFamilySets), OP_EQ, 0);
1310 tor_free(msg);
1311
1312 done:
1313 free_options_test_data(tdata);
1314 tor_free(msg);
1315 }
1316
1317 static void
1318 test_options_validate__token_bucket(void *ignored)
1319 {
1320 (void)ignored;
1321 int ret;
1322 char *msg;
1323 options_test_data_t *tdata = get_options_test_data("");
1324
1325 tdata->opt->TokenBucketRefillInterval = 0;
1326 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1327 tt_int_op(ret, OP_EQ, -1);
1328 tt_str_op(msg, OP_EQ,
1329 "TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
1330 tor_free(msg);
1331
1332 tdata->opt->TokenBucketRefillInterval = 1001;
1333 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1334 tt_int_op(ret, OP_EQ, -1);
1335 tt_str_op(msg, OP_EQ,
1336 "TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
1337 tor_free(msg);
1338
1339 done:
1340 free_options_test_data(tdata);
1341 tor_free(msg);
1342 }
1343
1344 static void
1345 test_options_validate__recommended_packages(void *ignored)
1346 {
1347 (void)ignored;
1348 int ret;
1349 char *msg;
1350 setup_capture_of_logs(LOG_WARN);
1351 options_test_data_t *tdata = get_options_test_data(
1352 "RecommendedPackages foo 1.2 http://foo.com sha1=123123123123\n"
1353 "RecommendedPackages invalid-package-line\n");
1354
1355 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1356 tt_int_op(ret, OP_EQ, -1);
1357 expect_no_log_msg("Invalid RecommendedPackage line "
1358 "invalid-package-line will be ignored\n");
1359
1360 done:
1361 escaped(NULL); // This will free the leaking memory from the previous escaped
1362 teardown_capture_of_logs();
1363 free_options_test_data(tdata);
1364 tor_free(msg);
1365 }
1366
1367 static void
1368 test_options_validate__fetch_dir(void *ignored)
1369 {
1370 (void)ignored;
1371 int ret;
1372 char *msg;
1373 options_test_data_t *tdata = get_options_test_data(
1374 "FetchDirInfoExtraEarly 1\n"
1375 "FetchDirInfoEarly 0\n");
1376
1377 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1378 tt_int_op(ret, OP_EQ, -1);
1379 tt_str_op(msg, OP_EQ, "FetchDirInfoExtraEarly requires that you"
1380 " also set FetchDirInfoEarly");
1381 tor_free(msg);
1382
1383 free_options_test_data(tdata);
1384 tdata = get_options_test_data("FetchDirInfoExtraEarly 1\n"
1385 "FetchDirInfoEarly 1\n");
1386
1387 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1388 tt_int_op(ret, OP_EQ, -1);
1389 tt_str_op(msg, OP_NE, "FetchDirInfoExtraEarly requires that you"
1390 " also set FetchDirInfoEarly");
1391 tor_free(msg);
1392
1393 done:
1394 free_options_test_data(tdata);
1395 tor_free(msg);
1396 }
1397
1398 static void
1399 test_options_validate__conn_limit(void *ignored)
1400 {
1401 (void)ignored;
1402 int ret;
1403 char *msg;
1404 options_test_data_t *tdata = get_options_test_data(
1405 "ConnLimit 0\n");
1406
1407 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1408 tt_int_op(ret, OP_EQ, -1);
1409 tt_str_op(msg, OP_EQ, "ConnLimit must be greater than 0, but was set to 0");
1410 tor_free(msg);
1411
1412 free_options_test_data(tdata);
1413 tdata = get_options_test_data("ConnLimit 1\n");
1414
1415 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1416 tt_int_op(ret, OP_EQ, -1);
1417 tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024, "
1418 "but was set to 0");
1419 tor_free(msg);
1420
1421 done:
1422 free_options_test_data(tdata);
1423 tor_free(msg);
1424 }
1425
1426 static void
1427 test_options_validate__paths_needed(void *ignored)
1428 {
1429 (void)ignored;
1430 int ret;
1431 char *msg;
1432
1433 #ifndef _WIN32
1434 int unset_home_env = 0;
1435 if (setenv("HOME", "/home/john", 0) == 0)
1436 unset_home_env = 1;
1437 #endif
1438
1439 setup_capture_of_logs(LOG_WARN);
1440 options_test_data_t *tdata = get_options_test_data(
1441 "PathsNeededToBuildCircuits 0.1\n"
1442 "ConnLimit 1\n");
1443
1444 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1445 tt_int_op(ret, OP_EQ, -1);
1446 tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.24 &&
1447 tdata->opt->PathsNeededToBuildCircuits < 0.26);
1448 expect_log_msg("PathsNeededToBuildCircuits is too low. "
1449 "Increasing to 0.25\n");
1450 tor_free(msg);
1451
1452 free_options_test_data(tdata);
1453 mock_clean_saved_logs();
1454 tdata = get_options_test_data("PathsNeededToBuildCircuits 0.99\n"
1455 "ConnLimit 1\n");
1456
1457 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1458 tt_int_op(ret, OP_EQ, -1);
1459 tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.94 &&
1460 tdata->opt->PathsNeededToBuildCircuits < 0.96);
1461 expect_log_msg("PathsNeededToBuildCircuits is "
1462 "too high. Decreasing to 0.95\n");
1463 tor_free(msg);
1464
1465 free_options_test_data(tdata);
1466 mock_clean_saved_logs();
1467 tdata = get_options_test_data("PathsNeededToBuildCircuits 0.91\n"
1468 "ConnLimit 1\n");
1469
1470 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1471 tt_int_op(ret, OP_EQ, -1);
1472 tt_assert(tdata->opt->PathsNeededToBuildCircuits > 0.90 &&
1473 tdata->opt->PathsNeededToBuildCircuits < 0.92);
1474 expect_no_log_entry();
1475 tor_free(msg);
1476
1477 done:
1478 teardown_capture_of_logs();
1479 free_options_test_data(tdata);
1480 tor_free(msg);
1481 #ifndef _WIN32
1482 if (unset_home_env)
1483 unsetenv("HOME");
1484 #endif
1485 }
1486
1487 static void
1488 test_options_validate__max_client_circuits(void *ignored)
1489 {
1490 (void)ignored;
1491 int ret;
1492 char *msg;
1493 options_test_data_t *tdata = get_options_test_data(
1494 "MaxClientCircuitsPending 0\n"
1495 "ConnLimit 1\n");
1496
1497 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1498 tt_int_op(ret, OP_EQ, -1);
1499 tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024,"
1500 " but was set to 0");
1501 tor_free(msg);
1502
1503 free_options_test_data(tdata);
1504 tdata = get_options_test_data("MaxClientCircuitsPending 1025\n"
1505 "ConnLimit 1\n");
1506
1507 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1508 tt_int_op(ret, OP_EQ, -1);
1509 tt_str_op(msg, OP_EQ, "MaxClientCircuitsPending must be between 1 and 1024,"
1510 " but was set to 1025");
1511 tor_free(msg);
1512
1513 free_options_test_data(tdata);
1514 tdata = get_options_test_data("MaxClientCircuitsPending 1\n"
1515 "ConnLimit 1\n");
1516
1517 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1518 tt_int_op(ret, OP_EQ, -1);
1519 tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive.");
1520 tor_free(msg);
1521
1522 done:
1523 free_options_test_data(tdata);
1524 tor_free(msg);
1525 }
1526
1527 static void
1528 test_options_validate__ports(void *ignored)
1529 {
1530 (void)ignored;
1531 int ret;
1532 char *msg;
1533 options_test_data_t *tdata = get_options_test_data(
1534 "FirewallPorts 65537\n"
1535 "MaxClientCircuitsPending 1\n"
1536 "ConnLimit 1\n");
1537
1538 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1539 tt_int_op(ret, OP_EQ, -1);
1540 tt_str_op(msg, OP_EQ, "Port '65537' out of range in FirewallPorts");
1541 tor_free(msg);
1542
1543 free_options_test_data(tdata);
1544 tdata = get_options_test_data("FirewallPorts 1\n"
1545 "LongLivedPorts 124444\n"
1546 "MaxClientCircuitsPending 1\n"
1547 "ConnLimit 1\n");
1548
1549 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1550 tt_int_op(ret, OP_EQ, -1);
1551 tt_str_op(msg, OP_EQ, "Port '124444' out of range in LongLivedPorts");
1552 tor_free(msg);
1553
1554 free_options_test_data(tdata);
1555 tdata = get_options_test_data("FirewallPorts 1\n"
1556 "LongLivedPorts 2\n"
1557 "RejectPlaintextPorts 112233\n"
1558 "MaxClientCircuitsPending 1\n"
1559 "ConnLimit 1\n");
1560
1561 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1562 tt_int_op(ret, OP_EQ, -1);
1563 tt_str_op(msg, OP_EQ, "Port '112233' out of range in RejectPlaintextPorts");
1564 tor_free(msg);
1565
1566 free_options_test_data(tdata);
1567 tdata = get_options_test_data("FirewallPorts 1\n"
1568 "LongLivedPorts 2\n"
1569 "RejectPlaintextPorts 3\n"
1570 "WarnPlaintextPorts 65536\n"
1571 "MaxClientCircuitsPending 1\n"
1572 "ConnLimit 1\n");
1573
1574 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1575 tt_int_op(ret, OP_EQ, -1);
1576 tt_str_op(msg, OP_EQ, "Port '65536' out of range in WarnPlaintextPorts");
1577 tor_free(msg);
1578
1579 free_options_test_data(tdata);
1580 tdata = get_options_test_data("FirewallPorts 1\n"
1581 "LongLivedPorts 2\n"
1582 "RejectPlaintextPorts 3\n"
1583 "WarnPlaintextPorts 4\n"
1584 "MaxClientCircuitsPending 1\n"
1585 "ConnLimit 1\n");
1586
1587 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1588 tt_int_op(ret, OP_EQ, -1);
1589 tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive.");
1590 tor_free(msg);
1591
1592 done:
1593 free_options_test_data(tdata);
1594 tor_free(msg);
1595 }
1596
1597 static void
1598 test_options_validate__reachable_addresses(void *ignored)
1599 {
1600 (void)ignored;
1601 int ret;
1602 char *msg;
1603 setup_capture_of_logs(LOG_NOTICE);
1604 options_test_data_t *tdata = get_options_test_data(
1605 "FascistFirewall 1\n"
1606 "MaxClientCircuitsPending 1\n"
1607 "ConnLimit 1\n");
1608
1609 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1610 tt_int_op(ret, OP_EQ, -1);
1611 expect_log_msg("Converting FascistFirewall config "
1612 "option to new format: \"ReachableDirAddresses *:80\"\n");
1613 tt_str_op(tdata->opt->ReachableDirAddresses->value, OP_EQ, "*:80");
1614 expect_log_msg("Converting FascistFirewall config "
1615 "option to new format: \"ReachableORAddresses *:443\"\n");
1616 tt_str_op(tdata->opt->ReachableORAddresses->value, OP_EQ, "*:443");
1617 tor_free(msg);
1618
1619 free_options_test_data(tdata);
1620 mock_clean_saved_logs();
1621 tdata = get_options_test_data("FascistFirewall 1\n"
1622 "ReachableDirAddresses *:81\n"
1623 "ReachableORAddresses *:444\n"
1624 "MaxClientCircuitsPending 1\n"
1625 "ConnLimit 1\n");
1626 tdata->opt->FirewallPorts = smartlist_new();
1627 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1628 tt_int_op(ret, OP_EQ, -1);
1629 expect_log_entry();
1630 tt_str_op(tdata->opt->ReachableDirAddresses->value, OP_EQ, "*:81");
1631 tt_str_op(tdata->opt->ReachableORAddresses->value, OP_EQ, "*:444");
1632 tor_free(msg);
1633
1634 free_options_test_data(tdata);
1635 mock_clean_saved_logs();
1636 tdata = get_options_test_data("FascistFirewall 1\n"
1637 "FirewallPort 123\n"
1638 "MaxClientCircuitsPending 1\n"
1639 "ConnLimit 1\n");
1640
1641 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1642 tt_int_op(ret, OP_EQ, -1);
1643 expect_log_msg("Converting FascistFirewall and "
1644 "FirewallPorts config options to new format: "
1645 "\"ReachableAddresses *:123\"\n");
1646 tt_str_op(tdata->opt->ReachableAddresses->value, OP_EQ, "*:123");
1647 tor_free(msg);
1648
1649 free_options_test_data(tdata);
1650 mock_clean_saved_logs();
1651 tdata = get_options_test_data("FascistFirewall 1\n"
1652 "ReachableAddresses *:82\n"
1653 "ReachableAddresses *:83\n"
1654 "ReachableAddresses reject *:*\n"
1655 "MaxClientCircuitsPending 1\n"
1656 "ConnLimit 1\n");
1657
1658 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1659 tt_int_op(ret, OP_EQ, -1);
1660 expect_log_entry();
1661 tt_str_op(tdata->opt->ReachableAddresses->value, OP_EQ, "*:82");
1662 tor_free(msg);
1663
1664 free_options_test_data(tdata);
1665 mock_clean_saved_logs();
1666 tdata = get_options_test_data("FascistFirewall 1\n"
1667 "ReachableAddresses *:82\n"
1668 "MaxClientCircuitsPending 1\n"
1669 "ConnLimit 1\n");
1670
1671 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1672 tt_int_op(ret, OP_EQ, -1);
1673 tt_ptr_op(tdata->opt->ReachableAddresses->next, OP_EQ, NULL);
1674 tor_free(msg);
1675
1676 #define SERVERS_REACHABLE_MSG "Servers must be able to freely connect to" \
1677 " the rest of the Internet, so they must not set Reachable*Addresses or" \
1678 " FascistFirewall or FirewallPorts or ClientUseIPv4 0."
1679
1680 free_options_test_data(tdata);
1681 tdata = get_options_test_data("ReachableAddresses *:82\n"
1682 "ORPort 127.0.0.1:5555\n"
1683 "MaxClientCircuitsPending 1\n"
1684 "ConnLimit 1\n");
1685
1686 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1687 tt_int_op(ret, OP_EQ, -1);
1688 tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG);
1689 tor_free(msg);
1690
1691 free_options_test_data(tdata);
1692 tdata = get_options_test_data("ReachableORAddresses *:82\n"
1693 "ORPort 127.0.0.1:5555\n"
1694 "MaxClientCircuitsPending 1\n"
1695 "ConnLimit 1\n");
1696
1697 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1698 tt_int_op(ret, OP_EQ, -1);
1699 tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG);
1700 tor_free(msg);
1701
1702 free_options_test_data(tdata);
1703 tdata = get_options_test_data("ReachableDirAddresses *:82\n"
1704 "ORPort 127.0.0.1:5555\n"
1705 "MaxClientCircuitsPending 1\n"
1706 "ConnLimit 1\n");
1707
1708 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1709 tt_int_op(ret, OP_EQ, -1);
1710 tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG);
1711 tor_free(msg);
1712
1713 free_options_test_data(tdata);
1714 tdata = get_options_test_data("ClientUseIPv4 0\n"
1715 "ORPort 127.0.0.1:5555\n"
1716 "MaxClientCircuitsPending 1\n"
1717 "ConnLimit 1\n");
1718
1719 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1720 tt_int_op(ret, OP_EQ, -1);
1721 tt_str_op(msg, OP_EQ, SERVERS_REACHABLE_MSG);
1722 tor_free(msg);
1723
1724 /* Test IPv4-only clients setting IPv6 preferences */
1725
1726 free_options_test_data(tdata);
1727 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1728 "ClientUseIPv4 1\n"
1729 "ClientUseIPv6 0\n"
1730 "UseBridges 0\n"
1731 "ClientPreferIPv6ORPort 1\n");
1732
1733 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1734 tt_int_op(ret, OP_EQ, 0);
1735 tor_free(msg);
1736
1737 free_options_test_data(tdata);
1738 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1739 "ClientUseIPv4 1\n"
1740 "ClientUseIPv6 0\n"
1741 "UseBridges 0\n"
1742 "ClientPreferIPv6DirPort 1\n");
1743
1744 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1745 tt_int_op(ret, OP_EQ, 0);
1746 tor_free(msg);
1747
1748 /* Now test an IPv4/IPv6 client setting IPv6 preferences */
1749
1750 free_options_test_data(tdata);
1751 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1752 "ClientUseIPv4 1\n"
1753 "ClientUseIPv6 1\n"
1754 "ClientPreferIPv6ORPort 1\n"
1755 "ClientPreferIPv6DirPort 1\n");
1756
1757 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1758 tt_int_op(ret, OP_EQ, 0);
1759 tt_ptr_op(msg, OP_EQ, NULL);
1760
1761 /* Now test an IPv6 client setting IPv6 preferences */
1762
1763 free_options_test_data(tdata);
1764 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1765 "ClientUseIPv6 1\n"
1766 "ClientPreferIPv6ORPort 1\n"
1767 "ClientPreferIPv6DirPort 1\n");
1768
1769 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1770 tt_int_op(ret, OP_EQ, 0);
1771 tt_ptr_op(msg, OP_EQ, NULL);
1772
1773 /* And an implicit (IPv4 disabled) IPv6 client setting IPv6 preferences */
1774
1775 free_options_test_data(tdata);
1776 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1777 "ClientUseIPv4 0\n"
1778 "ClientPreferIPv6ORPort 1\n"
1779 "ClientPreferIPv6DirPort 1\n");
1780
1781 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1782 tt_int_op(ret, OP_EQ, 0);
1783 tt_ptr_op(msg, OP_EQ, NULL);
1784
1785 /* And an implicit (bridge) client setting IPv6 preferences */
1786
1787 free_options_test_data(tdata);
1788 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1789 "UseBridges 1\n"
1790 "Bridge 127.0.0.1:12345\n"
1791 "ClientPreferIPv6ORPort 1\n"
1792 "ClientPreferIPv6DirPort 1\n");
1793
1794 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1795 tt_int_op(ret, OP_EQ, 0);
1796 tt_ptr_op(msg, OP_EQ, NULL);
1797
1798 done:
1799 teardown_capture_of_logs();
1800 free_options_test_data(tdata);
1801 tor_free(msg);
1802 }
1803
1804 static void
1805 test_options_validate__use_bridges(void *ignored)
1806 {
1807 (void)ignored;
1808 int ret;
1809 char *msg;
1810 options_test_data_t *tdata = get_options_test_data(
1811 "UseBridges 1\n"
1812 "ClientUseIPv4 1\n"
1813 "ORPort 127.0.0.1:5555\n"
1814 "MaxClientCircuitsPending 1\n"
1815 "ConnLimit 1\n");
1816
1817 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1818 tt_int_op(ret, OP_EQ, -1);
1819 tt_str_op(msg, OP_EQ, "Servers must be able to freely connect to the rest of"
1820 " the Internet, so they must not set UseBridges.");
1821 tor_free(msg);
1822
1823 free_options_test_data(tdata);
1824 tdata = get_options_test_data("UseBridges 1\n"
1825 "MaxClientCircuitsPending 1\n"
1826 "ConnLimit 1\n");
1827
1828 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1829 tt_int_op(ret, OP_EQ, -1);
1830 tt_str_op(msg, OP_NE, "Servers must be able to freely connect to the rest of"
1831 " the Internet, so they must not set UseBridges.");
1832 tor_free(msg);
1833
1834 NS_MOCK(geoip_get_country);
1835 free_options_test_data(tdata);
1836 tdata = get_options_test_data("UseBridges 1\n"
1837 "EntryNodes {cn}\n"
1838 "MaxClientCircuitsPending 1\n"
1839 "ConnLimit 1\n");
1840
1841 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1842 tt_int_op(ret, OP_EQ, -1);
1843 tt_str_op(msg, OP_EQ, "You cannot set both UseBridges and EntryNodes.");
1844 tor_free(msg);
1845
1846 free_options_test_data(tdata);
1847 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1848 "UseBridges 1\n");
1849
1850 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1851 tt_int_op(ret, OP_EQ, -1);
1852 tt_str_op(msg, OP_EQ,
1853 "If you set UseBridges, you must specify at least one bridge.");
1854 tor_free(msg);
1855
1856 free_options_test_data(tdata);
1857 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1858 "UseBridges 1\n"
1859 "Bridge 10.0.0.1\n"
1860 "UseEntryGuards 0\n"
1861 );
1862
1863 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1864 tt_int_op(ret, OP_EQ, -1);
1865 tt_str_op(msg, OP_EQ,
1866 "Setting UseBridges requires also setting UseEntryGuards.");
1867 tor_free(msg);
1868
1869 free_options_test_data(tdata);
1870 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
1871 "UseBridges 1\n"
1872 "Bridge 10.0.0.1\n"
1873 "Bridge !!!\n"
1874 );
1875
1876 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1877 tt_int_op(ret, OP_EQ, -1);
1878 tt_str_op(msg, OP_EQ, "Bridge line did not parse. See logs for details.");
1879 tor_free(msg);
1880
1881 done:
1882 NS_UNMOCK(geoip_get_country);
1883 policies_free_all();
1884 free_options_test_data(tdata);
1885 tor_free(msg);
1886 }
1887
1888 static void
1889 test_options_validate__entry_nodes(void *ignored)
1890 {
1891 (void)ignored;
1892 int ret;
1893 char *msg;
1894 NS_MOCK(geoip_get_country);
1895 options_test_data_t *tdata = get_options_test_data(
1896 "EntryNodes {cn}\n"
1897 "UseEntryGuards 0\n"
1898 "MaxClientCircuitsPending 1\n"
1899 "ConnLimit 1\n");
1900
1901 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1902 tt_int_op(ret, OP_EQ, -1);
1903 tt_str_op(msg, OP_EQ,
1904 "If EntryNodes is set, UseEntryGuards must be enabled.");
1905 tor_free(msg);
1906
1907 free_options_test_data(tdata);
1908 tdata = get_options_test_data("EntryNodes {cn}\n"
1909 "UseEntryGuards 1\n"
1910 "MaxClientCircuitsPending 1\n"
1911 "ConnLimit 1\n");
1912
1913 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1914 tt_int_op(ret, OP_EQ, -1);
1915 tt_str_op(msg, OP_EQ, "KeepalivePeriod option must be positive.");
1916 tor_free(msg);
1917
1918 done:
1919 NS_UNMOCK(geoip_get_country);
1920 free_options_test_data(tdata);
1921 tor_free(msg);
1922 }
1923
1924 static void
1925 test_options_validate__safe_logging(void *ignored)
1926 {
1927 (void)ignored;
1928 int ret;
1929 char *msg;
1930 options_test_data_t *tdata = get_options_test_data(
1931 "MaxClientCircuitsPending 1\n"
1932 "ConnLimit 1\n");
1933
1934 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1935 tt_int_op(ret, OP_EQ, -1);
1936 tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_NONE);
1937 tor_free(msg);
1938
1939 free_options_test_data(tdata);
1940 tdata = get_options_test_data("SafeLogging 0\n"
1941 "MaxClientCircuitsPending 1\n"
1942 "ConnLimit 1\n");
1943
1944 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1945 tt_int_op(ret, OP_EQ, -1);
1946 tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_NONE);
1947 tor_free(msg);
1948
1949 free_options_test_data(tdata);
1950 tdata = get_options_test_data("SafeLogging Relay\n"
1951 "MaxClientCircuitsPending 1\n"
1952 "ConnLimit 1\n");
1953
1954 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1955 tt_int_op(ret, OP_EQ, -1);
1956 tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_RELAY);
1957 tor_free(msg);
1958
1959 free_options_test_data(tdata);
1960 tdata = get_options_test_data("SafeLogging 1\n"
1961 "MaxClientCircuitsPending 1\n"
1962 "ConnLimit 1\n");
1963
1964 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1965 tt_int_op(ret, OP_EQ, -1);
1966 tt_int_op(tdata->opt->SafeLogging_, OP_EQ, SAFELOG_SCRUB_ALL);
1967 tor_free(msg);
1968
1969 free_options_test_data(tdata);
1970 tdata = get_options_test_data("SafeLogging stuffy\n"
1971 "MaxClientCircuitsPending 1\n"
1972 "ConnLimit 1\n");
1973
1974 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1975 tt_int_op(ret, OP_EQ, -1);
1976 tt_str_op(msg, OP_EQ, "Unrecognized value '\"stuffy\"' in SafeLogging");
1977 tor_free(msg);
1978
1979 done:
1980 escaped(NULL); // This will free the leaking memory from the previous escaped
1981 free_options_test_data(tdata);
1982 tor_free(msg);
1983 }
1984
1985 static void
1986 test_options_validate__publish_server_descriptor(void *ignored)
1987 {
1988 (void)ignored;
1989 int ret;
1990 char *msg;
1991 setup_capture_of_logs(LOG_WARN);
1992 options_test_data_t *tdata = get_options_test_data(
1993 "PublishServerDescriptor bridge\n" TEST_OPTIONS_DEFAULT_VALUES
1994 );
1995
1996 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
1997 tt_int_op(ret, OP_EQ, 0);
1998 tt_assert(!msg);
1999
2000 free_options_test_data(tdata);
2001 tdata = get_options_test_data("PublishServerDescriptor humma\n"
2002 TEST_OPTIONS_DEFAULT_VALUES);
2003
2004 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2005 tt_int_op(ret, OP_EQ, -1);
2006 tt_str_op(msg, OP_EQ, "Unrecognized value in PublishServerDescriptor");
2007 tor_free(msg);
2008
2009 free_options_test_data(tdata);
2010 tdata = get_options_test_data("PublishServerDescriptor bridge, v3\n"
2011 TEST_OPTIONS_DEFAULT_VALUES);
2012
2013 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2014 tt_int_op(ret, OP_EQ, -1);
2015 tt_str_op(msg, OP_EQ, "Bridges are not supposed to publish router "
2016 "descriptors to the directory authorities. Please correct your "
2017 "PublishServerDescriptor line.");
2018 tor_free(msg);
2019
2020 free_options_test_data(tdata);
2021 tdata = get_options_test_data("BridgeRelay 1\n"
2022 "PublishServerDescriptor v3\n"
2023 TEST_OPTIONS_DEFAULT_VALUES);
2024
2025 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2026 tt_int_op(ret, OP_EQ, -1);
2027 tt_str_op(msg, OP_EQ, "Bridges are not supposed to publish router "
2028 "descriptors to the directory authorities. Please correct your "
2029 "PublishServerDescriptor line.");
2030 tor_free(msg);
2031
2032 free_options_test_data(tdata);
2033 tdata = get_options_test_data("BridgeRelay 1\n" TEST_OPTIONS_DEFAULT_VALUES);
2034
2035 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2036 tt_int_op(ret, OP_EQ, -1);
2037 tt_str_op(msg, OP_NE, "Bridges are not supposed to publish router "
2038 "descriptors to the directory authorities. Please correct your "
2039 "PublishServerDescriptor line.");
2040 tor_free(msg);
2041
2042 free_options_test_data(tdata);
2043 tdata = get_options_test_data("BridgeRelay 1\n"
2044 "DirPort 999\n" TEST_OPTIONS_DEFAULT_VALUES);
2045
2046 mock_clean_saved_logs();
2047 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2048 tt_int_op(ret, OP_EQ, -1);
2049 expect_log_msg("Can't set a DirPort on a bridge "
2050 "relay; disabling DirPort\n");
2051 tt_assert(!tdata->opt->DirPort_lines);
2052 tt_assert(!tdata->opt->DirPort_set);
2053
2054 done:
2055 teardown_capture_of_logs();
2056 policies_free_all();
2057 free_options_test_data(tdata);
2058 tor_free(msg);
2059 }
2060
2061 static void
2062 test_options_validate__testing(void *ignored)
2063 {
2064 (void)ignored;
2065 int ret;
2066 char *msg;
2067 options_test_data_t *tdata = NULL;
2068
2069 #define ENSURE_DEFAULT(varname, varval) \
2070 STMT_BEGIN \
2071 free_options_test_data(tdata); \
2072 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \
2073 #varname " " #varval "\n"); \
2074 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
2075 tt_str_op(msg, OP_EQ, \
2076 #varname " may only be changed in testing Tor networks!"); \
2077 tt_int_op(ret, OP_EQ, -1); \
2078 tor_free(msg); \
2079 \
2080 free_options_test_data(tdata); \
2081 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \
2082 #varname " " #varval "\n" \
2083 VALID_DIR_AUTH \
2084 "TestingTorNetwork 1\n"); \
2085 \
2086 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
2087 if (msg) { \
2088 tt_str_op(msg, OP_NE, \
2089 #varname " may only be changed in testing Tor networks!"); \
2090 tor_free(msg); \
2091 } \
2092 \
2093 free_options_test_data(tdata); \
2094 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \
2095 #varname " " #varval "\n" \
2096 "___UsingTestNetworkDefaults 1\n"); \
2097 \
2098 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
2099 if (msg) { \
2100 tt_str_op(msg, OP_NE, \
2101 #varname " may only be changed in testing Tor networks!"); \
2102 tor_free(msg); \
2103 } \
2104 STMT_END
2105
2106 ENSURE_DEFAULT(TestingV3AuthInitialVotingInterval, 3600);
2107 ENSURE_DEFAULT(TestingV3AuthInitialVoteDelay, 3000);
2108 ENSURE_DEFAULT(TestingV3AuthInitialDistDelay, 3000);
2109 ENSURE_DEFAULT(TestingV3AuthVotingStartOffset, 3000);
2110 ENSURE_DEFAULT(TestingAuthDirTimeToLearnReachability, 3000);
2111 ENSURE_DEFAULT(TestingEstimatedDescriptorPropagationTime, 3000);
2112 ENSURE_DEFAULT(TestingServerDownloadInitialDelay, 3000);
2113 ENSURE_DEFAULT(TestingClientDownloadInitialDelay, 3000);
2114 ENSURE_DEFAULT(TestingServerConsensusDownloadInitialDelay, 3000);
2115 ENSURE_DEFAULT(TestingClientConsensusDownloadInitialDelay, 3000);
2116 ENSURE_DEFAULT(TestingBridgeDownloadInitialDelay, 3000);
2117 ENSURE_DEFAULT(TestingBridgeBootstrapDownloadInitialDelay, 3000);
2118 ENSURE_DEFAULT(TestingClientMaxIntervalWithoutRequest, 3000);
2119 ENSURE_DEFAULT(TestingDirConnectionMaxStall, 3000);
2120 ENSURE_DEFAULT(TestingAuthKeyLifetime, 3000);
2121 ENSURE_DEFAULT(TestingLinkCertLifetime, 3000);
2122 ENSURE_DEFAULT(TestingSigningKeySlop, 3000);
2123 ENSURE_DEFAULT(TestingAuthKeySlop, 3000);
2124 ENSURE_DEFAULT(TestingLinkKeySlop, 3000);
2125
2126 done:
2127 escaped(NULL); // This will free the leaking memory from the previous escaped
2128 policies_free_all();
2129 free_options_test_data(tdata);
2130 tor_free(msg);
2131 }
2132
2133 static void
2134 test_options_validate__hidserv(void *ignored)
2135 {
2136 (void)ignored;
2137 int ret;
2138 char *msg;
2139 setup_capture_of_logs(LOG_WARN);
2140
2141 options_test_data_t *tdata = get_options_test_data(
2142 TEST_OPTIONS_DEFAULT_VALUES);
2143 tdata->opt->MinUptimeHidServDirectoryV2 = -1;
2144 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2145 tt_int_op(ret, OP_EQ, 0);
2146 expect_log_msg("MinUptimeHidServDirectoryV2 "
2147 "option must be at least 0 seconds. Changing to 0.\n");
2148 tt_int_op(tdata->opt->MinUptimeHidServDirectoryV2, OP_EQ, 0);
2149 tor_free(msg);
2150
2151 free_options_test_data(tdata);
2152 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2153 "RendPostPeriod 1\n" );
2154 mock_clean_saved_logs();
2155 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2156 tt_int_op(ret, OP_EQ, 0);
2157 expect_log_msg("RendPostPeriod option is too short;"
2158 " raising to 600 seconds.\n");
2159 tt_int_op(tdata->opt->RendPostPeriod, OP_EQ, 600);
2160 tor_free(msg);
2161
2162 free_options_test_data(tdata);
2163 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2164 "RendPostPeriod 302401\n" );
2165 mock_clean_saved_logs();
2166 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2167 tt_int_op(ret, OP_EQ, 0);
2168 expect_log_msg("RendPostPeriod is too large; "
2169 "clipping to 302400s.\n");
2170 tt_int_op(tdata->opt->RendPostPeriod, OP_EQ, 302400);
2171 tor_free(msg);
2172
2173 done:
2174 teardown_capture_of_logs();
2175 policies_free_all();
2176 free_options_test_data(tdata);
2177 tor_free(msg);
2178 }
2179
2180 static void
2181 test_options_validate__path_bias(void *ignored)
2182 {
2183 (void)ignored;
2184 int ret;
2185 char *msg;
2186
2187 options_test_data_t *tdata = get_options_test_data(
2188 TEST_OPTIONS_DEFAULT_VALUES
2189 "PathBiasNoticeRate 1.1\n");
2190 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2191 tt_int_op(ret, OP_EQ, -1);
2192 tt_str_op(msg, OP_EQ,
2193 "PathBiasNoticeRate is too high. It must be between 0 and 1.0");
2194 tor_free(msg);
2195
2196 free_options_test_data(tdata);
2197 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2198 "PathBiasWarnRate 1.1\n");
2199 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2200 tt_int_op(ret, OP_EQ, -1);
2201 tt_str_op(msg, OP_EQ,
2202 "PathBiasWarnRate is too high. It must be between 0 and 1.0");
2203 tor_free(msg);
2204
2205 free_options_test_data(tdata);
2206 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2207 "PathBiasExtremeRate 1.1\n");
2208 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2209 tt_int_op(ret, OP_EQ, -1);
2210 tt_str_op(msg, OP_EQ,
2211 "PathBiasExtremeRate is too high. It must be between 0 and 1.0");
2212 tor_free(msg);
2213
2214 free_options_test_data(tdata);
2215 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2216 "PathBiasNoticeUseRate 1.1\n");
2217 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2218 tt_int_op(ret, OP_EQ, -1);
2219 tt_str_op(msg, OP_EQ,
2220 "PathBiasNoticeUseRate is too high. It must be between 0 and 1.0");
2221 tor_free(msg);
2222
2223 free_options_test_data(tdata);
2224 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2225 "PathBiasExtremeUseRate 1.1\n");
2226 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2227 tt_int_op(ret, OP_EQ, -1);
2228 tt_str_op(msg, OP_EQ,
2229 "PathBiasExtremeUseRate is too high. It must be between 0 and 1.0");
2230 tor_free(msg);
2231
2232 done:
2233 free_options_test_data(tdata);
2234 tor_free(msg);
2235 }
2236
2237 static void
2238 test_options_validate__bandwidth(void *ignored)
2239 {
2240 (void)ignored;
2241 int ret;
2242 char *msg;
2243 options_test_data_t *tdata = NULL;
2244
2245 #define ENSURE_BANDWIDTH_PARAM(p) \
2246 STMT_BEGIN \
2247 free_options_test_data(tdata); \
2248 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES #p " 3Gb\n"); \
2249 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
2250 tt_int_op(ret, OP_EQ, -1); \
2251 tt_mem_op(msg, OP_EQ, #p " (3221225471) must be at most 2147483647", 40); \
2252 tor_free(msg); \
2253 STMT_END
2254
2255 ENSURE_BANDWIDTH_PARAM(BandwidthRate);
2256 ENSURE_BANDWIDTH_PARAM(BandwidthBurst);
2257 ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth);
2258 ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate);
2259 ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst);
2260 ENSURE_BANDWIDTH_PARAM(PerConnBWRate);
2261 ENSURE_BANDWIDTH_PARAM(PerConnBWBurst);
2262 ENSURE_BANDWIDTH_PARAM(AuthDirFastGuarantee);
2263 ENSURE_BANDWIDTH_PARAM(AuthDirGuardBWGuarantee);
2264
2265 free_options_test_data(tdata);
2266 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2267 "RelayBandwidthRate 1000\n");
2268 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2269 tt_int_op(ret, OP_EQ, 0);
2270 tt_u64_op(tdata->opt->RelayBandwidthBurst, OP_EQ, 1000);
2271 tor_free(msg);
2272
2273 free_options_test_data(tdata);
2274 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2275 "RelayBandwidthBurst 1001\n");
2276 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2277 tt_int_op(ret, OP_EQ, 0);
2278 tt_u64_op(tdata->opt->RelayBandwidthRate, OP_EQ, 1001);
2279 tor_free(msg);
2280
2281 free_options_test_data(tdata);
2282 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2283 "RelayBandwidthRate 1001\n"
2284 "RelayBandwidthBurst 1000\n");
2285 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2286 tt_int_op(ret, OP_EQ, -1);
2287 tt_str_op(msg, OP_EQ, "RelayBandwidthBurst must be at least equal to "
2288 "RelayBandwidthRate.");
2289 tor_free(msg);
2290
2291 free_options_test_data(tdata);
2292 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2293 "BandwidthRate 1001\n"
2294 "BandwidthBurst 1000\n");
2295 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2296 tt_int_op(ret, OP_EQ, -1);
2297 tt_str_op(msg, OP_EQ,
2298 "BandwidthBurst must be at least equal to BandwidthRate.");
2299 tor_free(msg);
2300
2301 free_options_test_data(tdata);
2302 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2303 "RelayBandwidthRate 1001\n"
2304 "BandwidthRate 1000\n"
2305 "BandwidthBurst 1000\n"
2306 );
2307 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2308 tt_int_op(ret, OP_EQ, 0);
2309 tt_u64_op(tdata->opt->BandwidthRate, OP_EQ, 1001);
2310 tor_free(msg);
2311
2312 free_options_test_data(tdata);
2313 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2314 "RelayBandwidthRate 1001\n"
2315 "BandwidthRate 1000\n"
2316 "RelayBandwidthBurst 1001\n"
2317 "BandwidthBurst 1000\n"
2318 );
2319 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2320 tt_int_op(ret, OP_EQ, 0);
2321 tt_u64_op(tdata->opt->BandwidthBurst, OP_EQ, 1001);
2322 tor_free(msg);
2323
2324 free_options_test_data(tdata);
2325 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2326 "ORPort 127.0.0.1:5555\n"
2327 "BandwidthRate 1\n"
2328 );
2329 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2330 tt_int_op(ret, OP_EQ, -1);
2331 tt_str_op(msg, OP_EQ, "BandwidthRate is set to 1 bytes/second. For servers,"
2332 " it must be at least 76800.");
2333 tor_free(msg);
2334
2335 free_options_test_data(tdata);
2336 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2337 "ORPort 127.0.0.1:5555\n"
2338 "BandwidthRate 76800\n"
2339 "MaxAdvertisedBandwidth 30000\n"
2340 );
2341 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2342 tt_int_op(ret, OP_EQ, -1);
2343 tt_str_op(msg, OP_EQ, "MaxAdvertisedBandwidth is set to 30000 bytes/second."
2344 " For servers, it must be at least 38400.");
2345 tor_free(msg);
2346
2347 free_options_test_data(tdata);
2348 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2349 "ORPort 127.0.0.1:5555\n"
2350 "BandwidthRate 76800\n"
2351 "RelayBandwidthRate 1\n"
2352 "MaxAdvertisedBandwidth 38400\n"
2353 );
2354 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2355 tt_int_op(ret, OP_EQ, -1);
2356 tt_str_op(msg, OP_EQ, "RelayBandwidthRate is set to 1 bytes/second. For "
2357 "servers, it must be at least 76800.");
2358 tor_free(msg);
2359
2360 free_options_test_data(tdata);
2361 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2362 "ORPort 127.0.0.1:5555\n"
2363 "BandwidthRate 76800\n"
2364 "BandwidthBurst 76800\n"
2365 "RelayBandwidthRate 76800\n"
2366 "MaxAdvertisedBandwidth 38400\n"
2367 );
2368 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2369 tt_int_op(ret, OP_EQ, 0);
2370 tor_free(msg);
2371
2372 done:
2373 policies_free_all();
2374 free_options_test_data(tdata);
2375 tor_free(msg);
2376 }
2377
2378 static void
2379 test_options_validate__circuits(void *ignored)
2380 {
2381 (void)ignored;
2382 char *msg;
2383 options_test_data_t *tdata = NULL;
2384 setup_capture_of_logs(LOG_WARN);
2385
2386 free_options_test_data(tdata);
2387 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2388 "MaxCircuitDirtiness 2592001\n");
2389 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2390 expect_log_msg("MaxCircuitDirtiness option is too "
2391 "high; setting to 30 days.\n");
2392 tt_int_op(tdata->opt->MaxCircuitDirtiness, OP_EQ, 2592000);
2393 tor_free(msg);
2394
2395 free_options_test_data(tdata);
2396 mock_clean_saved_logs();
2397 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2398 "CircuitStreamTimeout 1\n");
2399 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2400 expect_log_msg("CircuitStreamTimeout option is too"
2401 " short; raising to 10 seconds.\n");
2402 tt_int_op(tdata->opt->CircuitStreamTimeout, OP_EQ, 10);
2403 tor_free(msg);
2404
2405 free_options_test_data(tdata);
2406 mock_clean_saved_logs();
2407 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2408 "CircuitStreamTimeout 111\n");
2409 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2410 expect_no_log_msg("CircuitStreamTimeout option is too"
2411 " short; raising to 10 seconds.\n");
2412 tt_int_op(tdata->opt->CircuitStreamTimeout, OP_EQ, 111);
2413 tor_free(msg);
2414
2415 free_options_test_data(tdata);
2416 mock_clean_saved_logs();
2417 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2418 "HeartbeatPeriod 1\n");
2419 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2420 expect_log_msg("HeartbeatPeriod option is too short;"
2421 " raising to 1800 seconds.\n");
2422 tt_int_op(tdata->opt->HeartbeatPeriod, OP_EQ, 1800);
2423 tor_free(msg);
2424
2425 free_options_test_data(tdata);
2426 mock_clean_saved_logs();
2427 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2428 "HeartbeatPeriod 1982\n");
2429 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2430 expect_no_log_msg("HeartbeatPeriod option is too short;"
2431 " raising to 1800 seconds.\n");
2432 tt_int_op(tdata->opt->HeartbeatPeriod, OP_EQ, 1982);
2433 tor_free(msg);
2434
2435 free_options_test_data(tdata);
2436 mock_clean_saved_logs();
2437 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2438 "CircuitBuildTimeout 1\n"
2439 );
2440 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2441 expect_log_msg("CircuitBuildTimeout is shorter (1"
2442 " seconds) than the recommended minimum (10 seconds), and "
2443 "LearnCircuitBuildTimeout is disabled. If tor isn't working, "
2444 "raise this value or enable LearnCircuitBuildTimeout.\n");
2445 tor_free(msg);
2446
2447 free_options_test_data(tdata);
2448 mock_clean_saved_logs();
2449 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2450 "CircuitBuildTimeout 11\n"
2451 );
2452 options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2453 expect_no_log_msg("CircuitBuildTimeout is shorter (1 "
2454 "seconds) than the recommended minimum (10 seconds), and "
2455 "LearnCircuitBuildTimeout is disabled. If tor isn't working, "
2456 "raise this value or enable LearnCircuitBuildTimeout.\n");
2457 tor_free(msg);
2458
2459 done:
2460 policies_free_all();
2461 teardown_capture_of_logs();
2462 free_options_test_data(tdata);
2463 tor_free(msg);
2464 }
2465
2466 static void
2467 test_options_validate__rend(void *ignored)
2468 {
2469 (void)ignored;
2470 int ret;
2471 char *msg;
2472 options_test_data_t *tdata = NULL;
2473 setup_capture_of_logs(LOG_WARN);
2474
2475 free_options_test_data(tdata);
2476 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2477 "UseEntryGuards 0\n"
2478 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2479 "HiddenServicePort 80 127.0.0.1:8080\n"
2480 );
2481 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2482 tt_int_op(ret, OP_EQ, 0);
2483 expect_log_msg("UseEntryGuards is disabled, but you"
2484 " have configured one or more hidden services on this Tor "
2485 "instance. Your hidden services will be very easy to locate using"
2486 " a well-known attack -- see http://freehaven.net/anonbib/#hs-"
2487 "attack06 for details.\n");
2488 tor_free(msg);
2489
2490 free_options_test_data(tdata);
2491 tdata = get_options_test_data(
2492 TEST_OPTIONS_DEFAULT_VALUES
2493 "UseEntryGuards 1\n"
2494 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2495 "HiddenServicePort 80 127.0.0.1:8080\n"
2496 );
2497 mock_clean_saved_logs();
2498 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2499 tt_int_op(ret, OP_EQ, 0);
2500 expect_no_log_msg("UseEntryGuards is disabled, but you"
2501 " have configured one or more hidden services on this Tor "
2502 "instance. Your hidden services will be very easy to locate using"
2503 " a well-known attack -- see http://freehaven.net/anonbib/#hs-"
2504 "attack06 for details.\n");
2505
2506 free_options_test_data(tdata);
2507 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2508 "HiddenServicePort 80 127.0.0.1:8080\n"
2509 );
2510 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2511 tt_int_op(ret, OP_EQ, -1);
2512 tt_str_op(msg, OP_EQ,
2513 "Failed to configure rendezvous options. See logs for details.");
2514 tor_free(msg);
2515
2516 free_options_test_data(tdata);
2517 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2518 "HidServAuth failed\n"
2519 );
2520 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2521 tt_int_op(ret, OP_EQ, -1);
2522 tt_str_op(msg, OP_EQ, "Failed to configure client authorization for hidden "
2523 "services. See logs for details.");
2524 tor_free(msg);
2525
2526 done:
2527 policies_free_all();
2528 teardown_capture_of_logs();
2529 free_options_test_data(tdata);
2530 tor_free(msg);
2531 }
2532
2533 static void
2534 test_options_validate__single_onion(void *ignored)
2535 {
2536 (void)ignored;
2537 int ret;
2538 char *msg;
2539 options_test_data_t *tdata = NULL;
2540 setup_capture_of_logs(LOG_WARN);
2541
2542 /* Test that HiddenServiceSingleHopMode must come with
2543 * HiddenServiceNonAnonymousMode */
2544 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2545 "SOCKSPort 0\n"
2546 "HiddenServiceSingleHopMode 1\n"
2547 );
2548 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2549 tt_int_op(ret, OP_EQ, -1);
2550 tt_str_op(msg, OP_EQ, "HiddenServiceSingleHopMode does not provide any "
2551 "server anonymity. It must be used with "
2552 "HiddenServiceNonAnonymousMode set to 1.");
2553 tor_free(msg);
2554 free_options_test_data(tdata);
2555
2556 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2557 "SOCKSPort 0\n"
2558 "HiddenServiceSingleHopMode 1\n"
2559 "HiddenServiceNonAnonymousMode 0\n"
2560 );
2561 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2562 tt_int_op(ret, OP_EQ, -1);
2563 tt_str_op(msg, OP_EQ, "HiddenServiceSingleHopMode does not provide any "
2564 "server anonymity. It must be used with "
2565 "HiddenServiceNonAnonymousMode set to 1.");
2566 tor_free(msg);
2567 free_options_test_data(tdata);
2568
2569 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2570 "SOCKSPort 0\n"
2571 "HiddenServiceSingleHopMode 1\n"
2572 "HiddenServiceNonAnonymousMode 1\n"
2573 );
2574 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2575 tt_int_op(ret, OP_EQ, 0);
2576 tt_ptr_op(msg, OP_EQ, NULL);
2577 free_options_test_data(tdata);
2578
2579 /* Test that SOCKSPort if HiddenServiceSingleHopMode is 1 */
2580 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2581 "SOCKSPort 5000\n"
2582 "HiddenServiceSingleHopMode 1\n"
2583 "HiddenServiceNonAnonymousMode 1\n"
2584 );
2585 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2586 tt_int_op(ret, OP_EQ, -1);
2587 tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode is incompatible with "
2588 "using Tor as an anonymous client. Please set "
2589 "Socks/Trans/NATD/DNSPort to 0, or revert "
2590 "HiddenServiceNonAnonymousMode to 0.");
2591 tor_free(msg);
2592 free_options_test_data(tdata);
2593
2594 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2595 "SOCKSPort 0\n"
2596 "HiddenServiceSingleHopMode 1\n"
2597 "HiddenServiceNonAnonymousMode 1\n"
2598 );
2599 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2600 tt_int_op(ret, OP_EQ, 0);
2601 tt_ptr_op(msg, OP_EQ, NULL);
2602 free_options_test_data(tdata);
2603
2604 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2605 "SOCKSPort 5000\n"
2606 "HiddenServiceSingleHopMode 0\n"
2607 );
2608 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2609 tt_int_op(ret, OP_EQ, 0);
2610 tt_ptr_op(msg, OP_EQ, NULL);
2611 free_options_test_data(tdata);
2612
2613 /* Test that a hidden service can't be run in non anonymous mode. */
2614 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2615 "HiddenServiceNonAnonymousMode 1\n"
2616 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2617 "HiddenServicePort 80 127.0.0.1:8080\n"
2618 );
2619 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2620 tt_int_op(ret, OP_EQ, -1);
2621 tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode does not provide any "
2622 "server anonymity. It must be used with "
2623 "HiddenServiceSingleHopMode set to 1.");
2624 tor_free(msg);
2625 free_options_test_data(tdata);
2626
2627 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2628 "HiddenServiceNonAnonymousMode 1\n"
2629 );
2630 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2631 tt_int_op(ret, OP_EQ, -1);
2632 tt_str_op(msg, OP_EQ, "HiddenServiceNonAnonymousMode does not provide any "
2633 "server anonymity. It must be used with "
2634 "HiddenServiceSingleHopMode set to 1.");
2635 tor_free(msg);
2636 free_options_test_data(tdata);
2637
2638 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2639 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2640 "HiddenServicePort 80 127.0.0.1:8080\n"
2641 );
2642 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2643 tt_int_op(ret, OP_EQ, 0);
2644 tt_ptr_op(msg, OP_EQ, NULL);
2645 free_options_test_data(tdata);
2646
2647 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2648 "HiddenServiceNonAnonymousMode 1\n"
2649 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2650 "HiddenServicePort 80 127.0.0.1:8080\n"
2651 "HiddenServiceSingleHopMode 1\n"
2652 "SOCKSPort 0\n"
2653 );
2654 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2655 tt_int_op(ret, OP_EQ, 0);
2656 tt_ptr_op(msg, OP_EQ, NULL);
2657
2658 done:
2659 policies_free_all();
2660 teardown_capture_of_logs();
2661 free_options_test_data(tdata);
2662 tor_free(msg);
2663 }
2664
2665 static void
2666 test_options_validate__accounting(void *ignored)
2667 {
2668 (void)ignored;
2669 int ret;
2670 char *msg;
2671 options_test_data_t *tdata = NULL;
2672 setup_capture_of_logs(LOG_WARN);
2673
2674 free_options_test_data(tdata);
2675 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2676 "AccountingRule something_bad\n"
2677 );
2678 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2679 tt_int_op(ret, OP_EQ, -1);
2680 tt_str_op(msg, OP_EQ, "AccountingRule must be 'sum', 'max', 'in', or 'out'");
2681 tor_free(msg);
2682
2683 free_options_test_data(tdata);
2684 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2685 "AccountingRule sum\n"
2686 );
2687 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2688 tt_int_op(ret, OP_EQ, 0);
2689 tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_SUM);
2690 tor_free(msg);
2691
2692 free_options_test_data(tdata);
2693 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2694 "AccountingRule max\n"
2695 );
2696 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2697 tt_int_op(ret, OP_EQ, 0);
2698 tt_int_op(tdata->opt->AccountingRule, OP_EQ, ACCT_MAX);
2699 tor_free(msg);
2700
2701 free_options_test_data(tdata);
2702 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2703 "AccountingStart fail\n"
2704 );
2705 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2706 tt_int_op(ret, OP_EQ, -1);
2707 tt_str_op(msg, OP_EQ,
2708 "Failed to parse accounting options. See logs for details.");
2709 tor_free(msg);
2710
2711 free_options_test_data(tdata);
2712 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2713 "AccountingMax 10\n"
2714 );
2715 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2716 tt_int_op(ret, OP_EQ, 0);
2717 tor_free(msg);
2718
2719 free_options_test_data(tdata);
2720 tdata = get_options_test_data(
2721 TEST_OPTIONS_DEFAULT_VALUES
2722 "ORPort 127.0.0.1:5555\n"
2723 "BandwidthRate 76800\n"
2724 "BandwidthBurst 76800\n"
2725 "MaxAdvertisedBandwidth 38400\n"
2726 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2727 "HiddenServicePort 80 127.0.0.1:8080\n"
2728 "AccountingMax 10\n"
2729 );
2730 mock_clean_saved_logs();
2731 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2732 tt_int_op(ret, OP_EQ, 0);
2733 expect_log_msg("Using accounting with a hidden "
2734 "service and an ORPort is risky: your hidden service(s) and "
2735 "your public address will all turn off at the same time, "
2736 "which may alert observers that they are being run by the "
2737 "same party.\n");
2738 tor_free(msg);
2739
2740 free_options_test_data(tdata);
2741 tdata = get_options_test_data(
2742 TEST_OPTIONS_DEFAULT_VALUES
2743 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2744 "HiddenServicePort 80 127.0.0.1:8080\n"
2745 "AccountingMax 10\n"
2746 );
2747 mock_clean_saved_logs();
2748 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2749 tt_int_op(ret, OP_EQ, 0);
2750 expect_no_log_msg("Using accounting with a hidden "
2751 "service and an ORPort is risky: your hidden service(s) and "
2752 "your public address will all turn off at the same time, "
2753 "which may alert observers that they are being run by the "
2754 "same party.\n");
2755 tor_free(msg);
2756
2757 free_options_test_data(tdata);
2758 tdata = get_options_test_data(
2759 TEST_OPTIONS_DEFAULT_VALUES
2760 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/\n"
2761 "HiddenServicePort 80 127.0.0.1:8080\n"
2762 "HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service2/\n"
2763 "HiddenServicePort 81 127.0.0.1:8081\n"
2764 "AccountingMax 10\n"
2765 );
2766 mock_clean_saved_logs();
2767 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2768 tt_int_op(ret, OP_EQ, 0);
2769 expect_log_msg("Using accounting with multiple "
2770 "hidden services is risky: they will all turn off at the same"
2771 " time, which may alert observers that they are being run by "
2772 "the same party.\n");
2773 tor_free(msg);
2774
2775 done:
2776 teardown_capture_of_logs();
2777 policies_free_all();
2778 free_options_test_data(tdata);
2779 tor_free(msg);
2780 }
2781
2782 static void
2783 test_options_validate__proxy(void *ignored)
2784 {
2785 (void)ignored;
2786 int ret;
2787 char *msg;
2788 options_test_data_t *tdata = NULL;
2789 sandbox_disable_getaddrinfo_cache();
2790 setup_capture_of_logs(LOG_WARN);
2791 MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs);
2792
2793 free_options_test_data(tdata);
2794 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2795 "HttpProxy 127.0.42.1\n"
2796 );
2797 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2798 tt_int_op(ret, OP_EQ, 0);
2799 tt_int_op(tdata->opt->HTTPProxyPort, OP_EQ, 80);
2800 tor_free(msg);
2801
2802 free_options_test_data(tdata);
2803 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2804 "HttpProxy 127.0.42.1:444\n"
2805 );
2806 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2807 tt_int_op(ret, OP_EQ, 0);
2808 tt_int_op(tdata->opt->HTTPProxyPort, OP_EQ, 444);
2809 tor_free(msg);
2810
2811 free_options_test_data(tdata);
2812
2813 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2814 "HttpProxy not_so_valid!\n"
2815 );
2816 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2817 tt_int_op(ret, OP_EQ, -1);
2818 tt_str_op(msg, OP_EQ, "HTTPProxy failed to parse or resolve. Please fix.");
2819 tor_free(msg);
2820
2821 free_options_test_data(tdata);
2822 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2823 "HttpProxyAuthenticator "
2824 "onetwothreonetwothreonetwothreonetwothreonetw"
2825 "othreonetwothreonetwothreonetwothreonetwothre"
2826 "onetwothreonetwothreonetwothreonetwothreonetw"
2827 "othreonetwothreonetwothreonetwothreonetwothre"
2828 "onetwothreonetwothreonetwothreonetwothreonetw"
2829 "othreonetwothreonetwothreonetwothreonetwothre"
2830 "onetwothreonetwothreonetwothreonetwothreonetw"
2831 "othreonetwothreonetwothreonetwothreonetwothre"
2832 "onetwothreonetwothreonetwothreonetwothreonetw"
2833 "othreonetwothreonetwothreonetwothreonetwothre"
2834 "onetwothreonetwothreonetwothreonetwothreonetw"
2835 "othreonetwothreeonetwothreeonetwothree"
2836
2837 );
2838 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2839 tt_int_op(ret, OP_EQ, -1);
2840 tt_str_op(msg, OP_EQ, "HTTPProxyAuthenticator is too long (>= 512 chars).");
2841 tor_free(msg);
2842
2843 free_options_test_data(tdata);
2844 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2845 "HttpProxyAuthenticator validauth\n"
2846
2847 );
2848 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2849 tt_int_op(ret, OP_EQ, 0);
2850 tor_free(msg);
2851
2852 free_options_test_data(tdata);
2853 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2854 "HttpsProxy 127.0.42.1\n"
2855 );
2856 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2857 tt_int_op(ret, OP_EQ, 0);
2858 tt_int_op(tdata->opt->HTTPSProxyPort, OP_EQ, 443);
2859 tor_free(msg);
2860
2861 free_options_test_data(tdata);
2862 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2863 "HttpsProxy 127.0.42.1:444\n"
2864 );
2865 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2866 tt_int_op(ret, OP_EQ, 0);
2867 tt_int_op(tdata->opt->HTTPSProxyPort, OP_EQ, 444);
2868 tor_free(msg);
2869
2870 free_options_test_data(tdata);
2871 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2872 "HttpsProxy not_so_valid!\n"
2873 );
2874 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2875 tt_int_op(ret, OP_EQ, -1);
2876 tt_str_op(msg, OP_EQ, "HTTPSProxy failed to parse or resolve. Please fix.");
2877 tor_free(msg);
2878
2879 free_options_test_data(tdata);
2880 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2881 "HttpsProxyAuthenticator "
2882 "onetwothreonetwothreonetwothreonetwothreonetw"
2883 "othreonetwothreonetwothreonetwothreonetwothre"
2884 "onetwothreonetwothreonetwothreonetwothreonetw"
2885 "othreonetwothreonetwothreonetwothreonetwothre"
2886 "onetwothreonetwothreonetwothreonetwothreonetw"
2887 "othreonetwothreonetwothreonetwothreonetwothre"
2888 "onetwothreonetwothreonetwothreonetwothreonetw"
2889 "othreonetwothreonetwothreonetwothreonetwothre"
2890 "onetwothreonetwothreonetwothreonetwothreonetw"
2891 "othreonetwothreonetwothreonetwothreonetwothre"
2892 "onetwothreonetwothreonetwothreonetwothreonetw"
2893 "othreonetwothreeonetwothreeonetwothree"
2894
2895 );
2896 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2897 tt_int_op(ret, OP_EQ, -1);
2898 tt_str_op(msg, OP_EQ, "HTTPSProxyAuthenticator is too long (>= 512 chars).");
2899 tor_free(msg);
2900
2901 free_options_test_data(tdata);
2902 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2903 "HttpsProxyAuthenticator validauth\n"
2904 );
2905 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2906 tt_int_op(ret, OP_EQ, 0);
2907 tor_free(msg);
2908
2909 free_options_test_data(tdata);
2910 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2911 "Socks4Proxy 127.0.42.1\n"
2912 );
2913 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2914 tt_int_op(ret, OP_EQ, 0);
2915 tt_int_op(tdata->opt->Socks4ProxyPort, OP_EQ, 1080);
2916 tor_free(msg);
2917
2918 free_options_test_data(tdata);
2919 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2920 "Socks4Proxy 127.0.42.1:444\n"
2921 );
2922 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2923 tt_int_op(ret, OP_EQ, 0);
2924 tt_int_op(tdata->opt->Socks4ProxyPort, OP_EQ, 444);
2925 tor_free(msg);
2926
2927 free_options_test_data(tdata);
2928 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2929 "Socks4Proxy not_so_valid!\n"
2930 );
2931 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2932 tt_int_op(ret, OP_EQ, -1);
2933 tt_str_op(msg, OP_EQ, "Socks4Proxy failed to parse or resolve. Please fix.");
2934 tor_free(msg);
2935
2936 free_options_test_data(tdata);
2937 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2938 "Socks5Proxy 127.0.42.1\n"
2939 );
2940 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2941 tt_int_op(ret, OP_EQ, 0);
2942 tt_int_op(tdata->opt->Socks5ProxyPort, OP_EQ, 1080);
2943 tor_free(msg);
2944
2945 free_options_test_data(tdata);
2946 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2947 "Socks5Proxy 127.0.42.1:444\n"
2948 );
2949 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2950 tt_int_op(ret, OP_EQ, 0);
2951 tt_int_op(tdata->opt->Socks5ProxyPort, OP_EQ, 444);
2952 tor_free(msg);
2953
2954 free_options_test_data(tdata);
2955 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2956 "Socks5Proxy not_so_valid!\n"
2957 );
2958 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2959 tt_int_op(ret, OP_EQ, -1);
2960 tt_str_op(msg, OP_EQ, "Socks5Proxy failed to parse or resolve. Please fix.");
2961 tor_free(msg);
2962
2963 free_options_test_data(tdata);
2964 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2965 "Socks4Proxy 215.1.1.1\n"
2966 "Socks5Proxy 215.1.1.2\n"
2967 );
2968 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2969 tt_int_op(ret, OP_EQ, -1);
2970 tt_str_op(msg, OP_EQ, "You have configured more than one proxy type. "
2971 "(Socks4Proxy|Socks5Proxy|HTTPSProxy)");
2972 tor_free(msg);
2973
2974 free_options_test_data(tdata);
2975 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2976 "HttpProxy 215.1.1.1\n"
2977 );
2978 mock_clean_saved_logs();
2979 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2980 tt_int_op(ret, OP_EQ, 0);
2981 expect_log_msg("HTTPProxy configured, but no SOCKS "
2982 "proxy or HTTPS proxy configured. Watch out: this configuration "
2983 "will proxy unencrypted directory connections only.\n");
2984 tor_free(msg);
2985
2986 free_options_test_data(tdata);
2987 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
2988 "HttpProxy 215.1.1.1\n"
2989 "Socks4Proxy 215.1.1.1\n"
2990 );
2991 mock_clean_saved_logs();
2992 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
2993 tt_int_op(ret, OP_EQ, 0);
2994 expect_no_log_msg("HTTPProxy configured, but no SOCKS "
2995 "proxy or HTTPS proxy configured. Watch out: this configuration "
2996 "will proxy unencrypted directory connections only.\n");
2997 tor_free(msg);
2998
2999 free_options_test_data(tdata);
3000 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3001 "HttpProxy 215.1.1.1\n"
3002 "Socks5Proxy 215.1.1.1\n"
3003 );
3004 mock_clean_saved_logs();
3005 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3006 tt_int_op(ret, OP_EQ, 0);
3007 expect_no_log_msg("HTTPProxy configured, but no SOCKS "
3008 "proxy or HTTPS proxy configured. Watch out: this configuration "
3009 "will proxy unencrypted directory connections only.\n");
3010 tor_free(msg);
3011
3012 free_options_test_data(tdata);
3013 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3014 "HttpProxy 215.1.1.1\n"
3015 "HttpsProxy 215.1.1.1\n"
3016 );
3017 mock_clean_saved_logs();
3018 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3019 tt_int_op(ret, OP_EQ, 0);
3020 expect_no_log_msg(
3021 "HTTPProxy configured, but no SOCKS proxy or HTTPS proxy "
3022 "configured. Watch out: this configuration will proxy "
3023 "unencrypted directory connections only.\n");
3024 tor_free(msg);
3025
3026 free_options_test_data(tdata);
3027 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3028 );
3029 tdata->opt->Socks5ProxyUsername = tor_strdup("");
3030 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3031 tt_int_op(ret, OP_EQ, -1);
3032 tt_str_op(msg, OP_EQ,
3033 "Socks5ProxyUsername must be between 1 and 255 characters.");
3034 tor_free(msg);
3035
3036 free_options_test_data(tdata);
3037 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3038 );
3039 tdata->opt->Socks5ProxyUsername =
3040 tor_strdup("ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789AB"
3041 "CDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCD"
3042 "EABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEA"
3043 "BCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABC"
3044 "DE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789");
3045 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3046 tt_int_op(ret, OP_EQ, -1);
3047 tt_str_op(msg, OP_EQ,
3048 "Socks5ProxyUsername must be between 1 and 255 characters.");
3049 tor_free(msg);
3050
3051 free_options_test_data(tdata);
3052 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3053 "Socks5ProxyUsername hello_world\n"
3054 );
3055 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3056 tt_int_op(ret, OP_EQ, -1);
3057 tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be included with "
3058 "Socks5ProxyUsername.");
3059 tor_free(msg);
3060
3061 free_options_test_data(tdata);
3062 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3063 "Socks5ProxyUsername hello_world\n"
3064 );
3065 tdata->opt->Socks5ProxyPassword = tor_strdup("");
3066 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3067 tt_int_op(ret, OP_EQ, -1);
3068 tt_str_op(msg, OP_EQ,
3069 "Socks5ProxyPassword must be between 1 and 255 characters.");
3070 tor_free(msg);
3071
3072 free_options_test_data(tdata);
3073 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3074 "Socks5ProxyUsername hello_world\n"
3075 );
3076 tdata->opt->Socks5ProxyPassword =
3077 tor_strdup("ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789AB"
3078 "CDEABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCD"
3079 "EABCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEA"
3080 "BCDE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789ABCDEABC"
3081 "DE0123456789ABCDEABCDE0123456789ABCDEABCDE0123456789");
3082 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3083 tt_int_op(ret, OP_EQ, -1);
3084 tt_str_op(msg, OP_EQ,
3085 "Socks5ProxyPassword must be between 1 and 255 characters.");
3086 tor_free(msg);
3087
3088 free_options_test_data(tdata);
3089 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3090 "Socks5ProxyUsername hello_world\n"
3091 "Socks5ProxyPassword world_hello\n"
3092 );
3093 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3094 tt_int_op(ret, OP_EQ, 0);
3095 tor_free(msg);
3096
3097 free_options_test_data(tdata);
3098 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3099 "Socks5ProxyPassword hello_world\n"
3100 );
3101 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3102 tt_int_op(ret, OP_EQ, -1);
3103 tt_str_op(msg, OP_EQ, "Socks5ProxyPassword must be included with "
3104 "Socks5ProxyUsername.");
3105 tor_free(msg);
3106
3107 done:
3108 teardown_capture_of_logs();
3109 free_options_test_data(tdata);
3110 policies_free_all();
3111 // sandbox_free_getaddrinfo_cache();
3112 tor_free(msg);
3113 UNMOCK(tor_addr_lookup);
3114 }
3115
3116 static void
3117 test_options_validate__control(void *ignored)
3118 {
3119 (void)ignored;
3120 int ret;
3121 char *msg;
3122 options_test_data_t *tdata = NULL;
3123 setup_capture_of_logs(LOG_WARN);
3124
3125 free_options_test_data(tdata);
3126 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3127 "HashedControlPassword something_incorrect\n"
3128 );
3129 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3130 tt_int_op(ret, OP_EQ, -1);
3131 tt_str_op(msg, OP_EQ,
3132 "Bad HashedControlPassword: wrong length or bad encoding");
3133 tor_free(msg);
3134
3135 free_options_test_data(tdata);
3136 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3137 "HashedControlPassword 16:872860B76453A77D60CA"
3138 "2BB8C1A7042072093276A3D701AD684053EC4C\n"
3139 );
3140 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3141 tt_int_op(ret, OP_EQ, 0);
3142 tor_free(msg);
3143
3144 free_options_test_data(tdata);
3145 tdata = get_options_test_data(
3146 TEST_OPTIONS_DEFAULT_VALUES
3147 "__HashedControlSessionPassword something_incorrect\n"
3148 );
3149 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3150 tt_int_op(ret, OP_EQ, -1);
3151 tt_str_op(msg, OP_EQ, "Bad HashedControlSessionPassword: wrong length or "
3152 "bad encoding");
3153 tor_free(msg);
3154
3155 free_options_test_data(tdata);
3156 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3157 "__HashedControlSessionPassword 16:872860B7645"
3158 "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC"
3159 "4C\n"
3160 );
3161 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3162 tt_int_op(ret, OP_EQ, 0);
3163 tor_free(msg);
3164
3165 free_options_test_data(tdata);
3166 tdata = get_options_test_data(
3167 TEST_OPTIONS_DEFAULT_VALUES
3168 "__OwningControllerProcess something_incorrect\n"
3169 );
3170 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3171 tt_int_op(ret, OP_EQ, -1);
3172 tt_str_op(msg, OP_EQ, "Bad OwningControllerProcess: invalid PID");
3173 tor_free(msg);
3174
3175 free_options_test_data(tdata);
3176 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3177 "__OwningControllerProcess 123\n"
3178 );
3179 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3180 tt_int_op(ret, OP_EQ, 0);
3181 tor_free(msg);
3182
3183 free_options_test_data(tdata);
3184 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3185 "ControlPort 127.0.0.1:1234\n"
3186 );
3187 mock_clean_saved_logs();
3188 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3189 tt_int_op(ret, OP_EQ, 0);
3190 expect_log_msg(
3191 "ControlPort is open, but no authentication method has been "
3192 "configured. This means that any program on your computer can "
3193 "reconfigure your Tor. That's bad! You should upgrade your Tor"
3194 " controller as soon as possible.\n");
3195 tor_free(msg);
3196
3197 free_options_test_data(tdata);
3198 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3199 "ControlPort 127.0.0.1:1234\n"
3200 "HashedControlPassword 16:872860B76453A77D60CA"
3201 "2BB8C1A7042072093276A3D701AD684053EC4C\n"
3202 );
3203 mock_clean_saved_logs();
3204 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3205 tt_int_op(ret, OP_EQ, 0);
3206 expect_no_log_msg(
3207 "ControlPort is open, but no authentication method has been "
3208 "configured. This means that any program on your computer can "
3209 "reconfigure your Tor. That's bad! You should upgrade your Tor "
3210 "controller as soon as possible.\n");
3211 tor_free(msg);
3212
3213 free_options_test_data(tdata);
3214 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3215 "ControlPort 127.0.0.1:1234\n"
3216 "__HashedControlSessionPassword 16:872860B7645"
3217 "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC"
3218 "4C\n"
3219 );
3220 mock_clean_saved_logs();
3221 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3222 tt_int_op(ret, OP_EQ, 0);
3223 expect_no_log_msg(
3224 "ControlPort is open, but no authentication method has been "
3225 "configured. This means that any program on your computer can "
3226 "reconfigure your Tor. That's bad! You should upgrade your Tor "
3227 "controller as soon as possible.\n");
3228 tor_free(msg);
3229
3230 free_options_test_data(tdata);
3231 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3232 "ControlPort 127.0.0.1:1234\n"
3233 "CookieAuthentication 1\n"
3234 );
3235 mock_clean_saved_logs();
3236 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3237 tt_int_op(ret, OP_EQ, 0);
3238 expect_no_log_msg(
3239 "ControlPort is open, but no authentication method has been "
3240 "configured. This means that any program on your computer can "
3241 "reconfigure your Tor. That's bad! You should upgrade your Tor "
3242 "controller as soon as possible.\n");
3243 tor_free(msg);
3244
3245 #ifdef HAVE_SYS_UN_H
3246 free_options_test_data(tdata);
3247 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3248 "ControlSocket unix:/tmp WorldWritable\n"
3249 );
3250 mock_clean_saved_logs();
3251 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3252 tt_int_op(ret, OP_EQ, 0);
3253 expect_log_msg(
3254 "ControlSocket is world writable, but no authentication method has"
3255 " been configured. This means that any program on your computer "
3256 "can reconfigure your Tor. That's bad! You should upgrade your "
3257 "Tor controller as soon as possible.\n");
3258 tor_free(msg);
3259
3260 free_options_test_data(tdata);
3261 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3262 "ControlSocket unix:/tmp WorldWritable\n"
3263 "HashedControlPassword 16:872860B76453A77D60CA"
3264 "2BB8C1A7042072093276A3D701AD684053EC4C\n"
3265 );
3266 mock_clean_saved_logs();
3267 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3268 tt_int_op(ret, OP_EQ, 0);
3269 expect_no_log_msg(
3270 "ControlSocket is world writable, but no authentication method has"
3271 " been configured. This means that any program on your computer "
3272 "can reconfigure your Tor. That's bad! You should upgrade your "
3273 "Tor controller as soon as possible.\n");
3274 tor_free(msg);
3275
3276 free_options_test_data(tdata);
3277 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3278 "ControlSocket unix:/tmp WorldWritable\n"
3279 "__HashedControlSessionPassword 16:872860B7645"
3280 "3A77D60CA2BB8C1A7042072093276A3D701AD684053EC"
3281 "4C\n"
3282 );
3283 mock_clean_saved_logs();
3284 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3285 tt_int_op(ret, OP_EQ, 0);
3286 expect_no_log_msg(
3287 "ControlSocket is world writable, but no authentication method has"
3288 " been configured. This means that any program on your computer "
3289 "can reconfigure your Tor. That's bad! You should upgrade your "
3290 "Tor controller as soon as possible.\n");
3291 tor_free(msg);
3292
3293 free_options_test_data(tdata);
3294 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3295 "ControlSocket unix:/tmp WorldWritable\n"
3296 "CookieAuthentication 1\n"
3297 );
3298 mock_clean_saved_logs();
3299 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3300 tt_int_op(ret, OP_EQ, 0);
3301 expect_no_log_msg(
3302 "ControlSocket is world writable, but no authentication method has"
3303 " been configured. This means that any program on your computer "
3304 "can reconfigure your Tor. That's bad! You should upgrade your "
3305 "Tor controller as soon as possible.\n");
3306 tor_free(msg);
3307 #endif /* defined(HAVE_SYS_UN_H) */
3308
3309 free_options_test_data(tdata);
3310 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3311 "CookieAuthFileGroupReadable 1\n"
3312 );
3313 mock_clean_saved_logs();
3314 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3315 tt_int_op(ret, OP_EQ, 0);
3316 expect_log_msg(
3317 "CookieAuthFileGroupReadable is set, but will have no effect: you "
3318 "must specify an explicit CookieAuthFile to have it "
3319 "group-readable.\n");
3320 tor_free(msg);
3321
3322 free_options_test_data(tdata);
3323 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3324 "CookieAuthFileGroupReadable 1\n"
3325 "CookieAuthFile /tmp/somewhere\n"
3326 );
3327 mock_clean_saved_logs();
3328 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3329 tt_int_op(ret, OP_EQ, 0);
3330 expect_no_log_msg(
3331 "CookieAuthFileGroupReadable is set, but will have no effect: you "
3332 "must specify an explicit CookieAuthFile to have it "
3333 "group-readable.\n");
3334 tor_free(msg);
3335
3336 done:
3337 teardown_capture_of_logs();
3338 policies_free_all();
3339 free_options_test_data(tdata);
3340 tor_free(msg);
3341 }
3342
3343 static void
3344 test_options_validate__families(void *ignored)
3345 {
3346 (void)ignored;
3347 int ret;
3348 char *msg;
3349 options_test_data_t *tdata = NULL;
3350 setup_capture_of_logs(LOG_WARN);
3351
3352 free_options_test_data(tdata);
3353 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3354 "MyFamily home\n"
3355 "BridgeRelay 1\n"
3356 "ORPort 127.0.0.1:5555\n"
3357 "BandwidthRate 51300\n"
3358 "BandwidthBurst 51300\n"
3359 "MaxAdvertisedBandwidth 25700\n"
3360 "DirCache 1\n"
3361 );
3362 mock_clean_saved_logs();
3363 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3364 tt_int_op(ret, OP_EQ, 0);
3365 expect_log_msg(
3366 "Listing a family for a bridge relay is not supported: it can "
3367 "reveal bridge fingerprints to censors. You should also make sure "
3368 "you aren't listing this bridge's fingerprint in any other "
3369 "MyFamily.\n");
3370 tor_free(msg);
3371
3372 free_options_test_data(tdata);
3373 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3374 "MyFamily home\n"
3375 );
3376 mock_clean_saved_logs();
3377 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3378 tt_int_op(ret, OP_EQ, 0);
3379 expect_no_log_msg(
3380 "Listing a family for a bridge relay is not supported: it can "
3381 "reveal bridge fingerprints to censors. You should also make sure "
3382 "you aren't listing this bridge's fingerprint in any other "
3383 "MyFamily.\n");
3384 tor_free(msg);
3385
3386 free_options_test_data(tdata);
3387 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3388 "MyFamily !\n"
3389 );
3390 mock_clean_saved_logs();
3391 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3392 tt_int_op(ret, OP_EQ, -1);
3393 tt_str_op(msg, OP_EQ, "Invalid nickname '!' in MyFamily line");
3394 tor_free(msg);
3395
3396 free_options_test_data(tdata);
3397 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3398 "NodeFamily foo\n"
3399 "NodeFamily !\n"
3400 );
3401 mock_clean_saved_logs();
3402 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3403 tt_int_op(ret, OP_EQ, -1);
3404 tt_assert(!msg);
3405 tor_free(msg);
3406
3407 done:
3408 teardown_capture_of_logs();
3409 policies_free_all();
3410 free_options_test_data(tdata);
3411 tor_free(msg);
3412 }
3413
3414 static void
3415 test_options_validate__addr_policies(void *ignored)
3416 {
3417 (void)ignored;
3418 int ret;
3419 char *msg;
3420 options_test_data_t *tdata = NULL;
3421
3422 free_options_test_data(tdata);
3423 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3424 "ExitPolicy !!!\n"
3425 "ExitRelay 1\n"
3426 );
3427 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3428 tt_int_op(ret, OP_EQ, -1);
3429 tt_str_op(msg, OP_EQ, "Error in ExitPolicy entry.");
3430 tor_free(msg);
3431
3432 done:
3433 policies_free_all();
3434 free_options_test_data(tdata);
3435 tor_free(msg);
3436 }
3437
3438 static void
3439 test_options_validate__dir_auth(void *ignored)
3440 {
3441 (void)ignored;
3442 int ret;
3443 char *msg;
3444 options_test_data_t *tdata = NULL;
3445 setup_capture_of_logs(LOG_WARN);
3446
3447 free_options_test_data(tdata);
3448 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3449 VALID_DIR_AUTH
3450 VALID_ALT_DIR_AUTH
3451 );
3452 mock_clean_saved_logs();
3453 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3454 tt_int_op(ret, OP_EQ, -1);
3455 tt_str_op(msg, OP_EQ,
3456 "Directory authority/fallback line did not parse. See logs for "
3457 "details.");
3458 expect_log_msg(
3459 "You cannot set both DirAuthority and Alternate*Authority.\n");
3460 tor_free(msg);
3461
3462 free_options_test_data(tdata);
3463 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3464 "TestingTorNetwork 1\n"
3465 );
3466 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3467 tt_int_op(ret, OP_EQ, -1);
3468 tt_str_op(msg, OP_EQ,
3469 "TestingTorNetwork may only be configured in combination with a "
3470 "non-default set of DirAuthority or both of AlternateDirAuthority "
3471 "and AlternateBridgeAuthority configured.");
3472 tor_free(msg);
3473
3474 free_options_test_data(tdata);
3475 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3476 VALID_DIR_AUTH
3477 "TestingTorNetwork 1\n"
3478 );
3479 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3480 tt_int_op(ret, OP_EQ, 0);
3481 tor_free(msg);
3482
3483 free_options_test_data(tdata);
3484 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3485 "TestingTorNetwork 1\n"
3486 VALID_ALT_DIR_AUTH
3487 );
3488 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3489 tt_int_op(ret, OP_EQ, -1);
3490 tt_str_op(msg, OP_EQ,
3491 "TestingTorNetwork may only be configured in combination with a "
3492 "non-default set of DirAuthority or both of AlternateDirAuthority "
3493 "and AlternateBridgeAuthority configured.");
3494 tor_free(msg);
3495
3496 free_options_test_data(tdata);
3497 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3498 "TestingTorNetwork 1\n"
3499 VALID_ALT_BRIDGE_AUTH
3500 );
3501 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3502 tt_int_op(ret, OP_EQ, -1);
3503 tt_str_op(msg, OP_EQ, "TestingTorNetwork may only be configured in "
3504 "combination with a non-default set of DirAuthority or both of "
3505 "AlternateDirAuthority and AlternateBridgeAuthority configured.");
3506 tor_free(msg);
3507
3508 free_options_test_data(tdata);
3509 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3510 VALID_ALT_DIR_AUTH
3511 VALID_ALT_BRIDGE_AUTH
3512 "TestingTorNetwork 1\n"
3513 );
3514 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3515 tt_int_op(ret, OP_EQ, 0);
3516 tor_free(msg);
3517
3518 done:
3519 policies_free_all();
3520 teardown_capture_of_logs();
3521 free_options_test_data(tdata);
3522 tor_free(msg);
3523 }
3524
3525 static void
3526 test_options_validate__transport(void *ignored)
3527 {
3528 (void)ignored;
3529 int ret;
3530 char *msg;
3531 options_test_data_t *tdata = NULL;
3532 setup_capture_of_logs(LOG_NOTICE);
3533
3534 free_options_test_data(tdata);
3535 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3536 "ClientTransportPlugin !!\n"
3537 );
3538 mock_clean_saved_logs();
3539 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3540 tt_int_op(ret, OP_EQ, -1);
3541 tt_str_op(msg, OP_EQ,
3542 "Invalid client transport line. See logs for details.");
3543 expect_log_msg(
3544 "Too few arguments on ClientTransportPlugin line.\n");
3545 tor_free(msg);
3546
3547 free_options_test_data(tdata);
3548 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3549 "ClientTransportPlugin foo exec bar\n"
3550 );
3551 mock_clean_saved_logs();
3552 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3553 tt_int_op(ret, OP_EQ, 0);
3554 tor_free(msg);
3555
3556 free_options_test_data(tdata);
3557 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3558 "ServerTransportPlugin !!\n"
3559 );
3560 mock_clean_saved_logs();
3561 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3562 tt_int_op(ret, OP_EQ, -1);
3563 tt_str_op(msg, OP_EQ,
3564 "Invalid server transport line. See logs for details.");
3565 expect_log_msg(
3566 "Too few arguments on ServerTransportPlugin line.\n");
3567 tor_free(msg);
3568
3569 free_options_test_data(tdata);
3570 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3571 "ServerTransportPlugin foo exec bar\n"
3572 );
3573 mock_clean_saved_logs();
3574 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3575 tt_int_op(ret, OP_EQ, 0);
3576 expect_log_msg(
3577 "Tor is not configured as a relay but you specified a "
3578 "ServerTransportPlugin line (\"foo exec bar\"). The "
3579 "ServerTransportPlugin line will be ignored.\n");
3580 tor_free(msg);
3581
3582 free_options_test_data(tdata);
3583 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3584 "ServerTransportPlugin foo exec bar\n"
3585 "ORPort 127.0.0.1:5555\n"
3586 "BandwidthRate 76900\n"
3587 "BandwidthBurst 76900\n"
3588 "MaxAdvertisedBandwidth 38500\n"
3589 );
3590 mock_clean_saved_logs();
3591 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3592 tt_int_op(ret, OP_EQ, 0);
3593 expect_no_log_msg(
3594 "Tor is not configured as a relay but you specified a "
3595 "ServerTransportPlugin line (\"foo exec bar\"). The "
3596 "ServerTransportPlugin line will be ignored.\n");
3597 tor_free(msg);
3598
3599 free_options_test_data(tdata);
3600 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3601 "ServerTransportListenAddr foo 127.0.0.42:55\n"
3602 "ServerTransportListenAddr !\n"
3603 );
3604 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3605 tt_int_op(ret, OP_EQ, -1);
3606 tt_str_op(msg, OP_EQ,
3607 "ServerTransportListenAddr did not parse. See logs for details.");
3608 tor_free(msg);
3609
3610 free_options_test_data(tdata);
3611 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3612 "ServerTransportListenAddr foo 127.0.0.42:55\n"
3613 );
3614 mock_clean_saved_logs();
3615 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3616 tt_int_op(ret, OP_EQ, 0);
3617 expect_log_msg(
3618 "You need at least a single managed-proxy to specify a transport "
3619 "listen address. The ServerTransportListenAddr line will be "
3620 "ignored.\n");
3621 tor_free(msg);
3622
3623 free_options_test_data(tdata);
3624 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3625 "ServerTransportListenAddr foo 127.0.0.42:55\n"
3626 "ServerTransportPlugin foo exec bar\n"
3627 "ORPort 127.0.0.1:5555\n"
3628 "BandwidthRate 76900\n"
3629 "BandwidthBurst 76900\n"
3630 "MaxAdvertisedBandwidth 38500\n"
3631 );
3632 mock_clean_saved_logs();
3633 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3634 tt_int_op(ret, OP_EQ, 0);
3635 expect_no_log_msg(
3636 "You need at least a single managed-proxy to specify a transport "
3637 "listen address. The ServerTransportListenAddr line will be "
3638 "ignored.\n");
3639
3640 done:
3641 escaped(NULL); // This will free the leaking memory from the previous escaped
3642 policies_free_all();
3643 teardown_capture_of_logs();
3644 free_options_test_data(tdata);
3645 tor_free(msg);
3646 }
3647
3648 static void
3649 test_options_validate__constrained_sockets(void *ignored)
3650 {
3651 (void)ignored;
3652 int ret;
3653 char *msg;
3654 options_test_data_t *tdata = NULL;
3655 setup_capture_of_logs(LOG_WARN);
3656
3657 free_options_test_data(tdata);
3658 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3659 "ConstrainedSockets 1\n"
3660 "ConstrainedSockSize 0\n"
3661 );
3662 mock_clean_saved_logs();
3663 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3664 tt_int_op(ret, OP_EQ, -1);
3665 tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value "
3666 "between 2048 and 262144 in 1024 byte increments.");
3667 tor_free(msg);
3668
3669 free_options_test_data(tdata);
3670 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3671 "ConstrainedSockets 1\n"
3672 "ConstrainedSockSize 263168\n"
3673 );
3674 mock_clean_saved_logs();
3675 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3676 tt_int_op(ret, OP_EQ, -1);
3677 tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value "
3678 "between 2048 and 262144 in 1024 byte increments.");
3679 tor_free(msg);
3680
3681 free_options_test_data(tdata);
3682 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3683 "ConstrainedSockets 1\n"
3684 "ConstrainedSockSize 2047\n"
3685 );
3686 mock_clean_saved_logs();
3687 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3688 tt_int_op(ret, OP_EQ, -1);
3689 tt_str_op(msg, OP_EQ, "ConstrainedSockSize is invalid. Must be a value "
3690 "between 2048 and 262144 in 1024 byte increments.");
3691 tor_free(msg);
3692
3693 free_options_test_data(tdata);
3694 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3695 "ConstrainedSockets 1\n"
3696 "ConstrainedSockSize 2048\n"
3697 "DirPort 999\n"
3698 "DirCache 1\n"
3699 );
3700 mock_clean_saved_logs();
3701 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3702 tt_int_op(ret, OP_EQ, 0);
3703 expect_log_msg("You have requested constrained "
3704 "socket buffers while also serving directory entries via DirPort."
3705 " It is strongly suggested that you disable serving directory"
3706 " requests when system TCP buffer resources are scarce.\n");
3707 tor_free(msg);
3708
3709 free_options_test_data(tdata);
3710 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3711 "ConstrainedSockets 1\n"
3712 "ConstrainedSockSize 2048\n"
3713 );
3714 mock_clean_saved_logs();
3715 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3716 tt_int_op(ret, OP_EQ, 0);
3717 expect_no_log_msg(
3718 "You have requested constrained socket buffers while also serving"
3719 " directory entries via DirPort. It is strongly suggested that "
3720 "you disable serving directory requests when system TCP buffer "
3721 "resources are scarce.\n");
3722 tor_free(msg);
3723
3724 done:
3725 policies_free_all();
3726 teardown_capture_of_logs();
3727 free_options_test_data(tdata);
3728 tor_free(msg);
3729 }
3730
3731 static void
3732 test_options_validate__v3_auth(void *ignored)
3733 {
3734 (void)ignored;
3735 int ret;
3736 char *msg;
3737 options_test_data_t *tdata = NULL;
3738 setup_capture_of_logs(LOG_WARN);
3739
3740 free_options_test_data(tdata);
3741 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3742 "V3AuthVoteDelay 1000\n"
3743 "V3AuthDistDelay 1000\n"
3744 "V3AuthVotingInterval 1000\n"
3745 );
3746 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3747 tt_int_op(ret, OP_EQ, -1);
3748 tt_str_op(msg, OP_EQ,
3749 "V3AuthVoteDelay plus V3AuthDistDelay must be less than half "
3750 "V3AuthVotingInterval");
3751 tor_free(msg);
3752
3753 free_options_test_data(tdata);
3754 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3755 "V3AuthVoteDelay 1\n"
3756 );
3757 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3758 tt_int_op(ret, OP_EQ, -1);
3759 tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low.");
3760 tor_free(msg);
3761
3762 free_options_test_data(tdata);
3763 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3764 "V3AuthVoteDelay 1\n"
3765 "TestingTorNetwork 1\n"
3766 );
3767 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3768 tt_int_op(ret, OP_EQ, -1);
3769 tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low.");
3770 tor_free(msg);
3771
3772 // TODO: we can't reach the case of v3authvotedelay lower
3773 // than MIN_VOTE_SECONDS but not lower than MIN_VOTE_SECONDS_TESTING,
3774 // since they are the same
3775
3776 free_options_test_data(tdata);
3777 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3778 "V3AuthDistDelay 1\n"
3779 );
3780 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3781 tt_int_op(ret, OP_EQ, -1);
3782 tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low.");
3783 tor_free(msg);
3784
3785 free_options_test_data(tdata);
3786 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3787 "V3AuthDistDelay 1\n"
3788 "TestingTorNetwork 1\n"
3789 );
3790 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3791 tt_int_op(ret, OP_EQ, -1);
3792 tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low.");
3793 tor_free(msg);
3794
3795 // TODO: we can't reach the case of v3authdistdelay lower than
3796 // MIN_DIST_SECONDS but not lower than MIN_DIST_SECONDS_TESTING,
3797 // since they are the same
3798
3799 free_options_test_data(tdata);
3800 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3801 "V3AuthNIntervalsValid 1\n"
3802 );
3803 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3804 tt_int_op(ret, OP_EQ, -1);
3805 tt_str_op(msg, OP_EQ, "V3AuthNIntervalsValid must be at least 2.");
3806 tor_free(msg);
3807
3808 free_options_test_data(tdata);
3809 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3810 "V3AuthVoteDelay 49\n"
3811 "V3AuthDistDelay 49\n"
3812 "V3AuthVotingInterval 200\n"
3813 );
3814 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3815 tt_int_op(ret, OP_EQ, -1);
3816 tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely low.");
3817 tor_free(msg);
3818
3819 free_options_test_data(tdata);
3820 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3821 "V3AuthVoteDelay 49\n"
3822 "V3AuthDistDelay 49\n"
3823 "V3AuthVotingInterval 200000\n"
3824 );
3825 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3826 tt_int_op(ret, OP_EQ, -1);
3827 tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely high.");
3828 tor_free(msg);
3829
3830 free_options_test_data(tdata);
3831 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3832 "V3AuthVoteDelay 49\n"
3833 "V3AuthDistDelay 49\n"
3834 "V3AuthVotingInterval 1441\n"
3835 );
3836 mock_clean_saved_logs();
3837 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3838 tt_int_op(ret, OP_EQ, 0);
3839 expect_log_msg("V3AuthVotingInterval does not divide"
3840 " evenly into 24 hours.\n");
3841 tor_free(msg);
3842
3843 free_options_test_data(tdata);
3844 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3845 "V3AuthVoteDelay 49\n"
3846 "V3AuthDistDelay 49\n"
3847 "V3AuthVotingInterval 1440\n"
3848 );
3849 mock_clean_saved_logs();
3850 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3851 tt_int_op(ret, OP_EQ, 0);
3852 expect_no_log_msg("V3AuthVotingInterval does not divide"
3853 " evenly into 24 hours.\n");
3854 tor_free(msg);
3855
3856 free_options_test_data(tdata);
3857 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3858 "V3AuthVoteDelay 49\n"
3859 "V3AuthDistDelay 49\n"
3860 "V3AuthVotingInterval 299\n"
3861 VALID_DIR_AUTH
3862 "TestingTorNetwork 1\n"
3863 );
3864 mock_clean_saved_logs();
3865 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3866 tt_int_op(ret, OP_EQ, 0);
3867 expect_log_msg("V3AuthVotingInterval is very low. "
3868 "This may lead to failure to synchronise for a consensus.\n");
3869 tor_free(msg);
3870
3871 // TODO: It is impossible to reach the case of testingtor network, with
3872 // v3authvotinginterval too low
3873 /* free_options_test_data(tdata); */
3874 /* tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES */
3875 /* "V3AuthVoteDelay 1\n" */
3876 /* "V3AuthDistDelay 1\n" */
3877 /* "V3AuthVotingInterval 9\n" */
3878 /* VALID_DIR_AUTH */
3879 /* "TestingTorNetwork 1\n" */
3880 /* ); */
3881 /* ret = options_validate(tdata->old_opt, tdata->opt, */
3882 /* tdata->def_opt, 0, &msg); */
3883 /* tt_int_op(ret, OP_EQ, -1); */
3884 /* tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely low."); */
3885
3886 free_options_test_data(tdata);
3887 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3888 "TestingV3AuthInitialVoteDelay 1\n"
3889 VALID_DIR_AUTH
3890 "TestingTorNetwork 1\n"
3891 );
3892 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3893 tt_int_op(ret, OP_EQ, -1);
3894 tt_str_op(msg, OP_EQ, "TestingV3AuthInitialVoteDelay is way too low.");
3895 tor_free(msg);
3896
3897 free_options_test_data(tdata);
3898 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3899 "TestingV3AuthInitialDistDelay 1\n"
3900 VALID_DIR_AUTH
3901 "TestingTorNetwork 1\n"
3902 );
3903 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3904 tt_int_op(ret, OP_EQ, -1);
3905 tt_str_op(msg, OP_EQ, "TestingV3AuthInitialDistDelay is way too low.");
3906 tor_free(msg);
3907
3908 free_options_test_data(tdata);
3909 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3910 VALID_DIR_AUTH
3911 "TestingTorNetwork 1\n"
3912 );
3913 tdata->opt->TestingV3AuthVotingStartOffset = 100000;
3914 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3915 tt_int_op(ret, OP_EQ, -1);
3916 tt_str_op(msg, OP_EQ, "TestingV3AuthVotingStartOffset is higher than the "
3917 "voting interval.");
3918 tor_free(msg);
3919
3920 free_options_test_data(tdata);
3921 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3922 VALID_DIR_AUTH
3923 "TestingTorNetwork 1\n"
3924 );
3925 tdata->opt->TestingV3AuthVotingStartOffset = -1;
3926 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3927 tt_int_op(ret, OP_EQ, -1);
3928 tt_str_op(msg, OP_EQ,
3929 "TestingV3AuthVotingStartOffset must be non-negative.");
3930 tor_free(msg);
3931
3932 free_options_test_data(tdata);
3933 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3934 VALID_DIR_AUTH
3935 "TestingTorNetwork 1\n"
3936 "TestingV3AuthInitialVotingInterval 4\n"
3937 );
3938 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3939 tt_int_op(ret, OP_EQ, -1);
3940 tt_str_op(msg, OP_EQ, "TestingV3AuthInitialVotingInterval is insanely low.");
3941 tor_free(msg);
3942
3943 done:
3944 policies_free_all();
3945 teardown_capture_of_logs();
3946 free_options_test_data(tdata);
3947 tor_free(msg);
3948 }
3949
3950 static void
3951 test_options_validate__virtual_addr(void *ignored)
3952 {
3953 (void)ignored;
3954 int ret;
3955 char *msg;
3956 options_test_data_t *tdata = NULL;
3957
3958 free_options_test_data(tdata);
3959 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3960 "VirtualAddrNetworkIPv4 !!"
3961 );
3962 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3963 tt_int_op(ret, OP_EQ, -1);
3964 tt_str_op(msg, OP_EQ, "Error parsing VirtualAddressNetwork !!");
3965 tor_free(msg);
3966
3967 free_options_test_data(tdata);
3968 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
3969 "VirtualAddrNetworkIPv6 !!"
3970 );
3971 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
3972 tt_int_op(ret, OP_EQ, -1);
3973 tt_str_op(msg, OP_EQ, "Error parsing VirtualAddressNetworkIPv6 !!");
3974 tor_free(msg);
3975
3976 done:
3977 escaped(NULL); // This will free the leaking memory from the previous escaped
3978 policies_free_all();
3979 free_options_test_data(tdata);
3980 tor_free(msg);
3981 }
3982
3983 static void
3984 test_options_validate__testing_options(void *ignored)
3985 {
3986 (void)ignored;
3987 int ret;
3988 char *msg;
3989 options_test_data_t *tdata = NULL;
3990 setup_capture_of_logs(LOG_WARN);
3991
3992 #define TEST_TESTING_OPTION(name, low_val, high_val, err_low) \
3993 STMT_BEGIN \
3994 free_options_test_data(tdata); \
3995 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \
3996 VALID_DIR_AUTH \
3997 "TestingTorNetwork 1\n" \
3998 ); \
3999 tdata->opt-> name = low_val; \
4000 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
4001 tt_int_op(ret, OP_EQ, -1); \
4002 tt_str_op(msg, OP_EQ, #name " " err_low); \
4003 tor_free(msg); \
4004 \
4005 free_options_test_data(tdata); \
4006 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES \
4007 VALID_DIR_AUTH \
4008 "TestingTorNetwork 1\n" \
4009 ); \
4010 tdata->opt-> name = high_val; \
4011 mock_clean_saved_logs(); \
4012 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);\
4013 tt_int_op(ret, OP_EQ, 0); \
4014 expect_log_msg( #name " is insanely high.\n"); \
4015 tor_free(msg); \
4016 STMT_END
4017
4018 TEST_TESTING_OPTION(TestingAuthDirTimeToLearnReachability, -1, 8000,
4019 "must be non-negative.");
4020 TEST_TESTING_OPTION(TestingEstimatedDescriptorPropagationTime, -1, 3601,
4021 "must be non-negative.");
4022 TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, -1, 3601,
4023 "is way too low.");
4024 TEST_TESTING_OPTION(TestingDirConnectionMaxStall, 1, 3601,
4025 "is way too low.");
4026
4027 free_options_test_data(tdata);
4028 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4029 "TestingEnableConnBwEvent 1\n"
4030 );
4031 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4032 tt_int_op(ret, OP_EQ, -1);
4033 tt_str_op(msg, OP_EQ, "TestingEnableConnBwEvent may only be changed in "
4034 "testing Tor networks!");
4035 tor_free(msg);
4036
4037 free_options_test_data(tdata);
4038 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4039 "TestingEnableConnBwEvent 1\n"
4040 VALID_DIR_AUTH
4041 "TestingTorNetwork 1\n"
4042 "___UsingTestNetworkDefaults 0\n"
4043 );
4044
4045 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4046 tt_int_op(ret, OP_EQ, 0);
4047 tt_assert(!msg);
4048 tor_free(msg);
4049
4050 free_options_test_data(tdata);
4051 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4052 "TestingEnableConnBwEvent 1\n"
4053 VALID_DIR_AUTH
4054 "TestingTorNetwork 0\n"
4055 "___UsingTestNetworkDefaults 1\n"
4056 );
4057
4058 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4059 tt_int_op(ret, OP_EQ, 0);
4060 tt_assert(!msg);
4061 tor_free(msg);
4062
4063 free_options_test_data(tdata);
4064 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4065 "TestingEnableCellStatsEvent 1\n"
4066 );
4067 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4068 tt_int_op(ret, OP_EQ, -1);
4069 tt_str_op(msg, OP_EQ, "TestingEnableCellStatsEvent may only be changed in "
4070 "testing Tor networks!");
4071 tor_free(msg);
4072
4073 free_options_test_data(tdata);
4074 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4075 "TestingEnableCellStatsEvent 1\n"
4076 VALID_DIR_AUTH
4077 "TestingTorNetwork 1\n"
4078 "___UsingTestNetworkDefaults 0\n"
4079 );
4080
4081 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4082 tt_int_op(ret, OP_EQ, 0);
4083 tt_assert(!msg);
4084 tor_free(msg);
4085
4086 free_options_test_data(tdata);
4087 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4088 "TestingEnableCellStatsEvent 1\n"
4089 VALID_DIR_AUTH
4090 "TestingTorNetwork 0\n"
4091 "___UsingTestNetworkDefaults 1\n"
4092 );
4093
4094 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4095 tt_int_op(ret, OP_EQ, 0);
4096 tt_assert(!msg);
4097 tor_free(msg);
4098
4099 free_options_test_data(tdata);
4100 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4101 "TestingEnableTbEmptyEvent 1\n"
4102 VALID_DIR_AUTH
4103 "TestingTorNetwork 1\n"
4104 "___UsingTestNetworkDefaults 0\n"
4105 );
4106
4107 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4108 tt_int_op(ret, OP_EQ, 0);
4109 tt_assert(!msg);
4110 tor_free(msg);
4111
4112 free_options_test_data(tdata);
4113 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4114 "TestingEnableTbEmptyEvent 1\n"
4115 VALID_DIR_AUTH
4116 "TestingTorNetwork 0\n"
4117 "___UsingTestNetworkDefaults 1\n"
4118 );
4119
4120 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4121 tt_int_op(ret, OP_EQ, 0);
4122 tt_assert(!msg);
4123 tor_free(msg);
4124
4125 done:
4126 policies_free_all();
4127 teardown_capture_of_logs();
4128 free_options_test_data(tdata);
4129 tor_free(msg);
4130 }
4131
4132 static void
4133 test_options_validate__accel(void *ignored)
4134 {
4135 (void)ignored;
4136 int ret;
4137 char *msg;
4138 options_test_data_t *tdata = NULL;
4139
4140 free_options_test_data(tdata);
4141 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4142 "AccelName foo\n"
4143 );
4144 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4145 tt_int_op(ret, OP_EQ, 0);
4146 tt_int_op(tdata->opt->HardwareAccel, OP_EQ, 1);
4147 tor_free(msg);
4148
4149 free_options_test_data(tdata);
4150 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4151 "AccelName foo\n"
4152 );
4153 tdata->opt->HardwareAccel = 2;
4154 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4155 tt_int_op(ret, OP_EQ, 0);
4156 tt_int_op(tdata->opt->HardwareAccel, OP_EQ, 2);
4157 tor_free(msg);
4158
4159 free_options_test_data(tdata);
4160 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4161 "AccelDir 1\n"
4162 );
4163 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4164 tt_int_op(ret, OP_EQ, -1);
4165 tt_str_op(msg, OP_EQ,
4166 "Can't use hardware crypto accelerator dir without engine name.");
4167 tor_free(msg);
4168
4169 free_options_test_data(tdata);
4170 tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
4171 "AccelDir 1\n"
4172 "AccelName something\n"
4173 );
4174 ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
4175 tt_int_op(ret, OP_EQ, 0);
4176 tor_free(msg);
4177
4178 done:
4179 policies_free_all();
4180 free_options_test_data(tdata);
4181 tor_free(msg);
4182 }
4183
4184 #define LOCAL_VALIDATE_TEST(name) \
4185 { "validate__" #name, test_options_validate__ ## name, TT_FORK, NULL, NULL }
4186
4187 struct testcase_t options_tests[] = {
4188 { "validate", test_options_validate, TT_FORK, NULL, NULL },
4189 { "mem_dircache", test_have_enough_mem_for_dircache, TT_FORK, NULL, NULL },
4190 LOCAL_VALIDATE_TEST(uname_for_server),
4191 LOCAL_VALIDATE_TEST(outbound_addresses),
4192 LOCAL_VALIDATE_TEST(data_directory),
4193 LOCAL_VALIDATE_TEST(nickname),
4194 LOCAL_VALIDATE_TEST(contactinfo),
4195 LOCAL_VALIDATE_TEST(logs),
4196 LOCAL_VALIDATE_TEST(authdir),
4197 LOCAL_VALIDATE_TEST(relay_with_hidden_services),
4198 LOCAL_VALIDATE_TEST(transproxy),
4199 LOCAL_VALIDATE_TEST(exclude_nodes),
4200 LOCAL_VALIDATE_TEST(node_families),
4201 LOCAL_VALIDATE_TEST(token_bucket),
4202 LOCAL_VALIDATE_TEST(recommended_packages),
4203 LOCAL_VALIDATE_TEST(fetch_dir),
4204 LOCAL_VALIDATE_TEST(conn_limit),
4205 LOCAL_VALIDATE_TEST(paths_needed),
4206 LOCAL_VALIDATE_TEST(max_client_circuits),
4207 LOCAL_VALIDATE_TEST(ports),
4208 LOCAL_VALIDATE_TEST(reachable_addresses),
4209 LOCAL_VALIDATE_TEST(use_bridges),
4210 LOCAL_VALIDATE_TEST(entry_nodes),
4211 LOCAL_VALIDATE_TEST(safe_logging),
4212 LOCAL_VALIDATE_TEST(publish_server_descriptor),
4213 LOCAL_VALIDATE_TEST(testing),
4214 LOCAL_VALIDATE_TEST(hidserv),
4215 LOCAL_VALIDATE_TEST(path_bias),
4216 LOCAL_VALIDATE_TEST(bandwidth),
4217 LOCAL_VALIDATE_TEST(circuits),
4218 LOCAL_VALIDATE_TEST(rend),
4219 LOCAL_VALIDATE_TEST(single_onion),
4220 LOCAL_VALIDATE_TEST(accounting),
4221 LOCAL_VALIDATE_TEST(proxy),
4222 LOCAL_VALIDATE_TEST(control),
4223 LOCAL_VALIDATE_TEST(families),
4224 LOCAL_VALIDATE_TEST(addr_policies),
4225 LOCAL_VALIDATE_TEST(dir_auth),
4226 LOCAL_VALIDATE_TEST(transport),
4227 LOCAL_VALIDATE_TEST(constrained_sockets),
4228 LOCAL_VALIDATE_TEST(v3_auth),
4229 LOCAL_VALIDATE_TEST(virtual_addr),
4230 LOCAL_VALIDATE_TEST(testing_options),
4231 LOCAL_VALIDATE_TEST(accel),
4232 END_OF_TESTCASES /* */
4233 };
The Onion Router