1 /* Copyright (c) 2017-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 #include "core/or/or.h"
5 #include "lib/crypt_ops/crypto_rand.h"
6 #include "core/or/address_set.h"
7 #include "feature/nodelist/dirlist.h"
8 #include "feature/nodelist/microdesc.h"
9 #include "feature/nodelist/networkstatus.h"
10 #include "feature/nodelist/nodelist.h"
11 #include "feature/nodelist/routerlist.h"
12 #include "feature/nodelist/torcert.h"
14 #include "feature/nodelist/microdesc_st.h"
15 #include "feature/nodelist/networkstatus_st.h"
16 #include "feature/nodelist/routerinfo_st.h"
17 #include "feature/nodelist/routerstatus_st.h"
19 #include "test/test.h"
20 #include "test/rng_test_helpers.h"
22 static networkstatus_t
*dummy_ns
= NULL
;
23 static networkstatus_t
*
24 mock_networkstatus_get_latest_consensus(void)
29 static networkstatus_t
*
30 mock_networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f
)
32 tor_assert(f
== FLAV_MICRODESC
);
37 mock_dirlist_add_trusted_dir_addresses(void)
42 /* Number of address a single node_t can have. Default to the production
43 * value. This is to control the size of the bloom filter. */
44 static int addr_per_node
= 2;
46 mock_get_estimated_address_per_node(void)
52 test_contains(void *arg
)
55 address_set_t
*set
= NULL
;
59 /* Setup an IPv4 and IPv6 addresses. */
61 tor_addr_parse(&addr_v6
, "1:2:3:4::");
63 tor_addr_parse(&addr_v4
, "42.42.42.42");
64 uint32_t ipv4h
= tor_addr_to_ipv4h(&addr_v4
);
66 /* Use our deterministic RNG since the address set uses a bloom filter
68 testing_enable_deterministic_rng();
70 /* Make it very big so the chance of failing the contain test will be
72 set
= address_set_new(1024);
75 /* Add and lookup IPv6. */
76 address_set_add(set
, &addr_v6
);
77 ret
= address_set_probably_contains(set
, &addr_v6
);
78 tt_int_op(ret
, OP_EQ
, 1);
80 /* Add and lookup IPv4. */
81 address_set_add_ipv4h(set
, ipv4h
);
82 ret
= address_set_probably_contains(set
, &addr_v4
);
83 tt_int_op(ret
, OP_EQ
, 1);
85 /* Try a lookup of rubbish. */
86 tor_addr_t dummy_addr
;
87 memset(&dummy_addr
, 'A', sizeof(dummy_addr
));
88 dummy_addr
.family
= AF_INET
;
89 ret
= address_set_probably_contains(set
, &dummy_addr
);
90 tt_int_op(ret
, OP_EQ
, 0);
91 dummy_addr
.family
= AF_INET6
;
92 ret
= address_set_probably_contains(set
, &dummy_addr
);
93 tt_int_op(ret
, OP_EQ
, 0);
96 address_set_free(set
);
98 testing_disable_deterministic_rng();
102 test_nodelist(void *arg
)
105 routerstatus_t
*rs
= NULL
; microdesc_t
*md
= NULL
; routerinfo_t
*ri
= NULL
;
109 MOCK(networkstatus_get_latest_consensus
,
110 mock_networkstatus_get_latest_consensus
);
111 MOCK(networkstatus_get_latest_consensus_by_flavor
,
112 mock_networkstatus_get_latest_consensus_by_flavor
);
113 MOCK(get_estimated_address_per_node
,
114 mock_get_estimated_address_per_node
);
115 MOCK(dirlist_add_trusted_dir_addresses
,
116 mock_dirlist_add_trusted_dir_addresses
);
118 /* Use our deterministic RNG since the address set, used for
119 * nodelist_probably_contains_address() uses a bloom filter internally. */
120 testing_enable_deterministic_rng();
122 dummy_ns
= tor_malloc_zero(sizeof(*dummy_ns
));
123 dummy_ns
->flavor
= FLAV_MICRODESC
;
124 dummy_ns
->routerstatus_list
= smartlist_new();
126 tor_addr_t addr_v4
, addr_v6
, dummy_addr
;
127 tor_addr_parse(&addr_v4
, "42.42.42.42");
128 tor_addr_parse(&addr_v6
, "1:2:3:4::");
129 memset(&dummy_addr
, 'A', sizeof(dummy_addr
));
131 /* This will make the nodelist bloom filter very large
132 * (the_nodelist->node_addrs) so we will fail the contain test rarely. */
133 addr_per_node
= 1024;
135 /* No node no nothing. The lookups should be empty. We've mocked the
136 * dirlist_add_trusted_dir_addresses in order for _no_ authorities to be
137 * added to the filter else it makes this test to trigger many false
139 nodelist_set_consensus(dummy_ns
);
141 /* The address set should be empty. */
142 ret
= nodelist_probably_contains_address(&addr_v4
);
143 tt_int_op(ret
, OP_EQ
, 0);
144 ret
= nodelist_probably_contains_address(&addr_v6
);
145 tt_int_op(ret
, OP_EQ
, 0);
146 dummy_addr
.family
= AF_INET
;
147 ret
= nodelist_probably_contains_address(&dummy_addr
);
148 tt_int_op(ret
, OP_EQ
, 0);
149 dummy_addr
.family
= AF_INET6
;
150 ret
= nodelist_probably_contains_address(&dummy_addr
);
151 tt_int_op(ret
, OP_EQ
, 0);
153 md
= tor_malloc_zero(sizeof(*md
));
154 ri
= tor_malloc_zero(sizeof(*ri
));
155 rs
= tor_malloc_zero(sizeof(*rs
));
156 crypto_rand(rs
->identity_digest
, sizeof(rs
->identity_digest
));
157 crypto_rand(md
->digest
, sizeof(md
->digest
));
158 memcpy(rs
->descriptor_digest
, md
->digest
, DIGEST256_LEN
);
160 /* Setup the rs, ri and md addresses. */
161 tor_addr_copy(&rs
->ipv4_addr
, &addr_v4
);
162 tor_addr_parse(&rs
->ipv6_addr
, "1:2:3:4::");
163 tor_addr_copy(&ri
->ipv4_addr
, &addr_v4
);
164 tor_addr_parse(&ri
->ipv6_addr
, "1:2:3:4::");
165 tor_addr_parse(&md
->ipv6_addr
, "1:2:3:4::");
167 /* Add the rs to the consensus becoming a node_t. */
168 smartlist_add(dummy_ns
->routerstatus_list
, rs
);
169 nodelist_set_consensus(dummy_ns
);
171 /* At this point, the address set should be initialized in the nodelist and
172 * we should be able to lookup. */
173 ret
= nodelist_probably_contains_address(&addr_v4
);
174 tt_int_op(ret
, OP_EQ
, 1);
175 ret
= nodelist_probably_contains_address(&addr_v6
);
176 tt_int_op(ret
, OP_EQ
, 1);
177 /* Lookup unknown address. */
178 dummy_addr
.family
= AF_INET
;
179 ret
= nodelist_probably_contains_address(&dummy_addr
);
180 tt_int_op(ret
, OP_EQ
, 0);
181 dummy_addr
.family
= AF_INET6
;
182 ret
= nodelist_probably_contains_address(&dummy_addr
);
183 tt_int_op(ret
, OP_EQ
, 0);
186 routerstatus_free(rs
); routerinfo_free(ri
); microdesc_free(md
);
187 smartlist_clear(dummy_ns
->routerstatus_list
);
188 networkstatus_vote_free(dummy_ns
);
189 UNMOCK(networkstatus_get_latest_consensus
);
190 UNMOCK(networkstatus_get_latest_consensus_by_flavor
);
191 UNMOCK(get_estimated_address_per_node
);
192 UNMOCK(dirlist_add_trusted_dir_addresses
);
194 testing_disable_deterministic_rng();
197 /** Test that the no-reentry exit filter works as intended */
199 test_exit_no_reentry(void *arg
)
201 routerstatus_t
*rs
= NULL
; microdesc_t
*md
= NULL
; routerinfo_t
*ri
= NULL
;
204 MOCK(networkstatus_get_latest_consensus
,
205 mock_networkstatus_get_latest_consensus
);
206 MOCK(networkstatus_get_latest_consensus_by_flavor
,
207 mock_networkstatus_get_latest_consensus_by_flavor
);
208 MOCK(get_estimated_address_per_node
,
209 mock_get_estimated_address_per_node
);
210 MOCK(dirlist_add_trusted_dir_addresses
,
211 mock_dirlist_add_trusted_dir_addresses
);
213 dummy_ns
= tor_malloc_zero(sizeof(*dummy_ns
));
214 dummy_ns
->flavor
= FLAV_MICRODESC
;
215 dummy_ns
->routerstatus_list
= smartlist_new();
217 tor_addr_t addr_v4
, addr_v6
, dummy_addr
;
218 tor_addr_parse(&addr_v4
, "42.42.42.42");
219 tor_addr_parse(&addr_v6
, "1:2:3:4::");
220 memset(&dummy_addr
, 'A', sizeof(dummy_addr
));
222 /* This will make the nodelist bloom filter very large
223 * (the_nodelist->node_addrs) so we will fail the contain test rarely. */
224 addr_per_node
= 1024;
226 /* After this point the nodelist is populated with the directory authorities
227 * address and ports */
228 nodelist_set_consensus(dummy_ns
);
230 /* The address set is empty. Try it anyway */
231 tt_assert(!nodelist_reentry_contains(&addr_v4
, 244));
232 tt_assert(!nodelist_reentry_contains(&addr_v6
, 244));
234 /* Now let's populate the network */
235 md
= tor_malloc_zero(sizeof(*md
));
236 ri
= tor_malloc_zero(sizeof(*ri
));
237 rs
= tor_malloc_zero(sizeof(*rs
));
238 crypto_rand(rs
->identity_digest
, sizeof(rs
->identity_digest
));
239 crypto_rand(md
->digest
, sizeof(md
->digest
));
240 memcpy(rs
->descriptor_digest
, md
->digest
, DIGEST256_LEN
);
242 /* Setup the rs, ri and md addresses. */
243 tor_addr_copy(&rs
->ipv4_addr
, &addr_v4
);
244 rs
->ipv4_orport
= 444;
245 tor_addr_parse(&rs
->ipv6_addr
, "1:2:3:4::");
246 rs
->ipv6_orport
= 666;
247 tor_addr_copy(&ri
->ipv4_addr
, &addr_v4
);
248 tor_addr_parse(&ri
->ipv6_addr
, "1:2:3:4::");
249 tor_addr_parse(&md
->ipv6_addr
, "1:2:3:4::");
251 /* Add the rs to the consensus becoming a node_t. */
252 smartlist_add(dummy_ns
->routerstatus_list
, rs
);
253 nodelist_set_consensus(dummy_ns
);
255 /* Now that the nodelist is populated let's do some retry attempts */
257 /* First let's try an address that is on the no-reentry list, but with a
259 tt_assert(!nodelist_reentry_contains(&addr_v4
, 666));
260 tt_assert(!nodelist_reentry_contains(&addr_v6
, 444));
262 /* OK now let's try with the right address and right port */
263 tt_assert(nodelist_reentry_contains(&addr_v4
, 444));
264 tt_assert(nodelist_reentry_contains(&addr_v6
, 666));
267 routerstatus_free(rs
); routerinfo_free(ri
); microdesc_free(md
);
268 smartlist_clear(dummy_ns
->routerstatus_list
);
269 networkstatus_vote_free(dummy_ns
);
270 UNMOCK(networkstatus_get_latest_consensus
);
271 UNMOCK(networkstatus_get_latest_consensus_by_flavor
);
272 UNMOCK(get_estimated_address_per_node
);
273 UNMOCK(dirlist_add_trusted_dir_addresses
);
276 struct testcase_t address_set_tests
[] = {
277 { "contains", test_contains
, TT_FORK
,
279 { "nodelist", test_nodelist
, TT_FORK
,
281 { "exit_no_reentry", test_exit_no_reentry
, TT_FORK
, NULL
, NULL
},