search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'maint-0.4.5' into release-0.4.5
[tor.git] / src / test / test.c
blobffea158141d06cafa3f96d1f57bbc7a0ce521f64
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 ->a * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2020, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 /**
7 * \file test.c
8 * \brief Unit tests for many pieces of the lower level Tor modules.
9 **/
10
11 #include "orconfig.h"
12 #include "lib/crypt_ops/crypto_dh.h"
13 #include "lib/crypt_ops/crypto_rand.h"
14 #include "app/config/or_state_st.h"
15 #include "test/rng_test_helpers.h"
16
17 #include <stdio.h>
18 #ifdef HAVE_FCNTL_H
19 #include <fcntl.h>
20 #endif
21
22 #ifdef _WIN32
23 /* For mkdir() */
24 #include <direct.h>
25 #else
26 #include <dirent.h>
27 #endif /* defined(_WIN32) */
28
29 #include <math.h>
30
31 /* These macros pull in declarations for some functions and structures that
32 * are typically file-private. */
33 #define ROUTER_PRIVATE
34 #define CIRCUITSTATS_PRIVATE
35 #define CIRCUITLIST_PRIVATE
36 #define MAINLOOP_PRIVATE
37 #define STATEFILE_PRIVATE
38
39 #include "core/or/or.h"
40 #include "lib/err/backtrace.h"
41 #include "lib/buf/buffers.h"
42 #include "core/or/circuitlist.h"
43 #include "core/or/circuitstats.h"
44 #include "lib/compress/compress.h"
45 #include "app/config/config.h"
46 #include "core/or/connection_edge.h"
47 #include "core/or/extendinfo.h"
48 #include "feature/rend/rendcommon.h"
49 #include "feature/rend/rendcache.h"
50 #include "feature/rend/rendparse.h"
51 #include "test/test.h"
52 #include "core/mainloop/mainloop.h"
53 #include "lib/memarea/memarea.h"
54 #include "core/or/onion.h"
55 #include "core/crypto/onion_ntor.h"
56 #include "core/crypto/onion_fast.h"
57 #include "core/crypto/onion_tap.h"
58 #include "core/or/policies.h"
59 #include "app/config/statefile.h"
60 #include "lib/crypt_ops/crypto_curve25519.h"
61
62 #include "core/or/extend_info_st.h"
63 #include "core/or/or_circuit_st.h"
64 #include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
65 #include "feature/rend/rend_intro_point_st.h"
66 #include "feature/rend/rend_service_descriptor_st.h"
67 #include "feature/relay/onion_queue.h"
68
69 /** Run unit tests for the onion handshake code. */
70 static void
71 test_onion_handshake(void *arg)
72 {
73 /* client-side */
74 crypto_dh_t *c_dh = NULL;
75 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
76 char c_keys[40];
77 /* server-side */
78 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
79 char s_keys[40];
80 int i;
81 /* shared */
82 crypto_pk_t *pk = NULL, *pk2 = NULL;
83
84 (void)arg;
85 pk = pk_generate(0);
86 pk2 = pk_generate(1);
87
88 /* client handshake 1. */
89 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
90 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
91
92 for (i = 1; i <= 3; ++i) {
93 crypto_pk_t *k1, *k2;
94 if (i==1) {
95 /* server handshake: only one key known. */
96 k1 = pk; k2 = NULL;
97 } else if (i==2) {
98 /* server handshake: try the right key first. */
99 k1 = pk; k2 = pk2;
100 } else {
101 /* server handshake: try the right key second. */
102 k1 = pk2; k2 = pk;
103 }
104
105 memset(s_buf, 0, TAP_ONIONSKIN_REPLY_LEN);
106 memset(s_keys, 0, 40);
107 tt_assert(! onion_skin_TAP_server_handshake(c_buf, k1, k2,
108 s_buf, s_keys, 40));
109
110 /* client handshake 2 */
111 memset(c_keys, 0, 40);
112 tt_assert(! onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys,
113 40, NULL));
114
115 tt_mem_op(c_keys,OP_EQ, s_keys, 40);
116 memset(s_buf, 0, 40);
117 tt_mem_op(c_keys,OP_NE, s_buf, 40);
118 }
119 done:
120 crypto_dh_free(c_dh);
121 crypto_pk_free(pk);
122 crypto_pk_free(pk2);
123 }
124
125 static void
126 test_bad_onion_handshake(void *arg)
127 {
128 char junk_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
129 char junk_buf2[TAP_ONIONSKIN_CHALLENGE_LEN];
130 /* client-side */
131 crypto_dh_t *c_dh = NULL;
132 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
133 char c_keys[40];
134 /* server-side */
135 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
136 char s_keys[40];
137 /* shared */
138 crypto_pk_t *pk = NULL, *pk2 = NULL;
139
140 (void)arg;
141
142 pk = pk_generate(0);
143 pk2 = pk_generate(1);
144
145 /* Server: Case 1: the encrypted data is degenerate. */
146 memset(junk_buf, 0, sizeof(junk_buf));
147 crypto_pk_obsolete_public_hybrid_encrypt(pk,
148 junk_buf2, TAP_ONIONSKIN_CHALLENGE_LEN,
149 junk_buf, DH1024_KEY_LEN,
150 PK_PKCS1_OAEP_PADDING, 1);
151 tt_int_op(-1, OP_EQ,
152 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
153 s_buf, s_keys, 40));
154
155 /* Server: Case 2: the encrypted data is not long enough. */
156 memset(junk_buf, 0, sizeof(junk_buf));
157 memset(junk_buf2, 0, sizeof(junk_buf2));
158 crypto_pk_public_encrypt(pk, junk_buf2, sizeof(junk_buf2),
159 junk_buf, 48, PK_PKCS1_OAEP_PADDING);
160 tt_int_op(-1, OP_EQ,
161 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
162 s_buf, s_keys, 40));
163
164 /* client handshake 1: do it straight. */
165 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
166 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
167
168 /* Server: Case 3: we just don't have the right key. */
169 tt_int_op(-1, OP_EQ,
170 onion_skin_TAP_server_handshake(c_buf, pk2, NULL,
171 s_buf, s_keys, 40));
172
173 /* Server: Case 4: The RSA-encrypted portion is corrupt. */
174 c_buf[64] ^= 33;
175 tt_int_op(-1, OP_EQ,
176 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
177 s_buf, s_keys, 40));
178 c_buf[64] ^= 33;
179
180 /* (Let the server proceed) */
181 tt_int_op(0, OP_EQ,
182 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
183 s_buf, s_keys, 40));
184
185 /* Client: Case 1: The server sent back junk. */
186 const char *msg = NULL;
187 s_buf[64] ^= 33;
188 tt_int_op(-1, OP_EQ,
189 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
190 s_buf[64] ^= 33;
191 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on onion handshake. "
192 "Bug or attack.");
193
194 /* Let the client finish; make sure it can. */
195 msg = NULL;
196 tt_int_op(0, OP_EQ,
197 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
198 tt_mem_op(s_keys,OP_EQ, c_keys, 40);
199 tt_ptr_op(msg, OP_EQ, NULL);
200
201 /* Client: Case 2: The server sent back a degenerate DH. */
202 memset(s_buf, 0, sizeof(s_buf));
203 tt_int_op(-1, OP_EQ,
204 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
205 tt_str_op(msg, OP_EQ, "DH computation failed.");
206
207 done:
208 crypto_dh_free(c_dh);
209 crypto_pk_free(pk);
210 crypto_pk_free(pk2);
211 }
212
213 static void
214 test_ntor_handshake(void *arg)
215 {
216 /* client-side */
217 ntor_handshake_state_t *c_state = NULL;
218 uint8_t c_buf[NTOR_ONIONSKIN_LEN];
219 uint8_t c_keys[400];
220
221 /* server-side */
222 di_digest256_map_t *s_keymap=NULL;
223 curve25519_keypair_t s_keypair;
224 uint8_t s_buf[NTOR_REPLY_LEN];
225 uint8_t s_keys[400];
226
227 /* shared */
228 const curve25519_public_key_t *server_pubkey;
229 uint8_t node_id[20] = "abcdefghijklmnopqrst";
230
231 (void) arg;
232
233 /* Make the server some keys */
234 curve25519_secret_key_generate(&s_keypair.seckey, 0);
235 curve25519_public_key_generate(&s_keypair.pubkey, &s_keypair.seckey);
236 dimap_add_entry(&s_keymap, s_keypair.pubkey.public_key, &s_keypair);
237 server_pubkey = &s_keypair.pubkey;
238
239 /* client handshake 1. */
240 memset(c_buf, 0, NTOR_ONIONSKIN_LEN);
241 tt_int_op(0, OP_EQ, onion_skin_ntor_create(node_id, server_pubkey,
242 &c_state, c_buf));
243
244 /* server handshake */
245 memset(s_buf, 0, NTOR_REPLY_LEN);
246 memset(s_keys, 0, 40);
247 tt_int_op(0, OP_EQ, onion_skin_ntor_server_handshake(c_buf, s_keymap, NULL,
248 node_id,
249 s_buf, s_keys, 400));
250
251 /* client handshake 2 */
252 memset(c_keys, 0, 40);
253 tt_int_op(0, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
254 c_keys, 400, NULL));
255
256 tt_mem_op(c_keys,OP_EQ, s_keys, 400);
257 memset(s_buf, 0, 40);
258 tt_mem_op(c_keys,OP_NE, s_buf, 40);
259
260 /* Now try with a bogus server response. Zero input should trigger
261 * All The Problems. */
262 memset(c_keys, 0, 400);
263 memset(s_buf, 0, NTOR_REPLY_LEN);
264 const char *msg = NULL;
265 tt_int_op(-1, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
266 c_keys, 400, &msg));
267 tt_str_op(msg, OP_EQ, "Zero output from curve25519 handshake");
268
269 done:
270 ntor_handshake_state_free(c_state);
271 dimap_free(s_keymap, NULL);
272 }
273
274 static void
275 test_fast_handshake(void *arg)
276 {
277 /* tests for the obsolete "CREATE_FAST" handshake. */
278 (void) arg;
279 fast_handshake_state_t *state = NULL;
280 uint8_t client_handshake[CREATE_FAST_LEN];
281 uint8_t server_handshake[CREATED_FAST_LEN];
282 uint8_t s_keys[100], c_keys[100];
283
284 /* First, test an entire handshake. */
285 memset(client_handshake, 0, sizeof(client_handshake));
286 tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake));
287 tt_assert(! fast_mem_is_zero((char*)client_handshake,
288 sizeof(client_handshake)));
289
290 tt_int_op(0, OP_EQ,
291 fast_server_handshake(client_handshake, server_handshake,
292 s_keys, 100));
293 const char *msg = NULL;
294 tt_int_op(0, OP_EQ,
295 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
296 tt_ptr_op(msg, OP_EQ, NULL);
297 tt_mem_op(s_keys, OP_EQ, c_keys, 100);
298
299 /* Now test a failing handshake. */
300 server_handshake[0] ^= 3;
301 tt_int_op(-1, OP_EQ,
302 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
303 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on fast handshake. "
304 "Bug or attack.");
305
306 done:
307 fast_handshake_state_free(state);
308 }
309
310 /** Run unit tests for the onion queues. */
311 static void
312 test_onion_queues(void *arg)
313 {
314 uint8_t buf1[TAP_ONIONSKIN_CHALLENGE_LEN] = {0};
315 uint8_t buf2[NTOR_ONIONSKIN_LEN] = {0};
316
317 or_circuit_t *circ1 = or_circuit_new(0, NULL);
318 or_circuit_t *circ2 = or_circuit_new(0, NULL);
319
320 create_cell_t *onionskin = NULL, *create2_ptr;
321 create_cell_t *create1 = tor_malloc_zero(sizeof(create_cell_t));
322 create_cell_t *create2 = tor_malloc_zero(sizeof(create_cell_t));
323 (void)arg;
324 create2_ptr = create2; /* remember, but do not free */
325
326 create_cell_init(create1, CELL_CREATE, ONION_HANDSHAKE_TYPE_TAP,
327 TAP_ONIONSKIN_CHALLENGE_LEN, buf1);
328 create_cell_init(create2, CELL_CREATE, ONION_HANDSHAKE_TYPE_NTOR,
329 NTOR_ONIONSKIN_LEN, buf2);
330
331 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
332 tt_int_op(0,OP_EQ, onion_pending_add(circ1, create1));
333 create1 = NULL;
334 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
335
336 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
337 tt_int_op(0,OP_EQ, onion_pending_add(circ2, create2));
338 create2 = NULL;
339 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
340
341 tt_ptr_op(circ2,OP_EQ, onion_next_task(&onionskin));
342 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
343 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
344 tt_ptr_op(onionskin, OP_EQ, create2_ptr);
345
346 clear_pending_onions();
347 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
348 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
349
350 done:
351 circuit_free_(TO_CIRCUIT(circ1));
352 circuit_free_(TO_CIRCUIT(circ2));
353 tor_free(create1);
354 tor_free(create2);
355 tor_free(onionskin);
356 }
357
358 static void
359 test_circuit_timeout(void *arg)
360 {
361 /* Plan:
362 * 1. Generate 1000 samples
363 * 2. Estimate parameters
364 * 3. If difference, repeat
365 * 4. Save state
366 * 5. load state
367 * 6. Estimate parameters
368 * 7. compare differences
369 */
370 circuit_build_times_t initial;
371 circuit_build_times_t estimate;
372 circuit_build_times_t final;
373 double timeout1, timeout2;
374 or_state_t *state=NULL;
375 int i, runs;
376 double close_ms;
377 (void)arg;
378
379 initialize_periodic_events();
380
381 circuit_build_times_init(&initial);
382 circuit_build_times_init(&estimate);
383 circuit_build_times_init(&final);
384
385 state = or_state_new();
386
387 // Use a deterministic RNG here, or else we'll get nondeterministic
388 // coverage in some of the circuitstats functions.
389 testing_enable_deterministic_rng();
390
391 circuitbuild_running_unit_tests();
392 #define timeout0 (build_time_t)(30*1000.0)
393 initial.Xm = 3000;
394 circuit_build_times_initial_alpha(&initial,
395 CBT_DEFAULT_QUANTILE_CUTOFF/100.0,
396 timeout0);
397 close_ms = MAX(circuit_build_times_calculate_timeout(&initial,
398 CBT_DEFAULT_CLOSE_QUANTILE/100.0),
399 CBT_DEFAULT_TIMEOUT_INITIAL_VALUE);
400 do {
401 for (i=0; i < CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE; i++) {
402 build_time_t sample = circuit_build_times_generate_sample(&initial,0,1);
403
404 if (sample > close_ms) {
405 circuit_build_times_add_time(&estimate, CBT_BUILD_ABANDONED);
406 } else {
407 circuit_build_times_add_time(&estimate, sample);
408 }
409 }
410 circuit_build_times_update_alpha(&estimate);
411 timeout1 = circuit_build_times_calculate_timeout(&estimate,
412 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
413 circuit_build_times_set_timeout(&estimate);
414 log_notice(LD_CIRC, "Timeout1 is %f, Xm is %d", timeout1, estimate.Xm);
415 /* 2% error */
416 } while (fabs(circuit_build_times_cdf(&initial, timeout0) -
417 circuit_build_times_cdf(&initial, timeout1)) > 0.02);
418
419 tt_int_op(estimate.total_build_times, OP_LE, CBT_NCIRCUITS_TO_OBSERVE);
420
421 circuit_build_times_update_state(&estimate, state);
422 circuit_build_times_free_timeouts(&final);
423 tt_int_op(circuit_build_times_parse_state(&final, state), OP_EQ, 0);
424
425 circuit_build_times_update_alpha(&final);
426 timeout2 = circuit_build_times_calculate_timeout(&final,
427 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
428
429 circuit_build_times_set_timeout(&final);
430 log_notice(LD_CIRC, "Timeout2 is %f, Xm is %d", timeout2, final.Xm);
431
432 /* 5% here because some accuracy is lost due to histogram conversion */
433 tt_assert(fabs(circuit_build_times_cdf(&initial, timeout0) -
434 circuit_build_times_cdf(&initial, timeout2)) < 0.05);
435
436 for (runs = 0; runs < 50; runs++) {
437 int build_times_idx = 0;
438 int total_build_times = 0;
439
440 final.close_ms = final.timeout_ms = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
441 estimate.close_ms = estimate.timeout_ms
442 = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
443
444 for (i = 0; i < CBT_DEFAULT_RECENT_CIRCUITS*2; i++) {
445 circuit_build_times_network_circ_success(&estimate);
446 circuit_build_times_add_time(&estimate,
447 circuit_build_times_generate_sample(&estimate, 0,
448 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
449
450 circuit_build_times_network_circ_success(&estimate);
451 circuit_build_times_add_time(&final,
452 circuit_build_times_generate_sample(&final, 0,
453 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
454 }
455
456 tt_assert(!circuit_build_times_network_check_changed(&estimate));
457 tt_assert(!circuit_build_times_network_check_changed(&final));
458
459 /* Reset liveness to be non-live */
460 final.liveness.network_last_live = 0;
461 estimate.liveness.network_last_live = 0;
462
463 build_times_idx = estimate.build_times_idx;
464 total_build_times = estimate.total_build_times;
465
466 tt_assert(circuit_build_times_network_check_live(&estimate));
467 tt_assert(circuit_build_times_network_check_live(&final));
468
469 circuit_build_times_count_close(&estimate, 0,
470 (time_t)(approx_time()-estimate.close_ms/1000.0-1));
471 circuit_build_times_count_close(&final, 0,
472 (time_t)(approx_time()-final.close_ms/1000.0-1));
473
474 tt_assert(!circuit_build_times_network_check_live(&estimate));
475 tt_assert(!circuit_build_times_network_check_live(&final));
476
477 log_info(LD_CIRC, "idx: %d %d, tot: %d %d",
478 build_times_idx, estimate.build_times_idx,
479 total_build_times, estimate.total_build_times);
480
481 /* Check rollback index. Should match top of loop. */
482 tt_assert(build_times_idx == estimate.build_times_idx);
483 // This can fail if estimate.total_build_times == 1000, because
484 // in that case, rewind actually causes us to lose timeouts
485 if (total_build_times != CBT_NCIRCUITS_TO_OBSERVE)
486 tt_assert(total_build_times == estimate.total_build_times);
487
488 /* Now simulate that the network has become live and we need
489 * a change */
490 circuit_build_times_network_is_live(&estimate);
491 circuit_build_times_network_is_live(&final);
492
493 for (i = 0; i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT; i++) {
494 circuit_build_times_count_timeout(&estimate, 1);
495
496 if (i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1) {
497 circuit_build_times_count_timeout(&final, 1);
498 }
499 }
500
501 tt_int_op(estimate.liveness.after_firsthop_idx, OP_EQ, 0);
502 tt_assert(final.liveness.after_firsthop_idx ==
503 CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1);
504
505 tt_assert(circuit_build_times_network_check_live(&estimate));
506 tt_assert(circuit_build_times_network_check_live(&final));
507
508 circuit_build_times_count_timeout(&final, 1);
509
510 /* Ensure return value for degenerate cases are clamped correctly */
511 initial.alpha = INT32_MAX;
512 tt_assert(circuit_build_times_calculate_timeout(&initial, .99999999) <=
513 INT32_MAX);
514 initial.alpha = 0;
515 tt_assert(circuit_build_times_calculate_timeout(&initial, .5) <=
516 INT32_MAX);
517 }
518
519 done:
520 circuit_build_times_free_timeouts(&initial);
521 circuit_build_times_free_timeouts(&estimate);
522 circuit_build_times_free_timeouts(&final);
523 or_state_free(state);
524 teardown_periodic_events();
525
526 testing_disable_deterministic_rng();
527 }
528
529 /** Test encoding and parsing of rendezvous service descriptors. */
530 static void
531 test_rend_fns(void *arg)
532 {
533 rend_service_descriptor_t *generated = NULL, *parsed = NULL;
534 char service_id[DIGEST_LEN];
535 char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
536 const char *next_desc;
537 smartlist_t *descs = smartlist_new();
538 char computed_desc_id[DIGEST_LEN];
539 char parsed_desc_id[DIGEST_LEN];
540 crypto_pk_t *pk1 = NULL, *pk2 = NULL;
541 time_t now;
542 char *intro_points_encrypted = NULL;
543 size_t intro_points_size;
544 size_t encoded_size;
545 int i;
546
547 (void)arg;
548
549 /* Initialize the service cache. */
550 rend_cache_init();
551
552 pk1 = pk_generate(0);
553 pk2 = pk_generate(1);
554 generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
555 generated->pk = crypto_pk_dup_key(pk1);
556 crypto_pk_get_digest(generated->pk, service_id);
557 base32_encode(service_id_base32, REND_SERVICE_ID_LEN_BASE32+1,
558 service_id, REND_SERVICE_ID_LEN);
559 now = time(NULL);
560 generated->timestamp = now;
561 generated->version = 2;
562 generated->protocols = 42;
563 generated->intro_nodes = smartlist_new();
564
565 for (i = 0; i < 3; i++) {
566 rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
567 crypto_pk_t *okey = pk_generate(2 + i);
568 intro->extend_info =
569 extend_info_new(NULL, NULL, NULL, NULL, NULL, NULL, 0);
570 intro->extend_info->onion_key = okey;
571 crypto_pk_get_digest(intro->extend_info->onion_key,
572 intro->extend_info->identity_digest);
573 //crypto_rand(info->identity_digest, DIGEST_LEN); /* Would this work? */
574 intro->extend_info->nickname[0] = '$';
575 base16_encode(intro->extend_info->nickname + 1,
576 sizeof(intro->extend_info->nickname) - 1,
577 intro->extend_info->identity_digest, DIGEST_LEN);
578 tor_addr_t addr;
579 uint16_t port;
580 /* Does not cover all IP addresses. */
581 tor_addr_from_ipv4h(&addr, crypto_rand_int(65536) + 1);
582 port = 1 + crypto_rand_int(65535);
583 extend_info_add_orport(intro->extend_info, &addr, port);
584 intro->intro_key = crypto_pk_dup_key(pk2);
585 smartlist_add(generated->intro_nodes, intro);
586 }
587 int rv = rend_encode_v2_descriptors(descs, generated, now, 0,
588 REND_NO_AUTH, NULL, NULL);
589 tt_int_op(rv, OP_GT, 0);
590 rv = rend_compute_v2_desc_id(computed_desc_id, service_id_base32, NULL,
591 now, 0);
592 tt_int_op(rv, OP_EQ, 0);
593 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
594 smartlist_get(descs, 0))->desc_id, OP_EQ,
595 computed_desc_id, DIGEST_LEN);
596 rv = rend_parse_v2_service_descriptor(&parsed, parsed_desc_id,
597 &intro_points_encrypted, &intro_points_size, &encoded_size,
598 &next_desc,
599 ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0))
600 ->desc_str, 1);
601 tt_int_op(rv, OP_EQ, 0);
602 tt_assert(parsed);
603 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
604 smartlist_get(descs, 0))->desc_id,OP_EQ, parsed_desc_id, DIGEST_LEN);
605 tt_int_op(rend_parse_introduction_points(parsed, intro_points_encrypted,
606 intro_points_size),OP_EQ, 3);
607 tt_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk));
608 tt_int_op(parsed->timestamp,OP_EQ, now);
609 tt_int_op(parsed->version,OP_EQ, 2);
610 tt_int_op(parsed->protocols,OP_EQ, 42);
611 tt_int_op(smartlist_len(parsed->intro_nodes),OP_EQ, 3);
612 for (i = 0; i < smartlist_len(parsed->intro_nodes); i++) {
613 rend_intro_point_t *par_intro = smartlist_get(parsed->intro_nodes, i),
614 *gen_intro = smartlist_get(generated->intro_nodes, i);
615 extend_info_t *par_info = par_intro->extend_info;
616 extend_info_t *gen_info = gen_intro->extend_info;
617 tt_assert(!crypto_pk_cmp_keys(gen_info->onion_key, par_info->onion_key));
618 tt_mem_op(gen_info->identity_digest,OP_EQ, par_info->identity_digest,
619 DIGEST_LEN);
620 tt_str_op(gen_info->nickname,OP_EQ, par_info->nickname);
621 const tor_addr_port_t *a1, *a2;
622 a1 = extend_info_get_orport(gen_info, AF_INET);
623 a2 = extend_info_get_orport(par_info, AF_INET);
624 tt_assert(a1 && a2);
625 tt_assert(tor_addr_eq(&a1->addr, &a2->addr));
626 tt_int_op(a2->port,OP_EQ, a2->port);
627 }
628
629 rend_service_descriptor_free(parsed);
630 rend_service_descriptor_free(generated);
631 parsed = generated = NULL;
632
633 done:
634 if (descs) {
635 for (i = 0; i < smartlist_len(descs); i++)
636 rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
637 smartlist_free(descs);
638 }
639 if (parsed)
640 rend_service_descriptor_free(parsed);
641 if (generated)
642 rend_service_descriptor_free(generated);
643 if (pk1)
644 crypto_pk_free(pk1);
645 if (pk2)
646 crypto_pk_free(pk2);
647 tor_free(intro_points_encrypted);
648 }
649
650 #define ENT(name) \
651 { #name, test_ ## name , 0, NULL, NULL }
652 #define FORK(name) \
653 { #name, test_ ## name , TT_FORK, NULL, NULL }
654
655 static struct testcase_t test_array[] = {
656 ENT(onion_handshake),
657 { "bad_onion_handshake", test_bad_onion_handshake, 0, NULL, NULL },
658 ENT(onion_queues),
659 { "ntor_handshake", test_ntor_handshake, 0, NULL, NULL },
660 { "fast_handshake", test_fast_handshake, 0, NULL, NULL },
661 FORK(circuit_timeout),
662 FORK(rend_fns),
663
664 END_OF_TESTCASES
665 };
666
667 struct testgroup_t testgroups[] = {
668 { "", test_array },
669 { "accounting/", accounting_tests },
670 { "addr/", addr_tests },
671 { "address/", address_tests },
672 { "address_set/", address_set_tests },
673 { "bridges/", bridges_tests },
674 { "buffer/", buffer_tests },
675 { "bwmgt/", bwmgt_tests },
676 { "cellfmt/", cell_format_tests },
677 { "cellqueue/", cell_queue_tests },
678 { "channel/", channel_tests },
679 { "channelpadding/", channelpadding_tests },
680 { "channeltls/", channeltls_tests },
681 { "checkdir/", checkdir_tests },
682 { "circuitbuild/", circuitbuild_tests },
683 { "circuitpadding/", circuitpadding_tests },
684 { "circuitlist/", circuitlist_tests },
685 { "circuitmux/", circuitmux_tests },
686 { "circuitmux_ewma/", circuitmux_ewma_tests },
687 { "circuitstats/", circuitstats_tests },
688 { "circuituse/", circuituse_tests },
689 { "compat/libevent/", compat_libevent_tests },
690 { "config/", config_tests },
691 { "config/mgr/", confmgr_tests },
692 { "config/parse/", confparse_tests },
693 { "connection/", connection_tests },
694 { "conscache/", conscache_tests },
695 { "consdiff/", consdiff_tests },
696 { "consdiffmgr/", consdiffmgr_tests },
697 { "container/", container_tests },
698 { "container/namemap/", namemap_tests },
699 { "control/", controller_tests },
700 { "control/btrack/", btrack_tests },
701 { "control/event/", controller_event_tests },
702 { "crypto/", crypto_tests },
703 { "crypto/ope/", crypto_ope_tests },
704 #ifdef ENABLE_OPENSSL
705 { "crypto/openssl/", crypto_openssl_tests },
706 #endif
707 { "crypto/pem/", pem_tests },
708 { "crypto/rng/", crypto_rng_tests },
709 { "dir/", dir_tests },
710 { "dir/auth/process_descs/", process_descs_tests },
711 { "dir/md/", microdesc_tests },
712 { "dirauth/dirvote/", dirvote_tests},
713 { "dir/voting/flags/", voting_flags_tests },
714 { "dir/voting/schedule/", voting_schedule_tests },
715 { "dir_handle_get/", dir_handle_get_tests },
716 { "dispatch/", dispatch_tests, },
717 { "dns/", dns_tests },
718 { "dos/", dos_tests },
719 { "entryconn/", entryconn_tests },
720 { "entrynodes/", entrynodes_tests },
721 { "extorport/", extorport_tests },
722 { "geoip/", geoip_tests },
723 { "guardfraction/", guardfraction_tests },
724 { "hs_cache/", hs_cache },
725 { "hs_cell/", hs_cell_tests },
726 { "hs_client/", hs_client_tests },
727 { "hs_common/", hs_common_tests },
728 { "hs_config/", hs_config_tests },
729 { "hs_control/", hs_control_tests },
730 { "hs_descriptor/", hs_descriptor },
731 { "hs_dos/", hs_dos_tests },
732 { "hs_intropoint/", hs_intropoint_tests },
733 { "hs_metrics/", hs_metrics_tests },
734 { "hs_ntor/", hs_ntor_tests },
735 { "hs_ob/", hs_ob_tests },
736 { "hs_service/", hs_service_tests },
737 { "introduce/", introduce_tests },
738 { "keypin/", keypin_tests },
739 { "legacy_hs/", hs_tests },
740 { "link-handshake/", link_handshake_tests },
741 { "mainloop/", mainloop_tests },
742 { "metrics/", metrics_tests },
743 { "netinfo/", netinfo_tests },
744 { "nodelist/", nodelist_tests },
745 { "oom/", oom_tests },
746 { "oos/", oos_tests },
747 { "options/", options_tests },
748 { "options/act/", options_act_tests },
749 { "parsecommon/", parsecommon_tests },
750 { "periodic-event/" , periodic_event_tests },
751 { "policy/" , policy_tests },
752 { "prob_distr/", prob_distr_tests },
753 { "procmon/", procmon_tests },
754 { "process/", process_tests },
755 { "proto/haproxy/", proto_haproxy_tests },
756 { "proto/http/", proto_http_tests },
757 { "proto/misc/", proto_misc_tests },
758 { "protover/", protover_tests },
759 { "pt/", pt_tests },
760 { "pubsub/build/", pubsub_build_tests },
761 { "pubsub/msg/", pubsub_msg_tests },
762 { "relay/" , relay_tests },
763 { "relaycell/", relaycell_tests },
764 { "relaycrypt/", relaycrypt_tests },
765 { "rend_cache/", rend_cache_tests },
766 { "replaycache/", replaycache_tests },
767 { "router/", router_tests },
768 { "routerkeys/", routerkeys_tests },
769 { "routerlist/", routerlist_tests },
770 { "routerset/" , routerset_tests },
771 { "scheduler/", scheduler_tests },
772 { "sendme/", sendme_tests },
773 { "shared-random/", sr_tests },
774 { "socks/", socks_tests },
775 { "statefile/", statefile_tests },
776 { "stats/", stats_tests },
777 { "status/" , status_tests },
778 { "storagedir/", storagedir_tests },
779 { "token_bucket/", token_bucket_tests },
780 { "tortls/", tortls_tests },
781 #ifndef ENABLE_NSS
782 { "tortls/openssl/", tortls_openssl_tests },
783 #endif
784 { "tortls/x509/", x509_tests },
785 { "util/", util_tests },
786 { "util/format/", util_format_tests },
787 { "util/handle/", handle_tests },
788 { "util/logging/", logging_tests },
789 { "util/process/", util_process_tests },
790 { "util/thread/", thread_tests },
791 END_OF_GROUPS
792 };
The Onion Router