search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'bug27849_redux'
[tor.git] / src / test / test.c
blob70d91e39672225a399f9b710fe3ebd7a4c1b170d
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2018, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 /**
7 * \file test.c
8 * \brief Unit tests for many pieces of the lower level Tor modules.
9 **/
10
11 #include "orconfig.h"
12 #include "lib/crypt_ops/crypto_dh.h"
13 #include "lib/crypt_ops/crypto_rand.h"
14 #include "app/config/or_state_st.h"
15
16 #include <stdio.h>
17 #ifdef HAVE_FCNTL_H
18 #include <fcntl.h>
19 #endif
20
21 #ifdef _WIN32
22 /* For mkdir() */
23 #include <direct.h>
24 #else
25 #include <dirent.h>
26 #endif /* defined(_WIN32) */
27
28 #include <math.h>
29
30 /* These macros pull in declarations for some functions and structures that
31 * are typically file-private. */
32 #define ROUTER_PRIVATE
33 #define CIRCUITSTATS_PRIVATE
34 #define CIRCUITLIST_PRIVATE
35 #define MAINLOOP_PRIVATE
36 #define STATEFILE_PRIVATE
37
38 #include "core/or/or.h"
39 #include "lib/err/backtrace.h"
40 #include "lib/container/buffers.h"
41 #include "core/or/circuitlist.h"
42 #include "core/or/circuitstats.h"
43 #include "lib/compress/compress.h"
44 #include "app/config/config.h"
45 #include "core/or/connection_edge.h"
46 #include "feature/rend/rendcommon.h"
47 #include "feature/rend/rendcache.h"
48 #include "feature/rend/rendparse.h"
49 #include "test/test.h"
50 #include "core/mainloop/mainloop.h"
51 #include "lib/memarea/memarea.h"
52 #include "core/or/onion.h"
53 #include "core/crypto/onion_ntor.h"
54 #include "core/crypto/onion_fast.h"
55 #include "core/crypto/onion_tap.h"
56 #include "core/or/policies.h"
57 #include "feature/stats/rephist.h"
58 #include "app/config/statefile.h"
59 #include "lib/crypt_ops/crypto_curve25519.h"
60
61 #include "core/or/extend_info_st.h"
62 #include "core/or/or_circuit_st.h"
63 #include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
64 #include "feature/rend/rend_intro_point_st.h"
65 #include "feature/rend/rend_service_descriptor_st.h"
66 #include "feature/relay/onion_queue.h"
67
68 /** Run unit tests for the onion handshake code. */
69 static void
70 test_onion_handshake(void *arg)
71 {
72 /* client-side */
73 crypto_dh_t *c_dh = NULL;
74 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
75 char c_keys[40];
76 /* server-side */
77 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
78 char s_keys[40];
79 int i;
80 /* shared */
81 crypto_pk_t *pk = NULL, *pk2 = NULL;
82
83 (void)arg;
84 pk = pk_generate(0);
85 pk2 = pk_generate(1);
86
87 /* client handshake 1. */
88 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
89 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
90
91 for (i = 1; i <= 3; ++i) {
92 crypto_pk_t *k1, *k2;
93 if (i==1) {
94 /* server handshake: only one key known. */
95 k1 = pk; k2 = NULL;
96 } else if (i==2) {
97 /* server handshake: try the right key first. */
98 k1 = pk; k2 = pk2;
99 } else {
100 /* server handshake: try the right key second. */
101 k1 = pk2; k2 = pk;
102 }
103
104 memset(s_buf, 0, TAP_ONIONSKIN_REPLY_LEN);
105 memset(s_keys, 0, 40);
106 tt_assert(! onion_skin_TAP_server_handshake(c_buf, k1, k2,
107 s_buf, s_keys, 40));
108
109 /* client handshake 2 */
110 memset(c_keys, 0, 40);
111 tt_assert(! onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys,
112 40, NULL));
113
114 tt_mem_op(c_keys,OP_EQ, s_keys, 40);
115 memset(s_buf, 0, 40);
116 tt_mem_op(c_keys,OP_NE, s_buf, 40);
117 }
118 done:
119 crypto_dh_free(c_dh);
120 crypto_pk_free(pk);
121 crypto_pk_free(pk2);
122 }
123
124 static void
125 test_bad_onion_handshake(void *arg)
126 {
127 char junk_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
128 char junk_buf2[TAP_ONIONSKIN_CHALLENGE_LEN];
129 /* client-side */
130 crypto_dh_t *c_dh = NULL;
131 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
132 char c_keys[40];
133 /* server-side */
134 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
135 char s_keys[40];
136 /* shared */
137 crypto_pk_t *pk = NULL, *pk2 = NULL;
138
139 (void)arg;
140
141 pk = pk_generate(0);
142 pk2 = pk_generate(1);
143
144 /* Server: Case 1: the encrypted data is degenerate. */
145 memset(junk_buf, 0, sizeof(junk_buf));
146 crypto_pk_obsolete_public_hybrid_encrypt(pk,
147 junk_buf2, TAP_ONIONSKIN_CHALLENGE_LEN,
148 junk_buf, DH1024_KEY_LEN,
149 PK_PKCS1_OAEP_PADDING, 1);
150 tt_int_op(-1, OP_EQ,
151 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
152 s_buf, s_keys, 40));
153
154 /* Server: Case 2: the encrypted data is not long enough. */
155 memset(junk_buf, 0, sizeof(junk_buf));
156 memset(junk_buf2, 0, sizeof(junk_buf2));
157 crypto_pk_public_encrypt(pk, junk_buf2, sizeof(junk_buf2),
158 junk_buf, 48, PK_PKCS1_OAEP_PADDING);
159 tt_int_op(-1, OP_EQ,
160 onion_skin_TAP_server_handshake(junk_buf2, pk, NULL,
161 s_buf, s_keys, 40));
162
163 /* client handshake 1: do it straight. */
164 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
165 tt_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
166
167 /* Server: Case 3: we just don't have the right key. */
168 tt_int_op(-1, OP_EQ,
169 onion_skin_TAP_server_handshake(c_buf, pk2, NULL,
170 s_buf, s_keys, 40));
171
172 /* Server: Case 4: The RSA-encrypted portion is corrupt. */
173 c_buf[64] ^= 33;
174 tt_int_op(-1, OP_EQ,
175 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
176 s_buf, s_keys, 40));
177 c_buf[64] ^= 33;
178
179 /* (Let the server proceed) */
180 tt_int_op(0, OP_EQ,
181 onion_skin_TAP_server_handshake(c_buf, pk, NULL,
182 s_buf, s_keys, 40));
183
184 /* Client: Case 1: The server sent back junk. */
185 const char *msg = NULL;
186 s_buf[64] ^= 33;
187 tt_int_op(-1, OP_EQ,
188 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
189 s_buf[64] ^= 33;
190 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on onion handshake. "
191 "Bug or attack.");
192
193 /* Let the client finish; make sure it can. */
194 msg = NULL;
195 tt_int_op(0, OP_EQ,
196 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
197 tt_mem_op(s_keys,OP_EQ, c_keys, 40);
198 tt_ptr_op(msg, OP_EQ, NULL);
199
200 /* Client: Case 2: The server sent back a degenerate DH. */
201 memset(s_buf, 0, sizeof(s_buf));
202 tt_int_op(-1, OP_EQ,
203 onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
204 tt_str_op(msg, OP_EQ, "DH computation failed.");
205
206 done:
207 crypto_dh_free(c_dh);
208 crypto_pk_free(pk);
209 crypto_pk_free(pk2);
210 }
211
212 static void
213 test_ntor_handshake(void *arg)
214 {
215 /* client-side */
216 ntor_handshake_state_t *c_state = NULL;
217 uint8_t c_buf[NTOR_ONIONSKIN_LEN];
218 uint8_t c_keys[400];
219
220 /* server-side */
221 di_digest256_map_t *s_keymap=NULL;
222 curve25519_keypair_t s_keypair;
223 uint8_t s_buf[NTOR_REPLY_LEN];
224 uint8_t s_keys[400];
225
226 /* shared */
227 const curve25519_public_key_t *server_pubkey;
228 uint8_t node_id[20] = "abcdefghijklmnopqrst";
229
230 (void) arg;
231
232 /* Make the server some keys */
233 curve25519_secret_key_generate(&s_keypair.seckey, 0);
234 curve25519_public_key_generate(&s_keypair.pubkey, &s_keypair.seckey);
235 dimap_add_entry(&s_keymap, s_keypair.pubkey.public_key, &s_keypair);
236 server_pubkey = &s_keypair.pubkey;
237
238 /* client handshake 1. */
239 memset(c_buf, 0, NTOR_ONIONSKIN_LEN);
240 tt_int_op(0, OP_EQ, onion_skin_ntor_create(node_id, server_pubkey,
241 &c_state, c_buf));
242
243 /* server handshake */
244 memset(s_buf, 0, NTOR_REPLY_LEN);
245 memset(s_keys, 0, 40);
246 tt_int_op(0, OP_EQ, onion_skin_ntor_server_handshake(c_buf, s_keymap, NULL,
247 node_id,
248 s_buf, s_keys, 400));
249
250 /* client handshake 2 */
251 memset(c_keys, 0, 40);
252 tt_int_op(0, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
253 c_keys, 400, NULL));
254
255 tt_mem_op(c_keys,OP_EQ, s_keys, 400);
256 memset(s_buf, 0, 40);
257 tt_mem_op(c_keys,OP_NE, s_buf, 40);
258
259 /* Now try with a bogus server response. Zero input should trigger
260 * All The Problems. */
261 memset(c_keys, 0, 400);
262 memset(s_buf, 0, NTOR_REPLY_LEN);
263 const char *msg = NULL;
264 tt_int_op(-1, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
265 c_keys, 400, &msg));
266 tt_str_op(msg, OP_EQ, "Zero output from curve25519 handshake");
267
268 done:
269 ntor_handshake_state_free(c_state);
270 dimap_free(s_keymap, NULL);
271 }
272
273 static void
274 test_fast_handshake(void *arg)
275 {
276 /* tests for the obsolete "CREATE_FAST" handshake. */
277 (void) arg;
278 fast_handshake_state_t *state = NULL;
279 uint8_t client_handshake[CREATE_FAST_LEN];
280 uint8_t server_handshake[CREATED_FAST_LEN];
281 uint8_t s_keys[100], c_keys[100];
282
283 /* First, test an entire handshake. */
284 memset(client_handshake, 0, sizeof(client_handshake));
285 tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake));
286 tt_assert(! tor_mem_is_zero((char*)client_handshake,
287 sizeof(client_handshake)));
288
289 tt_int_op(0, OP_EQ,
290 fast_server_handshake(client_handshake, server_handshake,
291 s_keys, 100));
292 const char *msg = NULL;
293 tt_int_op(0, OP_EQ,
294 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
295 tt_ptr_op(msg, OP_EQ, NULL);
296 tt_mem_op(s_keys, OP_EQ, c_keys, 100);
297
298 /* Now test a failing handshake. */
299 server_handshake[0] ^= 3;
300 tt_int_op(-1, OP_EQ,
301 fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
302 tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on fast handshake. "
303 "Bug or attack.");
304
305 done:
306 fast_handshake_state_free(state);
307 }
308
309 /** Run unit tests for the onion queues. */
310 static void
311 test_onion_queues(void *arg)
312 {
313 uint8_t buf1[TAP_ONIONSKIN_CHALLENGE_LEN] = {0};
314 uint8_t buf2[NTOR_ONIONSKIN_LEN] = {0};
315
316 or_circuit_t *circ1 = or_circuit_new(0, NULL);
317 or_circuit_t *circ2 = or_circuit_new(0, NULL);
318
319 create_cell_t *onionskin = NULL, *create2_ptr;
320 create_cell_t *create1 = tor_malloc_zero(sizeof(create_cell_t));
321 create_cell_t *create2 = tor_malloc_zero(sizeof(create_cell_t));
322 (void)arg;
323 create2_ptr = create2; /* remember, but do not free */
324
325 create_cell_init(create1, CELL_CREATE, ONION_HANDSHAKE_TYPE_TAP,
326 TAP_ONIONSKIN_CHALLENGE_LEN, buf1);
327 create_cell_init(create2, CELL_CREATE, ONION_HANDSHAKE_TYPE_NTOR,
328 NTOR_ONIONSKIN_LEN, buf2);
329
330 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
331 tt_int_op(0,OP_EQ, onion_pending_add(circ1, create1));
332 create1 = NULL;
333 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
334
335 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
336 tt_int_op(0,OP_EQ, onion_pending_add(circ2, create2));
337 create2 = NULL;
338 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
339
340 tt_ptr_op(circ2,OP_EQ, onion_next_task(&onionskin));
341 tt_int_op(1,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
342 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
343 tt_ptr_op(onionskin, OP_EQ, create2_ptr);
344
345 clear_pending_onions();
346 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
347 tt_int_op(0,OP_EQ, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
348
349 done:
350 circuit_free_(TO_CIRCUIT(circ1));
351 circuit_free_(TO_CIRCUIT(circ2));
352 tor_free(create1);
353 tor_free(create2);
354 tor_free(onionskin);
355 }
356
357 static crypto_cipher_t *crypto_rand_aes_cipher = NULL;
358
359 // Mock replacement for crypto_rand: Generates bytes from a provided AES_CTR
360 // cipher in <b>crypto_rand_aes_cipher</b>.
361 static void
362 crypto_rand_deterministic_aes(char *out, size_t n)
363 {
364 tor_assert(crypto_rand_aes_cipher);
365 memset(out, 0, n);
366 crypto_cipher_crypt_inplace(crypto_rand_aes_cipher, out, n);
367 }
368
369 static void
370 test_circuit_timeout(void *arg)
371 {
372 /* Plan:
373 * 1. Generate 1000 samples
374 * 2. Estimate parameters
375 * 3. If difference, repeat
376 * 4. Save state
377 * 5. load state
378 * 6. Estimate parameters
379 * 7. compare differences
380 */
381 circuit_build_times_t initial;
382 circuit_build_times_t estimate;
383 circuit_build_times_t final;
384 double timeout1, timeout2;
385 or_state_t *state=NULL;
386 int i, runs;
387 double close_ms;
388 (void)arg;
389
390 initialize_periodic_events();
391
392 circuit_build_times_init(&initial);
393 circuit_build_times_init(&estimate);
394 circuit_build_times_init(&final);
395
396 state = or_state_new();
397
398 // Use a deterministic RNG here, or else we'll get nondeterministic
399 // coverage in some of the circuitstats functions.
400 MOCK(crypto_rand, crypto_rand_deterministic_aes);
401 crypto_rand_aes_cipher = crypto_cipher_new("xyzzyplughplover");
402
403 circuitbuild_running_unit_tests();
404 #define timeout0 (build_time_t)(30*1000.0)
405 initial.Xm = 3000;
406 circuit_build_times_initial_alpha(&initial,
407 CBT_DEFAULT_QUANTILE_CUTOFF/100.0,
408 timeout0);
409 close_ms = MAX(circuit_build_times_calculate_timeout(&initial,
410 CBT_DEFAULT_CLOSE_QUANTILE/100.0),
411 CBT_DEFAULT_TIMEOUT_INITIAL_VALUE);
412 do {
413 for (i=0; i < CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE; i++) {
414 build_time_t sample = circuit_build_times_generate_sample(&initial,0,1);
415
416 if (sample > close_ms) {
417 circuit_build_times_add_time(&estimate, CBT_BUILD_ABANDONED);
418 } else {
419 circuit_build_times_add_time(&estimate, sample);
420 }
421 }
422 circuit_build_times_update_alpha(&estimate);
423 timeout1 = circuit_build_times_calculate_timeout(&estimate,
424 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
425 circuit_build_times_set_timeout(&estimate);
426 log_notice(LD_CIRC, "Timeout1 is %f, Xm is %d", timeout1, estimate.Xm);
427 /* 2% error */
428 } while (fabs(circuit_build_times_cdf(&initial, timeout0) -
429 circuit_build_times_cdf(&initial, timeout1)) > 0.02);
430
431 tt_int_op(estimate.total_build_times, OP_LE, CBT_NCIRCUITS_TO_OBSERVE);
432
433 circuit_build_times_update_state(&estimate, state);
434 circuit_build_times_free_timeouts(&final);
435 tt_int_op(circuit_build_times_parse_state(&final, state), OP_EQ, 0);
436
437 circuit_build_times_update_alpha(&final);
438 timeout2 = circuit_build_times_calculate_timeout(&final,
439 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
440
441 circuit_build_times_set_timeout(&final);
442 log_notice(LD_CIRC, "Timeout2 is %f, Xm is %d", timeout2, final.Xm);
443
444 /* 5% here because some accuracy is lost due to histogram conversion */
445 tt_assert(fabs(circuit_build_times_cdf(&initial, timeout0) -
446 circuit_build_times_cdf(&initial, timeout2)) < 0.05);
447
448 for (runs = 0; runs < 50; runs++) {
449 int build_times_idx = 0;
450 int total_build_times = 0;
451
452 final.close_ms = final.timeout_ms = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
453 estimate.close_ms = estimate.timeout_ms
454 = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
455
456 for (i = 0; i < CBT_DEFAULT_RECENT_CIRCUITS*2; i++) {
457 circuit_build_times_network_circ_success(&estimate);
458 circuit_build_times_add_time(&estimate,
459 circuit_build_times_generate_sample(&estimate, 0,
460 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
461
462 circuit_build_times_network_circ_success(&estimate);
463 circuit_build_times_add_time(&final,
464 circuit_build_times_generate_sample(&final, 0,
465 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
466 }
467
468 tt_assert(!circuit_build_times_network_check_changed(&estimate));
469 tt_assert(!circuit_build_times_network_check_changed(&final));
470
471 /* Reset liveness to be non-live */
472 final.liveness.network_last_live = 0;
473 estimate.liveness.network_last_live = 0;
474
475 build_times_idx = estimate.build_times_idx;
476 total_build_times = estimate.total_build_times;
477
478 tt_assert(circuit_build_times_network_check_live(&estimate));
479 tt_assert(circuit_build_times_network_check_live(&final));
480
481 circuit_build_times_count_close(&estimate, 0,
482 (time_t)(approx_time()-estimate.close_ms/1000.0-1));
483 circuit_build_times_count_close(&final, 0,
484 (time_t)(approx_time()-final.close_ms/1000.0-1));
485
486 tt_assert(!circuit_build_times_network_check_live(&estimate));
487 tt_assert(!circuit_build_times_network_check_live(&final));
488
489 log_info(LD_CIRC, "idx: %d %d, tot: %d %d",
490 build_times_idx, estimate.build_times_idx,
491 total_build_times, estimate.total_build_times);
492
493 /* Check rollback index. Should match top of loop. */
494 tt_assert(build_times_idx == estimate.build_times_idx);
495 // This can fail if estimate.total_build_times == 1000, because
496 // in that case, rewind actually causes us to lose timeouts
497 if (total_build_times != CBT_NCIRCUITS_TO_OBSERVE)
498 tt_assert(total_build_times == estimate.total_build_times);
499
500 /* Now simulate that the network has become live and we need
501 * a change */
502 circuit_build_times_network_is_live(&estimate);
503 circuit_build_times_network_is_live(&final);
504
505 for (i = 0; i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT; i++) {
506 circuit_build_times_count_timeout(&estimate, 1);
507
508 if (i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1) {
509 circuit_build_times_count_timeout(&final, 1);
510 }
511 }
512
513 tt_int_op(estimate.liveness.after_firsthop_idx, OP_EQ, 0);
514 tt_assert(final.liveness.after_firsthop_idx ==
515 CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1);
516
517 tt_assert(circuit_build_times_network_check_live(&estimate));
518 tt_assert(circuit_build_times_network_check_live(&final));
519
520 circuit_build_times_count_timeout(&final, 1);
521
522 /* Ensure return value for degenerate cases are clamped correctly */
523 initial.alpha = INT32_MAX;
524 tt_assert(circuit_build_times_calculate_timeout(&initial, .99999999) <=
525 INT32_MAX);
526 initial.alpha = 0;
527 tt_assert(circuit_build_times_calculate_timeout(&initial, .5) <=
528 INT32_MAX);
529 }
530
531 done:
532 circuit_build_times_free_timeouts(&initial);
533 circuit_build_times_free_timeouts(&estimate);
534 circuit_build_times_free_timeouts(&final);
535 or_state_free(state);
536 teardown_periodic_events();
537 UNMOCK(crypto_rand);
538 crypto_cipher_free(crypto_rand_aes_cipher);
539 }
540
541 /** Test encoding and parsing of rendezvous service descriptors. */
542 static void
543 test_rend_fns(void *arg)
544 {
545 rend_service_descriptor_t *generated = NULL, *parsed = NULL;
546 char service_id[DIGEST_LEN];
547 char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
548 const char *next_desc;
549 smartlist_t *descs = smartlist_new();
550 char computed_desc_id[DIGEST_LEN];
551 char parsed_desc_id[DIGEST_LEN];
552 crypto_pk_t *pk1 = NULL, *pk2 = NULL;
553 time_t now;
554 char *intro_points_encrypted = NULL;
555 size_t intro_points_size;
556 size_t encoded_size;
557 int i;
558
559 (void)arg;
560
561 /* Initialize the service cache. */
562 rend_cache_init();
563
564 pk1 = pk_generate(0);
565 pk2 = pk_generate(1);
566 generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
567 generated->pk = crypto_pk_dup_key(pk1);
568 crypto_pk_get_digest(generated->pk, service_id);
569 base32_encode(service_id_base32, REND_SERVICE_ID_LEN_BASE32+1,
570 service_id, REND_SERVICE_ID_LEN);
571 now = time(NULL);
572 generated->timestamp = now;
573 generated->version = 2;
574 generated->protocols = 42;
575 generated->intro_nodes = smartlist_new();
576
577 for (i = 0; i < 3; i++) {
578 rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
579 crypto_pk_t *okey = pk_generate(2 + i);
580 intro->extend_info = tor_malloc_zero(sizeof(extend_info_t));
581 intro->extend_info->onion_key = okey;
582 crypto_pk_get_digest(intro->extend_info->onion_key,
583 intro->extend_info->identity_digest);
584 //crypto_rand(info->identity_digest, DIGEST_LEN); /* Would this work? */
585 intro->extend_info->nickname[0] = '$';
586 base16_encode(intro->extend_info->nickname + 1,
587 sizeof(intro->extend_info->nickname) - 1,
588 intro->extend_info->identity_digest, DIGEST_LEN);
589 /* Does not cover all IP addresses. */
590 tor_addr_from_ipv4h(&intro->extend_info->addr, crypto_rand_int(65536));
591 intro->extend_info->port = 1 + crypto_rand_int(65535);
592 intro->intro_key = crypto_pk_dup_key(pk2);
593 smartlist_add(generated->intro_nodes, intro);
594 }
595 int rv = rend_encode_v2_descriptors(descs, generated, now, 0,
596 REND_NO_AUTH, NULL, NULL);
597 tt_int_op(rv, OP_GT, 0);
598 rv = rend_compute_v2_desc_id(computed_desc_id, service_id_base32, NULL,
599 now, 0);
600 tt_int_op(rv, OP_EQ, 0);
601 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
602 smartlist_get(descs, 0))->desc_id, OP_EQ,
603 computed_desc_id, DIGEST_LEN);
604 rv = rend_parse_v2_service_descriptor(&parsed, parsed_desc_id,
605 &intro_points_encrypted, &intro_points_size, &encoded_size,
606 &next_desc,
607 ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0))
608 ->desc_str, 1);
609 tt_int_op(rv, OP_EQ, 0);
610 tt_assert(parsed);
611 tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
612 smartlist_get(descs, 0))->desc_id,OP_EQ, parsed_desc_id, DIGEST_LEN);
613 tt_int_op(rend_parse_introduction_points(parsed, intro_points_encrypted,
614 intro_points_size),OP_EQ, 3);
615 tt_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk));
616 tt_int_op(parsed->timestamp,OP_EQ, now);
617 tt_int_op(parsed->version,OP_EQ, 2);
618 tt_int_op(parsed->protocols,OP_EQ, 42);
619 tt_int_op(smartlist_len(parsed->intro_nodes),OP_EQ, 3);
620 for (i = 0; i < smartlist_len(parsed->intro_nodes); i++) {
621 rend_intro_point_t *par_intro = smartlist_get(parsed->intro_nodes, i),
622 *gen_intro = smartlist_get(generated->intro_nodes, i);
623 extend_info_t *par_info = par_intro->extend_info;
624 extend_info_t *gen_info = gen_intro->extend_info;
625 tt_assert(!crypto_pk_cmp_keys(gen_info->onion_key, par_info->onion_key));
626 tt_mem_op(gen_info->identity_digest,OP_EQ, par_info->identity_digest,
627 DIGEST_LEN);
628 tt_str_op(gen_info->nickname,OP_EQ, par_info->nickname);
629 tt_assert(tor_addr_eq(&gen_info->addr, &par_info->addr));
630 tt_int_op(gen_info->port,OP_EQ, par_info->port);
631 }
632
633 rend_service_descriptor_free(parsed);
634 rend_service_descriptor_free(generated);
635 parsed = generated = NULL;
636
637 done:
638 if (descs) {
639 for (i = 0; i < smartlist_len(descs); i++)
640 rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
641 smartlist_free(descs);
642 }
643 if (parsed)
644 rend_service_descriptor_free(parsed);
645 if (generated)
646 rend_service_descriptor_free(generated);
647 if (pk1)
648 crypto_pk_free(pk1);
649 if (pk2)
650 crypto_pk_free(pk2);
651 tor_free(intro_points_encrypted);
652 }
653
654 /** Run unit tests for stats code. */
655 static void
656 test_stats(void *arg)
657 {
658 time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */
659 char *s = NULL;
660 int i;
661
662 /* Start with testing exit port statistics; we shouldn't collect exit
663 * stats without initializing them. */
664 (void)arg;
665 rep_hist_note_exit_stream_opened(80);
666 rep_hist_note_exit_bytes(80, 100, 10000);
667 s = rep_hist_format_exit_stats(now + 86400);
668 tt_ptr_op(s, OP_EQ, NULL);
669
670 /* Initialize stats, note some streams and bytes, and generate history
671 * string. */
672 rep_hist_exit_stats_init(now);
673 rep_hist_note_exit_stream_opened(80);
674 rep_hist_note_exit_bytes(80, 100, 10000);
675 rep_hist_note_exit_stream_opened(443);
676 rep_hist_note_exit_bytes(443, 100, 10000);
677 rep_hist_note_exit_bytes(443, 100, 10000);
678 s = rep_hist_format_exit_stats(now + 86400);
679 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
680 "exit-kibibytes-written 80=1,443=1,other=0\n"
681 "exit-kibibytes-read 80=10,443=20,other=0\n"
682 "exit-streams-opened 80=4,443=4,other=0\n",OP_EQ, s);
683 tor_free(s);
684
685 /* Add a few bytes on 10 more ports and ensure that only the top 10
686 * ports are contained in the history string. */
687 for (i = 50; i < 60; i++) {
688 rep_hist_note_exit_bytes(i, i, i);
689 rep_hist_note_exit_stream_opened(i);
690 }
691 s = rep_hist_format_exit_stats(now + 86400);
692 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
693 "exit-kibibytes-written 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
694 "59=1,80=1,443=1,other=1\n"
695 "exit-kibibytes-read 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
696 "59=1,80=10,443=20,other=1\n"
697 "exit-streams-opened 52=4,53=4,54=4,55=4,56=4,57=4,58=4,"
698 "59=4,80=4,443=4,other=4\n",OP_EQ, s);
699 tor_free(s);
700
701 /* Stop collecting stats, add some bytes, and ensure we don't generate
702 * a history string. */
703 rep_hist_exit_stats_term();
704 rep_hist_note_exit_bytes(80, 100, 10000);
705 s = rep_hist_format_exit_stats(now + 86400);
706 tt_ptr_op(s, OP_EQ, NULL);
707
708 /* Re-start stats, add some bytes, reset stats, and see what history we
709 * get when observing no streams or bytes at all. */
710 rep_hist_exit_stats_init(now);
711 rep_hist_note_exit_stream_opened(80);
712 rep_hist_note_exit_bytes(80, 100, 10000);
713 rep_hist_reset_exit_stats(now);
714 s = rep_hist_format_exit_stats(now + 86400);
715 tt_str_op("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
716 "exit-kibibytes-written other=0\n"
717 "exit-kibibytes-read other=0\n"
718 "exit-streams-opened other=0\n",OP_EQ, s);
719 tor_free(s);
720
721 /* Continue with testing connection statistics; we shouldn't collect
722 * conn stats without initializing them. */
723 rep_hist_note_or_conn_bytes(1, 20, 400, now);
724 s = rep_hist_format_conn_stats(now + 86400);
725 tt_ptr_op(s, OP_EQ, NULL);
726
727 /* Initialize stats, note bytes, and generate history string. */
728 rep_hist_conn_stats_init(now);
729 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
730 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
731 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
732 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
733 s = rep_hist_format_conn_stats(now + 86400);
734 tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,1,0\n",OP_EQ, s);
735 tor_free(s);
736
737 /* Stop collecting stats, add some bytes, and ensure we don't generate
738 * a history string. */
739 rep_hist_conn_stats_term();
740 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
741 s = rep_hist_format_conn_stats(now + 86400);
742 tt_ptr_op(s, OP_EQ, NULL);
743
744 /* Re-start stats, add some bytes, reset stats, and see what history we
745 * get when observing no bytes at all. */
746 rep_hist_conn_stats_init(now);
747 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
748 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
749 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
750 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
751 rep_hist_reset_conn_stats(now);
752 s = rep_hist_format_conn_stats(now + 86400);
753 tt_str_op("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,0,0\n",OP_EQ, s);
754 tor_free(s);
755
756 /* Continue with testing buffer statistics; we shouldn't collect buffer
757 * stats without initializing them. */
758 rep_hist_add_buffer_stats(2.0, 2.0, 20);
759 s = rep_hist_format_buffer_stats(now + 86400);
760 tt_ptr_op(s, OP_EQ, NULL);
761
762 /* Initialize stats, add statistics for a single circuit, and generate
763 * the history string. */
764 rep_hist_buffer_stats_init(now);
765 rep_hist_add_buffer_stats(2.0, 2.0, 20);
766 s = rep_hist_format_buffer_stats(now + 86400);
767 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
768 "cell-processed-cells 20,0,0,0,0,0,0,0,0,0\n"
769 "cell-queued-cells 2.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
770 "0.00,0.00\n"
771 "cell-time-in-queue 2,0,0,0,0,0,0,0,0,0\n"
772 "cell-circuits-per-decile 1\n",OP_EQ, s);
773 tor_free(s);
774
775 /* Add nineteen more circuit statistics to the one that's already in the
776 * history to see that the math works correctly. */
777 for (i = 21; i < 30; i++)
778 rep_hist_add_buffer_stats(2.0, 2.0, i);
779 for (i = 20; i < 30; i++)
780 rep_hist_add_buffer_stats(3.5, 3.5, i);
781 s = rep_hist_format_buffer_stats(now + 86400);
782 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
783 "cell-processed-cells 29,28,27,26,25,24,23,22,21,20\n"
784 "cell-queued-cells 2.75,2.75,2.75,2.75,2.75,2.75,2.75,2.75,"
785 "2.75,2.75\n"
786 "cell-time-in-queue 3,3,3,3,3,3,3,3,3,3\n"
787 "cell-circuits-per-decile 2\n",OP_EQ, s);
788 tor_free(s);
789
790 /* Stop collecting stats, add statistics for one circuit, and ensure we
791 * don't generate a history string. */
792 rep_hist_buffer_stats_term();
793 rep_hist_add_buffer_stats(2.0, 2.0, 20);
794 s = rep_hist_format_buffer_stats(now + 86400);
795 tt_ptr_op(s, OP_EQ, NULL);
796
797 /* Re-start stats, add statistics for one circuit, reset stats, and make
798 * sure that the history has all zeros. */
799 rep_hist_buffer_stats_init(now);
800 rep_hist_add_buffer_stats(2.0, 2.0, 20);
801 rep_hist_reset_buffer_stats(now);
802 s = rep_hist_format_buffer_stats(now + 86400);
803 tt_str_op("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
804 "cell-processed-cells 0,0,0,0,0,0,0,0,0,0\n"
805 "cell-queued-cells 0.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
806 "0.00,0.00\n"
807 "cell-time-in-queue 0,0,0,0,0,0,0,0,0,0\n"
808 "cell-circuits-per-decile 0\n",OP_EQ, s);
809
810 done:
811 tor_free(s);
812 }
813
814 #define ENT(name) \
815 { #name, test_ ## name , 0, NULL, NULL }
816 #define FORK(name) \
817 { #name, test_ ## name , TT_FORK, NULL, NULL }
818
819 static struct testcase_t test_array[] = {
820 ENT(onion_handshake),
821 { "bad_onion_handshake", test_bad_onion_handshake, 0, NULL, NULL },
822 ENT(onion_queues),
823 { "ntor_handshake", test_ntor_handshake, 0, NULL, NULL },
824 { "fast_handshake", test_fast_handshake, 0, NULL, NULL },
825 FORK(circuit_timeout),
826 FORK(rend_fns),
827 FORK(stats),
828
829 END_OF_TESTCASES
830 };
831
832 struct testgroup_t testgroups[] = {
833 { "", test_array },
834 { "accounting/", accounting_tests },
835 { "addr/", addr_tests },
836 { "address/", address_tests },
837 { "address_set/", address_set_tests },
838 { "bridges/", bridges_tests },
839 { "buffer/", buffer_tests },
840 { "bwmgt/", bwmgt_tests },
841 { "cellfmt/", cell_format_tests },
842 { "cellqueue/", cell_queue_tests },
843 { "channel/", channel_tests },
844 { "channelpadding/", channelpadding_tests },
845 { "channeltls/", channeltls_tests },
846 { "checkdir/", checkdir_tests },
847 { "circuitbuild/", circuitbuild_tests },
848 { "circuitlist/", circuitlist_tests },
849 { "circuitmux/", circuitmux_tests },
850 { "circuituse/", circuituse_tests },
851 { "circuitstats/", circuitstats_tests },
852 { "compat/libevent/", compat_libevent_tests },
853 { "config/", config_tests },
854 { "connection/", connection_tests },
855 { "conscache/", conscache_tests },
856 { "consdiff/", consdiff_tests },
857 { "consdiffmgr/", consdiffmgr_tests },
858 { "container/", container_tests },
859 { "control/", controller_tests },
860 { "control/event/", controller_event_tests },
861 { "crypto/", crypto_tests },
862 { "crypto/ope/", crypto_ope_tests },
863 #ifdef ENABLE_OPENSSL
864 { "crypto/openssl/", crypto_openssl_tests },
865 #endif
866 { "crypto/pem/", pem_tests },
867 { "dir/", dir_tests },
868 { "dir_handle_get/", dir_handle_get_tests },
869 { "dir/md/", microdesc_tests },
870 { "dir/voting-schedule/", voting_schedule_tests },
871 { "dos/", dos_tests },
872 { "entryconn/", entryconn_tests },
873 { "entrynodes/", entrynodes_tests },
874 { "guardfraction/", guardfraction_tests },
875 { "extorport/", extorport_tests },
876 { "geoip/", geoip_tests },
877 { "legacy_hs/", hs_tests },
878 { "hs_cache/", hs_cache },
879 { "hs_cell/", hs_cell_tests },
880 { "hs_common/", hs_common_tests },
881 { "hs_config/", hs_config_tests },
882 { "hs_control/", hs_control_tests },
883 { "hs_descriptor/", hs_descriptor },
884 { "hs_ntor/", hs_ntor_tests },
885 { "hs_service/", hs_service_tests },
886 { "hs_client/", hs_client_tests },
887 { "hs_intropoint/", hs_intropoint_tests },
888 { "introduce/", introduce_tests },
889 { "keypin/", keypin_tests },
890 { "link-handshake/", link_handshake_tests },
891 { "mainloop/", mainloop_tests },
892 { "nodelist/", nodelist_tests },
893 { "oom/", oom_tests },
894 { "oos/", oos_tests },
895 { "options/", options_tests },
896 { "periodic-event/" , periodic_event_tests },
897 { "policy/" , policy_tests },
898 { "procmon/", procmon_tests },
899 { "proto/http/", proto_http_tests },
900 { "proto/misc/", proto_misc_tests },
901 { "protover/", protover_tests },
902 { "pt/", pt_tests },
903 { "relay/" , relay_tests },
904 { "relaycell/", relaycell_tests },
905 { "relaycrypt/", relaycrypt_tests },
906 { "rend_cache/", rend_cache_tests },
907 { "replaycache/", replaycache_tests },
908 { "router/", router_tests },
909 { "routerkeys/", routerkeys_tests },
910 { "routerlist/", routerlist_tests },
911 { "routerset/" , routerset_tests },
912 { "scheduler/", scheduler_tests },
913 { "socks/", socks_tests },
914 { "shared-random/", sr_tests },
915 { "status/" , status_tests },
916 { "storagedir/", storagedir_tests },
917 { "tortls/", tortls_tests },
918 #ifndef ENABLE_NSS
919 { "tortls/openssl/", tortls_openssl_tests },
920 #endif
921 { "tortls/x509/", x509_tests },
922 { "util/", util_tests },
923 { "util/format/", util_format_tests },
924 { "util/logging/", logging_tests },
925 { "util/process/", util_process_tests },
926 { "util/thread/", thread_tests },
927 { "util/handle/", handle_tests },
928 { "dns/", dns_tests },
929 END_OF_GROUPS
930 };
The Onion Router