1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2018, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
7 #define DIRVOTE_PRIVATE
9 #include "core/or/or.h"
10 #include "feature/dirauth/dirvote.h"
11 #include "feature/nodelist/nodelist.h"
12 #include "feature/nodelist/routerlist.h"
13 #include "feature/dirparse/authcert_parse.h"
14 #include "feature/dirparse/ns_parse.h"
15 #include "test/test_dir_common.h"
16 #include "feature/dircommon/voting_schedule.h"
18 #include "feature/nodelist/authority_cert_st.h"
19 #include "feature/nodelist/networkstatus_st.h"
20 #include "feature/nodelist/networkstatus_voter_info_st.h"
21 #include "feature/nodelist/routerinfo_st.h"
22 #include "feature/dirauth/vote_microdesc_hash_st.h"
23 #include "feature/nodelist/vote_routerstatus_st.h"
25 void dir_common_setup_vote(networkstatus_t
**vote
, time_t now
);
26 networkstatus_t
* dir_common_add_rs_and_parse(networkstatus_t
*vote
,
27 networkstatus_t
**vote_out
,
28 vote_routerstatus_t
* (*vrs_gen
)(int idx
, time_t now
),
29 crypto_pk_t
*sign_skey
, int *n_vrs
,
30 time_t now
, int clear_rl
);
32 /** Initialize and set auth certs and keys
33 * Returns 0 on success, -1 on failure. Clean up handled by caller.
36 dir_common_authority_pk_init(authority_cert_t
**cert1
,
37 authority_cert_t
**cert2
,
38 authority_cert_t
**cert3
,
39 crypto_pk_t
**sign_skey_1
,
40 crypto_pk_t
**sign_skey_2
,
41 crypto_pk_t
**sign_skey_3
)
43 /* Parse certificates and keys. */
44 authority_cert_t
*cert
;
45 cert
= authority_cert_parse_from_string(AUTHORITY_CERT_1
,
46 strlen(AUTHORITY_CERT_1
),
49 tt_assert(cert
->identity_key
);
52 *cert2
= authority_cert_parse_from_string(AUTHORITY_CERT_2
,
53 strlen(AUTHORITY_CERT_2
),
56 *cert3
= authority_cert_parse_from_string(AUTHORITY_CERT_3
,
57 strlen(AUTHORITY_CERT_3
),
60 *sign_skey_1
= crypto_pk_new();
61 *sign_skey_2
= crypto_pk_new();
62 *sign_skey_3
= crypto_pk_new();
64 tt_assert(!crypto_pk_read_private_key_from_string(*sign_skey_1
,
65 AUTHORITY_SIGNKEY_1
, -1));
66 tt_assert(!crypto_pk_read_private_key_from_string(*sign_skey_2
,
67 AUTHORITY_SIGNKEY_2
, -1));
68 tt_assert(!crypto_pk_read_private_key_from_string(*sign_skey_3
,
69 AUTHORITY_SIGNKEY_3
, -1));
71 tt_assert(!crypto_pk_cmp_keys(*sign_skey_1
, (*cert1
)->signing_key
));
72 tt_assert(!crypto_pk_cmp_keys(*sign_skey_2
, (*cert2
)->signing_key
));
80 * Generate a routerstatus for v3_networkstatus test.
83 dir_common_gen_routerstatus_for_v3ns(int idx
, time_t now
)
85 vote_routerstatus_t
*vrs
=NULL
;
86 routerstatus_t
*rs
= NULL
;
88 char *method_list
= NULL
;
92 /* Generate the first routerstatus. */
93 vrs
= tor_malloc_zero(sizeof(vote_routerstatus_t
));
95 vrs
->version
= tor_strdup("0.1.2.14");
96 rs
->published_on
= now
-1500;
97 strlcpy(rs
->nickname
, "router2", sizeof(rs
->nickname
));
98 memset(rs
->identity_digest
, TEST_DIR_ROUTER_ID_1
, DIGEST_LEN
);
99 memset(rs
->descriptor_digest
, TEST_DIR_ROUTER_DD_1
, DIGEST_LEN
);
100 rs
->addr
= 0x99008801;
103 /* all flags but running and v2dir cleared */
104 rs
->is_flagged_running
= 1;
106 rs
->is_valid
= 1; /* xxxxx */
109 /* Generate the second routerstatus. */
110 vrs
= tor_malloc_zero(sizeof(vote_routerstatus_t
));
112 vrs
->version
= tor_strdup("0.2.0.5");
113 rs
->published_on
= now
-1000;
114 strlcpy(rs
->nickname
, "router1", sizeof(rs
->nickname
));
115 memset(rs
->identity_digest
, TEST_DIR_ROUTER_ID_2
, DIGEST_LEN
);
116 memset(rs
->descriptor_digest
, TEST_DIR_ROUTER_DD_2
, DIGEST_LEN
);
117 rs
->addr
= 0x99009901;
120 tor_addr_parse(&addr_ipv6
, "[1:2:3::4]");
121 tor_addr_copy(&rs
->ipv6_addr
, &addr_ipv6
);
122 rs
->ipv6_orport
= 4711;
123 rs
->is_exit
= rs
->is_stable
= rs
->is_fast
= rs
->is_flagged_running
=
124 rs
->is_valid
= rs
->is_possible_guard
= rs
->is_v2_dir
= 1;
127 /* Generate the third routerstatus. */
128 vrs
= tor_malloc_zero(sizeof(vote_routerstatus_t
));
130 vrs
->version
= tor_strdup("0.1.0.3");
131 rs
->published_on
= now
-1000;
132 strlcpy(rs
->nickname
, "router3", sizeof(rs
->nickname
));
133 memset(rs
->identity_digest
, TEST_DIR_ROUTER_ID_3
, DIGEST_LEN
);
134 memset(rs
->descriptor_digest
, TEST_DIR_ROUTER_DD_3
, DIGEST_LEN
);
135 rs
->addr
= 0xAA009901;
138 rs
->is_authority
= rs
->is_exit
= rs
->is_stable
= rs
->is_fast
=
139 rs
->is_flagged_running
= rs
->is_valid
= rs
->is_v2_dir
=
140 rs
->is_possible_guard
= 1;
143 /* Generate a fourth routerstatus that is not running. */
144 vrs
= tor_malloc_zero(sizeof(vote_routerstatus_t
));
146 vrs
->version
= tor_strdup("0.1.6.3");
147 rs
->published_on
= now
-1000;
148 strlcpy(rs
->nickname
, "router4", sizeof(rs
->nickname
));
149 memset(rs
->identity_digest
, TEST_DIR_ROUTER_ID_4
, DIGEST_LEN
);
150 memset(rs
->descriptor_digest
, TEST_DIR_ROUTER_DD_4
, DIGEST_LEN
);
151 rs
->addr
= 0xC0000203;
155 /* Running flag (and others) cleared */
158 /* No more for this test; return NULL */
162 /* Shouldn't happen */
166 vrs
->microdesc
= tor_malloc_zero(sizeof(vote_microdesc_hash_t
));
167 method_list
= make_consensus_method_list(MIN_SUPPORTED_CONSENSUS_METHOD
,
168 MAX_SUPPORTED_CONSENSUS_METHOD
,
170 tor_asprintf(&vrs
->microdesc
->microdesc_hash_line
,
172 "sha256=xyzajkldsdsajdadlsdjaslsdksdjlsdjsdaskdaaa%d\n",
177 tor_free(method_list
);
181 /** Initialize networkstatus vote object attributes. */
183 dir_common_setup_vote(networkstatus_t
**vote
, time_t now
)
185 *vote
= tor_malloc_zero(sizeof(networkstatus_t
));
186 (*vote
)->type
= NS_TYPE_VOTE
;
187 (*vote
)->published
= now
;
188 (*vote
)->supported_methods
= smartlist_new();
189 (*vote
)->known_flags
= smartlist_new();
190 (*vote
)->net_params
= smartlist_new();
191 (*vote
)->routerstatus_list
= smartlist_new();
192 (*vote
)->voters
= smartlist_new();
195 /** Helper: Make a new routerinfo containing the right information for a
196 * given vote_routerstatus_t. */
198 dir_common_generate_ri_from_rs(const vote_routerstatus_t
*vrs
)
201 const routerstatus_t
*rs
= &vrs
->status
;
202 static time_t published
= 0;
204 r
= tor_malloc_zero(sizeof(routerinfo_t
));
205 r
->cert_expiration_time
= TIME_MAX
;
206 memcpy(r
->cache_info
.identity_digest
, rs
->identity_digest
, DIGEST_LEN
);
207 memcpy(r
->cache_info
.signed_descriptor_digest
, rs
->descriptor_digest
,
209 r
->cache_info
.do_not_cache
= 1;
210 r
->cache_info
.routerlist_index
= -1;
211 r
->cache_info
.signed_descriptor_body
=
212 tor_strdup("123456789012345678901234567890123");
213 r
->cache_info
.signed_descriptor_len
=
214 strlen(r
->cache_info
.signed_descriptor_body
);
215 r
->exit_policy
= smartlist_new();
216 r
->cache_info
.published_on
= ++published
+ time(NULL
);
217 if (rs
->has_bandwidth
) {
219 * Multiply by 1000 because the routerinfo_t and the routerstatus_t
220 * seem to use different units (*sigh*) and because we seem stuck on
221 * icky and perverse decimal kilobytes (*double sigh*) - see
222 * router_get_advertised_bandwidth_capped() of routerlist.c and
223 * routerstatus_format_entry() of dirserv.c.
225 r
->bandwidthrate
= rs
->bandwidth_kb
* 1000;
226 r
->bandwidthcapacity
= rs
->bandwidth_kb
* 1000;
231 /** Create routerstatuses and signed vote.
232 * Create routerstatuses using *vrs_gen* and add them to global routerlist.
233 * Next, create signed vote using *sign_skey* and *vote*, which should have
234 * predefined header fields.
235 * Setting *clear_rl* clears the global routerlist before adding the new
237 * Return the signed vote, same as *vote_out*. Save the number of routers added
241 dir_common_add_rs_and_parse(networkstatus_t
*vote
, networkstatus_t
**vote_out
,
242 vote_routerstatus_t
* (*vrs_gen
)(int idx
, time_t now
),
243 crypto_pk_t
*sign_skey
, int *n_vrs
, time_t now
,
246 vote_routerstatus_t
*vrs
;
248 const char *msg
=NULL
;
250 was_router_added_t router_added
= -1;
255 routerlist_free_all();
260 vrs
= vrs_gen(idx
, now
);
262 smartlist_add(vote
->routerstatus_list
, vrs
);
264 router_add_to_routerlist(dir_common_generate_ri_from_rs(vrs
),
266 tt_assert(router_added
>= 0);
272 /* dump the vote and try to parse it. */
273 v_text
= format_networkstatus_vote(sign_skey
, vote
);
275 *vote_out
= networkstatus_parse_vote_from_string(v_text
,
286 /** Create a fake *vote* where *cert* describes the signer, *sign_skey*
287 * is the signing key, and *vrs_gen* is the function we'll use to create the
288 * routers on which we're voting.
289 * We pass *vote_out*, *n_vrs*, and *clear_rl* directly to vrs_gen().
290 * Return 0 on success, return -1 on failure.
293 dir_common_construct_vote_1(networkstatus_t
**vote
, authority_cert_t
*cert
,
294 crypto_pk_t
*sign_skey
,
295 vote_routerstatus_t
* (*vrs_gen
)(int idx
, time_t now
),
296 networkstatus_t
**vote_out
, int *n_vrs
,
297 time_t now
, int clear_rl
)
299 networkstatus_voter_info_t
*voter
;
301 dir_common_setup_vote(vote
, now
);
302 (*vote
)->valid_after
= now
+1000;
303 (*vote
)->fresh_until
= now
+2000;
304 (*vote
)->valid_until
= now
+3000;
305 (*vote
)->vote_seconds
= 100;
306 (*vote
)->dist_seconds
= 200;
307 smartlist_split_string((*vote
)->supported_methods
, "1 2 3", NULL
, 0, -1);
308 (*vote
)->client_versions
= tor_strdup("0.1.2.14,0.1.2.15");
309 (*vote
)->server_versions
= tor_strdup("0.1.2.14,0.1.2.15,0.1.2.16");
310 smartlist_split_string((*vote
)->known_flags
,
311 "Authority Exit Fast Guard Running Stable V2Dir Valid",
312 0, SPLIT_SKIP_SPACE
|SPLIT_IGNORE_BLANK
, 0);
313 voter
= tor_malloc_zero(sizeof(networkstatus_voter_info_t
));
314 voter
->nickname
= tor_strdup("Voter1");
315 voter
->address
= tor_strdup("1.2.3.4");
316 voter
->addr
= 0x01020304;
317 voter
->dir_port
= 80;
318 voter
->or_port
= 9000;
319 voter
->contact
= tor_strdup("voter@example.com");
320 crypto_pk_get_digest(cert
->identity_key
, voter
->identity_digest
);
322 * Set up a vote; generate it; try to parse it.
324 smartlist_add((*vote
)->voters
, voter
);
325 (*vote
)->cert
= authority_cert_dup(cert
);
326 smartlist_split_string((*vote
)->net_params
, "circuitwindow=101 foo=990",
329 /* add routerstatuses */
330 if (!dir_common_add_rs_and_parse(*vote
, vote_out
, vrs_gen
, sign_skey
,
331 n_vrs
, now
, clear_rl
))
337 /** See dir_common_construct_vote_1.
338 * Produces a vote with slightly different values.
341 dir_common_construct_vote_2(networkstatus_t
**vote
, authority_cert_t
*cert
,
342 crypto_pk_t
*sign_skey
,
343 vote_routerstatus_t
* (*vrs_gen
)(int idx
, time_t now
),
344 networkstatus_t
**vote_out
, int *n_vrs
,
345 time_t now
, int clear_rl
)
347 networkstatus_voter_info_t
*voter
;
349 dir_common_setup_vote(vote
, now
);
350 (*vote
)->type
= NS_TYPE_VOTE
;
351 (*vote
)->published
+= 1;
352 (*vote
)->valid_after
= now
+1000;
353 (*vote
)->fresh_until
= now
+3005;
354 (*vote
)->valid_until
= now
+3000;
355 (*vote
)->vote_seconds
= 100;
356 (*vote
)->dist_seconds
= 300;
357 smartlist_split_string((*vote
)->supported_methods
, "1 2 3", NULL
, 0, -1);
358 smartlist_split_string((*vote
)->known_flags
,
359 "Authority Exit Fast Guard MadeOfCheese MadeOfTin "
360 "Running Stable V2Dir Valid", 0,
361 SPLIT_SKIP_SPACE
|SPLIT_IGNORE_BLANK
, 0);
362 voter
= tor_malloc_zero(sizeof(networkstatus_voter_info_t
));
363 voter
->nickname
= tor_strdup("Voter2");
364 voter
->address
= tor_strdup("2.3.4.5");
365 voter
->addr
= 0x02030405;
366 voter
->dir_port
= 80;
367 voter
->or_port
= 9000;
368 voter
->contact
= tor_strdup("voter@example.com");
369 crypto_pk_get_digest(cert
->identity_key
, voter
->identity_digest
);
371 * Set up a vote; generate it; try to parse it.
373 smartlist_add((*vote
)->voters
, voter
);
374 (*vote
)->cert
= authority_cert_dup(cert
);
375 if (! (*vote
)->net_params
)
376 (*vote
)->net_params
= smartlist_new();
377 smartlist_split_string((*vote
)->net_params
,
378 "bar=2000000000 circuitwindow=20",
380 /* add routerstatuses */
381 /* dump the vote and try to parse it. */
382 dir_common_add_rs_and_parse(*vote
, vote_out
, vrs_gen
, sign_skey
,
383 n_vrs
, now
, clear_rl
);
388 /** See dir_common_construct_vote_1.
389 * Produces a vote with slightly different values. Adds a legacy key.
392 dir_common_construct_vote_3(networkstatus_t
**vote
, authority_cert_t
*cert
,
393 crypto_pk_t
*sign_skey
,
394 vote_routerstatus_t
* (*vrs_gen
)(int idx
, time_t now
),
395 networkstatus_t
**vote_out
, int *n_vrs
,
396 time_t now
, int clear_rl
)
398 networkstatus_voter_info_t
*voter
;
400 dir_common_setup_vote(vote
, now
);
401 (*vote
)->valid_after
= now
+1000;
402 (*vote
)->fresh_until
= now
+2003;
403 (*vote
)->valid_until
= now
+3000;
404 (*vote
)->vote_seconds
= 100;
405 (*vote
)->dist_seconds
= 250;
406 smartlist_split_string((*vote
)->supported_methods
, "1 2 3 4", NULL
, 0, -1);
407 (*vote
)->client_versions
= tor_strdup("0.1.2.14,0.1.2.17");
408 (*vote
)->server_versions
= tor_strdup("0.1.2.10,0.1.2.15,0.1.2.16");
409 smartlist_split_string((*vote
)->known_flags
,
410 "Authority Exit Fast Guard Running Stable V2Dir Valid",
411 0, SPLIT_SKIP_SPACE
|SPLIT_IGNORE_BLANK
, 0);
412 voter
= tor_malloc_zero(sizeof(networkstatus_voter_info_t
));
413 voter
->nickname
= tor_strdup("Voter2");
414 voter
->address
= tor_strdup("3.4.5.6");
415 voter
->addr
= 0x03040506;
416 voter
->dir_port
= 80;
417 voter
->or_port
= 9000;
418 voter
->contact
= tor_strdup("voter@example.com");
419 crypto_pk_get_digest(cert
->identity_key
, voter
->identity_digest
);
420 memset(voter
->legacy_id_digest
, (int)'A', DIGEST_LEN
);
422 * Set up a vote; generate it; try to parse it.
424 smartlist_add((*vote
)->voters
, voter
);
425 (*vote
)->cert
= authority_cert_dup(cert
);
426 smartlist_split_string((*vote
)->net_params
, "circuitwindow=80 foo=660",
428 /* add routerstatuses */
429 /* dump the vote and try to parse it. */
430 dir_common_add_rs_and_parse(*vote
, vote_out
, vrs_gen
, sign_skey
,
431 n_vrs
, now
, clear_rl
);