search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
refactor and give it unit tests
[tor.git] / src / test / test.c
blob4ec879234478269a57a31e17d6d0001f96524b5c
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2013, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 /* Ordinarily defined in tor_main.c; this bit is just here to provide one
7 * since we're not linking to tor_main.c */
8 const char tor_git_revision[] = "";
9
10 /**
11 * \file test.c
12 * \brief Unit tests for many pieces of the lower level Tor modules.
13 **/
14
15 #include "orconfig.h"
16
17 #include <stdio.h>
18 #ifdef HAVE_FCNTL_H
19 #include <fcntl.h>
20 #endif
21
22 #ifdef _WIN32
23 /* For mkdir() */
24 #include <direct.h>
25 #else
26 #include <dirent.h>
27 #endif
28
29 /* These macros pull in declarations for some functions and structures that
30 * are typically file-private. */
31 #define BUFFERS_PRIVATE
32 #define CONFIG_PRIVATE
33 #define GEOIP_PRIVATE
34 #define ROUTER_PRIVATE
35 #define CIRCUITSTATS_PRIVATE
36
37 /*
38 * Linux doesn't provide lround in math.h by default, but mac os does...
39 * It's best just to leave math.h out of the picture entirely.
40 */
41 //#include <math.h>
42 long int lround(double x);
43 double fabs(double x);
44
45 #include "or.h"
46 #include "buffers.h"
47 #include "circuitlist.h"
48 #include "circuitstats.h"
49 #include "config.h"
50 #include "connection_edge.h"
51 #include "geoip.h"
52 #include "rendcommon.h"
53 #include "test.h"
54 #include "torgzip.h"
55 #include "mempool.h"
56 #include "memarea.h"
57 #include "onion.h"
58 #include "onion_tap.h"
59 #include "policies.h"
60 #include "rephist.h"
61 #include "routerparse.h"
62 #ifdef CURVE25519_ENABLED
63 #include "crypto_curve25519.h"
64 #include "onion_ntor.h"
65 #endif
66
67 #ifdef USE_DMALLOC
68 #include <dmalloc.h>
69 #include <openssl/crypto.h>
70 #include "main.h"
71 #endif
72
73 /** Set to true if any unit test has failed. Mostly, this is set by the macros
74 * in test.h */
75 int have_failed = 0;
76
77 /** Temporary directory (set up by setup_directory) under which we store all
78 * our files during testing. */
79 static char temp_dir[256];
80 #ifdef _WIN32
81 #define pid_t int
82 #endif
83 static pid_t temp_dir_setup_in_pid = 0;
84
85 /** Select and create the temporary directory we'll use to run our unit tests.
86 * Store it in <b>temp_dir</b>. Exit immediately if we can't create it.
87 * idempotent. */
88 static void
89 setup_directory(void)
90 {
91 static int is_setup = 0;
92 int r;
93 char rnd[256], rnd32[256];
94 if (is_setup) return;
95
96 /* Due to base32 limitation needs to be a multiple of 5. */
97 #define RAND_PATH_BYTES 5
98 crypto_rand(rnd, RAND_PATH_BYTES);
99 base32_encode(rnd32, sizeof(rnd32), rnd, RAND_PATH_BYTES);
100
101 #ifdef _WIN32
102 {
103 char buf[MAX_PATH];
104 const char *tmp = buf;
105 /* If this fails, we're probably screwed anyway */
106 if (!GetTempPathA(sizeof(buf),buf))
107 tmp = "c:\\windows\\temp";
108 tor_snprintf(temp_dir, sizeof(temp_dir),
109 "%s\\tor_test_%d_%s", tmp, (int)getpid(), rnd32);
110 r = mkdir(temp_dir);
111 }
112 #else
113 tor_snprintf(temp_dir, sizeof(temp_dir), "/tmp/tor_test_%d_%s",
114 (int) getpid(), rnd32);
115 r = mkdir(temp_dir, 0700);
116 #endif
117 if (r) {
118 fprintf(stderr, "Can't create directory %s:", temp_dir);
119 perror("");
120 exit(1);
121 }
122 is_setup = 1;
123 temp_dir_setup_in_pid = getpid();
124 }
125
126 /** Return a filename relative to our testing temporary directory */
127 const char *
128 get_fname(const char *name)
129 {
130 static char buf[1024];
131 setup_directory();
132 if (!name)
133 return temp_dir;
134 tor_snprintf(buf,sizeof(buf),"%s/%s",temp_dir,name);
135 return buf;
136 }
137
138 /* Remove a directory and all of its subdirectories */
139 static void
140 rm_rf(const char *dir)
141 {
142 struct stat st;
143 smartlist_t *elements;
144
145 elements = tor_listdir(dir);
146 if (elements) {
147 SMARTLIST_FOREACH_BEGIN(elements, const char *, cp) {
148 char *tmp = NULL;
149 tor_asprintf(&tmp, "%s"PATH_SEPARATOR"%s", dir, cp);
150 if (0 == stat(tmp,&st) && (st.st_mode & S_IFDIR)) {
151 rm_rf(tmp);
152 } else {
153 if (unlink(tmp)) {
154 fprintf(stderr, "Error removing %s: %s\n", tmp, strerror(errno));
155 }
156 }
157 tor_free(tmp);
158 } SMARTLIST_FOREACH_END(cp);
159 SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
160 smartlist_free(elements);
161 }
162 if (rmdir(dir))
163 fprintf(stderr, "Error removing directory %s: %s\n", dir, strerror(errno));
164 }
165
166 /** Remove all files stored under the temporary directory, and the directory
167 * itself. Called by atexit(). */
168 static void
169 remove_directory(void)
170 {
171 if (getpid() != temp_dir_setup_in_pid) {
172 /* Only clean out the tempdir when the main process is exiting. */
173 return;
174 }
175
176 rm_rf(temp_dir);
177 }
178
179 /** Define this if unit tests spend too much time generating public keys*/
180 #undef CACHE_GENERATED_KEYS
181
182 static crypto_pk_t *pregen_keys[5] = {NULL, NULL, NULL, NULL, NULL};
183 #define N_PREGEN_KEYS ((int)(sizeof(pregen_keys)/sizeof(pregen_keys[0])))
184
185 /** Generate and return a new keypair for use in unit tests. If we're using
186 * the key cache optimization, we might reuse keys: we only guarantee that
187 * keys made with distinct values for <b>idx</b> are different. The value of
188 * <b>idx</b> must be at least 0, and less than N_PREGEN_KEYS. */
189 crypto_pk_t *
190 pk_generate(int idx)
191 {
192 #ifdef CACHE_GENERATED_KEYS
193 tor_assert(idx < N_PREGEN_KEYS);
194 if (! pregen_keys[idx]) {
195 pregen_keys[idx] = crypto_pk_new();
196 tor_assert(!crypto_pk_generate_key(pregen_keys[idx]));
197 }
198 return crypto_pk_dup_key(pregen_keys[idx]);
199 #else
200 crypto_pk_t *result;
201 (void) idx;
202 result = crypto_pk_new();
203 tor_assert(!crypto_pk_generate_key(result));
204 return result;
205 #endif
206 }
207
208 /** Free all storage used for the cached key optimization. */
209 static void
210 free_pregenerated_keys(void)
211 {
212 unsigned idx;
213 for (idx = 0; idx < N_PREGEN_KEYS; ++idx) {
214 if (pregen_keys[idx]) {
215 crypto_pk_free(pregen_keys[idx]);
216 pregen_keys[idx] = NULL;
217 }
218 }
219 }
220
221 typedef struct socks_test_data_t {
222 socks_request_t *req;
223 buf_t *buf;
224 } socks_test_data_t;
225
226 static void *
227 socks_test_setup(const struct testcase_t *testcase)
228 {
229 socks_test_data_t *data = tor_malloc(sizeof(socks_test_data_t));
230 (void)testcase;
231 data->buf = buf_new_with_capacity(256);
232 data->req = socks_request_new();
233 config_register_addressmaps(get_options());
234 return data;
235 }
236 static int
237 socks_test_cleanup(const struct testcase_t *testcase, void *ptr)
238 {
239 socks_test_data_t *data = ptr;
240 (void)testcase;
241 buf_free(data->buf);
242 socks_request_free(data->req);
243 tor_free(data);
244 return 1;
245 }
246
247 const struct testcase_setup_t socks_setup = {
248 socks_test_setup, socks_test_cleanup
249 };
250
251 #define SOCKS_TEST_INIT() \
252 socks_test_data_t *testdata = ptr; \
253 buf_t *buf = testdata->buf; \
254 socks_request_t *socks = testdata->req;
255 #define ADD_DATA(buf, s) \
256 write_to_buf(s, sizeof(s)-1, buf)
257
258 static void
259 socks_request_clear(socks_request_t *socks)
260 {
261 tor_free(socks->username);
262 tor_free(socks->password);
263 memset(socks, 0, sizeof(socks_request_t));
264 }
265
266 /** Perform unsupported SOCKS 4 commands */
267 static void
268 test_socks_4_unsupported_commands(void *ptr)
269 {
270 SOCKS_TEST_INIT();
271
272 /* SOCKS 4 Send BIND [02] to IP address 2.2.2.2:4369 */
273 ADD_DATA(buf, "\x04\x02\x11\x11\x02\x02\x02\x02\x00");
274 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
275 get_options()->SafeSocks) == -1);
276 test_eq(4, socks->socks_version);
277 test_eq(0, socks->replylen); /* XXX: shouldn't tor reply? */
278
279 done:
280 ;
281 }
282
283 /** Perform supported SOCKS 4 commands */
284 static void
285 test_socks_4_supported_commands(void *ptr)
286 {
287 SOCKS_TEST_INIT();
288
289 test_eq(0, buf_datalen(buf));
290
291 /* SOCKS 4 Send CONNECT [01] to IP address 2.2.2.2:4370 */
292 ADD_DATA(buf, "\x04\x01\x11\x12\x02\x02\x02\x03\x00");
293 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
294 get_options()->SafeSocks) == 1);
295 test_eq(4, socks->socks_version);
296 test_eq(0, socks->replylen); /* XXX: shouldn't tor reply? */
297 test_eq(SOCKS_COMMAND_CONNECT, socks->command);
298 test_streq("2.2.2.3", socks->address);
299 test_eq(4370, socks->port);
300 test_assert(socks->got_auth == 0);
301 test_assert(! socks->username);
302
303 test_eq(0, buf_datalen(buf));
304 socks_request_clear(socks);
305
306 /* SOCKS 4 Send CONNECT [01] to IP address 2.2.2.2:4369 with userid*/
307 ADD_DATA(buf, "\x04\x01\x11\x12\x02\x02\x02\x04me\x00");
308 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
309 get_options()->SafeSocks) == 1);
310 test_eq(4, socks->socks_version);
311 test_eq(0, socks->replylen); /* XXX: shouldn't tor reply? */
312 test_eq(SOCKS_COMMAND_CONNECT, socks->command);
313 test_streq("2.2.2.4", socks->address);
314 test_eq(4370, socks->port);
315 test_assert(socks->got_auth == 1);
316 test_assert(socks->username);
317 test_eq(2, socks->usernamelen);
318 test_memeq("me", socks->username, 2);
319
320 test_eq(0, buf_datalen(buf));
321 socks_request_clear(socks);
322
323 /* SOCKS 4a Send RESOLVE [F0] request for torproject.org */
324 ADD_DATA(buf, "\x04\xF0\x01\x01\x00\x00\x00\x02me\x00torproject.org\x00");
325 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
326 get_options()->SafeSocks) == 1);
327 test_eq(4, socks->socks_version);
328 test_eq(0, socks->replylen); /* XXX: shouldn't tor reply? */
329 test_streq("torproject.org", socks->address);
330
331 test_eq(0, buf_datalen(buf));
332
333 done:
334 ;
335 }
336
337 /** Perform unsupported SOCKS 5 commands */
338 static void
339 test_socks_5_unsupported_commands(void *ptr)
340 {
341 SOCKS_TEST_INIT();
342
343 /* SOCKS 5 Send unsupported BIND [02] command */
344 ADD_DATA(buf, "\x05\x02\x00\x01");
345
346 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
347 get_options()->SafeSocks), 0);
348 test_eq(0, buf_datalen(buf));
349 test_eq(5, socks->socks_version);
350 test_eq(2, socks->replylen);
351 test_eq(5, socks->reply[0]);
352 test_eq(0, socks->reply[1]);
353 ADD_DATA(buf, "\x05\x02\x00\x01\x02\x02\x02\x01\x01\x01");
354 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
355 get_options()->SafeSocks), -1);
356 /* XXX: shouldn't tor reply 'command not supported' [07]? */
357
358 buf_clear(buf);
359 socks_request_clear(socks);
360
361 /* SOCKS 5 Send unsupported UDP_ASSOCIATE [03] command */
362 ADD_DATA(buf, "\x05\x03\x00\x01\x02");
363 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
364 get_options()->SafeSocks), 0);
365 test_eq(5, socks->socks_version);
366 test_eq(2, socks->replylen);
367 test_eq(5, socks->reply[0]);
368 test_eq(2, socks->reply[1]);
369 ADD_DATA(buf, "\x05\x03\x00\x01\x02\x02\x02\x01\x01\x01");
370 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
371 get_options()->SafeSocks), -1);
372 /* XXX: shouldn't tor reply 'command not supported' [07]? */
373
374 done:
375 ;
376 }
377
378 /** Perform supported SOCKS 5 commands */
379 static void
380 test_socks_5_supported_commands(void *ptr)
381 {
382 SOCKS_TEST_INIT();
383
384 /* SOCKS 5 Send CONNECT [01] to IP address 2.2.2.2:4369 */
385 ADD_DATA(buf, "\x05\x01\x00");
386 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
387 get_options()->SafeSocks), 0);
388 test_eq(5, socks->socks_version);
389 test_eq(2, socks->replylen);
390 test_eq(5, socks->reply[0]);
391 test_eq(0, socks->reply[1]);
392
393 ADD_DATA(buf, "\x05\x01\x00\x01\x02\x02\x02\x02\x11\x11");
394 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
395 get_options()->SafeSocks), 1);
396 test_streq("2.2.2.2", socks->address);
397 test_eq(4369, socks->port);
398
399 test_eq(0, buf_datalen(buf));
400 socks_request_clear(socks);
401
402 /* SOCKS 5 Send CONNECT [01] to FQDN torproject.org:4369 */
403 ADD_DATA(buf, "\x05\x01\x00");
404 ADD_DATA(buf, "\x05\x01\x00\x03\x0Etorproject.org\x11\x11");
405 test_eq(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
406 get_options()->SafeSocks), 1);
407
408 test_eq(5, socks->socks_version);
409 test_eq(2, socks->replylen);
410 test_eq(5, socks->reply[0]);
411 test_eq(0, socks->reply[1]);
412 test_streq("torproject.org", socks->address);
413 test_eq(4369, socks->port);
414
415 test_eq(0, buf_datalen(buf));
416 socks_request_clear(socks);
417
418 /* SOCKS 5 Send RESOLVE [F0] request for torproject.org:4369 */
419 ADD_DATA(buf, "\x05\x01\x00");
420 ADD_DATA(buf, "\x05\xF0\x00\x03\x0Etorproject.org\x01\x02");
421 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
422 get_options()->SafeSocks) == 1);
423 test_eq(5, socks->socks_version);
424 test_eq(2, socks->replylen);
425 test_eq(5, socks->reply[0]);
426 test_eq(0, socks->reply[1]);
427 test_streq("torproject.org", socks->address);
428
429 test_eq(0, buf_datalen(buf));
430 socks_request_clear(socks);
431
432 /* SOCKS 5 Send RESOLVE_PTR [F1] for IP address 2.2.2.5 */
433 ADD_DATA(buf, "\x05\x01\x00");
434 ADD_DATA(buf, "\x05\xF1\x00\x01\x02\x02\x02\x05\x01\x03");
435 test_assert(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
436 get_options()->SafeSocks) == 1);
437 test_eq(5, socks->socks_version);
438 test_eq(2, socks->replylen);
439 test_eq(5, socks->reply[0]);
440 test_eq(0, socks->reply[1]);
441 test_streq("2.2.2.5", socks->address);
442
443 test_eq(0, buf_datalen(buf));
444
445 done:
446 ;
447 }
448
449 /** Perform SOCKS 5 authentication */
450 static void
451 test_socks_5_no_authenticate(void *ptr)
452 {
453 SOCKS_TEST_INIT();
454
455 /*SOCKS 5 No Authentication */
456 ADD_DATA(buf,"\x05\x01\x00");
457 test_assert(!fetch_from_buf_socks(buf, socks,
458 get_options()->TestSocks,
459 get_options()->SafeSocks));
460 test_eq(2, socks->replylen);
461 test_eq(5, socks->reply[0]);
462 test_eq(SOCKS_NO_AUTH, socks->reply[1]);
463
464 test_eq(0, buf_datalen(buf));
465
466 /*SOCKS 5 Send username/password anyway - pretend to be broken */
467 ADD_DATA(buf,"\x01\x02\x01\x01\x02\x01\x01");
468 test_assert(!fetch_from_buf_socks(buf, socks,
469 get_options()->TestSocks,
470 get_options()->SafeSocks));
471 test_eq(5, socks->socks_version);
472 test_eq(2, socks->replylen);
473 test_eq(1, socks->reply[0]);
474 test_eq(0, socks->reply[1]);
475
476 test_eq(2, socks->usernamelen);
477 test_eq(2, socks->passwordlen);
478
479 test_memeq("\x01\x01", socks->username, 2);
480 test_memeq("\x01\x01", socks->password, 2);
481
482 done:
483 ;
484 }
485
486 /** Perform SOCKS 5 authentication */
487 static void
488 test_socks_5_authenticate(void *ptr)
489 {
490 SOCKS_TEST_INIT();
491
492 /* SOCKS 5 Negotiate username/password authentication */
493 ADD_DATA(buf, "\x05\x01\x02");
494
495 test_assert(!fetch_from_buf_socks(buf, socks,
496 get_options()->TestSocks,
497 get_options()->SafeSocks));
498 test_eq(2, socks->replylen);
499 test_eq(5, socks->reply[0]);
500 test_eq(SOCKS_USER_PASS, socks->reply[1]);
501 test_eq(5, socks->socks_version);
502
503 test_eq(0, buf_datalen(buf));
504
505 /* SOCKS 5 Send username/password */
506 ADD_DATA(buf, "\x01\x02me\x08mypasswd");
507 test_assert(!fetch_from_buf_socks(buf, socks,
508 get_options()->TestSocks,
509 get_options()->SafeSocks));
510 test_eq(5, socks->socks_version);
511 test_eq(2, socks->replylen);
512 test_eq(1, socks->reply[0]);
513 test_eq(0, socks->reply[1]);
514
515 test_eq(2, socks->usernamelen);
516 test_eq(8, socks->passwordlen);
517
518 test_memeq("me", socks->username, 2);
519 test_memeq("mypasswd", socks->password, 8);
520
521 done:
522 ;
523 }
524
525 /** Perform SOCKS 5 authentication and send data all in one go */
526 static void
527 test_socks_5_authenticate_with_data(void *ptr)
528 {
529 SOCKS_TEST_INIT();
530
531 /* SOCKS 5 Negotiate username/password authentication */
532 ADD_DATA(buf, "\x05\x01\x02");
533
534 test_assert(!fetch_from_buf_socks(buf, socks,
535 get_options()->TestSocks,
536 get_options()->SafeSocks));
537 test_eq(2, socks->replylen);
538 test_eq(5, socks->reply[0]);
539 test_eq(SOCKS_USER_PASS, socks->reply[1]);
540 test_eq(5, socks->socks_version);
541
542 test_eq(0, buf_datalen(buf));
543
544 /* SOCKS 5 Send username/password */
545 /* SOCKS 5 Send CONNECT [01] to IP address 2.2.2.2:4369 */
546 ADD_DATA(buf, "\x01\x02me\x03you\x05\x01\x00\x01\x02\x02\x02\x02\x11\x11");
547 test_assert(fetch_from_buf_socks(buf, socks,
548 get_options()->TestSocks,
549 get_options()->SafeSocks) == 1);
550 test_eq(5, socks->socks_version);
551 test_eq(2, socks->replylen);
552 test_eq(1, socks->reply[0]);
553 test_eq(0, socks->reply[1]);
554
555 test_streq("2.2.2.2", socks->address);
556 test_eq(4369, socks->port);
557
558 test_eq(2, socks->usernamelen);
559 test_eq(3, socks->passwordlen);
560 test_memeq("me", socks->username, 2);
561 test_memeq("you", socks->password, 3);
562
563 done:
564 ;
565 }
566
567 /** Perform SOCKS 5 authentication before method negotiated */
568 static void
569 test_socks_5_auth_before_negotiation(void *ptr)
570 {
571 SOCKS_TEST_INIT();
572
573 /* SOCKS 5 Send username/password */
574 ADD_DATA(buf, "\x01\x02me\x02me");
575 test_assert(fetch_from_buf_socks(buf, socks,
576 get_options()->TestSocks,
577 get_options()->SafeSocks) == -1);
578 test_eq(0, socks->socks_version);
579 test_eq(0, socks->replylen);
580 test_eq(0, socks->reply[0]);
581 test_eq(0, socks->reply[1]);
582
583 done:
584 ;
585 }
586
587 static void
588 test_buffer_copy(void *arg)
589 {
590 generic_buffer_t *buf=NULL, *buf2=NULL;
591 const char *s;
592 size_t len;
593 char b[256];
594 int i;
595 (void)arg;
596
597 buf = generic_buffer_new();
598 tt_assert(buf);
599
600 /* Copy an empty buffer. */
601 tt_int_op(0, ==, generic_buffer_set_to_copy(&buf2, buf));
602 tt_assert(buf2);
603 tt_int_op(0, ==, generic_buffer_len(buf2));
604
605 /* Now try with a short buffer. */
606 s = "And now comes an act of enormous enormance!";
607 len = strlen(s);
608 generic_buffer_add(buf, s, len);
609 tt_int_op(len, ==, generic_buffer_len(buf));
610 /* Add junk to buf2 so we can test replacing.*/
611 generic_buffer_add(buf2, "BLARG", 5);
612 tt_int_op(0, ==, generic_buffer_set_to_copy(&buf2, buf));
613 tt_int_op(len, ==, generic_buffer_len(buf2));
614 generic_buffer_get(buf2, b, len);
615 test_mem_op(b, ==, s, len);
616 /* Now free buf2 and retry so we can test allocating */
617 generic_buffer_free(buf2);
618 buf2 = NULL;
619 tt_int_op(0, ==, generic_buffer_set_to_copy(&buf2, buf));
620 tt_int_op(len, ==, generic_buffer_len(buf2));
621 generic_buffer_get(buf2, b, len);
622 test_mem_op(b, ==, s, len);
623 /* Clear buf for next test */
624 generic_buffer_get(buf, b, len);
625 tt_int_op(generic_buffer_len(buf),==,0);
626
627 /* Okay, now let's try a bigger buffer. */
628 s = "Quis autem vel eum iure reprehenderit qui in ea voluptate velit "
629 "esse quam nihil molestiae consequatur, vel illum qui dolorem eum "
630 "fugiat quo voluptas nulla pariatur?";
631 len = strlen(s);
632 for (i = 0; i < 256; ++i) {
633 b[0]=i;
634 generic_buffer_add(buf, b, 1);
635 generic_buffer_add(buf, s, len);
636 }
637 tt_int_op(0, ==, generic_buffer_set_to_copy(&buf2, buf));
638 tt_int_op(generic_buffer_len(buf2), ==, generic_buffer_len(buf));
639 for (i = 0; i < 256; ++i) {
640 generic_buffer_get(buf2, b, len+1);
641 tt_int_op((unsigned char)b[0],==,i);
642 test_mem_op(b+1, ==, s, len);
643 }
644
645 done:
646 if (buf)
647 generic_buffer_free(buf);
648 if (buf2)
649 generic_buffer_free(buf2);
650 }
651
652 /** Run unit tests for buffers.c */
653 static void
654 test_buffers(void)
655 {
656 char str[256];
657 char str2[256];
658
659 buf_t *buf = NULL, *buf2 = NULL;
660 const char *cp;
661
662 int j;
663 size_t r;
664
665 /****
666 * buf_new
667 ****/
668 if (!(buf = buf_new()))
669 test_fail();
670
671 //test_eq(buf_capacity(buf), 4096);
672 test_eq(buf_datalen(buf), 0);
673
674 /****
675 * General pointer frobbing
676 */
677 for (j=0;j<256;++j) {
678 str[j] = (char)j;
679 }
680 write_to_buf(str, 256, buf);
681 write_to_buf(str, 256, buf);
682 test_eq(buf_datalen(buf), 512);
683 fetch_from_buf(str2, 200, buf);
684 test_memeq(str, str2, 200);
685 test_eq(buf_datalen(buf), 312);
686 memset(str2, 0, sizeof(str2));
687
688 fetch_from_buf(str2, 256, buf);
689 test_memeq(str+200, str2, 56);
690 test_memeq(str, str2+56, 200);
691 test_eq(buf_datalen(buf), 56);
692 memset(str2, 0, sizeof(str2));
693 /* Okay, now we should be 512 bytes into the 4096-byte buffer. If we add
694 * another 3584 bytes, we hit the end. */
695 for (j=0;j<15;++j) {
696 write_to_buf(str, 256, buf);
697 }
698 assert_buf_ok(buf);
699 test_eq(buf_datalen(buf), 3896);
700 fetch_from_buf(str2, 56, buf);
701 test_eq(buf_datalen(buf), 3840);
702 test_memeq(str+200, str2, 56);
703 for (j=0;j<15;++j) {
704 memset(str2, 0, sizeof(str2));
705 fetch_from_buf(str2, 256, buf);
706 test_memeq(str, str2, 256);
707 }
708 test_eq(buf_datalen(buf), 0);
709 buf_free(buf);
710 buf = NULL;
711
712 /* Okay, now make sure growing can work. */
713 buf = buf_new_with_capacity(16);
714 //test_eq(buf_capacity(buf), 16);
715 write_to_buf(str+1, 255, buf);
716 //test_eq(buf_capacity(buf), 256);
717 fetch_from_buf(str2, 254, buf);
718 test_memeq(str+1, str2, 254);
719 //test_eq(buf_capacity(buf), 256);
720 assert_buf_ok(buf);
721 write_to_buf(str, 32, buf);
722 //test_eq(buf_capacity(buf), 256);
723 assert_buf_ok(buf);
724 write_to_buf(str, 256, buf);
725 assert_buf_ok(buf);
726 //test_eq(buf_capacity(buf), 512);
727 test_eq(buf_datalen(buf), 33+256);
728 fetch_from_buf(str2, 33, buf);
729 test_eq(*str2, str[255]);
730
731 test_memeq(str2+1, str, 32);
732 //test_eq(buf_capacity(buf), 512);
733 test_eq(buf_datalen(buf), 256);
734 fetch_from_buf(str2, 256, buf);
735 test_memeq(str, str2, 256);
736
737 /* now try shrinking: case 1. */
738 buf_free(buf);
739 buf = buf_new_with_capacity(33668);
740 for (j=0;j<67;++j) {
741 write_to_buf(str,255, buf);
742 }
743 //test_eq(buf_capacity(buf), 33668);
744 test_eq(buf_datalen(buf), 17085);
745 for (j=0; j < 40; ++j) {
746 fetch_from_buf(str2, 255,buf);
747 test_memeq(str2, str, 255);
748 }
749
750 /* now try shrinking: case 2. */
751 buf_free(buf);
752 buf = buf_new_with_capacity(33668);
753 for (j=0;j<67;++j) {
754 write_to_buf(str,255, buf);
755 }
756 for (j=0; j < 20; ++j) {
757 fetch_from_buf(str2, 255,buf);
758 test_memeq(str2, str, 255);
759 }
760 for (j=0;j<80;++j) {
761 write_to_buf(str,255, buf);
762 }
763 //test_eq(buf_capacity(buf),33668);
764 for (j=0; j < 120; ++j) {
765 fetch_from_buf(str2, 255,buf);
766 test_memeq(str2, str, 255);
767 }
768
769 /* Move from buf to buf. */
770 buf_free(buf);
771 buf = buf_new_with_capacity(4096);
772 buf2 = buf_new_with_capacity(4096);
773 for (j=0;j<100;++j)
774 write_to_buf(str, 255, buf);
775 test_eq(buf_datalen(buf), 25500);
776 for (j=0;j<100;++j) {
777 r = 10;
778 move_buf_to_buf(buf2, buf, &r);
779 test_eq(r, 0);
780 }
781 test_eq(buf_datalen(buf), 24500);
782 test_eq(buf_datalen(buf2), 1000);
783 for (j=0;j<3;++j) {
784 fetch_from_buf(str2, 255, buf2);
785 test_memeq(str2, str, 255);
786 }
787 r = 8192; /*big move*/
788 move_buf_to_buf(buf2, buf, &r);
789 test_eq(r, 0);
790 r = 30000; /* incomplete move */
791 move_buf_to_buf(buf2, buf, &r);
792 test_eq(r, 13692);
793 for (j=0;j<97;++j) {
794 fetch_from_buf(str2, 255, buf2);
795 test_memeq(str2, str, 255);
796 }
797 buf_free(buf);
798 buf_free(buf2);
799 buf = buf2 = NULL;
800
801 buf = buf_new_with_capacity(5);
802 cp = "Testing. This is a moderately long Testing string.";
803 for (j = 0; cp[j]; j++)
804 write_to_buf(cp+j, 1, buf);
805 test_eq(0, buf_find_string_offset(buf, "Testing", 7));
806 test_eq(1, buf_find_string_offset(buf, "esting", 6));
807 test_eq(1, buf_find_string_offset(buf, "est", 3));
808 test_eq(39, buf_find_string_offset(buf, "ing str", 7));
809 test_eq(35, buf_find_string_offset(buf, "Testing str", 11));
810 test_eq(32, buf_find_string_offset(buf, "ng ", 3));
811 test_eq(43, buf_find_string_offset(buf, "string.", 7));
812 test_eq(-1, buf_find_string_offset(buf, "shrdlu", 6));
813 test_eq(-1, buf_find_string_offset(buf, "Testing thing", 13));
814 test_eq(-1, buf_find_string_offset(buf, "ngx", 3));
815 buf_free(buf);
816 buf = NULL;
817
818 /* Try adding a string too long for any freelist. */
819 {
820 char *cp = tor_malloc_zero(65536);
821 buf = buf_new();
822 write_to_buf(cp, 65536, buf);
823 tor_free(cp);
824
825 tt_int_op(buf_datalen(buf), ==, 65536);
826 buf_free(buf);
827 buf = NULL;
828 }
829
830 done:
831 if (buf)
832 buf_free(buf);
833 if (buf2)
834 buf_free(buf2);
835 }
836
837 /** Run unit tests for the onion handshake code. */
838 static void
839 test_onion_handshake(void)
840 {
841 /* client-side */
842 crypto_dh_t *c_dh = NULL;
843 char c_buf[TAP_ONIONSKIN_CHALLENGE_LEN];
844 char c_keys[40];
845
846 /* server-side */
847 char s_buf[TAP_ONIONSKIN_REPLY_LEN];
848 char s_keys[40];
849
850 /* shared */
851 crypto_pk_t *pk = NULL;
852
853 pk = pk_generate(0);
854
855 /* client handshake 1. */
856 memset(c_buf, 0, TAP_ONIONSKIN_CHALLENGE_LEN);
857 test_assert(! onion_skin_TAP_create(pk, &c_dh, c_buf));
858
859 /* server handshake */
860 memset(s_buf, 0, TAP_ONIONSKIN_REPLY_LEN);
861 memset(s_keys, 0, 40);
862 test_assert(! onion_skin_TAP_server_handshake(c_buf, pk, NULL,
863 s_buf, s_keys, 40));
864
865 /* client handshake 2 */
866 memset(c_keys, 0, 40);
867 test_assert(! onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40));
868
869 if (memcmp(c_keys, s_keys, 40)) {
870 puts("Aiiiie");
871 exit(1);
872 }
873 test_memeq(c_keys, s_keys, 40);
874 memset(s_buf, 0, 40);
875 test_memneq(c_keys, s_buf, 40);
876
877 done:
878 if (c_dh)
879 crypto_dh_free(c_dh);
880 if (pk)
881 crypto_pk_free(pk);
882 }
883
884 #ifdef CURVE25519_ENABLED
885 static void
886 test_ntor_handshake(void *arg)
887 {
888 /* client-side */
889 ntor_handshake_state_t *c_state = NULL;
890 uint8_t c_buf[NTOR_ONIONSKIN_LEN];
891 uint8_t c_keys[400];
892
893 /* server-side */
894 di_digest256_map_t *s_keymap=NULL;
895 curve25519_keypair_t s_keypair;
896 uint8_t s_buf[NTOR_REPLY_LEN];
897 uint8_t s_keys[400];
898
899 /* shared */
900 const curve25519_public_key_t *server_pubkey;
901 uint8_t node_id[20] = "abcdefghijklmnopqrst";
902
903 (void) arg;
904
905 /* Make the server some keys */
906 curve25519_secret_key_generate(&s_keypair.seckey, 0);
907 curve25519_public_key_generate(&s_keypair.pubkey, &s_keypair.seckey);
908 dimap_add_entry(&s_keymap, s_keypair.pubkey.public_key, &s_keypair);
909 server_pubkey = &s_keypair.pubkey;
910
911 /* client handshake 1. */
912 memset(c_buf, 0, NTOR_ONIONSKIN_LEN);
913 tt_int_op(0, ==, onion_skin_ntor_create(node_id, server_pubkey,
914 &c_state, c_buf));
915
916 /* server handshake */
917 memset(s_buf, 0, NTOR_REPLY_LEN);
918 memset(s_keys, 0, 40);
919 tt_int_op(0, ==, onion_skin_ntor_server_handshake(c_buf, s_keymap, NULL,
920 node_id,
921 s_buf, s_keys, 400));
922
923 /* client handshake 2 */
924 memset(c_keys, 0, 40);
925 tt_int_op(0, ==, onion_skin_ntor_client_handshake(c_state, s_buf,
926 c_keys, 400));
927
928 test_memeq(c_keys, s_keys, 400);
929 memset(s_buf, 0, 40);
930 test_memneq(c_keys, s_buf, 40);
931
932 done:
933 ntor_handshake_state_free(c_state);
934 dimap_free(s_keymap, NULL);
935 }
936 #endif
937
938 /** Run unit tests for the onion queues. */
939 static void
940 test_onion_queues(void)
941 {
942 uint8_t buf1[TAP_ONIONSKIN_CHALLENGE_LEN] = {0};
943 uint8_t buf2[NTOR_ONIONSKIN_LEN] = {0};
944
945 or_circuit_t *circ1 = or_circuit_new(0, NULL);
946 or_circuit_t *circ2 = or_circuit_new(0, NULL);
947
948 create_cell_t *onionskin = NULL;
949 create_cell_t *create1 = tor_malloc_zero(sizeof(create_cell_t));
950 create_cell_t *create2 = tor_malloc_zero(sizeof(create_cell_t));
951
952 create_cell_init(create1, CELL_CREATE, ONION_HANDSHAKE_TYPE_TAP,
953 TAP_ONIONSKIN_CHALLENGE_LEN, buf1);
954 create_cell_init(create2, CELL_CREATE, ONION_HANDSHAKE_TYPE_NTOR,
955 NTOR_ONIONSKIN_LEN, buf2);
956
957 test_eq(0, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
958 test_eq(0, onion_pending_add(circ1, create1));
959 test_eq(1, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
960
961 test_eq(0, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
962 test_eq(0, onion_pending_add(circ2, create2));
963 test_eq(1, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
964
965 test_eq_ptr(circ2, onion_next_task(&onionskin));
966 test_eq(1, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
967 test_eq(0, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
968
969 clear_pending_onions();
970 test_eq(0, onion_num_pending(ONION_HANDSHAKE_TYPE_TAP));
971 test_eq(0, onion_num_pending(ONION_HANDSHAKE_TYPE_NTOR));
972
973 done:
974 ;
975 // circuit_free(circ1);
976 // circuit_free(circ2);
977 /* and free create1 and create2 */
978 /* XXX leaks everything here */
979 }
980
981 static void
982 test_circuit_timeout(void)
983 {
984 /* Plan:
985 * 1. Generate 1000 samples
986 * 2. Estimate parameters
987 * 3. If difference, repeat
988 * 4. Save state
989 * 5. load state
990 * 6. Estimate parameters
991 * 7. compare differences
992 */
993 circuit_build_times_t initial;
994 circuit_build_times_t estimate;
995 circuit_build_times_t final;
996 double timeout1, timeout2;
997 or_state_t state;
998 int i, runs;
999 double close_ms;
1000 circuit_build_times_init(&initial);
1001 circuit_build_times_init(&estimate);
1002 circuit_build_times_init(&final);
1003
1004 memset(&state, 0, sizeof(or_state_t));
1005
1006 circuitbuild_running_unit_tests();
1007 #define timeout0 (build_time_t)(30*1000.0)
1008 initial.Xm = 3000;
1009 circuit_build_times_initial_alpha(&initial,
1010 CBT_DEFAULT_QUANTILE_CUTOFF/100.0,
1011 timeout0);
1012 close_ms = MAX(circuit_build_times_calculate_timeout(&initial,
1013 CBT_DEFAULT_CLOSE_QUANTILE/100.0),
1014 CBT_DEFAULT_TIMEOUT_INITIAL_VALUE);
1015 do {
1016 for (i=0; i < CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE; i++) {
1017 build_time_t sample = circuit_build_times_generate_sample(&initial,0,1);
1018
1019 if (sample > close_ms) {
1020 circuit_build_times_add_time(&estimate, CBT_BUILD_ABANDONED);
1021 } else {
1022 circuit_build_times_add_time(&estimate, sample);
1023 }
1024 }
1025 circuit_build_times_update_alpha(&estimate);
1026 timeout1 = circuit_build_times_calculate_timeout(&estimate,
1027 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
1028 circuit_build_times_set_timeout(&estimate);
1029 log_notice(LD_CIRC, "Timeout1 is %f, Xm is %d", timeout1, estimate.Xm);
1030 /* 2% error */
1031 } while (fabs(circuit_build_times_cdf(&initial, timeout0) -
1032 circuit_build_times_cdf(&initial, timeout1)) > 0.02);
1033
1034 test_assert(estimate.total_build_times <= CBT_NCIRCUITS_TO_OBSERVE);
1035
1036 circuit_build_times_update_state(&estimate, &state);
1037 test_assert(circuit_build_times_parse_state(&final, &state) == 0);
1038
1039 circuit_build_times_update_alpha(&final);
1040 timeout2 = circuit_build_times_calculate_timeout(&final,
1041 CBT_DEFAULT_QUANTILE_CUTOFF/100.0);
1042
1043 circuit_build_times_set_timeout(&final);
1044 log_notice(LD_CIRC, "Timeout2 is %f, Xm is %d", timeout2, final.Xm);
1045
1046 /* 5% here because some accuracy is lost due to histogram conversion */
1047 test_assert(fabs(circuit_build_times_cdf(&initial, timeout0) -
1048 circuit_build_times_cdf(&initial, timeout2)) < 0.05);
1049
1050 for (runs = 0; runs < 50; runs++) {
1051 int build_times_idx = 0;
1052 int total_build_times = 0;
1053
1054 final.close_ms = final.timeout_ms = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
1055 estimate.close_ms = estimate.timeout_ms
1056 = CBT_DEFAULT_TIMEOUT_INITIAL_VALUE;
1057
1058 for (i = 0; i < CBT_DEFAULT_RECENT_CIRCUITS*2; i++) {
1059 circuit_build_times_network_circ_success(&estimate);
1060 circuit_build_times_add_time(&estimate,
1061 circuit_build_times_generate_sample(&estimate, 0,
1062 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
1063
1064 circuit_build_times_network_circ_success(&estimate);
1065 circuit_build_times_add_time(&final,
1066 circuit_build_times_generate_sample(&final, 0,
1067 CBT_DEFAULT_QUANTILE_CUTOFF/100.0));
1068 }
1069
1070 test_assert(!circuit_build_times_network_check_changed(&estimate));
1071 test_assert(!circuit_build_times_network_check_changed(&final));
1072
1073 /* Reset liveness to be non-live */
1074 final.liveness.network_last_live = 0;
1075 estimate.liveness.network_last_live = 0;
1076
1077 build_times_idx = estimate.build_times_idx;
1078 total_build_times = estimate.total_build_times;
1079
1080 test_assert(circuit_build_times_network_check_live(&estimate));
1081 test_assert(circuit_build_times_network_check_live(&final));
1082
1083 circuit_build_times_count_close(&estimate, 0,
1084 (time_t)(approx_time()-estimate.close_ms/1000.0-1));
1085 circuit_build_times_count_close(&final, 0,
1086 (time_t)(approx_time()-final.close_ms/1000.0-1));
1087
1088 test_assert(!circuit_build_times_network_check_live(&estimate));
1089 test_assert(!circuit_build_times_network_check_live(&final));
1090
1091 log_info(LD_CIRC, "idx: %d %d, tot: %d %d",
1092 build_times_idx, estimate.build_times_idx,
1093 total_build_times, estimate.total_build_times);
1094
1095 /* Check rollback index. Should match top of loop. */
1096 test_assert(build_times_idx == estimate.build_times_idx);
1097 // This can fail if estimate.total_build_times == 1000, because
1098 // in that case, rewind actually causes us to lose timeouts
1099 if (total_build_times != CBT_NCIRCUITS_TO_OBSERVE)
1100 test_assert(total_build_times == estimate.total_build_times);
1101
1102 /* Now simulate that the network has become live and we need
1103 * a change */
1104 circuit_build_times_network_is_live(&estimate);
1105 circuit_build_times_network_is_live(&final);
1106
1107 for (i = 0; i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT; i++) {
1108 circuit_build_times_count_timeout(&estimate, 1);
1109
1110 if (i < CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1) {
1111 circuit_build_times_count_timeout(&final, 1);
1112 }
1113 }
1114
1115 test_assert(estimate.liveness.after_firsthop_idx == 0);
1116 test_assert(final.liveness.after_firsthop_idx ==
1117 CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT-1);
1118
1119 test_assert(circuit_build_times_network_check_live(&estimate));
1120 test_assert(circuit_build_times_network_check_live(&final));
1121
1122 circuit_build_times_count_timeout(&final, 1);
1123 }
1124
1125 done:
1126 return;
1127 }
1128
1129 /* Helper: assert that short_policy parses and writes back out as itself,
1130 or as <b>expected</b> if that's provided. */
1131 static void
1132 test_short_policy_parse(const char *input,
1133 const char *expected)
1134 {
1135 short_policy_t *short_policy = NULL;
1136 char *out = NULL;
1137
1138 if (expected == NULL)
1139 expected = input;
1140
1141 short_policy = parse_short_policy(input);
1142 tt_assert(short_policy);
1143 out = write_short_policy(short_policy);
1144 tt_str_op(out, ==, expected);
1145
1146 done:
1147 tor_free(out);
1148 short_policy_free(short_policy);
1149 }
1150
1151 /** Helper: Parse the exit policy string in <b>policy_str</b>, and make sure
1152 * that policies_summarize() produces the string <b>expected_summary</b> from
1153 * it. */
1154 static void
1155 test_policy_summary_helper(const char *policy_str,
1156 const char *expected_summary)
1157 {
1158 config_line_t line;
1159 smartlist_t *policy = smartlist_new();
1160 char *summary = NULL;
1161 char *summary_after = NULL;
1162 int r;
1163 short_policy_t *short_policy = NULL;
1164
1165 line.key = (char*)"foo";
1166 line.value = (char *)policy_str;
1167 line.next = NULL;
1168
1169 r = policies_parse_exit_policy(&line, &policy, 1, 0, NULL, 1);
1170 test_eq(r, 0);
1171 summary = policy_summarize(policy, AF_INET);
1172
1173 test_assert(summary != NULL);
1174 test_streq(summary, expected_summary);
1175
1176 short_policy = parse_short_policy(summary);
1177 tt_assert(short_policy);
1178 summary_after = write_short_policy(short_policy);
1179 test_streq(summary, summary_after);
1180
1181 done:
1182 tor_free(summary_after);
1183 tor_free(summary);
1184 if (policy)
1185 addr_policy_list_free(policy);
1186 short_policy_free(short_policy);
1187 }
1188
1189 /** Run unit tests for generating summary lines of exit policies */
1190 static void
1191 test_policies(void)
1192 {
1193 int i;
1194 smartlist_t *policy = NULL, *policy2 = NULL, *policy3 = NULL,
1195 *policy4 = NULL, *policy5 = NULL, *policy6 = NULL,
1196 *policy7 = NULL;
1197 addr_policy_t *p;
1198 tor_addr_t tar;
1199 config_line_t line;
1200 smartlist_t *sm = NULL;
1201 char *policy_str = NULL;
1202
1203 policy = smartlist_new();
1204
1205 p = router_parse_addr_policy_item_from_string("reject 192.168.0.0/16:*",-1);
1206 test_assert(p != NULL);
1207 test_eq(ADDR_POLICY_REJECT, p->policy_type);
1208 tor_addr_from_ipv4h(&tar, 0xc0a80000u);
1209 test_eq(0, tor_addr_compare(&p->addr, &tar, CMP_EXACT));
1210 test_eq(16, p->maskbits);
1211 test_eq(1, p->prt_min);
1212 test_eq(65535, p->prt_max);
1213
1214 smartlist_add(policy, p);
1215
1216 tor_addr_from_ipv4h(&tar, 0x01020304u);
1217 test_assert(ADDR_POLICY_ACCEPTED ==
1218 compare_tor_addr_to_addr_policy(&tar, 2, policy));
1219 tor_addr_make_unspec(&tar);
1220 test_assert(ADDR_POLICY_PROBABLY_ACCEPTED ==
1221 compare_tor_addr_to_addr_policy(&tar, 2, policy));
1222 tor_addr_from_ipv4h(&tar, 0xc0a80102);
1223 test_assert(ADDR_POLICY_REJECTED ==
1224 compare_tor_addr_to_addr_policy(&tar, 2, policy));
1225
1226 test_assert(0 == policies_parse_exit_policy(NULL, &policy2, 1, 1, NULL, 1));
1227 test_assert(policy2);
1228
1229 policy3 = smartlist_new();
1230 p = router_parse_addr_policy_item_from_string("reject *:*",-1);
1231 test_assert(p != NULL);
1232 smartlist_add(policy3, p);
1233 p = router_parse_addr_policy_item_from_string("accept *:*",-1);
1234 test_assert(p != NULL);
1235 smartlist_add(policy3, p);
1236
1237 policy4 = smartlist_new();
1238 p = router_parse_addr_policy_item_from_string("accept *:443",-1);
1239 test_assert(p != NULL);
1240 smartlist_add(policy4, p);
1241 p = router_parse_addr_policy_item_from_string("accept *:443",-1);
1242 test_assert(p != NULL);
1243 smartlist_add(policy4, p);
1244
1245 policy5 = smartlist_new();
1246 p = router_parse_addr_policy_item_from_string("reject 0.0.0.0/8:*",-1);
1247 test_assert(p != NULL);
1248 smartlist_add(policy5, p);
1249 p = router_parse_addr_policy_item_from_string("reject 169.254.0.0/16:*",-1);
1250 test_assert(p != NULL);
1251 smartlist_add(policy5, p);
1252 p = router_parse_addr_policy_item_from_string("reject 127.0.0.0/8:*",-1);
1253 test_assert(p != NULL);
1254 smartlist_add(policy5, p);
1255 p = router_parse_addr_policy_item_from_string("reject 192.168.0.0/16:*",-1);
1256 test_assert(p != NULL);
1257 smartlist_add(policy5, p);
1258 p = router_parse_addr_policy_item_from_string("reject 10.0.0.0/8:*",-1);
1259 test_assert(p != NULL);
1260 smartlist_add(policy5, p);
1261 p = router_parse_addr_policy_item_from_string("reject 172.16.0.0/12:*",-1);
1262 test_assert(p != NULL);
1263 smartlist_add(policy5, p);
1264 p = router_parse_addr_policy_item_from_string("reject 80.190.250.90:*",-1);
1265 test_assert(p != NULL);
1266 smartlist_add(policy5, p);
1267 p = router_parse_addr_policy_item_from_string("reject *:1-65534",-1);
1268 test_assert(p != NULL);
1269 smartlist_add(policy5, p);
1270 p = router_parse_addr_policy_item_from_string("reject *:65535",-1);
1271 test_assert(p != NULL);
1272 smartlist_add(policy5, p);
1273 p = router_parse_addr_policy_item_from_string("accept *:1-65535",-1);
1274 test_assert(p != NULL);
1275 smartlist_add(policy5, p);
1276
1277 policy6 = smartlist_new();
1278 p = router_parse_addr_policy_item_from_string("accept 43.3.0.0/9:*",-1);
1279 test_assert(p != NULL);
1280 smartlist_add(policy6, p);
1281
1282 policy7 = smartlist_new();
1283 p = router_parse_addr_policy_item_from_string("accept 0.0.0.0/8:*",-1);
1284 test_assert(p != NULL);
1285 smartlist_add(policy7, p);
1286
1287 test_assert(!exit_policy_is_general_exit(policy));
1288 test_assert(exit_policy_is_general_exit(policy2));
1289 test_assert(!exit_policy_is_general_exit(NULL));
1290 test_assert(!exit_policy_is_general_exit(policy3));
1291 test_assert(!exit_policy_is_general_exit(policy4));
1292 test_assert(!exit_policy_is_general_exit(policy5));
1293 test_assert(!exit_policy_is_general_exit(policy6));
1294 test_assert(!exit_policy_is_general_exit(policy7));
1295
1296 test_assert(cmp_addr_policies(policy, policy2));
1297 test_assert(cmp_addr_policies(policy, NULL));
1298 test_assert(!cmp_addr_policies(policy2, policy2));
1299 test_assert(!cmp_addr_policies(NULL, NULL));
1300
1301 test_assert(!policy_is_reject_star(policy2, AF_INET));
1302 test_assert(policy_is_reject_star(policy, AF_INET));
1303 test_assert(policy_is_reject_star(NULL, AF_INET));
1304
1305 addr_policy_list_free(policy);
1306 policy = NULL;
1307
1308 /* make sure compacting logic works. */
1309 policy = NULL;
1310 line.key = (char*)"foo";
1311 line.value = (char*)"accept *:80,reject private:*,reject *:*";
1312 line.next = NULL;
1313 test_assert(0 == policies_parse_exit_policy(&line, &policy, 1, 0, NULL, 1));
1314 test_assert(policy);
1315 //test_streq(policy->string, "accept *:80");
1316 //test_streq(policy->next->string, "reject *:*");
1317 test_eq(smartlist_len(policy), 4);
1318
1319 /* test policy summaries */
1320 /* check if we properly ignore private IP addresses */
1321 test_policy_summary_helper("reject 192.168.0.0/16:*,"
1322 "reject 0.0.0.0/8:*,"
1323 "reject 10.0.0.0/8:*,"
1324 "accept *:10-30,"
1325 "accept *:90,"
1326 "reject *:*",
1327 "accept 10-30,90");
1328 /* check all accept policies, and proper counting of rejects */
1329 test_policy_summary_helper("reject 11.0.0.0/9:80,"
1330 "reject 12.0.0.0/9:80,"
1331 "reject 13.0.0.0/9:80,"
1332 "reject 14.0.0.0/9:80,"
1333 "accept *:*", "accept 1-65535");
1334 test_policy_summary_helper("reject 11.0.0.0/9:80,"
1335 "reject 12.0.0.0/9:80,"
1336 "reject 13.0.0.0/9:80,"
1337 "reject 14.0.0.0/9:80,"
1338 "reject 15.0.0.0:81,"
1339 "accept *:*", "accept 1-65535");
1340 test_policy_summary_helper("reject 11.0.0.0/9:80,"
1341 "reject 12.0.0.0/9:80,"
1342 "reject 13.0.0.0/9:80,"
1343 "reject 14.0.0.0/9:80,"
1344 "reject 15.0.0.0:80,"
1345 "accept *:*",
1346 "reject 80");
1347 /* no exits */
1348 test_policy_summary_helper("accept 11.0.0.0/9:80,"
1349 "reject *:*",
1350 "reject 1-65535");
1351 /* port merging */
1352 test_policy_summary_helper("accept *:80,"
1353 "accept *:81,"
1354 "accept *:100-110,"
1355 "accept *:111,"
1356 "reject *:*",
1357 "accept 80-81,100-111");
1358 /* border ports */
1359 test_policy_summary_helper("accept *:1,"
1360 "accept *:3,"
1361 "accept *:65535,"
1362 "reject *:*",
1363 "accept 1,3,65535");
1364 /* holes */
1365 test_policy_summary_helper("accept *:1,"
1366 "accept *:3,"
1367 "accept *:5,"
1368 "accept *:7,"
1369 "reject *:*",
1370 "accept 1,3,5,7");
1371 test_policy_summary_helper("reject *:1,"
1372 "reject *:3,"
1373 "reject *:5,"
1374 "reject *:7,"
1375 "accept *:*",
1376 "reject 1,3,5,7");
1377
1378 /* Short policies with unrecognized formats should get accepted. */
1379 test_short_policy_parse("accept fred,2,3-5", "accept 2,3-5");
1380 test_short_policy_parse("accept 2,fred,3", "accept 2,3");
1381 test_short_policy_parse("accept 2,fred,3,bob", "accept 2,3");
1382 test_short_policy_parse("accept 2,-3,500-600", "accept 2,500-600");
1383 /* Short policies with nil entries are accepted too. */
1384 test_short_policy_parse("accept 1,,3", "accept 1,3");
1385 test_short_policy_parse("accept 100-200,,", "accept 100-200");
1386 test_short_policy_parse("reject ,1-10,,,,30-40", "reject 1-10,30-40");
1387
1388 /* Try parsing various broken short policies */
1389 tt_ptr_op(NULL, ==, parse_short_policy("accept 200-199"));
1390 tt_ptr_op(NULL, ==, parse_short_policy(""));
1391 tt_ptr_op(NULL, ==, parse_short_policy("rejekt 1,2,3"));
1392 tt_ptr_op(NULL, ==, parse_short_policy("reject "));
1393 tt_ptr_op(NULL, ==, parse_short_policy("reject"));
1394 tt_ptr_op(NULL, ==, parse_short_policy("rej"));
1395 tt_ptr_op(NULL, ==, parse_short_policy("accept 2,3,100000"));
1396 tt_ptr_op(NULL, ==, parse_short_policy("accept 2,3x,4"));
1397 tt_ptr_op(NULL, ==, parse_short_policy("accept 2,3x,4"));
1398 tt_ptr_op(NULL, ==, parse_short_policy("accept 2-"));
1399 tt_ptr_op(NULL, ==, parse_short_policy("accept 2-x"));
1400 tt_ptr_op(NULL, ==, parse_short_policy("accept 1-,3"));
1401 tt_ptr_op(NULL, ==, parse_short_policy("accept 1-,3"));
1402 /* Test a too-long policy. */
1403 {
1404 int i;
1405 char *policy = NULL;
1406 smartlist_t *chunks = smartlist_new();
1407 smartlist_add(chunks, tor_strdup("accept "));
1408 for (i=1; i<10000; ++i)
1409 smartlist_add_asprintf(chunks, "%d,", i);
1410 smartlist_add(chunks, tor_strdup("20000"));
1411 policy = smartlist_join_strings(chunks, "", 0, NULL);
1412 SMARTLIST_FOREACH(chunks, char *, ch, tor_free(ch));
1413 smartlist_free(chunks);
1414 tt_ptr_op(NULL, ==, parse_short_policy(policy));/* shouldn't be accepted */
1415 tor_free(policy); /* could leak. */
1416 }
1417
1418 /* truncation ports */
1419 sm = smartlist_new();
1420 for (i=1; i<2000; i+=2) {
1421 char buf[POLICY_BUF_LEN];
1422 tor_snprintf(buf, sizeof(buf), "reject *:%d", i);
1423 smartlist_add(sm, tor_strdup(buf));
1424 }
1425 smartlist_add(sm, tor_strdup("accept *:*"));
1426 policy_str = smartlist_join_strings(sm, ",", 0, NULL);
1427 test_policy_summary_helper( policy_str,
1428 "accept 2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,"
1429 "46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,"
1430 "92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,"
1431 "130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,"
1432 "166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,"
1433 "202,204,206,208,210,212,214,216,218,220,222,224,226,228,230,232,234,236,"
1434 "238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,"
1435 "274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,"
1436 "310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342,344,"
1437 "346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,"
1438 "382,384,386,388,390,392,394,396,398,400,402,404,406,408,410,412,414,416,"
1439 "418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,"
1440 "454,456,458,460,462,464,466,468,470,472,474,476,478,480,482,484,486,488,"
1441 "490,492,494,496,498,500,502,504,506,508,510,512,514,516,518,520,522");
1442
1443 done:
1444 addr_policy_list_free(policy);
1445 addr_policy_list_free(policy2);
1446 addr_policy_list_free(policy3);
1447 addr_policy_list_free(policy4);
1448 addr_policy_list_free(policy5);
1449 addr_policy_list_free(policy6);
1450 addr_policy_list_free(policy7);
1451 tor_free(policy_str);
1452 if (sm) {
1453 SMARTLIST_FOREACH(sm, char *, s, tor_free(s));
1454 smartlist_free(sm);
1455 }
1456 }
1457
1458 /** Test encoding and parsing of rendezvous service descriptors. */
1459 static void
1460 test_rend_fns(void)
1461 {
1462 rend_service_descriptor_t *generated = NULL, *parsed = NULL;
1463 char service_id[DIGEST_LEN];
1464 char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
1465 const char *next_desc;
1466 smartlist_t *descs = smartlist_new();
1467 char computed_desc_id[DIGEST_LEN];
1468 char parsed_desc_id[DIGEST_LEN];
1469 crypto_pk_t *pk1 = NULL, *pk2 = NULL;
1470 time_t now;
1471 char *intro_points_encrypted = NULL;
1472 size_t intro_points_size;
1473 size_t encoded_size;
1474 int i;
1475 char address1[] = "fooaddress.onion";
1476 char address2[] = "aaaaaaaaaaaaaaaa.onion";
1477 char address3[] = "fooaddress.exit";
1478 char address4[] = "www.torproject.org";
1479 char address5[] = "foo.abcdefghijklmnop.onion";
1480 char address6[] = "foo.bar.abcdefghijklmnop.onion";
1481 char address7[] = ".abcdefghijklmnop.onion";
1482
1483 test_assert(BAD_HOSTNAME == parse_extended_hostname(address1));
1484 test_assert(ONION_HOSTNAME == parse_extended_hostname(address2));
1485 test_streq(address2, "aaaaaaaaaaaaaaaa");
1486 test_assert(EXIT_HOSTNAME == parse_extended_hostname(address3));
1487 test_assert(NORMAL_HOSTNAME == parse_extended_hostname(address4));
1488 test_assert(ONION_HOSTNAME == parse_extended_hostname(address5));
1489 test_streq(address5, "abcdefghijklmnop");
1490 test_assert(ONION_HOSTNAME == parse_extended_hostname(address6));
1491 test_streq(address6, "abcdefghijklmnop");
1492 test_assert(BAD_HOSTNAME == parse_extended_hostname(address7));
1493
1494 pk1 = pk_generate(0);
1495 pk2 = pk_generate(1);
1496 generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
1497 generated->pk = crypto_pk_dup_key(pk1);
1498 crypto_pk_get_digest(generated->pk, service_id);
1499 base32_encode(service_id_base32, REND_SERVICE_ID_LEN_BASE32+1,
1500 service_id, REND_SERVICE_ID_LEN);
1501 now = time(NULL);
1502 generated->timestamp = now;
1503 generated->version = 2;
1504 generated->protocols = 42;
1505 generated->intro_nodes = smartlist_new();
1506
1507 for (i = 0; i < 3; i++) {
1508 rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
1509 crypto_pk_t *okey = pk_generate(2 + i);
1510 intro->extend_info = tor_malloc_zero(sizeof(extend_info_t));
1511 intro->extend_info->onion_key = okey;
1512 crypto_pk_get_digest(intro->extend_info->onion_key,
1513 intro->extend_info->identity_digest);
1514 //crypto_rand(info->identity_digest, DIGEST_LEN); /* Would this work? */
1515 intro->extend_info->nickname[0] = '$';
1516 base16_encode(intro->extend_info->nickname + 1,
1517 sizeof(intro->extend_info->nickname) - 1,
1518 intro->extend_info->identity_digest, DIGEST_LEN);
1519 /* Does not cover all IP addresses. */
1520 tor_addr_from_ipv4h(&intro->extend_info->addr, crypto_rand_int(65536));
1521 intro->extend_info->port = 1 + crypto_rand_int(65535);
1522 intro->intro_key = crypto_pk_dup_key(pk2);
1523 smartlist_add(generated->intro_nodes, intro);
1524 }
1525 test_assert(rend_encode_v2_descriptors(descs, generated, now, 0,
1526 REND_NO_AUTH, NULL, NULL) > 0);
1527 test_assert(rend_compute_v2_desc_id(computed_desc_id, service_id_base32,
1528 NULL, now, 0) == 0);
1529 test_memeq(((rend_encoded_v2_service_descriptor_t *)
1530 smartlist_get(descs, 0))->desc_id, computed_desc_id, DIGEST_LEN);
1531 test_assert(rend_parse_v2_service_descriptor(&parsed, parsed_desc_id,
1532 &intro_points_encrypted,
1533 &intro_points_size,
1534 &encoded_size,
1535 &next_desc,
1536 ((rend_encoded_v2_service_descriptor_t *)
1537 smartlist_get(descs, 0))->desc_str) == 0);
1538 test_assert(parsed);
1539 test_memeq(((rend_encoded_v2_service_descriptor_t *)
1540 smartlist_get(descs, 0))->desc_id, parsed_desc_id, DIGEST_LEN);
1541 test_eq(rend_parse_introduction_points(parsed, intro_points_encrypted,
1542 intro_points_size), 3);
1543 test_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk));
1544 test_eq(parsed->timestamp, now);
1545 test_eq(parsed->version, 2);
1546 test_eq(parsed->protocols, 42);
1547 test_eq(smartlist_len(parsed->intro_nodes), 3);
1548 for (i = 0; i < smartlist_len(parsed->intro_nodes); i++) {
1549 rend_intro_point_t *par_intro = smartlist_get(parsed->intro_nodes, i),
1550 *gen_intro = smartlist_get(generated->intro_nodes, i);
1551 extend_info_t *par_info = par_intro->extend_info;
1552 extend_info_t *gen_info = gen_intro->extend_info;
1553 test_assert(!crypto_pk_cmp_keys(gen_info->onion_key, par_info->onion_key));
1554 test_memeq(gen_info->identity_digest, par_info->identity_digest,
1555 DIGEST_LEN);
1556 test_streq(gen_info->nickname, par_info->nickname);
1557 test_assert(tor_addr_eq(&gen_info->addr, &par_info->addr));
1558 test_eq(gen_info->port, par_info->port);
1559 }
1560
1561 rend_service_descriptor_free(parsed);
1562 rend_service_descriptor_free(generated);
1563 parsed = generated = NULL;
1564
1565 done:
1566 if (descs) {
1567 for (i = 0; i < smartlist_len(descs); i++)
1568 rend_encoded_v2_service_descriptor_free(smartlist_get(descs, i));
1569 smartlist_free(descs);
1570 }
1571 if (parsed)
1572 rend_service_descriptor_free(parsed);
1573 if (generated)
1574 rend_service_descriptor_free(generated);
1575 if (pk1)
1576 crypto_pk_free(pk1);
1577 if (pk2)
1578 crypto_pk_free(pk2);
1579 tor_free(intro_points_encrypted);
1580 }
1581
1582 /** Run unit tests for GeoIP code. */
1583 static void
1584 test_geoip(void)
1585 {
1586 int i, j;
1587 time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */
1588 char *s = NULL, *v = NULL;
1589 const char *bridge_stats_1 =
1590 "bridge-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1591 "bridge-ips zz=24,xy=8\n"
1592 "bridge-ip-versions v4=16,v6=16\n",
1593 *dirreq_stats_1 =
1594 "dirreq-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1595 "dirreq-v3-ips ab=8\n"
1596 "dirreq-v3-reqs ab=8\n"
1597 "dirreq-v3-resp ok=0,not-enough-sigs=0,unavailable=0,not-found=0,"
1598 "not-modified=0,busy=0\n"
1599 "dirreq-v3-direct-dl complete=0,timeout=0,running=0\n"
1600 "dirreq-v3-tunneled-dl complete=0,timeout=0,running=0\n",
1601 *dirreq_stats_2 =
1602 "dirreq-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1603 "dirreq-v3-ips \n"
1604 "dirreq-v3-reqs \n"
1605 "dirreq-v3-resp ok=0,not-enough-sigs=0,unavailable=0,not-found=0,"
1606 "not-modified=0,busy=0\n"
1607 "dirreq-v3-direct-dl complete=0,timeout=0,running=0\n"
1608 "dirreq-v3-tunneled-dl complete=0,timeout=0,running=0\n",
1609 *dirreq_stats_3 =
1610 "dirreq-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1611 "dirreq-v3-ips \n"
1612 "dirreq-v3-reqs \n"
1613 "dirreq-v3-resp ok=8,not-enough-sigs=0,unavailable=0,not-found=0,"
1614 "not-modified=0,busy=0\n"
1615 "dirreq-v3-direct-dl complete=0,timeout=0,running=0\n"
1616 "dirreq-v3-tunneled-dl complete=0,timeout=0,running=0\n",
1617 *dirreq_stats_4 =
1618 "dirreq-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1619 "dirreq-v3-ips \n"
1620 "dirreq-v3-reqs \n"
1621 "dirreq-v3-resp ok=8,not-enough-sigs=0,unavailable=0,not-found=0,"
1622 "not-modified=0,busy=0\n"
1623 "dirreq-v3-direct-dl complete=0,timeout=0,running=0\n"
1624 "dirreq-v3-tunneled-dl complete=0,timeout=0,running=4\n",
1625 *entry_stats_1 =
1626 "entry-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1627 "entry-ips ab=8\n",
1628 *entry_stats_2 =
1629 "entry-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1630 "entry-ips \n";
1631 tor_addr_t addr;
1632 struct in6_addr in6;
1633
1634 /* Populate the DB a bit. Add these in order, since we can't do the final
1635 * 'sort' step. These aren't very good IP addresses, but they're perfectly
1636 * fine uint32_t values. */
1637 test_eq(0, geoip_parse_entry("10,50,AB", AF_INET));
1638 test_eq(0, geoip_parse_entry("52,90,XY", AF_INET));
1639 test_eq(0, geoip_parse_entry("95,100,AB", AF_INET));
1640 test_eq(0, geoip_parse_entry("\"105\",\"140\",\"ZZ\"", AF_INET));
1641 test_eq(0, geoip_parse_entry("\"150\",\"190\",\"XY\"", AF_INET));
1642 test_eq(0, geoip_parse_entry("\"200\",\"250\",\"AB\"", AF_INET));
1643
1644 /* Populate the IPv6 DB equivalently with fake IPs in the same range */
1645 test_eq(0, geoip_parse_entry("::a,::32,AB", AF_INET6));
1646 test_eq(0, geoip_parse_entry("::34,::5a,XY", AF_INET6));
1647 test_eq(0, geoip_parse_entry("::5f,::64,AB", AF_INET6));
1648 test_eq(0, geoip_parse_entry("::69,::8c,ZZ", AF_INET6));
1649 test_eq(0, geoip_parse_entry("::96,::be,XY", AF_INET6));
1650 test_eq(0, geoip_parse_entry("::c8,::fa,AB", AF_INET6));
1651
1652 /* We should have 4 countries: ??, ab, xy, zz. */
1653 test_eq(4, geoip_get_n_countries());
1654 memset(&in6, 0, sizeof(in6));
1655
1656 /* Make sure that country ID actually works. */
1657 #define SET_TEST_IPV6(i) \
1658 do { \
1659 set_uint32(in6.s6_addr + 12, htonl((uint32_t) (i))); \
1660 } while (0)
1661 #define CHECK_COUNTRY(country, val) do { \
1662 /* test ipv4 country lookup */ \
1663 test_streq(country, \
1664 geoip_get_country_name(geoip_get_country_by_ipv4(val))); \
1665 /* test ipv6 country lookup */ \
1666 SET_TEST_IPV6(val); \
1667 test_streq(country, \
1668 geoip_get_country_name(geoip_get_country_by_ipv6(&in6))); \
1669 } while (0)
1670
1671 CHECK_COUNTRY("??", 3);
1672 CHECK_COUNTRY("ab", 32);
1673 CHECK_COUNTRY("??", 5);
1674 CHECK_COUNTRY("??", 51);
1675 CHECK_COUNTRY("xy", 150);
1676 CHECK_COUNTRY("xy", 190);
1677 CHECK_COUNTRY("??", 2000);
1678
1679 test_eq(0, geoip_get_country_by_ipv4(3));
1680 SET_TEST_IPV6(3);
1681 test_eq(0, geoip_get_country_by_ipv6(&in6));
1682
1683 #undef CHECK_COUNTRY
1684
1685 /* Record odd numbered fake-IPs using ipv6, even numbered fake-IPs
1686 * using ipv4. Since our fake geoip database is the same between
1687 * ipv4 and ipv6, we should get the same result no matter which
1688 * address family we pick for each IP. */
1689 #define SET_TEST_ADDRESS(i) do { \
1690 if ((i) & 1) { \
1691 SET_TEST_IPV6(i); \
1692 tor_addr_from_in6(&addr, &in6); \
1693 } else { \
1694 tor_addr_from_ipv4h(&addr, (uint32_t) i); \
1695 } \
1696 } while (0)
1697
1698 get_options_mutable()->BridgeRelay = 1;
1699 get_options_mutable()->BridgeRecordUsageByCountry = 1;
1700 /* Put 9 observations in AB... */
1701 for (i=32; i < 40; ++i) {
1702 SET_TEST_ADDRESS(i);
1703 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now-7200);
1704 }
1705 SET_TEST_ADDRESS(225);
1706 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now-7200);
1707 /* and 3 observations in XY, several times. */
1708 for (j=0; j < 10; ++j)
1709 for (i=52; i < 55; ++i) {
1710 SET_TEST_ADDRESS(i);
1711 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now-3600);
1712 }
1713 /* and 17 observations in ZZ... */
1714 for (i=110; i < 127; ++i) {
1715 SET_TEST_ADDRESS(i);
1716 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now);
1717 }
1718 geoip_get_client_history(GEOIP_CLIENT_CONNECT, &s, &v);
1719 test_assert(s);
1720 test_assert(v);
1721 test_streq("zz=24,ab=16,xy=8", s);
1722 test_streq("v4=16,v6=16", v);
1723 tor_free(s);
1724 tor_free(v);
1725
1726 /* Now clear out all the AB observations. */
1727 geoip_remove_old_clients(now-6000);
1728 geoip_get_client_history(GEOIP_CLIENT_CONNECT, &s, &v);
1729 test_assert(s);
1730 test_assert(v);
1731 test_streq("zz=24,xy=8", s);
1732 test_streq("v4=16,v6=16", v);
1733 tor_free(s);
1734 tor_free(v);
1735
1736 /* Start testing bridge statistics by making sure that we don't output
1737 * bridge stats without initializing them. */
1738 s = geoip_format_bridge_stats(now + 86400);
1739 test_assert(!s);
1740
1741 /* Initialize stats and generate the bridge-stats history string out of
1742 * the connecting clients added above. */
1743 geoip_bridge_stats_init(now);
1744 s = geoip_format_bridge_stats(now + 86400);
1745 test_assert(s);
1746 test_streq(bridge_stats_1, s);
1747 tor_free(s);
1748
1749 /* Stop collecting bridge stats and make sure we don't write a history
1750 * string anymore. */
1751 geoip_bridge_stats_term();
1752 s = geoip_format_bridge_stats(now + 86400);
1753 test_assert(!s);
1754
1755 /* Stop being a bridge and start being a directory mirror that gathers
1756 * directory request statistics. */
1757 geoip_bridge_stats_term();
1758 get_options_mutable()->BridgeRelay = 0;
1759 get_options_mutable()->BridgeRecordUsageByCountry = 0;
1760 get_options_mutable()->DirReqStatistics = 1;
1761
1762 /* Start testing dirreq statistics by making sure that we don't collect
1763 * dirreq stats without initializing them. */
1764 SET_TEST_ADDRESS(100);
1765 geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, &addr, now);
1766 s = geoip_format_dirreq_stats(now + 86400);
1767 test_assert(!s);
1768
1769 /* Initialize stats, note one connecting client, and generate the
1770 * dirreq-stats history string. */
1771 geoip_dirreq_stats_init(now);
1772 SET_TEST_ADDRESS(100);
1773 geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, &addr, now);
1774 s = geoip_format_dirreq_stats(now + 86400);
1775 test_streq(dirreq_stats_1, s);
1776 tor_free(s);
1777
1778 /* Stop collecting stats, add another connecting client, and ensure we
1779 * don't generate a history string. */
1780 geoip_dirreq_stats_term();
1781 SET_TEST_ADDRESS(101);
1782 geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, &addr, now);
1783 s = geoip_format_dirreq_stats(now + 86400);
1784 test_assert(!s);
1785
1786 /* Re-start stats, add a connecting client, reset stats, and make sure
1787 * that we get an all empty history string. */
1788 geoip_dirreq_stats_init(now);
1789 SET_TEST_ADDRESS(100);
1790 geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, &addr, now);
1791 geoip_reset_dirreq_stats(now);
1792 s = geoip_format_dirreq_stats(now + 86400);
1793 test_streq(dirreq_stats_2, s);
1794 tor_free(s);
1795
1796 /* Note a successful network status response and make sure that it
1797 * appears in the history string. */
1798 geoip_note_ns_response(GEOIP_SUCCESS);
1799 s = geoip_format_dirreq_stats(now + 86400);
1800 test_streq(dirreq_stats_3, s);
1801 tor_free(s);
1802
1803 /* Start a tunneled directory request. */
1804 geoip_start_dirreq((uint64_t) 1, 1024, DIRREQ_TUNNELED);
1805 s = geoip_format_dirreq_stats(now + 86400);
1806 test_streq(dirreq_stats_4, s);
1807
1808 /* Stop collecting directory request statistics and start gathering
1809 * entry stats. */
1810 geoip_dirreq_stats_term();
1811 get_options_mutable()->DirReqStatistics = 0;
1812 get_options_mutable()->EntryStatistics = 1;
1813
1814 /* Start testing entry statistics by making sure that we don't collect
1815 * anything without initializing entry stats. */
1816 SET_TEST_ADDRESS(100);
1817 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now);
1818 s = geoip_format_entry_stats(now + 86400);
1819 test_assert(!s);
1820
1821 /* Initialize stats, note one connecting client, and generate the
1822 * entry-stats history string. */
1823 geoip_entry_stats_init(now);
1824 SET_TEST_ADDRESS(100);
1825 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now);
1826 s = geoip_format_entry_stats(now + 86400);
1827 test_streq(entry_stats_1, s);
1828 tor_free(s);
1829
1830 /* Stop collecting stats, add another connecting client, and ensure we
1831 * don't generate a history string. */
1832 geoip_entry_stats_term();
1833 SET_TEST_ADDRESS(101);
1834 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now);
1835 s = geoip_format_entry_stats(now + 86400);
1836 test_assert(!s);
1837
1838 /* Re-start stats, add a connecting client, reset stats, and make sure
1839 * that we get an all empty history string. */
1840 geoip_entry_stats_init(now);
1841 SET_TEST_ADDRESS(100);
1842 geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &addr, now);
1843 geoip_reset_entry_stats(now);
1844 s = geoip_format_entry_stats(now + 86400);
1845 test_streq(entry_stats_2, s);
1846 tor_free(s);
1847
1848 #undef SET_TEST_ADDRESS
1849 #undef SET_TEST_IPV6
1850
1851 /* Stop collecting entry statistics. */
1852 geoip_entry_stats_term();
1853 get_options_mutable()->EntryStatistics = 0;
1854
1855 done:
1856 tor_free(s);
1857 tor_free(v);
1858 }
1859
1860 /** Run unit tests for stats code. */
1861 static void
1862 test_stats(void)
1863 {
1864 time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */
1865 char *s = NULL;
1866 int i;
1867
1868 /* Start with testing exit port statistics; we shouldn't collect exit
1869 * stats without initializing them. */
1870 rep_hist_note_exit_stream_opened(80);
1871 rep_hist_note_exit_bytes(80, 100, 10000);
1872 s = rep_hist_format_exit_stats(now + 86400);
1873 test_assert(!s);
1874
1875 /* Initialize stats, note some streams and bytes, and generate history
1876 * string. */
1877 rep_hist_exit_stats_init(now);
1878 rep_hist_note_exit_stream_opened(80);
1879 rep_hist_note_exit_bytes(80, 100, 10000);
1880 rep_hist_note_exit_stream_opened(443);
1881 rep_hist_note_exit_bytes(443, 100, 10000);
1882 rep_hist_note_exit_bytes(443, 100, 10000);
1883 s = rep_hist_format_exit_stats(now + 86400);
1884 test_streq("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1885 "exit-kibibytes-written 80=1,443=1,other=0\n"
1886 "exit-kibibytes-read 80=10,443=20,other=0\n"
1887 "exit-streams-opened 80=4,443=4,other=0\n", s);
1888 tor_free(s);
1889
1890 /* Add a few bytes on 10 more ports and ensure that only the top 10
1891 * ports are contained in the history string. */
1892 for (i = 50; i < 60; i++) {
1893 rep_hist_note_exit_bytes(i, i, i);
1894 rep_hist_note_exit_stream_opened(i);
1895 }
1896 s = rep_hist_format_exit_stats(now + 86400);
1897 test_streq("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1898 "exit-kibibytes-written 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
1899 "59=1,80=1,443=1,other=1\n"
1900 "exit-kibibytes-read 52=1,53=1,54=1,55=1,56=1,57=1,58=1,"
1901 "59=1,80=10,443=20,other=1\n"
1902 "exit-streams-opened 52=4,53=4,54=4,55=4,56=4,57=4,58=4,"
1903 "59=4,80=4,443=4,other=4\n", s);
1904 tor_free(s);
1905
1906 /* Stop collecting stats, add some bytes, and ensure we don't generate
1907 * a history string. */
1908 rep_hist_exit_stats_term();
1909 rep_hist_note_exit_bytes(80, 100, 10000);
1910 s = rep_hist_format_exit_stats(now + 86400);
1911 test_assert(!s);
1912
1913 /* Re-start stats, add some bytes, reset stats, and see what history we
1914 * get when observing no streams or bytes at all. */
1915 rep_hist_exit_stats_init(now);
1916 rep_hist_note_exit_stream_opened(80);
1917 rep_hist_note_exit_bytes(80, 100, 10000);
1918 rep_hist_reset_exit_stats(now);
1919 s = rep_hist_format_exit_stats(now + 86400);
1920 test_streq("exit-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1921 "exit-kibibytes-written other=0\n"
1922 "exit-kibibytes-read other=0\n"
1923 "exit-streams-opened other=0\n", s);
1924 tor_free(s);
1925
1926 /* Continue with testing connection statistics; we shouldn't collect
1927 * conn stats without initializing them. */
1928 rep_hist_note_or_conn_bytes(1, 20, 400, now);
1929 s = rep_hist_format_conn_stats(now + 86400);
1930 test_assert(!s);
1931
1932 /* Initialize stats, note bytes, and generate history string. */
1933 rep_hist_conn_stats_init(now);
1934 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
1935 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
1936 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
1937 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
1938 s = rep_hist_format_conn_stats(now + 86400);
1939 test_streq("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,1,0\n", s);
1940 tor_free(s);
1941
1942 /* Stop collecting stats, add some bytes, and ensure we don't generate
1943 * a history string. */
1944 rep_hist_conn_stats_term();
1945 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
1946 s = rep_hist_format_conn_stats(now + 86400);
1947 test_assert(!s);
1948
1949 /* Re-start stats, add some bytes, reset stats, and see what history we
1950 * get when observing no bytes at all. */
1951 rep_hist_conn_stats_init(now);
1952 rep_hist_note_or_conn_bytes(1, 30000, 400000, now);
1953 rep_hist_note_or_conn_bytes(1, 30000, 400000, now + 5);
1954 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 10);
1955 rep_hist_note_or_conn_bytes(2, 400000, 30000, now + 15);
1956 rep_hist_reset_conn_stats(now);
1957 s = rep_hist_format_conn_stats(now + 86400);
1958 test_streq("conn-bi-direct 2010-08-12 13:27:30 (86400 s) 0,0,0,0\n", s);
1959 tor_free(s);
1960
1961 /* Continue with testing buffer statistics; we shouldn't collect buffer
1962 * stats without initializing them. */
1963 rep_hist_add_buffer_stats(2.0, 2.0, 20);
1964 s = rep_hist_format_buffer_stats(now + 86400);
1965 test_assert(!s);
1966
1967 /* Initialize stats, add statistics for a single circuit, and generate
1968 * the history string. */
1969 rep_hist_buffer_stats_init(now);
1970 rep_hist_add_buffer_stats(2.0, 2.0, 20);
1971 s = rep_hist_format_buffer_stats(now + 86400);
1972 test_streq("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1973 "cell-processed-cells 20,0,0,0,0,0,0,0,0,0\n"
1974 "cell-queued-cells 2.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
1975 "0.00,0.00\n"
1976 "cell-time-in-queue 2,0,0,0,0,0,0,0,0,0\n"
1977 "cell-circuits-per-decile 1\n", s);
1978 tor_free(s);
1979
1980 /* Add nineteen more circuit statistics to the one that's already in the
1981 * history to see that the math works correctly. */
1982 for (i = 21; i < 30; i++)
1983 rep_hist_add_buffer_stats(2.0, 2.0, i);
1984 for (i = 20; i < 30; i++)
1985 rep_hist_add_buffer_stats(3.5, 3.5, i);
1986 s = rep_hist_format_buffer_stats(now + 86400);
1987 test_streq("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
1988 "cell-processed-cells 29,28,27,26,25,24,23,22,21,20\n"
1989 "cell-queued-cells 2.75,2.75,2.75,2.75,2.75,2.75,2.75,2.75,"
1990 "2.75,2.75\n"
1991 "cell-time-in-queue 3,3,3,3,3,3,3,3,3,3\n"
1992 "cell-circuits-per-decile 2\n", s);
1993 tor_free(s);
1994
1995 /* Stop collecting stats, add statistics for one circuit, and ensure we
1996 * don't generate a history string. */
1997 rep_hist_buffer_stats_term();
1998 rep_hist_add_buffer_stats(2.0, 2.0, 20);
1999 s = rep_hist_format_buffer_stats(now + 86400);
2000 test_assert(!s);
2001
2002 /* Re-start stats, add statistics for one circuit, reset stats, and make
2003 * sure that the history has all zeros. */
2004 rep_hist_buffer_stats_init(now);
2005 rep_hist_add_buffer_stats(2.0, 2.0, 20);
2006 rep_hist_reset_buffer_stats(now);
2007 s = rep_hist_format_buffer_stats(now + 86400);
2008 test_streq("cell-stats-end 2010-08-12 13:27:30 (86400 s)\n"
2009 "cell-processed-cells 0,0,0,0,0,0,0,0,0,0\n"
2010 "cell-queued-cells 0.00,0.00,0.00,0.00,0.00,0.00,0.00,0.00,"
2011 "0.00,0.00\n"
2012 "cell-time-in-queue 0,0,0,0,0,0,0,0,0,0\n"
2013 "cell-circuits-per-decile 0\n", s);
2014
2015 done:
2016 tor_free(s);
2017 }
2018
2019 static void *
2020 legacy_test_setup(const struct testcase_t *testcase)
2021 {
2022 return testcase->setup_data;
2023 }
2024
2025 void
2026 legacy_test_helper(void *data)
2027 {
2028 void (*fn)(void) = data;
2029 fn();
2030 }
2031
2032 static int
2033 legacy_test_cleanup(const struct testcase_t *testcase, void *ptr)
2034 {
2035 (void)ptr;
2036 (void)testcase;
2037 return 1;
2038 }
2039
2040 const struct testcase_setup_t legacy_setup = {
2041 legacy_test_setup, legacy_test_cleanup
2042 };
2043
2044 #define ENT(name) \
2045 { #name, legacy_test_helper, 0, &legacy_setup, test_ ## name }
2046 #define FORK(name) \
2047 { #name, legacy_test_helper, TT_FORK, &legacy_setup, test_ ## name }
2048
2049 static struct testcase_t test_array[] = {
2050 ENT(buffers),
2051 { "buffer_copy", test_buffer_copy, 0, NULL, NULL },
2052 ENT(onion_handshake),
2053 ENT(onion_queues),
2054 #ifdef CURVE25519_ENABLED
2055 { "ntor_handshake", test_ntor_handshake, 0, NULL, NULL },
2056 #endif
2057 ENT(circuit_timeout),
2058 ENT(policies),
2059 ENT(rend_fns),
2060 ENT(geoip),
2061 FORK(stats),
2062
2063 END_OF_TESTCASES
2064 };
2065
2066 #define SOCKSENT(name) \
2067 { #name, test_socks_##name, TT_FORK, &socks_setup, NULL }
2068
2069 static struct testcase_t socks_tests[] = {
2070 SOCKSENT(4_unsupported_commands),
2071 SOCKSENT(4_supported_commands),
2072
2073 SOCKSENT(5_unsupported_commands),
2074 SOCKSENT(5_supported_commands),
2075 SOCKSENT(5_no_authenticate),
2076 SOCKSENT(5_auth_before_negotiation),
2077 SOCKSENT(5_authenticate),
2078 SOCKSENT(5_authenticate_with_data),
2079
2080 END_OF_TESTCASES
2081 };
2082
2083 extern struct testcase_t addr_tests[];
2084 extern struct testcase_t crypto_tests[];
2085 extern struct testcase_t container_tests[];
2086 extern struct testcase_t util_tests[];
2087 extern struct testcase_t dir_tests[];
2088 extern struct testcase_t microdesc_tests[];
2089 extern struct testcase_t pt_tests[];
2090 extern struct testcase_t config_tests[];
2091 extern struct testcase_t introduce_tests[];
2092 extern struct testcase_t replaycache_tests[];
2093 extern struct testcase_t cell_format_tests[];
2094
2095 static struct testgroup_t testgroups[] = {
2096 { "", test_array },
2097 { "socks/", socks_tests },
2098 { "addr/", addr_tests },
2099 { "crypto/", crypto_tests },
2100 { "container/", container_tests },
2101 { "util/", util_tests },
2102 { "cellfmt/", cell_format_tests },
2103 { "dir/", dir_tests },
2104 { "dir/md/", microdesc_tests },
2105 { "pt/", pt_tests },
2106 { "config/", config_tests },
2107 { "replaycache/", replaycache_tests },
2108 { "introduce/", introduce_tests },
2109 END_OF_GROUPS
2110 };
2111
2112 /** Main entry point for unit test code: parse the command line, and run
2113 * some unit tests. */
2114 int
2115 main(int c, const char **v)
2116 {
2117 or_options_t *options;
2118 char *errmsg = NULL;
2119 int i, i_out;
2120 int loglevel = LOG_ERR;
2121
2122 #ifdef USE_DMALLOC
2123 {
2124 int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_);
2125 tor_assert(r);
2126 }
2127 #endif
2128
2129 update_approx_time(time(NULL));
2130 options = options_new();
2131 tor_threads_init();
2132 init_logging();
2133
2134 for (i_out = i = 1; i < c; ++i) {
2135 if (!strcmp(v[i], "--warn")) {
2136 loglevel = LOG_WARN;
2137 } else if (!strcmp(v[i], "--notice")) {
2138 loglevel = LOG_NOTICE;
2139 } else if (!strcmp(v[i], "--info")) {
2140 loglevel = LOG_INFO;
2141 } else if (!strcmp(v[i], "--debug")) {
2142 loglevel = LOG_DEBUG;
2143 } else {
2144 v[i_out++] = v[i];
2145 }
2146 }
2147 c = i_out;
2148
2149 {
2150 log_severity_list_t s;
2151 memset(&s, 0, sizeof(s));
2152 set_log_severity_config(loglevel, LOG_ERR, &s);
2153 add_stream_log(&s, "", fileno(stdout));
2154 }
2155
2156 options->command = CMD_RUN_UNITTESTS;
2157 if (crypto_global_init(0, NULL, NULL)) {
2158 printf("Can't initialize crypto subsystem; exiting.\n");
2159 return 1;
2160 }
2161 crypto_set_tls_dh_prime(NULL);
2162 crypto_seed_rng(1);
2163 rep_hist_init();
2164 network_init();
2165 setup_directory();
2166 options_init(options);
2167 options->DataDirectory = tor_strdup(temp_dir);
2168 options->EntryStatistics = 1;
2169 if (set_options(options, &errmsg) < 0) {
2170 printf("Failed to set initial options: %s\n", errmsg);
2171 tor_free(errmsg);
2172 return 1;
2173 }
2174
2175 atexit(remove_directory);
2176
2177 have_failed = (tinytest_main(c, v, testgroups) != 0);
2178
2179 free_pregenerated_keys();
2180 #ifdef USE_DMALLOC
2181 tor_free_all(0);
2182 dmalloc_log_unfreed();
2183 #endif
2184
2185 if (have_failed)
2186 return 1;
2187 else
2188 return 0;
2189 }
2190
The Onion Router