1 /* Copyright (c) 2014-2017, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
8 #define DIRVOTE_PRIVATE
9 #define NETWORKSTATUS_PRIVATE
10 #define ROUTERLIST_PRIVATE
11 #define TOR_UNIT_TESTING
14 #include "connection.h"
15 #include "container.h"
16 #include "directory.h"
18 #include "entrynodes.h"
19 #include "microdesc.h"
20 #include "networkstatus.h"
24 #include "routerlist.h"
25 #include "routerparse.h"
26 #include "shared_random.h"
28 #include "test_dir_common.h"
30 void construct_consensus(char **consensus_text_md
);
32 static authority_cert_t
*mock_cert
;
34 static authority_cert_t
*
35 get_my_v3_authority_cert_m(void)
37 tor_assert(mock_cert
);
41 /* 4 digests + 3 sep + pre + post + NULL */
42 static char output
[4*BASE64_DIGEST256_LEN
+3+2+2+1];
45 mock_get_from_dirserver(uint8_t dir_purpose
, uint8_t router_purpose
,
46 const char *resource
, int pds_flags
,
47 download_want_authority_t want_authority
)
54 strlcpy(output
, resource
, sizeof(output
));
60 test_routerlist_initiate_descriptor_downloads(void *arg
)
62 const char *prose
= "unhurried and wise, we perceive.";
63 smartlist_t
*digests
= smartlist_new();
66 for (int i
= 0; i
< 20; i
++) {
67 smartlist_add(digests
, (char*)prose
);
70 MOCK(directory_get_from_dirserver
, mock_get_from_dirserver
);
71 initiate_descriptor_downloads(NULL
, DIR_PURPOSE_FETCH_MICRODESC
,
73 UNMOCK(directory_get_from_dirserver
);
75 tt_str_op(output
, OP_EQ
, "d/"
76 "dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
77 "dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
78 "dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
79 "dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4"
83 smartlist_free(digests
);
89 mock_initiate_descriptor_downloads(const routerstatus_t
*source
,
90 int purpose
, smartlist_t
*digests
,
91 int lo
, int hi
, int pds_flags
)
103 test_routerlist_launch_descriptor_downloads(void *arg
)
105 smartlist_t
*downloadable
= smartlist_new();
106 time_t now
= time(NULL
);
110 for (int i
= 0; i
< 100; i
++) {
111 cp
= tor_malloc(DIGEST256_LEN
);
113 crypto_rand(cp
, DIGEST256_LEN
);
114 smartlist_add(downloadable
, cp
);
117 MOCK(initiate_descriptor_downloads
, mock_initiate_descriptor_downloads
);
118 launch_descriptor_downloads(DIR_PURPOSE_FETCH_MICRODESC
, downloadable
,
120 tt_int_op(3, OP_EQ
, count
);
121 UNMOCK(initiate_descriptor_downloads
);
124 SMARTLIST_FOREACH(downloadable
, char *, cp1
, tor_free(cp1
));
125 smartlist_free(downloadable
);
129 construct_consensus(char **consensus_text_md
)
131 networkstatus_t
*vote
= NULL
;
132 networkstatus_t
*v1
= NULL
, *v2
= NULL
, *v3
= NULL
;
133 networkstatus_voter_info_t
*voter
= NULL
;
134 authority_cert_t
*cert1
=NULL
, *cert2
=NULL
, *cert3
=NULL
;
135 crypto_pk_t
*sign_skey_1
=NULL
, *sign_skey_2
=NULL
, *sign_skey_3
=NULL
;
136 crypto_pk_t
*sign_skey_leg
=NULL
;
137 time_t now
= time(NULL
);
138 smartlist_t
*votes
= NULL
;
141 tt_assert(!dir_common_authority_pk_init(&cert1
, &cert2
, &cert3
,
142 &sign_skey_1
, &sign_skey_2
,
144 sign_skey_leg
= pk_generate(4);
146 dir_common_construct_vote_1(&vote
, cert1
, sign_skey_1
,
147 &dir_common_gen_routerstatus_for_v3ns
,
148 &v1
, &n_vrs
, now
, 1);
149 networkstatus_vote_free(vote
);
151 tt_int_op(n_vrs
, OP_EQ
, 4);
152 tt_int_op(smartlist_len(v1
->routerstatus_list
), OP_EQ
, 4);
154 dir_common_construct_vote_2(&vote
, cert2
, sign_skey_2
,
155 &dir_common_gen_routerstatus_for_v3ns
,
156 &v2
, &n_vrs
, now
, 1);
157 networkstatus_vote_free(vote
);
159 tt_int_op(n_vrs
, OP_EQ
, 4);
160 tt_int_op(smartlist_len(v2
->routerstatus_list
), OP_EQ
, 4);
162 dir_common_construct_vote_3(&vote
, cert3
, sign_skey_3
,
163 &dir_common_gen_routerstatus_for_v3ns
,
164 &v3
, &n_vrs
, now
, 1);
167 tt_int_op(n_vrs
, OP_EQ
, 4);
168 tt_int_op(smartlist_len(v3
->routerstatus_list
), OP_EQ
, 4);
169 networkstatus_vote_free(vote
);
170 votes
= smartlist_new();
171 smartlist_add(votes
, v1
);
172 smartlist_add(votes
, v2
);
173 smartlist_add(votes
, v3
);
175 *consensus_text_md
= networkstatus_compute_consensus(votes
, 3,
178 "AAAAAAAAAAAAAAAAAAAA",
182 tt_assert(*consensus_text_md
);
186 networkstatus_vote_free(v1
);
187 networkstatus_vote_free(v2
);
188 networkstatus_vote_free(v3
);
189 smartlist_free(votes
);
190 authority_cert_free(cert1
);
191 authority_cert_free(cert2
);
192 authority_cert_free(cert3
);
193 crypto_pk_free(sign_skey_1
);
194 crypto_pk_free(sign_skey_2
);
195 crypto_pk_free(sign_skey_3
);
196 crypto_pk_free(sign_skey_leg
);
199 static int mock_usable_consensus_flavor_value
= FLAV_NS
;
202 mock_usable_consensus_flavor(void)
204 return mock_usable_consensus_flavor_value
;
208 test_router_pick_directory_server_impl(void *arg
)
212 networkstatus_t
*con_md
= NULL
;
213 char *consensus_text_md
= NULL
;
214 int flags
= PDS_IGNORE_FASCISTFIREWALL
|PDS_RETRY_IF_NO_SERVERS
;
215 or_options_t
*options
= get_options_mutable();
216 const routerstatus_t
*rs
= NULL
;
217 options
->UseMicrodescriptors
= 1;
218 char *router1_id
= NULL
, *router2_id
= NULL
, *router3_id
= NULL
;
219 node_t
*node_router1
= NULL
, *node_router2
= NULL
, *node_router3
= NULL
;
220 config_line_t
*policy_line
= NULL
;
221 time_t now
= time(NULL
);
222 int tmp_dirport1
, tmp_dirport3
;
226 MOCK(usable_consensus_flavor
, mock_usable_consensus_flavor
);
228 /* With no consensus, we must be bootstrapping, regardless of time or flavor
230 mock_usable_consensus_flavor_value
= FLAV_NS
;
231 tt_assert(networkstatus_consensus_is_bootstrapping(now
));
232 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2000));
233 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2*24*60*60));
234 tt_assert(networkstatus_consensus_is_bootstrapping(now
- 2*24*60*60));
236 mock_usable_consensus_flavor_value
= FLAV_MICRODESC
;
237 tt_assert(networkstatus_consensus_is_bootstrapping(now
));
238 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2000));
239 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2*24*60*60));
240 tt_assert(networkstatus_consensus_is_bootstrapping(now
- 2*24*60*60));
242 /* Init SR subsystem. */
243 MOCK(get_my_v3_authority_cert
, get_my_v3_authority_cert_m
);
244 mock_cert
= authority_cert_parse_from_string(AUTHORITY_CERT_1
, NULL
);
246 UNMOCK(get_my_v3_authority_cert
);
248 /* No consensus available, fail early */
249 rs
= router_pick_directory_server_impl(V3_DIRINFO
, (const int) 0, NULL
);
250 tt_ptr_op(rs
, OP_EQ
, NULL
);
252 construct_consensus(&consensus_text_md
);
253 tt_assert(consensus_text_md
);
254 con_md
= networkstatus_parse_vote_from_string(consensus_text_md
, NULL
,
257 tt_int_op(con_md
->flavor
,OP_EQ
, FLAV_MICRODESC
);
258 tt_assert(con_md
->routerstatus_list
);
259 tt_int_op(smartlist_len(con_md
->routerstatus_list
), OP_EQ
, 3);
260 tt_assert(!networkstatus_set_current_consensus_from_ns(con_md
,
263 /* If the consensus time or flavor doesn't match, we are still
265 mock_usable_consensus_flavor_value
= FLAV_NS
;
266 tt_assert(networkstatus_consensus_is_bootstrapping(now
));
267 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2000));
268 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2*24*60*60));
269 tt_assert(networkstatus_consensus_is_bootstrapping(now
- 2*24*60*60));
271 /* With a valid consensus for the current time and flavor, we stop
272 * bootstrapping, even if we have no certificates */
273 mock_usable_consensus_flavor_value
= FLAV_MICRODESC
;
274 tt_assert(!networkstatus_consensus_is_bootstrapping(now
+ 2000));
275 tt_assert(!networkstatus_consensus_is_bootstrapping(con_md
->valid_after
));
276 tt_assert(!networkstatus_consensus_is_bootstrapping(con_md
->valid_until
));
277 tt_assert(!networkstatus_consensus_is_bootstrapping(con_md
->valid_until
279 /* These times are outside the test validity period */
280 tt_assert(networkstatus_consensus_is_bootstrapping(now
));
281 tt_assert(networkstatus_consensus_is_bootstrapping(now
+ 2*24*60*60));
282 tt_assert(networkstatus_consensus_is_bootstrapping(now
- 2*24*60*60));
284 nodelist_set_consensus(con_md
);
285 nodelist_assert_ok();
287 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
288 /* We should not fail now we have a consensus and routerstatus_list
289 * and nodelist are populated. */
290 tt_ptr_op(rs
, OP_NE
, NULL
);
292 /* Manipulate the nodes so we get the dir server we expect */
293 router1_id
= tor_malloc(DIGEST_LEN
);
294 memset(router1_id
, TEST_DIR_ROUTER_ID_1
, DIGEST_LEN
);
295 router2_id
= tor_malloc(DIGEST_LEN
);
296 memset(router2_id
, TEST_DIR_ROUTER_ID_2
, DIGEST_LEN
);
297 router3_id
= tor_malloc(DIGEST_LEN
);
298 memset(router3_id
, TEST_DIR_ROUTER_ID_3
, DIGEST_LEN
);
300 node_router1
= node_get_mutable_by_id(router1_id
);
301 node_router2
= node_get_mutable_by_id(router2_id
);
302 node_router3
= node_get_mutable_by_id(router3_id
);
304 node_router1
->is_possible_guard
= 1;
306 node_router1
->is_running
= 0;
307 node_router3
->is_running
= 0;
308 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
309 tt_ptr_op(rs
, OP_NE
, NULL
);
310 tt_assert(tor_memeq(rs
->identity_digest
, router2_id
, DIGEST_LEN
));
312 node_router1
->is_running
= 1;
313 node_router3
->is_running
= 1;
315 node_router1
->rs
->is_v2_dir
= 0;
316 node_router3
->rs
->is_v2_dir
= 0;
317 tmp_dirport1
= node_router1
->rs
->dir_port
;
318 tmp_dirport3
= node_router3
->rs
->dir_port
;
319 node_router1
->rs
->dir_port
= 0;
320 node_router3
->rs
->dir_port
= 0;
321 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
322 tt_ptr_op(rs
, OP_NE
, NULL
);
323 tt_assert(tor_memeq(rs
->identity_digest
, router2_id
, DIGEST_LEN
));
325 node_router1
->rs
->is_v2_dir
= 1;
326 node_router3
->rs
->is_v2_dir
= 1;
327 node_router1
->rs
->dir_port
= tmp_dirport1
;
328 node_router3
->rs
->dir_port
= tmp_dirport3
;
330 node_router1
->is_valid
= 0;
331 node_router3
->is_valid
= 0;
332 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
333 tt_ptr_op(rs
, OP_NE
, NULL
);
334 tt_assert(tor_memeq(rs
->identity_digest
, router2_id
, DIGEST_LEN
));
336 node_router1
->is_valid
= 1;
337 node_router3
->is_valid
= 1;
339 /* Manipulate overloaded */
341 node_router2
->rs
->last_dir_503_at
= now
;
342 node_router3
->rs
->last_dir_503_at
= now
;
343 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
344 tt_ptr_op(rs
, OP_NE
, NULL
);
345 tt_assert(tor_memeq(rs
->identity_digest
, router1_id
, DIGEST_LEN
));
346 node_router2
->rs
->last_dir_503_at
= 0;
347 node_router3
->rs
->last_dir_503_at
= 0;
349 /* Set a Fascist firewall */
350 flags
&= ~ PDS_IGNORE_FASCISTFIREWALL
;
351 policy_line
= tor_malloc_zero(sizeof(config_line_t
));
352 policy_line
->key
= tor_strdup("ReachableORAddresses");
353 policy_line
->value
= tor_strdup("accept *:442, reject *:*");
354 options
->ReachableORAddresses
= policy_line
;
355 policies_parse_from_options(options
);
357 node_router1
->rs
->or_port
= 444;
358 node_router2
->rs
->or_port
= 443;
359 node_router3
->rs
->or_port
= 442;
360 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
361 tt_ptr_op(rs
, OP_NE
, NULL
);
362 tt_assert(tor_memeq(rs
->identity_digest
, router3_id
, DIGEST_LEN
));
363 node_router1
->rs
->or_port
= 442;
364 node_router2
->rs
->or_port
= 443;
365 node_router3
->rs
->or_port
= 444;
366 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
367 tt_ptr_op(rs
, OP_NE
, NULL
);
368 tt_assert(tor_memeq(rs
->identity_digest
, router1_id
, DIGEST_LEN
));
370 /* Fascist firewall and overloaded */
371 node_router1
->rs
->or_port
= 442;
372 node_router2
->rs
->or_port
= 443;
373 node_router3
->rs
->or_port
= 442;
374 node_router3
->rs
->last_dir_503_at
= now
;
375 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
376 tt_ptr_op(rs
, OP_NE
, NULL
);
377 tt_assert(tor_memeq(rs
->identity_digest
, router1_id
, DIGEST_LEN
));
378 node_router3
->rs
->last_dir_503_at
= 0;
380 /* Fascists against OR and Dir */
381 policy_line
= tor_malloc_zero(sizeof(config_line_t
));
382 policy_line
->key
= tor_strdup("ReachableAddresses");
383 policy_line
->value
= tor_strdup("accept *:80, reject *:*");
384 options
->ReachableDirAddresses
= policy_line
;
385 policies_parse_from_options(options
);
386 node_router1
->rs
->or_port
= 442;
387 node_router2
->rs
->or_port
= 441;
388 node_router3
->rs
->or_port
= 443;
389 node_router1
->rs
->dir_port
= 80;
390 node_router2
->rs
->dir_port
= 80;
391 node_router3
->rs
->dir_port
= 81;
392 node_router1
->rs
->last_dir_503_at
= now
;
393 rs
= router_pick_directory_server_impl(V3_DIRINFO
, flags
, NULL
);
394 tt_ptr_op(rs
, OP_NE
, NULL
);
395 tt_assert(tor_memeq(rs
->identity_digest
, router1_id
, DIGEST_LEN
));
396 node_router1
->rs
->last_dir_503_at
= 0;
399 UNMOCK(usable_consensus_flavor
);
402 tor_free(router1_id
);
404 tor_free(router2_id
);
406 tor_free(router3_id
);
407 if (options
->ReachableORAddresses
||
408 options
->ReachableDirAddresses
)
410 tor_free(consensus_text_md
);
411 networkstatus_vote_free(con_md
);
414 static connection_t
*mocked_connection
= NULL
;
416 /* Mock connection_get_by_type_addr_port_purpose by returning
417 * mocked_connection. */
418 static connection_t
*
419 mock_connection_get_by_type_addr_port_purpose(int type
,
420 const tor_addr_t
*addr
,
421 uint16_t port
, int purpose
)
428 return mocked_connection
;
431 #define TEST_ADDR_STR "127.0.0.1"
432 #define TEST_DIR_PORT 12345
435 test_routerlist_router_is_already_dir_fetching(void *arg
)
438 tor_addr_port_t test_ap
, null_addr_ap
, zero_port_ap
;
441 tor_addr_parse(&test_ap
.addr
, TEST_ADDR_STR
);
442 test_ap
.port
= TEST_DIR_PORT
;
443 tor_addr_make_null(&null_addr_ap
.addr
, AF_INET6
);
444 null_addr_ap
.port
= TEST_DIR_PORT
;
445 tor_addr_parse(&zero_port_ap
.addr
, TEST_ADDR_STR
);
446 zero_port_ap
.port
= 0;
447 MOCK(connection_get_by_type_addr_port_purpose
,
448 mock_connection_get_by_type_addr_port_purpose
);
450 /* Test that we never get 1 from a NULL connection */
451 mocked_connection
= NULL
;
452 tt_int_op(router_is_already_dir_fetching(&test_ap
, 1, 1), OP_EQ
, 0);
453 tt_int_op(router_is_already_dir_fetching(&test_ap
, 1, 0), OP_EQ
, 0);
454 tt_int_op(router_is_already_dir_fetching(&test_ap
, 0, 1), OP_EQ
, 0);
455 /* We always expect 0 in these cases */
456 tt_int_op(router_is_already_dir_fetching(&test_ap
, 0, 0), OP_EQ
, 0);
457 tt_int_op(router_is_already_dir_fetching(NULL
, 1, 1), OP_EQ
, 0);
458 tt_int_op(router_is_already_dir_fetching(&null_addr_ap
, 1, 1), OP_EQ
, 0);
459 tt_int_op(router_is_already_dir_fetching(&zero_port_ap
, 1, 1), OP_EQ
, 0);
461 /* Test that we get 1 with a connection in the appropriate circumstances */
462 mocked_connection
= connection_new(CONN_TYPE_DIR
, AF_INET
);
463 tt_int_op(router_is_already_dir_fetching(&test_ap
, 1, 1), OP_EQ
, 1);
464 tt_int_op(router_is_already_dir_fetching(&test_ap
, 1, 0), OP_EQ
, 1);
465 tt_int_op(router_is_already_dir_fetching(&test_ap
, 0, 1), OP_EQ
, 1);
467 /* Test that we get 0 even with a connection in the appropriate
469 tt_int_op(router_is_already_dir_fetching(&test_ap
, 0, 0), OP_EQ
, 0);
470 tt_int_op(router_is_already_dir_fetching(NULL
, 1, 1), OP_EQ
, 0);
471 tt_int_op(router_is_already_dir_fetching(&null_addr_ap
, 1, 1), OP_EQ
, 0);
472 tt_int_op(router_is_already_dir_fetching(&zero_port_ap
, 1, 1), OP_EQ
, 0);
475 /* If a connection is never set up, connection_free chokes on it. */
476 if (mocked_connection
) {
477 buf_free(mocked_connection
->inbuf
);
478 buf_free(mocked_connection
->outbuf
);
480 tor_free(mocked_connection
);
481 UNMOCK(connection_get_by_type_addr_port_purpose
);
487 #define NODE(name, flags) \
488 { #name, test_routerlist_##name, (flags), NULL, NULL }
489 #define ROUTER(name,flags) \
490 { #name, test_router_##name, (flags), NULL, NULL }
492 struct testcase_t routerlist_tests
[] = {
493 NODE(initiate_descriptor_downloads
, 0),
494 NODE(launch_descriptor_downloads
, 0),
495 NODE(router_is_already_dir_fetching
, TT_FORK
),
496 ROUTER(pick_directory_server_impl
, TT_FORK
),
