mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
Improvements to test_link_handshake: check specific error messages
Otherwise it's too easy to lose our test coverage.
This commit is contained in:
parent
26a63a9303
commit
1f7dc823c5
@ -15,6 +15,7 @@
|
||||
#include "scheduler.h"
|
||||
|
||||
#include "test.h"
|
||||
#include "log_test_helpers.h"
|
||||
|
||||
static var_cell_t *mock_got_var_cell = NULL;
|
||||
|
||||
@ -335,30 +336,51 @@ test_link_handshake_recv_certs_ok_server(void *arg)
|
||||
test_link_handshake_recv_certs_ ## name(void *arg) \
|
||||
{ \
|
||||
certs_data_t *d = arg; \
|
||||
const char *require_failure_message = NULL; \
|
||||
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||
{ code ; } \
|
||||
channel_tls_process_certs_cell(d->cell, d->chan); \
|
||||
tt_int_op(1, ==, mock_close_called); \
|
||||
tt_int_op(0, ==, mock_send_authenticate_called); \
|
||||
tt_int_op(0, ==, mock_send_netinfo_called); \
|
||||
if (require_failure_message) { \
|
||||
tt_assert(mock_saved_log_has_message_containing( \
|
||||
require_failure_message)); \
|
||||
} \
|
||||
done: \
|
||||
; \
|
||||
teardown_capture_of_logs(prev_level); \
|
||||
}
|
||||
|
||||
CERTS_FAIL(badstate, d->c->base_.state = OR_CONN_STATE_CONNECTING)
|
||||
CERTS_FAIL(badproto, d->c->link_proto = 2)
|
||||
CERTS_FAIL(duplicate, d->c->handshake_state->received_certs_cell = 1)
|
||||
CERTS_FAIL(badstate,
|
||||
require_failure_message = "We're not doing a v3 handshake!";
|
||||
d->c->base_.state = OR_CONN_STATE_CONNECTING;)
|
||||
CERTS_FAIL(badproto,
|
||||
require_failure_message = "not using link protocol >= 3";
|
||||
d->c->link_proto = 2)
|
||||
CERTS_FAIL(duplicate,
|
||||
require_failure_message = "We already got one";
|
||||
d->c->handshake_state->received_certs_cell = 1)
|
||||
CERTS_FAIL(already_authenticated,
|
||||
require_failure_message = "We're already authenticated!";
|
||||
d->c->handshake_state->authenticated = 1)
|
||||
CERTS_FAIL(empty, d->cell->payload_len = 0)
|
||||
CERTS_FAIL(bad_circid, d->cell->circ_id = 1)
|
||||
CERTS_FAIL(truncated_1, d->cell->payload[0] = 5)
|
||||
CERTS_FAIL(empty,
|
||||
require_failure_message = "It had no body";
|
||||
d->cell->payload_len = 0)
|
||||
CERTS_FAIL(bad_circid,
|
||||
require_failure_message = "It had a nonzero circuit ID";
|
||||
d->cell->circ_id = 1)
|
||||
CERTS_FAIL(truncated_1,
|
||||
require_failure_message = "It couldn't be parsed";
|
||||
d->cell->payload[0] = 5)
|
||||
CERTS_FAIL(truncated_2,
|
||||
{
|
||||
require_failure_message = "It couldn't be parsed";
|
||||
d->cell->payload_len = 4;
|
||||
memcpy(d->cell->payload, "\x01\x01\x00\x05", 4);
|
||||
})
|
||||
CERTS_FAIL(truncated_3,
|
||||
{
|
||||
require_failure_message = "It couldn't be parsed";
|
||||
d->cell->payload_len = 7;
|
||||
memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7);
|
||||
})
|
||||
@ -370,30 +392,35 @@ CERTS_FAIL(truncated_3,
|
||||
|
||||
CERTS_FAIL(not_x509,
|
||||
{
|
||||
require_failure_message = "Received undecodable certificate";
|
||||
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3);
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_len = 3;
|
||||
REENCODE();
|
||||
})
|
||||
CERTS_FAIL(both_link,
|
||||
{
|
||||
require_failure_message = "Duplicate x509 certificate";
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 1;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
||||
REENCODE();
|
||||
})
|
||||
CERTS_FAIL(both_id_rsa,
|
||||
{
|
||||
require_failure_message = "Duplicate x509 certificate";
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 2;
|
||||
REENCODE();
|
||||
})
|
||||
CERTS_FAIL(both_auth,
|
||||
{
|
||||
require_failure_message = "Duplicate x509 certificate";
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 3;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||
REENCODE();
|
||||
})
|
||||
CERTS_FAIL(wrong_labels_1,
|
||||
{
|
||||
require_failure_message = "The link certificate was not valid";
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
||||
REENCODE();
|
||||
@ -404,6 +431,7 @@ CERTS_FAIL(wrong_labels_2,
|
||||
const tor_x509_cert_t *b;
|
||||
const uint8_t *enca;
|
||||
size_t lena;
|
||||
require_failure_message = "The link certificate was not valid";
|
||||
tor_tls_get_my_certs(1, &a, &b);
|
||||
tor_x509_cert_get_der(a, &enca, &lena);
|
||||
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena);
|
||||
@ -414,16 +442,20 @@ CERTS_FAIL(wrong_labels_2,
|
||||
})
|
||||
CERTS_FAIL(wrong_labels_3,
|
||||
{
|
||||
require_failure_message = "The certs we wanted were missing";
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||
REENCODE();
|
||||
})
|
||||
CERTS_FAIL(server_missing_certs,
|
||||
{
|
||||
require_failure_message = "The certs we wanted were missing";
|
||||
d->c->handshake_state->started_here = 0;
|
||||
})
|
||||
CERTS_FAIL(server_wrong_labels_1,
|
||||
{
|
||||
require_failure_message =
|
||||
"The authentication certificate was not valid";
|
||||
d->c->handshake_state->started_here = 0;
|
||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||
@ -582,13 +614,19 @@ test_link_handshake_recv_authchallenge_ok_unrecognized(void *arg)
|
||||
test_link_handshake_recv_authchallenge_ ## name(void *arg) \
|
||||
{ \
|
||||
authchallenge_data_t *d = arg; \
|
||||
const char *require_failure_message = NULL; \
|
||||
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||
{ code ; } \
|
||||
channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
|
||||
tt_int_op(1, ==, mock_close_called); \
|
||||
tt_int_op(0, ==, mock_send_authenticate_called); \
|
||||
tt_int_op(0, ==, mock_send_netinfo_called); \
|
||||
if (require_failure_message) { \
|
||||
tt_assert(mock_saved_log_has_message_containing( \
|
||||
require_failure_message)); \
|
||||
} \
|
||||
done: \
|
||||
; \
|
||||
teardown_capture_of_logs(prev_level); \
|
||||
}
|
||||
|
||||
AUTHCHALLENGE_FAIL(badstate,
|
||||
@ -805,13 +843,19 @@ test_link_handshake_auth_cell(void *arg)
|
||||
test_link_handshake_auth_ ## name(void *arg) \
|
||||
{ \
|
||||
authenticate_data_t *d = arg; \
|
||||
const char *require_failure_message = NULL; \
|
||||
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||
{ code ; } \
|
||||
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
||||
channel_tls_process_authenticate_cell(d->cell, d->chan2); \
|
||||
tt_int_op(mock_close_called, ==, 1); \
|
||||
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
||||
done: \
|
||||
; \
|
||||
if (require_failure_message) { \
|
||||
tt_assert(mock_saved_log_has_message_containing( \
|
||||
require_failure_message)); \
|
||||
} \
|
||||
done: \
|
||||
teardown_capture_of_logs(prev_level); \
|
||||
}
|
||||
|
||||
AUTHENTICATE_FAIL(badstate,
|
||||
|
Loading…
Reference in New Issue
Block a user