mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Improvements to test_link_handshake: check specific error messages
Otherwise it's too easy to lose our test coverage.
This commit is contained in:
parent
26a63a9303
commit
1f7dc823c5
@ -15,6 +15,7 @@
|
|||||||
#include "scheduler.h"
|
#include "scheduler.h"
|
||||||
|
|
||||||
#include "test.h"
|
#include "test.h"
|
||||||
|
#include "log_test_helpers.h"
|
||||||
|
|
||||||
static var_cell_t *mock_got_var_cell = NULL;
|
static var_cell_t *mock_got_var_cell = NULL;
|
||||||
|
|
||||||
@ -335,30 +336,51 @@ test_link_handshake_recv_certs_ok_server(void *arg)
|
|||||||
test_link_handshake_recv_certs_ ## name(void *arg) \
|
test_link_handshake_recv_certs_ ## name(void *arg) \
|
||||||
{ \
|
{ \
|
||||||
certs_data_t *d = arg; \
|
certs_data_t *d = arg; \
|
||||||
|
const char *require_failure_message = NULL; \
|
||||||
|
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||||
{ code ; } \
|
{ code ; } \
|
||||||
channel_tls_process_certs_cell(d->cell, d->chan); \
|
channel_tls_process_certs_cell(d->cell, d->chan); \
|
||||||
tt_int_op(1, ==, mock_close_called); \
|
tt_int_op(1, ==, mock_close_called); \
|
||||||
tt_int_op(0, ==, mock_send_authenticate_called); \
|
tt_int_op(0, ==, mock_send_authenticate_called); \
|
||||||
tt_int_op(0, ==, mock_send_netinfo_called); \
|
tt_int_op(0, ==, mock_send_netinfo_called); \
|
||||||
|
if (require_failure_message) { \
|
||||||
|
tt_assert(mock_saved_log_has_message_containing( \
|
||||||
|
require_failure_message)); \
|
||||||
|
} \
|
||||||
done: \
|
done: \
|
||||||
; \
|
teardown_capture_of_logs(prev_level); \
|
||||||
}
|
}
|
||||||
|
|
||||||
CERTS_FAIL(badstate, d->c->base_.state = OR_CONN_STATE_CONNECTING)
|
CERTS_FAIL(badstate,
|
||||||
CERTS_FAIL(badproto, d->c->link_proto = 2)
|
require_failure_message = "We're not doing a v3 handshake!";
|
||||||
CERTS_FAIL(duplicate, d->c->handshake_state->received_certs_cell = 1)
|
d->c->base_.state = OR_CONN_STATE_CONNECTING;)
|
||||||
|
CERTS_FAIL(badproto,
|
||||||
|
require_failure_message = "not using link protocol >= 3";
|
||||||
|
d->c->link_proto = 2)
|
||||||
|
CERTS_FAIL(duplicate,
|
||||||
|
require_failure_message = "We already got one";
|
||||||
|
d->c->handshake_state->received_certs_cell = 1)
|
||||||
CERTS_FAIL(already_authenticated,
|
CERTS_FAIL(already_authenticated,
|
||||||
|
require_failure_message = "We're already authenticated!";
|
||||||
d->c->handshake_state->authenticated = 1)
|
d->c->handshake_state->authenticated = 1)
|
||||||
CERTS_FAIL(empty, d->cell->payload_len = 0)
|
CERTS_FAIL(empty,
|
||||||
CERTS_FAIL(bad_circid, d->cell->circ_id = 1)
|
require_failure_message = "It had no body";
|
||||||
CERTS_FAIL(truncated_1, d->cell->payload[0] = 5)
|
d->cell->payload_len = 0)
|
||||||
|
CERTS_FAIL(bad_circid,
|
||||||
|
require_failure_message = "It had a nonzero circuit ID";
|
||||||
|
d->cell->circ_id = 1)
|
||||||
|
CERTS_FAIL(truncated_1,
|
||||||
|
require_failure_message = "It couldn't be parsed";
|
||||||
|
d->cell->payload[0] = 5)
|
||||||
CERTS_FAIL(truncated_2,
|
CERTS_FAIL(truncated_2,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "It couldn't be parsed";
|
||||||
d->cell->payload_len = 4;
|
d->cell->payload_len = 4;
|
||||||
memcpy(d->cell->payload, "\x01\x01\x00\x05", 4);
|
memcpy(d->cell->payload, "\x01\x01\x00\x05", 4);
|
||||||
})
|
})
|
||||||
CERTS_FAIL(truncated_3,
|
CERTS_FAIL(truncated_3,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "It couldn't be parsed";
|
||||||
d->cell->payload_len = 7;
|
d->cell->payload_len = 7;
|
||||||
memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7);
|
memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7);
|
||||||
})
|
})
|
||||||
@ -370,30 +392,35 @@ CERTS_FAIL(truncated_3,
|
|||||||
|
|
||||||
CERTS_FAIL(not_x509,
|
CERTS_FAIL(not_x509,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "Received undecodable certificate";
|
||||||
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3);
|
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3);
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_len = 3;
|
certs_cell_get_certs(d->ccell, 0)->cert_len = 3;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
})
|
})
|
||||||
CERTS_FAIL(both_link,
|
CERTS_FAIL(both_link,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "Duplicate x509 certificate";
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 1;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 1;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
})
|
})
|
||||||
CERTS_FAIL(both_id_rsa,
|
CERTS_FAIL(both_id_rsa,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "Duplicate x509 certificate";
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 2;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 2;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
})
|
})
|
||||||
CERTS_FAIL(both_auth,
|
CERTS_FAIL(both_auth,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "Duplicate x509 certificate";
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 3;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 3;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
})
|
})
|
||||||
CERTS_FAIL(wrong_labels_1,
|
CERTS_FAIL(wrong_labels_1,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "The link certificate was not valid";
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
@ -404,6 +431,7 @@ CERTS_FAIL(wrong_labels_2,
|
|||||||
const tor_x509_cert_t *b;
|
const tor_x509_cert_t *b;
|
||||||
const uint8_t *enca;
|
const uint8_t *enca;
|
||||||
size_t lena;
|
size_t lena;
|
||||||
|
require_failure_message = "The link certificate was not valid";
|
||||||
tor_tls_get_my_certs(1, &a, &b);
|
tor_tls_get_my_certs(1, &a, &b);
|
||||||
tor_x509_cert_get_der(a, &enca, &lena);
|
tor_x509_cert_get_der(a, &enca, &lena);
|
||||||
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena);
|
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena);
|
||||||
@ -414,16 +442,20 @@ CERTS_FAIL(wrong_labels_2,
|
|||||||
})
|
})
|
||||||
CERTS_FAIL(wrong_labels_3,
|
CERTS_FAIL(wrong_labels_3,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "The certs we wanted were missing";
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||||
REENCODE();
|
REENCODE();
|
||||||
})
|
})
|
||||||
CERTS_FAIL(server_missing_certs,
|
CERTS_FAIL(server_missing_certs,
|
||||||
{
|
{
|
||||||
|
require_failure_message = "The certs we wanted were missing";
|
||||||
d->c->handshake_state->started_here = 0;
|
d->c->handshake_state->started_here = 0;
|
||||||
})
|
})
|
||||||
CERTS_FAIL(server_wrong_labels_1,
|
CERTS_FAIL(server_wrong_labels_1,
|
||||||
{
|
{
|
||||||
|
require_failure_message =
|
||||||
|
"The authentication certificate was not valid";
|
||||||
d->c->handshake_state->started_here = 0;
|
d->c->handshake_state->started_here = 0;
|
||||||
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
|
||||||
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
|
||||||
@ -582,13 +614,19 @@ test_link_handshake_recv_authchallenge_ok_unrecognized(void *arg)
|
|||||||
test_link_handshake_recv_authchallenge_ ## name(void *arg) \
|
test_link_handshake_recv_authchallenge_ ## name(void *arg) \
|
||||||
{ \
|
{ \
|
||||||
authchallenge_data_t *d = arg; \
|
authchallenge_data_t *d = arg; \
|
||||||
|
const char *require_failure_message = NULL; \
|
||||||
|
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||||
{ code ; } \
|
{ code ; } \
|
||||||
channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
|
channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
|
||||||
tt_int_op(1, ==, mock_close_called); \
|
tt_int_op(1, ==, mock_close_called); \
|
||||||
tt_int_op(0, ==, mock_send_authenticate_called); \
|
tt_int_op(0, ==, mock_send_authenticate_called); \
|
||||||
tt_int_op(0, ==, mock_send_netinfo_called); \
|
tt_int_op(0, ==, mock_send_netinfo_called); \
|
||||||
|
if (require_failure_message) { \
|
||||||
|
tt_assert(mock_saved_log_has_message_containing( \
|
||||||
|
require_failure_message)); \
|
||||||
|
} \
|
||||||
done: \
|
done: \
|
||||||
; \
|
teardown_capture_of_logs(prev_level); \
|
||||||
}
|
}
|
||||||
|
|
||||||
AUTHCHALLENGE_FAIL(badstate,
|
AUTHCHALLENGE_FAIL(badstate,
|
||||||
@ -805,13 +843,19 @@ test_link_handshake_auth_cell(void *arg)
|
|||||||
test_link_handshake_auth_ ## name(void *arg) \
|
test_link_handshake_auth_ ## name(void *arg) \
|
||||||
{ \
|
{ \
|
||||||
authenticate_data_t *d = arg; \
|
authenticate_data_t *d = arg; \
|
||||||
|
const char *require_failure_message = NULL; \
|
||||||
|
const int prev_level = setup_capture_of_logs(LOG_INFO); \
|
||||||
{ code ; } \
|
{ code ; } \
|
||||||
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
||||||
channel_tls_process_authenticate_cell(d->cell, d->chan2); \
|
channel_tls_process_authenticate_cell(d->cell, d->chan2); \
|
||||||
tt_int_op(mock_close_called, ==, 1); \
|
tt_int_op(mock_close_called, ==, 1); \
|
||||||
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
|
||||||
|
if (require_failure_message) { \
|
||||||
|
tt_assert(mock_saved_log_has_message_containing( \
|
||||||
|
require_failure_message)); \
|
||||||
|
} \
|
||||||
done: \
|
done: \
|
||||||
; \
|
teardown_capture_of_logs(prev_level); \
|
||||||
}
|
}
|
||||||
|
|
||||||
AUTHENTICATE_FAIL(badstate,
|
AUTHENTICATE_FAIL(badstate,
|
||||||
|
Loading…
Reference in New Issue
Block a user