Improvements to test_link_handshake: check specific error messages

Otherwise it's too easy to lose our test coverage.
This commit is contained in:
Nick Mathewson 2016-08-31 12:11:01 -04:00
parent 26a63a9303
commit 1f7dc823c5

View File

@ -15,6 +15,7 @@
#include "scheduler.h" #include "scheduler.h"
#include "test.h" #include "test.h"
#include "log_test_helpers.h"
static var_cell_t *mock_got_var_cell = NULL; static var_cell_t *mock_got_var_cell = NULL;
@ -335,30 +336,51 @@ test_link_handshake_recv_certs_ok_server(void *arg)
test_link_handshake_recv_certs_ ## name(void *arg) \ test_link_handshake_recv_certs_ ## name(void *arg) \
{ \ { \
certs_data_t *d = arg; \ certs_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \ { code ; } \
channel_tls_process_certs_cell(d->cell, d->chan); \ channel_tls_process_certs_cell(d->cell, d->chan); \
tt_int_op(1, ==, mock_close_called); \ tt_int_op(1, ==, mock_close_called); \
tt_int_op(0, ==, mock_send_authenticate_called); \ tt_int_op(0, ==, mock_send_authenticate_called); \
tt_int_op(0, ==, mock_send_netinfo_called); \ tt_int_op(0, ==, mock_send_netinfo_called); \
if (require_failure_message) { \
tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \ done: \
; \ teardown_capture_of_logs(prev_level); \
} }
CERTS_FAIL(badstate, d->c->base_.state = OR_CONN_STATE_CONNECTING) CERTS_FAIL(badstate,
CERTS_FAIL(badproto, d->c->link_proto = 2) require_failure_message = "We're not doing a v3 handshake!";
CERTS_FAIL(duplicate, d->c->handshake_state->received_certs_cell = 1) d->c->base_.state = OR_CONN_STATE_CONNECTING;)
CERTS_FAIL(badproto,
require_failure_message = "not using link protocol >= 3";
d->c->link_proto = 2)
CERTS_FAIL(duplicate,
require_failure_message = "We already got one";
d->c->handshake_state->received_certs_cell = 1)
CERTS_FAIL(already_authenticated, CERTS_FAIL(already_authenticated,
require_failure_message = "We're already authenticated!";
d->c->handshake_state->authenticated = 1) d->c->handshake_state->authenticated = 1)
CERTS_FAIL(empty, d->cell->payload_len = 0) CERTS_FAIL(empty,
CERTS_FAIL(bad_circid, d->cell->circ_id = 1) require_failure_message = "It had no body";
CERTS_FAIL(truncated_1, d->cell->payload[0] = 5) d->cell->payload_len = 0)
CERTS_FAIL(bad_circid,
require_failure_message = "It had a nonzero circuit ID";
d->cell->circ_id = 1)
CERTS_FAIL(truncated_1,
require_failure_message = "It couldn't be parsed";
d->cell->payload[0] = 5)
CERTS_FAIL(truncated_2, CERTS_FAIL(truncated_2,
{ {
require_failure_message = "It couldn't be parsed";
d->cell->payload_len = 4; d->cell->payload_len = 4;
memcpy(d->cell->payload, "\x01\x01\x00\x05", 4); memcpy(d->cell->payload, "\x01\x01\x00\x05", 4);
}) })
CERTS_FAIL(truncated_3, CERTS_FAIL(truncated_3,
{ {
require_failure_message = "It couldn't be parsed";
d->cell->payload_len = 7; d->cell->payload_len = 7;
memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7); memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7);
}) })
@ -370,30 +392,35 @@ CERTS_FAIL(truncated_3,
CERTS_FAIL(not_x509, CERTS_FAIL(not_x509,
{ {
require_failure_message = "Received undecodable certificate";
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3); certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3);
certs_cell_get_certs(d->ccell, 0)->cert_len = 3; certs_cell_get_certs(d->ccell, 0)->cert_len = 3;
REENCODE(); REENCODE();
}) })
CERTS_FAIL(both_link, CERTS_FAIL(both_link,
{ {
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 1; certs_cell_get_certs(d->ccell, 0)->cert_type = 1;
certs_cell_get_certs(d->ccell, 1)->cert_type = 1; certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
REENCODE(); REENCODE();
}) })
CERTS_FAIL(both_id_rsa, CERTS_FAIL(both_id_rsa,
{ {
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 2; certs_cell_get_certs(d->ccell, 1)->cert_type = 2;
REENCODE(); REENCODE();
}) })
CERTS_FAIL(both_auth, CERTS_FAIL(both_auth,
{ {
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 3; certs_cell_get_certs(d->ccell, 0)->cert_type = 3;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3; certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
REENCODE(); REENCODE();
}) })
CERTS_FAIL(wrong_labels_1, CERTS_FAIL(wrong_labels_1,
{ {
require_failure_message = "The link certificate was not valid";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 1; certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
REENCODE(); REENCODE();
@ -404,6 +431,7 @@ CERTS_FAIL(wrong_labels_2,
const tor_x509_cert_t *b; const tor_x509_cert_t *b;
const uint8_t *enca; const uint8_t *enca;
size_t lena; size_t lena;
require_failure_message = "The link certificate was not valid";
tor_tls_get_my_certs(1, &a, &b); tor_tls_get_my_certs(1, &a, &b);
tor_x509_cert_get_der(a, &enca, &lena); tor_x509_cert_get_der(a, &enca, &lena);
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena); certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena);
@ -414,16 +442,20 @@ CERTS_FAIL(wrong_labels_2,
}) })
CERTS_FAIL(wrong_labels_3, CERTS_FAIL(wrong_labels_3,
{ {
require_failure_message = "The certs we wanted were missing";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3; certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
REENCODE(); REENCODE();
}) })
CERTS_FAIL(server_missing_certs, CERTS_FAIL(server_missing_certs,
{ {
require_failure_message = "The certs we wanted were missing";
d->c->handshake_state->started_here = 0; d->c->handshake_state->started_here = 0;
}) })
CERTS_FAIL(server_wrong_labels_1, CERTS_FAIL(server_wrong_labels_1,
{ {
require_failure_message =
"The authentication certificate was not valid";
d->c->handshake_state->started_here = 0; d->c->handshake_state->started_here = 0;
certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3; certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
@ -582,13 +614,19 @@ test_link_handshake_recv_authchallenge_ok_unrecognized(void *arg)
test_link_handshake_recv_authchallenge_ ## name(void *arg) \ test_link_handshake_recv_authchallenge_ ## name(void *arg) \
{ \ { \
authchallenge_data_t *d = arg; \ authchallenge_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \ { code ; } \
channel_tls_process_auth_challenge_cell(d->cell, d->chan); \ channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
tt_int_op(1, ==, mock_close_called); \ tt_int_op(1, ==, mock_close_called); \
tt_int_op(0, ==, mock_send_authenticate_called); \ tt_int_op(0, ==, mock_send_authenticate_called); \
tt_int_op(0, ==, mock_send_netinfo_called); \ tt_int_op(0, ==, mock_send_netinfo_called); \
if (require_failure_message) { \
tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \ done: \
; \ teardown_capture_of_logs(prev_level); \
} }
AUTHCHALLENGE_FAIL(badstate, AUTHCHALLENGE_FAIL(badstate,
@ -805,13 +843,19 @@ test_link_handshake_auth_cell(void *arg)
test_link_handshake_auth_ ## name(void *arg) \ test_link_handshake_auth_ ## name(void *arg) \
{ \ { \
authenticate_data_t *d = arg; \ authenticate_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \ { code ; } \
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \ tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
channel_tls_process_authenticate_cell(d->cell, d->chan2); \ channel_tls_process_authenticate_cell(d->cell, d->chan2); \
tt_int_op(mock_close_called, ==, 1); \ tt_int_op(mock_close_called, ==, 1); \
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \ tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
done: \ if (require_failure_message) { \
; \ tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \
teardown_capture_of_logs(prev_level); \
} }
AUTHENTICATE_FAIL(badstate, AUTHENTICATE_FAIL(badstate,