Improvements to test_link_handshake: check specific error messages

Otherwise it's too easy to lose our test coverage.
This commit is contained in:
Nick Mathewson 2016-08-31 12:11:01 -04:00
parent 26a63a9303
commit 1f7dc823c5

View File

@ -15,6 +15,7 @@
#include "scheduler.h"
#include "test.h"
#include "log_test_helpers.h"
static var_cell_t *mock_got_var_cell = NULL;
@ -335,30 +336,51 @@ test_link_handshake_recv_certs_ok_server(void *arg)
test_link_handshake_recv_certs_ ## name(void *arg) \
{ \
certs_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \
channel_tls_process_certs_cell(d->cell, d->chan); \
tt_int_op(1, ==, mock_close_called); \
tt_int_op(0, ==, mock_send_authenticate_called); \
tt_int_op(0, ==, mock_send_netinfo_called); \
if (require_failure_message) { \
tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \
; \
teardown_capture_of_logs(prev_level); \
}
CERTS_FAIL(badstate, d->c->base_.state = OR_CONN_STATE_CONNECTING)
CERTS_FAIL(badproto, d->c->link_proto = 2)
CERTS_FAIL(duplicate, d->c->handshake_state->received_certs_cell = 1)
CERTS_FAIL(badstate,
require_failure_message = "We're not doing a v3 handshake!";
d->c->base_.state = OR_CONN_STATE_CONNECTING;)
CERTS_FAIL(badproto,
require_failure_message = "not using link protocol >= 3";
d->c->link_proto = 2)
CERTS_FAIL(duplicate,
require_failure_message = "We already got one";
d->c->handshake_state->received_certs_cell = 1)
CERTS_FAIL(already_authenticated,
require_failure_message = "We're already authenticated!";
d->c->handshake_state->authenticated = 1)
CERTS_FAIL(empty, d->cell->payload_len = 0)
CERTS_FAIL(bad_circid, d->cell->circ_id = 1)
CERTS_FAIL(truncated_1, d->cell->payload[0] = 5)
CERTS_FAIL(empty,
require_failure_message = "It had no body";
d->cell->payload_len = 0)
CERTS_FAIL(bad_circid,
require_failure_message = "It had a nonzero circuit ID";
d->cell->circ_id = 1)
CERTS_FAIL(truncated_1,
require_failure_message = "It couldn't be parsed";
d->cell->payload[0] = 5)
CERTS_FAIL(truncated_2,
{
require_failure_message = "It couldn't be parsed";
d->cell->payload_len = 4;
memcpy(d->cell->payload, "\x01\x01\x00\x05", 4);
})
CERTS_FAIL(truncated_3,
{
require_failure_message = "It couldn't be parsed";
d->cell->payload_len = 7;
memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7);
})
@ -370,30 +392,35 @@ CERTS_FAIL(truncated_3,
CERTS_FAIL(not_x509,
{
require_failure_message = "Received undecodable certificate";
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 0), 3);
certs_cell_get_certs(d->ccell, 0)->cert_len = 3;
REENCODE();
})
CERTS_FAIL(both_link,
{
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 1;
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
REENCODE();
})
CERTS_FAIL(both_id_rsa,
{
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 2;
REENCODE();
})
CERTS_FAIL(both_auth,
{
require_failure_message = "Duplicate x509 certificate";
certs_cell_get_certs(d->ccell, 0)->cert_type = 3;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
REENCODE();
})
CERTS_FAIL(wrong_labels_1,
{
require_failure_message = "The link certificate was not valid";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 1;
REENCODE();
@ -404,6 +431,7 @@ CERTS_FAIL(wrong_labels_2,
const tor_x509_cert_t *b;
const uint8_t *enca;
size_t lena;
require_failure_message = "The link certificate was not valid";
tor_tls_get_my_certs(1, &a, &b);
tor_x509_cert_get_der(a, &enca, &lena);
certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 1), lena);
@ -414,16 +442,20 @@ CERTS_FAIL(wrong_labels_2,
})
CERTS_FAIL(wrong_labels_3,
{
require_failure_message = "The certs we wanted were missing";
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
REENCODE();
})
CERTS_FAIL(server_missing_certs,
{
require_failure_message = "The certs we wanted were missing";
d->c->handshake_state->started_here = 0;
})
CERTS_FAIL(server_wrong_labels_1,
{
require_failure_message =
"The authentication certificate was not valid";
d->c->handshake_state->started_here = 0;
certs_cell_get_certs(d->ccell, 0)->cert_type = 2;
certs_cell_get_certs(d->ccell, 1)->cert_type = 3;
@ -582,13 +614,19 @@ test_link_handshake_recv_authchallenge_ok_unrecognized(void *arg)
test_link_handshake_recv_authchallenge_ ## name(void *arg) \
{ \
authchallenge_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \
channel_tls_process_auth_challenge_cell(d->cell, d->chan); \
tt_int_op(1, ==, mock_close_called); \
tt_int_op(0, ==, mock_send_authenticate_called); \
tt_int_op(0, ==, mock_send_netinfo_called); \
if (require_failure_message) { \
tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \
; \
teardown_capture_of_logs(prev_level); \
}
AUTHCHALLENGE_FAIL(badstate,
@ -805,13 +843,19 @@ test_link_handshake_auth_cell(void *arg)
test_link_handshake_auth_ ## name(void *arg) \
{ \
authenticate_data_t *d = arg; \
const char *require_failure_message = NULL; \
const int prev_level = setup_capture_of_logs(LOG_INFO); \
{ code ; } \
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
channel_tls_process_authenticate_cell(d->cell, d->chan2); \
tt_int_op(mock_close_called, ==, 1); \
tt_int_op(d->c2->handshake_state->authenticated, ==, 0); \
if (require_failure_message) { \
tt_assert(mock_saved_log_has_message_containing( \
require_failure_message)); \
} \
done: \
; \
teardown_capture_of_logs(prev_level); \
}
AUTHENTICATE_FAIL(badstate,