Regenerate complete failing_routerdescs.inc and adjust tests accordingly.

This commit is contained in:
Nick Mathewson 2020-10-16 12:37:16 -04:00
parent 0031d2b0ad
commit 5032b8f178
4 changed files with 1729 additions and 1011 deletions

View File

@ -70,6 +70,26 @@ i2d_RSAPublicKey.argtypes = [
i2d_RSAPublicKey.restype = ctypes.c_int i2d_RSAPublicKey.restype = ctypes.c_int
HEADER = """\
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
"""
FOOTER="""
"""
def rsa_sign(msg, rsa): def rsa_sign(msg, rsa):
buf = ctypes.create_string_buffer(2048) buf = ctypes.create_string_buffer(2048)
n = RSA_private_encrypt(len(msg), msg, buf, rsa, 1) n = RSA_private_encrypt(len(msg), msg, buf, rsa, 1)
@ -354,7 +374,7 @@ def analyze(s):
body = s[:idx].rstrip() body = s[:idx].rstrip()
s = s[idx:] s = s[idx:]
else: else:
body = s body = s.rstrip()
s = "" s = ""
yield (fields, body) yield (fields, body)
@ -374,6 +394,11 @@ def emit_entry(fields, s):
raise ValueError("unrecognized type") raise ValueError("unrecognized type")
def process_file(s): def process_file(s):
print("""\
/* These entries are automatically generated by makedesc.py to make sure
* that their keys and signatures are right except when otherwise
* specified. */
""")
for (fields, s) in analyze(s): for (fields, s) in analyze(s):
emit_entry(fields, s) emit_entry(fields, s)

File diff suppressed because it is too large Load Diff

View File

@ -66,8 +66,10 @@ router-sig-ed25519 {d.ED_SIGNATURE}
router-signature router-signature
{d.RSA_SIGNATURE} {d.RSA_SIGNATURE}
:::comment=this file is to be used with the makedescs.py utility
:::name=MINIMAL
:::comment=this one has somebody else's signature.
:::name=BAD_SIG1
:::type=ri :::type=ri
router fred 127.0.0.1 9001 0 9002 router fred 127.0.0.1 9001 0 9002
identity-ed25519 identity-ed25519
@ -88,4 +90,723 @@ proto Link=5
reject *:* reject *:*
router-sig-ed25519 {d.ED_SIGNATURE} router-sig-ed25519 {d.ED_SIGNATURE}
router-signature router-signature
-----BEGIN SIGNATURE-----
aV5gqy5fTtsrdntTPRPGdeN376lXK+blHJuqbAL0WQ7XaMB4r+F8/whFu0cObOqD
AqAhxkcMu721iYCkUNQvhc3FDou2i1mBJFDrhZEtux/2aXODIMG+OPdDUCyBqeQR
oYLLfLR4ZZic1tlBFRRNdtXGF2SHeIM052F7PbeJz2A=
-----END SIGNATURE-----
:::name=bad_tokens
:::type=ri
router bob
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_published
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 99:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_bandwidth
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth why hello there
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_onionkey
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
-----BEGIN RSA PUBLIC KEY-----
MIGHAoGBANBKlyoqApWzG7UzmXcxhXM4T370FbN1edPbw4WAczBDXJslXCU9Xk1r
fKfoi/+WiTGvH7RcZWPm7wnThq2u2EAO/IPPcLE9cshLBkK28EvDg5K/WsYedbY9
1Gou+7ZSwMEPv2b13c7eWnSW1YvFa64pVDKu2sKnIjX6Bm0HZGbXAgED=
-----END RSA PUBLIC KEY-----
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_ports
:::type=ri
router fred 127.0.0.1 900001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=neg_bandwidth
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 -1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_ip
:::type=ri
router fred 100.127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_dirport
:::type=ri
router fred 127.0.0.1 9001 0 bob
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_name2
:::type=ri
router verylongnamethatnevereverendsandgoesontoolong 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_bandwidth2
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 hello 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_uptime
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
uptime forever-and-a-day
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_bandwidth3
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 -1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_ntor_key
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key x{d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_fingerprint
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
fingerprint 5555
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=mismatched_fingerprint
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
fingerprint CC43 DC8E 8C9E 3E6D 59CD 0399 2491 0C8C E1E4 50D2
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_has_accept6
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
accept6 *:80
reject6 *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_no_exit_policy
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_ipv6_exit_policy
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
ipv6-policy kfdslfdfj sdjfk sdfjsdf
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=bad_family
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
family aaaa,bbbb
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=zero_orport
:::type=ri
router fred 127.0.0.1 0 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_missing_crosscert
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_missing_crosscert2
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_missing_crosscert_sign
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_bad_sig1
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 4DSdPePrToNx3WQ+4GfFelB8IyHu5Z9vTbbLZ02vfYEsCF9QeaeHbYagY/yjdt+9e71jmfM+W5MfRQd8FJ1+Dg
router-signature
{d.RSA_SIGNATURE}
:::name=ed_bad_sig2
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 X{d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_bad_sig3
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 lemondcustard
router-signature
{d.RSA_SIGNATURE}
:::name=ed_bad_crosscert1
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert 1
-----BEGIN ED25519 CERT-----
AQoABf55AXL4pAregsMa2ovmTBGaMCyWz/4LpICgAAuWXtTvA1IfAKo6ANUq+hi+
xb3J4aYafnszlj87oi/DR+SDf29wzwNw8gmaqGzJ5GbfISfABuTUCzlilZyVnLxi
BHcCH6PWiAQ=
-----END ED25519 CERT-----
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_misplaced1
:::type=ri
router fred 127.0.0.1 9001 0 9002
signing-key
{d.RSA_IDENTITY}
identity-ed25519
{d.ED_CERT}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE}
:::name=ed_misplaced2
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
{d.ED_CERT}
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
router-sig-ed25519 {d.ED_SIGNATURE}
proto Link=5
reject *:*
router-signature
{d.RSA_SIGNATURE}
:::name=ed_bad_cert1
:::type=ri
router fred 127.0.0.1 9001 0 9002
identity-ed25519
-----BEGIN ED25519 CERT-----
AQoABf55AYf+rX8a5rzdTBGPvLdQIP8XcElDDQnJIruGqfDTj+tjAP+3XOL2UTmn
Hu39PbLZV+m9DIj/DvG38M0hP4MmHUjP/iZG5PaCX6/aMe+nQSNuTl0IDGpIo1l8
dZToQTFSzAQ=
-----END ED25519 CERT-----
signing-key
{d.RSA_IDENTITY}
master-key-ed25519 {d.ED_IDENTITY}
onion-key
{d.RSA_ONION_KEY}
ntor-onion-key {d.NTOR_ONION_KEY}
ntor-onion-key-crosscert {d.NTOR_CROSSCERT_SIGN}
{d.NTOR_CROSSCERT}
onion-key-crosscert
{d.RSA_CROSSCERT_ED}
published 2014-10-05 12:00:00
bandwidth 1000 1000 1000
proto Link=5
reject *:*
router-sig-ed25519 {d.ED_SIGNATURE}
router-signature
{d.RSA_SIGNATURE} {d.RSA_SIGNATURE}

View File

@ -1017,8 +1017,6 @@ test_dir_routerinfo_parsing(void *arg)
CHECK_OK(EX_RI_MINIMAL); CHECK_OK(EX_RI_MINIMAL);
CHECK_OK(EX_RI_MAXIMAL); CHECK_OK(EX_RI_MAXIMAL);
CHECK_OK(EX_RI_MINIMAL_ED);
/* good annotations prepended */ /* good annotations prepended */
routerinfo_free(ri); routerinfo_free(ri);
ri = router_parse_entry_from_string(EX_RI_MINIMAL, NULL, 0, 0, ri = router_parse_entry_from_string(EX_RI_MINIMAL, NULL, 0, 0,
@ -1053,14 +1051,13 @@ test_dir_routerinfo_parsing(void *arg)
tt_ptr_op(ri, OP_EQ, NULL); tt_ptr_op(ri, OP_EQ, NULL);
CHECK_FAIL(EX_RI_BAD_SIG1, 1); CHECK_FAIL(EX_RI_BAD_SIG1, 1);
CHECK_FAIL(EX_RI_BAD_SIG2, 1);
CHECK_FAIL(EX_RI_BAD_TOKENS, 0); CHECK_FAIL(EX_RI_BAD_TOKENS, 0);
CHECK_FAIL(EX_RI_BAD_PUBLISHED, 0); CHECK_FAIL(EX_RI_BAD_PUBLISHED, 0);
CHECK_FAIL(EX_RI_NEG_BANDWIDTH, 0); CHECK_FAIL(EX_RI_NEG_BANDWIDTH, 0);
CHECK_FAIL(EX_RI_BAD_BANDWIDTH, 0); CHECK_FAIL(EX_RI_BAD_BANDWIDTH, 0);
CHECK_FAIL(EX_RI_BAD_BANDWIDTH2, 0); CHECK_FAIL(EX_RI_BAD_BANDWIDTH2, 0);
CHECK_FAIL(EX_RI_BAD_ONIONKEY1, 0); CHECK_FAIL(EX_RI_BAD_BANDWIDTH3, 0);
CHECK_FAIL(EX_RI_BAD_ONIONKEY2, 0); CHECK_FAIL(EX_RI_BAD_ONIONKEY, 0);
CHECK_FAIL(EX_RI_BAD_PORTS, 0); CHECK_FAIL(EX_RI_BAD_PORTS, 0);
CHECK_FAIL(EX_RI_BAD_IP, 0); CHECK_FAIL(EX_RI_BAD_IP, 0);
CHECK_FAIL(EX_RI_BAD_DIRPORT, 0); CHECK_FAIL(EX_RI_BAD_DIRPORT, 0);
@ -1083,22 +1080,10 @@ test_dir_routerinfo_parsing(void *arg)
CHECK_FAIL(EX_RI_ED_BAD_SIG1, 0); CHECK_FAIL(EX_RI_ED_BAD_SIG1, 0);
CHECK_FAIL(EX_RI_ED_BAD_SIG2, 0); CHECK_FAIL(EX_RI_ED_BAD_SIG2, 0);
CHECK_FAIL(EX_RI_ED_BAD_SIG3, 0); CHECK_FAIL(EX_RI_ED_BAD_SIG3, 0);
CHECK_FAIL(EX_RI_ED_BAD_SIG4, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT1, 0); CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT1, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT3, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT4, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT5, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT6, 0);
CHECK_FAIL(EX_RI_ED_BAD_CROSSCERT7, 0);
CHECK_FAIL(EX_RI_ED_MISPLACED1, 0); CHECK_FAIL(EX_RI_ED_MISPLACED1, 0);
CHECK_FAIL(EX_RI_ED_MISPLACED2, 0); CHECK_FAIL(EX_RI_ED_MISPLACED2, 0);
CHECK_FAIL(EX_RI_ED_BAD_CERT1, 0); CHECK_FAIL(EX_RI_ED_BAD_CERT1, 0);
CHECK_FAIL(EX_RI_ED_BAD_CERT2, 0);
CHECK_FAIL(EX_RI_ED_BAD_CERT3, 0);
/* This is allowed; we just ignore it. */
CHECK_OK(EX_RI_BAD_EI_DIGEST);
CHECK_OK(EX_RI_BAD_EI_DIGEST2);
#undef CHECK_FAIL #undef CHECK_FAIL
#undef CHECK_OK #undef CHECK_OK
@ -1256,9 +1241,9 @@ test_dir_parse_router_list(void *arg)
tt_int_op(2, OP_EQ, smartlist_len(invalid)); tt_int_op(2, OP_EQ, smartlist_len(invalid));
test_memeq_hex(smartlist_get(invalid, 0), test_memeq_hex(smartlist_get(invalid, 0),
"ab9eeaa95e7d45740185b4e519c76ead756277a9"); "10F951AF93AED0D3BC7FA5FFA232EB8C17747ACE");
test_memeq_hex(smartlist_get(invalid, 1), test_memeq_hex(smartlist_get(invalid, 1),
"9a651ee03b64325959e8f1b46f2b689b30750b4c"); "41D8723CDD4B1AADCCE538C28CDE7F69828C73D0");
/* Now tidy up */ /* Now tidy up */
SMARTLIST_FOREACH(dest, routerinfo_t *, rinfo, routerinfo_free(rinfo)); SMARTLIST_FOREACH(dest, routerinfo_t *, rinfo, routerinfo_free(rinfo));
@ -1316,10 +1301,33 @@ test_dir_parse_router_list(void *arg)
static download_status_t dls_minimal; static download_status_t dls_minimal;
static download_status_t dls_maximal; static download_status_t dls_maximal;
static download_status_t dls_bad_fingerprint; static download_status_t dls_bad_fingerprint;
static download_status_t dls_bad_sig2; static download_status_t dls_bad_sig1;
static download_status_t dls_bad_ports; static download_status_t dls_bad_ports;
static download_status_t dls_bad_tokens; static download_status_t dls_bad_tokens;
static uint8_t digest_minimal[20];
static uint8_t digest_maximal[20];
static uint8_t digest_bad_fingerprint[20];
static uint8_t digest_bad_sig1[20];
static uint8_t digest_bad_ports[20];
static uint8_t digest_bad_tokens[20];
static void
setup_dls_digests(void)
{
#define SETUP(string, name) \
do { \
router_get_router_hash(string, strlen(string), (char*)digest_##name); \
} while (0)
SETUP(EX_RI_MINIMAL, minimal);
SETUP(EX_RI_MAXIMAL, maximal);
SETUP(EX_RI_BAD_FINGERPRINT, bad_fingerprint);
SETUP(EX_RI_BAD_SIG1, bad_sig1);
SETUP(EX_RI_BAD_PORTS, bad_ports);
SETUP(EX_RI_BAD_TOKENS, bad_tokens);
}
static int mock_router_get_dl_status_unrecognized = 0; static int mock_router_get_dl_status_unrecognized = 0;
static int mock_router_get_dl_status_calls = 0; static int mock_router_get_dl_status_calls = 0;
@ -1327,24 +1335,21 @@ static download_status_t *
mock_router_get_dl_status(const char *d) mock_router_get_dl_status(const char *d)
{ {
++mock_router_get_dl_status_calls; ++mock_router_get_dl_status_calls;
char hex[HEX_DIGEST_LEN+1]; #define CHECK(name) \
base16_encode(hex, sizeof(hex), d, DIGEST_LEN); do { \
if (!strcmp(hex, "3E31D19A69EB719C00B02EC60D13356E3F7A3452")) { if (fast_memeq(d, digest_##name, DIGEST_LEN)) \
return &dls_minimal; return &dls_##name; \
} else if (!strcmp(hex, "581D8A368A0FA854ECDBFAB841D88B3F1B004038")) { } while (0)
return &dls_maximal;
} else if (!strcmp(hex, "2578AE227C6116CDE29B3F0E95709B9872DEE5F1")) { CHECK(minimal);
return &dls_bad_fingerprint; CHECK(maximal);
} else if (!strcmp(hex, "16D387D3A58F7DB3CF46638F8D0B90C45C7D769C")) { CHECK(bad_fingerprint);
return &dls_bad_sig2; CHECK(bad_sig1);
} else if (!strcmp(hex, "AB9EEAA95E7D45740185B4E519C76EAD756277A9")) { CHECK(bad_ports);
return &dls_bad_ports; CHECK(bad_tokens);
} else if (!strcmp(hex, "A0CC2CEFAD59DBF19F468BFEE60E0868C804B422")) {
return &dls_bad_tokens;
} else {
++mock_router_get_dl_status_unrecognized; ++mock_router_get_dl_status_unrecognized;
return NULL; return NULL;
}
} }
static void static void
@ -1363,13 +1368,15 @@ test_dir_load_routers(void *arg)
smartlist_add_strdup(wanted, hex_str(buf, DIGEST_LEN)); \ smartlist_add_strdup(wanted, hex_str(buf, DIGEST_LEN)); \
} while (0) } while (0)
setup_dls_digests();
MOCK(router_get_dl_status_by_descriptor_digest, mock_router_get_dl_status); MOCK(router_get_dl_status_by_descriptor_digest, mock_router_get_dl_status);
update_approx_time(1412510400); update_approx_time(1412510400);
smartlist_add_strdup(chunks, EX_RI_MINIMAL); smartlist_add_strdup(chunks, EX_RI_MINIMAL);
smartlist_add_strdup(chunks, EX_RI_BAD_FINGERPRINT); smartlist_add_strdup(chunks, EX_RI_BAD_FINGERPRINT);
smartlist_add_strdup(chunks, EX_RI_BAD_SIG2); smartlist_add_strdup(chunks, EX_RI_BAD_SIG1);
smartlist_add_strdup(chunks, EX_RI_MAXIMAL); smartlist_add_strdup(chunks, EX_RI_MAXIMAL);
smartlist_add_strdup(chunks, EX_RI_BAD_PORTS); smartlist_add_strdup(chunks, EX_RI_BAD_PORTS);
smartlist_add_strdup(chunks, EX_RI_BAD_TOKENS); smartlist_add_strdup(chunks, EX_RI_BAD_TOKENS);
@ -1377,7 +1384,7 @@ test_dir_load_routers(void *arg)
/* not ADDing MINIMIAL */ /* not ADDing MINIMIAL */
ADD(EX_RI_MAXIMAL); ADD(EX_RI_MAXIMAL);
ADD(EX_RI_BAD_FINGERPRINT); ADD(EX_RI_BAD_FINGERPRINT);
ADD(EX_RI_BAD_SIG2); ADD(EX_RI_BAD_SIG1);
/* Not ADDing BAD_PORTS */ /* Not ADDing BAD_PORTS */
ADD(EX_RI_BAD_TOKENS); ADD(EX_RI_BAD_TOKENS);
@ -1391,7 +1398,7 @@ test_dir_load_routers(void *arg)
tt_int_op(smartlist_len(router_get_routerlist()->routers),OP_EQ,1); tt_int_op(smartlist_len(router_get_routerlist()->routers),OP_EQ,1);
routerinfo_t *r = smartlist_get(router_get_routerlist()->routers, 0); routerinfo_t *r = smartlist_get(router_get_routerlist()->routers, 0);
test_memeq_hex(r->cache_info.signed_descriptor_digest, test_memeq_hex(r->cache_info.signed_descriptor_digest,
"581D8A368A0FA854ECDBFAB841D88B3F1B004038"); "1F437798ACD1FC9CBD1C3C04DBF80F7E9F819C3F");
tt_int_op(dls_minimal.n_download_failures, OP_EQ, 0); tt_int_op(dls_minimal.n_download_failures, OP_EQ, 0);
tt_int_op(dls_maximal.n_download_failures, OP_EQ, 0); tt_int_op(dls_maximal.n_download_failures, OP_EQ, 0);
@ -1404,13 +1411,12 @@ test_dir_load_routers(void *arg)
/* bad_sig2 and bad ports" are retriable -- one since only the signature /* bad_sig2 and bad ports" are retriable -- one since only the signature
* was bad, and one because we didn't ask for it. */ * was bad, and one because we didn't ask for it. */
tt_int_op(dls_bad_sig2.n_download_failures, OP_EQ, 0); tt_int_op(dls_bad_sig1.n_download_failures, OP_EQ, 0);
tt_int_op(dls_bad_ports.n_download_failures, OP_EQ, 0); tt_int_op(dls_bad_ports.n_download_failures, OP_EQ, 0);
/* Wanted still contains "BAD_SIG2" */
tt_int_op(smartlist_len(wanted), OP_EQ, 1); tt_int_op(smartlist_len(wanted), OP_EQ, 1);
tt_str_op(smartlist_get(wanted, 0), OP_EQ, tt_str_op(smartlist_get(wanted, 0), OP_EQ,
"E0A3753CEFD54128EAB239F294954121DB23D2EF"); "3BB7D03C1C4DBC1DDE840096FF3C330914757B77");
#undef ADD #undef ADD