From 7a2c8dadedcb3b17195111fee7aa91695d6bf6bb Mon Sep 17 00:00:00 2001 From: teor Date: Mon, 18 Feb 2019 17:03:33 +1000 Subject: [PATCH] test_dir: Split test_dir_formats into separate rsa and rsa_ed25519 tests --- src/test/test_dir.c | 186 +++++++++++++++++++++++++++++--------------- 1 file changed, 123 insertions(+), 63 deletions(-) diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 57adee414c..785d114f77 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -196,9 +196,12 @@ mock_get_onion_key(void) return mocked_onionkey; } -/** Run unit tests for router descriptor generation logic. */ +/** Run unit tests for router descriptor generation logic for a RSA-only + * router. Tor versions without ed25519 (0.2.6 and earlier) are no longer + * officially supported, but the authorities still accept their descriptors. + */ static void -test_dir_formats(void *arg) +test_dir_formats_rsa(void *arg) { char *buf = NULL; char buf2[8192]; @@ -206,18 +209,14 @@ test_dir_formats(void *arg) char fingerprint[FINGERPRINT_LEN+1]; char *pk1_str = NULL, *pk2_str = NULL, *cp; size_t pk1_str_len, pk2_str_len; - routerinfo_t *r1=NULL, *r2=NULL; - extrainfo_t *e1 = NULL, *e2 = NULL; + routerinfo_t *r1 = NULL; + extrainfo_t *e1 = NULL; crypto_pk_t *pk1 = NULL, *pk2 = NULL; - routerinfo_t *r2_out = NULL; - routerinfo_t *rp1 = NULL, *rp2 = NULL; - extrainfo_t *ep1 = NULL, *ep2 = NULL; - addr_policy_t *ex1, *ex2; + routerinfo_t *rp1 = NULL; + extrainfo_t *ep1 = NULL; routerlist_t *dir1 = NULL, *dir2 = NULL; uint8_t *rsa_cc = NULL; or_options_t *options = get_options_mutable(); - const addr_policy_t *p; - time_t now = time(NULL); port_cfg_t orport, dirport; char cert_buf[256]; int rv = -1; @@ -256,57 +255,15 @@ test_dir_formats(void *arg) r1->nickname = tor_strdup("Magri"); r1->platform = tor_strdup(platform); - /* r2 is a RSA + ed25519 descriptor, with an exit policy */ - ex1 = tor_malloc_zero(sizeof(addr_policy_t)); - ex2 = tor_malloc_zero(sizeof(addr_policy_t)); - ex1->policy_type = ADDR_POLICY_ACCEPT; - tor_addr_from_ipv4h(&ex1->addr, 0); - ex1->maskbits = 0; - ex1->prt_min = ex1->prt_max = 80; - ex2->policy_type = ADDR_POLICY_REJECT; - tor_addr_from_ipv4h(&ex2->addr, 18<<24); - ex2->maskbits = 8; - ex2->prt_min = ex2->prt_max = 24; - r2 = tor_malloc_zero(sizeof(routerinfo_t)); - r2->addr = 0x0a030201u; /* 10.3.2.1 */ - ed25519_keypair_t kp1, kp2; - ed25519_secret_key_from_seed(&kp1.seckey, - (const uint8_t*)"YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"); - ed25519_public_key_generate(&kp1.pubkey, &kp1.seckey); - ed25519_secret_key_from_seed(&kp2.seckey, - (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); - ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); - r2->cache_info.signing_key_cert = tor_cert_create(&kp1, - CERT_TYPE_ID_SIGNING, - &kp2.pubkey, - now, 86400, - CERT_FLAG_INCLUDE_SIGNING_KEY); - r2->platform = tor_strdup(platform); - r2->cache_info.published_on = 5; - r2->or_port = 9005; - r2->dir_port = 0; - r2->supports_tunnelled_dir_requests = 1; - router_set_rsa_onion_pkey(pk2, &r2->onion_pkey, &r2->onion_pkey_len); - curve25519_keypair_t r2_onion_keypair; - curve25519_keypair_generate(&r2_onion_keypair, 0); - r2->onion_curve25519_pkey = tor_memdup(&r2_onion_keypair.pubkey, - sizeof(curve25519_public_key_t)); - r2->identity_pkey = crypto_pk_dup_key(pk1); - r2->bandwidthrate = r2->bandwidthburst = r2->bandwidthcapacity = 3000; - r2->exit_policy = smartlist_new(); - smartlist_add(r2->exit_policy, ex1); - smartlist_add(r2->exit_policy, ex2); - r2->nickname = tor_strdup("Fred"); - tt_assert(!crypto_pk_write_public_key_to_string(pk1, &pk1_str, - &pk1_str_len)); + &pk1_str_len)); tt_assert(!crypto_pk_write_public_key_to_string(pk2 , &pk2_str, - &pk2_str_len)); + &pk2_str_len)); /* XXXX+++ router_dump_to_string should really take this from ri.*/ options->ContactInfo = tor_strdup("Magri White " ""); - /* Skip reachability checks for DirPort and tunnelled-dir-server */ + /* Skip reachability checks for DirPort, ORPort, and tunnelled-dir-server */ options->AssumeReachable = 1; /* Fake just enough of an ORPort and DirPort to get by */ @@ -466,6 +423,108 @@ test_dir_formats(void *arg) extrainfo_free(ep1); + done: + dirserv_free_fingerprint_list(); + + routerinfo_free(r1); + routerinfo_free(rp1); + + extrainfo_free(e1); + extrainfo_free(ep1); + + tor_free(rsa_cc); + tor_free(buf); + tor_free(pk1_str); + tor_free(pk2_str); + crypto_pk_free(pk1); + crypto_pk_free(pk2); + tor_free(dir1); /* XXXX And more !*/ + tor_free(dir2); /* And more !*/ +} + +/** Run unit tests for router descriptor generation logic for a RSA + ed25519 + * router. + */ +static void +test_dir_formats_rsa_ed25519(void *arg) +{ + char *buf = NULL; + char buf2[8192]; + char platform[256]; + char fingerprint[FINGERPRINT_LEN+1]; + char *pk1_str = NULL, *pk2_str = NULL, *cp; + size_t pk1_str_len, pk2_str_len; + routerinfo_t *r2 = NULL; + extrainfo_t *e2 = NULL; + crypto_pk_t *pk1 = NULL, *pk2 = NULL; + routerinfo_t *r2_out = NULL; + routerinfo_t *rp2 = NULL; + extrainfo_t *ep2 = NULL; + addr_policy_t *ex1, *ex2; + routerlist_t *dir1 = NULL, *dir2 = NULL; + uint8_t *rsa_cc = NULL; + or_options_t *options = get_options_mutable(); + const addr_policy_t *p; + time_t now = time(NULL); + port_cfg_t orport; + char cert_buf[256]; + + (void)arg; + pk1 = pk_generate(0); + pk2 = pk_generate(1); + + tt_assert(pk1 && pk2); + + hibernate_set_state_for_testing_(HIBERNATE_STATE_LIVE); + + get_platform_str(platform, sizeof(platform)); + /* r2 is a RSA + ed25519 descriptor, with an exit policy */ + ex1 = tor_malloc_zero(sizeof(addr_policy_t)); + ex2 = tor_malloc_zero(sizeof(addr_policy_t)); + ex1->policy_type = ADDR_POLICY_ACCEPT; + tor_addr_from_ipv4h(&ex1->addr, 0); + ex1->maskbits = 0; + ex1->prt_min = ex1->prt_max = 80; + ex2->policy_type = ADDR_POLICY_REJECT; + tor_addr_from_ipv4h(&ex2->addr, 18<<24); + ex2->maskbits = 8; + ex2->prt_min = ex2->prt_max = 24; + r2 = tor_malloc_zero(sizeof(routerinfo_t)); + r2->addr = 0x0a030201u; /* 10.3.2.1 */ + ed25519_keypair_t kp1, kp2; + ed25519_secret_key_from_seed(&kp1.seckey, + (const uint8_t*)"YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"); + ed25519_public_key_generate(&kp1.pubkey, &kp1.seckey); + ed25519_secret_key_from_seed(&kp2.seckey, + (const uint8_t*)"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + ed25519_public_key_generate(&kp2.pubkey, &kp2.seckey); + r2->cache_info.signing_key_cert = tor_cert_create(&kp1, + CERT_TYPE_ID_SIGNING, + &kp2.pubkey, + now, 86400, + CERT_FLAG_INCLUDE_SIGNING_KEY); + r2->platform = tor_strdup(platform); + r2->cache_info.published_on = 5; + r2->or_port = 9005; + r2->dir_port = 0; + r2->supports_tunnelled_dir_requests = 1; + router_set_rsa_onion_pkey(pk2, &r2->onion_pkey, &r2->onion_pkey_len); + curve25519_keypair_t r2_onion_keypair; + curve25519_keypair_generate(&r2_onion_keypair, 0); + r2->onion_curve25519_pkey = tor_memdup(&r2_onion_keypair.pubkey, + sizeof(curve25519_public_key_t)); + r2->identity_pkey = crypto_pk_dup_key(pk1); + r2->bandwidthrate = r2->bandwidthburst = r2->bandwidthcapacity = 3000; + r2->exit_policy = smartlist_new(); + smartlist_add(r2->exit_policy, ex1); + smartlist_add(r2->exit_policy, ex2); + r2->nickname = tor_strdup("Fred"); + + tt_assert(!crypto_pk_write_public_key_to_string(pk1, &pk1_str, + &pk1_str_len)); + tt_assert(!crypto_pk_write_public_key_to_string(pk2 , &pk2_str, + &pk2_str_len)); + strlcpy(buf2, "router Fred 10.3.2.1 9005 0 0\n" "identity-ed25519\n" @@ -540,6 +599,9 @@ test_dir_formats(void *arg) strlcat(buf2, "tunnelled-dir-server\n", sizeof(buf2)); strlcat(buf2, "router-sig-ed25519 ", sizeof(buf2)); + /* Skip reachability checks for ORPort and tunnelled-dir-server */ + options->AssumeReachable = 1; + /* Fake just enough of an ORPort to get by */ MOCK(get_configured_ports, mock_get_configured_ports); mocked_configured_ports = smartlist_new(); @@ -577,8 +639,8 @@ test_dir_formats(void *arg) tt_mem_op(rp2->onion_curve25519_pkey->public_key,OP_EQ, r2->onion_curve25519_pkey->public_key, CURVE25519_PUBKEY_LEN); - onion_pkey = router_get_rsa_onion_pkey(rp2->onion_pkey, - rp2->onion_pkey_len); + crypto_pk_t *onion_pkey = router_get_rsa_onion_pkey(rp2->onion_pkey, + rp2->onion_pkey_len); tt_int_op(crypto_pk_cmp_keys(onion_pkey, pk2), OP_EQ, 0); crypto_pk_free(onion_pkey); tt_int_op(crypto_pk_cmp_keys(rp2->identity_pkey, pk1), OP_EQ, 0); @@ -611,18 +673,15 @@ test_dir_formats(void *arg) } #endif /* 0 */ - dirserv_free_fingerprint_list(); done: - routerinfo_free(r1); + dirserv_free_fingerprint_list(); + routerinfo_free(r2); routerinfo_free(r2_out); - routerinfo_free(rp1); routerinfo_free(rp2); - extrainfo_free(e1); extrainfo_free(e2); - extrainfo_free(ep1); extrainfo_free(ep2); tor_free(rsa_cc); @@ -6601,7 +6660,8 @@ test_dir_format_versions_list(void *arg) struct testcase_t dir_tests[] = { DIR_LEGACY(nicknames), - DIR_LEGACY(formats), + DIR_LEGACY(formats_rsa), + DIR_LEGACY(formats_rsa_ed25519), DIR(routerinfo_parsing, 0), DIR(extrainfo_parsing, 0), DIR(parse_router_list, TT_FORK),