nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 21:44:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

dirauth: Refactor some code and tests

Browse Source 
Minor simplification and refactoring.

Make the dirauth tests focus on testing the intention of the code,
rather than option processing order.

Part of 32213.
This commit is contained in:
teor 2019-10-30 22:32:24 +10:00
parent d665458085
commit fd18d51270
3 changed files with 411 additions and 249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
src/feature/dirauth/dirauth_config.c
View File

@ -61,70 +61,69 @@ options_validate_dirauth_mode(const or_options_t *old_options,
if (BUG(!msg))
return -1;
if (options->AuthoritativeDir) {
/* confirm that our address isn't broken, so we can complain now */
uint32_t tmp;
if (resolve_my_address(LOG_WARN, options, &tmp, NULL, NULL) < 0)
REJECT("Failed to resolve/guess local address. See logs for details.");
if (!authdir_mode(options))
return 0;
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
if (options->VersioningAuthoritativeDir &&
(!options->RecommendedClientVersions ||
!options->RecommendedServerVersions))
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
/* confirm that our address isn't broken, so we can complain now */
uint32_t tmp;
if (resolve_my_address(LOG_WARN, options, &tmp, NULL, NULL) < 0)
REJECT("Failed to resolve/guess local address. See logs for details.");
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
if (options->VersioningAuthoritativeDir &&
(!options->RecommendedClientVersions ||
!options->RecommendedServerVersions))
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
"UseEntryGuards. Disabling.");
options->UseEntryGuards = 0;
}
if (!options->DownloadExtraInfo && authdir_mode_v3(options)) {
log_info(LD_CONFIG, "Authoritative directories always try to download "
"extra-info documents. Setting DownloadExtraInfo.");
options->DownloadExtraInfo = 1;
}
if (!(options->BridgeAuthoritativeDir ||
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/V3)AuthoritativeDir is set.");
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
/* If we have a v3bandwidthsfile and it's broken, complain on startup */
if (options->V3BandwidthsFile && !old_options) {
dirserv_read_measured_bandwidths(options->V3BandwidthsFile, NULL, NULL,
NULL);
}
/* same for guardfraction file */
if (options->GuardfractionFile && !old_options) {
dirserv_read_guardfraction_file(options->GuardfractionFile, NULL);
}
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
"UseEntryGuards. Disabling.");
options->UseEntryGuards = 0;
}
if (!options->DownloadExtraInfo && authdir_mode_v3(options)) {
log_info(LD_CONFIG, "Authoritative directories always try to download "
"extra-info documents. Setting DownloadExtraInfo.");
options->DownloadExtraInfo = 1;
}
if (!(options->BridgeAuthoritativeDir ||
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/V3)AuthoritativeDir is set.");
if (!options->DirPort_set)
REJECT("Running as authoritative directory, but no DirPort set.");
if (!options->ORPort_set)
REJECT("Running as authoritative directory, but no ORPort set.");
if (options->ClientOnly)
REJECT("Running as authoritative directory, but ClientOnly also set.");
/* If we have a v3bandwidthsfile and it's broken, complain on startup */
if (options->V3BandwidthsFile && !old_options) {
dirserv_read_measured_bandwidths(options->V3BandwidthsFile, NULL, NULL,
NULL);
}
/* same for guardfraction file */
if (options->GuardfractionFile && !old_options) {
dirserv_read_guardfraction_file(options->GuardfractionFile, NULL);
}
/* 31851: the tests expect us to validate these options, even when we are
* not in authority mode. */
if (!options->DirPort_set)
REJECT("Running as authoritative directory, but no DirPort set.");
if (!options->ORPort_set)
REJECT("Running as authoritative directory, but no ORPort set.");
if (options->ClientOnly)
REJECT("Running as authoritative directory, but ClientOnly also set.");
if (options->MinUptimeHidServDirectoryV2 < 0) {
log_warn(LD_CONFIG, "MinUptimeHidServDirectoryV2 option must be at "
"least 0 seconds. Changing to 0.");
@ -154,8 +153,9 @@ options_validate_dirauth_bandwidth(const or_options_t *old_options,
if (BUG(!msg))
return -1;
/* 31851: the tests expect us to validate these options, even when we are
* not in authority mode. */
if (!authdir_mode(options))
return 0;
if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
"AuthDirFastGuarantee", msg) < 0)
return -1;
@ -186,6 +186,9 @@ options_validate_dirauth_schedule(const or_options_t *old_options,
if (BUG(!msg))
return -1;
if (!authdir_mode_v3(options))
return 0;
if (options->V3AuthVoteDelay + options->V3AuthDistDelay >=
options->V3AuthVotingInterval/2) {
REJECT("V3AuthVoteDelay plus V3AuthDistDelay must be less than half "
@ -224,7 +227,8 @@ options_validate_dirauth_schedule(const or_options_t *old_options,
if (options->V3AuthVotingInterval < MIN_VOTE_INTERVAL) {
if (options->TestingTorNetwork) {
if (options->V3AuthVotingInterval < MIN_VOTE_INTERVAL_TESTING) {
REJECT("V3AuthVotingInterval is insanely low.");
/* Unreachable, covered by earlier checks */
REJECT("V3AuthVotingInterval is insanely low."); /* LCOV_EXCL_LINE */
} else {
COMPLAIN("V3AuthVotingInterval is very low. "
"This may lead to failure to synchronise for a consensus.");
@ -261,6 +265,18 @@ options_validate_dirauth_testing(const or_options_t *old_options,
if (BUG(!msg))
return -1;
if (!authdir_mode(options))
return 0;
if (options->TestingAuthDirTimeToLearnReachability < 0) {
REJECT("TestingAuthDirTimeToLearnReachability must be non-negative.");
} else if (options->TestingAuthDirTimeToLearnReachability > 2*60*60) {
COMPLAIN("TestingAuthDirTimeToLearnReachability is insanely high.");
}
if (!authdir_mode_v3(options))
return 0;
if (options->TestingV3AuthInitialVotingInterval
< MIN_VOTE_INTERVAL_TESTING_INITIAL) {
REJECT("TestingV3AuthInitialVotingInterval is insanely low.");
@ -293,12 +309,6 @@ options_validate_dirauth_testing(const or_options_t *old_options,
REJECT("TestingV3AuthVotingStartOffset must be non-negative.");
}
if (options->TestingAuthDirTimeToLearnReachability < 0) {
REJECT("TestingAuthDirTimeToLearnReachability must be non-negative.");
} else if (options->TestingAuthDirTimeToLearnReachability > 2*60*60) {
COMPLAIN("TestingAuthDirTimeToLearnReachability is insanely high.");
}
return 0;
}
@ -317,6 +327,7 @@ options_transition_affects_dirauth_timing(const or_options_t *old_options,
return 1;
if (! authdir_mode_v3(new_options))
return 0;
YES_IF_CHANGED_INT(V3AuthVotingInterval);
YES_IF_CHANGED_INT(V3AuthVoteDelay);
YES_IF_CHANGED_INT(V3AuthDistDelay);
@ -374,6 +385,9 @@ options_act_dirauth_mtbf(const or_options_t *old_options)
const or_options_t *options = get_options();
int running_tor = options->command == CMD_RUN_TOR;
if (!authdir_mode(options))
return 0;
/* Load dirauth state */
if (running_tor) {
rep_hist_load_mtbf_data(time(NULL));
@ -404,12 +418,11 @@ options_act_dirauth_stats(const or_options_t *old_options,
const or_options_t *options = get_options();
if (options->BridgeAuthoritativeDir) {
if (authdir_mode_bridge(options)) {
time_t now = time(NULL);
int print_notice = 0;
if ((!old_options || !old_options->BridgeAuthoritativeDir) &&
options->BridgeAuthoritativeDir) {
if (!old_options || !authdir_mode_bridge(old_options)) {
rep_hist_desc_stats_init(now);
print_notice = 1;
}
@ -419,8 +432,8 @@ options_act_dirauth_stats(const or_options_t *old_options,
/* If we used to have statistics enabled but we just disabled them,
stop gathering them. */
if (old_options && old_options->BridgeAuthoritativeDir &&
!options->BridgeAuthoritativeDir)
if (old_options && authdir_mode_bridge(old_options) &&
!authdir_mode_bridge(options))
rep_hist_desc_stats_term();
return 0;

4
src/feature/dirauth/dirauth_config.h
View File

@ -67,19 +67,15 @@ options_validate_dirauth_mode(const or_options_t *old_options,
#define options_validate_dirauth_bandwidth(old_options, options, msg) \
(((void)(old_options)),((void)(options)),((void)(msg)),0)
#define options_validate_dirauth_schedule(old_options, options, msg) \
(((void)(old_options)),((void)(options)),((void)(msg)),0)
#define options_validate_dirauth_testing(old_options, options, msg) \
(((void)(old_options)),((void)(options)),((void)(msg)),0)
#define options_validate_dirauth_testing(old_options, options, msg) \
(((void)(old_options)),((void)(options)),((void)(msg)),0)
#define options_act_dirauth(old_options) \
(((void)(old_options)),0)
#define options_act_dirauth_mtbf(old_options) \
(((void)(old_options)),0)

501
src/test/test_options.c
View File

@ -9,6 +9,7 @@
#include "core/or/or.h"
#include "lib/confmgt/confmgt.h"
#include "app/config/config.h"
#include "feature/dirauth/dirauth_config.h"
#include "feature/relay/relay_config.h"
#include "test/test.h"
#include "lib/geoip/geoip.h"
@ -101,6 +102,50 @@ clear_log_messages(void)
options_init(opt); \
} while (0)
#ifdef COCCI
#define ENABLE_AUTHORITY_MIN ""
#define ENABLE_AUTHORITY_V3_MIN ""
#define ENABLE_AUTHORITY_BRIDGE_MIN ""
#define AUTHORITY_OPT_REQ_ ""
#define ENABLE_AUTHORITY ""
#define ENABLE_AUTHORITY_V3 ""
#define ENABLE_AUTHORITY_BRIDGE ""
#else
#define ENABLE_AUTHORITY_MIN \
"AuthoritativeDirectory 1\n"
#define ENABLE_AUTHORITY_V3_MIN \
ENABLE_AUTHORITY_MIN \
"V3AuthoritativeDir 1\n"
#define ENABLE_AUTHORITY_BRIDGE_MIN \
ENABLE_AUTHORITY_MIN \
"BridgeAuthoritativeDir 1\n"
#define AUTHORITY_OPT_REQ_ \
"Address 192.0.2.111\n" \
"ContactInfo a@example.org\n" \
"DirPort 1025\n" \
"ORPort 1026\n"
/* Not actually valid: requires v3 / bridge */
#define ENABLE_AUTHORITY \
ENABLE_AUTHORITY_MIN \
AUTHORITY_OPT_REQ_
#define ENABLE_AUTHORITY_V3 \
ENABLE_AUTHORITY_V3_MIN \
AUTHORITY_OPT_REQ_
#define ENABLE_AUTHORITY_BRIDGE \
ENABLE_AUTHORITY_BRIDGE_MIN \
AUTHORITY_OPT_REQ_
#endif
#define VALID_DIR_AUTH "DirAuthority dizum orport=443 v3ident=E8A9C45" \
"EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \
" 083C 538F 4403 8BBF A077 587D D755\n"
@ -712,7 +757,7 @@ test_options_validate__authdir(void *ignored)
char *msg;
setup_capture_of_logs(LOG_INFO);
options_test_data_t *tdata = get_options_test_data(
"AuthoritativeDirectory 1\n"
ENABLE_AUTHORITY_V3_MIN
"Address this.should.not!exist!.example.org");
sandbox_disable_getaddrinfo_cache();
@ -728,7 +773,7 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN
"Address 100.200.10.1");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
@ -738,7 +783,7 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN
"Address 100.200.10.1\n");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
@ -748,7 +793,7 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_MIN
"Address 100.200.10.1\n"
"TestingTorNetwork 1\n");
mock_clean_saved_logs();
@ -759,9 +804,7 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"ContactInfo hello@hello.com\n");
tdata = get_options_test_data(ENABLE_AUTHORITY);
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
@ -770,10 +813,8 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"RecommendedVersions 1.2, 3.14\n"
"ContactInfo hello@hello.com\n");
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"RecommendedVersions 1.2, 3.14\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
@ -781,12 +822,10 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"RecommendedVersions 1.2, 3.14\n"
"RecommendedClientVersions 25\n"
"RecommendedServerVersions 4.18\n"
"ContactInfo hello@hello.com\n");
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "25");
@ -794,13 +833,11 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY
"VersioningAuthoritativeDirectory 1\n"
"RecommendedVersions 1.2, 3.14\n"
"RecommendedClientVersions 25\n"
"RecommendedServerVersions 4.18\n"
"ContactInfo hello@hello.com\n");
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
@ -808,11 +845,9 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"VersioningAuthoritativeDirectory 1\n"
"RecommendedServerVersions 4.18\n"
"ContactInfo hello@hello.com\n");
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
@ -820,11 +855,9 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"VersioningAuthoritativeDirectory 1\n"
"RecommendedClientVersions 4.18\n"
"ContactInfo hello@hello.com\n");
"RecommendedClientVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
@ -832,10 +865,8 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"UseEntryGuards 1\n"
"ContactInfo hello@hello.com\n");
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"UseEntryGuards 1\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
expect_log_msg("Authoritative directory servers "
@ -844,10 +875,8 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"V3AuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n");
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"DownloadExtraInfo 0\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
expect_log_msg("Authoritative directories always try"
@ -856,80 +885,27 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"DownloadExtraInfo 1\n"
"V3AuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
expect_no_log_msg("Authoritative directories always try"
" to download extra-info documents. Setting DownloadExtraInfo.\n");
tt_int_op(tdata->opt->DownloadExtraInfo, OP_EQ, 1);
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
"AuthoritativeDir is set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"BridgeAuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3BandwidthsFile non-existent-file\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no DirPort set.");
expect_log_msg("Can't open bandwidth file at configured location: "
"non-existent-file\n");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"BridgeAuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n"
"V3BandwidthsFile non-existent-file\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no DirPort set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"BridgeAuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"GuardfractionFile non-existent-file\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no DirPort set.");
expect_log_msg("Cannot open guardfraction file 'non-existent-file'. "
"Failing.\n");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN
"Address 100.200.10.1\n"
"BridgeAuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n"
"GuardfractionFile non-existent-file\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no DirPort set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
"Address 100.200.10.1\n"
"BridgeAuthoritativeDir 1\n"
"ORPort 2000\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
@ -939,10 +915,21 @@ test_options_validate__authdir(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("AuthoritativeDirectory 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE_MIN
"Address 100.200.10.1\n"
"ORPort 2000\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no DirPort set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3_MIN
"Address 100.200.10.1\n"
"DirPort 999\n"
"BridgeAuthoritativeDir 1\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
@ -951,22 +938,57 @@ test_options_validate__authdir(void *ignored)
"Running as authoritative directory, but no ORPort set.");
tor_free(msg);
// TODO: This case can't be reached, since clientonly is used to
// check when parsing port lines as well.
/* free_options_test_data(tdata); */
/* tdata = get_options_test_data("AuthoritativeDirectory 1\n" */
/* "Address 100.200.10.1\n" */
/* "DirPort 999\n" */
/* "ORPort 888\n" */
/* "ClientOnly 1\n" */
/* "BridgeAuthoritativeDir 1\n" */
/* "ContactInfo hello@hello.com\n" ); */
/* mock_clean_saved_logs(); */
/* ret = options_validate(NULL, tdata->opt, */
/* tdata->def_opt, 0, &msg); */
/* tt_int_op(ret, OP_EQ, -1); */
/* tt_str_op(msg, OP_EQ, "Running as authoritative directory, " */
/* "but ClientOnly also set."); */
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE_MIN
"Address 100.200.10.1\n"
"DirPort 999\n"
"ContactInfo hello@hello.com\n");
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ,
"Running as authoritative directory, but no ORPort set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"ClientOnly 1\n");
/* We have to call the dirauth-specific function, and fake port parsing,
* to hit this case */
tdata->opt->DirPort_set = 1;
tdata->opt->ORPort_set = 1;
mock_clean_saved_logs();
ret = options_validate_dirauth_mode(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ, "Running as authoritative directory, "
"but ClientOnly also set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_BRIDGE
"ClientOnly 1\n");
/* We have to call the dirauth-specific function, and fake port parsing,
* to hit this case */
tdata->opt->DirPort_set = 1;
tdata->opt->ORPort_set = 1;
mock_clean_saved_logs();
ret = options_validate_dirauth_mode(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ, "Running as authoritative directory, "
"but ClientOnly also set.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3);
/* We have to set this value manually, because it won't parse */
tdata->opt->MinUptimeHidServDirectoryV2 = -1;
mock_clean_saved_logs();
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, 0);
expect_log_msg("MinUptimeHidServDirectoryV2 "
"option must be at least 0 seconds. Changing to 0.\n");
tt_int_op(tdata->opt->MinUptimeHidServDirectoryV2, OP_EQ, 0);
tor_free(msg);
done:
teardown_capture_of_logs();
@ -2006,15 +2028,7 @@ test_options_validate__hidserv(void *ignored)
char *msg;
setup_capture_of_logs(LOG_WARN);
options_test_data_t *tdata = get_options_test_data("");
tdata->opt->MinUptimeHidServDirectoryV2 = -1;
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, 0);
expect_log_msg("MinUptimeHidServDirectoryV2 "
"option must be at least 0 seconds. Changing to 0.\n");
tt_int_op(tdata->opt->MinUptimeHidServDirectoryV2, OP_EQ, 0);
tor_free(msg);
options_test_data_t *tdata = NULL;
free_options_test_data(tdata);
tdata = get_options_test_data("RendPostPeriod 1\n" );
@ -2103,25 +2117,46 @@ test_options_validate__bandwidth(void *ignored)
char *msg;
options_test_data_t *tdata = NULL;
#define ENSURE_BANDWIDTH_PARAM(p) \
STMT_BEGIN \
#define ENSURE_BANDWIDTH_PARAM(p, EXTRA_OPT_STR) \
STMT_BEGIN \
free_options_test_data(tdata); \
tdata = get_options_test_data(#p " 3Gb\n"); \
ret = options_validate(NULL, tdata->opt, &msg); \
tdata = get_options_test_data(EXTRA_OPT_STR \
#p " 3Gb\n"); \
ret = options_validate(NULL, tdata->opt, &msg); \
tt_int_op(ret, OP_EQ, -1); \
tt_mem_op(msg, OP_EQ, #p " (3221225471) must be at most 2147483647", 40); \
tor_free(msg); \
STMT_END
ENSURE_BANDWIDTH_PARAM(BandwidthRate);
ENSURE_BANDWIDTH_PARAM(BandwidthBurst);
ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst);
ENSURE_BANDWIDTH_PARAM(PerConnBWRate);
ENSURE_BANDWIDTH_PARAM(PerConnBWBurst);
ENSURE_BANDWIDTH_PARAM(AuthDirFastGuarantee);
ENSURE_BANDWIDTH_PARAM(AuthDirGuardBWGuarantee);
ENSURE_BANDWIDTH_PARAM(BandwidthRate, "");
ENSURE_BANDWIDTH_PARAM(BandwidthBurst, "");
ENSURE_BANDWIDTH_PARAM(BandwidthRate, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(BandwidthBurst, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(BandwidthRate, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(BandwidthBurst, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, "");
ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, "");
ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, "");
ENSURE_BANDWIDTH_PARAM(PerConnBWRate, "");
ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, "");
ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(PerConnBWRate, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(MaxAdvertisedBandwidth, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthRate, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(RelayBandwidthBurst, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(PerConnBWRate, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(PerConnBWBurst, ENABLE_AUTHORITY_BRIDGE);
ENSURE_BANDWIDTH_PARAM(AuthDirFastGuarantee, ENABLE_AUTHORITY_V3);
ENSURE_BANDWIDTH_PARAM(AuthDirGuardBWGuarantee, ENABLE_AUTHORITY_V3);
free_options_test_data(tdata);
tdata = get_options_test_data("RelayBandwidthRate 1000\n");
@ -3461,7 +3496,8 @@ test_options_validate__v3_auth(void *ignored)
setup_capture_of_logs(LOG_WARN);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 1000\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 1000\n"
"V3AuthDistDelay 1000\n"
"V3AuthVotingInterval 1000\n"
);
@ -3473,14 +3509,16 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 1\n");
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 1\n");
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 1\n"
"TestingTorNetwork 1\n");
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
@ -3492,14 +3530,16 @@ test_options_validate__v3_auth(void *ignored)
// since they are the same
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthDistDelay 1\n");
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthDistDelay 1\n");
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthDistDelay 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthDistDelay 1\n"
"TestingTorNetwork 1\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
@ -3507,12 +3547,13 @@ test_options_validate__v3_auth(void *ignored)
tt_str_op(msg, OP_EQ, "V3AuthDistDelay is way too low.");
tor_free(msg);
// TODO: we can't reach the case of v3authdistdelay lower than
// We can't reach the case of v3authdistdelay lower than
// MIN_DIST_SECONDS but not lower than MIN_DIST_SECONDS_TESTING,
// since they are the same
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthNIntervalsValid 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthNIntervalsValid 1\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
@ -3520,7 +3561,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 49\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 200\n"
);
@ -3530,7 +3572,49 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 49\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 200\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, 0);
tt_ptr_op(msg, OP_EQ, NULL);
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"V3AuthVoteDelay 2\n"
"V3AuthDistDelay 2\n"
"V3AuthVotingInterval 9\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ,
"V3AuthVoteDelay plus V3AuthDistDelay must be less than half "
"V3AuthVotingInterval");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"V3AuthVoteDelay 2\n"
"V3AuthDistDelay 2\n"
"V3AuthVotingInterval 10\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, 0);
tt_ptr_op(msg, OP_EQ, NULL);
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 200000\n"
);
@ -3540,7 +3624,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 49\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 1441\n"
);
@ -3552,7 +3637,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 49\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 1440\n"
);
@ -3564,7 +3650,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("V3AuthVoteDelay 49\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 49\n"
"V3AuthDistDelay 49\n"
"V3AuthVotingInterval 299\n"
VALID_DIR_AUTH
@ -3577,23 +3664,23 @@ test_options_validate__v3_auth(void *ignored)
"This may lead to failure to synchronise for a consensus.\n");
tor_free(msg);
// TODO: It is impossible to reach the case of testingtor network, with
// v3authvotinginterval too low
/* free_options_test_data(tdata); */
/* tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES */
/* "V3AuthVoteDelay 1\n" */
/* "V3AuthDistDelay 1\n" */
/* "V3AuthVotingInterval 9\n" */
/* VALID_DIR_AUTH */
/* "TestingTorNetwork 1\n" */
/* ); */
/* ret = options_validate(NULL, tdata->opt, */
/* tdata->def_opt, 0, &msg); */
/* tt_int_op(ret, OP_EQ, -1); */
/* tt_str_op(msg, OP_EQ, "V3AuthVotingInterval is insanely low."); */
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"V3AuthVoteDelay 1\n"
"V3AuthDistDelay 1\n"
"V3AuthVotingInterval 9\n"
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
);
/* We have to call the dirauth-specific function to reach this case */
ret = options_validate_dirauth_schedule(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ, "V3AuthVoteDelay is way too low.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("TestingV3AuthInitialVoteDelay 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"TestingV3AuthInitialVoteDelay 1\n"
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
);
@ -3603,7 +3690,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data("TestingV3AuthInitialDistDelay 1\n"
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
"TestingV3AuthInitialDistDelay 1\n"
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
);
@ -3613,7 +3701,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(VALID_DIR_AUTH
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
);
tdata->opt->TestingV3AuthVotingStartOffset = 100000;
@ -3624,7 +3713,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(VALID_DIR_AUTH
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
);
tdata->opt->TestingV3AuthVotingStartOffset = -1;
@ -3635,7 +3725,8 @@ test_options_validate__v3_auth(void *ignored)
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(VALID_DIR_AUTH
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"TestingV3AuthInitialVotingInterval 4\n"
);
@ -3644,6 +3735,48 @@ test_options_validate__v3_auth(void *ignored)
tt_str_op(msg, OP_EQ, "TestingV3AuthInitialVotingInterval is insanely low.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"TestingV3AuthInitialVoteDelay 2\n"
"TestingV3AuthInitialDistDelay 2\n"
"TestingV3AuthInitialVotingInterval 5\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, 0);
tt_ptr_op(msg, OP_EQ, NULL);
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"TestingV3AuthInitialVotingInterval 7\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ,
"TestingV3AuthInitialVotingInterval does not divide evenly into "
"30 minutes.");
tor_free(msg);
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
VALID_DIR_AUTH
"TestingTorNetwork 1\n"
"TestingV3AuthInitialVoteDelay 3\n"
"TestingV3AuthInitialDistDelay 3\n"
"TestingV3AuthInitialVotingInterval 5\n"
);
ret = options_validate(NULL, tdata->opt, &msg);
tt_int_op(ret, OP_EQ, -1);
tt_str_op(msg, OP_EQ,
"TestingV3AuthInitialVoteDelay plus "
"TestingV3AuthInitialDistDelay must be less than "
"TestingV3AuthInitialVotingInterval");
tor_free(msg);
done:
policies_free_all();
teardown_capture_of_logs();
@ -3690,10 +3823,11 @@ test_options_validate__testing_options(void *ignored)
options_test_data_t *tdata = NULL;
setup_capture_of_logs(LOG_WARN);
#define TEST_TESTING_OPTION(name, low_val, high_val, err_low) \
#define TEST_TESTING_OPTION(name, low_val, high_val, err_low, EXTRA_OPT_STR) \
STMT_BEGIN \
free_options_test_data(tdata); \
tdata = get_options_test_data(VALID_DIR_AUTH \
tdata = get_options_test_data(EXTRA_OPT_STR \
VALID_DIR_AUTH \
"TestingTorNetwork 1\n" \
); \
tdata->opt-> name = low_val; \
@ -3703,25 +3837,44 @@ test_options_validate__testing_options(void *ignored)
tor_free(msg); \
\
free_options_test_data(tdata); \
tdata = get_options_test_data(VALID_DIR_AUTH \
tdata = get_options_test_data(EXTRA_OPT_STR \
VALID_DIR_AUTH \
"TestingTorNetwork 1\n" \
); \
tdata->opt-> name = high_val; \
mock_clean_saved_logs(); \
ret = options_validate(NULL, tdata->opt, &msg); \
tt_int_op(ret, OP_EQ, 0); \
tt_ptr_op(msg, OP_EQ, NULL); \
expect_log_msg( #name " is insanely high.\n"); \
tor_free(msg); \
STMT_END
TEST_TESTING_OPTION(TestingAuthDirTimeToLearnReachability, -1, 8000,
"must be non-negative.");
"must be non-negative.", ENABLE_AUTHORITY_V3);
TEST_TESTING_OPTION(TestingAuthDirTimeToLearnReachability, -1, 8000,
"must be non-negative.", ENABLE_AUTHORITY_BRIDGE);
TEST_TESTING_OPTION(TestingEstimatedDescriptorPropagationTime, -1, 3601,
"must be non-negative.");
"must be non-negative.", "");
TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, -1, 3601,
"is way too low.");
"is way too low.", "");
TEST_TESTING_OPTION(TestingDirConnectionMaxStall, 1, 3601,
"is way too low.");
"is way too low.", "");
TEST_TESTING_OPTION(TestingEstimatedDescriptorPropagationTime, -1, 3601,
"must be non-negative.", ENABLE_AUTHORITY_V3);
TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, -1, 3601,
"is way too low.", ENABLE_AUTHORITY_V3);
TEST_TESTING_OPTION(TestingDirConnectionMaxStall, 1, 3601,
"is way too low.", ENABLE_AUTHORITY_V3);
TEST_TESTING_OPTION(TestingEstimatedDescriptorPropagationTime, -1, 3601,
"must be non-negative.", ENABLE_AUTHORITY_BRIDGE);
TEST_TESTING_OPTION(TestingClientMaxIntervalWithoutRequest, -1, 3601,
"is way too low.", ENABLE_AUTHORITY_BRIDGE);
TEST_TESTING_OPTION(TestingDirConnectionMaxStall, 1, 3601,
"is way too low.", ENABLE_AUTHORITY_BRIDGE);
free_options_test_data(tdata);
tdata = get_options_test_data("TestingEnableConnBwEvent 1\n");