Commit Graph

2967 Commits

Author SHA1 Message Date
Alexander Færøy
22e6ad6f26
Clean up mentions of 'zlib' and rename the mentions to 'compressed'.
This patch cleans up in various places where 'zlib' is mentioned.
2017-04-27 15:51:14 +02:00
Alexander Færøy
7bececbd69
Refactor compression tests into a single test.
This patch refactors our compression tests such that deflate, gzip,
lzma, and zstd are all tested using the same code.

Additionally we use run-time checks to see if the given compression
method is supported instead of using HAVE_LZMA and HAVE_ZSTD.

See: https://bugs.torproject.org/22085
2017-04-27 15:51:14 +02:00
Nick Mathewson
fec3050ea9 Tests for parse_accept_encoding 2017-04-25 19:01:05 -04:00
Nick Mathewson
49868340f7 Merge branch 'unified_compress_squashed' 2017-04-25 10:51:13 -04:00
Nick Mathewson
880fb3e3a9 Combine all *compress/*uncompress backend function into one
Since we have a streaming API for each compression backend, we don't
need a non-streaming API for each: we can build a common
non-streaming API at the front-end.
2017-04-25 10:50:50 -04:00
Nick Mathewson
232c9e14a8 Merge branch 'atomic_counters' 2017-04-25 10:46:23 -04:00
David Goulet
cb8ac1f331 trace: Add a basic event-tracing infrastructure.
This commit adds the src/trace directory containing the basics for our tracing
subsystem. It is not used in the code base. The "src/trace/debug.h" file
contains an example on how we can map our tor trace events to log_debug().

The tracing subsystem can only be enabled by tracing framework at compile
time. This commit introduces the "--enable-tracing-debug" option that will
make all "tor_trace()" function be maped to "log_debug()".

Closes #13802

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-25 10:37:31 -04:00
Nick Mathewson
4266ec766a Use atomic counters for compressor allocation. 2017-04-25 10:29:07 -04:00
Nick Mathewson
ba405f86bf Merge branch 'ahf_prop278_21662_squashed' 2017-04-25 08:12:59 -04:00
Alexander Færøy
1c77d8690c Add function to check if a given compression method is supported.
This patch adds support for checking if a given `compress_method_t` is
supported by the currently running Tor instance using
`tor_compress_supports_method()`.

See: https://bugs.torproject.org/21662
2017-04-25 08:10:09 -04:00
Alexander Færøy
380736d045 Add Zstandard support.
See: https://bugs.torproject.org/21662
2017-04-25 08:10:09 -04:00
Alexander Færøy
ce1feae9d9 Add --enable-zstd to our configure script.
This patch adds support for enabling support for Zstandard to our configure
script. By default, the --enable-zstd option is set to "auto" which means if
libzstd is available we'll build Tor with Zstandard support.

See: https://bugs.torproject.org/21662
2017-04-25 08:10:09 -04:00
Alexander Færøy
bf1c07cb07 Add LZMA support.
See: https://bugs.torproject.org/21662
2017-04-25 08:10:06 -04:00
Alexander Færøy
157af1d26e Add --enable-lzma to our configure script.
This patch adds support for enabling support for LZMA to our configure
script. By default, the --enable-lzma option is set to "auto" which
means if liblzma is available we'll build Tor with LZMA support.

See: https://bugs.torproject.org/21662
2017-04-25 08:06:02 -04:00
Alexander Færøy
04583df452 Rename the torgzip module to compress.
See https://bugs.torproject.org/21663
2017-04-25 08:06:01 -04:00
Nick Mathewson
db95a6e171 Fix implicit conversion warnings in the period_num tests 2017-04-24 15:38:16 -04:00
Nick Mathewson
4cefda85e4 Merge remote-tracking branch 'dgoulet/ticket21980_031_01' 2017-04-24 12:42:11 -04:00
Nick Mathewson
d949589c09 Fix some leaks in the consdiffmgr tests 2017-04-24 11:45:13 -04:00
Nick Mathewson
b7567a6282 Merge branch 'consdiffmgr_squashed' 2017-04-24 11:02:22 -04:00
Nick Mathewson
eb14faa0c1 Remove a checklist item that was already tested
The item referred to the cdm_ht_set_status() case where the item was
not already in the hashtable.  But that already happens naturally
when we scan the directory on startup... and we already have a test
for that.
2017-04-24 11:01:40 -04:00
Nick Mathewson
af86895581 consdiffmgr test: do not launch a diff task that is already pending 2017-04-24 11:01:40 -04:00
Nick Mathewson
2e9e2d023b consdiffmgr: tests for consdiffmgr_validate() 2017-04-24 11:01:40 -04:00
Nick Mathewson
6cc21aa89c consdiffmgr: add tests for cdm_entry_get_sha3_value 2017-04-24 11:01:40 -04:00
Nick Mathewson
bb38657b77 consdiffmgr test: add a test for updating ht on clean/rescan.
This brings us back up to ~94% coverage
2017-04-24 11:01:40 -04:00
Nick Mathewson
de0142cd9d Expand diff-management test to cover reloading items from disk 2017-04-24 11:01:40 -04:00
Nick Mathewson
831e656baa consdiffmgr tests: add tests to validate diff lookup/application
This commit adds some helper functions to look up the diff from one
consensus and to make sure that applying it leads to another.  Then
we add them throughout the existing test cases.  Doing this turned
up a reference-leaking bug in consensus_diff_worker_replyfn.
2017-04-24 11:01:40 -04:00
Nick Mathewson
605bcfbf71 consdiffmgr: Enable in-progress test that was not previously working
Also, add a list of additional tests to write.
2017-04-24 11:01:40 -04:00
Nick Mathewson
655f1c8e01 consdiffmgr: function to re-validate stored sha3 digests at startup 2017-04-24 11:00:28 -04:00
Nick Mathewson
5726fec9c2 Consdiffmgr test: Make sure that diffs are removable
A diff is removable as soon as it no longer takes you to the most
recent consensus of the appropriate flavor.
2017-04-24 10:59:25 -04:00
Nick Mathewson
35f6b678ab Test the easiest cases of consdiffmgr_cleanup.
One more to go: deleting the old diffs.
2017-04-24 10:59:25 -04:00
Nick Mathewson
1fade37287 consdiffmgr non-test: check for initialization failure
Unfortunately, this test doesn't work, so I've left it
defined-out. There is currently no way in our unit tests to catch a
fatal assertion failure.
2017-04-24 10:59:25 -04:00
Nick Mathewson
d418f28cb5 consdiffmgr test: survive failures to compute a diff. 2017-04-24 10:59:25 -04:00
Nick Mathewson
b9c2f135bd Another consdiffmgr test: only generate the diffs that are needed
This test makes sure that we only generate the diffs we actually
want, rather than regenerating all the diffs every time anything
changes.
2017-04-24 10:59:25 -04:00
Nick Mathewson
7fc37d41b4 Unit tests for consdiffmgr module
Initial tests. These just try adding a few consensuses, looking
them up, and making sure that consensus diffs are generated in a
more or less reasonable-looking way.  It's enough for 87% coverage,
but it leaves out a lot of functionality.
2017-04-24 10:59:25 -04:00
George Kadianakis
39b5dca720 ed25519: Add python code to test our ed25519 validation.
See
https://lists.torproject.org/pipermail/tor-dev/2017-April/012213.html .
2017-04-24 16:34:53 +03:00
Nick Mathewson
9ba10d714a Merge branch 'consdiff_numeric_squashed' 2017-04-24 09:33:55 -04:00
Sebastian Hahn
a16de7a7cf consdiff: Reject ranges with non-numeric chars
Fixes bug #21964
2017-04-24 09:33:48 -04:00
Taylor Yu
7bc636fdc9 Add regression test for #22304 2017-04-24 09:20:59 -04:00
Nick Mathewson
91553417c7 Fix a comment that held the remaining reference to the old api. 2017-04-21 16:39:05 -04:00
Nick Mathewson
3327e675fd Remove old directory_initiate_command_*() functions. 2017-04-21 15:14:52 -04:00
Nick Mathewson
c300fd7e65 Have directory_get_from_all_authorities use requests. 2017-04-21 14:31:35 -04:00
Nick Mathewson
b7dd3518b9 missing smartlist_free in new consdiff test 2017-04-18 22:56:34 -04:00
Nick Mathewson
afe1af7de6 Merge remote-tracking branch 'asn/bug21971' 2017-04-18 21:38:28 -04:00
Nick Mathewson
eeb266c139 Merge remote-tracking branches 'sebastian/consdiff_add' and 'sebastian/consdiff_newline' 2017-04-18 21:31:53 -04:00
George Kadianakis
e1a59ade95 prop224: Add time period functions and unittests
This will be used by the build blinded key functions.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-18 11:03:15 -04:00
Alexander Færøy
b8c9f229d7
Rename write_to_buf_zlib() to write_to_buf_compress().
See https://bugs.torproject.org/21663
2017-04-18 01:23:39 +02:00
Alexander Færøy
40ed68290e
Rename zlib_state to compress_state in the test_buffers.
See https://bugs.torproject.org/21663
2017-04-18 01:12:01 +02:00
George Kadianakis
0c39cefc52 prop224 tests: Remove useless NULL check before circuit_free().
Addresses coverity issue CID 1405130.
2017-04-17 16:36:55 +03:00
George Kadianakis
a3ce303432 prop224 tests: Don't use tt_size_op to compare ssize_t.
Addresses coverity CID 1405129.
2017-04-17 16:23:58 +03:00
Alexander Færøy
3c4459bcbf
Refactor the streaming compression code.
This patch refactors our streaming compression code to allow us to
extend it with non-zlib/non-gzip based compression schemas.

See https://bugs.torproject.org/21663
2017-04-17 14:57:37 +02:00
Alexander Færøy
44cb86adbe
Rename tor_gzip_{compress,uncompress} to tor_{compress,uncompress}.
To allow us to use the API name `tor_compress` and `tor_uncompress` as
the main entry-point for all compression/uncompression and not just gzip
and zlib.

See https://bugs.torproject.org/21663
2017-04-17 14:29:10 +02:00
Alexander Færøy
4b834e0d5e
Fix whitespace in test_util_gzip() around OP_*`.
See https://bugs.torproject.org/21663
2017-04-17 14:07:23 +02:00
Alexander Færøy
a8821d8366
Use tt_int_op() over tt_assert() and do explicit NULL checks in test_util_gzip().
This patch changes some of the tt_assert() usage in test_util_gzip() to
use tt_int_op() to get better error messages upon failure.

Additionally we move to use explicit NULL checks.

See https://bugs.torproject.org/21663
2017-04-17 14:02:16 +02:00
Sebastian Hahn
5a7e39c0cb Fix diff generation with line added at start
The consdiff generation logic would skip over lines added at the start of the
second file, and generate a diff that it would the immediately refuse because
it couldn't be used to reproduce the second file from the first. Fixes #21996.
2017-04-17 10:10:46 +02:00
Sebastian Hahn
459643502b Don't accept ranges for add commands in consdiff
Fixes ticket #21963
2017-04-17 06:49:27 +02:00
Nick Mathewson
06ecb9432f conscache.c: do not match entries that are slated for removal. 2017-04-15 11:21:32 -04:00
Daniel Pinto
fa04fe1674 MyFamily config string is now a list. #4998 2017-04-14 13:04:37 +01:00
Nick Mathewson
b081a7ed21 Merge branch 'ticket21891_031_01_squashed' 2017-04-13 16:43:13 -04:00
David Goulet
0565f5a3bb hs: Make the service list pruning function public
The reason for making the temporary list public is to keep it encapsulated in
the rendservice subsystem so the prop224 code does not have direct access to
it and can only affect it through the rendservice pruning function.

It also has been modified to not take list as arguments but rather use the
global lists (main and temporary ones) because prop224 code will call it to
actually prune the rendservice's lists. The function does the needed rotation
of pointers between those lists and then prune if needed.

In order to make the unit test work and not completely horrible, there is a
"impl_" version of the function that doesn't free memory, it simply moves
pointers around. It is directly used in the unit test and two setter functions
for those lists' pointer have been added only for unit test.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-13 16:25:49 -04:00
Nick Mathewson
ba89520593 fix wide lines 2017-04-13 14:36:57 -04:00
Nick Mathewson
902672eac6 Merge branch 'ticket21889_031_01_squashed' 2017-04-13 14:23:59 -04:00
George Kadianakis
f02868bb53 hs: Add service-side circuitmap API.
Now we have separate getters and setters for service-side and relay-side. I
took this approach over adding arguments to the already existing methods to
have more explicit type-checking, and also because some functions would grow
too large and dirty.

This commit also fixes every callsite to use the new function names which
modifies the legacy HS (v2) and the prop224 (v3) code.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-13 14:23:51 -04:00
Nick Mathewson
28ec2d9c2c Merge remote-tracking branch 'dgoulet/ticket21919_031_01' 2017-04-13 09:38:59 -04:00
Nick Mathewson
755c88a474 Merge branch 'asn/prop224-ntor-v2-squashed' 2017-04-13 09:22:34 -04:00
George Kadianakis
ea5901bf1c prop224: Add Python integration tests for HS ntor.
This test is identical to the ./src/test/test_ntor.sh integration test.
2017-04-13 09:22:19 -04:00
George Kadianakis
18ee145cda prop224: Add basic HS ntor unittest.
The test checks that introduce1/rendezvous1 key material is generated
correctly both for client-side and service-side.
2017-04-13 09:22:19 -04:00
David Goulet
6bacc3c7a8 hs: Change trunnel prop224 cell's namespace
One of the goals of this change is to have trunnel API/ABI being more explicit
so we namespace them with "trn_*". Furthermore, we can now create
hs_cells.[ch] without having to confuse it with trunnel which used to be
"hs_cell_*" before that change.

Here are the perl line that were used for this rename:

  perl -i -pe 's/cell_extension/trn_cell_extension/g;' src/*/*.[ch]
  perl -i -pe 's/cell_extension/trn_cell_extension/g;' src/trunnel/hs/*.trunnel
  perl -i -pe 's/hs_cell_/trn_cell_/g;' src/*/*.[ch]
  perl -i -pe 's/hs_cell_/trn_cell_/g;' src/trunnel/hs/*.trunnel

  And then "./scripts/codegen/run_trunnel.sh" with trunnel commit id
  613fb1b98e58504e2b84ef56b1602b6380629043.

Fixes #21919

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-11 13:46:41 -04:00
Nick Mathewson
f5258045c4 Fix some no-longer-reasonable unit tests for base64_decode()
These tests tried to use ridiculously large buffer sizes to check
the sanity-checking in the code; but since the sanity-checking
changed, these need to change too.
2017-04-10 12:08:31 -04:00
Taylor Yu
00ffefb41b Test odd-sized base64 decodes
Test base64_decode() with odd sized decoded lengths, including
unpadded encodings and padded encodings with "right-sized" output
buffers.  Convert calls to base64_decode_nopad() to base64_decode()
because base64_decode_nopad() is redundant.
2017-04-07 18:16:45 -04:00
Nick Mathewson
61f1838cdc Merge branch 'isolate_openssl' 2017-04-07 09:58:21 -04:00
Nick Mathewson
30b13fd82e Add test for expected output from encode{,d}_length functions 2017-04-07 09:47:29 -04:00
George Kadianakis
037ce360bd hs: Refactor circuitmap to use circuit_t instead of or_circuit_t. 2017-04-07 09:11:09 -04:00
Nick Mathewson
95a4f2d525 Additional unit tests to improve conscache coverage 2017-04-06 11:48:41 -04:00
Nick Mathewson
2b5b6025bd Tests for cleanup and reference counting on conscache 2017-04-06 11:48:41 -04:00
Nick Mathewson
73e9bc914f Tests for simple cases of conscache code. 2017-04-06 11:48:41 -04:00
Nick Mathewson
5f8860a16f Unit tests for labelled storagedir entries 2017-04-06 11:48:41 -04:00
Taylor Yu
b1c7e5d8c0 Capture expected log in test_circuitbuild.c
Capture the warning for the unhandled circuit purpose test case, both
to clean up the test log and to confirm that it gets logged.
2017-04-03 15:24:59 -04:00
Nick Mathewson
67c88fd10d Merge branch 'bug13790_rebased' 2017-04-03 11:58:37 -04:00
Taylor Yu
f0a57df55c Test unhandled purpose in route_len_for_purpose()
Check that route_len_for_purpose() (helper for new_route_len())
correctly fails a non-fatal bug assertion if it encounters an
unhandled circuit purpose when it is called with exit node info.
2017-04-03 11:58:11 -04:00
Taylor Yu
1e8e8a4e94 Add tests for new_route_len() 2017-04-03 11:58:11 -04:00
Nick Mathewson
28f9b68e87 Move "change cert expiration and re-sign" fn into tortls.c
This lets test_link_handshake stop including openssl headers.
2017-03-31 10:04:45 -04:00
Nick Mathewson
5ca0d6daf0 Mark many private tortls.h APIs as openssl-only.
This change lets us remove the openssl/ssl.h include from
test_link_handshake.c.
2017-03-31 10:04:45 -04:00
Nick Mathewson
706c44a6ce Remove some now-needless openssl includes from src/test.
It would appear that these includes weren't actually used.
2017-03-31 10:04:44 -04:00
Nick Mathewson
a4964466a5 Remove openssl/evp.h dependency from test_crypto.c 2017-03-31 10:04:44 -04:00
Nick Mathewson
1a14e5be91 Remove crypto/rand include from test_crypto.c
Create a new test_crypto_openssl to test openssl-only crypto.c
functionality.
2017-03-31 10:04:44 -04:00
Nick Mathewson
e7506c03cf Isolate dmalloc/openssl bridge code to crypto.c
This makes it so main.c, and the rest of src/or, no longer need to
include any openssl headers.
2017-03-31 10:04:44 -04:00
Nick Mathewson
04f1ddaa2a Fix utimbuf initialization in storagedir/cleaning test 2017-03-29 09:10:35 +02:00
Nick Mathewson
208c2a5c74 Merge branch 'spooling_squashed' 2017-03-28 19:55:18 +02:00
Nick Mathewson
8aa69a1b69 Refactor the directory spool implementation
The old implementation had duplicated code in a bunch of places, and
it interspersed spool-management with resource management.  The new
implementation should make it easier to add new resource types and
maintain the spooling code.

Closing ticket 21651.
2017-03-28 19:55:03 +02:00
Nick Mathewson
e79f90c7f0 Storagedir test fix: save strings in binary mode to preserve length 2017-03-27 15:27:52 +02:00
Nick Mathewson
10888dcac6 Merge remote-tracking branch 'ahf/bugs/21757' 2017-03-27 15:02:48 +02:00
Nick Mathewson
0895808023 Merge remote-tracking branch 'origin/maint-0.3.0' 2017-03-26 12:30:45 +02:00
Nick Mathewson
a5130de432 Tweak test_entrynodes comment 2017-03-26 12:30:00 +02:00
Nick Mathewson
4f6025498d Use update_approx_time() to run a test 100 days in the past.
Fixes bug21799.
2017-03-23 10:44:43 +01:00
Nick Mathewson
58680d0429 Merge branch 'ahf_bugs_21641_squashed' 2017-03-17 11:16:24 -04:00
Alexander Færøy
23ae5b655b Make MIN_ONION_KEY_LIFETIME a consensus parameter defined value.
This patch turns `MIN_ONION_KEY_LIFETIME` into a new function
`get_onion_key_lifetime()` which gets its value from a network consensus
parameter named "onion-key-rotation-days". This allows us to tune the
value at a later point in time with no code modifications.

We also bump the default onion key lifetime from 7 to 28 days as per
proposal #274.

See: https://bugs.torproject.org/21641
2017-03-17 11:15:43 -04:00
Alexander Færøy
a28be68cf2
Split strings at newline in tor_get_lines_from_handle().
This patch fixes a regression described in bug #21757 that first
appeared after commit 6e78ede73f which was an attempt to fix bug #21654.

When switching from buffered I/O to direct file descriptor I/O our
output strings from get_string_from_pipe() might contain newline
characters (\n). In this patch we modify tor_get_lines_from_handle() to
ensure that the function splits the newly read string at the newline
character and thus might return multiple lines from a single call to
get_string_from_pipe().

Additionally, we add a test case to test_util_string_from_pipe() to
ensure that get_string_from_pipe() correctly returns multiple lines in a
single call.

See: https://bugs.torproject.org/21757
See: https://bugs.torproject.org/21654
2017-03-17 04:27:12 +01:00
Nick Mathewson
6657fe1e54 Generate src/test/fuzz/include.am from a script
It was very error-prone to maintain this by hand.
2017-03-16 17:14:10 -04:00
Nick Mathewson
45d008c4aa Merge branch 'storagedir_squashed' 2017-03-16 16:03:13 -04:00
Nick Mathewson
ee253e392a Define a "storagedir" abstraction to hold numerous similar files
We could use one of these for holding "junk" descriptors and
unparseable things -- but we'll _need_ it for having cached
consensuses and diffs between them.
2017-03-16 16:01:59 -04:00
Nick Mathewson
4a4f1e44af Merge branch 'prop140_21643_diff_only_squashed' 2017-03-16 14:58:43 -04:00
Nick Mathewson
d8c129a11a Avoid all needless memory copies when computing consensus diffs.
Previously, we operated on smartlists of NUL-terminated strings,
which required us to copy both inputs to produce the NUL-terminated
strings.  Then we copied parts of _those_ inputs to produce an
output smartlist of NUL-terminated strings.  And finally, we
concatenated everything into a final resulting string.

This implementation, instead, uses a pointer-and-extent pattern to
represent each line as a pointer into the original inputs and a
length.  These line objects are then added by reference into the
output. No actual bytes are copied from the original strings until
we finally concatenate the final result together.

Bookkeeping structures and newly allocated strings (like ed
commands) are allocated inside a memarea, to avoid needless mallocs
or complicated should-I-free-this-or-not bookkeeping.

In my measurements, this improves CPU performance by something like
18%.  The memory savings should be much, much higher.
2017-03-16 14:42:56 -04:00
Nick Mathewson
dd92579b63 Add fuzzers for consensus diff backend code
This takes two fuzzers: one which generates a diff and makes sure it
works, and one which applies a diff.

So far, they won't crash, but there's a bug in my
string-manipulation code someplace that I'm having to work around,
related to the case where you have a blank line at the end of a
file, or where you diff a file with itself.
2017-03-16 14:42:55 -04:00
Nick Mathewson
eff9fbd17d Fix an abstraction violation.
Don't alias the insides of smartlist_t; that way lies madness.
2017-03-16 14:38:29 -04:00
Nick Mathewson
3647751c2a prop140: Use sha3-256, not sha2-256
This is a protocol update from recent prop140 changes.

Also, per #21673, we need to check the entire document, including
signatures.
2017-03-16 14:38:29 -04:00
Nick Mathewson
d6594bfa8c Add a couple more cases to reach 100% coverage. 2017-03-16 14:38:29 -04:00
Nick Mathewson
c86e77ac20 Cover two more failing cases with unit tests 2017-03-16 14:38:29 -04:00
Nick Mathewson
c6046f4db8 Tweak&test log messages on apply_diff 2017-03-16 14:38:29 -04:00
Nick Mathewson
bb536a2e73 Check for expected warnings in apply_ed_diff 2017-03-16 14:38:28 -04:00
Nick Mathewson
05901f2c6d test operator cleanup 2017-03-16 14:38:28 -04:00
Nick Mathewson
687df259c6 Enforce correct log messages on diff generation failure tests 2017-03-16 14:38:28 -04:00
Nick Mathewson
ccb789fe34 Test two more base64cmp cases. 2017-03-16 14:38:28 -04:00
Nick Mathewson
360d043ac7 Use "STATIC" to export consdiff fns for testing
Previously test_consdiff.c just did #include "consdiff.c", which is
not great style, and messes up coverage testing.
2017-03-16 14:38:28 -04:00
Daniel Martí
590ffdb2c9 Consensus diff backend from Daniel Martí GSOC project.
(This commit was extracted by nickm based on the final outcome of
the project, taking only the changes in the files touched by this
commit from the consdiff_rebased branch.  The directory-system
changes are going to get worked on separately.)
2017-03-16 14:38:28 -04:00
Nick Mathewson
7505f452c8 Run the copyright update script. 2017-03-15 16:13:17 -04:00
Nick Mathewson
236e1f31d9 Fix some compilation warnings in {test_,}hs_descriptor.c
Nothing big: just some const char[]s that should have been static,
and some integer truncation warnings.

Warnings not in any released Tor.
2017-03-13 22:36:47 -04:00
Nick Mathewson
43dd9bf0fc Merge remote-tracking branch 'asn/bug21334_v3' 2017-03-13 16:18:55 -04:00
George Kadianakis
61f318b1b0 prop224: Rename padding size def to something less confusing.
People felt it could refer to the descriptor header section instead of
the plaintext of the superencrypted section.
2017-03-13 15:58:28 +02:00
George Kadianakis
e6b03151fb prop224: Add unittests for decode_superencrypted(). 2017-03-13 15:55:21 +02:00
George Kadianakis
1f421d8d47 prop224: Fix the HS descriptor unittests.
- HS descriptors are now bigger than 10kb.
- encrypted_data_length_is_valid() is not that strict now.
2017-03-13 15:55:21 +02:00
Alexander Færøy
02fc0a5ecf
Remove fgets() compatbility function and related tests.
This patch removes the `tor_fgets()` wrapper around `fgets(3)` since it
is no longer needed. The function was created due to inconsistency
between the returned values of `fgets(3)` on different versions of Unix
when using `fgets(3)` on non-blocking file descriptors, but with the
recent changes in bug #21654 we switch from unbuffered to direct I/O on
non-blocking file descriptors in our utility module.

We continue to use `fgets(3)` directly in the geoip and dirserv module
since this usage is considered safe.

This patch also removes the test-case that was created to detect
differences in the implementation of `fgets(3)` as well as the changes
file since these changes was not included in any releases yet.

See: https://bugs.torproject.org/21654
2017-03-09 00:10:18 +01:00
Alexander Færøy
0e5c7dc45b
Add test case for get_string_from_pipe().
This patch adds a test case for the get_string_from_pipe() function
found in the utility module.

See: See: https://bugs.torproject.org/21654
2017-03-09 00:10:17 +01:00
Alexander Færøy
6e78ede73f
Remove buffered I/O stream usage in process_handle_t.
This patch removes the buffered I/O stream usage in process_handle_t and
its related utility functions. This simplifies the code and avoids racy
code where we used buffered I/O on non-blocking file descriptors.

See: https://bugs.torproject.org/21654
2017-03-09 00:10:17 +01:00
Nick Mathewson
88b91d7753 Merge remote-tracking branch 'ahf/bugs/20988' 2017-03-06 12:04:58 -05:00
Nick Mathewson
2c8d2cab13 Merge remote-tracking branch 'teor/bug19699' 2017-03-06 11:52:17 -05:00
Alexander Færøy
ae91e64fa8
Reset buf after each succesful test to avoid artifacts.
This patch resets `buf` in test_util_fgets_eagain() after each succesful
ivocation to avoid stray artifacts left in the buffer by erroneous
tor_fgets() calls.
2017-03-01 21:26:27 +01:00
Alexander Færøy
3dca5a6e71
Use tor_fgets() instead of fgets().
This patch changes our use of fgets() to tor_fgets() for more consistent
error handling across different versions of the C library.
2017-03-01 21:26:27 +01:00
Nick Mathewson
39d0e0cd0b Merge branch 'maint-0.3.0' 2017-03-01 07:52:51 -05:00
teor
d784236822
Make test-network.sh always call chutney's test-network.sh
Previously, this only worked on systems which had bash installed, due to
some bash-specific code in the script.

Fixes bug 19699; follow-up to 21581.
2017-03-01 13:28:30 +11:00
teor
778d704908
Remove the space before the interpreter name in test-network.sh
Apparently some unixes don't like this.
Part of #21581.
2017-03-01 12:29:52 +11:00
teor
f2ca22f940
Remove the space before the interpreter name in test-network.sh
Apparently some unixes don't like this.
Part of #21581.
2017-03-01 12:28:16 +11:00
Nick Mathewson
8e3d929df7 Merge branch 'maint-0.3.0' 2017-02-28 20:14:06 -05:00
teor
004ec8dc58
Restore support for test-network.sh on BSD and other systems without bash
(But use bash if it's available.)
This is a workaround until we remove bash-specific code in 19699.

Fixes bug 21581; bugfix on 21562, not in any released version of tor.
2017-03-01 11:40:54 +11:00
Nick Mathewson
1cd7a697f1 Merge remote-tracking branch 'teor/bug21510' 2017-02-28 11:43:58 -05:00
Nick Mathewson
aa50758777 Merge remote-tracking branch 'teor/test21470-029' 2017-02-28 11:31:07 -05:00
Nick Mathewson
c0aa7ac5ac Merge branch 'disable_memory_sentinels_squashed' 2017-02-27 16:25:25 -05:00
Nick Mathewson
b923c4dc9f Code to disable memory sentinels for fuzzing
This feature makes it possible to turn off memory sentinels (like
those used for safety in buffers.c and memarea.c) when fuzzing, so
that we can catch bugs that they would otherwise prevent.
2017-02-27 16:25:10 -05:00
Nick Mathewson
4808540d5c Merge branch 'maint-0.3.0' 2017-02-27 11:36:56 -05:00
teor
73879aa5b6
Use bash in src/test/test-network.sh
This ensures we reliably call chutney's newer tools/test-network.sh when
available.

Fixes bug 21562; bugfix on tor-0.2.9.1-alpha.
2017-02-28 02:13:56 +11:00
teor
1ebcd22e80
Reserve a test-network.sh exit status of 2 for unknown arguments
Part of 21570.
2017-02-28 02:02:32 +11:00
teor
39a4c5624b
Add a quiet mode to test-network.sh
Requires the equivalent chutney changes in 21571.

Part of 21570.
2017-02-28 01:45:30 +11:00
Nick Mathewson
d73755e36e Merge branch 'maint-0.3.0' 2017-02-24 11:37:04 -05:00
David Goulet
4ed10e5053 hs: Fix bad use of sizeof() when encoding ESTABLISH_INTRO legacy cell
When encoding a legacy ESTABLISH_INTRO cell, we were using the sizeof() on a
pointer instead of using the real size of the destination buffer leading to an
overflow passing an enormous value to the signing digest function.
Fortunately, that value was only used to make sure the destination buffer
length was big enough for the key size and in this case it always was because
of the overflow.

Fixes #21553

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-02-24 11:36:36 -05:00
George Kadianakis
6d71eda263 prop224: Rename auth_required HS desc field to intro_auth_required.
And remove "password" type from the list of intro auths.
2017-02-24 16:37:24 +02:00
teor
7a65abf566
Make display of captured unit test log messages consistent
There was a missing space and an extra colon.

Fixes bug 21510; bugfix on 0.2.9.3-alpha.
2017-02-19 23:09:50 +11:00
teor
590bfe3d6d
Reject versions that have non-numeric prefixes
Unit tests #21507.
Part of #21470.
2017-02-19 22:47:47 +11:00
teor
6d0b1a8997
Add unit tests that ensure out of range versions are rejected
Unit tests for #21278.
Part of #21470.
2017-02-19 22:46:42 +11:00
teor
b3e139581b
Add unit tests for version parsing integer size inconsistencies
Unit tests for #21450.
Part of #21470.
2017-02-19 22:45:25 +11:00
teor
e34a209df1
Add unit tests for current tor version git tags
Related to #21470
2017-02-19 22:44:07 +11:00
teor
3c39dab433
Add unit tests for the current range of tor version status tags
Related to #21470.
2017-02-19 22:42:44 +11:00
Nick Mathewson
d3f0f10efd Fix memleak in test_getinfo_helper_onion.
Fix on fc58c37e33. Not in any released tor
2017-02-17 10:08:31 -05:00
Nick Mathewson
31be66ea5a Merge remote-tracking branch 'meejah/ticket-21329-onions-current' 2017-02-16 09:40:56 -05:00
David Goulet
3336f26e60 hs: Avoid a strlen(NULL) if descriptor is not found in cache
Instead of returning 404 error code, this led to a NULL pointer being used and
thus a crash of tor.

Fixes #21471

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-02-15 10:27:41 -05:00
Nick Mathewson
39af9fc2b7 Merge branch 'bug21447' 2017-02-15 08:08:25 -05:00
Nick Mathewson
76d79d597a Merge branch 'maint-0.2.9' 2017-02-15 07:48:42 -05:00
Nick Mathewson
7e469c1002 Merge branch 'bug20894_029_v3' 2017-02-14 19:10:20 -05:00
Nick Mathewson
491348cb8c Rename make fuzz to make test-fuzz-corpora 2017-02-14 18:04:10 -05:00
Nick Mathewson
c4f2faf301 Don't atoi off the end of a buffer chunk.
Fixes bug 20894; bugfix on 0.2.0.16-alpha.

We already applied a workaround for this as 20834, so no need to
freak out (unless you didn't apply 20384 yet).
2017-02-14 16:38:47 -05:00
Nick Mathewson
1afc2ed956 Fix policies.c instance of the "if (r=(a-b)) return r" pattern
I think this one probably can't underflow, since the input ranges
are small.  But let's not tempt fate.

This patch also replaces the "cmp" functions here with just "eq"
functions, since nothing actually checked for anything besides 0 and
nonzero.

Related to 21278.
2017-02-14 16:31:11 -05:00
David Goulet
e129393e40 test: Add missing socket errno in test_util.c
According to 21116, it seems to be needed for Wheezy Raspbian build. Also,
manpage of socket(2) does confirm that this errno value should be catched as
well in case of no support from the OS of IPv4 or/and IPv6.

Fixes #21116

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-02-08 09:00:48 -05:00
Nick Mathewson
9379984128 Merge branch 'teor_bug21357-v2_029' into maint-0.2.9 2017-02-07 09:24:08 -05:00
Nick Mathewson
39606aece5 Fix "make distcheck".
I had forgotten to include the fuzz_static_testcases.sh script in
EXTRA_DIST.
2017-02-03 12:04:08 -05:00
cypherpunks
27df23abb6 Use the standard OpenBSD preprocessor definition 2017-02-03 09:37:39 -05:00
David Goulet
5f6d53cefa test: Fix test after log message changed in #21294
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-02-02 09:03:14 -05:00
Nick Mathewson
fc3e742b5b Merge remote-tracking branch 'ahf/ahf/bugs/21266' 2017-02-02 08:40:05 -05:00
Alexander Færøy
7eb7af08d9 Add checks for expected log messages in test_hs_intropoint.
This patch adds checks for expected log messages for failure cases of
different ill-formed ESTABLISH_INTRO cell's.

See: https://bugs.torproject.org/21266
2017-02-01 19:01:07 +00:00
Nick Mathewson
77788fa537 Fix a memory-leak in fuzz_vrs.c 2017-02-01 10:57:01 -05:00
Nick Mathewson
24551d64ad Merge branch 'maint-0.2.9' 2017-02-01 10:39:59 -05:00
rubiate
e9ec818c28 Support LibreSSL with opaque structures
Determining if OpenSSL structures are opaque now uses an autoconf check
instead of comparing the version number. Some definitions have been
moved to their own check as assumptions which were true for OpenSSL
with opaque structures did not hold for LibreSSL. Closes ticket 21359.
2017-02-01 10:30:49 -05:00
Nick Mathewson
f1530d0e5a Merge branch 'teor_bug21357-v2_029' 2017-02-01 09:39:25 -05:00
teor
408c53b7a7 Scale IPv6 address counts in policy_summary_reject to avoid overflow
This disregards anything smaller than an IPv6 /64, and rejects ports that
are rejected on an IPv6 /16 or larger.

Adjust existing unit tests, and add more to cover exceptional cases.

No IPv4 behaviour changes.

Fixes bug 21357
2017-02-01 09:39:06 -05:00
teor
7e7b3d3df3 Add unit tests for IPv6 address summaries and IPv4 netblock rejection
These tests currently fail due to bug 21357
2017-02-01 09:39:06 -05:00
Nick Mathewson
ed4a3dfef2 Remove XXXXprop271 comments from test_entrynodes.c
These commments were complaints about how I didn't like some aspects
of prop271.  They have been superseded by ticket 20832.
2017-01-30 10:43:53 -05:00
Nick Mathewson
088cc3604b Don't use %zu in fuzz-http: windows doesn't like it. 2017-01-30 09:09:42 -05:00
Nick Mathewson
558c04f5b1 Merge branch 'combined-fuzzing-v4' 2017-01-30 08:40:46 -05:00
Nick Mathewson
d71fc47438 Update documentation and testing integration for fuzzing 2017-01-30 08:37:27 -05:00
Nick Mathewson
2202ad7ab0 Fix a pair of compilation errors. 2017-01-30 08:37:27 -05:00
Nick Mathewson
1d8e9e8c69 Fix memory leak on zero-length input on fuzz_http.c 2017-01-30 08:37:27 -05:00
Nick Mathewson
34fd636870 memory leak in fuzz_vrs 2017-01-30 08:37:26 -05:00
Nick Mathewson
09d01466b2 actually build .as for fuzzing 2017-01-30 08:37:26 -05:00
Nick Mathewson
1c7862bfb4 missing backslash 2017-01-30 08:37:26 -05:00
Nick Mathewson
f547352637 differently build oss fuzzers 2017-01-30 08:37:26 -05:00
Nick Mathewson
cf71f8ad32 More oss-fuzz fixes 2017-01-30 08:37:25 -05:00
Nick Mathewson
92679d90d5 Try to refactor OSS fuzzers into static libraries. 2017-01-30 08:37:25 -05:00
Nick Mathewson
1b244a64e4 libfuzzer tweaks per recommendations 2017-01-30 08:37:25 -05:00
Nick Mathewson
024fa9d4d7 routerstatus fuzzing 2017-01-30 08:37:25 -05:00
Nick Mathewson
eb414a08a9 Add libfuzzer support. 2017-01-30 08:37:25 -05:00
Nick Mathewson
b1567cf500 Three more fuzzers: consensus, hsdesc, intro points 2017-01-30 08:37:24 -05:00
Nick Mathewson
83e9918107 Tools for working with directories of fuzzed stuff. 2017-01-30 08:37:24 -05:00
Nick Mathewson
301eff0e90 fuzzing: Add copyright notices and whitespace fixes 2017-01-30 08:37:24 -05:00
Nick Mathewson
4afb155db2 Add microdesc format fuzzer. 2017-01-30 08:37:24 -05:00
Nick Mathewson
3c74855934 Addition to test cases: make sure fuzzer binaries allow known cases
This isn't fuzzing per se, so much as replaying the highlights of
past fuzzer runs.
2017-01-30 08:37:24 -05:00
Nick Mathewson
81e44c2257 Add extrainfo fuzzer 2017-01-30 08:37:24 -05:00
Nick Mathewson
44fa14c0e2 Try to tweak fuzzing.md to correspond to my changes 2017-01-30 08:37:24 -05:00
teor
0fb1156e9f Add a script for running multiple fuzzing sessions on multiple cores 2017-01-30 08:37:23 -05:00
teor
416e2f6b28 Guide fuzzing by adding standard tor GET and POST testcases 2017-01-30 08:37:23 -05:00
Nick Mathewson
56b61d1831 Add more tweaks from teor's http fuzzing code.
Move option-manipulation code to fuzzing_common.
2017-01-30 08:37:23 -05:00
Nick Mathewson
949e9827d6 Add a descriptor fuzzing dictionary. 2017-01-30 08:37:23 -05:00
Nick Mathewson
ca657074b9 Fuzzing: initialize siphash key, don't init_logging twice. 2017-01-30 08:37:23 -05:00
Nick Mathewson
0666928c5c Replace signature-checking and digest-checking while fuzzing 2017-01-30 08:37:22 -05:00
meejah
fc58c37e33 Ticket #21329: GETINFO onions/current returns empty list
If there are no ephemeral or detached onion services, then
"GETINFO onions/current" or "GETINFO onions/detached" should
return an empty list instead of an error
2017-01-28 13:59:29 -07:00
Daniel Kahn Gillmor
e1337b4252 client: set IPv6Traffic to on by default
See:
  https://trac.torproject.org/projects/tor/ticket/21269
  https://bugs.debian.org/851798

Closes #21269

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-27 09:12:32 -05:00
Nick Mathewson
81c78ec755 Outbindbindaddress variants for Exit and OR.
Allow separation of exit and relay traffic to different source IP
addresses (Ticket #17975). Written by Michael Sonntag.
2017-01-27 08:05:29 -05:00
Nick Mathewson
12efa1f1cc Add a unit test for dropguards 2017-01-24 09:18:56 -05:00
Nick Mathewson
fae4d3d925 Merge remote-tracking branch 'asn/remove_legacy_guards' 2017-01-24 09:01:25 -05:00
Nick Mathewson
9023d7361d Fix return type in test_hs_intropoint.c
In trunnel, {struct}_encoded_len() can return negative values.

Coverity caught this as 1398957.
2017-01-19 08:26:55 -05:00
Nick Mathewson
85a17ee2e7 whitespace fixes 2017-01-18 17:14:42 -05:00
Nick Mathewson
88e4ffab9e Merge remote-tracking branch 'dgoulet/ticket20029_030_06-resquash' 2017-01-18 17:13:36 -05:00
David Goulet
50cfc98340 prop224: Add unit tests for INTRODUCE1 support
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-18 16:58:54 -05:00
David Goulet
e1497744c8 prop224: Add INTRODUCE1 cell relay support
Closes #20029

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-18 16:58:33 -05:00
Nick Mathewson
6d03e36fd0 Remove GS_TYPE_LEGACY 2017-01-18 15:37:01 -05:00
Nick Mathewson
a31a5581ee Remove UseDeprecatedGuardAlgorithm. 2017-01-18 15:33:26 -05:00
Nick Mathewson
472b277207 Remove the (no longer compiled) code for legacy guard selection.
Part of 20830.
2017-01-18 15:27:10 -05:00
Nick Mathewson
9d47f4d298 Fix a memory leak in bench.c 2017-01-18 14:29:52 -05:00
Nick Mathewson
e69afb853d Merge branch 'bug19769_19025_029' 2017-01-18 09:02:48 -05:00
Nick Mathewson
a969ae8e21 test_cfmt_connected_cells: use TTL value that's above the new min.
Related to 19769.
2017-01-18 08:56:34 -05:00
Nick Mathewson
609065f165 DefecTor countermeasure: change server- and client-side DNS TTL clipping
The server-side clipping now clamps to one of two values, both
for what to report, and how long to cache.

Additionally, we move some defines to dns.h, and give them better
names.
2017-01-18 08:55:57 -05:00
Neel Chauhan
9e5512b48d Disallow setting UseBridges to 1 and UseEntryGuards to 0 2017-01-14 14:55:23 -05:00
Nick Mathewson
94e8f60901 Merge branch 'ipv6-only-client_squashed' 2017-01-13 16:49:48 -05:00
teor
5227ff4aad Remove redundant options checks for IPv6 preference conflicts
It is no longer possible for the IPv6 preference options to differ from the
IPv6 usage: preferring IPv6 implies possibly using IPv6.

Also remove the corresponding unit test warning message checks.
(But keep the unit tests themselves - they now run without warnings.)
2017-01-13 16:49:27 -05:00
Nick Mathewson
3e45b12f38 Merge remote-tracking branch 'dgoulet/bug21054_030_01' 2017-01-13 16:45:55 -05:00
Nick Mathewson
ac75c33991 fix wide lines 2017-01-13 16:35:35 -05:00
David Goulet
c0a0c19725 test: Add ESTABLISH_INTRO unit tests
This commit adds 3 unit tests which validates a wrong signature length, a
wrong authentication key length and a wrong MAC in the cell.

Closes #20992

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-10 09:24:21 -05:00
Nick Mathewson
f4ebbf7567 fixup! Fix unit test failures in response to DNS hijacking. 2017-01-04 09:03:41 -05:00
Nick Mathewson
c4a6b56cc1 Fix unit test failures in response to DNS hijacking.
Some DNS NXDOMAIN hijackers hijack truly ridiculous domains, like
"invalid-stuff!!" or "1.2.3.4.5".  This would provoke unit test
failures where we used addresses like that to force
tor_addr_lookup() to fail.  The fix, for testing, is to mock
tor_addr_lookup() with a variant that always fails when it gets
a name with a !.

Fixes bugs 20862 and 20863.
2017-01-03 10:17:00 -05:00
Nick Mathewson
1a45398ffa Fix double-free on test failure
Found by coverity scan; CID 1398167.
2016-12-27 10:20:13 -05:00
cypherpunks
04f21f0322 Remove abort handler from the backtrace generator
The abort handler masks the exit status of the backtrace generator by
capturing the abort signal from the backtrace handler and exiting with
zero. Because the output of the backtrace generator is meant to be piped
to `bt_test.py`, its exit status is unimportant and is currently
ignored.

The abort handler calls `exit(3)` which is not asynchronous-signal-safe
and calling it in this context is undefined behavior [0].

Closes ticket 21026.

[0] https://www.securecoding.cert.org/confluence/x/34At
2016-12-23 10:54:17 -05:00
Nick Mathewson
0087fe36c1 Merge remote-tracking branch 'dgoulet/bug20572_030_01' 2016-12-23 10:03:35 -05:00
Hans Jerry Illikainen
a23fd15786 Fix unreachable heap corruption in base64_decode()
Give size_mul_check() external linkage and use it in base64_decode() to
avoid a potential integer wrap.

Closes #19222
2016-12-23 09:47:09 -05:00
David Goulet
2d1fa58fb4 test: Add unit test for prune_services_on_reload()
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-21 15:00:19 -05:00
Nick Mathewson
60769e710f Port fuzz_http to use fuzzing_common.
Move common logic from fuzz_http to fuzzing_common.
2016-12-19 15:34:56 -05:00
teor
a967d568dc Add a fuzzer for the http used in our directory protocol
(Teor wrote the code, nick extracted it.  It won't compile yet.)
2016-12-19 15:34:56 -05:00
Nick Mathewson
b96c70d668 Fuzzing: Add an initial fuzzing tool, for descriptors.
This will need some refactoring and mocking.
2016-12-19 15:34:55 -05:00
Nick Mathewson
ff08be56ac Fix another pointless stack-protector warning.
This is the same as we fixed in 39f4554687.
2016-12-16 14:06:25 -05:00
J. Ryan Stinnett
19cf074f4d hs: Remove private keys from hs_desc_plaintext_data_t.
Since both the client and service will use that data structure to store the
descriptor decoded data, only the public keys are common to both.

Fixes #20572.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-16 12:48:33 -05:00
Nick Mathewson
698ed75e1a Resolve some coverity complaints in test_entrynodes.c 2016-12-16 12:23:46 -05:00
Nick Mathewson
79a24750ba Fix broken entrynodes/retry_unreachable test
I broke this with 20292ec497 when I
changed the primary guard retry schedule.
2016-12-16 11:49:07 -05:00
Nick Mathewson
990a863d7c Merge branch 'ticket20831_v2' 2016-12-16 11:40:19 -05:00
Nick Mathewson
506bd6d47c Make NumDirectoryGuards work with the new guard algorithm.
Now that we support NumEntryGuards, NumDirectoryGuards is pretty
easy to put back in.
2016-12-16 11:34:31 -05:00
Nick Mathewson
3902a18a69 Remove UseDirectoryGuards
It is obsoleted in an always-on direction by prop271.
2016-12-16 11:32:51 -05:00
Nick Mathewson
2cee38f76a Merge branch 'prop271_030_v1_squashed' 2016-12-16 11:20:59 -05:00
Nick Mathewson
6867950432 Wrap all of the legacy guard code, and its users, in #ifdefs
This will make it easier to see what we remove down the line.
2016-12-16 11:06:22 -05:00
Nick Mathewson
72dc2ae319 Tests for choosing which guard_selection to use 2016-12-16 11:06:21 -05:00
Nick Mathewson
d9f010db84 Update node-selection tests to consider restrictions 2016-12-16 11:06:21 -05:00
Nick Mathewson
7361e1b499 Tests for restricted-circuit cases of upgrade_waiting_circuits() 2016-12-16 11:06:21 -05:00
Nick Mathewson
79d3e94f8b prop271: Tests for the highlevel or_state_t encode/decode functions 2016-12-16 11:06:20 -05:00
Nick Mathewson
171981f8a0 Add a test for entry_guard_state_should_expire() 2016-12-16 11:06:20 -05:00
Nick Mathewson
13315812e8 Repair unit test for tiny-network case.
The test assumed that the old rules about handling small max_sample
were in effect, and didn't actually handle that case very well
anyway.
2016-12-16 11:06:20 -05:00
Nick Mathewson
87f9b42179 Implement support for per-circuit guard restrictions.
This is an important thing I hadn't considered when writing prop271:
sometimes you have to restrict what guard you use for a particular
circuit.  Most frequently, that would be because you plan to use a
certain node as your exit, and so you can't choose that for your
guard.

This change means that the upgrade-waiting-circuits algorithm needs
a slight tweak too: circuit A cannot block circuit B from upgrading
if circuit B needs to follow a restriction that circuit A does not
follow.
2016-12-16 11:06:20 -05:00
Nick Mathewson
6c3f555a8c Re-enable some disabled tests about switching guard_selections 2016-12-16 11:06:19 -05:00
Nick Mathewson
84bfa895d7 Change return value of entry_guard_succeeded to an enum.
George pointed out that (-1,0,1) for (never usable, maybe usable
later, usable right now) was a pretty rotten convention that made
the code harder to read.
2016-12-16 11:06:19 -05:00
Nick Mathewson
1d52ac4d3f Lay down some infrastructure for bridges in the New Guard Order.
This includes:
  * making bridge_info_t exposed but opaque
  * allowing guards where we don't know an identity
  * making it possible to learn the identity of a guard
  * creating a guard that lacks a node_t
  * remembering a guard's address and port.
  * Looking up a guard by address and port.
  * Only enforcing the rule that we need a live consensus to update
    the "listed" status for guards when we are not using bridges.
2016-12-16 11:06:18 -05:00
Nick Mathewson
89f5f149df Remove guard_selection argument from status-reporting functions
This prevents us from mixing up multiple guard_selections
2016-12-16 11:06:18 -05:00
Nick Mathewson
404e9e5611 Have multiple guard contexts we can switch between.
Currently, this code doesn't actually have the contexts behave
differently, (except for the legacy context), but it does switch
back and forth between them nicely.
2016-12-16 11:06:18 -05:00
Nick Mathewson
08d3ca2e56 More entry guard tests: for cancel, and for upgrade. 2016-12-16 11:06:17 -05:00
Nick Mathewson
fcb50f1839 Test for entry_guard_has_higher_priority(). 2016-12-16 11:06:17 -05:00
Nick Mathewson
c6d218c44b Unit tests for entry_guard_{pick_for_circuit,succeeded,failed} 2016-12-16 11:06:17 -05:00
Nick Mathewson
d2af9826fd Turn #defines for prop271 into networkstatus params
Some of these will get torrc options to override them too; this
is just the mechanical conversion.

Also, add documentation for a couple of undocumented (but now used)
parameters.
2016-12-16 11:06:17 -05:00
Nick Mathewson
039bd01767 Add a wrapper for a common networkstatus param pattern
We frequently want to check a networkstatus parameter only when it
isn't overridden from the torrc file.
2016-12-16 11:06:16 -05:00
Nick Mathewson
9cad2628dd Test no-consensus case for filter. 2016-12-16 11:06:16 -05:00
Nick Mathewson
a7bc73935b Test get_guard_selection_by_name 2016-12-16 11:06:15 -05:00
Nick Mathewson
ac67819396 Make sure primary-guards are up-to-date when we inspect them.
(Plus some magic to prevent and detect recursive invocation of
entry_guards_update_primary(), since that can cause some pretty
tricky misbehavior.)
2016-12-16 11:06:15 -05:00
Nick Mathewson
92139b0077 Fix a lovely heisenbug in rend_cache/store_v2_desc_as_client
Act I.

    "                    But that I am forbid
     To tell the secrets of my prison-house,
     I could a tale unfold..."

Here's the bug: sometimes, rend_cache/store_v2_desc_as_client would
say:

"Dec 15 08:31:26.147 [warn] rend_cache_store_v2_desc_as_client():
   Bug: Couldn't decode base32 [scrubbed] for descriptor id. (on Tor
   0.3.0.0-alpha-dev 4098bfa260)"

When we merged ade5005853 back in 0.2.8.1-alpha, we added that
test: it mangles the hidden service ID for a hidden service, and
ensures that when the descriptor ID doesn't match the descriptor's
key, we don't store the descriptor.

How did it mangle the descriptor ID?  By doing
     desc_id_base32[0]++;

So, if the hidden service ID started with z or 7, we'd wind up with an
invalid base32 string, and get the warning.  And if it started with
any other character, we wouldn't.

That there is part 1 of the bug: in 2/32 cases, we'd get a BUG
warning.  But we wouldn't display it, since warnings weren't shown
from the unit tests.

Act II.

    "Our indiscretion sometime serves us well,
     When our deep plots do pall"

Part two: in 0.2.9.3-alpha, for part of #19999, we turned on BUG
warnings in the unit tests, so that we'd actually start seeing them.
At this point we also began to consider each BUG warning that made
it through the unit tests to be an actual bug.  So before this
point, we wouldn't actually notice anything happening in those 2/32
cases.

So, at this point it was a nice random _visible_ bug.

Act III.

   "Our thoughts are ours, their ends none of our own"

In acbb60cd63, which was part of my prop220 work, I
changed how RSA key generation worked in the unit tests.  While
previously we'd use pre-made RSA keys in some cases, this change
made us use a set of pregenerated RSA keys for _all_ 1024 or 2048
keys, and to return them in a rotation when Tor tried to generate a
key.

And now we had the heisenbug: anything that affected the number of
pregenerated keys that we had yielded before reaching
rend_cache/store_v2_desc_as_client would make us return a different
key, which would give us a different base32 ID, which would make the
bug occur, or not.  So as we added or removed test cases, the bug
might or might not happen.

So yeah.  Don't mangle a base32 ID like that.  Do it this way instead.
2016-12-15 08:42:03 -05:00
Nick Mathewson
a8ac2a62cb Fix a few clang warnings. 2016-12-14 16:01:27 -05:00
Nick Mathewson
81360c4a5f whitespace fixes 2016-12-14 15:41:08 -05:00
Nick Mathewson
c838d34921 Merge branch 'dgoulet_ticket19043_030_03_squashed' 2016-12-14 15:28:28 -05:00
David Goulet
118691cd47 crypto: Change crypto_mac_sha3_256 to use the key length in the construction
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-14 15:18:40 -05:00
George Kadianakis
297213825b prop224: Add unittests handling v3 ESTABLISH_INTRO cells.
Test for both v2 and v3 ESTABLISH_INTRO handling.
2016-12-14 15:18:40 -05:00
George Kadianakis
9192e5928c prop224 prepwork: Use of HS circuitmap in existing HS code.
The new HS circuitmap API replaces old public functions as follows:
   circuit_clear_rend_token -> hs_circuitmap_remove_circuit
   circuit_get_rendezvous -> hs_circuitmap_get_rend_circ
   circuit_get_intro_point -> hs_circuitmap_get_intro_circ_v2
   circuit_set_rendezvous_cookie -> hs_circuitmap_register_rend_circ
   circuit_set_intro_point_digest -> hs_circuitmap_register_intro_circ_v2

This commit also removes the old rendinfo code that is now unused.
It also fixes the broken rendinfo unittests.
2016-12-14 15:17:58 -05:00
George Kadianakis
b9010c8bf5 prop224 prepwork: Introduce HMAC-SHA3 function. 2016-12-14 15:17:57 -05:00
Nick Mathewson
54069b97d3 whitespace fix 2016-12-12 09:51:49 -05:00
Nick Mathewson
b659ffe9ac Merge remote-tracking branch 'jryans/log-severity' 2016-12-12 09:46:07 -05:00
Nick Mathewson
1ad96ed9cd Merge remote-tracking branch 'rubiate/ticket20511' 2016-12-12 09:20:56 -05:00
Nick Mathewson
8143c30a5c helper_compare_hs_desc: coverity memleak complaints
This test helper had a memory leak on failure, which Coverity Scan
doesn't like.  Closes CID 1375996 and 1375997. Not in any released
Tor.
2016-12-12 08:10:05 -05:00
Nick Mathewson
7601edc29a Merge remote-tracking branch 'dgoulet/bug20936_030_01' 2016-12-11 21:19:03 -05:00
Nick Mathewson
3e4a1ed7bb Merge branch 'maint-0.2.9' 2016-12-11 20:40:12 -05:00
David Goulet
f3c040e33e test: fix memory leak in single onion poisoning
Closes #20938

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-09 12:59:40 -05:00
David Goulet
d01a6c07ae test: Fix memory leak in test_circuituse.c
Circuit object wasn't freed correctly. Also, the cpath build state object
needed to be zeroed else we were freeing garbage pointers.

Closes #20936

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-09 10:20:14 -05:00
Nick Mathewson
39f4554687 Fix a completely stupid stack-protector warning in test_channels.c
This was breaking the build on debian precise, since it thought that
using a 'const int' to dimension an array made that array
variable-size, and made us not get protection.

Bug not in any released version of Tor.

I will insist that this one wasn't my fault.

        "Variables won't. Constants aren't." -- Osborn's Law
2016-12-08 17:50:01 -05:00
Nick Mathewson
e93234af70 Merge branch 'feature15056_v1_squashed' 2016-12-08 16:49:24 -05:00
Nick Mathewson
835b04819a Add some unit testing for ed25519 IDs in extend2 cells. 2016-12-08 16:48:00 -05:00
Nick Mathewson
921ac5c548 Unit tests for channel identity map code 2016-12-08 16:48:00 -05:00
Nick Mathewson
cd741cc595 Canonicity update for ed25519.
If a node can prove its Ed25519 identity, don't consider connections
to it canonical unless they match both identities.

Includes link handshake changes needed to avoid crashing with bug
warnings, since the tests now reach more parts of the code.

Closes ticket 20355
2016-12-08 16:48:00 -05:00
Nick Mathewson
6aa239df36 Rename connection_or_remove_from_identity_map 2016-12-08 16:47:57 -05:00
Nick Mathewson
85538498b6 Merge branch 'maint-0.2.9' 2016-12-08 07:49:56 -05:00
cypherpunks
9fe6ffa588 Use the correct preprocessor macro for Linux
Also combine all of the checks into one if-tree as only one of them
should actually succeed.
2016-12-08 07:48:19 -05:00
Nick Mathewson
b658893590 Merge branch 'bug19960_2' 2016-12-07 15:23:14 -05:00
Nick Mathewson
53d4e89626 Netbsd doesn't have ipfw, only the regular pf transport stuff.
Attempted fix for 19960.

Also, fixes a typo.
2016-12-07 15:22:44 -05:00
Nick Mathewson
ab013719e5 Merge branch 'maint-0.2.9' 2016-12-07 11:26:02 -05:00
Nick Mathewson
e7ade23f97 Increase verbosity on options/validate__transproxy
This is an attempt to figure out what's up with #19960
2016-12-07 11:24:58 -05:00
Nick Mathewson
1d45438ef0 Capture warning in dir/purpose_needs_anonymity_returns_true_by_default 2016-12-07 11:19:49 -05:00
Nick Mathewson
b0a842913a Merge branch 'maint-0.2.9' 2016-12-07 11:09:27 -05:00
Nick Mathewson
fce425e3ff Increase tolerances in util/monotonic_time tests
This is an attempt to fix #19974.
2016-12-07 11:08:54 -05:00
J. Ryan Stinnett
9b2b799d82 Accept non-space whitespace characters in log severity syntax.
Adds a test_config_parse_log_severity unit test to verify behavior.

Fixes #19965.
2016-12-06 11:11:43 -10:00
Nick Mathewson
f96f4c0e42 Merge remote-tracking branch 'chelseakomlo/circuituse' 2016-12-05 08:25:22 -05:00
Nick Mathewson
f7e8bd640a Merge branch 'maint-0.2.9' 2016-12-05 08:13:14 -05:00
teor
e8ce57e6e8
Move a comment in test_single_onion_poisoning 2016-12-03 06:30:58 +11:00
teor
8d42aab3f6
Add a missing return value check in test_single_onion_poisoning 2016-12-03 06:30:06 +11:00
teor
fdd368d656
Remove a double-free in test_single_onion_poisoning
We were freeing both dir{1,2} directly, and service_{1,2}->directory via
rend_service_free, even though they are the same pointer.
2016-12-03 06:27:32 +11:00
teor
c100c5c69b
Refactor poison_dir allocation and free in test_single_onion_poisoning
This pattern is much less error-prone when future changes are made.
2016-12-03 06:25:46 +11:00
Nick Mathewson
6f101f96a6 Merge branch 'maint-0.2.9' 2016-12-02 07:40:53 -05:00
Nick Mathewson
1221c5aa02 test_single_onion_poisoning: Free dir[12] on all paths
Coverity doesn't like it when there are paths to the end of the
function where something doesn't get freed, even when those paths
are only reachable on unit test failure.

Fixes CID 1372899 and CID 1372900. Bug not in any released Tor.
2016-12-02 07:39:14 -05:00
Nick Mathewson
5efbd41daa Merge branch 'maint-0.2.9' 2016-12-01 09:50:17 -05:00
Nick Mathewson
f8a7972b29 Merge branch 'bug20638_029_v2_squashed' into maint-0.2.9 2016-12-01 09:45:14 -05:00
teor
f80a43d16f Stop ignoring hidden service key anonymity when first starting tor
Instead, refuse to start tor if any hidden service key has been used in
a different hidden service anonymity mode.

Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.

The original single onion service poisoning code checked poisoning state
in options_validate, and poisoned in options_act. This was problematic,
because the global array of hidden services had not been populated in
options_validate (and there were ordrering issues with hidden service
directory creation).

This patch fixes this issue in rend_service_check_dir_and_add, which:
* creates the directory, or checks permissions on an existing directory, then
* checks the poisoning state of the directory, then
* poisons the directory.

When validating, only the permissions checks and the poisoning state checks
are perfomed (the directory is not modified).
2016-12-01 09:44:53 -05:00
teor
91abd60cad Update unit tests for 20484, 20529
Add extra logging and extra validity checks for hidden services.
2016-12-01 09:44:53 -05:00
Nick Mathewson
a7762930c3 Merge remote-tracking branch 'dgoulet/ticket20568_030_01' 2016-12-01 09:23:36 -05:00
Nick Mathewson
858c8f5593 Make new prop271 entry guards persistent
To do this, it makes sense to treat legacy guards as a separate
guard_selection_t *, and handle them separately.  This also means we
add support here for having multiple guard selections.

Note that we don't persist pathbias information yet; that will take
some refactoring.
2016-11-30 14:44:43 -05:00
Nick Mathewson
dbbaa51518 Use the new guard notification/selection APIs throughout Tor
This patch doesn't cover every case; omitted cases are marked with
"XXXX prop271", as usual.  It leaves both the old interface and the
new interface for guard status notification, since they don't
actually work in the same way: the new API wants to be told when a
circuit has failed or succeeded, whereas the old API wants to know
when a channel has failed or succeeded.

I ran into some trouble with directory guard stuff, since when we
pick the directory guard, we don't actually have a circuit to
associate it with.  I solved that by allowing guard states to be
associated with directory connections, not just circuits.
2016-11-30 14:42:53 -05:00
Nick Mathewson
8dc6048c02 Add an (as yet) unused UseDeprecatedGuardAlgorithm_ option.
I expect we'll be ripping this out somewhere in 0.3.0, but let's
keep it around for a little while in case it turns out to be the
only way to avert disaster?
2016-11-30 14:42:53 -05:00
Nick Mathewson
7bf946965b Implement most of the prop271 data structure backends.
This code handles:
  * Maintaining the sampled set, the filtered set, and the
    usable_filtered set.
  * Maintaining the confirmed and primary guard lists.
  * Picking guards for circuits, and updating guard state when
    circuit state changes.

Additionally, I've done code structure movement: even more constants
and structures from entrynodes.c have become ENTRYNODES_PRIVATE
fields of entrynodes.h.

I've also included a bunch of documentation and a bunch of unit
tests.  Coverage on the new code is pretty high.

I've noted important things to resolve before this branch is done
with the /XXXX.*prop271/ regex.
2016-11-30 14:42:52 -05:00
Nick Mathewson
21c47c4410 Add a smartlist_remove_keeporder() function, with tests. 2016-11-30 14:42:52 -05:00
Nick Mathewson
8da24c99bd Split bridge functions into a new module.
This patch is just:
   * Code movement
   * Adding headers here and there as needed
   * Adding a bridges_free_all() with a call to it.

It breaks compilation, since the bridge code needed to make exactly
2 calls into entrynodes.c internals.  I'll fix those in the next
commit.
2016-11-30 14:42:52 -05:00
Nick Mathewson
dd6def5daf Initial code to parse/encode/sample prop271 guards
The encoding code is very straightforward.  The decoding code is a
bit tricky, but clean-ish.  The sampling code is untested and
probably needs more work.
2016-11-30 14:42:52 -05:00
Nick Mathewson
539eba0a4b Teach parse_iso_time about the spaceless variant.
(We previously added support for generating the spaceless
2016-11-14T19:58:12 variant, but not for actually parsing it.)
2016-11-30 14:42:52 -05:00
Nick Mathewson
823357dbe4 Add an entry_guard_describe() function
This function helpfully removes all but one remaining use of
an entry_guard_t private field in pathbias.c
2016-11-30 14:42:52 -05:00
Nick Mathewson
be447bc770 Move path-bias fields into a separate structure
(Other than the field movement, the code changes here are just
search-and-replace)
2016-11-30 14:42:52 -05:00
Chelsea H. Komlo
c86bbdd3ae
adding documentation to extracted unit test helper 2016-11-24 08:12:36 -05:00
Chelsea H. Komlo
118bba7622
Refactor to remove unnecessary check in circuit_is_available_for_use 2016-11-24 08:12:33 -05:00
Chelsea H. Komlo
afb6ae7b0f
Refactor circuit_predict_and_launch_new 2016-11-24 08:12:30 -05:00
Chelsea H. Komlo
b95998ef0c
moving useful test helper to test_helpers.h 2016-11-24 08:12:27 -05:00
Nick Mathewson
c35d481f56 Merge branch 'maint-0.2.9' 2016-11-21 12:44:21 -05:00
Nick Mathewson
e2c881487c Merge remote-tracking branch 'arma/bug20423' into maint-0.2.9 2016-11-21 12:40:08 -05:00
Nick Mathewson
427dcb29b5 Merge branch 'maint-0.2.9' 2016-11-17 20:08:15 -05:00
Roger Dingledine
3bb40b213b refactor router_pick_published_address to have another arg
no change in behavior except fewer log entries in the case where we use
a cached result.
2016-11-16 16:13:03 -05:00
teor
150a2b39b0
fixup! Add expect_log_msg_containing_either3() and expect_log_msg_containing_either4()
Fix typos:
    * extra '('
    * use assert_log_predicate (without 3 or 4 at the end)

Tidy whitespace.
Wrap long lines.
2016-11-16 13:14:00 +11:00
Neel Chauhan
0825fc6af9
Add all four error messages to test_address_get_if_addrs6_list_no_internal() 2016-11-16 12:57:13 +11:00
Neel Chauhan
01492d3869
Add all four error messages to test_address_get_if_addrs6_list_internal() 2016-11-16 12:57:09 +11:00
Neel Chauhan
cccc08ad56
Add expect_log_msg_containing_either3() and expect_log_msg_containing_either4() 2016-11-16 12:57:05 +11:00
Neel Chauhan
9f74f8f732 Move encode_cert to torcert.c and rename it to tor_cert_encode_ed22519()
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-10 11:00:50 -05:00
Nick Mathewson
0980787f91 Merge remote-tracking branch 'dgoulet/bug20570_030_01' 2016-11-10 09:28:31 -05:00
Nick Mathewson
217b895831 Merge remote-tracking branch 'dgoulet/ticket19642_030_01' 2016-11-10 09:16:00 -05:00
rubiate
d46c1b49a4 Do not serve a consensus if it is too old
Closes ticket 20511.
2016-11-10 10:16:18 +13:00
Nick Mathewson
c58592e658 Merge branch 'maint-0.2.9' 2016-11-08 18:51:19 -05:00
Nick Mathewson
89ec191b68 Merge remote-tracking branch 'public/bug20306_029' into maint-0.2.9 2016-11-08 18:51:07 -05:00
David Goulet
34f14a35b6 hs: Add single-onion-service line to v3 descriptor
This field indicates if the service is a Single Onion Service if present in
the descriptor.

Closes #19642

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-08 13:22:42 -05:00
Nick Mathewson
3e3040a5d9 Merge branch 'maint-0.2.9'
Conflicts:
	src/or/rendservice.c
2016-11-07 16:31:40 -05:00
Nick Mathewson
c2fc0941a5 Merge remote-tracking branch 'teor/bug20484_029_v2' into maint-0.2.9 2016-11-07 16:12:13 -05:00
Nick Mathewson
7236e42684 Merge branch 'maint-0.2.9' 2016-11-07 16:10:55 -05:00
Nick Mathewson
e482541cfb Fix another 20499-broken test 2016-11-07 16:10:42 -05:00
Nick Mathewson
d2071c36f6 Fix a unit test (broken by recent 20499 hacking) 2016-11-07 16:02:55 -05:00
David Goulet
18e0a0b70d test: Remove useless HS decode multiple intro points
The test was broken and skipped because the hardcoded cross certificate didn't
include the dynamically generated signing key generated by the test. The only
way we could have fixed that is extracting the signing key from the hardcoded
string and put it in the descriptor object or dynamically generate the cross
certificate.

In the end, all this was kind of pointless as we already test the decoding of
multiple introduction points elsewhere and we don't gain anything with that
specific test thus the removal.

Fixes #20570

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-07 10:59:30 -05:00
Nick Mathewson
61612f980d Merge branch 'maint-0.2.9' 2016-11-06 20:24:29 -05:00
Nick Mathewson
def41e93bd In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/
(We weren't actually using these ciphers; we were just requing that
ciphers of that name existed.)

Patch from rubiate.  Fixes 20460
2016-11-06 20:23:40 -05:00
Nick Mathewson
0fed324c2c Would you believe me if I said there were more 32-bit and clang warnings? 2016-11-04 15:47:28 -04:00
Nick Mathewson
f45a581486 Fix some 32-bit warnings and clang warnings 2016-11-04 15:24:30 -04:00
David Goulet
c1bbc8405b prop224: Fix memleaks in hs descriptor unit test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 14:47:09 -04:00
Nick Mathewson
7a78a37f1d Fix memory leaks in test_hs_cache.c 2016-11-04 14:39:35 -04:00
Nick Mathewson
ed4aebcd97 Fix more unit test leaks. 2016-11-04 14:35:15 -04:00
David Goulet
791625750e prop224: Remove pointless unit test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 14:31:28 -04:00
Nick Mathewson
1a03edefba Fix a heap overrun in test_decode_plaintext 2016-11-04 14:28:19 -04:00
Nick Mathewson
d16b4b3e48 Fix memory leaks in hs_descriptor/decode_descriptor and in encode_enc_key() 2016-11-04 14:27:45 -04:00
Nick Mathewson
a4291eef5a Expose desc_intro_point_free to the tests, and use it.
Also fix another couple of leaks.
2016-11-04 14:22:04 -04:00
Nick Mathewson
29ae8dcf96 Fix a bunch of leaks in hs_cache/upload_and_download_hs_desc 2016-11-04 14:13:30 -04:00
Nick Mathewson
6847b9f6af Fix make check-spaces 2016-11-04 14:00:08 -04:00
Nick Mathewson
0e2df2b653 Tell a broken test to skip itself 2016-11-04 13:57:07 -04:00
David Goulet
b876e5128a prop224: fix unit test to actually initialize a connection object
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 13:53:20 -04:00
Nick Mathewson
c35c43d7d9 Merge branch 'ticket17238_029_02-resquash'
Conflicts:
	src/or/rendclient.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/test/test_dir.c
	src/trunnel/ed25519_cert.h
2016-11-04 13:26:37 -04:00
David Goulet
3f29688bdf prop224: Use a const pointer for the cache lookup entry
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 10:32:50 -04:00
David Goulet
1263f74a12 prop224: Rename cert type to follow naming convention
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 10:32:50 -04:00
George Kadianakis
d795ed5871 Make check-spaces happy :)
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:32:50 -04:00
George Kadianakis
a8efd087bd test: Add prop224 directory fetch/upload unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:32:50 -04:00
David Goulet
45a72356cb prop224: Directory support for v3 descriptor publishing
Closes #19205

Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:32:49 -04:00
David Goulet
1aeaba4906 test: Add prop224 directory cache unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:32:49 -04:00
David Goulet
025610612d prop224: Directory cache support
This implements the proposal 224 directory descriptor cache store and lookup
functionalities. Furthermore, it merges the OOM call for the HSDir cache with
current protocol v2 and the new upcoming v3.

Add hs_cache.{c|h} with store/lookup API.

Closes #18572

Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:31:35 -04:00
David Goulet
473f99bf7b test: Add prop224 descriptor unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:29:28 -04:00
David Goulet
8293356ad9 hs: Refactor rend_data_t for multi version support
In order to implement proposal 224, we need the data structure rend_data_t to
be able to accomodate versionning that is the current version of hidden
service (2) and the new version (3) and future version.

For that, we implement a series of accessors and a downcast function to get
the v2 data structure. rend_data_t becomes a top level generic place holder.

The entire rend_data_t API has been moved to hs_common.{c|h} in order to
seperate code that is shared from between HS versions and unshared code (in
rendcommon.c).

Closes #19024

Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04 10:29:26 -04:00
Nick Mathewson
80a5091e4f Merge remote-tracking branch 'mintytoast/bug_19563' 2016-11-03 18:40:41 -04:00
Nick Mathewson
63c94954b1 Fix BUG message in channel/queue_impossible 2016-11-03 18:34:44 -04:00
overcaffeinated
dce4603d9b Use tor_htonll in test_util_format_unaligned_accessors
Remove the inline htonll, switch to tor_htonll for
test_util_format_unaligned_accessors.
2016-11-03 21:18:02 +00:00
overcaffeinated
c613446ca2 Refactor tests for tor_htonll and tor_ntohll
Following kind feedback from dgoulet: add tests for min (0) and
max (UINT64_MAX) values. Rename expected results to something more
sensible than 'n'.
2016-11-03 20:52:11 +00:00
overcaffeinated
c4603233db Add unit test for tor_htonll and tor_ntohll
Add tests for tor_htonll and tor_ntohll - fixes bug 19563.
2016-11-03 19:37:59 +00:00
Nick Mathewson
409984c6ae Fix two warnings in test_link_handshake.c
One is fixed by disabling the -Wredundant-decls warnings around
openssl headers here, because of the old double-declaration of
SSL_get_selected_srtp_profile().

One is fixed by including compat.h before or.h so that we get the
winsock2.h include before the windows.h include.
2016-11-03 11:16:06 -04:00
Nick Mathewson
32854aef28 whitespace fixes 2016-11-03 08:55:54 -04:00
Nick Mathewson
d9ca4e20bd Merge branch 'feature_15055_v2' 2016-11-03 08:44:46 -04:00
Nick Mathewson
805e97a433 Drop support for AUTHTYPE_RSA_SHA256_RFC5705 authentication.
This was a stopgap method, designed on the theory that some routers
might support it before they could support Ed25519.  But it looks
like everybody who supports RFC5705 will also have an Ed25519 key,
so there's not a lot of reason to have this even supported.
2016-11-03 08:40:10 -04:00
Nick Mathewson
d4c57909f8 Test failing cases of ed25519 authentication. 2016-11-03 08:40:10 -04:00
Nick Mathewson
acbb60cd63 Move unittests' RSA pregen code into a new file, and improve.
This patch moves the pregenerated RSA key logic into a new
testing_rsakeys.c.

Also, it adds support for RSA2048, since the link handshake tests
want that.

Also, it includes pregenerated keys, rather than trying to actually
generate the keys at startup, since generating even a small handful
of RSA2048 keys makes for an annoying delay.
2016-11-03 08:40:10 -04:00
Nick Mathewson
af2459f09e Unit tests for cert-chain-processing, including failed cases
Check out the coverage!
2016-11-03 08:40:10 -04:00
Nick Mathewson
672fe4bee4 Extend link handshake tests to handle successful Ed25519 handshakes.
Success cases only. Failure cases to come.
2016-11-03 08:40:09 -04:00
Nick Mathewson
88c2a6b936 Send and receive AUTHENTICATE cells correctly with ED keys.
Includes updated test for authchallenge cells
2016-11-03 08:39:31 -04:00
Nick Mathewson
e64bac6eb4 Increase TLS RSA link key length to 2048 bits
Oddly, nothing broke.

Closes ticket 13752.
2016-11-03 08:39:30 -04:00
Nick Mathewson
99b3e54691 Add "Ed ID" arguments to a bunch of connection-ID-related fns.
In particular, these functions are the ones that set the identity of
a given connection or channel, and/or confirm that we have learned
said IDs.

There's a lot of stub code here: we don't actually need to use the
new keys till we start looking up connections/channels by Ed25519
IDs.  Still, we want to start passing the Ed25519 IDs in now, so it
makes sense to add these stubs as part of 15055.
2016-11-03 08:37:22 -04:00
Nick Mathewson
0b4221f98d Make the current time an argument to x509 cert-checking functions
This makes the code a bit cleaner by having more of the functions be
pure functions that don't depend on the current time.
2016-11-03 08:37:22 -04:00
Nick Mathewson
e3c8253721 Add function to check RSA->Ed cross-certifications
Also, adjust signing approach to more closely match the signing
scheme in the proposal.

(The format doesn't quite match the format in the proposal, since
RSA signatures aren't fixed-length.)

Closes 19020.
2016-11-03 08:37:22 -04:00
Nick Mathewson
348b90a915 Refactor RSA certificate checking into its own function. 2016-11-03 08:37:22 -04:00
Nick Mathewson
e23389841c Migrate certificates into a sub-structure of or_handshake_state
This will help us do cert-checking in the background in the future,
perhaps.
2016-11-03 08:37:21 -04:00
teor
01fe039b78
Test single onion service configs where the directory does not exist
Runs a test for each combination of create/don't create directories.

Tests #20484.
2016-11-02 14:17:52 +11:00
teor
13fbbe9cce
Make sure passthrough_test_setup doesn't inadvertently fail or skip tests
passthrough_test_setup doesn't pass through arguments if the argument
is equal to 0 or TT_SKIP. Instead, it fails or skips the test.

Assert on this, so we don't accidentally fail or skip tests.
2016-11-02 14:16:14 +11:00
teor
77e1d660ee
Add get_fname_rnd for unit tests that want a unique path every time 2016-11-02 14:14:19 +11:00
teor
d7634dc519
Create get_fname_suffix, and refactor get_fname to use it 2016-11-02 14:13:34 +11:00
teor
fedafe7c0e
Use check_private_dir in test_single_onion_poisoning
This avoids Win32 conditionals for mkdir.
2016-11-02 11:37:11 +11:00
Nick Mathewson
25f53955f6 Merge branch 'maint-0.2.9' 2016-11-01 13:32:29 -04:00
Nick Mathewson
ff3e08f2af Attempt to fix unit tests on netbsd 2016-11-01 13:32:21 -04:00
Nick Mathewson
d73c671d6d policy_is_reject_star():
ome policies are default-reject, some default-accept.  But
policy_is_reject_star() assumed they were all default_reject.  Fix
that!

Also, document that policy_is_reject_star() treats a NULL policy as
empty. This allows us to simplify the checks in
parse_reachable_addresses() by quite a bit.

Fxes bug 20306; bugfix on 0.2.8.2-alpha.
2016-10-31 15:05:56 -04:00
Matt Traudt
183fbc4137 Hopefully fix int64 comparisons in test_dir_networkstatus_compute_bw_weights_v10 2016-10-28 11:37:28 -04:00
Nick Mathewson
172b124006 Resolve memory leaks in test_dir_networkstatus_compute_bw_weights_v10 2016-10-27 09:41:19 -04:00
overcaffeinated
e2577cce0c Convert remaining files to smartlist_add_strdup
The coccinelle script produced errors with these test files so
convert the remaining cases of smartlist_add to
smartlist_add_strdup by hand.
2016-10-27 11:15:57 +01:00
overcaffeinated
265d5446fa Automated change to use smartlist_add_strdup
Use the following coccinelle script to change uses of
smartlist_add(sl, tor_strdup(str)) to
smartlist_add_strdup(sl, string) (coccinelle script from nickm
via bug 20048):

@@
expression a;
expression b;
@@
- smartlist_add
+ smartlist_add_strdup
   (a,
- tor_strdup(
   b
- )
  )
2016-10-27 10:26:06 +01:00
Matt Traudt
6629c5c3fe Add historic bwweight tests, comments, line len fixes 2016-10-26 16:37:16 -04:00
Matt Traudt
7ba0ae9426 Add consensus weight calculation tests 2016-10-26 16:37:16 -04:00
Nick Mathewson
8cc528c750 Allow asking a bridge's own descriptor over one-hop connection
When we refactored purpose_needs_anonymity(), we made it so _all_
bridge requests required anonymity.  But that missed the case
that we are allowed to ask a bridge for its own descriptor.

With this patch, we consider the resource, and allow "authority.z"
("your own descriptor, compressed") for a bridge's server descriptor
to be non-anonymous.

Fix for bug 20410; bug not in any released Tor.
2016-10-26 08:32:48 -04:00
Nick Mathewson
c87d9b13a4 BUG in purpose_needs_anonymity if switch not matched.
I believe that this should never trigger, but if it does, it
suggests that there was a gap between is_sensitive_dir_purpose and
purpose_needs_anonymity that we need to fill.  Related to 20077.
2016-10-19 18:04:47 -04:00
Nick Mathewson
df387b94e8 Merge remote-tracking branch 'chelseakomlo/master' 2016-10-19 17:17:12 -04:00
Nick Mathewson
9f6bb29b05 Compilation fix. (function pointer implicit cast in tests.) 2016-10-19 17:15:42 -04:00
Nick Mathewson
12cf73c451 Merge remote-tracking branch 'andrea/ticket19858_v2'
Conflict in entrynodes.c: any_bridge_supports_microdescriptors was
removed in master, and modified in 19858_v2
2016-10-19 17:11:47 -04:00
Chelsea H. Komlo
471b0c5175
Refactor purpose_needs_anonymity to use switch statement 2016-10-19 12:25:50 -05:00
Chelsea H. Komlo
195ccce94e
Refactor to use purpose_needs_anonymity and remove is_sensitive_dir_purpose 2016-10-18 18:40:50 -05:00
Nick Mathewson
55c468c521 Whitespace cleaning 2016-10-14 10:40:31 -04:00
Nick Mathewson
af70e43131 Merge remote-tracking branch 'public/spaces_in_unix_addrs' 2016-10-14 10:21:41 -04:00
Nick Mathewson
9615ad338f Make the FreeBSD ersatz_socketpair test even more skippable.
(This is safe, since only windows actually -uses- erstaz_socketpair.)
2016-10-14 09:14:07 -04:00
Nick Mathewson
07f2e5748e ersatz socketpair tests: work around freebsd jails. 2016-10-13 09:47:28 -04:00
Nick Mathewson
0e1b228aa6 Fix a bug in displaying IPv6 addrs in test_op_ipv6_ with --verbose
The test code, if it failed, or if it was run in verbose mode, would
use the wrong variable for its loop.  Patch from rubiate uploaded to
19999.
2016-10-11 20:09:24 -04:00
paolo.ingls@gmail.com
ab78a4df93 torrc parsing b0rks on carriage-return
(Specifically, carriage return after a quoted value in a config
line. Fixes bug 19167; bugfix on 0.2.0.16-alpha when we introduced
support for quoted values. Unit tests, changes file, and this
parenthetical by nickm.)
2016-10-11 09:25:22 -04:00
Nick Mathewson
05aed5b635 Allow a unix: address to contain a C-style quoted string.
Feature 18753 -- all this to allow spaces.
2016-10-04 15:43:20 -04:00
Nick Mathewson
ed5d2daba1 Merge remote-tracking branch 'public/ticket20001_v2' 2016-09-26 11:01:10 -07:00
Nick Mathewson
97337844b7 Merge branch 'protover_v2_squashed' 2016-09-26 11:00:08 -07:00
Nick Mathewson
3a3120819c Rename compute_protover_vote to protover_compute_vote 2016-09-26 10:56:53 -07:00
Nick Mathewson
e402cddefe Clean whitespace, add missing documentation 2016-09-26 10:56:52 -07:00
Nick Mathewson
a232161f7b Cover the error cases of parsing protocol versions
Also, detect an additional failure type. Thanks, tests!

(How distinctly I recall thee)
2016-09-26 10:56:50 -07:00
Nick Mathewson
0697e413ef Unit tests for protover_all_supported 2016-09-26 10:56:49 -07:00
Nick Mathewson
c1be8f9d57 Basic backend for the protocol-versions voting algorithm.
[This is a brute-force method that potentially uses way too much
RAM. Need to rethink this a little. Right now you can DOS an
authority by saying "Foo=1-4294967295".]
2016-09-26 10:56:49 -07:00
Nick Mathewson
4df12239f6 Emit and parse protocol lists in router descriptors 2016-09-26 10:56:49 -07:00
Nick Mathewson
b2b2e1c7f2 checkpoint basic protover backend 2016-09-26 10:56:48 -07:00
Andrea Shepard
006c26f54f Abolish globals in entrynodes.c; relativize guard context to new guard_selection_t structure 2016-09-25 02:11:44 +00:00
Nick Mathewson
0baa276ea9 Coverity warning fix: let coverity tell we're closing sockets
Our use of the (mockable) tor_close_socket() in the util/socket_..
tests confused coverity, which could no longer tell that we were
actually closing the sockets.
2016-09-22 09:24:56 -04:00
Nick Mathewson
6cb9c2cf77 Add support for AES256 and AES192
(This will be used by prop224)
2016-09-16 11:21:33 -04:00
Nick Mathewson
ff116b7808 Simplify the crypto_cipher_t interface and structure
Previously, the IV and key were stored in the structure, even though
they mostly weren't needed.  The only purpose they had was to
support a seldom-used API where you could pass NULL when creating
a cipher in order to get a random key/IV, and then pull that key/IV
back out.

This saves 32 bytes per AES instance, and makes it easier to support
different key lengths.
2016-09-16 10:12:30 -04:00
Nick Mathewson
b08ddb60c9 Ensure that dir1 and dir2 are freed at the end of poisoning test
Found by coverity.
2016-09-14 11:01:21 -04:00
Nick Mathewson
8b7922b282 Merge remote-tracking branch 'teor/feature20072' 2016-09-14 10:18:41 -04:00
Nick Mathewson
4f4e995d42 Merge branch 'bug20081' 2016-09-14 10:17:04 -04:00
teor
16085a8421
Add some chutney single onion networks to make test-network-all
This requires a recent version of chutney, with the single onion
network flavours (git c72a652 or later).

Closes ticket #20072.
2016-09-14 12:17:10 +10:00
Nick Mathewson
831649f56e Fix a memory leak in options/validate__single_onion 2016-09-13 10:40:42 -04:00
Nick Mathewson
2237478045 options/validate__single_onion test: use new log capture api
I changed the API here in deb294ff53, to be less annoying
to use.
2016-09-13 10:22:34 -04:00
Nick Mathewson
9f0cb5af15 Merge branch 'feature-17178-v7-squashed-v2' 2016-09-13 10:20:08 -04:00
teor
f311c9ffa2 Replace OnionService* with HiddenService* in option names
And make consequential line-length adjustments.
2016-09-13 10:13:57 -04:00
teor
365ca3ca0f Refactor Single Onion code to improve consistency
* Check consistency between the two single onion torrc options
* Use the more relevant option each time we check for single onion mode
* Clarify log messages
* Clarify comments
* Otherwise, no behaviour change
2016-09-13 10:13:57 -04:00
teor (Tim Wilson-Brown)
b560f852f2 Implement Prop #260: Single Onion Services
Add experimental OnionServiceSingleHopMode and
OnionServiceNonAnonymousMode options. When both are set to 1, every
hidden service on a tor instance becomes a non-anonymous Single Onion
Service. Single Onions make one-hop (direct) connections to their
introduction and renzedvous points. One-hop circuits make Single Onion
servers easily locatable, but clients remain location-anonymous.
This is compatible with the existing hidden service implementation, and
works on the current tor network without any changes to older relays or
clients.

Implements proposal #260, completes ticket #17178. Patch by teor & asn.

squash! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement Prop #260: Single Onion Services

Redesign single onion service poisoning.

When in OnionServiceSingleHopMode, each hidden service key is poisoned
(marked as non-anonymous) on creation by creating a poison file in the
hidden service directory.

Existing keys are considered non-anonymous if this file exists, and
anonymous if it does not.

Tor refuses to launch in OnionServiceSingleHopMode if any existing keys
are anonymous. Similarly, it refuses to launch in anonymous client mode
if any existing keys are non-anonymous.

Rewrite the unit tests to match and be more comprehensive.
Adds a bonus unit test for rend_service_load_all_keys().
2016-09-13 10:10:54 -04:00
Nick Mathewson
8fdf2f583c Unit tests for proposal 271 client-side implementation 2016-09-13 09:45:55 -04:00
Nick Mathewson
20c4b01694 Make preferred_chunk_size avoid overflow, handle big inputs better
Also, add tests for the function.

Closes 20081; bugfix on 0.2.0.16-alpha. This is a Guido Vranken
issue. Thanks, Guido!
2016-09-13 09:07:12 -04:00
Nick Mathewson
d5d29cd5a2 Whoops. Cant call sockaddr_in a "sin", since sin() is a thing. 2016-09-11 17:59:25 -04:00
Nick Mathewson
ccea2a5aa9 Fix gmtime unit test on openbsd
openbsd helpfully handles gmtime() of INT64_MIN.  Good job!

Our tests didn't handle that so well.
2016-09-11 17:43:20 -04:00
Nick Mathewson
c6e70dacb8 Try to make our ersatz-socketpair test work better on FreeBSD jails 2016-09-11 17:28:29 -04:00
Nick Mathewson
a671a1c9d6 Tweak tor_gmtime_r test.
On openbsd64, I'm seeing a warning that the log isn't saying what
I'd expect, but I'm not seeing what the answer actually _is_ here.
2016-09-11 17:13:51 -04:00
Nick Mathewson
64521a9d35 Merge remote-tracking branch 'public/solaris_warnings_028' 2016-09-11 16:52:24 -04:00
Nick Mathewson
77e2be06f6 make check-spaces 2016-09-09 15:38:46 -04:00
Nick Mathewson
75a7997148 Fix a coupole of coverity complaints. 2016-09-09 15:29:57 -04:00
Nick Mathewson
4c55e8a58f Fix cases where the tests were doing closesocket() on a non-socket
These seem to have caused warnings on windows. Hmmm.
2016-09-09 10:28:12 -04:00
Nick Mathewson
2fe7e3d9d2 Oh dear, I was missing an extern. 2016-09-09 10:20:34 -04:00
Nick Mathewson
373bfd9630 Make a couple more tests run faster.
The point of diminishing returns has been reached.
2016-09-09 10:08:27 -04:00
Nick Mathewson
7c52109641 Disable a single pbkdf2 test vector
The other test vectors are pretty complete, and get full coverage, I
believe.

This one test vector accounted for half the time spent in
test-slow.  "Now that's slow!"
2016-09-09 09:57:15 -04:00
Nick Mathewson
5e30e26c6d Chop another ~93 RSA key generations out of the unit tests
We have a mock for our RSA key generation function, so we now wire
it to pk_generate(). This covers all the cases that were not using
pk_generate() before -- all ~93 of them.
2016-09-09 09:45:50 -04:00
Nick Mathewson
05110c9294 Move the donna-fuzzing tests into test_slow.
This shaves another 3-4 seconds off the main-path tests for me,
which is again worth it, according to XKCD#1204.
2016-09-09 08:58:42 -04:00
Nick Mathewson
5ec395b27f Re-enable RSA cacheing in tests, with a better design.
This makes tests faster and saves about 6 seconds for me, which
makes it worth it, according to https://xkcd.com/1205.
2016-09-09 08:58:42 -04:00
Nick Mathewson
63e34e9e49 Reinstate a couple of teardown_capture_of_logs that I missed
Patch from rubiate. See #19999
2016-09-08 19:49:21 -04:00
Nick Mathewson
55713f0d79 Placate "make check-spaces" 2016-09-08 15:43:56 -04:00
Nick Mathewson
d860b99dbf Fix remaining test warnings. (in test_relay.c) 2016-09-08 15:25:56 -04:00
Nick Mathewson
e9fdec2b1d capture and detect expected BUG messages in shared-random tests 2016-09-08 15:13:53 -04:00
Nick Mathewson
deb294ff53 Simplify log_test_helpers interface
Previously, you needed to store the previous log severity in a local
variable, and it wasn't clear if you were allowed to call these
functions more than once.
2016-09-08 15:03:11 -04:00
Nick Mathewson
b0a9e54705 Resolve more BUG warnings in the unit tests 2016-09-08 14:39:20 -04:00
Nick Mathewson
d0fe86f39e Fix bug warnings in test_circuitlist. 2016-09-08 14:04:55 -04:00
Nick Mathewson
3269307daf Treat all nonfatal assertion failures as unit test failures.
Part of 19999.
2016-09-08 13:27:30 -04:00
Nick Mathewson
6a1454aa46 Tolerate another failure mode of get_if_addres6_list in tests 2016-09-08 11:47:16 -04:00
Nick Mathewson
f9cb9d8990 more consistent use of expect_log_msg_containing 2016-09-08 11:16:09 -04:00
Nick Mathewson
f64f293c48 Suppress a really impressive pile of warnings in conection/.. tests 2016-09-08 10:56:51 -04:00
Nick Mathewson
d626ffe29c Fix a bug in connection/download_status.. tests 2016-09-08 10:48:22 -04:00
Nick Mathewson
3705ee8fe4 Revise log-testing macros to dump the actual log contents on failure 2016-09-08 10:33:01 -04:00
Nick Mathewson
ae3ea9a7a1 Remove redundant definitions of expect_{no_,}log_msg() 2016-09-08 10:32:59 -04:00
Nick Mathewson
8acb951fc8 Unit test fix: windows should be able to handle DNSPort just fine. 2016-09-08 09:23:20 -04:00
Nick Mathewson
08d1ac4f2a Patch from rubiate: disable openbsd memory protections in test-memwipe
Test-memwipe is *supposed* to invoke undefined behavior, alas.

Closes 20066.
2016-09-08 09:00:24 -04:00
Nick Mathewson
bee5f38e39 set the "addr" field in the dir_handle_get tests, to resolve bug warnings. 2016-09-07 14:30:51 -04:00
Nick Mathewson
ab4485e281 Remove the useless (and uninitialized) MOCK_TOR_ADDR in test_dir_handle_get.c 2016-09-07 14:26:43 -04:00
Nick Mathewson
9d933bbacf Capture and enforce BUG warnings in dir/param_voting_lookup 2016-09-07 13:49:18 -04:00
Nick Mathewson
075c52084d Fix unit test failure introduced by #20002
Updating the consensus algorithm made a non-valid node never get
listed, which messed up some other tests.
2016-09-07 13:40:38 -04:00
Nick Mathewson
a49fee1c29 Capture and enforce bug warnings in util/time test 2016-09-07 12:15:46 -04:00
Nick Mathewson
e9b1d0619f Merge remote-tracking branch 'dgoulet/ticket18693_029_01' 2016-09-07 11:46:00 -04:00
Nick Mathewson
3823d0aa7d Capture and detect the BUG() warnings in test_util_parse_integer. 2016-09-06 21:01:52 -04:00
Nick Mathewson
2a4a815f58 Fix a unit test bug for passing arguments to tor_parse_ulong.
We wanted to make sure -50 was a bad input, but instead we were
passing a 'min' that was greater than 'max'.
2016-09-06 20:29:55 -04:00
Nick Mathewson
7ba47ca1fd Split tor_parse_{some_int} testing into separate fn. Code movement only. 2016-09-06 20:25:54 -04:00
Nick Mathewson
43092e21c1 Merge remote-tracking branch 'teor/feature20069' 2016-09-06 19:06:32 -04:00
Nick Mathewson
5927ed8d33 checkSpace.pl now forbids more identifiers.
The functions it warns about are:
  assert, memcmp, strcat, strcpy, sprintf, malloc, free, realloc,
  strdup, strndup, calloc.

Also, fix a few lingering instances of these in the code. Use other
conventions to indicate _intended_ use of assert and
malloc/realloc/etc.
2016-09-06 12:35:37 -04:00
teor
26b47f80dd
Add hs-ipv6 to the chutney IPv6 tests
Requires a recent version of chutney.

Also remove bridges+hs, as it's somewhat redundant.
2016-09-06 13:45:09 +10:00
Andrea Shepard
341a159ab4 Appease make check-spaces 2016-09-05 17:47:39 +00:00
Nick Mathewson
6abce601f2 Fix BUG warning with stack trace from config/parse_port_config__listenaddress 2016-09-05 13:30:50 -04:00
Nick Mathewson
6c1d1127a8 Fix memory leaks in the shared random tests.
Please remember to test your code with
--enable-expensive-hardening. :)
2016-09-01 09:10:27 -04:00
Nick Mathewson
7ef4eef764 Actually, always monotime_init() in the unit tests. 2016-08-31 14:38:17 -04:00
Nick Mathewson
cfc62e2374 Initialize monotonic timer code before using it in the tests 2016-08-31 14:34:49 -04:00
Nick Mathewson
d4f05dcd0e Detect and suppress bug message from zlib compression bomb test 2016-08-31 14:30:34 -04:00
Nick Mathewson
d299c043d4 Require specific messages for remaining link-handshake failure cases 2016-08-31 14:10:15 -04:00
Nick Mathewson
273290d4fe Always log [bug] warnings from the unit tests.
We should consider them bugs.  If they are happening intentionally,
we should use the log_test_helpers code to capture and suppress
them.  But having them off-by-default has potential to cause
programming errors.
2016-08-31 13:22:07 -04:00
Nick Mathewson
69dce09031 Do not call tor_tls_server_info_callback(NULL) from tests.
This isn't valid behavior, and it causes a crash when you run
the unit tests at --debug.

I've added an IF_BUG_ONCE() check for this case.
2016-08-31 13:18:13 -04:00
Nick Mathewson
871b711f10 Work even harder not to suppress logging messages unless we mean to. 2016-08-31 13:12:36 -04:00
Nick Mathewson
2df6cdc9f9 Document and clean log_test_helpers.c a bit
In addition to documentation, this commit makes a function static,
and removes a weird single-point-of-return-ism, and notes a thing I
should fix.
2016-08-31 13:11:26 -04:00
Nick Mathewson
d5614b2102 Use setup_full_capture_of_logs() where appropriate. 2016-08-31 12:53:18 -04:00
Nick Mathewson
f74916a98f setup_capture_of_logs: no longer suppress log messages
Previously setup_capture_of_logs would prevent log messages from
going to the console entirely.  That's a problem, since sometimes
log messages are bugs!  Now setup_capture_of_logs() acts sensibly.

If you really do need to keep a message from going to the console
entirely, there is setup_full_capture_of_logs().  But only use that
if you're prepared to make sure that there are no extraneous
messages generated at all.
2016-08-31 12:51:22 -04:00
Nick Mathewson
1f7dc823c5 Improvements to test_link_handshake: check specific error messages
Otherwise it's too easy to lose our test coverage.
2016-08-31 12:11:01 -04:00
Nick Mathewson
26a63a9303 Fix all "BUG" warnings created from link-handshake tests. 2016-08-31 11:37:18 -04:00
Nick Mathewson
14c07f3f21 Another log testing helper helper, for matching partial strings. 2016-08-31 11:35:12 -04:00
Nick Mathewson
bbaa7d09a0 Merge remote-tracking branch 'teor/reject-tap-v6' 2016-08-29 15:02:11 -04:00
David Goulet
f46ce6e3d8 test: Fix shared random unit test for big endian
Copying the integer 42 in a char buffer has a different representation
depending on the endianess of the system thus that unit test was failing on
big endian system.

This commit introduces a python script, like the one we have for SRV, that
computes a COMMIT/REVEAL from scratch so we can use it as a test vector for
our encoding unit tests.

With this, we use a random value of bytes instead of a number fixing the
endianess issue and making the whole test case more solid with an external
tool that builds the COMMIT and REVEAL according to the spec.

Fixes #19977

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-08-26 14:46:29 -04:00
Andrea Shepard
33a3e6f718 Avoid asserts in oos/kill_conn_list unit test 2016-08-26 00:02:00 +00:00
David Goulet
9e1cb3660b Fix duplicated if condition in connection.c
Furthermore, fix a test that could returned an uninitialized value.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-08-25 14:52:28 -04:00
Nick Mathewson
1dfa2213a4 Merge remote-tracking branch 'andrea/ticket18640_v3' 2016-08-25 14:29:06 -04:00
teor (Tim Wilson-Brown)
ce747f01aa Make port names and types consistent in the port unit tests
String constant changes only, and only in the unit tests.
These strings are used in log messages only.
2016-08-24 14:40:53 -04:00
teor (Tim Wilson-Brown)
41cc1f612b Parse *Port flags NoDNSRequest, NoOnionTraffic & OnionTrafficOnly
OnionTrafficOnly is equivalent to NoDNSRequest, NoIPv4Traffic,
and NoIPv6Traffic.

Add unit tests for parsing and checking option validity.
Add documentation for each flag to the man page.

Add changes file for all of #18693.

Parsing only: the flags do not change client behaviour (yet!)
2016-08-24 14:40:53 -04:00
Nick Mathewson
a3d419634b Merge remote-tracking branch 'asn/bug19872_v2' 2016-08-23 08:50:32 -04:00
George Kadianakis
b8bfdf638e Introduce ed25519_{sign,checksig}_prefixed functions(). 2016-08-23 14:53:01 +03:00
Andrea Shepard
dbdac1dc27 s/connection_handle_oos/connection_check_oos/g per code review 2016-08-20 02:44:33 +00:00
Andrea Shepard
d65f030915 Unit test for pick_oos_victims() 2016-08-20 01:43:52 +00:00
Andrea Shepard
e17083b432 Unit test for kill_conn_list_for_oos() 2016-08-20 01:43:52 +00:00
Andrea Shepard
26c2ded00c Unit test for connection_handle_oos() 2016-08-20 01:43:51 +00:00
Nick Mathewson
507f07de09 Merge remote-tracking branch 'public/deprecation_v2' 2016-08-19 19:58:51 -04:00
Nick Mathewson
7f145b54af Merge remote-tracking branch 'public/Fix_19450' 2016-08-12 16:11:28 -04:00
Nick Mathewson
f5dcab8072 Add new warn_deprecated option to config_assign*().
Also, collapse all the config_assign*() options into a flags
argument, since having two boolean arguments was already confusing.
2016-08-03 12:52:26 -04:00
Nick Mathewson
4d4ccc505b Search for remaining references to 'bufferevent'.
Remove or adjust as appropriate.
2016-08-02 13:59:47 -04:00
Nick Mathewson
46ef4487d3 Remove generic_buffer_*() functions as needless.
These functions were there so that we could abstract the differences
between evbuffer and buf_t.  But with the bufferevent removal, this
no longer serves a purpose.
2016-08-02 13:50:00 -04:00
Nick Mathewson
cd9d39d54b Rename generic_buffer_set_to_copy, since generic buffers are not a thing 2016-08-02 13:33:41 -04:00
Nick Mathewson
8fd6b0fc46 Remove USE_BUFFEREVENTS code outside src/or 2016-08-02 13:22:06 -04:00
Nick Mathewson
94bff894f9 Fix a large pile of solaris warnings for bug 19767.
In nearly all cases, this is a matter of making sure that we include
orconfig.h before we include any standard c headers.
2016-07-28 10:47:46 -04:00
Nick Mathewson
9fe6fea1cc Fix a huge pile of -Wshadow warnings.
These appeared on some of the Jenkins platforms. Apparently some
GCCs care when you shadow globals, and some don't.
2016-07-28 10:22:10 -04:00
Nick Mathewson
a8676b1ede Merge branch 'bug18902_squashed' 2016-07-28 06:59:03 -04:00
Nick Mathewson
4757303873 Fix all -Wshadow warnings on Linux
This is a partial fix for 18902.
2016-07-28 06:58:44 -04:00
Nick Mathewson
9de9f2d48b Merge branch 'feature19116_squashed' 2016-07-26 19:21:04 -04:00
teor (Tim Wilson-Brown)
bf2f7c265c We fixed #15937, update a comment 2016-07-26 19:20:53 -04:00
teor (Tim Wilson-Brown)
64b5140256 Call chutney's test-network.sh when it is available
Also mark the parts of tor's test-network.sh that can be deleted
once everyone has updated to chutney's test-network.sh.
2016-07-26 19:20:53 -04:00
teor (Tim Wilson-Brown)
bb4506da6f Add a dry run mode to test-network.sh 2016-07-26 19:20:53 -04:00
Nick Mathewson
09c25697d7 Add a function to simplify a fraction.
Apparently remembering euclid's algorithm does pay off sooner or later.
2016-07-26 11:23:34 -04:00
Nick Mathewson
90ca446048 Remove windows debugging prints: it was an integer overflow hitting ftrapv 2016-07-26 11:07:53 -04:00
Nick Mathewson
e77c23e455 Redux: Temporarily add windows verbosity to track down jenkins failures 2016-07-26 09:24:53 -04:00
Nick Mathewson
61ce6dcb40 Make monotime test mocking work with oom tests. 2016-07-21 07:02:34 -04:00
Nick Mathewson
50463524a9 Use new mock functions in buffer/time_tracking test 2016-07-21 07:02:33 -04:00
Nick Mathewson
558f7d3701 Merge branch 'monotonic_v2_squashed' 2016-07-19 11:42:26 +02:00
Nick Mathewson
abcb8ce25d Unit tests for monotonic time 2016-07-19 11:40:47 +02:00
Nick Mathewson
6a2002fc09 convert timers.c to use real monotonic time. 2016-07-19 11:40:46 +02:00
teor (Tim Wilson-Brown)
6afd5506e9
Rewrite test-network.sh so out-of-tree and $PATH binaries work 2016-07-18 12:15:49 +10:00
Andrea Shepard
94c27d4e8f Keep make check-spaces happy 2016-07-17 23:22:29 +00:00
Nick Mathewson
c138c9a2be Merge branch 'maint-0.2.8' 2016-07-17 13:55:04 -04:00
Nick Mathewson
bec4e41f4b Fix warnings in test_util_formats.
Storing 255 into a char gives a warning when char is signed.

Fixes bug 19682; bugfix on 0.2.8.1-alpha, where these tests were added.
2016-07-17 13:51:45 -04:00
teor (Tim Wilson-Brown)
24e8bb2d83
Relays make sure their own descriptor has an ntor key 2016-07-15 09:55:49 +10:00
Nick Mathewson
466259eb50 Merge remote-tracking branch 'sebastian/libevent2' 2016-07-08 09:57:31 -04:00
Nick Mathewson
acba4cc954 test coverage on onion_fast: 0%->100% 2016-07-06 13:43:12 -04:00
Nick Mathewson
08cc0ef832 Capture the LOG_ERR messages in our tests that had logged errors.
(It's confusing for the test to write an expected error to stdout,
and then tell the user "OK".)
2016-07-06 13:01:08 -04:00
Nick Mathewson
96d32f02f2 When saving mocked log messages, always create the list.
Otherwise, our code needs to check "list && smarlist_len(list)..."
2016-07-06 12:59:43 -04:00
Nick Mathewson
ae22c249c3 Improve test coverage a little on onion*.c 2016-07-06 12:37:52 -04:00
Nick Mathewson
3252550fc5 Fix sign in test-timers 2016-07-06 10:07:02 -04:00
Nick Mathewson
78196c8822 Merge remote-tracking branch 'teor/bug18456' 2016-07-05 19:10:08 -04:00
David Goulet
245c10de07 Test: fix shared random test checking bad errno
The test was checking for EISDIR which is a Linux-ism making other OSes
unhappy. Instead of checking for a negative specific errno value, just make
sure it's negative indicating an error. We don't need more for this test.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-05 14:00:06 -04:00
Nick Mathewson
5a047cdc5f Fix shared-random test 2016-07-05 13:31:18 -04:00
Nick Mathewson
5c97b42cac Merge branch 'maint-0.2.8' 2016-07-05 12:52:30 -04:00
Nick Mathewson
e99cc8740f Repair unit test that assumed we have 9 dirauths. 2016-07-05 12:52:19 -04:00
Nick Mathewson
87758dbebc Merge remote-tracking branch 'dgoulet/bug19567_029_01' 2016-07-05 12:14:04 -04:00
Nick Mathewson
e889da1d7f Merge remote-tracking branch 'asn/bug19551' 2016-07-05 12:12:09 -04:00
David Goulet
267e16ea61 sr: add the base16 RSA identity digest to commit
Keep the base16 representation of the RSA identity digest in the commit object
so we can use it without using hex_str() or dynamically encoding it everytime
we need it. It's used extensively in the logs for instance.

Fixes #19561

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-04 12:05:48 -04:00
David Goulet
7d04638a60 test: Fix shared random buffer overrun
Encoded commit has an extra byte at the end for the NUL terminated byte and
the test was overrunning the payload buffer by one byte.

Found by Coverity issue 1362984.

Fixes #19567

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-04 11:40:06 -04:00
Sebastian Hahn
265e40b481 Raise libevent dependency to 2.0.10-stable or newer
Only some very ancient distributions don't ship with Libevent 2 anymore,
even the oldest supported Ubuntu LTS version has it. This allows us to
get rid of a lot of compat code.
2016-07-04 12:40:09 +02:00
George Kadianakis
43d317f99c Fix edge case fail of shared random unittest.
The test_state_update() test would fail if you run it between 23:30 and
00:00UTC in the following line because n_protocol_runs was 2:

  tt_u64_op(state->n_protocol_runs, ==, 1);

The problem is that when you launch the test at 23:30UTC (reveal phase),
sr_state_update() gets called from sr_state_init() and it will prepare
the state for the voting round at 00:00UTC (commit phase). Since we
transition from reveal to commit phase, this would trigger a phase
transition and increment the n_protocol_runs counter.

The solution is to initialize the n_protocol_runs to 0 explicitly in the
beginning of the test, as we do for n_reveal_rounds, n_commit_rounds etc.
2016-07-02 02:49:59 +03:00
Andrea Shepard
be78e9ff37 Keep make check-spaces happy 2016-07-01 21:52:32 +00:00
Nick Mathewson
aa05dea5ff Windows open() returns eacces when eisdir would be sane 2016-07-01 16:23:06 -04:00
Nick Mathewson
1597c42384 Fix i386 conversion warnings 2016-07-01 15:53:01 -04:00
Nick Mathewson
3566ff05fd Fix a -Wmissing-variable-declarations warning 2016-07-01 15:30:12 -04:00
Nick Mathewson
aaa3129043 Merge remote-tracking branch 'dgoulet/ticket16943_029_05-squashed'
Trivial Conflicts:
	src/or/or.h
	src/or/routerparse.c
2016-07-01 15:29:05 -04:00
David Goulet
36e201dffc prop250: Add a DEL state action and return const SRVs
The *get* state query functions for the SRVs now only return const pointers
and the DEL action needs to be used to delete the SRVs from the state.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 14:01:42 -04:00
David Goulet
4a1904c126 prop250: Use the new dirvote_get_intermediate_param_value for AuthDirNumSRVAgreements
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 14:01:42 -04:00
Nick Mathewson
6927467bef Refactor parameter computation and add a helper function
This patch makes us retain the intermediate list of K=V entries for
the duration of computing our vote, and lets us use that list with
a new function in order to look up parameters before the consensus
is published.

We can't actually use this function yet because of #19011: our
existing code to do this doesn't actually work, and we'll need a new
consensus method to start using it.

Closes ticket #19012.
2016-07-01 14:01:42 -04:00
David Goulet
e62f3133bb prop250: Change reveal_num to uint64_t and version to uint32_t
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 14:01:42 -04:00
George Kadianakis
f6f4668b1d prop250: Don't reject votes containing commits of unknown dirauths.
Instead just ignore those commits.

Squash this commit with 33b2ade.
2016-07-01 14:01:41 -04:00
David Goulet
d43646e191 prop250: Fix unit tests about the RSA fingerprint check
Code has been changed so every RSA fingerprint for a commit in our state is
validated before being used. This fixes the unit tests by mocking one of the
key function and updating the hardcoded state string.

Also, fix a time parsing overflow on platforms with 32bit time_t

Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-07-01 14:01:41 -04:00
George Kadianakis
edea044147 prop250: Sort smartlist before you get most frequent SRV.
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 14:01:41 -04:00
David Goulet
056b6186ad prop250: Use RSA identity digest instead of fingerprint
The prop250 code used the RSA identity key fingerprint to index commit in a
digestmap instead of using the digest.

To behavior change except the fact that we are actually using digestmap
correctly.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 14:01:41 -04:00
David Goulet
39be8af709 prop250: Add unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-07-01 14:01:41 -04:00
Nick Mathewson
738a8c655a Add an extra check to test_dir to try to debug windows jenkins issue 2016-07-01 10:10:55 -04:00
teor (Tim Wilson-Brown)
514f0041d1
Avoid disclosing exit IP addresses in exit policies by default
From 0.2.7.2-alpha onwards, Exits would reject all the IP addresses
they knew about in their exit policy. But this may have disclosed
addresses that were otherwise unlisted.

Now, only advertised addresses are rejected by default by
ExitPolicyRejectPrivate. All known addresses are only rejected when
ExitPolicyRejectLocalInterfaces is explicitly set to 1.
2016-07-01 15:37:13 +10:00
Nick Mathewson
64ee7bcd0c Make sure that our tests expect the windows path separator as needed 2016-06-30 18:26:44 -04:00
Nick Mathewson
889cfac676 One more tt_u64_op 2016-06-30 16:46:53 -04:00
Nick Mathewson
591078c76d use tt_u64_op for comparing len_descs_dumped 2016-06-30 15:34:36 -04:00
Nick Mathewson
2713de2a47 Fix more naked strdup/malloc/free instances 2016-06-30 14:36:31 -04:00
Nick Mathewson
9a92f58219 Avoid naked strdups in test_dir.c 2016-06-30 14:30:28 -04:00
Nick Mathewson
7a7bd1f9ea Fix a memory leak in test_dir_populate_dump_desc_fifo 2016-06-30 14:30:26 -04:00
Nick Mathewson
cb54390e0f Merge remote-tracking branch 'andrea/ticket19323_squashed' 2016-06-30 11:44:58 -04:00
Nick Mathewson
c6846d7bf0 Merge remote-tracking branch 'andrea/bug18322_v3_squashed' 2016-06-30 11:18:00 -04:00
Andrea Shepard
9580b99dab Add unit test for dump_desc_populate_fifo_from_directory() 2016-06-30 07:03:26 +00:00
Andrea Shepard
42f089473a Unit test for dump_desc_populate_one_file() 2016-06-30 07:03:26 +00:00
Andrea Shepard
38cced90ef Move unparseable descriptor dumps into subdirectory of DataDir 2016-06-30 07:03:25 +00:00
Andrea Shepard
824ee581b0 Add dir/dump_unparseable_descriptors unit test 2016-06-30 07:03:25 +00:00
teor (Tim Wilson-Brown)
69535f1284
Add tv_udiff and tv_mdiff unit tests with negative values 2016-06-30 09:29:18 +10:00
teor (Tim Wilson-Brown)
d36a0c4d22
Add more unit tests for tv_udiff and tv_mdiff 2016-06-29 17:23:42 +10:00
Andrea Shepard
ad0ce8716d Unit tests for GETINFO download/desc and download/bridge cases 2016-06-29 06:55:57 +00:00
Andrea Shepard
45724beac4 Unit test for GETINFO download/cert case 2016-06-29 05:58:22 +00:00
Andrea Shepard
becf510ef2 Unit test for GETINFO download/networkstatus case 2016-06-29 05:56:21 +00:00
Nick Mathewson
703254a832 Merge remote-tracking branch 'public/bug15942_v2_alternative' 2016-06-23 09:01:24 -04:00
Nick Mathewson
5fbd195918 Coverage hack for test_switch_id.sh
This hack provides a way to make sure we can see coverage from
test-switch-id.  If you set OVERRIDE_GCDA_PERMISSIONS_HACK, we
temporarily make the .gcda files mode 0666 before we run the
test scripts, and then we set them to 0644 again afterwards.

That's necessary because the test_switch_id.sh script does a
setuid() to 'nobody' part way through, and drops the ability to
change its mind back.
2016-06-20 11:15:47 -04:00
Nick Mathewson
603cb712ef Small coverage improvements on compat.c 2016-06-20 11:03:13 -04:00
Nick Mathewson
2b74e13a7c More coverage in backtrace.c 2016-06-20 10:31:36 -04:00
Nick Mathewson
c1f0ec3058 Merge remote-tracking branch 'dgoulet/bug19465_029_01' 2016-06-20 10:20:41 -04:00
Nick Mathewson
ba88d78127 Fix unit test crash on 32-bit. 2016-06-20 10:20:03 -04:00
David Goulet
85edef27eb test: Increase offset to rendcache descriptor time
Slow system can sometime take more than 10 seconds to reach the test
callsite resulting in the unit test failing when using time in the future or
in the past.

Fixes #19465

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-06-20 09:53:11 -04:00
Nick Mathewson
6cedd49323 Merge branch 'bug14013_029_01_squashed' 2016-06-20 08:48:09 -04:00
nikkolasg
568dc27a19 Make base16_decodes return number of decoded bytes
base16_decodes() now returns the number of decoded bytes. It's interface
changes from returning a "int" to a "ssize_t". Every callsite now checks the
returned value.

Fixes #14013

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-06-20 08:44:58 -04:00
U+039b
58e6a6aaeb Fix #19063: Add check in utility macro 2016-06-19 12:34:49 -04:00
Nick Mathewson
81cfd5c9a1 Merge branch 'zlib_coverage_squashed' 2016-06-19 12:20:38 -04:00
Nick Mathewson
d937b86699 Unindent block 2016-06-19 12:20:24 -04:00
Nick Mathewson
808015316a Remove support for zlib <= 1.1
zlib 1.2 came out in 2003; earlier versions should be dead by now.

Our workaround code was only preventing us from using the gzip
encoding (if we decide to do so), and having some dead code linger
around in torgzip.c
2016-06-19 12:20:24 -04:00
Nick Mathewson
b421648da2 Merge remote-tracking branch 'public/thread_coverage' 2016-06-19 12:15:55 -04:00
Andrea Shepard
1553512af4 Unit test for DL_SCHED_RANDOM_EXPONENTIAL 2016-06-18 16:32:16 +00:00
Andrea Shepard
033cf30b3c Keep make check-spaces happy 2016-06-18 16:07:44 +00:00
Nick Mathewson
48b25e6811 Merge branch 'bug18280_029_03_nm_squashed' 2016-06-17 13:53:57 -04:00
David Goulet
f4f9a9be40 test: Add base32_encode/decode unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-06-17 13:53:47 -04:00
Nick Mathewson
a418904962 Coverage on parse_config_line_from_str_verbose. 2016-06-16 15:52:19 -04:00
Nick Mathewson
c9ea9de806 Remove parse_config_line_from_str alias
All of our code just uses parse_config_line_from_str_verbose.
2016-06-16 15:40:56 -04:00
Nick Mathewson
128ab31c64 Mark code unreachable in unescape_string()
Also, add tests for it in case someday it does become reachable.
2016-06-16 15:36:08 -04:00
Nick Mathewson
dd73787190 On Windows, tv_sec is long, not time_t.
I'm not angry, Windows: just very disappointed.
2016-06-16 13:57:16 -04:00
Nick Mathewson
6ceb37971e Try to fix memarea test on 32-bit systems 2016-06-16 11:59:51 -04:00
Nick Mathewson
5c596cdbc0 Tests for message rate-limiting
Also note a bug in the rate-limiting message.
2016-06-16 11:54:50 -04:00
Nick Mathewson
79370914d1 tests for size_mul_check__()
it's important, and we should make sure we got it right.
2016-06-16 10:43:01 -04:00
Nick Mathewson
41cb26c169 Correct the rounding behavior on tv_mdiff.
Fix for bug 19428.
2016-06-16 10:16:04 -04:00
Nick Mathewson
f05a213fe1 Improve coverage on tv_udiff, and tv_mdiff.
I found some bugs in tv_mdiff; separate commit for that
2016-06-16 10:07:44 -04:00
Nick Mathewson
6dc2b605b8 Improve coverage on esc_for_log, esc_for_log_len 2016-06-16 09:58:53 -04:00
Nick Mathewson
f986e26850 Reach 100% line coverage on memarea.c 2016-06-16 09:37:44 -04:00
Nick Mathewson
05e2750ea7 whoops; blank line 2016-06-14 20:21:59 -04:00
Nick Mathewson
227d3b3d6b Use ENABLE/DISABLE_GCC_WARNING in masater. 2016-06-14 20:21:02 -04:00
Nick Mathewson
8486dea8d7 Merge branch 'maint-0.2.8' 2016-06-14 20:16:46 -04:00
Nick Mathewson
d6b01211b9 Resolve the remaining openssl "-Wredundant-decls" warnings.
Another part of 19406
2016-06-14 20:14:53 -04:00
Nick Mathewson
3bffdf05d1 use new-form macros to disable -Wredundant-decls 2016-06-14 12:22:52 -04:00
Nick Mathewson
df4fa92a88 Merge branch 'maint-0.2.8' 2016-06-14 12:17:24 -04:00
Yawning Angel
c5e2f7b944 Bug 19406: Fix the unit tests to work with OpenSSL 1.1.x
Just as it says on the tin.  Don't need to fully disable any tests and
reduce coverage either.  Yay me.
2016-06-14 12:13:09 -04:00
Nick Mathewson
d6b2af7a3a Merge branch 'bug19180_easy_squashed' 2016-06-11 10:15:40 -04:00
Nick Mathewson
e80a032b61 Add clang's -Wstring-conversion, and fix the one place it hits 2016-06-11 10:11:54 -04:00
Nick Mathewson
53a3b39da1 Add -Wmissing-variable-declarations, with attendant fixes
This is a big-ish patch, but it's very straightforward.  Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it.  The cases where we
violated this rule fall into three roughly equal groups:
  * Stuff that should have been static.
  * Stuff that was global but where the extern was local to some
    other C file.
  * Stuff that was only global when built for the unit tests, that
    needed a conditional extern in the headers.

The first two were IMO genuine problems; the last is a wart of how
we build tests.
2016-06-11 10:11:54 -04:00
Nick Mathewson
80f1a2cbbd Add the -Wextra-semi warning from clang, and fix the cases where it triggers 2016-06-11 10:11:54 -04:00
Nick Mathewson
c3adbf755b Resolve some warnings from OSX clang. 2016-06-11 10:11:53 -04:00
Nick Mathewson
9bbd6502f0 Use autoconf, not gcc version, to decide which warnings we have
This gives more accurate results under Clang, which can only help us
detect more warnings in more places.

Fixes bug 19216; bugfix on 0.2.0.1-alpha
2016-06-11 10:11:53 -04:00
Nick Mathewson
4caed2424a Enable -Woverlength-strings for GCC>=4.6 on MOST of the code.
IMO it's fine for us to make exceptions to this rule in the unit
tests, but not in the code at large.
2016-06-11 10:11:52 -04:00
Nick Mathewson
8f2d2933f9 Use -Wdouble-promotion in GCC >= 4.6
This warning triggers on silently promoting a float to a double.  In
our code, it's just a sign that somebody used a float by mistake,
since we always prefer double.
2016-06-11 10:11:52 -04:00
Nick Mathewson
493499a339 Add -Wfloat-conversion for GCC >= 4.9
This caught quite a few minor issues in our unit tests and elsewhere
in our code.
2016-06-11 10:11:52 -04:00
Nick Mathewson
4f8086fb20 Enable -Wnull-dereference (GCC >=6.1), and fix the easy cases
This warning, IIUC, means that the compiler doesn't like it when it
sees a NULL check _after_ we've already dereferenced the
variable. In such cases, it considers itself free to eliminate the
NULL check.

There are a couple of tricky cases:

One was the case related to the fact that tor_addr_to_in6() can
return NULL if it gets a non-AF_INET6 address.  The fix was to
create a variant which asserts on the address type, and never
returns NULL.
2016-06-11 10:10:29 -04:00
Andrea Shepard
9eeaeddbb1 Reduce make check-spaces noise 2016-06-09 11:50:25 +00:00
Nick Mathewson
f016213f7f Unit tests for our zlib code to test and reject compression bombs. 2016-06-08 18:08:30 -04:00
Nick Mathewson
3cc374456b Add several test scripts wrapping test_workqueue
This is a fairly easy way for us to get our test coverage up on
compat_threads.c and workqueue.c -- I already implemented these
tests, so we might as well enable them.
2016-06-08 17:29:06 -04:00
Nick Mathewson
1e330e1947 Repair test_crypto_openssl_version with LibreSSL 2016-06-06 10:45:23 -04:00
Nick Mathewson
83513a93a1 Check tor_sscanf return value in test_crypto.c
Coverity noticed that we check tor_sscanf's return value everywhere
else.
2016-06-06 10:01:50 -04:00
Nick Mathewson
ed0ecd9f13 Use tor_sscanf, not sscanf, in test_crypto.c
Fixes the 0.2.9 instance of bug #19213, which prevented mingw64 from
working.  This case wasn't in any released Tor.
2016-06-02 10:16:15 -04:00
Nick Mathewson
b458a81cc5 Merge branch 'maint-0.2.8' 2016-06-02 10:13:35 -04:00
Nick Mathewson
a32ca313c4 Merge branch 'maint-0.2.7' into maint-0.2.8 2016-06-02 10:12:56 -04:00
Nick Mathewson
5854b19816 Use tor_sscanf, not sscanf, in test_util.c.
Fixes the 0.2.7 case of bug #19213, which prevented mingw64 from
working.
2016-06-02 10:11:29 -04:00
Nick Mathewson
3cdc8bfa2c Let's not even talk about those errors, ok? 2016-05-30 17:14:46 -04:00
Nick Mathewson
97f2c1c58e Wait, we had sprintf() in our unit tests?? FOR SHAME! 2016-05-30 16:50:57 -04:00
Nick Mathewson
4f1a04ff9c Replace nearly all XXX0vv comments with smarter ones
So, back long ago, XXX012 meant, "before Tor 0.1.2 is released, we
had better revisit this comment and fix it!"

But we have a huge pile of such comments accumulated for a large
number of released versions!  Not cool.

So, here's what I tried to do:

  * 0.2.9 and 0.2.8 are retained, since those are not yet released.

  * XXX+ or XXX++ or XXX++++ or whatever means, "This one looks
    quite important!"

  * The others, after one-by-one examination, are downgraded to
    plain old XXX.  Which doesn't mean they aren't a problem -- just
    that they cannot possibly be a release-blocking problem.
2016-05-30 16:18:16 -04:00
Nick Mathewson
1e5ad15688 Merge remote-tracking branch 'arma/task19035-fixedup' 2016-05-27 13:22:16 -04:00
Roger Dingledine
11d52a449c Disable GET /tor/bytes.txt and GETINFO dir-usage
Remove support for "GET /tor/bytes.txt" DirPort request, and
"GETINFO dir-usage" controller request, which were only available
via a compile-time option in Tor anyway.

Feature was added in 0.2.2.1-alpha. Resolves ticket 19035.
2016-05-27 11:15:21 -04:00
Nick Mathewson
b7fac185a6 Merge branch 'maint-0.2.8' 2016-05-25 16:59:46 -04:00
Nick Mathewson
36b2b48308 Merge branch 'bug18668_028' into maint-0.2.8 2016-05-25 16:58:43 -04:00
Nick Mathewson
44ea3dc331 Merge branch 'maint-0.2.8' 2016-05-25 10:21:15 -04:00
Nick Mathewson
be3875cda2 Make sure that libscrypt_scrypt actually exists before using it.
Previously, if the header was present, we'd proceed even if the
function wasn't there.

Easy fix for bug 19161.  A better fix would involve trying harder to
find libscrypt_scrypt.
2016-05-24 10:31:02 -04:00
cypherpunks
0e20d056e9 Prevent ASAN from registering a SIGSEGV handler
AddressSanitizer's (ASAN) SIGSEGV handler overrides the backtrace
handler and prevents it from printing its backtrace. The output of ASAN
is different from what 'bt_test.py' expects and causes backtrace test
failures.

The 'allow_user_segv_handler' option allows applications to set their
own SIGSEGV handler but is not supported by older GCC versions. These
older GCC versions do support the 'handle_segv' which prevents ASAN from
setting its SIGSEGV handler.
2016-05-20 08:34:18 -04:00
Nick Mathewson
f2205071f0 Remove round_int64_to_next_multiple_of: It is now unused. 2016-05-19 21:21:24 -04:00
Nick Mathewson
dcc4fd4403 Merge branch 'maint-0.2.8' 2016-05-19 16:05:13 -04:00
Nick Mathewson
33841a6030 Merge remote-tracking branch 'teor/fix18809-warnings' into maint-0.2.8 2016-05-19 16:04:56 -04:00
Nick Mathewson
4a14c2cfc7 Merge branch 'maint-0.2.8' 2016-05-19 15:56:39 -04:00
Nick Mathewson
0d6f293e0e Merge remote-tracking branch 'public/bug19073' into maint-0.2.8 2016-05-19 15:56:31 -04:00
teor (Tim Wilson-Brown)
2d21f03cdc
Fix unused-but-set-variable warnings in the connection unit tests
No behaviour change - just remove the variables
2016-05-19 12:49:36 -04:00
Nick Mathewson
a7a44f2db0 Merge branch 'maint-0.2.8' 2016-05-19 08:29:58 -04:00
Nick Mathewson
06803c317f Fix a compilation error in test_dir.c 2016-05-19 08:27:11 -04:00
Nick Mathewson
d718c717a6 Merge branch 'maint-0.2.8' 2016-05-19 08:25:12 -04:00
Nick Mathewson
9f217c83b0 Merge branch 'bug18809_028_squashed' into maint-0.2.8 2016-05-19 08:17:02 -04:00
teor (Tim Wilson-Brown)
f698b509d8 Add unit tests for networkstatus_consensus_is_bootstrapping 2016-05-19 07:58:41 -04:00
teor (Tim Wilson-Brown)
d5c70d7102 Restore and improve download schedule unit tests 2016-05-19 07:58:41 -04:00
teor (Tim Wilson-Brown)
4254d0297c Update unit tests for multiple bootstrap connections 2016-05-19 07:58:41 -04:00
Nick Mathewson
159ea7a88f Fix a bad sizeof() in test_crypto.c. Harmless. Spotted by coverity. 2016-05-18 08:29:13 -04:00
Nick Mathewson
ab932cd7bf Remove duplicate siging_key_cert fields.
With the fix for #17150, I added a duplicate certificate here.  Here
I remove the original location in 0.2.8.  (I wouldn't want to do
that in 027, due to the amount of authority-voting-related code
drift.)

Closes 19073.
2016-05-17 20:04:16 -04:00
Nick Mathewson
36909674b4 Merge remote-tracking branch 'teor/bug18963-remember-v2' 2016-05-17 12:15:53 -04:00
Nick Mathewson
6382cd93cb Merge branch 'maint-0.2.8' 2016-05-17 11:10:20 -04:00
Nick Mathewson
0f9b0b8bfe Initialize networking _before_ initializing libevent in the tests
This prevents WSANOTINITIALISED errors and fixes bug 18668. Bugfix
on 0.2.8.1-alpha -- 1bac468882 specifically.
2016-05-16 14:30:04 -04:00
Nick Mathewson
249f3a1664 Fix memory leak in test_crypto_aes_ctr_testvec 2016-05-16 09:55:09 -04:00
Nick Mathewson
9abd7b8f90 Windows lacks truncate(3).
Fix the new crypto tests, which used truncate(3).
2016-05-16 09:25:19 -04:00
Nick Mathewson
060e0d0a75 Merge branch 'crypto_unit_tests_v2_squashed' 2016-05-16 08:26:11 -04:00
Nick Mathewson
365d0fcc6d Cover all our DH code, and/or mark it unreachable. 2016-05-16 08:26:00 -04:00
Nick Mathewson
94b34d1be6 At long last, unit tests for degenerate DH public keys.
Apparently, we detect and reject them correctly. Aren't you glad?
2016-05-16 08:26:00 -04:00
Nick Mathewson
d88656ec06 Slight improvements to DH coverage. 2016-05-16 08:25:59 -04:00
Nick Mathewson
7a5f15b6e0 Improve test coverage of our strongest-rng code. 2016-05-16 08:25:59 -04:00
Nick Mathewson
148f0004e1 Test coverage on ed25519 load/store functions. 2016-05-16 08:25:59 -04:00
Nick Mathewson
8a536be705 Mark unreachable lines in crypto_curve25519.c
Also, resolve a bug in test_ntor_cl.c
2016-05-16 08:25:53 -04:00
Nick Mathewson
df3a5e0cad HKDF-SHA256 test vectors from RFC5869 2016-05-16 08:25:53 -04:00
Nick Mathewson
a7207329a8 Run tor_sscanf test in subprocess, in hopes of coaxing more info from jenkins 2016-05-12 13:37:05 -04:00
Nick Mathewson
445e05a015 Fix inconsistent tab/space mixing in include.am files.
This is a whitespace only, cosmetic fix.

There is still some inconsistency between lists, but less
inconsistency inside individual lists.
2016-05-12 13:06:58 -04:00
Nick Mathewson
607a9056d4 Merge branch 'ftrapv_v3'
There were some conflicts here, and some breakage to fix concerning
library link order in newer targets.
2016-05-12 13:00:45 -04:00
Nick Mathewson
fb999abea6 Document why we build memwipe that way. 2016-05-12 12:56:47 -04:00
Nick Mathewson
b1dce55b82 Do not apply bugtrapping flags to test-memwipe, since testing memwipe requires bugs.
Fixes bug 18901.
2016-05-12 11:22:10 -04:00
Nick Mathewson
20432fc541 Refactor out u64_dbl_t
This type saved a tiny amount of allocation, but not enough to be
worth keeping.

(This is in preparation for moving choose_array_element_by_weight)
2016-05-12 11:21:28 -04:00
Nick Mathewson
ce854a8d22 Add -ftrapv to gcc-hardening ... mostly!
We know there are overflows in curve25519-donna-c32, so we'll have
to have that one be fwrapv.

Only apply the asan, ubsan, and trapv options to the code that does
not need to run in constant time.  Those options introduce branches
to the code they instrument.

(These introduced branches should never actually be taken, so it
might _still_ be constant time after all, but branch predictors are
complicated enough that I'm not really confident here. Let's aim for
safety.)

Closes 17983.
2016-05-12 11:21:28 -04:00
teor (Tim Wilson-Brown)
cdb528d841
Fetch certificates from the same directory as previous certificates
Improves the fix to #18963.
2016-05-11 13:30:30 -04:00
Nick Mathewson
00ee62b8a5 Merge branch 'pubsub_squashed' 2016-05-11 13:26:29 -04:00
Nick Mathewson
80a6c8caa3 Basic work on a publish/subscribe abstraction
The goal here is to provide a way to decouple pieces of the code
that want to learn "when something happens" from those that realize
that it has happened.

The implementation here consists of a generic backend, plus a set of
macros to define and implement a set of type-safe frontends.
2016-05-11 13:25:11 -04:00
Nick Mathewson
33d3572a1d Merge branch 'feature15588_squashed' 2016-05-09 14:41:36 -04:00
Roger Dingledine
ce8266d52d fix typos/etc before i go nuts on #18809 2016-05-09 14:40:21 -04:00
John Brooks
dcc11674db Add client auth for ADD_ONION services 2016-05-09 14:28:58 -04:00
John Brooks
d5a23ce115 Move rend auth cookie en-/decoding to a function
Tor stores client authorization cookies in two slightly different forms.
The service's client_keys file has the standard base64-encoded cookie,
including two chars of padding. The hostname file and the client remove
the two padding chars, and store an auth type flag in the unused bits.

The distinction makes no sense. Refactor all decoding to use the same
function, which will accept either form, and use a helper function for
encoding the truncated format.
2016-05-09 14:28:08 -04:00
Nick Mathewson
69380033d6 Merge branch 'timeouts_v2_squashed' 2016-05-09 14:06:10 -04:00
Nick Mathewson
af132fc299 timer tests: differences in timing accuracy can be negative.
Also, use symbolic names for good-enough thresholds for timer accuracy.
2016-05-09 14:04:54 -04:00
Nick Mathewson
11a09778d6 Test coverage for timers. 2016-05-09 14:04:54 -04:00
Nick Mathewson
118556e4b3 Quick-and-dirty test for timers code. 2016-05-09 14:04:53 -04:00