Commit Graph

98 Commits

Author SHA1 Message Date
Nick Mathewson
af08dad6d1 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-09 09:28:53 -04:00
Nick Mathewson
283ce30c53 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-09 09:28:53 -04:00
Alexander Færøy
33e1c2e6fd Run tor_tls_cert_matches_key() Test Suite with both OpenSSL and NSS.
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Nick Mathewson
23c77f79fd Remove all usage of the NS*() macros in test*.c
This is an automatically generated commit, made with the following
kludgey perl script. It results in a number of wide lines, which
I'll clean up in a subsequent commit.

#/usr/bin/perl -w -i
$mod = "NS_MODULE";
$submod = "NS_SUBMODULE";
$last_was_empty = 0;

while (<>) {

    s/\bASPECT\(\s*(\w+)\s*,\s*(\w+)\s*\)/$1_$2/;

    if (/# *define +NS_MODULE +(\w+)/) {
        $mod = $1;
        next;
    } elsif (/# *define +NS_SUBMODULE +(\w+)/) {
        $submod = $1;
        next;
    }

    next if (/#undef NS_(SUB)?MODULE/);

    s/NS\(\s*test_main\s*\)/test_${mod}_${submod}/;
    s/NS\(\s*(\w+)\s*\)/${mod}_${submod}_$1/g;
    s/NS_FULL\(\\s*(\w+)\s*,\s*(\w+),\s*(\w+)\s*\)/$1_$2_$3/;
    s/^(\s*)NS_MOCK\(\s*(\w+)\s*\)/$1MOCK($2,\n$1     ${mod}_${submod}_$2)/;
    s/NS_UNMOCK\(\s*(\w+)\s*\)/UNMOCK($1)/;
    s/TEST_CASE\(\s*(\w+)\s*\)/{ "$1", test_${mod}_$1, TT_FORK, NULL, NULL }/;
    s/TEST_CASE_ASPECT\(\s*(\w+)\s*,\s*(\w+)\s*\)/{ "$1_$2", test_${mod}_$1_$2, TT_FORK, NULL, NULL }/;
    s/NS_DECL\(\s*([^,]+)\s*,\s*([^,]+)\s*,\s*(\(.*)\);/static $1 ${mod}_${submod}_$2$3;\nATTR_UNUSED static int ${mod}_${submod}_$2_called = 0;/;
    s/\bCALLED\(\s*(\w+)\s*\)/${mod}_${submod}_$1_called/;

    if (/^$/) {
        print if (! $last_was_empty);
        $last_was_empty = 1;
    } else {
        $last_was_empty = 0;
        print;
    }

    if (eof) {
        $mod = "NS_MODULE";
        $submod = "NS_SUBMODULE";
        $last_was_empty = 0;
    }
}

# Please enter the commit message for your changes. Lines starting
# with '#' will be kept; you may remove them yourself if you want to.
# An empty message aborts the commit.
#
# Date:      Thu Jan 9 10:26:10 2020 -0500
#
# On branch disable_ns_macro
# Changes to be committed:
#	modified:   src/test/test_accounting.c
#	modified:   src/test/test_compat_libevent.c
#	modified:   src/test/test_dir.c
#	modified:   src/test/test_dir_handle_get.c
#	modified:   src/test/test_dns.c
#	modified:   src/test/test_options.c
#	modified:   src/test/test_procmon.c
#	modified:   src/test/test_rendcache.c
#	modified:   src/test/test_router.c
#	modified:   src/test/test_routerset.c
#	modified:   src/test/test_status.c
#	modified:   src/test/test_tortls.c
#	modified:   src/test/test_tortls_openssl.c
#	modified:   src/test/test_util_format.c
#	modified:   src/test/test_util_process.c
#
# Untracked files:
#	experiments/
#	locate_options.sh
#	un_ns.pl
#

# Please enter the commit message for your changes. Lines starting
# with '#' will be kept; you may remove them yourself if you want to.
# An empty message aborts the commit.
#
# Date:      Thu Jan 9 10:26:10 2020 -0500
#
# On branch disable_ns_macro
# Changes to be committed:
#	modified:   src/test/test_accounting.c
#	modified:   src/test/test_compat_libevent.c
#	modified:   src/test/test_dir.c
#	modified:   src/test/test_dir_handle_get.c
#	modified:   src/test/test_dns.c
#	modified:   src/test/test_options.c
#	modified:   src/test/test_procmon.c
#	modified:   src/test/test_rendcache.c
#	modified:   src/test/test_router.c
#	modified:   src/test/test_routerset.c
#	modified:   src/test/test_status.c
#	modified:   src/test/test_tortls.c
#	modified:   src/test/test_tortls_openssl.c
#	modified:   src/test/test_util_format.c
#	modified:   src/test/test_util_process.c
#
# Untracked files:
#	experiments/
#	locate_options.sh
#	un_ns.pl
#
2020-01-09 11:09:22 -05:00
Nick Mathewson
4f02812242 It's 2020. Update the copyright dates with "make update-copyright" 2020-01-08 18:39:17 -05:00
Nick Mathewson
60213a3621 Run "make autostyle." 2019-06-05 09:33:35 -04:00
Nick Mathewson
2f683465d4 Bump copyright date to 2019 2019-01-16 12:33:22 -05:00
Nick Mathewson
efe55b8898 Bump copyright date to 2019. 2019-01-16 12:32:32 -05:00
Nick Mathewson
6925b61cfd Fix various GCC LTO warnings in the unit tests. 2018-10-14 15:25:16 -04:00
Nick Mathewson
3b61bdb5ae Try to fix new coverity warnings in unit tests. 2018-09-05 08:30:35 -04:00
Nick Mathewson
03efb67b42 Debug one last reference-counting issue that only appeared on openssl master 2018-09-04 20:46:46 -04:00
Nick Mathewson
274efb1263 Use FREE_AND_NULL for impl types 2018-09-04 14:52:35 -04:00
Nick Mathewson
ad94d43fc5 Port test_tortls_verify to not depend on openssl internals 2018-09-04 14:52:35 -04:00
Nick Mathewson
3cdf0497f9 Add unit test for bridge-style TLS initialization. 2018-09-04 14:52:35 -04:00
Nick Mathewson
52ac539b99 Test a few more tortls.c functions 2018-09-04 14:52:35 -04:00
Nick Mathewson
5205c7fd90 Initial NSS support for TLS.
This is enough to get a chutney network to bootstrap, though a bunch
of work remains.
2018-09-04 14:52:35 -04:00
Nick Mathewson
b9ca8f2356 Extract internal-only parts of x509.h 2018-08-21 12:25:33 -04:00
Nick Mathewson
1992c76130 Split tls modules and their tests into openssl and generic.
Also, add a stubbed-out nss version of the modules.  The tests won't
pass with NSS yet since the NSS modules don't do anything.

This is a good patch to read with --color-moved.
2018-08-21 12:25:33 -04:00
Nick Mathewson
598bc78bfa Extract tortls structures into a new header; clean up a little 2018-08-21 12:25:33 -04:00
Nick Mathewson
9a4f05b05c Split X509 code out of tortls.c 2018-08-21 12:25:33 -04:00
Nick Mathewson
3ccb94d7b6 The RSA_free in this test is no longer needed or wanted 2018-08-21 12:24:08 -04:00
Nick Mathewson
824009cde5 Rename openssl-bridging functions in crypto_rsa
These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.
2018-08-21 12:24:08 -04:00
Nick Mathewson
e7f5f48d68 Rename torlog.[ch] to log.[ch]
Fun fact: these files used to be called log.[ch] until we ran into
conflicts with systems having a log.h file.  But now that we always
include "lib/log/log.h", we should be fine.
2018-07-10 15:20:30 -04:00
Nick Mathewson
ef486e3c02 Fix every include path changed in the previous commit (automated)
I am very glad to have written this script.
2018-07-05 17:15:50 -04:00
Nick Mathewson
986d761510 Extract or_state_t to its own header.
Fewer modules needed this than I had expected.
2018-07-01 15:20:37 -04:00
Nick Mathewson
6ac64e16ed Eliminate compat.h 2018-06-29 12:21:52 -04:00
Nick Mathewson
da4ae8a6b6 Automated fixup of include paths after torlog.h movement. 2018-06-22 10:32:10 -04:00
Nick Mathewson
accf239fa3 Rectify include paths (automated) 2018-06-21 13:19:00 -04:00
Nick Mathewson
0dab29ce10 Run rectify_include_paths.py 2018-06-20 09:35:05 -04:00
Nick Mathewson
fb0019daf9 Update copyrights to 2018. 2018-06-20 08:13:28 -04:00
Marcin Cieślak
308eec7532 testing: X509 certificate structure needs to be initialized
We alloc/free X.509 structures in three ways:

1) X509 structure allocated with X509_new() and X509_free()

2) Fake X509 structure allocated with fake_x509_malloc() and fake_x509_free()
   May contain valid pointers inside.

3) Empty X509 structure shell allocated with tor_malloc_zero() and
   freed with tor_free()
2018-05-11 01:44:09 +00:00
Nick Mathewson
9df20f6076 Merge branch 'maint-0.3.3' 2018-05-09 08:25:52 -04:00
Nick Mathewson
89cafc4afa Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks
This is needed for libressl-2.6.4 compatibility, which we broke when
we merged a15b2c57e1 to fix bug 19981.  Fixes bug 26005; bug
not in any released Tor.
2018-05-03 13:33:14 -04:00
Nick Mathewson
bf3e899dce Merge branch 'libressl_201805_029' into maint-0.3.3 2018-05-02 08:26:49 -04:00
Nick Mathewson
75f3fbaa3c LibreSSL compatibility fixes.
LibreSSL, despite not having the OpenSSL 1.1 API, does define
OPENSSL_VERSION in crypto.h.  Additionally, it apparently annotates
some functions as returning NULL, so that our unit tests need to be
more careful about checking for NULL so they don't get compilation
warnings.

Closes ticket 26006.
2018-05-02 08:22:05 -04:00
Nick Mathewson
9d27e3f014 Make test_tortls.c build with openssl no_deprecated.
Also for 19981.
2018-04-18 12:32:39 -04:00
Nick Mathewson
f4af1919ab Replace accumulated C ;;s with ;s
I don't know where these came from.
2017-09-15 16:43:17 -04:00
Nick Mathewson
76c33f7ff4 Merge branch 'scan-build-032' 2017-09-15 16:40:11 -04:00
Nick Mathewson
c1deabd3b0 Run our #else/#endif annotator on our source code. 2017-09-15 16:24:44 -04:00
Nick Mathewson
f2f729e26b Clear up dead-assignment warnings from scan-build 2017-09-12 21:32:34 -04:00
Nick Mathewson
011d94fb11 apply ahf's test_assert_null.cocci 2017-08-24 15:55:27 -04:00
Nick Mathewson
5ca0d6daf0 Mark many private tortls.h APIs as openssl-only.
This change lets us remove the openssl/ssl.h include from
test_link_handshake.c.
2017-03-31 10:04:45 -04:00
Nick Mathewson
7505f452c8 Run the copyright update script. 2017-03-15 16:13:17 -04:00
Nick Mathewson
24551d64ad Merge branch 'maint-0.2.9' 2017-02-01 10:39:59 -05:00
rubiate
e9ec818c28 Support LibreSSL with opaque structures
Determining if OpenSSL structures are opaque now uses an autoconf check
instead of comparing the version number. Some definitions have been
moved to their own check as assumptions which were true for OpenSSL
with opaque structures did not hold for LibreSSL. Closes ticket 21359.
2017-02-01 10:30:49 -05:00
Nick Mathewson
61612f980d Merge branch 'maint-0.2.9' 2016-11-06 20:24:29 -05:00
Nick Mathewson
def41e93bd In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/
(We weren't actually using these ciphers; we were just requing that
ciphers of that name existed.)

Patch from rubiate.  Fixes 20460
2016-11-06 20:23:40 -05:00
Nick Mathewson
0b4221f98d Make the current time an argument to x509 cert-checking functions
This makes the code a bit cleaner by having more of the functions be
pure functions that don't depend on the current time.
2016-11-03 08:37:22 -04:00
Nick Mathewson
5e30e26c6d Chop another ~93 RSA key generations out of the unit tests
We have a mock for our RSA key generation function, so we now wire
it to pk_generate(). This covers all the cases that were not using
pk_generate() before -- all ~93 of them.
2016-09-09 09:45:50 -04:00
Nick Mathewson
63e34e9e49 Reinstate a couple of teardown_capture_of_logs that I missed
Patch from rubiate. See #19999
2016-09-08 19:49:21 -04:00