Commit Graph

3581 Commits

Author SHA1 Message Date
Nick Mathewson
22e9c64738 Extract rend_service_descriptor_t into its own header. 2018-06-15 12:18:17 -04:00
Nick Mathewson
7d2d131afa Extract tor_version_t into its own header. 2018-06-15 12:12:15 -04:00
Nick Mathewson
d51de77311 Extract cpath_build_state into its own header.
More modules use this than I had expected!
2018-06-15 12:07:20 -04:00
Nick Mathewson
b3f2c682b7 Extract crypt_path_t and relay_crypto_t into their own headers 2018-06-15 11:52:32 -04:00
Nick Mathewson
a0bc164af5 Extract {or,origin}_circuit_t into their own headers 2018-06-15 11:34:33 -04:00
Nick Mathewson
bba998af65 Extract connection_t into its own header.
Now the entire connection_t hierarchy is extracted from or.h
2018-06-15 11:05:56 -04:00
Nick Mathewson
bcc283bcc9 Split or_handshake_{certs,state}_t into their own headers. 2018-06-15 10:56:15 -04:00
Nick Mathewson
19c34b4658 Move or_connection_t to its own header. 2018-06-15 10:48:50 -04:00
Nick Mathewson
1416f54d1e Split dir_connection_t into its own header 2018-06-15 10:31:21 -04:00
Nick Mathewson
3b917b2408 Split control_connection_t into its own header.
This one was actually fairly simple.
2018-06-15 10:17:27 -04:00
Nick Mathewson
5d5c442e6a Split entry and edge_connection_t into their own headers. 2018-06-15 10:10:24 -04:00
Nick Mathewson
2a574d11ac Move dir_server_t into its own header. 2018-06-14 16:58:01 -04:00
Nick Mathewson
df9a3fe86f Make server_port_cfg_t and port_cfg_t into separate headers. 2018-06-14 16:48:15 -04:00
Nick Mathewson
945d871da5 Merge branch 'maint-0.3.3' 2018-06-14 12:50:26 -04:00
Nick Mathewson
ee860b8f37 squash! Make sure that the test_rust.sh script fails when a test fails
Also make sure that we're actually running the test from within the right
cwd, like we do when we're building.  This seems necessary to avoid
an error when running offline.

Amusingly, it appears that we had this bug before: we just weren't
noticing it, because of bug 26258.
2018-06-13 12:21:25 -04:00
Nick Mathewson
ce692332b8 test_entrynodes: fix a GCC warning
Some versions of GCC complain that the bfn_mock_node_get_by_id
function might return NULL, but we're assuming that it won't.
(We're assuming it won't return NULL because we know in the tests
that we're passing it valid IDs.)

To make GCC happy, tt_assert() that each node_t is set before using
it.

Fixes a second case of bug26269; bugfix on 0.3.0.1-alpha.
2018-06-13 10:45:15 -04:00
Nick Mathewson
ed7b135812 Merge remote-tracking branch 'asn-github/bug26358' 2018-06-13 10:00:37 -04:00
Nick Mathewson
8c8ed91aae Merge remote-tracking branch 'rl1987/bug24891' 2018-06-13 09:46:50 -04:00
George Kadianakis
99974d4c1e Silence warning of relaycell/circbw tst.
Shouldn't send RELAY_COMMAND_DATA cell with 0 stream id.
2018-06-13 14:14:17 +03:00
rl1987
25341245ae Implement GETINFO md/all 2018-06-08 13:25:25 +03:00
rl1987
b7fae0f48c Heed --disable-unittests properly 2018-06-02 12:53:04 +03:00
Mike Perry
93ee227e18 Bug 26259: Don't count 0-length RELAY_COMMAND_DATA in CIRC_BW OVERHEAD
This cell should be treated as invalid for purposes of CIRC_BW.
2018-06-01 00:23:08 +00:00
Nick Mathewson
9d06c41c6e Make sure that the test_rust.sh script fails when a test fails
Exit codes from find(1) seem not to be so reliable as we had hoped.

Closes ticket 26258; bugfix on 0.3.3.4-alpha when we fixed #25560
2018-05-31 17:15:57 -07:00
Nick Mathewson
d7bbfd0f62 Fix various typos 2018-05-30 07:57:22 -07:00
Nick Mathewson
fa1890e97f Merge remote-tracking branch 'public/bug25691_033_again_squashed' into maint-0.3.3 2018-05-27 10:03:11 -04:00
Nick Mathewson
3f3739c6e0 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-24 09:40:06 -04:00
Nick Mathewson
f48fb8a720 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-24 09:40:06 -04:00
Nick Mathewson
f42739e746 Merge branch 'maint-0.3.3' 2018-05-24 09:40:06 -04:00
Nick Mathewson
0ef432d457 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-24 09:40:06 -04:00
Nick Mathewson
aeb4be1d5a Add a unit test for PEM-encrypted documents. 2018-05-24 09:36:33 -04:00
Nick Mathewson
cde5c9d0c3 Merge branch 'maint-0.3.3' 2018-05-22 13:35:33 -04:00
Nick Mathewson
a5d4ce2b39 Make the TROVE-2018-005 fix work with rust. 2018-05-22 13:35:20 -04:00
Nick Mathewson
6442417fde fix wide lines 2018-05-22 12:32:00 -04:00
Isis Lovecruft
056be68b1b protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:28:33 -04:00
Nick Mathewson
a3a8d80beb Merge branch 'trove-2018-005_032' into trove-2018-005_033 2018-05-22 12:27:15 -04:00
Isis Lovecruft
eb96692842 protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:12:01 -04:00
Nick Mathewson
8483241b4e Improve openssl_version tests with better messages
These tests would report errors, but wouldn't report the offending
strings.
2018-05-21 15:16:07 -04:00
Nick Mathewson
a394a2dd86 Merge branch 'bug25903_v5_squashed' 2018-05-14 14:25:07 -04:00
Mike Perry
fd504587d5 Bug 25903: Tests 2018-05-14 14:24:58 -04:00
Nick Mathewson
d27fd7ff6b Merge remote-tracking branch 'rl1987/bug25852_take2' 2018-05-14 14:05:50 -04:00
Nick Mathewson
aab626405c Merge remote-tracking branch 'catalyst-github/bug25756' 2018-05-11 18:15:43 -04:00
Nick Mathewson
f6c96fd0ca Merge remote-tracking branch 'public/bug25994' 2018-05-11 17:57:59 -04:00
Marcin Cieślak
308eec7532 testing: X509 certificate structure needs to be initialized
We alloc/free X.509 structures in three ways:

1) X509 structure allocated with X509_new() and X509_free()

2) Fake X509 structure allocated with fake_x509_malloc() and fake_x509_free()
   May contain valid pointers inside.

3) Empty X509 structure shell allocated with tor_malloc_zero() and
   freed with tor_free()
2018-05-11 01:44:09 +00:00
rl1987
036df13a03 Tweak error handling for #25852 2018-05-10 16:45:57 +03:00
Nick Mathewson
15b8c860d3 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-10 09:19:28 -04:00
Nick Mathewson
f64fa6b19e Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-10 09:19:28 -04:00
Nick Mathewson
2eff709edb Merge branch 'maint-0.3.3' 2018-05-10 09:19:28 -04:00
Nick Mathewson
ba70439210 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-10 09:19:28 -04:00
rl1987
36f7d0a940 Make _with_err return routerinfo, like old function does 2018-05-10 16:13:16 +03:00
Nick Mathewson
f684b48b5b Merge branch 'ticket26009' 2018-05-09 14:01:08 -04:00
Nick Mathewson
285e7c98fd Distinguish true clock jumps from idleness
Since we're going to be disabling the second-elapsed callback, we're
going to sometimes have long periods when no events file, and so the
current second is not updated.  Handle that by having a better means
to detect "clock jumps" as opposed to "being idle for a while".
Tolerate far more of the latter.

Part of #26009.
2018-05-09 14:01:00 -04:00
juga0
dbdde76f56 Test read bandwidth measurements with empty file 2018-05-09 15:58:25 +00:00
Nick Mathewson
9df20f6076 Merge branch 'maint-0.3.3' 2018-05-09 08:25:52 -04:00
Nick Mathewson
e6d6347690 Merge remote-tracking branch 'public/bug26005_034' 2018-05-09 08:23:27 -04:00
Nick Mathewson
01d729cbfe Fix compilation of test_addr.c
This needs to include crypto_rand.h (which it didn't before it was
merged).
2018-05-08 20:20:54 -04:00
Nick Mathewson
a0f051137d Merge branch 'ticket25993_squashed' 2018-05-08 20:09:42 -04:00
Nick Mathewson
24ba5fd748 More unit tests for addressmap_get_virtual_address().
Previously the coverage on this function was mostly accidental,
coming as it did from test_entryconn.c.  These new tests use mocking
to ensure that we actually hit the different failure and retry cases
of addressmap_get_virtual_address(), and make our test coverage a
bit more deterministic.

Closes ticket 25993.
2018-05-08 20:09:33 -04:00
Taylor Yu
de343b4e42 Improve tolerance for dirauths with skewed clocks
Previously, an authority with a clock more than 60 seconds ahead could
cause a client with a correct clock to warn that the client's clock
was behind.  Now the clocks of a majority of directory authorities
have to be ahead of the client before this warning will occur.

Relax the early-consensus check so that a client's clock must be 60
seconds behind the earliest time that a given sufficiently-signed
consensus could possibly be available.

Add a new unit test that calls warn_early_consensus() directly.

Fixes bug 25756; bugfix on 0.2.2.25-alpha.
2018-05-08 17:59:03 -05:00
Taylor Yu
4921670a8c Test early-consensus clock skew warnings 2018-05-08 17:59:03 -05:00
Taylor Yu
be8306c1fb Add expect_no_log_msg_containing() 2018-05-08 17:59:03 -05:00
Taylor Yu
5bd2060054 tests: Add "now" param to construct_consensus()
construct_consensus() in test_routerlist.c created votes using a
timestamp from time().  Tests that called construct_consensus() might
have nondeterministic results if they rely on time() not changing too
much on two successive calls.

Neither existing of the two existing tests that calls
construct_consensus is likely to have a failure due to this problem.
2018-05-08 17:59:03 -05:00
Nick Mathewson
3df37d7b6b Merge branch 'bug26004_029_squashed' 2018-05-08 14:26:05 -04:00
juga0
dbc80ad19b Allow bandwidth-file lines to have node_id in the last position
Closes ticket 26004.
2018-05-08 14:24:29 -04:00
Nick Mathewson
5edc72a45b Merge remote-tracking branch 'mikeperry/bug25870_rebase' 2018-05-08 14:12:29 -04:00
Nick Mathewson
2a4439adf3 Merge branch 'ticket26008' 2018-05-08 14:09:38 -04:00
Nick Mathewson
6e3e96d2ff Fix the selection of events to cancel in test_workqueue.c
Our previous algorithm had a nonzero probability of picking no
events to cancel, which is of course incorrect.  The new code uses
Vitter's good old reservoir sampling "algorithm R" from 1985.

Fixes bug 26008; bugfix on 0.2.6.3-alpha.
2018-05-06 21:03:26 -04:00
Nick Mathewson
d14c245a0f Add unit test for ..get_start_of_next_voting_interval().
This functionality was covered only accidentally by our voting-test
code, and as such wasn't actually tested at all.  The tests that
called it made its coverage nondeterministic, depending on what time
of day you ran the tests.

Closes ticket 26014.
2018-05-06 20:42:18 -04:00
rl1987
b00d17aa9e Improve GETCONF exit-policy/* error handling
This will yield different error codes for transient and permament
errors. Furthermore, Tor will give human readable error
messages to controller.
2018-05-05 16:12:00 +02:00
Nick Mathewson
08e525c198 Merge remote-tracking branch 'github/ticket25995' 2018-05-03 16:52:09 -04:00
Nick Mathewson
c3b7258370 Merge remote-tracking branch 'isis/bug24660_r1' 2018-05-03 13:50:18 -04:00
Nick Mathewson
89cafc4afa Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks
This is needed for libressl-2.6.4 compatibility, which we broke when
we merged a15b2c57e1 to fix bug 19981.  Fixes bug 26005; bug
not in any released Tor.
2018-05-03 13:33:14 -04:00
Nick Mathewson
1d16b7124f Basic unit tests for update_current_time().
This function is about to get more complicated, so we should track
how it's working.
2018-05-03 12:02:10 -04:00
Nick Mathewson
e386d61c9b Make hs_get_responsible_hsdirs() deterministic.
This test was using the current time to pick the time period number,
and a randomly generated hs key.  Therefore, it sometimes picked an
index that would wrap around the example dht, and sometimes would
not.

The fix here is just to fix the time period and the public key.

Fixes bug 25997; bugfix on 0.3.2.1-alpha.
2018-05-02 10:17:46 -04:00
Nick Mathewson
bf3e899dce Merge branch 'libressl_201805_029' into maint-0.3.3 2018-05-02 08:26:49 -04:00
Nick Mathewson
75f3fbaa3c LibreSSL compatibility fixes.
LibreSSL, despite not having the OpenSSL 1.1 API, does define
OPENSSL_VERSION in crypto.h.  Additionally, it apparently annotates
some functions as returning NULL, so that our unit tests need to be
more careful about checking for NULL so they don't get compilation
warnings.

Closes ticket 26006.
2018-05-02 08:22:05 -04:00
Nick Mathewson
a2b53c1d0b coverage: Repeat the test for avoiding failed intro points
This test, in test_client_pick_intro(), will have different coverage
depending on whether it selects a good intro point the first time or
whether it has to try a few times.  Since it produces the shorter
coverage with P=1/4, repeat this test 64 times so that it only
provides reduced coverage with P=1/2^128.  The performance cost is
negligible.

Closes ticket 25996.  This test was introduced in 0.3.2.1-alpha.
2018-05-01 19:58:39 -04:00
Nick Mathewson
19b53e2645 Use a deterministic PRNG in test_circuit_timeout()
I'd prefer not to do this for randomized tests, but as things stand
with this test, it produces nondeterministic test coverage.

Closes ticket 25995; bugfix on 0.2.2.2-alpha when this test was
introduced.
2018-05-01 19:34:21 -04:00
Nick Mathewson
24299d385d Hold monotonic time constant during channel/outbound_cell test
This change should make it impossible for the monotonic time to roll
over from one EWMA tick to the next during this test, and make it so
that this test never invokes scale_active_circuits() (which it
doesn't test).

(Earlier changes during the 0.3.4 series should make this call even
rarer than it was before, since we fixed #25927 and removed
cached_gettimeofday.  Because this test didn't update
cached_gettimeofday, the chance of rolling over a 10-second interval
was much higher.)

Closes ticket 25994; bugfix on 0.3.3.1-alpha when this test was
introduced.
2018-05-01 18:44:11 -04:00
Nick Mathewson
5c5392fea7 Merge remote-tracking branch 'github/eliminate_gettimeofday_cached' 2018-05-01 13:27:02 -04:00
David Goulet
70c92c3366 sr: Rename shared_random_common.{c|h} to shared_random_client.{c|h}
No code behavior change.

Pars of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
2d79d0155e vote: Move dirvote_recalculate_timing() to voting_schedule.c
By doing so, it is renamed to voting_schedule_recalculate_timing(). This
required a lot of changes to include voting_schedule.h everywhere that this
function was used.

This effectively now makes voting_schedule.{c|h} not include dirauth/dirvote.h
for that symbol and thus no dependency on the dirauth module anymore.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
711ff6cdf7 Rename dirvote_common.{c|h} to voting_schedule.{c|h}
No code behavior change.

Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:43:23 -04:00
Nick Mathewson
d018bf199c Merge remote-tracking branch 'dgoulet/ticket25610_034_01-squashed' 2018-05-01 10:29:05 -04:00
David Goulet
15e8ce3937 Move back dirvote_authority_cert_dup to dirvote.c
Originally, it was made public outside of the dirauth module but it is no
longer needed. In doing so, we put it back in dirvote.c and reverted its name
to the original one:

dirvote_authority_cert_dup() --> authority_cert_dup()

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:09 -04:00
Nick Mathewson
4cf6b67f5e Merge remote-tracking branch 'neel/b23094' 2018-05-01 08:56:23 -04:00
Nick Mathewson
07b486c17a Merge branch 'bug24734_squashed' 2018-05-01 08:51:32 -04:00
Neel Chauhan
5458ff20a5 Remove the return value from the fascist_firewall_choose_address_* family of functions 2018-05-01 08:51:16 -04:00
George Kadianakis
627d2fdbf0 Write unittests to check basic vanguard path selection.
Adds two unittests:
- First checks the path selection of basic Tor circs.
- Second checks the path selection of vanguard circs.

There is a TODO on the second unittest that we might want to test sooner than
later, but it's not trivial to do it right now.

To do these unittests we needed the following mods:
- Make some functions STATIC.
- Add some more fields to the big fake network nodes of test_entrynodes.c
- Switch fake node nicknames to base32 (because base64 does not produce valid nicknames).
2018-05-01 00:59:27 +00:00
Nick Mathewson
d1a0534649 Make unit tests pass with new dirserver role. 2018-04-30 10:36:00 -04:00
Nick Mathewson
6cb467b462 Merge remote-tracking branch 'github/ticket23354' 2018-04-30 09:45:28 -04:00
Nick Mathewson
a9736f1f38 Merge remote-tracking branch 'github/ticket19429_034' 2018-04-30 09:41:33 -04:00
Neel Chauhan
bfe5a739b7 Make hsdir_index in node_t a hsdir_index_t rather than a pointer. 2018-04-28 20:35:30 -04:00
Nick Mathewson
346c2eb4e6 Merge branch 'bug25843_v2_squashed' 2018-04-27 12:45:07 -04:00
George Kadianakis
d00ed406e0 Introduce torrc option NumPrimaryGuards 2018-04-27 12:44:54 -04:00
David Goulet
35ff2a3b86 dirvote: Rename authority_cert_dup()
Renamed to follow the file namespace.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
26817d9d22 dirvote: Extract shared functions to common file
No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
2115a54b4a mod: Move dirauth specific files to its own module
This is a pretty big commit but it only moves these files to src/or/dirauth:

  dircollate.c dirvote.c shared_random.c shared_random_state.c
  dircollate.h dirvote.h shared_random.h shared_random_state.h

Then many files are modified to change the include line for those header files
that have moved into a new directory.

Without using --disable-module-dirauth, everything builds fine. When using the
flag to disable the module, tor doesn't build due to linking errors. This will
be addressed in the next commit(s).

No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
d177067860 dirvote: Trim down the public API
Many functions become static to the C file or exposed to the tests within the
PRIVATE define of dirvote.h.

This commit moves a function to the top. No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
8b58e1e323 test: Unit test for the HS service event rescan
Because we rescan the main loop event list if the global map of services has
changed, this makes sure it does work.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:16:57 -04:00
David Goulet
f7633c1fca hs: Rescan the main loop event list if the service map changes
Because ADD_ONION/DEL_ONION can modify the global service map (both for v2 and
v3), we need to rescan the event list so we either enable or disable the HS
service main loop event.

Fixees #25939

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:16:57 -04:00
David Goulet
05d314f888 main: Add mainloop callback event flags
Implement the ability to set flags per events which influences the set up of
the event.

This commit only adds one flag which is "need network" meaning that the event
is not enabled if tor has disabled the network or if hibernation mode.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 09:28:00 -04:00
Nick Mathewson
302908657f Fix a test assertion failure due to uninitialized mainloop events
Bug not in any released Tor.
2018-04-26 14:39:26 -04:00
David Goulet
9fd319168b test: Add missing geoip_dummy file to EXTRA_DIST
Needed to run tests from the tarball else the geoip unit test would fail by
not finding that file.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-26 14:15:24 -04:00
Nick Mathewson
9abf541f7f Add a function to compute millisecond time difference quickly.
Our main function, though accurate on all platforms, can be very
slow on 32-bit hosts.  This one is faster on all 32-bit hosts, and
accurate everywhere except apple, where it will typically be off by
1%.  But since 32-bit apple is a relic anyway, I think we should be
fine.
2018-04-26 12:01:48 -04:00
Nick Mathewson
5e395ba2c2 Rewrite time-handling in circuitmux_ewma to use monotime_coarse
This part of the code was the only part that used "cached
getttimeofday" feature, which wasn't monotonic, which we updated at
slight expense, and which I'd rather not maintain.
2018-04-26 11:50:58 -04:00
David Goulet
7b09282dc7 Merge remote-tracking branch 'dgoulet/ticket25515_034_01-squashed' 2018-04-26 11:38:15 -04:00
juga0
f4ad30448a Recover newline at the EOF, removed by mistake
in 071236e3e2.
2018-04-26 11:33:22 -04:00
juga0
3d4bbf94c6 tests: Add forgotten empty file required for geoip 2018-04-26 11:33:22 -04:00
juga0
d0ad74e0f6 Add clarification about type of file expected 2018-04-26 11:33:22 -04:00
juga0
96469b82f8 Remove FIXME about comparing num countries,
* remove the fixme since clearing the countries should be other issue
* remove unused variables related to it since that cause travis to fail
2018-04-26 11:33:22 -04:00
Isis Lovecruft
6a28a82998 tests: Fix a couple typos and remove unnecessary inline comments. 2018-04-26 11:33:22 -04:00
Isis Lovecruft
3f967bfbd1 tests: Skip two more geoip_load_file tests on Windows.
* FIXES part of #25515: https://bugs.torproject.org/25515
2018-04-26 11:33:22 -04:00
David Goulet
665e23c59a test: Add periodic events unit tests
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-23 10:57:28 -04:00
Nick Mathewson
cd3fc2aa48 Merge remote-tracking branch 'neel/b25511-r4' 2018-04-23 09:13:24 -04:00
Nick Mathewson
1ba9b7e013 Merge remote-tracking branch 'mikeperry/bug25400_squashed' 2018-04-22 20:39:35 -04:00
Nick Mathewson
0e8ae82a87 Merge branch 'remove_old_consensus_methods_2018_squashed' 2018-04-22 20:01:09 -04:00
Nick Mathewson
5f90d28c01 Remove MIN_METHOD_FOR_{SHARED_RANDOM,EXCLUDING_INVALID_NODES}
Also remove client detection for pre-EXCLUDING_INVALID_NODES
consensuses, and a test for that detection.
2018-04-22 20:00:47 -04:00
Nick Mathewson
4d6f21bb6b Remove MIN_METHOD_FOR_{PACKAGE_LINES,GUARDFRACTION,ED25519_ID_IN_MD}
Also remove a rest for pre-19 microdesc versions.
2018-04-22 20:00:47 -04:00
Nick Mathewson
caf766991d Remove MIN_METHOD_FOR_ID_HASH_IN_MD and a test for running without it. 2018-04-22 20:00:47 -04:00
Nick Mathewson
93380db833 Remove MIN_METHOD_{FOR_P6_LINES,FOR_NTOR_KEY,TO_CLIP_UNMEASURED_BW}
Also remove a unit test for pre-MIN_METHOD_FOR_NTOR_KEY consensuses.
2018-04-22 20:00:47 -04:00
Nick Mathewson
08373467b1 Remove MIN_METHOD_FOR and MIN_METHOD_FOR_A_LINES
Also, in networkstatus.c, remove client code for recognizing pre-
MIN_METHOD_FOR_A_LINES consensuses, and corresponding unit tests in
test_dir.c.
2018-04-22 20:00:47 -04:00
Nick Mathewson
69347f48e0 Disable consensus methods before 25.
Consensus method 25 is the oldest one supported by any stable
version of 0.2.9, which is our current most-recent LTS.  Thus, by
proposal 290, they should be removed.

This commit does not actually remove the code to implement these
methods: it only makes it so authorities will no longer support
them.  I'll remove the backend code for them in later commits.
2018-04-22 20:00:47 -04:00
Nick Mathewson
6773102c92 Merge branch 'bug25691_033_again_squashed' 2018-04-22 19:44:27 -04:00
Nick Mathewson
f1c1328f85 Repair the legacy_hs/pick_tor2web_rendezvous_node unit test
It tried to pick nodes for which only routerinfo_t items are set,
but without setting UseMicroDescriptors to 0.  This won't work any
more, now that we're strict about using the right descriptor types
due to 25691/25692/25213.
2018-04-22 19:43:07 -04:00
Nick Mathewson
47163780c3 Rename node_has_descriptor() to node_has_any_descriptor()
Changing the name of this function should help keep us from misusing
it when node_has_preferred_descriptor() would be more appropriate.
2018-04-22 19:43:07 -04:00
Nick Mathewson
ff6f49f033 Rename find_dl_schedule to find_dl_min_delay.
(We no longer need two separate functions here.)
2018-04-22 15:55:09 -04:00
Nick Mathewson
2d7b5c6fe5 Change the type of "download schedule" from smartlist to int.
This is done as follows:
  * Only one function (find_dl_schedule()) actually returned a
    smartlist. Now it returns an int.

  * The CSV_INTERVAL type has been altered to ignore everything
    after the first comma, and to store the value before the first
    comma in an int.
2018-04-22 15:55:09 -04:00
Nick Mathewson
9aaed729c1 Rename *DownloadSchedule to *DownloadInitialDelay; make them ints
This commit won't compile. It was made with the following perl
scripts:

s/smartlist_t \*(.*)DownloadSchedule;/int $1DownloadInitialDelay;/;
s/\b(\w*)DownloadSchedule\b/$1DownloadInitialDelay/;
2018-04-22 15:55:09 -04:00
Nick Mathewson
9d27e3f014 Make test_tortls.c build with openssl no_deprecated.
Also for 19981.
2018-04-18 12:32:39 -04:00
Nick Mathewson
3bf9974b6c Fix a pointer size error in test_bridges.c
sizeof(ret) is the size of the pointer, not the size of what it
points to.  Fortunately, we already have a function to compare
tor_addr_port_t values for equality.

Bugfix on c2c5b13e5d8a77e; bug not in any released Tor. Found by
clang's scan-build.
2018-04-17 19:45:59 -04:00
Nick Mathewson
c5bbf72fb8 Merge branch 'maint-0.3.3' 2018-04-17 10:45:58 -04:00
David Goulet
93ff1870ba heartbeat: Log the number of circuits killed because too many cells
We recently merged a circuit cell queue size safeguard. This commit adds the
number of killed circuits that have reached the limit to the DoS heartbeat. It
now looks like this:

  [notice] DoS mitigation since startup: 0 circuits killed with too many
  cells. 0 circuits rejected, 0 marked addresses. 0 connections closed. 0
  single hop clients refused.

Second thing that this patch does. It makes tor always print the DoS
mitigation heartbeat line (for a relay) even though no DoS mitigation have
been enabled. The reason is because we now kill circuits that have too many
cells regardless on if it is enabled or not but also it will give the operator
a chance to learn what is enabled with the heartbeat instead of suddenly
appearing when it is enabled by let say the consensus.

Fixes #25824

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-17 10:44:43 -04:00
Neel Chauhan
3a6e37f57f Add GETINFO current-time/{local,utc} regression test 2018-04-16 20:37:50 -04:00
Mike Perry
0e06a9c3e7 Helper function to add u32 without overflow. 2018-04-16 21:46:31 +00:00
David Goulet
ae4e5b9824 token: Fix uint32_t to uint64_t conversion
Unfortunately, the units passed to
monotime_coarse_stamp_units_to_approx_msec() was always 0 due to a type
conversion.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-16 15:05:41 -04:00
juga0
8be1ac8abe
Add test to check that loading a 2nd file replaces the 1st
Signed-off-by: Isis Lovecruft <isis@torproject.org>
2018-04-16 19:02:57 +00:00
juga0
071236e3e2
Add a test for geoip_load_file() using geoip6
Signed-off-by: Isis Lovecruft <isis@torproject.org>
2018-04-16 19:01:30 +00:00
Nick Mathewson
4b58b97c68 32-bit compilation warnings 2018-04-13 17:01:03 -04:00
Nick Mathewson
34c2574aa9 Merge branch 'token_bucket_once_again_squashed' 2018-04-13 16:31:58 -04:00
Nick Mathewson
1b31195b4f Fix "make check-spaces" 2018-04-13 16:31:47 -04:00
Nick Mathewson
003e6595bf Refactor "timestamp" not to be its own type coupled to token buffers
Really, the uint32_t is only an optimization; any kind of unit
should work fine.  Some users might want to use time_t or
monotime_coarse_t or something like that.
2018-04-13 16:31:47 -04:00
Nick Mathewson
0b40ed5e70 Start re-refactoring the token bucket interface.
Begin by creating a lowest-level triple of the types needed to
implement a token bucket: a configuration, a timestamp, and the raw
bucket itself.

Note that for low-level buckets, the units of the timestamp and the
bucket itself are unspecified: each user can use a different type.

(This patch breaks check-spaces; a later patch will fix it)
2018-04-13 16:31:47 -04:00
Nick Mathewson
61d87dfa15 Merge branch 'postloop_callbacks_2' 2018-04-13 12:12:46 -04:00
Nick Mathewson
03b96882de Rename token_bucket_t to token_bucket_rw_t.
This is a simple search-and-replace to rename the token bucket type
to indicate that it contains both a read and a write bucket, bundled
with their configuration.  It's preliminary to refactoring the
bucket type.
2018-04-13 10:54:26 -04:00
Nick Mathewson
b152d62cee Merge branch 'token_bucket_refactor_squashed' 2018-04-13 10:47:24 -04:00
Nick Mathewson
62f4d5a265 Add a unit test for post-loop events
This test works by having two post-loop events activate one another
in a tight loop.  If the "post-loop" mechanism didn't work, this
would be enough to starve all other events.
2018-04-13 10:44:15 -04:00
Nick Mathewson
ad57b1279a Disable load_geoip_file() tests on windows
See bug #25787 for discussion; we should have a better fix here.
2018-04-13 10:42:19 -04:00
Nick Mathewson
787bafc0f9 Increase tolerances for imprecise time. 2018-04-13 10:41:15 -04:00
Nick Mathewson
3f514fe3b1 Accept small hops backward in the monotonic timer. 2018-04-13 10:41:15 -04:00
Nick Mathewson
c376200f6a Add a new token-bucket backend abstraction, with tests
This differs from our previous token bucket abstraction in a few
ways:

  1) It is an abstraction, and not a collection of fields.
  2) It is meant to be used with monotonic timestamps, which should
     produce better results than calling gettimeofday over and over.
2018-04-13 10:41:14 -04:00
Nick Mathewson
d8ef9a2d1e Expose a function that computes stamp units from msec.
(It turns out we can't just expose STAMP_TICKS_PER_SECOND, since
Apple doesn't have that.)
2018-04-13 10:41:08 -04:00
Nick Mathewson
f0887e30dd Merge branch 'maint-0.3.3' 2018-04-12 12:31:41 -04:00
Nick Mathewson
46795a7be6 Attempt to fix 32-bit clang builds, which broke with 31508a0abc
When size_t is 32 bits, the unit tests can't fit anything more than
4GB-1 into a size_t.

Additionally, tt_int_op() uses "long" -- we need tt_u64_op() to
safely test uint64_t values for equality.

Bug caused by tests for #24782 fix; not in any released Tor.
2018-04-12 12:30:36 -04:00
Nick Mathewson
037fb0c804 Merge branch 'maint-0.3.3' 2018-04-12 11:14:42 -04:00
Alexander Færøy
31508a0abc Use less memory for MaxMemInQueues for machines with more than 8 GB of RAM.
This patch changes the algorithm of compute_real_max_mem_in_queues() to
use 0.4 * RAM iff the system has more than or equal to 8 GB of RAM, but
will continue to use the old value of 0.75 * RAM if the system have less
than * GB of RAM available.

This patch also adds tests for compute_real_max_mem_in_queues().

See: https://bugs.torproject.org/24782
2018-04-12 11:14:16 -04:00
Nick Mathewson
6bdfaa8b24 Merge remote-tracking branch 'isis-github/bug25425_squashed2' 2018-04-10 15:32:26 -04:00
Nick Mathewson
6e467a7a34 Merge remote-tracking branch 'isis-github/bug25409' 2018-04-10 15:27:09 -04:00
Nick Mathewson
16f08de0fd Remove TestingEnableTbEmptyEvent
This option was used for shadow testing previously, but is no longer
used for anything.  It interferes with refactoring our token buckets.
2018-04-10 12:16:21 -04:00
Isis Lovecruft
3ee7a8d3a5
tests: Make tt_finished() macro for tests without tt_*_op() calls. 2018-04-09 19:32:47 +00:00
Isis Lovecruft
c2c5b13e5d
test: Add testing module and some unittests for bridges.c.
This roughly doubles our test coverage of the bridges.c module.

 * ADD new testing module, .../src/test/test_bridges.c.
 * CHANGE a few function declarations from `static` to `STATIC`.
 * CHANGE one function in transports.c, transport_get_by_name(), to be
   mockable.
 * CLOSES #25425: https://bugs.torproject.org/25425
2018-04-09 19:32:46 +00:00
Isis Lovecruft
809f6fae84
refactor: Remove unnecessary #include "crypto.h" throughout codebase.
* FIXES part of #24658: https://bugs.torproject.org/24658
2018-04-06 22:49:18 +00:00
Isis Lovecruft
fe3aca1491
crypto: Refactor (P)RNG functionality into new crypto_rand module.
* ADD new /src/common/crypto_rand.[ch] module.
 * ADD new /src/common/crypto_util.[ch] module (contains the memwipe()
   function, since all crypto_* modules need this).
 * FIXES part of #24658: https://bugs.torproject.org/24658
2018-04-06 21:45:28 +00:00
Nick Mathewson
98b694bfd5 Merge branch 'isolate_libevent_2_squashed' 2018-04-06 08:50:35 -04:00
Nick Mathewson
245fdf8ca0 Remove needless event2/thread.h include from test_compat_libevent.c 2018-04-05 12:36:28 -04:00
Nick Mathewson
4225300648 Remove redundant event2/event.h usage from test_scheduler.c
This module doesn't actually need to mock the libevent mainloop at
all: it can just use the regular mainloop that the test environment
sets up.

Part of ticket 23750.
2018-04-05 12:36:28 -04:00
Nick Mathewson
6a5f62f68f Move responsibility for threadpool reply-handler events to workqueue
This change makes cpuworker and test_workqueue no longer need to
include event2/event.h.  Now workqueue.c needs to include it, but
that is at least somewhat logical here.
2018-04-05 12:36:28 -04:00
Nick Mathewson
b3586629c9 Wrap the function we use to run the event loop.
Doing this lets us remove the event2/event.h header from a few more
modules, particularly in the tests.

Part of work on 23750.
2018-04-05 12:36:27 -04:00
Nick Mathewson
39cb04335f Add wrappers for event_base_loopexit and event_base_loopbreak. 2018-04-05 12:36:05 -04:00
Nick Mathewson
c6d7e0becf Merge remote-tracking branch 'public/split_relay_crypto' 2018-04-05 12:12:18 -04:00
Neel Chauhan
9df110cd72
Remove PortForwarding options
Signed-off-by: Isis Lovecruft <isis@torproject.org>
2018-04-04 00:19:33 +00:00
Isis Lovecruft
6739a69c59
tests: Run all existing protover tests in both languages.
There's now no difference in these tests w.r.t. the C or Rust: both
fail miserably (well, Rust fails with nice descriptive errors, and C
gives you a traceback, because, well, C).
2018-04-02 19:59:14 +00:00
Isis Lovecruft
f769edd148
tests: Make inline comments in test_protover.c more accurate.
The DoS potential is slightly higher in C now due to some differences to the
Rust code, see the C_RUST_DIFFERS tags in src/rust/protover/tests/protover.rs.

Also, the comment about "failing at the splitting stage" in Rust wasn't true,
since when we split, we ignore empty chunks (e.g. "1--1" parses into
"(1,None),(None,1)" and "None" can't be parsed into an integer).

Finally, the comment about "Rust seems to experience an internal error" is only
true in debug mode, where u32s are bounds-checked at runtime.  In release mode,
code expressing the equivalent of this test will error with
`Err(ProtoverError::Unparseable)` because 4294967295 is too large.
2018-04-02 19:59:13 +00:00
Isis Lovecruft
ad369313f8
protover: Change protover_all_supported() to return only unsupported.
Previously, if "Link=1-5" was supported, and you asked protover_all_supported()
(or protover::all_supported() in Rust) if it supported "Link=3-999", the C
version would return "Link=3-999" and the Rust would return "Link=6-999".  These
both behave the same now, i.e. both return "Link=6-999".
2018-04-02 19:59:12 +00:00
Isis Lovecruft
527a239863
tests: Run all existing protover tests in both languages.
There's now no difference in these tests w.r.t. the C or Rust: both
fail miserably (well, Rust fails with nice descriptive errors, and C
gives you a traceback, because, well, C).
2018-04-02 19:20:38 +00:00
Isis Lovecruft
22c65a0e4b
tests: Make inline comments in test_protover.c more accurate.
The DoS potential is slightly higher in C now due to some differences to the
Rust code, see the C_RUST_DIFFERS tags in src/rust/protover/tests/protover.rs.

Also, the comment about "failing at the splitting stage" in Rust wasn't true,
since when we split, we ignore empty chunks (e.g. "1--1" parses into
"(1,None),(None,1)" and "None" can't be parsed into an integer).

Finally, the comment about "Rust seems to experience an internal error" is only
true in debug mode, where u32s are bounds-checked at runtime.  In release mode,
code expressing the equivalent of this test will error with
`Err(ProtoverError::Unparseable)` because 4294967295 is too large.
2018-04-02 19:20:37 +00:00
Isis Lovecruft
6e353664dd
protover: Change protover_all_supported() to return only unsupported.
Previously, if "Link=1-5" was supported, and you asked protover_all_supported()
(or protover::all_supported() in Rust) if it supported "Link=3-999", the C
version would return "Link=3-999" and the Rust would return "Link=6-999".  These
both behave the same now, i.e. both return "Link=6-999".
2018-04-02 19:20:36 +00:00
Nick Mathewson
f4bcf3f34c Remove event2/event.h include from compat_libevent.h
Only one module was depending on this include (test_helpers.c), and
it was doing so incorrectly.
2018-04-02 11:11:31 -04:00
Roger Dingledine
0983c203e5 misc tiny fixes 2018-04-01 23:47:44 -04:00
Nick Mathewson
794a25f8c1 Merge branch 'maint-0.3.3' 2018-03-28 14:23:06 -04:00
Nick Mathewson
e0bbef48bf Merge remote-tracking branch 'dgoulet/bug24767_033_03' into maint-0.3.3 2018-03-28 14:21:04 -04:00
Nick Mathewson
6317aa2cc0 Merge branch 'maint-0.3.3' 2018-03-28 07:50:47 -04:00
Nick Mathewson
b504c854d3 Rename string_is_valid_hostname -> string_is_valid_nonrfc_hostname
Per discussion on 25055.
2018-03-28 07:42:27 -04:00
rl1987
6b6d003f43 Don't explode on NULL or empty string 2018-03-28 07:39:03 -04:00
rl1987
d891010fdd Allow alphanumeric TLDs in test for now 2018-03-28 07:39:03 -04:00
rl1987
dbb7c8e6fd Validate hostnames with punycode TLDs correctly 2018-03-28 07:39:03 -04:00
rl1987
db850fec3a Test TLD validation 2018-03-28 07:39:03 -04:00
rl1987
12afd8bfed Also test bracket-less IPv6 string validation 2018-03-28 07:39:03 -04:00
rl1987
b0ba4aa7e9 Fix bracketed IPv6 string validation 2018-03-28 07:39:03 -04:00
rl1987
1af016e96e Do not consider IP strings valid DNS names. Fixes #25055 2018-03-28 07:39:03 -04:00
rl1987
0e453929d2 Allow IPv6 address strings to be used as hostnames in SOCKS5 requests 2018-03-28 07:39:03 -04:00
George Kadianakis
ab16f1e2a1 test: Add unittest for the OR connection failure cache
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-03-27 12:43:39 -04:00
Nick Mathewson
979c7e5c83 Merge branch 'maint-0.3.3' 2018-03-27 07:05:15 -04:00
Nick Mathewson
0eed0899cd Merge branch 'bug24658-rm-curve25519-header' into bug24658-merge 2018-03-26 20:12:59 -04:00
Nick Mathewson
969a38a375 Fix a unit test which was broken by the previous commit
This test was expecting Tor to find and use routerinfos, but hadn't
cleared the UseMicrodescriptors flag.  Part of the fix for 25213.
2018-03-26 09:57:39 -04:00
Nick Mathewson
7db4d0c55f Basic unit tests for relay_crypto.c
These tests handle incoming and outgoing cells on a three-hop
circuit, and make sure that the crypto works end-to-end.  They don't
yet test spec conformance, leaky-pipe, or various error cases.
2018-03-24 13:49:08 -04:00
Nick Mathewson
bb9012c818 test: more data on geoip load failure. 2018-03-23 11:48:15 -04:00
Nick Mathewson
11114c7e83 Merge branch 'maint-0.3.3' 2018-03-23 11:19:19 -04:00
Isis Lovecruft
657d5cbbbc tests: Automatically detect Rust crates to test and also pass --verbose.
* FIXES #25560: https://bugs.torproject.org/25560.
2018-03-23 11:13:04 -04:00
Nick Mathewson
d9ba7db38b Merge remote-tracking branch 'public/geoip_testing' 2018-03-22 08:43:28 -04:00
Nick Mathewson
d8893bc93c Merge remote-tracking branch 'isis/bug23881_r1' 2018-03-19 17:20:37 -04:00
Nick Mathewson
910422e8fa Merge branch 'maint-0.3.2' into maint-0.3.3 2018-03-19 16:59:49 -04:00
Nick Mathewson
3716611fea Merge branch 'maint-0.3.3' 2018-03-19 16:59:49 -04:00
Isis Lovecruft
66d3120634 tests: Fix HS test against max IP lifetime.
* FIXES part of #25450: https://bugs.torproject.org/25450
2018-03-19 16:59:07 -04:00
Nick Mathewson
a324cd9020 Merge branch 'ticket25268_034_01' 2018-03-19 06:01:02 -04:00
Nick Mathewson
92c60b572c Merge branch 'maint-0.3.3' 2018-03-19 05:39:56 -04:00
Gisle Vanem
53914f7dae tests: Fix crash on win32 due to uninitialised mutex in bench.c.
Signed-off-by: Isis Lovecruft <isis@torproject.org>
2018-03-19 05:38:19 -04:00
Nick Mathewson
bcea98a4b4 Merge branch 'maint-0.3.3' 2018-03-19 05:36:06 -04:00
Nick Mathewson
296e429ebc Merge branch 'maint-0.3.2' into maint-0.3.3 2018-03-19 05:36:06 -04:00
Nick Mathewson
5ecad6c95d Extract the cryptographic parts of crypt_path_t and or_circuit_t.
Additionally, this change extracts the functions that created and
freed these elements.

These structures had common "forward&reverse stream&digest"
elements, but they were initialized and freed through cpath objects,
and different parts of the code depended on them.  Now all that code
is extacted, and kept in relay_crypto.c
2018-03-17 10:59:15 -04:00
Nick Mathewson
80955be6ec Move relay-crypto functions from relay.[ch] to relay_crypto.[ch]
This should help us improve modularity, and should also make it
easier for people to experiment with other relay crypto strategies
down the road.

This commit is pure function movement.
2018-03-17 10:23:44 -04:00
Nick Mathewson
320dcf65b7 Extract the crypto parts of circuit_package_relay_cell. 2018-03-17 10:16:41 -04:00
Nick Mathewson
becae4c943 Add a test for geoip_load_file(). 2018-03-15 15:21:34 +01:00
Nick Mathewson
ffb00404b1 Split geoip tests into a separate module. 2018-03-15 15:12:54 +01:00
Isis Lovecruft
0545f64d24
test: Increase time limit for IP creation in an HS test.
This should avoid most intermittent test failures on developer and CI machines,
but there could (and probably should) be a more elegant solution.

Also, this test was testing that the IP was created and its expiration time was
set to a time greater than or equal to `now+INTRO_POINT_LIFETIME_MIN_SECONDS+5`:

    /* Time to expire MUST also be in that range. We add 5 seconds because
     * there could be a gap between setting now and the time taken in
     * service_intro_point_new. On ARM, it can be surprisingly slow... */
    tt_u64_op(ip->time_to_expire, OP_GE,
              now + INTRO_POINT_LIFETIME_MIN_SECONDS + 5);

However, this appears to be a typo, since, according to the comment above it,
adding five seconds was done because the IP creation can be slow on some
systems.  But the five seconds is added to the *minimum* time we're comparing
against, and so it actually functions to make this test *more* likely to fail on
slower systems.  (It should either subtract five seconds, or instead add it to
time_to_expire.)

 * FIXES #25450: https://bugs.torproject.org/25450
2018-03-08 20:50:50 +00:00
Nick Mathewson
62482ea279 Merge branch 'maint-0.3.3' 2018-03-03 11:53:05 -05:00
Nick Mathewson
cc7de9ce1d Merge branch 'ticket23814' into maint-0.3.3 2018-03-03 11:53:01 -05:00
Nick Mathewson
d22963938f Merge branch 'maint-0.3.3' 2018-03-01 16:10:47 -05:00
Nick Mathewson
f7eff2f8c5 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-03-01 16:10:43 -05:00
Nick Mathewson
d01abb9346 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-03-01 16:07:59 -05:00
Nick Mathewson
d4a758e083 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-03-01 16:07:59 -05:00
Nick Mathewson
c1bb8836ff Protover tests: disable some obsoleted tests
These were meant to demonstrate old behavior, or old rust behavior.

One of them _should_ work in Rust, but won't because of
implementation details.  We'll fix that up later.
2018-03-01 16:05:17 -05:00
Nick Mathewson
1fe0bae508 Forbid UINT32_MAX as a protocol version
The C code and the rust code had different separate integer overflow
bugs here.  That suggests that we're better off just forbidding this
pathological case.

Also, add tests for expected behavior on receiving a bad protocol
list in a consensus.

Fixes another part of 25249.
2018-03-01 16:05:17 -05:00
Nick Mathewson
8b405c609e Forbid "-0" as a protocol version.
Fixes part of 24249; bugfix on 0.2.9.4-alpha.
2018-03-01 16:05:17 -05:00
Nick Mathewson
0953c43c95 Add more of Teor's protover tests.
These are as Teor wrote them; I've disabled the ones that don't pass
yet, with XXXX comments.
2018-03-01 16:05:17 -05:00
Nick Mathewson
d3a1bdbf56 Add some protover vote round-trip tests from Teor.
I've refactored these to be a separate function, to avoid tricky
merge conflicts.

Some of these are disabled with "XXXX" comments; they should get
fixed moving forward.
2018-03-01 16:05:17 -05:00
Nick Mathewson
fc22bcadb5 Revert 4438ef32's changes to test_address.c
Apparently some versions of the mac sdk care about the ordering of
net/if.h wrt other headers.

Fixes bug 25319; bug not in any released tor.
2018-02-21 09:36:37 -05:00
Isis Lovecruft
3e9140e79a
crypto: Remove unnecessary curve25519 header from crypto_digest.h.
* ADD includes for "torint.h" and "container.h" to crypto_digest.h.
 * ADD includes for "crypto_digest.h" to a couple places in which
   crypto_digest_t was then missing.
 * FIXES part of #24658: https://bugs.torproject.org/24658#comment:30
2018-02-20 20:29:54 +00:00
Nick Mathewson
4438ef3288 Remove a bunch of other redundant #includes
Folks have found two in the past week or so; we may as well fix the
others.

Found with:

\#!/usr/bin/python3
import re

def findMulti(fname):
    includes = set()
    with open(fname) as f:
        for line in f:
            m = re.match(r'^\s*#\s*include\s+["<](\S+)[>"]', line)
            if m:
                inc = m.group(1)
                if inc in includes:
                    print("{}: {}".format(fname, inc))
                includes.add(m.group(1))

import sys
for fname in sys.argv[1:]:
    findMulti(fname)
2018-02-20 10:14:15 -05:00
Nick Mathewson
bd71e0a0c8 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-02-16 09:54:13 -05:00
Nick Mathewson
2bcd264a28 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-02-16 09:48:11 -05:00
Nick Mathewson
acb7a536c2 Merge branch 'maint-0.3.3' 2018-02-15 20:33:00 -05:00
Nick Mathewson
799c82be70 Merge remote-tracking branch 'isis/bug25171' into maint-0.3.3 2018-02-15 20:32:57 -05:00
Nick Mathewson
a1dd8afc16 Merge branch '25162_zstd_static' 2018-02-15 20:28:07 -05:00
Isis Lovecruft
5f7d78ce2a
tests: Remove duplicate included header file in src/test/test.c.
* FIXES #25271: https://bugs.torproject.org/25271
2018-02-16 01:19:12 +00:00
David Goulet
e19cd38f08 cmux: Always use the cmux policy
Remove the checks on cmux->policy since it should always be set.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-15 14:54:24 -05:00
David Goulet
c235c32bbc cmux: Remove round-robin circuit policy
Since 0.2.4, tor uses EWMA circuit policy to prioritize. The previous
algorithm, round-robin, hasn't been used since then but was still used as a
fallback.

Now that EWMA is mandatory, remove that code entirely and enforce a cmux
policy to be set.

This is part of a circuitmux cleanup to improve performance and reduce
complexity in the code. We'll be able to address future optimization with this
work.

Closes #25268

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-15 14:36:39 -05:00
David Goulet
6b1dba214d cmux: Make EWMA policy mandatory
To achieve this, a default value for the CircuitPriorityHalflife option was
needed. We still look in the options and then the consensus but in case no
value can be found, the default CircuitPriorityHalflifeMsec=30000 is used. It
it the value we've been using since 0.2.4.4-alpha.

This means that EWMA, our only policy, can not be disabled anymore fallbacking
to the round robin algorithm. Unneeded code to control that is removed in this
commit.

Part of #25268

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-15 13:45:21 -05:00
Nick Mathewson
9e566f3a72 Merge branch 'tests_rust' 2018-02-13 18:12:01 -05:00
Nick Mathewson
abdf2a6f7f Merge remote-tracking branch 'dgoulet/ticket24902_029_05' 2018-02-09 12:08:12 -05:00
David Goulet
1a4fc9cddf test: DoS test to make sure we exclude known relays
Part of #25193

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-09 11:31:01 -05:00
Nick Mathewson
549a450f52 Add a "make test-rust" target to run the rust tests only. 2018-02-08 17:51:57 -05:00
David Goulet
112638921b Merge branch 'ticket25183_029_01' into ticket24902_029_05 2018-02-08 16:56:21 -05:00
David Goulet
a445327b80 test: Add unit tests for addressset.c
This also adds one that tests the integration with the nodelist.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-08 16:56:05 -05:00
Nick Mathewson
78382d557a Merge remote-tracking branch 'dgoulet/bug25113_029_01' 2018-02-07 11:33:14 -05:00
David Goulet
fe3dfe7e38 test: Bump to 10 msec gap in the monotonic test
On slow system, 1 msec between one read and the other was too tight. For
instance, it failed on armel with a 4msec gap:

  https://buildd.debian.org/status/package.php?p=tor&suite=experimental

Increase to 10 msec for now to address slow system. It is important that we
keep this OP_LE test in so we make sure the msec/usec/nsec read aren't
desynchronized by huge gaps. We'll adjust again if we ever encounter a system
that goes slower than 10 msec between calls.

Fixes #25113

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-07 10:50:52 -05:00
Deepesh Pathak
ca6682f3f8 Fix spelling mistakes corresponding to ticket #23650 2018-02-07 10:41:57 -05:00
Nick Mathewson
7cb954209d Make zstd unit tests try running with static-only fns disabled
Since we're making it so that unstable zstd apis can be disabled,
we need to test them.  I do this by adding a variant setup/cleanup
function for the tests, and teaching it about a fake compression
method called "x-zstd:nostatic".
2018-02-06 11:05:07 -05:00
Nick Mathewson
22a5d3dd2a remove a redundant semicolon 2018-02-06 08:13:11 -05:00
Nick Mathewson
f0d7905bc9 Merge remote-tracking branch 'dgoulet/ticket24902_029_05' 2018-02-05 11:38:58 -05:00
Nick Mathewson
953c769a86 fuzz: Move init_protocol_warning_severity_level() into global_init()
This is needed so llvm_fuzz will see it too.
2018-02-02 17:42:23 -05:00
Nick Mathewson
3bed8fdb91 Use tt_u64_op() for uint64_t inputs. 2018-02-02 15:23:55 -05:00
Nick Mathewson
eafa252b26 Merge remote-tracking branch 'dgoulet/ticket24902_029_05' 2018-02-02 15:00:35 -05:00
David Goulet
475218c108 Merge branch 'ticket25122_029_02' into ticket24902_029_05 2018-02-02 14:55:01 -05:00
David Goulet
51839f4765 geoip: Hook the client history cache into the OOM handler
If the cache is using 20% of our maximum allowed memory, clean 10% of it. Same
behavior as the HS descriptor cache.

Closes #25122

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-02 14:48:41 -05:00
Nick Mathewson
9e48338a12 Merge branch 'maint-0.3.2' 2018-02-02 12:03:54 -05:00
David Goulet
005e228f80 sched: When releasing a channel, do not BUG() if absent from the pending list
The current code flow makes it that we can release a channel in a PENDING
state but not in the pending list. This happens while the channel is being
processed in the scheduler loop.

Fixes #25125

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-02 12:03:27 -05:00
David Goulet
d40a4e46b6 test: KIST Scheduler unit tests to test the pending list state
This tests many cases of the KIST scheduler with the pending list state by
calling entry point in the scheduler while channels are scheduled or not.

Also, it adds a test for the bug #24700.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-01 17:05:04 -05:00
Nick Mathewson
5516d22a26 Merge remote-tracking branch 'teor/bug25070' 2018-02-01 15:28:25 -05:00
Nick Mathewson
ca85d66217 Merge branch 'maint-0.3.2' 2018-02-01 08:15:09 -05:00
Nick Mathewson
946ebd8419 Obsolete the now-unused MaxTries options. 2018-01-31 15:11:47 -05:00
Nick Mathewson
a846fd267e Merge branch 'bug23954_squashed' 2018-01-31 14:37:48 -05:00
Nick Mathewson
da778f2921 Use thread-safe types to store the LOG_PROTOCOL_WARN severity
Fixes a race condition; resolves 23954.
2018-01-31 14:37:09 -05:00
Nick Mathewson
98dd3757bf Merge branch 'bug25008' 2018-01-31 14:32:24 -05:00
David Goulet
fbc455cbd2 ns: Add a before and after consensus has changed notification
In 0.3.2.1-alpha, we've added notify_networkstatus_changed() in order to have
a way to notify other subsystems that the consensus just changed. The old and
new consensus are passed to it.

Before this patch, this was done _before_ the new consensus was set globally
(thus NOT accessible by getting the latest consensus). The scheduler
notification was assuming that it was set and select_scheduler() is looking at
the latest consensus to get the parameters it might needs. This was very wrong
because at that point it is still the old consensus set globally.

This commit changes the notify_networkstatus_changed() to be the "before"
function and adds an "after" notification from which the scheduler subsystem
is notified.

Fixes #24975
2018-01-31 14:15:02 -05:00
Nick Mathewson
3d937043c2 Fix a failing unit test.
When we stopped looking at the "protocols" variable directly, we
broke the hs_service/build_update_descriptors test, since it didn't
actually update any of the flags.

The fix here is to call summarize_protover_flags() from that test,
and to expose summarize_protover_flags() as "STATIC" from
routerparse.c.
2018-01-31 14:06:37 -05:00
Nick Mathewson
94878cf1ea Merge remote-tracking branch 'dgoulet/ticket24902_029_05' 2018-01-31 09:35:07 -05:00
teor
1f4a73133c test: Add unit tests for overflows and underflows in cc_stats_refill_bucket
Closes #25094.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-31 09:27:59 -05:00
teor
a09d5f5735 dos: Make sure cc_stats_refill_bucket can't overflow while calculating
Debug log the elapsed time in cc_stats_refill_bucket

Part of #25094.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-31 09:27:59 -05:00
teor
b45ae1b002 test: Remove a redundant round from test_dos_bucket_refill
This round is left over from the tenths of a second code.

Part of #25094.
2018-01-31 09:19:39 -05:00
Nick Mathewson
d2ae1bfcb3 remove a redundant semicolon 2018-01-30 18:11:16 -05:00
David Goulet
cd81403cc0 Merge branch 'ticket24902_029_05' into ticket24902_033_02 2018-01-30 09:33:12 -05:00
George Kadianakis
c3c2b55dec test: Add unit tests for the DoS subsystem
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-30 09:18:16 -05:00
teor
8bb79ca4a7
Add unit tests for supported protocols
Prevents future regressions like #25070.
2018-01-30 02:20:30 +11:00
Nick Mathewson
5b55e15707 Remove all the old max_delay logic.
We had tests for it, but it was always INT_MAX.
2018-01-25 16:05:20 -05:00
Nick Mathewson
e0049ef022 Remove the old ("deterministic") download schedule.
We haven't meant to use it since we introduced the random
exponential schedule.

Closes ticket 23814.
2018-01-25 15:51:13 -05:00
Nick Mathewson
d9fbd34f42 Extract protover summary flags into a new structure
This will let us use them on routerinfo_t as well as on
routerstatus_t, and save some time on relays.

No behavioral changes here.
2018-01-24 13:53:55 -05:00
Nick Mathewson
fd8ee1d7c3 Merge branch 'maint-0.3.2' 2018-01-24 12:09:07 -05:00
Nick Mathewson
2484d1eb35 Fix a memory leak in build_unopened_fourhop
This is a unit-test-only leak, but let's fix it anyway so it doesn't
hide real bugs.

Bug not in any released version of Tor.
2018-01-24 12:08:39 -05:00
Nick Mathewson
6ba2881aec Fix a memory leak in scheduler/loop_kist
Fixes bug 25005.
2018-01-24 12:07:45 -05:00
Nick Mathewson
d8c1c70d7a Repair a crash bug in src/test/bench
This was caused because of the new KeyDirectory and CacheDirectory
options not being set. Bugfix on 0.3.3.0-alpha; not in any released
Tor.
2018-01-16 13:29:11 -05:00
Nick Mathewson
6b2e856122 Fix a (spurious) scan-build warning in test_introduce1_validation()
Since helper_create_introduce1_cell() checks "cell" for nullness,
scan-build is concerned that test_introduce1_validation()
dereferences it without checking it.  So, add a check.

Not backporting, since this is spurious, _and_ tests-only.
2018-01-16 08:36:34 -05:00
Nick Mathewson
b56ce79e63 In networkstatus_consensus_has_ipv6 test, use approx_time()
This may (or may not) fix up some reliability issues we've been
seeing with this test on windows.
2018-01-03 10:57:44 -05:00
Nick Mathewson
6b3c07648c Merge branch 'maint-0.3.2' 2018-01-03 10:09:20 -05:00
Nick Mathewson
1bc95633fb Fix some shadowed-global warnings.
These are all about local variables shadowing global
functions. That isn't normally a problem, but at least one
compiler we care about seems to treat this as a case of -Wshadow
violation, so let's fix it.

Fixes bug 24634; bugfix on 0.3.2.1-alpha.
2018-01-03 09:13:00 -05:00
Chelsea Holland Komlo
3dfe8e6522 add minimal rust module for logging to tor's logger
Allows an optional no-op for testing purposes
2017-12-21 15:29:33 -05:00
Nick Mathewson
713a717022 scan-build: Replace some test-assertions with fatal assertions
Using tt_assert in these helpers was implying to scan-build that our
'new' functions might be returning NULL, which in turn would make it
warn about null-pointer use.
2017-12-21 13:26:57 -05:00
Nick Mathewson
2f0d57db56 Fix a compilation error in the channel tests.
This would only show up on systems like windows where monotime_t and
monotime_coarse_t are different types.
2017-12-21 11:10:30 -05:00
Nick Mathewson
b8a3602b2a Merge branch 'maint-0.3.2' 2017-12-21 10:54:05 -05:00
Nick Mathewson
84adb9fcca Merge branch 'maint-0.3.1' into maint-0.3.2 2017-12-21 10:50:33 -05:00
Nick Mathewson
08469a338a Merge branch 'maint-0.3.0' into maint-0.3.1 2017-12-21 10:50:06 -05:00
Nick Mathewson
03b4dd92a4 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-12-21 10:49:40 -05:00
Nick Mathewson
3b08184338 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-12-21 10:43:12 -05:00
Nick Mathewson
7d845976e3 Merge branch 'maint-0.2.5' into maint-0.2.8 2017-12-21 10:43:06 -05:00
Nick Mathewson
cd1f708a7f Move free to end of test function so coverity won't complain. 2017-12-21 10:39:29 -05:00
Nick Mathewson
520cf21793 Move destroy cells into a separate queue type of their own, to save RAM
We've been seeing problems with destroy cells queues taking up a
huge amount of RAM.  We can mitigate this, since while a full packed
destroy cell takes 514 bytes, we only need 5 bytes to remember a
circuit ID and a reason.

Fixes bug 24666. Bugfix on 0.2.5.1-alpha, when destroy cell queues
were introduced.
2017-12-21 10:29:01 -05:00
Nick Mathewson
3bc5806339 Merge branch 'maint-0.3.2' 2017-12-20 10:39:38 -05:00
Nick Mathewson
0a1b1430c8 Update the unit tests to reflect the change of 24425 2017-12-20 10:39:19 -05:00
Nick Mathewson
28fbfa8712 whitespace fix 2017-12-20 09:17:13 -05:00
Nick Mathewson
60bf8f6cf6 Improve add_msec test to cover ms->sec rollover
Per mikeperry's suggestion, I'm making sure that the millisecond
part of the time will always roll over in this test.
2017-12-20 09:12:38 -05:00
Nick Mathewson
219c969d7b Use monotime_coarse for transfer times and padding times
Using absolute_msec requires a 64-bit division operation every time
we calculate it, which gets expensive on 32-bit architectures.
Instead, just use the lazy "monotime_coarse_get()" operation, and
don't convert to milliseconds until we absolutely must.

In this case, it seemed fine to use a full monotime_coarse_t rather
than a truncated "stamp" as we did to solve this problem for the
timerstamps in buf_t and packed_cell_t: There are vastly more cells
and buffer chunks than there are channels, and using 16 bytes per
channel in the worst case is not a big deal.

There are still more millisecond operations here than strictly
necessary; let's see any divisions show up in profiles.
2017-12-13 09:46:58 -05:00
Nick Mathewson
dd6dec2665 Add a function to add msec to a monotime.
We'll use this for the channel padding logic.
2017-12-13 08:54:29 -05:00
Nick Mathewson
4c877ae874 Add monotime functions for clearing monotonic times
We need this to replace some of our "msec" users with monotime
users.
2017-12-13 08:29:23 -05:00
Nick Mathewson
9abef516f6 Merge branch 'maint-0.3.2' 2017-12-12 19:27:14 -05:00
Nick Mathewson
bf89b08930 Merge branch 'bug24367_032_squashed' into maint-0.3.2 2017-12-12 19:17:38 -05:00
teor
19a4abf2a9 Make sure bridges are definitely running before delaying directory fetches
Retry directory downloads when we get our first bridge descriptor
during bootstrap or while reconnecting to the network. Keep retrying
every time we get a bridge descriptor, until we have a reachable bridge.

Stop delaying bridge descriptor fetches when we have cached bridge
descriptors. Instead, only delay bridge descriptor fetches when we
have at least one reachable bridge.

Fixes bug 24367; bugfix on 0.2.0.3-alpha.
2017-12-12 19:17:25 -05:00
Nick Mathewson
e622f208a3 Merge remote-tracking branch 'teor/bug23827-v2' 2017-12-12 09:27:03 -05:00
Nick Mathewson
c2822bbc63 Fix compilation of 23459 patch.
The free() changes of 23447 had broken the pending 23459 patch.
2017-12-11 09:55:38 -05:00
Nick Mathewson
98682f689b Merge branch 'maint-0.3.2' 2017-12-11 09:45:17 -05:00
Nick Mathewson
d68abbe358 Merge remote-tracking branch 'dgoulet/bug23603_032_02' into maint-0.3.2 2017-12-11 09:42:12 -05:00
Nick Mathewson
6f3a862966
Run the download_status_increment test in a forked process.
It messes with global state somehow in a way that makes several of
the entryconn tests fail now.
2017-12-11 00:57:04 +11:00
teor
bbc781885d
fixup! Add networkstatus_consensus_has_ipv6() and unit tests
This is what happens when you don't run:
make check-spaces
make check-changes
2017-12-11 00:53:03 +11:00
teor
28d4355a6e
Add networkstatus_consensus_has_ipv6() and unit tests
networkstatus_consensus_has_ipv6() tells us whether the consensus method of
our current consensus supports IPv6 ORPorts in the consensus.

Part of #23827.
2017-12-11 00:34:19 +11:00
Nick Mathewson
241b676638 Fix up test_circuitstats to use the new circuit_free macro 2017-12-08 17:52:45 -05:00
Nick Mathewson
0340c02975 Merge remote-tracking branch 'mikeperry/bug23114_squashed2' 2017-12-08 17:50:34 -05:00
Nick Mathewson
5ee0cccd49 Merge branch 'macro_free_v2_squashed' 2017-12-08 14:58:43 -05:00
Nick Mathewson
fa0d24286b Convert remaining function (mostly static) to new free style 2017-12-08 14:47:19 -05:00
Nick Mathewson
285632a61b Replace all FREE_AND_NULL* uses to take a type and a free function.
This commit was made mechanically by this perl script:

\#!/usr/bin/perl -w -i -p

next if /^#define FREE_AND_NULL/;
s/\bFREE_AND_NULL\((\w+),/FREE_AND_NULL\(${1}_t, ${1}_free_,/;
s/\bFREE_AND_NULL_UNMATCHED\(/FREE_AND_NULL\(/;
2017-12-08 14:47:19 -05:00
Nick Mathewson
db024adc90 Switch to a safer FREE_AND_NULL implementation
This one only evaluates the input once, so it cannot mess up even if
there are side effects.
2017-12-08 14:47:19 -05:00
Nick Mathewson
176ad729d9 Change the free macro convention in the rest of src/or/*.h 2017-12-08 14:47:19 -05:00
Nick Mathewson
0792cc107e Convert connection_free to a nulling macro. 2017-12-08 14:47:19 -05:00
Nick Mathewson
a48ba072a9 Rename connection_free_ to connection_free_minimal. 2017-12-08 14:47:19 -05:00
Nick Mathewson
b0cc9856ee Update free functions into macros: src/or/ part 1
This covers addressmap.h (no change needed) through confparse.h
2017-12-08 14:47:19 -05:00
Nick Mathewson
c92ac9f5cb Convert the rest of src/common's headers to use FREE_AND_NULL 2017-12-08 14:47:19 -05:00
Nick Mathewson
44010c6fc1 Merge branch 'dgoulet_ticket23709_033_01_squashed' 2017-12-08 14:44:09 -05:00
David Goulet
e96c577ed2 test: Make older GCC happy and thus our oniongit pipeline
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-08 14:43:27 -05:00
David Goulet
6120efd771 chan: Do not re-queue after a fail cell write
Couple things happen in this commit. First, we do not re-queue a cell back in
the circuit queue if the write packed cell failed. Currently, it is close to
impossible to have it failed but just in case, the channel is mark as closed
and we move on.

The second thing is that the channel_write_packed_cell() always took ownership
of the cell whatever the outcome. This means, on success or failure, it needs
to free it.

It turns out that that we were using the wrong free function in one case and
not freeing it in an other possible code path. So, this commit makes sure we
only free it in one place that is at the very end of
channel_write_packed_cell() which is the top layer of the channel abstraction.
This makes also channel_tls_write_packed_cell_method() return a negative value
on error.

Two unit tests had to be fixed (quite trivial) due to a double free of the
packed cell in the test since now we do free it in all cases correctly.

Part of #23709

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-08 14:43:27 -05:00
Mike Perry
050bb67974 Add tests for circuitstats.c
These tests primarily test the relaxed and measured behavior of
circuitstats.c, to make sure we did not break it with #23100 or #23114.
2017-12-07 00:04:39 +00:00
Nick Mathewson
5f518c69aa Merge remote-tracking branch 'public/monotime_coarse_stamps' 2017-12-06 15:43:50 -05:00
Nick Mathewson
aa6212a858 Merge remote-tracking branch 'dgoulet/bug24502_032_01' 2017-12-06 14:31:33 -05:00
David Goulet
1a55a5ff06 test: Add a KIST test for a non opened channel
This makes sure that a non opened channel is never put back in the channel
pending list and that its state is consistent with what we expect that is
IDLE.

Test the fixes in #24502.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-06 11:33:01 -05:00
Nick Mathewson
a7a0cebb59 Merge branch 'more_directories_squashed' 2017-12-05 19:49:45 -05:00
Nick Mathewson
a57bcffcc7 Implement the various get_foodir_*() functions. 2017-12-05 19:49:29 -05:00
Nick Mathewson
e8a6a6635b Merge branch 'dgoulet_ticket20699_033_01' 2017-12-05 19:43:23 -05:00
David Goulet
8c02fc15ae control: Don't use void pointer for ADD_ONION secret key
Make this a bit more safe with at least type checking of the pointers
depending on the version.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
David Goulet
9c6560fe29 test: Add HS_DESC v3 unit tests
This introduces the test_hs_control.c file which at this commit contains basic
unit test for the HS_DESC event.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
David Goulet
743d0b9d91 hs-v3: Implement HS_DESC REQUESTED event
This changes the control_event_hs_descriptor_requested() call to add the hsdir
index optional value. v2 passes NULL all the time.

This commit creates hs_control.{c|h} that contains wrappers for the HS
subsystem to interact with the control port subsystem.

The descriptor REQUESTED event is implemented following proposal 284 extension
for v3.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
David Goulet
e7d606900e control: Rename two HS v2 specific functions
Make control_event_hs_descriptor_received() and
control_event_hs_descriptor_failed() v2 specific because they take a
rend_data_t object and v3 will need to pass a different object.

No behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
David Goulet
242ddc85c8 control: Refactor HS_DESC events functions to not be v2 specific
This is a naming refactor mostly _except_ for a the events' function that take
a rend_data_t which will require much more refactoring.

No behavior change at this commit, cleanup and renaming stuff to not be only
v2 specific.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
David Goulet
f0e3331f3c hs-v3: Add ephemeral service support
The functions are now used by the ADD_ONION/DEL_ONION control port command as
well. This commits makes them fully functionnal with hidden service v3.

Part of #20699

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 19:39:46 -05:00
Nick Mathewson
1969d57363 Change our build process to run Cargo from inside the build tree
Instead of using the cwd to specify the location of Cargo.toml, we
use the --manifest-path option to specify its location explicitly.

This works around the bug that isis diagnosed on our jenkins builds.
2017-12-05 14:23:55 -05:00
David Goulet
68601a85ca test: Add HSv3 unit test for expiring intro point
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-12-05 10:55:41 -05:00
Nick Mathewson
20fa6a3883 Merge branch 'maint-0.3.2' 2017-11-29 12:06:14 -05:00
Nick Mathewson
f0007f2b8d Merge branch 'bug24050_029_squashed' into maint-0.3.2 2017-11-29 12:05:49 -05:00
Nick Mathewson
eb1976202e Fix unit tests for 24050. 2017-11-29 12:05:36 -05:00
Nick Mathewson
9c37e8c8d1 Fix unit tests that depended on monotonic msec. 2017-11-27 09:43:15 -05:00
Nick Mathewson
c3c0a05f51 Add a new notion of "stamps" to be a fast 32-bit monotonic timestamp
The goal here is to replace our use of msec-based timestamps with
something less precise, but easier to calculate.  We're doing this
because calculating lots of msec-based timestamps requires lots of
64/32 division operations, which can be inefficient on 32-bit
platforms.

We make sure that these stamps can be calculated using only the
coarse monotonic timer and 32-bit bitwise operations.
2017-11-27 09:43:15 -05:00
David Goulet
04762be612 test: Cleanup unused code in test_channel.c
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
d443a5258f test: Add unit test for channel_listener_t
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
8c5ed4f150 test: Add unit test for channel_get_for_extend()
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
36f1fb3be3 test: Add unit test for channel_check_for_duplicates()
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
47aaaf4403 test: Add channel state unit test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
3ed0b28a01 test: Fix memleak of channel cmux
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
08d0c39b91 test: Fix channel dumpstats test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
bd7823b29b test: Fix channel lifecycle and lifecycle_2
They were broken due to previous commit. Fixes are trivial.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
fa8c98985b test: Add outbound channel cell test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
636eec32bf test: Improve the inbound channel cell test
First, that test was broken from the previous commit because the
channel_queue_cell() has been removed. This now tests the
channel_process_cell() directly.

Second, it wasn't testing much except if the channel subsystem actually went
through the cell handler. This commit adds more checks on the state of a
channel going from open, receiving a cell and closing.

Third, this and the id_map unit test are working, not the others so they've
been marked as not working and future commit will improve and fix those.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:50:13 -05:00
David Goulet
6d1ea7766b channel: Remove unused write cell functions
The channel_write_cell() and channel_write_var_cell() can't be possibly called
nor are used by tor. We only write on the connection outbuf packed cell coming
from the scheduler that takes them from the circuit queue.

This makes channel_write_packed_cell() the only usable function. It is
simplify and now returns a code value. The reason for this is that in the next
commit(s), we'll re-queue the cell onto the circuit queue if the write fails.

Finally, channel unit tests are being removed with this commit because they do
not match the new semantic. They will be re-written in future commits.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:46:15 -05:00
David Goulet
e1c29a769c channel: Remove everything related to queue size
The channel subsystem was doing a whole lot to track and try to predict the
channel queue size but they are gone due to previous commit.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:44:46 -05:00
David Goulet
46a0709261 channel: Remove incoming/outgoing queue
For the rationale, see ticket #23709.

This is a pretty massive commit. Those queues were everywhere in channel.c and
it turns out that it was used by lots of dead code.

The channel subsystem *never* handles variable size cell (var_cell_t) or
unpacked cells (cell_t). The variable ones are only handled in channeltls and
outbound cells are always packed from the circuit queue so this commit removes
code related to variable and unpacked cells.

However, inbound cells are unpacked (cell_t), that is untouched and is handled
via channel_process_cell() function.

In order to make the commit compile, test have been modified but not passing
at this commit. Also, many tests have been removed but better improved ones
get added in future commits.

This commit also adds a XXX: which indicates that the handling process of
outbound cells isn't fully working. This as well is fixed in a future commit.

Finally, at this commit, more dead code remains, it will be cleanup in future
commits.

Fixes #23709

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-22 15:37:59 -05:00
teor
690f646bf8
Stop checking cached bridge descriptors for usable bridges
Stop checking for bridge descriptors when we actually want to know if
any bridges are usable. This avoids potential bootstrapping issues.
Fixes bug 24367; bugfix on 0.2.0.3-alpha.

Stop stalling when bridges are changed at runtime. Stop stalling when
old bridge descriptors are cached, but they are not in use.
Fixes bug 24367; bugfix on 23347 in 0.3.2.1-alpha.
2017-11-22 02:00:34 +11:00
David Goulet
49f21b6ba3 control: Support HSv3 interface for ADD_ONION
At this commit, the key handling and generation is supported for a v3 service
(ED25519-V3). However, the service creation is not yet implemented. This only
adds the interface and code to deal with the new ED25519-V3 key type.

Tests have been updated for RSA key type but nothing yet for ED25519-v3.

Part of #20699

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-20 11:02:30 -05:00
Nick Mathewson
7813b0e0ed Merge branch 'maint-0.3.2' 2017-11-18 10:27:29 -05:00
Nick Mathewson
d45bf0c65c Add an extra check in test_entrynodes
This check makes it so we can reach "done" without setting "conn",
and so the "if (conn)" check will not be redundant, and so coverity
won't complain.  Fixes CID 1422205.  Not actually a bug.
2017-11-18 10:26:45 -05:00
Nick Mathewson
b9bce4288e Merge branch 'maint-0.3.2' 2017-11-18 10:23:52 -05:00
Nick Mathewson
a5b8b55c1c Fix memory leak in unit test for bridge distribution config.
Also, check for the actual message, and fix some string confusion,
while we're at it.

Fixes bug 24345; bugfix on 0.3.2.3-alpha.
2017-11-18 10:22:14 -05:00
Nick Mathewson
94db8f32e4 Make all the free() functions from container.h clear their targets 2017-11-17 12:01:19 -05:00
Nick Mathewson
fcdec00685 Merge branch 'maint-0.3.2' 2017-11-17 09:59:26 -05:00
Nick Mathewson
3a5ca47d8f Fix a clang unitialized-var warning 2017-11-17 09:57:52 -05:00
George Kadianakis
7e52947d57 Intoduce unittest for skipping outdated dirservers. 2017-11-17 09:57:46 -05:00
Nick Mathewson
fea5c8a015 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-11-13 12:57:58 -05:00
Nick Mathewson
543fd89fb7 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-11-13 12:57:58 -05:00
Nick Mathewson
800797e7f3 Merge branch 'bug23291_028' into maint-0.2.8 2017-11-13 12:57:55 -05:00
Nick Mathewson
11eaf208c0 Merge branch 'bug24247_032' 2017-11-11 14:46:33 -05:00
Nick Mathewson
a7ca71cf6b Fix mock_crypto_pk_public_checksig__nocheck() to handle short RSA keys
This function -- a mock replacement used only for fuzzing -- would
have a buffer overflow if it got an RSA key whose modulus was under
20 bytes long.

Fortunately, Tor itself does not appear to have a bug here.

Fixes bug 24247; bugfix on 0.3.0.3-alpha when fuzzing was
introduced.  Found by OSS-Fuzz; this is OSS-Fuzz issue 4177.
2017-11-11 14:44:45 -05:00
Nick Mathewson
6ea3db6fa7 Fix unit test behavior: we need to be in STATE_LIVE. 2017-11-09 09:30:43 -05:00
Nick Mathewson
0626031564 Merge branch 'ticket20895' 2017-11-09 09:17:53 -05:00
Nick Mathewson
c2c1fa6b95 Merge branch 'maint-0.3.2' 2017-11-08 08:13:14 -05:00
Nick Mathewson
e5a83062ed Merge branch 'bug23816_029_squashed' into maint-0.3.2 2017-11-08 08:11:22 -05:00
Nick Mathewson
cb29687e93 Replace our random-exponential-delay algorithm.
This patch has implementations of the "decorrelated" and "full"
algorithms from https://www.awsarchitectureblog.com/2015/03/backoff.html
2017-11-08 07:56:16 -05:00
Nick Mathewson
c6c4a421fd Merge branch 'maint-0.3.2' 2017-11-07 09:58:53 -05:00
Nick Mathewson
9d848ca58a Merge remote-tracking branch 'asn/ticket23623_032_01' into maint-0.3.2 2017-11-07 09:58:42 -05:00
Nick Mathewson
0227aab1b7 Merge branch 'maint-0.3.2' 2017-11-06 13:01:56 -05:00
Nick Mathewson
7d767706ef Merge branch 'bug24150_032_squashed' into maint-0.3.2 2017-11-06 12:59:23 -05:00
Nick Mathewson
5240afa713 Fix a memory leak on decryption non-failure of v3 hsdesc
If it decrypts something that turns out to start with a NUL byte,
then decrypt_desc_layer() will return 0 to indicate the length of
its result.  But 0 also indicates an error, which causes the result
not to be freed by decrypt_desc_layer()'s callers.

Since we're trying to stabilize 0.3.2.x, I've opted for the simpler
possible fix here and made it so that an empty decrypted string will
also count as an error.

Fixes bug 24150 and OSS-Fuzz issue 3994.

The original bug was present but unreachable in 0.3.1.1-alpha. I'm
calling this a bugfix on 0.3.2.1-alpha since that's the first version
where you could actually try to decrypt these descriptors.
2017-11-06 12:59:11 -05:00
Nick Mathewson
7097c4a37a Merge remote-tracking branch 'dgoulet/bug24053_033_01' 2017-11-06 10:04:22 -05:00
Nick Mathewson
9f650b24e9 Merge branch 'maint-0.3.2' 2017-11-05 14:09:21 -05:00
Sebastian Hahn
d3fee8b823 ClientDNSRejectInternalAddresses in non-default networks
Once again allow the flag to be set, unless the default network is used.
Thanks to nickm for a suggestion for the workaround to a test failure.
2017-11-04 18:31:02 +01:00
Sebastian Hahn
5a46074e55 Revert "Make ClientDNSRejectInternalAddresses testing-only."
This reverts commit 27fa4a98d2.
2017-11-04 18:30:59 +01:00
Nick Mathewson
f865993653 Merge branch 'maint-0.3.2' 2017-11-02 10:26:30 -04:00
teor
27ea6fcd31 Test that IPv6-only clients can use microdescriptors
When running "make test-network-all", test that IPv6-only clients can use
microdescriptors. IPv6-only microdescriptor client support was fixed in
tor 0.3.0.1-alpha.

Requires chutney master 61c28b9 or later.

Closes ticket 24109.
2017-11-02 10:25:49 -04:00
Nick Mathewson
a46dcc0709 Merge branch 'maint-0.3.2' 2017-11-02 10:22:35 -04:00
Nick Mathewson
3aab8307a5 Merge branch 'ticket23820_032_01_squashed' into maint-0.3.2 2017-11-02 10:19:29 -04:00
teor
176bfe1bed Don't run IPv6-only v3 single onion service tests using chutney
Part of #23820.
2017-11-02 10:19:05 -04:00
Nick Mathewson
ef25f957e7 Merge branch 'tor_api_squashed' 2017-11-01 13:22:16 -04:00
David Goulet
198ede5314 test: Fix SR initialization in routerlist test
Fixes #24053

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-01 11:39:52 -04:00
David Goulet
bd631a649b test: Fix voting schedule for hs_service.c
Part of #23623

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-31 14:49:31 -04:00
David Goulet
814f4c6967 test: Fix voting schedule for hs_common.c
Part of #23623

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-31 14:49:19 -04:00
David Goulet
19d32fd0d6 test: Fix voting schedule for shared random
Part of #23623

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-31 14:48:50 -04:00
Nick Mathewson
43cbcd3896 Merge branch 'maint-0.3.2' 2017-10-31 14:31:55 -04:00
Nick Mathewson
0627512368 Merge branch 'bug24082_032' into maint-0.3.2 2017-10-31 14:31:21 -04:00
David Goulet
33da5d7672 test: Initialize the voting schedule in test_dir.c
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-31 14:07:41 -04:00
Nick Mathewson
2b6f246652 Merge branch 'maint-0.3.2' 2017-10-31 14:04:34 -04:00
Nick Mathewson
8dffc46748 Merge branch 'hsdescv3_fuzz_more' into maint-0.3.2 2017-10-31 14:04:31 -04:00
Nick Mathewson
b76a161e01 Merge branch 'fix-torrcd-sandbox-22605v2' 2017-10-31 13:58:33 -04:00
Nick Mathewson
4700ba6c3d Merge branch 'maint-0.3.2' 2017-10-31 12:19:42 -04:00
Nick Mathewson
3d93ec3ef4 Merge branch 'bug23762_032_02_squashed' into maint-0.3.2 2017-10-31 12:14:21 -04:00
David Goulet
5dbcd48f0e hs-v3: Attempt descriptor refetch when dirinfo changes
When the directory information changes, callback to the HS client subsystem so
it can check if any pending SOCKS connections are waiting for a descriptor. If
yes, attempt a refetch for those.

Fixes #23762

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-31 12:14:11 -04:00
Nick Mathewson
5dce134fbb Initialize the mock options in the fuzzing code
Fixes bug 24082; bugfix on 0.3.0.3-alpha.  Found by Brian Carpenter.
2017-10-30 17:05:26 -04:00
Nick Mathewson
26e0909e51 In the hsdescv3 fuzzer, replace the decryption function.
The new decryption function performs no decryption, skips the salt,
and doesn't check the mac.  This allows us to fuzz the
hs_descriptor.c code using unencrypted descriptor test, and exercise
more of the code.

Related to 21509.
2017-10-27 14:28:02 -04:00
Nick Mathewson
12f58b42a8 Allow test_rust.sh to run from outside the makefile
(This is just a matter of making sure that we handle the case where
abs_top_builddir is not set)
2017-10-27 12:54:52 -04:00
Nick Mathewson
30a681553f Merge remote-tracking branch 'public/exit_carefully' 2017-10-27 11:13:05 -04:00
Nick Mathewson
fa78546dbc Make sure all C files have copyright/license notices 2017-10-27 10:59:36 -04:00
Nick Mathewson
f5e9e2748f Merge branch 'protover-rust-impl_squashed' 2017-10-27 10:05:30 -04:00
Chelsea Holland Komlo
91bca5c31b move to allocating c strings from rust 2017-10-27 10:02:08 -04:00
Chelsea Holland Komlo
d1820c1516 rust implementation of protover 2017-10-27 10:02:08 -04:00
David Goulet
7ee0a2b9aa sr: Don't use a dynamic voting schedule
The exposed get_voting_schedule() allocates and return a new object everytime
it is called leading to an awful lot of memory allocation when getting the
start time of the current round which is done for each node in the consensus.

Closes #23623

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-27 09:23:37 -04:00
Nick Mathewson
4af1653e0f Merge branch 'maint-0.3.2' 2017-10-26 10:43:05 -04:00
David Goulet
c4ef21ff5e fuzzing: Make hsdescv3 use the decoding API correctly
Fixes #21509

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-26 09:52:15 -04:00
David Goulet
4d2de821ce Revert "Temporarily disable compilation of the v3 hs fuzzing code"
This reverts commit 5ef656e7d1.
2017-10-26 09:41:47 -04:00
George Kadianakis
1a6814c096 Fix offending unittest and add changes file for #23862. 2017-10-25 20:22:52 +03:00
George Kadianakis
8c8d3b90f7 Add a unittest that reveals the offending case of #23862. 2017-10-25 20:22:52 +03:00
Nick Mathewson
b95ef19a77 Merge branch 'feature18329_029_squashed' into maint-0.3.2 2017-10-24 19:35:32 -04:00
Nick Mathewson
594cf92498 Merge branch 'feature18329_029_squashed' into maint-0.3.2 2017-10-24 19:35:28 -04:00
Nick Mathewson
f3af74ccf5 Updates to fix check-spaces/check-changes warnings 2017-10-24 19:35:16 -04:00
Nick Mathewson
44e8aaa9aa Adjust test to allow hyphens too. 2017-10-24 19:33:38 -04:00
Isis Lovecruft
02cde0d939 test: Add unittest for descriptors with BridgeDistribution option. 2017-10-24 19:26:24 -04:00
Nick Mathewson
fcd5c3144a Merge branch 'maint-0.2.8' into maint-0.2.9 2017-10-23 09:11:10 -04:00
Nick Mathewson
eac4c374e4 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-10-23 09:11:10 -04:00
Nick Mathewson
6a7aa47357 Merge branch 'maint-0.3.1' into maint-0.3.2 2017-10-23 09:11:10 -04:00
Nick Mathewson
85115796bb Merge branch 'maint-0.3.0' into maint-0.3.1 2017-10-23 09:11:10 -04:00
Nick Mathewson
a5f5bda462 Adjust test, now that there are 9 dirauths again 2017-10-23 09:11:07 -04:00
Nick Mathewson
c4a07b261b Add unit tests for cases of starting with bogus keygen arguments
In particular, this tests that we give an appropriate warning when
we are told to use some keygen argument, but --keygen is not specified.
2017-10-20 19:27:48 -04:00
Nick Mathewson
72b5e4a2db Move tor_git_revision into a new module.
At first, we put the tor_git_revision constant in tor_main.c, so
that we wouldn't have to recompile config.o every time the git
revision changed.  But putting it there had unintended side effect
of forcing every program that wanted to link libor.a (including
test, test-slow, the fuzzers, the benchmarks, etc) to declare their
own tor_git_revision instance.

That's not very nice, especially since we want to start supporting
others who want to link against Tor (see 23846).

So, create a new git_revision.c file that only contains this
constant, and remove the duplicated boilerplate from everywhere
else.

Part of implementing ticket 23845.
2017-10-18 13:49:35 -04:00
Taylor Yu
44e4a96bb5 Don't expect permission failure if running as root
Skip test_config_include_no_permission() when running as root, because
it will get an unexpected success from config_get_lines_include().
This affects some continuous integration setups.  Fixes bug 23758.
2017-10-04 08:42:05 -05:00
Nick Mathewson
1e7e36da4b Merge branch 'bug23672_032_01_squashed' 2017-10-03 10:56:52 -04:00
David Goulet
30d2e0b71e test: Add an HS v3 descriptor fetch unit test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-03 10:56:46 -04:00
Nick Mathewson
783a44b2cd Merge remote-tracking branch 'asn/bug23670' 2017-10-03 09:05:16 -04:00
George Kadianakis
f7306b16ec entrynodes: Better naming for dir info check functions. 2017-10-03 15:55:19 +03:00
Nick Mathewson
a6c62cbd13 Merge branch 'bug23678_032' 2017-10-03 08:18:08 -04:00
Nick Mathewson
f923aeee1b Follow-up on 23678: fix socks/wrong_protocol test 2017-10-03 08:17:41 -04:00
Nick Mathewson
bb7288b2c3 Make the fp_pair_map tests cover {get,set}_by_digests 2017-10-03 08:07:36 -04:00
George Kadianakis
5352785d0c entrynodes: Error msg for missing guard descs is now more informative. 2017-10-03 14:41:20 +03:00
George Kadianakis
c9729853a5 entrynodes: Be specific about how many primary descriptors we miss. 2017-10-03 14:39:34 +03:00
Nick Mathewson
4e6374c26b Merge remote-tracking branch 'catalyst-oniongit/bug23691' 2017-09-28 19:07:23 -04:00
Taylor Yu
2ae1b7e2db Fix leak in test_util.c
AddressSanitizer found a leak in test_util_decompress_dos_impl().
Fixes bug #23691.
2017-09-28 17:53:38 -05:00
Alexander Færøy
c2fac2c6b0
Enable disabled test that was disabled due to bug #23551
See: https://bugs.torproject.org/23551
2017-09-28 18:58:15 +02:00
Nick Mathewson
3a073c463d Improve unit test coverage for compression code.
These tests try uncompressing garbage, verify that we won't
make compression bombs, and verify that we won't uncompress
compression bombs.
2017-09-28 12:20:02 -04:00
Nick Mathewson
f71ff0cabc Unit test for case where %included dir exists but is unreadable 2017-09-28 09:49:30 -04:00
Nick Mathewson
5b6f2713cd unit test for config_lines_dup_and_filter 2017-09-28 09:40:17 -04:00
Nick Mathewson
99e52711bb Add unit test for buf_get_line(). 2017-09-28 08:35:30 -04:00
Nick Mathewson
f21102c069 Let's get 100% coverage for proto_http while we're at it.
There was some coverage before, but it was mostly accidental.
2017-09-27 21:45:55 -04:00
Nick Mathewson
57f04a482e Test more error cases of our socks code.
Coverage is now respectable. :)
2017-09-27 19:37:36 -04:00
Nick Mathewson
6882e711d0 Add unit tests for SOCKS functions that parse server responses
We use these when we're acting as a SOCKS client, but we'd never
actually written tests for them :/
2017-09-27 18:55:14 -04:00
Nick Mathewson
5418aa84ee socks5 unit tests: add check for ipv6 address type. 2017-09-27 11:23:09 -04:00
Nick Mathewson
04f7873bab Socks tests for bad socks5 username/passwd auth. 2017-09-27 11:16:29 -04:00
Nick Mathewson
5427365907 testing: test many possible truncated SOCKS commands
Many of the 'truncated command' paths in fetch_from_buf_socks() were
not reached by the tests.  This new unit test tries to check them
exhaustively.
2017-09-27 10:54:56 -04:00
Nick Mathewson
a57f495c1a Move ext_or_command tests to test_proto_misc.c
No other code changes.
2017-09-27 09:11:15 -04:00
Nick Mathewson
b8b016940d Add unit tests for var_cell and control0 proto functions. 2017-09-27 09:09:00 -04:00
Nick Mathewson
1f3db0514e Merge remote-tracking branch 'asn/ticket23645_032_01' 2017-09-26 08:55:59 -04:00
David Goulet
648d5ea67e hs: Improve logging
Also demote a log message that can occur under natural causes
(if the circuit subsystem is missing descriptors/consensus etc.).
The HS subsystem will naturally retry to connect to intro points,
so no need to make that log user-facing.
2017-09-26 13:55:44 +03:00
Nick Mathewson
45530ed729 Merge branch 'bug22109' 2017-09-25 14:32:04 -04:00
Nick Mathewson
81c4793232 Make testing rend1_payload variables static
This fixes a clang warning.
2017-09-25 13:26:43 -04:00
Nick Mathewson
90e8d1f58f Merge branch 'bug23539_032_01_squashed' 2017-09-25 11:12:56 -04:00
David Goulet
ef2a449cce sched: Make KISTSchedRunInterval non negative
Fixes #23539.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-25 11:11:30 -04:00
Nick Mathewson
777e828ef3 Merge remote-tracking branch 'asn/ticket23420_032_01' 2017-09-25 09:24:36 -04:00
George Kadianakis
03b3f5486a prop224: Add test for parsing RENDEZVOUS1 cell.
Just making sure that added padding does not screw up cell parsing.
2017-09-25 15:00:06 +03:00
Nick Mathewson
230a336798 Use setup_full_capture_of_logs for 21800
setup_capture_of_logs() doesn't actually suppress warnings :p
2017-09-22 10:22:47 -04:00
Nick Mathewson
512c57cff9 test_util: capture the log in the correct place. 2017-09-22 08:51:03 -04:00
Nick Mathewson
33d44dc4ac Capture "Result does not fit in tor_timegm()" warnings in util tests
Fixes bug 21800; bugfix on 0.2.9.x
2017-09-21 15:32:16 -04:00
Nick Mathewson
c7b7cf8e18 Merge branch 'maint-0.3.1' 2017-09-21 10:39:10 -04:00
Mike Perry
d70a793cfc Bug 23608: Mock time for all channelpadding tests. 2017-09-21 10:36:57 -04:00
Nick Mathewson
f9155ff416 Unit test to make sure that our platform string is parseable
Closes 22109.
2017-09-20 10:10:02 -04:00
Matt Traudt
951b9f1fa5 tests: fix transproxy tests on BSD systems 2017-09-19 19:20:55 -04:00
Nick Mathewson
aaf0fa6d11 Merge branch 'maint-0.3.1' 2017-09-18 10:48:31 -04:00
Nick Mathewson
63ae9ea316 Make hs_ntor_ref.py work with python3 2017-09-18 10:48:28 -04:00
Nick Mathewson
f4af1919ab Replace accumulated C ;;s with ;s
I don't know where these came from.
2017-09-15 16:43:17 -04:00
Nick Mathewson
76c33f7ff4 Merge branch 'scan-build-032' 2017-09-15 16:40:11 -04:00
Nick Mathewson
c1deabd3b0 Run our #else/#endif annotator on our source code. 2017-09-15 16:24:44 -04:00
Nick Mathewson
37302e64a4 Merge branch 'remove_allow_dotexit_v2' 2017-09-15 12:10:47 -04:00
Nick Mathewson
f02fd6c3af Remove AllowDotExit.
It's been deprecated since 0.2.9.2-alpha.  Closes ticket 23426.
2017-09-15 12:09:33 -04:00
Nick Mathewson
0f4f40b70f Merge remote-tracking branch 'dgoulet/ticket12541_032_02' 2017-09-15 12:00:50 -04:00
David Goulet
1033e14a69 sched: Define SCHEDULER_KIST_PRIVATE for more encapsulation
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
David Goulet
0d0b677b64 test: Fix unit tests with latest scheduler changes
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
David Goulet
734dbfa590 sched: Make the scheduler object static
Each type of scheduler implements its own static scheduler_t object and
returns a reference to it.

This commit also makes it a const pointer that is it can only change inside
the scheduler type subsystem but not outside for extra protection.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
David Goulet
7cc9621d11 sched: Add Schedulers torrc option
This option is a list of possible scheduler type tor can use ordered by
priority. Its default value is "KIST,KISTLite,Vanilla" which means that KIST
will be used first and if unavailable will fallback to KISTLite and so on.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
Matt Traudt
4bc97c6431 sched: revisist compatibility on non-linux systems
Wrap things in HAVE_KIST_SUPPORT until Tor compiles and tests cleanly on
my OS X machine.
2017-09-15 11:40:59 -04:00
Matt Traudt
8ccb2c106a sched: rename scheduler to the_scheduler 2017-09-15 11:40:59 -04:00
Matt Traudt
dde358667d sched: Implement the KIST scheduler
Closes #12541

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
Matt Traudt
b2c56eacdd sched: Remove vanilla sched options that will be going away
- massive change to src/tgest/test_options.c since the sched options
  were added all over the place in it
- removing the sched options caused some tests to pass/fail in new ways
  so I assumed current behavior is correct and made them pass again
   - ex: "ConnLimit must be greater" lines
   - ex: "Authoritative directory servers must" line
- remove test_options_validate__scheduler in prep for new sched tests

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:40:59 -04:00
Nick Mathewson
2c9f8badbd repair test_key_expiration.sh 2017-09-15 09:04:22 -04:00
David Goulet
21564c93ce test: Make check-spaces happy
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 08:34:56 -04:00
David Goulet
44ee5037ea fixup! test: Add HS v3 client-side test for picking intro points
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 08:34:30 -04:00
George Kadianakis
e9b4624cc5 test: Add HS v3 client-side test for picking intro points
This commit adds a pretty advanced test for the client-side making sure that
picking intro is done properly.

This unittest also reveals a memleak on the client_pick_intro() function which
is fixed by the subsequent commit.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 12:46:26 +03:00
George Kadianakis
29aa400908 test: Improve HS v3 helper for building intro points.
Valid intro points need both legacy key and ipv4.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 12:46:26 +03:00
David Goulet
75ec72f24d test: Unit test for the hs indexes
Using a test vector in python, test both hs_build_hsdir_index() and
hs_build_hs_index().

This commit also adds the hs_build_address.py to EXTRA_DIST which was missing.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 12:46:26 +03:00
George Kadianakis
715a8ea81c prop224 test: Enrich the client_service_hsdir_set_sync() test.
Do two major improvements:

a) Make the client pick 6 HSDirs instead of just 1 and make sure they
   all match the service's HSDirs.

b) Test two additional missing scenarios borrowed from the
   test_reachability() test.
2017-09-15 12:46:26 +03:00
Nick Mathewson
72b802001c Merge remote-tracking branch 'catalyst-oniongit/skew' 2017-09-14 09:49:11 -04:00
Taylor Yu
818332e7f1 Refactor control_event_bootstrap_problem
Change the contract of control_event_bootstrap_problem() to be more
general and to take a connection_t.  New function
control_event_bootstrap_prob_or() has the specific or_connection_t
funcionality previously used.
2017-09-14 08:25:27 -05:00
Nick Mathewson
fde18fed60 Merge branch 'bug23019_squashed' 2017-09-14 09:13:28 -04:00
George Kadianakis
0ac2afad0d prop224 client-side: Start validating onion address pubkeys.
Fix the test_build_address() test and its test vectors python script.
They were both using a bogus pubkey for building an HS address which
does not validate anymore.

Also fix a few more unittests that were using bogus onion addresses
and were failing the validation. I replaced the bogus address with
the one generated from the test vector script.
2017-09-14 09:13:11 -04:00