test_address_set.c (9300B)
1 /* Copyright (c) 2017-2021, The Tor Project, Inc. */ 2 /* See LICENSE for licensing information */ 3 4 #include "core/or/or.h" 5 #include "lib/crypt_ops/crypto_rand.h" 6 #include "core/or/address_set.h" 7 #include "feature/nodelist/dirlist.h" 8 #include "feature/nodelist/microdesc.h" 9 #include "feature/nodelist/networkstatus.h" 10 #include "feature/nodelist/nodelist.h" 11 #include "feature/nodelist/routerlist.h" 12 #include "feature/nodelist/torcert.h" 13 14 #include "feature/nodelist/microdesc_st.h" 15 #include "feature/nodelist/networkstatus_st.h" 16 #include "feature/nodelist/routerinfo_st.h" 17 #include "feature/nodelist/routerstatus_st.h" 18 19 #include "test/test.h" 20 #include "test/rng_test_helpers.h" 21 22 static networkstatus_t *dummy_ns = NULL; 23 static networkstatus_t * 24 mock_networkstatus_get_latest_consensus(void) 25 { 26 return dummy_ns; 27 } 28 29 static networkstatus_t * 30 mock_networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f) 31 { 32 tor_assert(f == FLAV_MICRODESC); 33 return dummy_ns; 34 } 35 36 static void 37 mock_dirlist_add_trusted_dir_addresses(void) 38 { 39 return; 40 } 41 42 /* Number of address a single node_t can have. Default to the production 43 * value. This is to control the size of the bloom filter. */ 44 static int addr_per_node = 2; 45 static int 46 mock_get_estimated_address_per_node(void) 47 { 48 return addr_per_node; 49 } 50 51 static void 52 test_contains(void *arg) 53 { 54 int ret; 55 address_set_t *set = NULL; 56 57 (void) arg; 58 59 /* Setup an IPv4 and IPv6 addresses. */ 60 tor_addr_t addr_v6; 61 tor_addr_parse(&addr_v6, "1:2:3:4::"); 62 tor_addr_t addr_v4; 63 tor_addr_parse(&addr_v4, "42.42.42.42"); 64 uint32_t ipv4h = tor_addr_to_ipv4h(&addr_v4); 65 66 /* Use our deterministic RNG since the address set uses a bloom filter 67 * internally. */ 68 testing_enable_deterministic_rng(); 69 70 /* Make it very big so the chance of failing the contain test will be 71 * extremely rare. */ 72 set = address_set_new(1024); 73 tt_assert(set); 74 75 /* Add and lookup IPv6. */ 76 address_set_add(set, &addr_v6); 77 ret = address_set_probably_contains(set, &addr_v6); 78 tt_int_op(ret, OP_EQ, 1); 79 80 /* Add and lookup IPv4. */ 81 address_set_add_ipv4h(set, ipv4h); 82 ret = address_set_probably_contains(set, &addr_v4); 83 tt_int_op(ret, OP_EQ, 1); 84 85 /* Try a lookup of rubbish. */ 86 tor_addr_t dummy_addr; 87 memset(&dummy_addr, 'A', sizeof(dummy_addr)); 88 dummy_addr.family = AF_INET; 89 ret = address_set_probably_contains(set, &dummy_addr); 90 tt_int_op(ret, OP_EQ, 0); 91 dummy_addr.family = AF_INET6; 92 ret = address_set_probably_contains(set, &dummy_addr); 93 tt_int_op(ret, OP_EQ, 0); 94 95 done: 96 address_set_free(set); 97 98 testing_disable_deterministic_rng(); 99 } 100 101 static void 102 test_nodelist(void *arg) 103 { 104 int ret; 105 routerstatus_t *rs = NULL; microdesc_t *md = NULL; routerinfo_t *ri = NULL; 106 107 (void) arg; 108 109 MOCK(networkstatus_get_latest_consensus, 110 mock_networkstatus_get_latest_consensus); 111 MOCK(networkstatus_get_latest_consensus_by_flavor, 112 mock_networkstatus_get_latest_consensus_by_flavor); 113 MOCK(get_estimated_address_per_node, 114 mock_get_estimated_address_per_node); 115 MOCK(dirlist_add_trusted_dir_addresses, 116 mock_dirlist_add_trusted_dir_addresses); 117 118 /* Use our deterministic RNG since the address set, used for 119 * nodelist_probably_contains_address() uses a bloom filter internally. */ 120 testing_enable_deterministic_rng(); 121 122 dummy_ns = tor_malloc_zero(sizeof(*dummy_ns)); 123 dummy_ns->flavor = FLAV_MICRODESC; 124 dummy_ns->routerstatus_list = smartlist_new(); 125 126 tor_addr_t addr_v4, addr_v6, dummy_addr; 127 tor_addr_parse(&addr_v4, "42.42.42.42"); 128 tor_addr_parse(&addr_v6, "1:2:3:4::"); 129 memset(&dummy_addr, 'A', sizeof(dummy_addr)); 130 131 /* This will make the nodelist bloom filter very large 132 * (the_nodelist->node_addrs) so we will fail the contain test rarely. */ 133 addr_per_node = 1024; 134 135 /* No node no nothing. The lookups should be empty. We've mocked the 136 * dirlist_add_trusted_dir_addresses in order for _no_ authorities to be 137 * added to the filter else it makes this test to trigger many false 138 * positive. */ 139 nodelist_set_consensus(dummy_ns); 140 141 /* The address set should be empty. */ 142 ret = nodelist_probably_contains_address(&addr_v4); 143 tt_int_op(ret, OP_EQ, 0); 144 ret = nodelist_probably_contains_address(&addr_v6); 145 tt_int_op(ret, OP_EQ, 0); 146 dummy_addr.family = AF_INET; 147 ret = nodelist_probably_contains_address(&dummy_addr); 148 tt_int_op(ret, OP_EQ, 0); 149 dummy_addr.family = AF_INET6; 150 ret = nodelist_probably_contains_address(&dummy_addr); 151 tt_int_op(ret, OP_EQ, 0); 152 153 md = tor_malloc_zero(sizeof(*md)); 154 ri = tor_malloc_zero(sizeof(*ri)); 155 rs = tor_malloc_zero(sizeof(*rs)); 156 crypto_rand(rs->identity_digest, sizeof(rs->identity_digest)); 157 crypto_rand(md->digest, sizeof(md->digest)); 158 memcpy(rs->descriptor_digest, md->digest, DIGEST256_LEN); 159 160 /* Setup the rs, ri and md addresses. */ 161 tor_addr_copy(&rs->ipv4_addr, &addr_v4); 162 tor_addr_parse(&rs->ipv6_addr, "1:2:3:4::"); 163 tor_addr_copy(&ri->ipv4_addr, &addr_v4); 164 tor_addr_parse(&ri->ipv6_addr, "1:2:3:4::"); 165 tor_addr_parse(&md->ipv6_addr, "1:2:3:4::"); 166 167 /* Add the rs to the consensus becoming a node_t. */ 168 smartlist_add(dummy_ns->routerstatus_list, rs); 169 nodelist_set_consensus(dummy_ns); 170 171 /* At this point, the address set should be initialized in the nodelist and 172 * we should be able to lookup. */ 173 ret = nodelist_probably_contains_address(&addr_v4); 174 tt_int_op(ret, OP_EQ, 1); 175 ret = nodelist_probably_contains_address(&addr_v6); 176 tt_int_op(ret, OP_EQ, 1); 177 /* Lookup unknown address. */ 178 dummy_addr.family = AF_INET; 179 ret = nodelist_probably_contains_address(&dummy_addr); 180 tt_int_op(ret, OP_EQ, 0); 181 dummy_addr.family = AF_INET6; 182 ret = nodelist_probably_contains_address(&dummy_addr); 183 tt_int_op(ret, OP_EQ, 0); 184 185 done: 186 routerstatus_free(rs); routerinfo_free(ri); microdesc_free(md); 187 smartlist_clear(dummy_ns->routerstatus_list); 188 networkstatus_vote_free(dummy_ns); 189 UNMOCK(networkstatus_get_latest_consensus); 190 UNMOCK(networkstatus_get_latest_consensus_by_flavor); 191 UNMOCK(get_estimated_address_per_node); 192 UNMOCK(dirlist_add_trusted_dir_addresses); 193 194 testing_disable_deterministic_rng(); 195 } 196 197 /** Test that the no-reentry exit filter works as intended */ 198 static void 199 test_exit_no_reentry(void *arg) 200 { 201 routerstatus_t *rs = NULL; microdesc_t *md = NULL; routerinfo_t *ri = NULL; 202 (void) arg; 203 204 MOCK(networkstatus_get_latest_consensus, 205 mock_networkstatus_get_latest_consensus); 206 MOCK(networkstatus_get_latest_consensus_by_flavor, 207 mock_networkstatus_get_latest_consensus_by_flavor); 208 MOCK(get_estimated_address_per_node, 209 mock_get_estimated_address_per_node); 210 MOCK(dirlist_add_trusted_dir_addresses, 211 mock_dirlist_add_trusted_dir_addresses); 212 213 dummy_ns = tor_malloc_zero(sizeof(*dummy_ns)); 214 dummy_ns->flavor = FLAV_MICRODESC; 215 dummy_ns->routerstatus_list = smartlist_new(); 216 217 tor_addr_t addr_v4, addr_v6, dummy_addr; 218 tor_addr_parse(&addr_v4, "42.42.42.42"); 219 tor_addr_parse(&addr_v6, "1:2:3:4::"); 220 memset(&dummy_addr, 'A', sizeof(dummy_addr)); 221 222 /* This will make the nodelist bloom filter very large 223 * (the_nodelist->node_addrs) so we will fail the contain test rarely. */ 224 addr_per_node = 1024; 225 226 /* After this point the nodelist is populated with the directory authorities 227 * address and ports */ 228 nodelist_set_consensus(dummy_ns); 229 230 /* The address set is empty. Try it anyway */ 231 tt_assert(!nodelist_reentry_contains(&addr_v4, 244)); 232 tt_assert(!nodelist_reentry_contains(&addr_v6, 244)); 233 234 /* Now let's populate the network */ 235 md = tor_malloc_zero(sizeof(*md)); 236 ri = tor_malloc_zero(sizeof(*ri)); 237 rs = tor_malloc_zero(sizeof(*rs)); 238 crypto_rand(rs->identity_digest, sizeof(rs->identity_digest)); 239 crypto_rand(md->digest, sizeof(md->digest)); 240 memcpy(rs->descriptor_digest, md->digest, DIGEST256_LEN); 241 242 /* Setup the rs, ri and md addresses. */ 243 tor_addr_copy(&rs->ipv4_addr, &addr_v4); 244 rs->ipv4_orport = 444; 245 tor_addr_parse(&rs->ipv6_addr, "1:2:3:4::"); 246 rs->ipv6_orport = 666; 247 tor_addr_copy(&ri->ipv4_addr, &addr_v4); 248 tor_addr_parse(&ri->ipv6_addr, "1:2:3:4::"); 249 tor_addr_parse(&md->ipv6_addr, "1:2:3:4::"); 250 251 /* Add the rs to the consensus becoming a node_t. */ 252 smartlist_add(dummy_ns->routerstatus_list, rs); 253 nodelist_set_consensus(dummy_ns); 254 255 /* Now that the nodelist is populated let's do some retry attempts */ 256 257 /* First let's try an address that is on the no-reentry list, but with a 258 different port */ 259 tt_assert(!nodelist_reentry_contains(&addr_v4, 666)); 260 tt_assert(!nodelist_reentry_contains(&addr_v6, 444)); 261 262 /* OK now let's try with the right address and right port */ 263 tt_assert(nodelist_reentry_contains(&addr_v4, 444)); 264 tt_assert(nodelist_reentry_contains(&addr_v6, 666)); 265 266 done: 267 routerstatus_free(rs); routerinfo_free(ri); microdesc_free(md); 268 smartlist_clear(dummy_ns->routerstatus_list); 269 networkstatus_vote_free(dummy_ns); 270 UNMOCK(networkstatus_get_latest_consensus); 271 UNMOCK(networkstatus_get_latest_consensus_by_flavor); 272 UNMOCK(get_estimated_address_per_node); 273 UNMOCK(dirlist_add_trusted_dir_addresses); 274 } 275 276 struct testcase_t address_set_tests[] = { 277 { "contains", test_contains, TT_FORK, 278 NULL, NULL }, 279 { "nodelist", test_nodelist, TT_FORK, 280 NULL, NULL }, 281 { "exit_no_reentry", test_exit_no_reentry, TT_FORK, NULL, NULL }, 282 283 END_OF_TESTCASES 284 };