test_cell_formats.c (57135B)
1 /* Copyright (c) 2001-2004, Roger Dingledine. 2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. 3 * Copyright (c) 2007-2021, The Tor Project, Inc. */ 4 /* See LICENSE for licensing information */ 5 6 #include "orconfig.h" 7 8 #define CONNECTION_EDGE_PRIVATE 9 #define RELAY_PRIVATE 10 #include "core/or/or.h" 11 #include "core/or/channel.h" 12 #include "core/or/connection_edge.h" 13 #include "core/or/connection_or.h" 14 #include "app/config/config.h" 15 #include "lib/crypt_ops/crypto_rand.h" 16 #include "core/or/onion.h" 17 #include "core/crypto/onion_fast.h" 18 #include "core/crypto/onion_ntor.h" 19 #include "core/or/relay.h" 20 #include "core/or/relay_msg.h" 21 22 #include "core/or/cell_st.h" 23 #include "core/or/cell_queue_st.h" 24 #include "core/or/relay_msg_st.h" 25 #include "core/or/var_cell_st.h" 26 27 #include "test/test.h" 28 29 #include <stdlib.h> 30 #include <string.h> 31 32 static void 33 test_cfmt_relay_header(void *arg) 34 { 35 relay_header_t rh; 36 NONSTRING const uint8_t hdr_1[RELAY_HEADER_SIZE_V0] = 37 "\x03" "\x00\x00" "\x21\x22" "ABCD" "\x01\x03"; 38 uint8_t hdr_out[RELAY_HEADER_SIZE_V0]; 39 (void)arg; 40 41 tt_int_op(sizeof(hdr_1), OP_EQ, RELAY_HEADER_SIZE_V0); 42 relay_header_unpack(&rh, hdr_1); 43 tt_int_op(rh.command, OP_EQ, 3); 44 tt_int_op(rh.recognized, OP_EQ, 0); 45 tt_int_op(rh.stream_id, OP_EQ, 0x2122); 46 tt_mem_op(rh.integrity, OP_EQ, "ABCD", 4); 47 tt_int_op(rh.length, OP_EQ, 0x103); 48 49 relay_header_pack(hdr_out, &rh); 50 tt_mem_op(hdr_out, OP_EQ, hdr_1, RELAY_HEADER_SIZE_V0); 51 52 done: 53 ; 54 } 55 56 static void 57 make_relay_msg(relay_msg_t *out, uint8_t command, 58 const void *body, size_t bodylen) 59 { 60 memset(out, 0, sizeof(*out)); 61 out->command = command; 62 out->body = (uint8_t *)body; 63 out->length = bodylen; 64 out->stream_id = 5; 65 } 66 67 static void 68 test_cfmt_begin_cells(void *arg) 69 { 70 relay_msg_t msg; 71 begin_cell_t bcell; 72 uint8_t end_reason; 73 (void)arg; 74 75 /* Try begindir. */ 76 memset(&bcell, 0x7f, sizeof(bcell)); 77 make_relay_msg(&msg, RELAY_COMMAND_BEGIN_DIR, "", 0); 78 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 79 tt_ptr_op(NULL, OP_EQ, bcell.address); 80 tt_int_op(0, OP_EQ, bcell.flags); 81 tt_int_op(0, OP_EQ, bcell.port); 82 tt_int_op(5, OP_EQ, bcell.stream_id); 83 tt_int_op(1, OP_EQ, bcell.is_begindir); 84 85 /* A Begindir with extra stuff. */ 86 memset(&bcell, 0x7f, sizeof(bcell)); 87 make_relay_msg(&msg, RELAY_COMMAND_BEGIN_DIR, "12345", 5); 88 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 89 tt_ptr_op(NULL, OP_EQ, bcell.address); 90 tt_int_op(0, OP_EQ, bcell.flags); 91 tt_int_op(0, OP_EQ, bcell.port); 92 tt_int_op(5, OP_EQ, bcell.stream_id); 93 tt_int_op(1, OP_EQ, bcell.is_begindir); 94 95 /* A short but valid begin cell */ 96 memset(&bcell, 0x7f, sizeof(bcell)); 97 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:9", 6); 98 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 99 tt_str_op("a.b", OP_EQ, bcell.address); 100 tt_int_op(0, OP_EQ, bcell.flags); 101 tt_int_op(9, OP_EQ, bcell.port); 102 tt_int_op(5, OP_EQ, bcell.stream_id); 103 tt_int_op(0, OP_EQ, bcell.is_begindir); 104 tor_free(bcell.address); 105 106 /* A significantly loner begin cell */ 107 memset(&bcell, 0x7f, sizeof(bcell)); 108 { 109 const char c[] = "here-is-a-nice-long.hostname.com:65535"; 110 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, c, strlen(c)+1); 111 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 112 tt_str_op("here-is-a-nice-long.hostname.com", OP_EQ, bcell.address); 113 tt_int_op(0, OP_EQ, bcell.flags); 114 tt_int_op(65535, OP_EQ, bcell.port); 115 tt_int_op(5, OP_EQ, bcell.stream_id); 116 tt_int_op(0, OP_EQ, bcell.is_begindir); 117 tor_free(bcell.address); 118 } 119 120 /* An IPv4 begin cell. */ 121 memset(&bcell, 0x7f, sizeof(bcell)); 122 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "18.9.22.169:80", 15); 123 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 124 tt_str_op("18.9.22.169", OP_EQ, bcell.address); 125 tt_int_op(0, OP_EQ, bcell.flags); 126 tt_int_op(80, OP_EQ, bcell.port); 127 tt_int_op(5, OP_EQ, bcell.stream_id); 128 tt_int_op(0, OP_EQ, bcell.is_begindir); 129 tor_free(bcell.address); 130 131 /* An IPv6 begin cell. Let's make sure we handle colons*/ 132 memset(&bcell, 0x7f, sizeof(bcell)); 133 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, 134 "[2620::6b0:b:1a1a:0:26e5:480e]:80", 34); 135 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 136 tt_str_op("[2620::6b0:b:1a1a:0:26e5:480e]", OP_EQ, bcell.address); 137 tt_int_op(0, OP_EQ, bcell.flags); 138 tt_int_op(80, OP_EQ, bcell.port); 139 tt_int_op(5, OP_EQ, bcell.stream_id); 140 tt_int_op(0, OP_EQ, bcell.is_begindir); 141 tor_free(bcell.address); 142 143 /* a begin cell with extra junk but not enough for flags. */ 144 memset(&bcell, 0x7f, sizeof(bcell)); 145 { 146 const char c[] = "another.example.com:80\x00\x01\x02"; 147 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, c, sizeof(c)-1); 148 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 149 tt_str_op("another.example.com", OP_EQ, bcell.address); 150 tt_int_op(0, OP_EQ, bcell.flags); 151 tt_int_op(80, OP_EQ, bcell.port); 152 tt_int_op(5, OP_EQ, bcell.stream_id); 153 tt_int_op(0, OP_EQ, bcell.is_begindir); 154 tor_free(bcell.address); 155 } 156 157 /* a begin cell with flags. */ 158 memset(&bcell, 0x7f, sizeof(bcell)); 159 { 160 const char c[] = "another.example.com:443\x00\x01\x02\x03\x04"; 161 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, c, sizeof(c)-1); 162 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 163 tt_str_op("another.example.com", OP_EQ, bcell.address); 164 tt_int_op(0x1020304, OP_EQ, bcell.flags); 165 tt_int_op(443, OP_EQ, bcell.port); 166 tt_int_op(5, OP_EQ, bcell.stream_id); 167 tt_int_op(0, OP_EQ, bcell.is_begindir); 168 tor_free(bcell.address); 169 } 170 171 /* a begin cell with flags and even more cruft after that. */ 172 memset(&bcell, 0x7f, sizeof(bcell)); 173 { 174 const char c[] = "a-further.example.com:22\x00\xee\xaa\x00\xffHi mom"; 175 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, c, sizeof(c)-1); 176 tt_int_op(0, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 177 tt_str_op("a-further.example.com", OP_EQ, bcell.address); 178 tt_int_op(0xeeaa00ff, OP_EQ, bcell.flags); 179 tt_int_op(22, OP_EQ, bcell.port); 180 tt_int_op(5, OP_EQ, bcell.stream_id); 181 tt_int_op(0, OP_EQ, bcell.is_begindir); 182 tor_free(bcell.address); 183 } 184 185 #if 0 186 // Note: This is now checked at when we decode the relay message. 187 /* bad begin cell: impossible length. */ 188 memset(&bcell, 0x7f, sizeof(bcell)); 189 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:80", 7); 190 msg.length = 510; 191 tt_int_op(-2, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 192 #endif 193 194 /* Bad begin cell: no body. */ 195 memset(&bcell, 0x7f, sizeof(bcell)); 196 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "", 0); 197 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 198 199 /* bad begin cell: no body. */ 200 memset(&bcell, 0x7f, sizeof(bcell)); 201 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "", 0); 202 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 203 204 /* bad begin cell: no colon */ 205 memset(&bcell, 0x7f, sizeof(bcell)); 206 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b", 4); 207 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 208 209 /* bad begin cell: no ports */ 210 memset(&bcell, 0x7f, sizeof(bcell)); 211 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:", 5); 212 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 213 214 /* bad begin cell: bad port */ 215 memset(&bcell, 0x7f, sizeof(bcell)); 216 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:xyz", 8); 217 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 218 memset(&bcell, 0x7f, sizeof(bcell)); 219 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:100000", 11); 220 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 221 222 /* bad begin cell: no nul */ 223 memset(&bcell, 0x7f, sizeof(bcell)); 224 make_relay_msg(&msg, RELAY_COMMAND_BEGIN, "a.b:80", 6); 225 tt_int_op(-1, OP_EQ, begin_cell_parse(&msg, &bcell, &end_reason)); 226 227 done: 228 tor_free(bcell.address); 229 } 230 231 static void 232 test_cfmt_connected_cells(void *arg) 233 { 234 tor_addr_t addr; 235 int ttl, r; 236 char *mem_op_hex_tmp = NULL; 237 relay_msg_t msg; 238 uint8_t buf[512]; 239 (void)arg; 240 241 /* Let's try an oldschool one with nothing in it. */ 242 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, "", 0); 243 r = connected_cell_parse(&msg, &addr, &ttl); 244 tt_int_op(r, OP_EQ, 0); 245 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_UNSPEC); 246 tt_int_op(ttl, OP_EQ, -1); 247 248 /* A slightly less oldschool one: only an IPv4 address */ 249 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, "\x20\x30\x40\x50", 4); 250 r = connected_cell_parse(&msg, &addr, &ttl); 251 tt_int_op(r, OP_EQ, 0); 252 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET); 253 tt_str_op(fmt_addr(&addr), OP_EQ, "32.48.64.80"); 254 tt_int_op(ttl, OP_EQ, -1); 255 256 /* Bogus but understandable: truncated TTL */ 257 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, "\x11\x12\x13\x14\x15", 5); 258 r = connected_cell_parse(&msg, &addr, &ttl); 259 tt_int_op(r, OP_EQ, 0); 260 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET); 261 tt_str_op(fmt_addr(&addr), OP_EQ, "17.18.19.20"); 262 tt_int_op(ttl, OP_EQ, -1); 263 264 /* Regular IPv4 one: address and TTL */ 265 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 266 "\x02\x03\x04\x05\x00\x00\x0e\x10", 8); 267 r = connected_cell_parse(&msg, &addr, &ttl); 268 tt_int_op(r, OP_EQ, 0); 269 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET); 270 tt_str_op(fmt_addr(&addr), OP_EQ, "2.3.4.5"); 271 tt_int_op(ttl, OP_EQ, 3600); 272 273 /* IPv4 with too-big TTL */ 274 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 275 "\x02\x03\x04\x05\xf0\x00\x00\x00", 8); 276 r = connected_cell_parse(&msg, &addr, &ttl); 277 tt_int_op(r, OP_EQ, 0); 278 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET); 279 tt_str_op(fmt_addr(&addr), OP_EQ, "2.3.4.5"); 280 tt_int_op(ttl, OP_EQ, -1); 281 282 /* IPv6 (ttl is mandatory) */ 283 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 284 "\x00\x00\x00\x00\x06" 285 "\x26\x07\xf8\xb0\x40\x0c\x0c\x02" 286 "\x00\x00\x00\x00\x00\x00\x00\x68" 287 "\x00\x00\x02\x58", 25); 288 r = connected_cell_parse(&msg, &addr, &ttl); 289 tt_int_op(r, OP_EQ, 0); 290 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET6); 291 tt_str_op(fmt_addr(&addr), OP_EQ, "2607:f8b0:400c:c02::68"); 292 tt_int_op(ttl, OP_EQ, 600); 293 294 /* IPv6 (ttl too big) */ 295 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 296 "\x00\x00\x00\x00\x06" 297 "\x26\x07\xf8\xb0\x40\x0c\x0c\x02" 298 "\x00\x00\x00\x00\x00\x00\x00\x68" 299 "\x90\x00\x02\x58", 25); 300 r = connected_cell_parse(&msg, &addr, &ttl); 301 tt_int_op(r, OP_EQ, 0); 302 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET6); 303 tt_str_op(fmt_addr(&addr), OP_EQ, "2607:f8b0:400c:c02::68"); 304 tt_int_op(ttl, OP_EQ, -1); 305 306 /* Bogus size: 3. */ 307 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 308 "\x00\x01\x02", 3); 309 r = connected_cell_parse(&msg, &addr, &ttl); 310 tt_int_op(r, OP_EQ, -1); 311 312 /* Bogus family: 7. */ 313 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 314 "\x00\x00\x00\x00\x07" 315 "\x26\x07\xf8\xb0\x40\x0c\x0c\x02" 316 "\x00\x00\x00\x00\x00\x00\x00\x68" 317 "\x90\x00\x02\x58", 25); 318 r = connected_cell_parse(&msg, &addr, &ttl); 319 tt_int_op(r, OP_EQ, -1); 320 321 /* Truncated IPv6. */ 322 make_relay_msg(&msg, RELAY_COMMAND_CONNECTED, 323 "\x00\x00\x00\x00\x06" 324 "\x26\x07\xf8\xb0\x40\x0c\x0c\x02" 325 "\x00\x00\x00\x00\x00\x00\x00\x68" 326 "\x00\x00\x02", 24); 327 r = connected_cell_parse(&msg, &addr, &ttl); 328 tt_int_op(r, OP_EQ, -1); 329 330 /* Now make sure we can generate connected cells correctly. */ 331 /* Try an IPv4 address */ 332 tor_addr_parse(&addr, "30.40.50.60"); 333 msg.body = buf; 334 msg.length = connected_cell_format_payload(buf, &addr, 1024); 335 tt_int_op(msg.length, OP_EQ, 8); 336 test_memeq_hex(msg.body, "1e28323c" "00000400"); 337 338 /* Try parsing it. */ 339 tor_addr_make_unspec(&addr); 340 r = connected_cell_parse(&msg, &addr, &ttl); 341 tt_int_op(r, OP_EQ, 0); 342 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET); 343 tt_str_op(fmt_addr(&addr), OP_EQ, "30.40.50.60"); 344 tt_int_op(ttl, OP_EQ, 1024); 345 346 /* Try an IPv6 address */ 347 tor_addr_parse(&addr, "2620::6b0:b:1a1a:0:26e5:480e"); 348 msg.length = connected_cell_format_payload(buf, &addr, 3600); 349 tt_int_op(msg.length, OP_EQ, 25); 350 test_memeq_hex(msg.body, 351 "00000000" "06" 352 "2620000006b0000b1a1a000026e5480e" "00000e10"); 353 354 /* Try parsing it. */ 355 tor_addr_make_unspec(&addr); 356 r = connected_cell_parse(&msg, &addr, &ttl); 357 tt_int_op(r, OP_EQ, 0); 358 tt_int_op(tor_addr_family(&addr), OP_EQ, AF_INET6); 359 tt_str_op(fmt_addr(&addr), OP_EQ, "2620:0:6b0:b:1a1a:0:26e5:480e"); 360 tt_int_op(ttl, OP_EQ, 3600); 361 362 done: 363 tor_free(mem_op_hex_tmp); 364 } 365 366 static void 367 test_cfmt_create_cells(void *arg) 368 { 369 uint8_t b[MAX_ONIONSKIN_CHALLENGE_LEN]; 370 create_cell_t cc; 371 cell_t cell; 372 cell_t cell2; 373 374 (void)arg; 375 376 /* === Let's try parsing some good cells! */ 377 378 /* A valid create_fast cell. */ 379 memset(&cell, 0, sizeof(cell)); 380 memset(b, 0, sizeof(b)); 381 crypto_rand((char*)b, CREATE_FAST_LEN); 382 cell.command = CELL_CREATE_FAST; 383 memcpy(cell.payload, b, CREATE_FAST_LEN); 384 tt_int_op(0, OP_EQ, create_cell_parse(&cc, &cell)); 385 tt_int_op(CELL_CREATE_FAST, OP_EQ, cc.cell_type); 386 tt_int_op(ONION_HANDSHAKE_TYPE_FAST, OP_EQ, cc.handshake_type); 387 tt_int_op(CREATE_FAST_LEN, OP_EQ, cc.handshake_len); 388 tt_mem_op(cc.onionskin,OP_EQ, b, CREATE_FAST_LEN + 10); 389 tt_int_op(0, OP_EQ, create_cell_format(&cell2, &cc)); 390 tt_int_op(cell.command, OP_EQ, cell2.command); 391 tt_mem_op(cell.payload,OP_EQ, cell2.payload, CELL_PAYLOAD_SIZE); 392 393 /* A valid create2 cell with an ntor payload */ 394 memset(&cell, 0, sizeof(cell)); 395 memset(b, 0, sizeof(b)); 396 crypto_rand((char*)b, NTOR_ONIONSKIN_LEN); 397 cell.command = CELL_CREATE2; 398 memcpy(cell.payload, "\x00\x02\x00\x54", 4); /* ntor, 84 bytes long */ 399 memcpy(cell.payload+4, b, NTOR_ONIONSKIN_LEN); 400 tt_int_op(0, OP_EQ, create_cell_parse(&cc, &cell)); 401 tt_int_op(CELL_CREATE2, OP_EQ, cc.cell_type); 402 tt_int_op(ONION_HANDSHAKE_TYPE_NTOR, OP_EQ, cc.handshake_type); 403 tt_int_op(NTOR_ONIONSKIN_LEN, OP_EQ, cc.handshake_len); 404 tt_mem_op(cc.onionskin,OP_EQ, b, NTOR_ONIONSKIN_LEN + 10); 405 tt_int_op(0, OP_EQ, create_cell_format(&cell2, &cc)); 406 tt_int_op(cell.command, OP_EQ, cell2.command); 407 tt_mem_op(cell.payload,OP_EQ, cell2.payload, CELL_PAYLOAD_SIZE); 408 409 /* == Okay, now let's try to parse some impossible stuff. */ 410 411 /* It has to be some kind of a create cell! */ 412 cell.command = CELL_CREATED; 413 tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell)); 414 415 /* You can't actually make an unparseable CREATE or CREATE_FAST cell. */ 416 417 /* Try some CREATE2 cells. First with a bad type. */ 418 cell.command = CELL_CREATE2; 419 memcpy(cell.payload, "\x00\x50\x00\x99", 4); /* Type 0x50???? */ 420 tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell)); 421 /* Now a good type with an incorrect length. */ 422 memcpy(cell.payload, "\x00\x00\x00\xBC", 4); /* TAP, 187 bytes.*/ 423 tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell)); 424 /* Now a good type with a ridiculous length. */ 425 memcpy(cell.payload, "\x00\x00\x02\x00", 4); /* TAP, 512 bytes.*/ 426 tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell)); 427 428 /* == Time to try formatting bad cells. The important thing is that 429 we reject big lengths, so just check that for now. */ 430 cc.handshake_len = 512; 431 tt_int_op(-1, OP_EQ, create_cell_format(&cell2, &cc)); 432 433 /* == Try formatting a create2 cell we don't understand. XXXX */ 434 435 done: 436 ; 437 } 438 439 static void 440 test_cfmt_created_cells(void *arg) 441 { 442 uint8_t b[512]; 443 created_cell_t cc; 444 cell_t cell; 445 cell_t cell2; 446 447 (void)arg; 448 449 /* A good CREATED_FAST cell */ 450 memset(&cell, 0, sizeof(cell)); 451 memset(b, 0, sizeof(b)); 452 crypto_rand((char*)b, CREATED_FAST_LEN); 453 cell.command = CELL_CREATED_FAST; 454 memcpy(cell.payload, b, CREATED_FAST_LEN); 455 tt_int_op(0, OP_EQ, created_cell_parse(&cc, &cell)); 456 tt_int_op(CELL_CREATED_FAST, OP_EQ, cc.cell_type); 457 tt_int_op(CREATED_FAST_LEN, OP_EQ, cc.handshake_len); 458 tt_mem_op(cc.reply,OP_EQ, b, CREATED_FAST_LEN + 10); 459 tt_int_op(0, OP_EQ, created_cell_format(&cell2, &cc)); 460 tt_int_op(cell.command, OP_EQ, cell2.command); 461 tt_mem_op(cell.payload,OP_EQ, cell2.payload, CELL_PAYLOAD_SIZE); 462 463 /* A good CREATED2 cell with short reply */ 464 memset(&cell, 0, sizeof(cell)); 465 memset(b, 0, sizeof(b)); 466 crypto_rand((char*)b, 64); 467 cell.command = CELL_CREATED2; 468 memcpy(cell.payload, "\x00\x40", 2); 469 memcpy(cell.payload+2, b, 64); 470 tt_int_op(0, OP_EQ, created_cell_parse(&cc, &cell)); 471 tt_int_op(CELL_CREATED2, OP_EQ, cc.cell_type); 472 tt_int_op(64, OP_EQ, cc.handshake_len); 473 tt_mem_op(cc.reply,OP_EQ, b, 80); 474 tt_int_op(0, OP_EQ, created_cell_format(&cell2, &cc)); 475 tt_int_op(cell.command, OP_EQ, cell2.command); 476 tt_mem_op(cell.payload,OP_EQ, cell2.payload, CELL_PAYLOAD_SIZE); 477 478 /* A good CREATED2 cell with maximal reply */ 479 memset(&cell, 0, sizeof(cell)); 480 memset(b, 0, sizeof(b)); 481 crypto_rand((char*)b, 496); 482 cell.command = CELL_CREATED2; 483 memcpy(cell.payload, "\x01\xF0", 2); 484 memcpy(cell.payload+2, b, 496); 485 tt_int_op(0, OP_EQ, created_cell_parse(&cc, &cell)); 486 tt_int_op(CELL_CREATED2, OP_EQ, cc.cell_type); 487 tt_int_op(496, OP_EQ, cc.handshake_len); 488 tt_mem_op(cc.reply,OP_EQ, b, 496); 489 tt_int_op(0, OP_EQ, created_cell_format(&cell2, &cc)); 490 tt_int_op(cell.command, OP_EQ, cell2.command); 491 tt_mem_op(cell.payload,OP_EQ, cell2.payload, CELL_PAYLOAD_SIZE); 492 493 /* Bogus CREATED2 cell: too long! */ 494 memset(&cell, 0, sizeof(cell)); 495 memset(b, 0, sizeof(b)); 496 crypto_rand((char*)b, 496); 497 cell.command = CELL_CREATED2; 498 memcpy(cell.payload, "\x02\xFF", 2); 499 tt_int_op(-1, OP_EQ, created_cell_parse(&cc, &cell)); 500 501 /* Unformattable CREATED2 cell: too long! */ 502 cc.handshake_len = 508; 503 tt_int_op(-1, OP_EQ, created_cell_format(&cell2, &cc)); 504 505 done: 506 ; 507 } 508 509 static void 510 test_cfmt_extend_cells(void *arg) 511 { 512 cell_t cell; 513 uint8_t b[512]; 514 extend_cell_t ec; 515 create_cell_t *cc = &ec.create_cell; 516 uint8_t p[RELAY_PAYLOAD_SIZE]; 517 uint8_t p2[RELAY_PAYLOAD_SIZE]; 518 uint8_t p2_cmd; 519 uint16_t p2_len; 520 char *mem_op_hex_tmp = NULL; 521 522 (void) arg; 523 524 /* Now let's do a minimal ntor EXTEND2 cell. */ 525 memset(&ec, 0xff, sizeof(ec)); 526 memset(p, 0, sizeof(p)); 527 memset(b, 0, sizeof(b)); 528 crypto_rand((char*)b, NTOR_ONIONSKIN_LEN); 529 /* 2 items; one 18.244.0.1:61681 */ 530 memcpy(p, "\x02\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 531 /* The other is a digest. */ 532 memcpy(p+9, "\x02\x14" "anarchoindividualist", 22); 533 /* Prep for the handshake: type and length */ 534 memcpy(p+31, "\x00\x02\x00\x54", 4); 535 memcpy(p+35, b, NTOR_ONIONSKIN_LEN); 536 tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 537 p, 35+NTOR_ONIONSKIN_LEN)); 538 tt_int_op(RELAY_COMMAND_EXTEND2, OP_EQ, ec.cell_type); 539 tt_str_op("18.244.0.1", OP_EQ, fmt_addr(&ec.orport_ipv4.addr)); 540 tt_int_op(61681, OP_EQ, ec.orport_ipv4.port); 541 tt_int_op(AF_UNSPEC, OP_EQ, tor_addr_family(&ec.orport_ipv6.addr)); 542 tt_mem_op(ec.node_id,OP_EQ, "anarchoindividualist", 20); 543 tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); 544 tt_int_op(cc->handshake_type, OP_EQ, ONION_HANDSHAKE_TYPE_NTOR); 545 tt_int_op(cc->handshake_len, OP_EQ, NTOR_ONIONSKIN_LEN); 546 tt_mem_op(cc->onionskin,OP_EQ, b, NTOR_ONIONSKIN_LEN+20); 547 tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); 548 tt_int_op(p2_cmd, OP_EQ, RELAY_COMMAND_EXTEND2); 549 tt_int_op(p2_len, OP_EQ, 35+NTOR_ONIONSKIN_LEN); 550 tt_mem_op(p2,OP_EQ, p, RELAY_PAYLOAD_SIZE); 551 552 /* Now let's do a fanciful EXTEND2 cell. */ 553 memset(&ec, 0xff, sizeof(ec)); 554 memset(p, 0, sizeof(p)); 555 memset(b, 0, sizeof(b)); 556 crypto_rand((char*)b, 99); 557 /* 4 items; one 18 244 0 1 61681 */ 558 memcpy(p, "\x04\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 559 /* One is a digest. */ 560 memcpy(p+9, "\x02\x14" "anthropomorphization", 22); 561 /* One is an ipv6 address */ 562 memcpy(p+31, "\x01\x12\x20\x02\x00\x00\x00\x00\x00\x00" 563 "\x00\x00\x00\x00\x00\xf0\xc5\x1e\x11\x12", 20); 564 /* One is the Konami code. */ 565 memcpy(p+51, "\xf0\x20upupdowndownleftrightleftrightba", 34); 566 /* Prep for the handshake: weird type and length */ 567 memcpy(p+85, "\x01\x05\x00\x63", 4); 568 memcpy(p+89, b, 99); 569 tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, p, 89+99)); 570 tt_int_op(RELAY_COMMAND_EXTEND2, OP_EQ, ec.cell_type); 571 tt_str_op("18.244.0.1", OP_EQ, fmt_addr(&ec.orport_ipv4.addr)); 572 tt_int_op(61681, OP_EQ, ec.orport_ipv4.port); 573 tt_str_op("2002::f0:c51e", OP_EQ, fmt_addr(&ec.orport_ipv6.addr)); 574 tt_int_op(4370, OP_EQ, ec.orport_ipv6.port); 575 tt_assert(ed25519_public_key_is_zero(&ec.ed_pubkey)); 576 tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20); 577 tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); 578 tt_int_op(cc->handshake_type, OP_EQ, 0x105); 579 tt_int_op(cc->handshake_len, OP_EQ, 99); 580 tt_mem_op(cc->onionskin,OP_EQ, b, 99+20); 581 tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); 582 tt_int_op(p2_cmd, OP_EQ, RELAY_COMMAND_EXTEND2); 583 /* We'll generate it minus the konami code */ 584 tt_int_op(p2_len, OP_EQ, 89+99-34); 585 test_memeq_hex(p2, 586 /* Three items */ 587 "03" 588 /* IPv4 address */ 589 "0006" "12F40001" "F0F1" 590 /* The next is an RSA digest: anthropomorphization */ 591 "0214" "616e7468726f706f6d6f727068697a6174696f6e" 592 /*IPv6 address */ 593 "0112" "20020000000000000000000000f0c51e" "1112" 594 /* Now the handshake prologue */ 595 "01050063"); 596 tt_mem_op(p2+1+8+22+20+4, OP_EQ, b, 99+20); 597 tt_int_op(0, OP_EQ, create_cell_format_relayed(&cell, cc)); 598 599 /* Now let's add an ed25519 key to that extend2 cell. */ 600 memcpy(ec.ed_pubkey.pubkey, 601 "brownshoesdontmakeit/brownshoesd", 32); 602 603 /* As before, since we aren't extending by ed25519. */ 604 get_options_mutable()->ExtendByEd25519ID = 0; 605 tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); 606 tt_int_op(p2_len, OP_EQ, 89+99-34); 607 test_memeq_hex(p2, 608 "03" 609 "000612F40001F0F1" 610 "0214616e7468726f706f6d6f727068697a6174696f6e" 611 "011220020000000000000000000000f0c51e1112" 612 "01050063"); 613 614 /* Now try with the ed25519 ID. */ 615 get_options_mutable()->ExtendByEd25519ID = 1; 616 tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); 617 tt_int_op(p2_len, OP_EQ, 89+99); 618 test_memeq_hex(p2, 619 /* Four items */ 620 "04" 621 /* IPv4 address */ 622 "0006" "12F40001" "F0F1" 623 /* The next is an RSA digest: anthropomorphization */ 624 "0214616e7468726f706f6d6f727068697a6174696f6e" 625 /* Then an ed public key: brownshoesdontmakeit/brownshoesd */ 626 "0320" "62726f776e73686f6573646f6e746d616b656" 627 "9742f62726f776e73686f657364" 628 /*IPv6 address */ 629 "0112" "20020000000000000000000000f0c51e" "1112" 630 /* Now the handshake prologue */ 631 "01050063"); 632 /* Can we parse that? Did the key come through right? */ 633 memset(&ec, 0, sizeof(ec)); 634 tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 635 p2, p2_len)); 636 tt_mem_op("brownshoesdontmakeit/brownshoesd", OP_EQ, 637 ec.ed_pubkey.pubkey, 32); 638 639 /* Now try IPv6 without IPv4 */ 640 memset(p, 0, sizeof(p)); 641 memcpy(p, "\x02", 1); 642 memcpy(p+1, "\x02\x14" "anthropomorphization", 22); 643 memcpy(p+23, "\x01\x12" "xxxxxxxxxxxxxxxxYY", 20); 644 memcpy(p+43, "\xff\xff\x00\x20", 4); 645 tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 646 p, sizeof(p))); 647 tt_int_op(RELAY_COMMAND_EXTEND2, OP_EQ, ec.cell_type); 648 tt_assert(fast_mem_is_zero((const char *)&ec.orport_ipv4.addr, 649 sizeof(tor_addr_t))); 650 tt_int_op(0, OP_EQ, ec.orport_ipv4.port); 651 tt_str_op("7878:7878:7878:7878:7878:7878:7878:7878", 652 OP_EQ, fmt_addr(&ec.orport_ipv6.addr)); 653 tt_int_op(22873, OP_EQ, ec.orport_ipv6.port); 654 tt_assert(ed25519_public_key_is_zero(&ec.ed_pubkey)); 655 tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20); 656 tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); 657 tt_int_op(cc->handshake_type, OP_EQ, 0xffff); 658 tt_int_op(cc->handshake_len, OP_EQ, 32); 659 tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); 660 tt_int_op(p2_cmd, OP_EQ, RELAY_COMMAND_EXTEND2); 661 tt_int_op(p2_len, OP_EQ, 47+32); 662 test_memeq_hex(p2, 663 /* Two items */ 664 "02" 665 /* The next is an RSA digest: anthropomorphization */ 666 "0214" "616e7468726f706f6d6f727068697a6174696f6e" 667 /*IPv6 address */ 668 "0112" "78787878787878787878787878787878" "5959" 669 /* Now the handshake prologue */ 670 "ffff0020"); 671 tt_int_op(0, OP_EQ, create_cell_format_relayed(&cell, cc)); 672 673 /* == Now try parsing some junk */ 674 675 /* Try a too-long handshake */ 676 memset(p, 0, sizeof(p)); 677 memcpy(p, "\x02\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 678 memcpy(p+9, "\x02\x14" "anarchoindividualist", 22); 679 memcpy(p+31, "\xff\xff\x01\xd0", 4); 680 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 681 p, sizeof(p))); 682 683 /* Try two identities. */ 684 memset(p, 0, sizeof(p)); 685 memcpy(p, "\x03\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 686 memcpy(p+9, "\x02\x14" "anarchoindividualist", 22); 687 memcpy(p+31, "\x02\x14" "autodepolymerization", 22); 688 memcpy(p+53, "\xff\xff\x00\x10", 4); 689 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 690 p, sizeof(p))); 691 692 /* No identities. */ 693 memset(p, 0, sizeof(p)); 694 memcpy(p, "\x01\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 695 memcpy(p+53, "\xff\xff\x00\x10", 4); 696 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 697 p, sizeof(p))); 698 699 /* Try a bad IPv4 address (too long, too short)*/ 700 memset(p, 0, sizeof(p)); 701 memcpy(p, "\x02\x00\x07\x12\xf4\x00\x01\xf0\xf1\xff", 10); 702 memcpy(p+10, "\x02\x14" "anarchoindividualist", 22); 703 memcpy(p+32, "\xff\xff\x00\x10", 4); 704 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 705 p, sizeof(p))); 706 memset(p, 0, sizeof(p)); 707 memcpy(p, "\x02\x00\x05\x12\xf4\x00\x01\xf0", 8); 708 memcpy(p+8, "\x02\x14" "anarchoindividualist", 22); 709 memcpy(p+30, "\xff\xff\x00\x10", 4); 710 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 711 p, sizeof(p))); 712 713 /* IPv6 address (too long, too short, no IPv4)*/ 714 memset(p, 0, sizeof(p)); 715 memcpy(p, "\x03\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 716 memcpy(p+9, "\x02\x14" "anarchoindividualist", 22); 717 memcpy(p+31, "\x01\x13" "xxxxxxxxxxxxxxxxYYZ", 19); 718 memcpy(p+50, "\xff\xff\x00\x20", 4); 719 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 720 p, sizeof(p))); 721 memset(p, 0, sizeof(p)); 722 memcpy(p, "\x03\x00\x06\x12\xf4\x00\x01\xf0\xf1", 9); 723 memcpy(p+9, "\x02\x14" "anarchoindividualist", 22); 724 memcpy(p+31, "\x01\x11" "xxxxxxxxxxxxxxxxY", 17); 725 memcpy(p+48, "\xff\xff\x00\x20", 4); 726 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 727 p, sizeof(p))); 728 729 /* Running out of space in specifiers */ 730 memset(p,0,sizeof(p)); 731 memcpy(p, "\x05\x0a\xff", 3); 732 memcpy(p+3+255, "\x0a\xff", 2); 733 tt_int_op(-1, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, 734 p, sizeof(p))); 735 736 /* Fuzz, because why not. */ 737 memset(&ec, 0xff, sizeof(ec)); 738 { 739 int i; 740 memset(p, 0, sizeof(p)); 741 for (i = 0; i < 10000; ++i) { 742 int n = crypto_rand_int(sizeof(p)); 743 crypto_rand((char *)p, n); 744 extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, p, n); 745 } 746 } 747 748 done: 749 tor_free(mem_op_hex_tmp); 750 } 751 752 static void 753 test_cfmt_extended_cells(void *arg) 754 { 755 uint8_t b[512]; 756 extended_cell_t ec; 757 created_cell_t *cc = &ec.created_cell; 758 uint8_t p[RELAY_PAYLOAD_SIZE]; 759 uint8_t p2[RELAY_PAYLOAD_SIZE]; 760 uint8_t p2_cmd; 761 uint16_t p2_len; 762 char *mem_op_hex_tmp = NULL; 763 764 (void) arg; 765 766 /* Try an EXTENDED2 cell */ 767 memset(&ec, 0xff, sizeof(ec)); 768 memset(p, 0, sizeof(p)); 769 memset(b, 0, sizeof(b)); 770 crypto_rand((char*)b, 42); 771 memcpy(p,"\x00\x2a",2); 772 memcpy(p+2,b,42); 773 tt_int_op(0, OP_EQ, 774 extended_cell_parse(&ec, RELAY_COMMAND_EXTENDED2, p, 2+42)); 775 tt_int_op(RELAY_COMMAND_EXTENDED2, OP_EQ, ec.cell_type); 776 tt_int_op(cc->cell_type, OP_EQ, CELL_CREATED2); 777 tt_int_op(cc->handshake_len, OP_EQ, 42); 778 tt_mem_op(cc->reply,OP_EQ, b, 42+10); 779 tt_int_op(0, OP_EQ, extended_cell_format(&p2_cmd, &p2_len, p2, &ec)); 780 tt_int_op(RELAY_COMMAND_EXTENDED2, OP_EQ, p2_cmd); 781 tt_int_op(2+42, OP_EQ, p2_len); 782 tt_mem_op(p2,OP_EQ, p, sizeof(p2)); 783 784 /* Try an almost-too-long EXTENDED2 cell */ 785 memcpy(p, "\x01\xf0", 2); 786 tt_int_op(0, OP_EQ, 787 extended_cell_parse(&ec, RELAY_COMMAND_EXTENDED2, p, sizeof(p))); 788 789 /* Now try a too-long extended2 cell. That's the only misparse I can think 790 * of. */ 791 memcpy(p, "\x01\xf1", 2); 792 tt_int_op(-1, OP_EQ, 793 extended_cell_parse(&ec, RELAY_COMMAND_EXTENDED2, p, sizeof(p))); 794 795 done: 796 tor_free(mem_op_hex_tmp); 797 } 798 799 static void 800 test_cfmt_resolved_cells(void *arg) 801 { 802 smartlist_t *addrs = smartlist_new(); 803 int r, errcode; 804 address_ttl_t *a; 805 relay_msg_t msg; 806 uint8_t buf[500]; 807 808 (void)arg; 809 #define CLEAR_CELL() do { \ 810 memset(&msg, 0, sizeof(msg)); \ 811 memset(&buf, 0, sizeof(buf)); \ 812 } while (0) 813 #define CLEAR_ADDRS() do { \ 814 SMARTLIST_FOREACH(addrs, address_ttl_t *, aa_, \ 815 address_ttl_free(aa_); ); \ 816 smartlist_clear(addrs); \ 817 } while (0) 818 #define SET_CELL(s) do { \ 819 CLEAR_CELL(); \ 820 memcpy(buf, (s), sizeof((s))-1); \ 821 msg.length = sizeof((s))-1; \ 822 msg.body = buf; \ 823 msg.command = RELAY_COMMAND_RESOLVED; \ 824 errcode = -1; \ 825 } while (0) 826 827 /* The cell format is one or more answers; each of the form 828 * type [1 byte---0:hostname, 4:ipv4, 6:ipv6, f0:err-transient, f1:err] 829 * length [1 byte] 830 * body [length bytes] 831 * ttl [4 bytes] 832 */ 833 834 /* Let's try an empty cell */ 835 SET_CELL(""); 836 r = resolved_cell_parse(&msg, addrs, &errcode); 837 tt_int_op(errcode, OP_EQ, 0); 838 tt_int_op(r, OP_EQ, 0); 839 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 840 CLEAR_ADDRS(); /* redundant but let's be consistent */ 841 842 /* Cell with one ipv4 addr */ 843 SET_CELL("\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00"); 844 tt_int_op(msg.length, OP_EQ, 10); 845 r = resolved_cell_parse(&msg, addrs, &errcode); 846 tt_int_op(errcode, OP_EQ, 0); 847 tt_int_op(r, OP_EQ, 0); 848 tt_int_op(smartlist_len(addrs), OP_EQ, 1); 849 a = smartlist_get(addrs, 0); 850 tt_str_op(fmt_addr(&a->addr), OP_EQ, "127.0.2.10"); 851 tt_ptr_op(a->hostname, OP_EQ, NULL); 852 tt_int_op(a->ttl, OP_EQ, 256); 853 CLEAR_ADDRS(); 854 855 /* Cell with one ipv6 addr */ 856 SET_CELL("\x06\x10" 857 "\x20\x02\x90\x90\x00\x00\x00\x00" 858 "\x00\x00\x00\x00\xf0\xf0\xab\xcd" 859 "\x02\00\x00\x01"); 860 tt_int_op(msg.length, OP_EQ, 22); 861 r = resolved_cell_parse(&msg, addrs, &errcode); 862 tt_int_op(errcode, OP_EQ, 0); 863 tt_int_op(r, OP_EQ, 0); 864 tt_int_op(smartlist_len(addrs), OP_EQ, 1); 865 a = smartlist_get(addrs, 0); 866 tt_str_op(fmt_addr(&a->addr), OP_EQ, "2002:9090::f0f0:abcd"); 867 tt_ptr_op(a->hostname, OP_EQ, NULL); 868 tt_int_op(a->ttl, OP_EQ, 0x2000001); 869 CLEAR_ADDRS(); 870 871 /* Cell with one hostname */ 872 SET_CELL("\x00\x11" 873 "motherbrain.zebes" 874 "\x00\00\x00\x00"); 875 tt_int_op(msg.length, OP_EQ, 23); 876 r = resolved_cell_parse(&msg, addrs, &errcode); 877 tt_int_op(errcode, OP_EQ, 0); 878 tt_int_op(r, OP_EQ, 0); 879 tt_int_op(smartlist_len(addrs), OP_EQ, 1); 880 a = smartlist_get(addrs, 0); 881 tt_assert(tor_addr_is_null(&a->addr)); 882 tt_str_op(a->hostname, OP_EQ, "motherbrain.zebes"); 883 tt_int_op(a->ttl, OP_EQ, 0); 884 CLEAR_ADDRS(); 885 886 #define LONG_NAME \ 887 "this-hostname-has-255-characters.in-order-to-test-whether-very-long.ho" \ 888 "stnames-are-accepted.i-am-putting-it-in-a-macro-because-although.this-" \ 889 "function-is-already-very-full.of-copy-and-pasted-stuff.having-this-app" \ 890 "ear-more-than-once-would-bother-me-somehow.is" 891 892 tt_int_op(strlen(LONG_NAME), OP_EQ, 255); 893 SET_CELL("\x00\xff" 894 LONG_NAME 895 "\x00\01\x00\x00"); 896 tt_int_op(msg.length, OP_EQ, 261); 897 r = resolved_cell_parse(&msg, addrs, &errcode); 898 tt_int_op(errcode, OP_EQ, 0); 899 tt_int_op(r, OP_EQ, 0); 900 tt_int_op(smartlist_len(addrs), OP_EQ, 1); 901 a = smartlist_get(addrs, 0); 902 tt_assert(tor_addr_is_null(&a->addr)); 903 tt_str_op(a->hostname, OP_EQ, LONG_NAME); 904 tt_int_op(a->ttl, OP_EQ, 65536); 905 CLEAR_ADDRS(); 906 907 /* Cells with an error */ 908 SET_CELL("\xf0\x2b" 909 "I'm sorry, Dave. I'm afraid I can't do that" 910 "\x00\x11\x22\x33"); 911 tt_int_op(msg.length, OP_EQ, 49); 912 r = resolved_cell_parse(&msg, addrs, &errcode); 913 tt_int_op(errcode, OP_EQ, RESOLVED_TYPE_ERROR_TRANSIENT); 914 tt_int_op(r, OP_EQ, 0); 915 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 916 CLEAR_ADDRS(); 917 918 SET_CELL("\xf1\x40" 919 "This hostname is too important for me to allow you to resolve it" 920 "\x00\x00\x00\x00"); 921 tt_int_op(msg.length, OP_EQ, 70); 922 r = resolved_cell_parse(&msg, addrs, &errcode); 923 tt_int_op(errcode, OP_EQ, RESOLVED_TYPE_ERROR); 924 tt_int_op(r, OP_EQ, 0); 925 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 926 CLEAR_ADDRS(); 927 928 /* Cell with an unrecognized type */ 929 SET_CELL("\xee\x16" 930 "fault in the AE35 unit" 931 "\x09\x09\x01\x01"); 932 tt_int_op(msg.length, OP_EQ, 28); 933 r = resolved_cell_parse(&msg, addrs, &errcode); 934 tt_int_op(errcode, OP_EQ, 0); 935 tt_int_op(r, OP_EQ, 0); 936 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 937 CLEAR_ADDRS(); 938 939 /* Cell with one of each */ 940 SET_CELL(/* unrecognized: */ 941 "\xee\x16" 942 "fault in the AE35 unit" 943 "\x09\x09\x01\x01" 944 /* error: */ 945 "\xf0\x2b" 946 "I'm sorry, Dave. I'm afraid I can't do that" 947 "\x00\x11\x22\x33" 948 /* IPv6: */ 949 "\x06\x10" 950 "\x20\x02\x90\x90\x00\x00\x00\x00" 951 "\x00\x00\x00\x00\xf0\xf0\xab\xcd" 952 "\x02\00\x00\x01" 953 /* IPv4: */ 954 "\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00" 955 /* Hostname: */ 956 "\x00\x11" 957 "motherbrain.zebes" 958 "\x00\00\x00\x00" 959 ); 960 r = resolved_cell_parse(&msg, addrs, &errcode); 961 tt_int_op(errcode, OP_EQ, 0); /* no error reported; we got answers */ 962 tt_int_op(r, OP_EQ, 0); 963 tt_int_op(smartlist_len(addrs), OP_EQ, 3); 964 a = smartlist_get(addrs, 0); 965 tt_str_op(fmt_addr(&a->addr), OP_EQ, "2002:9090::f0f0:abcd"); 966 tt_ptr_op(a->hostname, OP_EQ, NULL); 967 tt_int_op(a->ttl, OP_EQ, 0x2000001); 968 a = smartlist_get(addrs, 1); 969 tt_str_op(fmt_addr(&a->addr), OP_EQ, "127.0.2.10"); 970 tt_ptr_op(a->hostname, OP_EQ, NULL); 971 tt_int_op(a->ttl, OP_EQ, 256); 972 a = smartlist_get(addrs, 2); 973 tt_assert(tor_addr_is_null(&a->addr)); 974 tt_str_op(a->hostname, OP_EQ, "motherbrain.zebes"); 975 tt_int_op(a->ttl, OP_EQ, 0); 976 CLEAR_ADDRS(); 977 978 /* Cell with several of similar type */ 979 SET_CELL(/* IPv4 */ 980 "\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00" 981 "\x04\x04" "\x08\x08\x08\x08" "\x00\00\x01\x05" 982 "\x04\x04" "\x7f\xb0\x02\xb0" "\x00\01\xff\xff" 983 /* IPv6 */ 984 "\x06\x10" 985 "\x20\x02\x90\x00\x00\x00\x00\x00" 986 "\x00\x00\x00\x00\xca\xfe\xf0\x0d" 987 "\x00\00\x00\x01" 988 "\x06\x10" 989 "\x20\x02\x90\x01\x00\x00\x00\x00" 990 "\x00\x00\x00\x00\x00\xfa\xca\xde" 991 "\x00\00\x00\x03"); 992 r = resolved_cell_parse(&msg, addrs, &errcode); 993 tt_int_op(errcode, OP_EQ, 0); 994 tt_int_op(r, OP_EQ, 0); 995 tt_int_op(smartlist_len(addrs), OP_EQ, 5); 996 a = smartlist_get(addrs, 0); 997 tt_str_op(fmt_addr(&a->addr), OP_EQ, "127.0.2.10"); 998 tt_ptr_op(a->hostname, OP_EQ, NULL); 999 tt_int_op(a->ttl, OP_EQ, 256); 1000 a = smartlist_get(addrs, 1); 1001 tt_str_op(fmt_addr(&a->addr), OP_EQ, "8.8.8.8"); 1002 tt_ptr_op(a->hostname, OP_EQ, NULL); 1003 tt_int_op(a->ttl, OP_EQ, 261); 1004 a = smartlist_get(addrs, 2); 1005 tt_str_op(fmt_addr(&a->addr), OP_EQ, "127.176.2.176"); 1006 tt_ptr_op(a->hostname, OP_EQ, NULL); 1007 tt_int_op(a->ttl, OP_EQ, 131071); 1008 a = smartlist_get(addrs, 3); 1009 tt_str_op(fmt_addr(&a->addr), OP_EQ, "2002:9000::cafe:f00d"); 1010 tt_ptr_op(a->hostname, OP_EQ, NULL); 1011 tt_int_op(a->ttl, OP_EQ, 1); 1012 a = smartlist_get(addrs, 4); 1013 tt_str_op(fmt_addr(&a->addr), OP_EQ, "2002:9001::fa:cade"); 1014 tt_ptr_op(a->hostname, OP_EQ, NULL); 1015 tt_int_op(a->ttl, OP_EQ, 3); 1016 CLEAR_ADDRS(); 1017 1018 /* Full cell */ 1019 #define LONG_NAME2 \ 1020 "this-name-has-231-characters.so-that-it-plus-LONG_NAME-can-completely-" \ 1021 "fill-up-the-payload-of-a-cell.its-important-to-check-for-the-full-thin" \ 1022 "g-case.to-avoid-off-by-one-errors.where-full-things-are-misreported-as" \ 1023 ".overflowing-by-one.z" 1024 1025 tt_int_op(strlen(LONG_NAME2), OP_EQ, 231); 1026 SET_CELL("\x00\xff" 1027 LONG_NAME 1028 "\x00\01\x00\x00" 1029 "\x00\xe7" 1030 LONG_NAME2 1031 "\x00\01\x00\x00"); 1032 tt_int_op(msg.length, OP_EQ, RELAY_PAYLOAD_SIZE); 1033 r = resolved_cell_parse(&msg, addrs, &errcode); 1034 tt_int_op(errcode, OP_EQ, 0); 1035 tt_int_op(r, OP_EQ, 0); 1036 tt_int_op(smartlist_len(addrs), OP_EQ, 2); 1037 a = smartlist_get(addrs, 0); 1038 tt_str_op(a->hostname, OP_EQ, LONG_NAME); 1039 a = smartlist_get(addrs, 1); 1040 tt_str_op(a->hostname, OP_EQ, LONG_NAME2); 1041 CLEAR_ADDRS(); 1042 1043 /* BAD CELLS */ 1044 1045 /* Invalid length on an IPv4 */ 1046 SET_CELL("\x04\x03zzz1234"); 1047 r = resolved_cell_parse(&msg, addrs, &errcode); 1048 tt_int_op(errcode, OP_EQ, 0); 1049 tt_int_op(r, OP_EQ, -1); 1050 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1051 SET_CELL("\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00" 1052 "\x04\x05zzzzz1234"); 1053 r = resolved_cell_parse(&msg, addrs, &errcode); 1054 tt_int_op(errcode, OP_EQ, 0); 1055 tt_int_op(r, OP_EQ, -1); 1056 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1057 1058 /* Invalid length on an IPv6 */ 1059 SET_CELL("\x06\x03zzz1234"); 1060 r = resolved_cell_parse(&msg, addrs, &errcode); 1061 tt_int_op(errcode, OP_EQ, 0); 1062 tt_int_op(r, OP_EQ, -1); 1063 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1064 SET_CELL("\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00" 1065 "\x06\x17wwwwwwwwwwwwwwwww1234"); 1066 r = resolved_cell_parse(&msg, addrs, &errcode); 1067 tt_int_op(errcode, OP_EQ, 0); 1068 tt_int_op(r, OP_EQ, -1); 1069 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1070 SET_CELL("\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00" 1071 "\x06\x10xxxx"); 1072 r = resolved_cell_parse(&msg, addrs, &errcode); 1073 tt_int_op(errcode, OP_EQ, 0); 1074 tt_int_op(r, OP_EQ, -1); 1075 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1076 1077 /* Empty hostname */ 1078 SET_CELL("\x00\x00xxxx"); 1079 r = resolved_cell_parse(&msg, addrs, &errcode); 1080 tt_int_op(errcode, OP_EQ, 0); 1081 tt_int_op(r, OP_EQ, -1); 1082 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1083 1084 #if 0 1085 //No longer possible with relay message encoding. 1086 /* rh.length out of range */ 1087 CLEAR_CELL(); 1088 rh.length = 499; 1089 r = resolved_cell_parse(&msg, addrs, &errcode); 1090 tt_int_op(errcode, OP_EQ, 0); 1091 tt_int_op(r, OP_EQ, -1); 1092 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1093 #endif 1094 1095 /* Item length extends beyond rh.length */ 1096 CLEAR_CELL(); 1097 SET_CELL("\x00\xff" 1098 LONG_NAME 1099 "\x00\01\x00\x00"); 1100 msg.length -= 1; 1101 r = resolved_cell_parse(&msg, addrs, &errcode); 1102 tt_int_op(r, OP_EQ, -1); 1103 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1104 msg.length -= 5; 1105 r = resolved_cell_parse(&msg, addrs, &errcode); 1106 tt_int_op(r, OP_EQ, -1); 1107 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1108 1109 SET_CELL("\x04\x04" "\x7f\x00\x02\x0a" "\x00\00\x01\x00"); 1110 msg.length -= 1; 1111 r = resolved_cell_parse(&msg, addrs, &errcode); 1112 tt_int_op(r, OP_EQ, -1); 1113 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1114 1115 SET_CELL("\xee\x10" 1116 "\x20\x02\x90\x01\x00\x00\x00\x00" 1117 "\x00\x00\x00\x00\x00\xfa\xca\xde" 1118 "\x00\00\x00\x03"); 1119 msg.length -= 1; 1120 r = resolved_cell_parse(&msg, addrs, &errcode); 1121 tt_int_op(r, OP_EQ, -1); 1122 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1123 1124 /* Truncated item after first character */ 1125 SET_CELL("\x04"); 1126 r = resolved_cell_parse(&msg, addrs, &errcode); 1127 tt_int_op(r, OP_EQ, -1); 1128 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1129 1130 SET_CELL("\xee"); 1131 r = resolved_cell_parse(&msg, addrs, &errcode); 1132 tt_int_op(r, OP_EQ, -1); 1133 tt_int_op(smartlist_len(addrs), OP_EQ, 0); 1134 1135 done: 1136 CLEAR_ADDRS(); 1137 CLEAR_CELL(); 1138 smartlist_free(addrs); 1139 #undef CLEAR_ADDRS 1140 #undef CLEAR_CELL 1141 } 1142 1143 static void 1144 test_cfmt_is_destroy(void *arg) 1145 { 1146 cell_t cell; 1147 packed_cell_t packed; 1148 circid_t circid = 0; 1149 channel_t *chan; 1150 (void)arg; 1151 1152 chan = tor_malloc_zero(sizeof(channel_t)); 1153 1154 memset(&cell, 0xff, sizeof(cell)); 1155 cell.circ_id = 3003; 1156 cell.command = CELL_RELAY; 1157 1158 cell_pack(&packed, &cell, 0); 1159 chan->wide_circ_ids = 0; 1160 tt_assert(! packed_cell_is_destroy(chan, &packed, &circid)); 1161 tt_int_op(circid, OP_EQ, 0); 1162 1163 cell_pack(&packed, &cell, 1); 1164 chan->wide_circ_ids = 1; 1165 tt_assert(! packed_cell_is_destroy(chan, &packed, &circid)); 1166 tt_int_op(circid, OP_EQ, 0); 1167 1168 cell.command = CELL_DESTROY; 1169 1170 cell_pack(&packed, &cell, 0); 1171 chan->wide_circ_ids = 0; 1172 tt_assert(packed_cell_is_destroy(chan, &packed, &circid)); 1173 tt_int_op(circid, OP_EQ, 3003); 1174 1175 circid = 0; 1176 cell_pack(&packed, &cell, 1); 1177 chan->wide_circ_ids = 1; 1178 tt_assert(packed_cell_is_destroy(chan, &packed, &circid)); 1179 1180 done: 1181 tor_free(chan); 1182 } 1183 1184 static void 1185 test_cfmt_relay_msg_encoding_simple(void *arg) 1186 { 1187 (void)arg; 1188 relay_msg_t *msg1 = NULL; 1189 cell_t cell; 1190 char *mem_op_hex_tmp = NULL; 1191 int r; 1192 uint8_t body[100]; 1193 1194 /* Simple message: Data, fits easily in cell. */ 1195 msg1 = tor_malloc_zero(sizeof(relay_msg_t)); 1196 msg1->command = RELAY_COMMAND_DATA; 1197 msg1->stream_id = 0x250; 1198 msg1->length = 11; 1199 msg1->body = body; 1200 strlcpy((char*)body, "hello world", sizeof(body)); 1201 1202 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V0, msg1, &cell); 1203 tt_int_op(r, OP_EQ, 0); 1204 tt_int_op(cell.command, OP_EQ, CELL_RELAY); 1205 tt_int_op(cell.circ_id, OP_EQ, 0); 1206 // command, recognized, streamid, digest, len, payload, zero-padding. 1207 test_memeq_hex(cell.payload, 1208 "02" "0000" "0250" "00000000" "000B" 1209 "68656c6c6f20776f726c64" "00000000"); 1210 // random padding 1211 size_t used = RELAY_HEADER_SIZE_V0 + 11 + 4; 1212 tt_assert(!fast_mem_is_zero((char*)cell.payload + used, 1213 CELL_PAYLOAD_SIZE - used)); 1214 1215 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1216 tt_int_op(r, OP_EQ, 0); 1217 tt_int_op(cell.command, OP_EQ, CELL_RELAY); 1218 tt_int_op(cell.circ_id, OP_EQ, 0); 1219 // tag, command, len, optional streamid, payload, zero-padding 1220 test_memeq_hex(cell.payload, 1221 "00000000000000000000000000000000" 1222 "02" "000B" "0250" 1223 "68656c6c6f20776f726c64" "00000000"); 1224 // random padding. 1225 used = RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + 11 + 4; 1226 tt_assert(!fast_mem_is_zero((char*)cell.payload + used, 1227 CELL_PAYLOAD_SIZE - used)); 1228 1229 /* Message without stream ID: SENDME, fits easily in cell. */ 1230 relay_msg_clear(msg1); 1231 msg1->command = RELAY_COMMAND_SENDME; 1232 msg1->stream_id = 0; 1233 msg1->length = 20; 1234 msg1->body = body; 1235 strlcpy((char *)body, "hello i am a tag....", sizeof(body)); 1236 1237 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V0, msg1, &cell); 1238 tt_int_op(r, OP_EQ, 0); 1239 tt_int_op(cell.command, OP_EQ, CELL_RELAY); 1240 tt_int_op(cell.circ_id, OP_EQ, 0); 1241 // command, recognized, streamid, digest, len, payload, zero-padding. 1242 test_memeq_hex(cell.payload, 1243 "05" "0000" "0000" "00000000" "0014" 1244 "68656c6c6f206920616d2061207461672e2e2e2e" "00000000"); 1245 // random padding 1246 used = RELAY_HEADER_SIZE_V0 + 20 + 4; 1247 tt_assert(!fast_mem_is_zero((char*)cell.payload + used, 1248 CELL_PAYLOAD_SIZE - used)); 1249 1250 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1251 tt_int_op(r, OP_EQ, 0); 1252 tt_int_op(cell.command, OP_EQ, CELL_RELAY); 1253 tt_int_op(cell.circ_id, OP_EQ, 0); 1254 // tag, command, len, optional streamid, payload, zero-padding 1255 test_memeq_hex(cell.payload, 1256 "00000000000000000000000000000000" 1257 "05" "0014" 1258 "68656c6c6f206920616d2061207461672e2e2e2e" "00000000"); 1259 // random padding. 1260 used = RELAY_HEADER_SIZE_V1_NO_STREAM_ID + 20 + 4; 1261 tt_assert(!fast_mem_is_zero((char*)cell.payload + used, 1262 CELL_PAYLOAD_SIZE - used)); 1263 1264 done: 1265 relay_msg_free(msg1); 1266 tor_free(mem_op_hex_tmp); 1267 } 1268 1269 /** Helper for test_cfmt_relay_cell_padding. 1270 * Requires that that the body of 'msg' ends with 'pre_padding_byte', 1271 * and that when encoded, the zero-padding (if any) will appear at 1272 * offset 'zeros_begin_at' in the message. 1273 */ 1274 static void 1275 msg_encoder_padding_test(const relay_msg_t *msg, 1276 relay_cell_fmt_t fmt, 1277 uint8_t pre_padding_byte, 1278 size_t zeros_begin_at) 1279 { 1280 cell_t cell; 1281 int n = 16, i; 1282 /* We set this to 0 as soon as we find that the first byte of 1283 * random padding has been set. */ 1284 bool padded_first = false; 1285 /* We set this to true as soon as we find that the last byte of 1286 * random padding has been set */ 1287 bool padded_last = false; 1288 1289 tt_int_op(zeros_begin_at, OP_LE, CELL_PAYLOAD_SIZE); 1290 1291 size_t expect_n_zeros = MIN(4, CELL_PAYLOAD_SIZE - zeros_begin_at); 1292 ssize_t first_random_at = -1; 1293 if (CELL_PAYLOAD_SIZE - zeros_begin_at > 4) { 1294 first_random_at = CELL_PAYLOAD_SIZE - zeros_begin_at + 4; 1295 } 1296 1297 for (i = 0; i < n; ++i) { 1298 memset(&cell, 0, sizeof(cell)); 1299 tt_int_op(0, OP_EQ, 1300 relay_msg_encode_cell(fmt, msg, &cell)); 1301 1302 const uint8_t *body = cell.payload; 1303 tt_int_op(body[zeros_begin_at - 1], OP_EQ, pre_padding_byte); 1304 1305 if (expect_n_zeros) { 1306 tt_assert(fast_mem_is_zero((char*)body + zeros_begin_at, 1307 expect_n_zeros)); 1308 } 1309 if (first_random_at >= 0) { 1310 if (body[first_random_at]) 1311 padded_first = true; 1312 if (body[CELL_PAYLOAD_SIZE-1]) 1313 padded_last = true; 1314 } 1315 } 1316 1317 if (first_random_at >= 0) { 1318 tt_assert(padded_first); 1319 tt_assert(padded_last); 1320 } 1321 1322 done: 1323 ; 1324 } 1325 1326 static void 1327 test_cfmt_relay_cell_padding(void *arg) 1328 { 1329 (void)arg; 1330 relay_msg_t *msg1 = NULL; 1331 uint8_t buf[500]; // Longer than it needs to be. 1332 memset(buf, 0xff, sizeof(buf)); 1333 1334 /* Simple message; we'll adjust the length and encode it. */ 1335 msg1 = tor_malloc_zero(sizeof(relay_msg_t)); 1336 msg1->command = RELAY_COMMAND_DATA; 1337 msg1->stream_id = 0x250; 1338 msg1->body = buf; 1339 1340 // Empty message 1341 msg1->length = 0; 1342 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V0, 0x00, 1343 RELAY_HEADER_SIZE_V0); 1344 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0x50, 1345 RELAY_HEADER_SIZE_V1_WITH_STREAM_ID); 1346 1347 // Short message 1348 msg1->length = 10; 1349 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V0, 0xff, 1350 RELAY_HEADER_SIZE_V0 + 10); 1351 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1352 RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + 10); 1353 1354 // Message where zeros extend exactly up to the end of the cell. 1355 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V0 - 4; 1356 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V0, 0xff, 1357 RELAY_HEADER_SIZE_V0 + msg1->length); 1358 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_WITH_STREAM_ID - 4; 1359 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1360 RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + msg1->length); 1361 1362 // Message where zeros would intersect with the end of the cell. 1363 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V0 - 3; 1364 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V0, 0xff, 1365 RELAY_HEADER_SIZE_V0 + msg1->length); 1366 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_WITH_STREAM_ID - 3; 1367 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1368 RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + msg1->length); 1369 1370 // Message with no room for zeros 1371 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V0; 1372 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V0, 0xff, 1373 RELAY_HEADER_SIZE_V0 + msg1->length); 1374 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_WITH_STREAM_ID; 1375 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1376 RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + msg1->length); 1377 1378 /////////////// 1379 // V1 cases with no stream ID. 1380 msg1->stream_id = 0; 1381 msg1->command = RELAY_COMMAND_EXTENDED; 1382 1383 msg1->length = 0; 1384 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0x00, 1385 RELAY_HEADER_SIZE_V1_NO_STREAM_ID); 1386 msg1->length = 10; 1387 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1388 RELAY_HEADER_SIZE_V1_NO_STREAM_ID + 10); 1389 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_NO_STREAM_ID - 4; 1390 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1391 RELAY_HEADER_SIZE_V1_NO_STREAM_ID + msg1->length); 1392 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_NO_STREAM_ID - 3; 1393 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1394 RELAY_HEADER_SIZE_V1_NO_STREAM_ID + msg1->length); 1395 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_NO_STREAM_ID; 1396 msg_encoder_padding_test(msg1, RELAY_CELL_FORMAT_V1, 0xff, 1397 RELAY_HEADER_SIZE_V1_NO_STREAM_ID + msg1->length); 1398 1399 relay_msg_free(msg1); 1400 } 1401 1402 static void 1403 test_cfmt_relay_msg_encoding_error(void *arg) 1404 { 1405 (void)arg; 1406 #ifdef ALL_BUGS_ARE_FATAL 1407 // This test triggers many nonfatal assertions. 1408 tt_skip(); 1409 done: 1410 ; 1411 #else 1412 relay_msg_t *msg1 = NULL; 1413 int r; 1414 cell_t cell; 1415 uint8_t buf[500]; // Longer than it needs to be. 1416 memset(buf, 0xff, sizeof(buf)); 1417 1418 msg1 = tor_malloc_zero(sizeof(relay_msg_t)); 1419 msg1->command = RELAY_COMMAND_DATA; 1420 msg1->stream_id = 0x250; 1421 msg1->body = buf; 1422 1423 tor_capture_bugs_(5); 1424 // Too long for v0. 1425 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V0 + 1; 1426 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V0, msg1, &cell); 1427 tt_int_op(r, OP_EQ, -1); 1428 1429 // Too long for v1, with stream ID. 1430 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_WITH_STREAM_ID + 1; 1431 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1432 tt_int_op(r, OP_EQ, -1); 1433 1434 // Too long for v1 with no stream ID. 1435 msg1->command = RELAY_COMMAND_EXTENDED; 1436 msg1->stream_id = 0; 1437 msg1->length = CELL_PAYLOAD_SIZE - RELAY_HEADER_SIZE_V1_NO_STREAM_ID + 1; 1438 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1439 tt_int_op(r, OP_EQ, -1); 1440 1441 // Invalid (present) stream ID for V1. 1442 msg1->stream_id = 10; 1443 msg1->length = 20; 1444 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1445 tt_int_op(r, OP_EQ, -1); 1446 1447 // Invalid (absent) stream ID for V1. 1448 msg1->stream_id = 0; 1449 msg1->command = RELAY_COMMAND_DATA; 1450 r = relay_msg_encode_cell(RELAY_CELL_FORMAT_V1, msg1, &cell); 1451 tt_int_op(r, OP_EQ, -1); 1452 1453 done: 1454 tor_end_capture_bugs_(); 1455 relay_msg_free(msg1); 1456 #endif 1457 } 1458 1459 static void 1460 test_cfmt_relay_msg_decoding_simple(void *arg) 1461 { 1462 (void) arg; 1463 cell_t cell; 1464 relay_msg_t *msg1 = NULL; 1465 const char *s; 1466 1467 memset(&cell, 0, sizeof(cell)); 1468 cell.command = CELL_RELAY; 1469 1470 // V0 decoding, short message. 1471 s = "02" "0000" "0250" "00000000" "000B" 1472 "68656c6c6f20776f726c64" "00000000"; 1473 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1474 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V0, &cell); 1475 tt_assert(msg1); 1476 1477 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_DATA); 1478 tt_int_op(msg1->stream_id, OP_EQ, 0x250); 1479 tt_int_op(msg1->length, OP_EQ, 11); 1480 tt_mem_op(msg1->body, OP_EQ, "hello world", 11); 1481 relay_msg_free(msg1); 1482 1483 // V0 decoding, message up to length of cell. 1484 memset(cell.payload, 0, sizeof(cell.payload)); 1485 s = "02" "0000" "0250" "00000000" "01F2"; 1486 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1487 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V0, &cell); 1488 tt_assert(msg1); 1489 1490 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_DATA); 1491 tt_int_op(msg1->stream_id, OP_EQ, 0x250); 1492 tt_int_op(msg1->length, OP_EQ, 498); 1493 tt_assert(fast_mem_is_zero((char*)msg1->body, 498)); 1494 relay_msg_free(msg1); 1495 1496 // V1 decoding, short message, no stream ID. 1497 s = "00000000000000000000000000000000" 1498 "05" "0014" 1499 "68656c6c6f206920616d2061207461672e2e2e2e" "00000000"; 1500 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1501 1502 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1503 tt_assert(msg1); 1504 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_SENDME); 1505 tt_int_op(msg1->stream_id, OP_EQ, 0); 1506 tt_int_op(msg1->length, OP_EQ, 20); 1507 tt_mem_op(msg1->body, OP_EQ, "hello i am a tag....", 20); 1508 relay_msg_free(msg1); 1509 1510 // V1 decoding, up to length of cell, no stream ID. 1511 memset(cell.payload, 0, sizeof(cell.payload)); 1512 s = "00000000000000000000000000000000" 1513 "05" "01EA"; 1514 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1515 1516 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1517 tt_assert(msg1); 1518 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_SENDME); 1519 tt_int_op(msg1->stream_id, OP_EQ, 0); 1520 tt_int_op(msg1->length, OP_EQ, 490); 1521 tt_assert(fast_mem_is_zero((char*)msg1->body, 490)); 1522 relay_msg_free(msg1); 1523 1524 // V1 decoding, short message, with stream ID. 1525 s = "00000000000000000000000000000000" 1526 "02" "000B" "0250" 1527 "68656c6c6f20776f726c64" "00000000"; 1528 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1529 1530 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1531 tt_assert(msg1); 1532 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_DATA); 1533 tt_int_op(msg1->stream_id, OP_EQ, 0x250); 1534 tt_int_op(msg1->length, OP_EQ, 11); 1535 tt_mem_op(msg1->body, OP_EQ, "hello world", 11); 1536 relay_msg_free(msg1); 1537 1538 // V1 decoding, up to length of cell, with stream ID. 1539 memset(cell.payload, 0, sizeof(cell.payload)); 1540 s = "00000000000000000000000000000000" 1541 "02" "01E8" "0250"; 1542 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1543 1544 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1545 tt_assert(msg1); 1546 tt_int_op(msg1->command, OP_EQ, RELAY_COMMAND_DATA); 1547 tt_int_op(msg1->stream_id, OP_EQ, 0x250); 1548 tt_int_op(msg1->length, OP_EQ, 488); 1549 tt_assert(fast_mem_is_zero((char*)msg1->body, 488)); 1550 relay_msg_free(msg1); 1551 1552 done: 1553 relay_msg_free(msg1); 1554 } 1555 1556 static void 1557 test_cfmt_relay_msg_decoding_error(void *arg) 1558 { 1559 (void) arg; 1560 relay_msg_t *msg1 = NULL; 1561 cell_t cell; 1562 const char *s; 1563 memset(&cell, 0, sizeof(cell)); 1564 1565 // V0, too long. 1566 cell.command = CELL_RELAY; 1567 s = "02" "0000" "0250" "00000000" "01F3"; 1568 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1569 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V0, &cell); 1570 tt_ptr_op(msg1, OP_EQ, NULL); 1571 1572 // V1, command unrecognized. 1573 s = "00000000000000000000000000000000" 1574 "F0" "000C" "0250"; 1575 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1576 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1577 tt_ptr_op(msg1, OP_EQ, NULL); 1578 1579 // V1, too long (with stream ID) 1580 s = "00000000000000000000000000000000" 1581 "02" "01E9" "0250"; 1582 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1583 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1584 tt_ptr_op(msg1, OP_EQ, NULL); 1585 1586 // V1, too long (without stream ID) 1587 s = "00000000000000000000000000000000" 1588 "05" "01EB"; 1589 base16_decode((char*)cell.payload, sizeof(cell.payload), s, strlen(s)); 1590 msg1 = relay_msg_decode_cell(RELAY_CELL_FORMAT_V1, &cell); 1591 tt_ptr_op(msg1, OP_EQ, NULL); 1592 1593 done: 1594 relay_msg_free(msg1); 1595 } 1596 1597 #define TEST(name, flags) \ 1598 { #name, test_cfmt_ ## name, flags, 0, NULL } 1599 1600 struct testcase_t cell_format_tests[] = { 1601 TEST(relay_header, 0), 1602 TEST(begin_cells, 0), 1603 TEST(connected_cells, 0), 1604 TEST(create_cells, 0), 1605 TEST(created_cells, 0), 1606 TEST(extend_cells, TT_FORK), 1607 TEST(extended_cells, 0), 1608 TEST(resolved_cells, 0), 1609 TEST(is_destroy, 0), 1610 TEST(relay_msg_encoding_simple, 0), 1611 TEST(relay_cell_padding, 0), 1612 TEST(relay_msg_encoding_error, 0), 1613 TEST(relay_msg_decoding_simple, 0), 1614 TEST(relay_msg_decoding_error, 0), 1615 END_OF_TESTCASES 1616 };