test_channelpadding.c (38022B)
1 /* Copyright (c) 2016-2021, The Tor Project, Inc. */ 2 /* See LICENSE for licensing information */ 3 4 #define CHANNEL_OBJECT_PRIVATE 5 #define MAINLOOP_PRIVATE 6 #define NETWORKSTATUS_PRIVATE 7 #define TOR_TIMERS_PRIVATE 8 #include "core/or/or.h" 9 #include "test/test.h" 10 #include "lib/testsupport/testsupport.h" 11 #include "core/mainloop/connection.h" 12 #include "core/or/connection_or.h" 13 #include "core/or/channel.h" 14 #include "core/or/channeltls.h" 15 #include "core/or/channelpadding.h" 16 #include "lib/evloop/compat_libevent.h" 17 #include "app/config/config.h" 18 #include "lib/time/compat_time.h" 19 #include "core/mainloop/mainloop.h" 20 #include "feature/nodelist/networkstatus.h" 21 #include "test/log_test_helpers.h" 22 #include "lib/tls/tortls.h" 23 #include "lib/evloop/timers.h" 24 #include "lib/buf/buffers.h" 25 26 #include "core/or/cell_st.h" 27 #include "feature/nodelist/networkstatus_st.h" 28 #include "core/or/or_connection_st.h" 29 #include "feature/nodelist/routerstatus_st.h" 30 31 int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan); 32 int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan); 33 int channelpadding_send_disable_command(channel_t*); 34 int channelpadding_find_timerslot(channel_t *chan); 35 36 void test_channelpadding_timers(void *arg); 37 void test_channelpadding_consensus(void *arg); 38 void test_channelpadding_negotiation(void *arg); 39 void test_channelpadding_decide_to_pad_channel(void *arg); 40 void test_channelpadding_killonehop(void *arg); 41 42 void dummy_nop_timer(void); 43 44 #define NSEC_PER_MSEC (1000*1000) 45 46 /* Thing to cast to fake tor_tls_t * to appease assert_connection_ok() */ 47 static int fake_tortls = 0; /* Bleh... */ 48 49 static int dont_stop_libevent = 0; 50 51 // From test_channel.c 52 channel_t * new_fake_channel(void); 53 void free_fake_channel(channel_t*); 54 55 static int 56 mock_channel_has_queued_writes(channel_t *chan) 57 { 58 (void)chan; 59 return 0; 60 } 61 62 static int tried_to_write_cell = 0; 63 64 static channel_t *relay1_relay2; 65 static channel_t *relay2_relay1; 66 static channel_t *relay3_client; 67 static channel_t *client_relay3; 68 69 static int 70 mock_channel_write_cell_relay2(channel_t *chan, cell_t *cell) 71 { 72 (void)chan; 73 tried_to_write_cell++; 74 channel_tls_handle_cell(cell, ((channel_tls_t*)relay1_relay2)->conn); 75 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 76 return 0; 77 } 78 79 static int 80 mock_channel_write_cell_relay1(channel_t *chan, cell_t *cell) 81 { 82 (void)chan; 83 tried_to_write_cell++; 84 channel_tls_handle_cell(cell, ((channel_tls_t*)relay2_relay1)->conn); 85 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 86 return 0; 87 } 88 89 static int 90 mock_channel_write_cell_relay3(channel_t *chan, cell_t *cell) 91 { 92 (void)chan; 93 tried_to_write_cell++; 94 channel_tls_handle_cell(cell, ((channel_tls_t*)client_relay3)->conn); 95 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 96 return 0; 97 } 98 99 static int 100 mock_channel_write_cell_client(channel_t *chan, cell_t *cell) 101 { 102 (void)chan; 103 tried_to_write_cell++; 104 channel_tls_handle_cell(cell, ((channel_tls_t*)relay3_client)->conn); 105 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 106 return 0; 107 } 108 109 static int 110 mock_channel_write_cell(channel_t *chan, cell_t *cell) 111 { 112 tried_to_write_cell++; 113 channel_tls_handle_cell(cell, ((channel_tls_t*)chan)->conn); 114 if (!dont_stop_libevent) 115 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 116 return 0; 117 } 118 119 static void 120 setup_fake_connection_for_channel(channel_tls_t *chan) 121 { 122 or_connection_t *conn = (or_connection_t*)connection_new(CONN_TYPE_OR, 123 AF_INET); 124 125 conn->base_.conn_array_index = smartlist_len(connection_array); 126 smartlist_add(connection_array, conn); 127 128 conn->chan = chan; 129 chan->conn = conn; 130 131 conn->base_.magic = OR_CONNECTION_MAGIC; 132 conn->base_.state = OR_CONN_STATE_OPEN; 133 conn->base_.type = CONN_TYPE_OR; 134 conn->base_.socket_family = AF_INET; 135 conn->base_.address = tor_strdup("<fake>"); 136 137 conn->base_.port = 4242; 138 139 conn->tls = (tor_tls_t *)((void *)(&fake_tortls)); 140 141 conn->link_proto = MIN_LINK_PROTO_FOR_CHANNEL_PADDING; 142 143 connection_or_set_canonical(conn, 1); 144 } 145 146 static channel_tls_t * 147 new_fake_channeltls(uint8_t id) 148 { 149 channel_tls_t *chan = tor_realloc(new_fake_channel(), sizeof(channel_tls_t)); 150 chan->base_.magic = TLS_CHAN_MAGIC; 151 setup_fake_connection_for_channel(chan); 152 chan->base_.channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; 153 chan->base_.has_queued_writes = mock_channel_has_queued_writes; 154 chan->base_.write_cell = mock_channel_write_cell; 155 chan->base_.padding_enabled = 1; 156 157 chan->base_.identity_digest[0] = id; 158 channel_register(&chan->base_); 159 160 return chan; 161 } 162 163 static void 164 free_fake_channeltls(channel_tls_t *chan) 165 { 166 channel_unregister(&chan->base_); 167 168 tor_free(((channel_tls_t*)chan)->conn->base_.address); 169 buf_free(((channel_tls_t*)chan)->conn->base_.inbuf); 170 buf_free(((channel_tls_t*)chan)->conn->base_.outbuf); 171 tor_free(((channel_tls_t*)chan)->conn); 172 173 timer_free(chan->base_.padding_timer); 174 channel_handle_free(chan->base_.timer_handle); 175 channel_handles_clear(&chan->base_); 176 177 free_fake_channel(&chan->base_); 178 179 return; 180 } 181 182 static void 183 setup_mock_consensus(void) 184 { 185 current_md_consensus = current_ns_consensus 186 = tor_malloc_zero(sizeof(networkstatus_t)); 187 current_md_consensus->net_params = smartlist_new(); 188 current_md_consensus->routerstatus_list = smartlist_new(); 189 channelpadding_new_consensus_params(current_md_consensus); 190 } 191 192 static void 193 free_mock_consensus(void) 194 { 195 SMARTLIST_FOREACH(current_md_consensus->routerstatus_list, void *, r, 196 tor_free(r)); 197 smartlist_free(current_md_consensus->routerstatus_list); 198 smartlist_free(current_ns_consensus->net_params); 199 tor_free(current_ns_consensus); 200 } 201 202 static void 203 setup_mock_network(void) 204 { 205 routerstatus_t *relay; 206 if (!connection_array) 207 connection_array = smartlist_new(); 208 209 relay1_relay2 = (channel_t*)new_fake_channeltls(2); 210 relay1_relay2->write_cell = mock_channel_write_cell_relay1; 211 channel_timestamp_active(relay1_relay2); 212 relay = tor_malloc_zero(sizeof(routerstatus_t)); 213 relay->identity_digest[0] = 1; 214 smartlist_add(current_md_consensus->routerstatus_list, relay); 215 216 relay2_relay1 = (channel_t*)new_fake_channeltls(1); 217 relay2_relay1->write_cell = mock_channel_write_cell_relay2; 218 channel_timestamp_active(relay2_relay1); 219 relay = tor_malloc_zero(sizeof(routerstatus_t)); 220 relay->identity_digest[0] = 2; 221 smartlist_add(current_md_consensus->routerstatus_list, relay); 222 223 relay3_client = (channel_t*)new_fake_channeltls(0); 224 relay3_client->write_cell = mock_channel_write_cell_relay3; 225 relay3_client->is_client = 1; 226 channel_timestamp_active(relay3_client); 227 relay = tor_malloc_zero(sizeof(routerstatus_t)); 228 relay->identity_digest[0] = 3; 229 smartlist_add(current_md_consensus->routerstatus_list, relay); 230 231 client_relay3 = (channel_t*)new_fake_channeltls(3); 232 client_relay3->write_cell = mock_channel_write_cell_client; 233 channel_timestamp_active(client_relay3); 234 235 channel_do_open_actions(relay1_relay2); 236 channel_do_open_actions(relay2_relay1); 237 channel_do_open_actions(relay3_client); 238 channel_do_open_actions(client_relay3); 239 } 240 241 static void 242 free_mock_network(void) 243 { 244 free_fake_channeltls((channel_tls_t*)relay1_relay2); 245 free_fake_channeltls((channel_tls_t*)relay2_relay1); 246 free_fake_channeltls((channel_tls_t*)relay3_client); 247 free_fake_channeltls((channel_tls_t*)client_relay3); 248 249 smartlist_free(connection_array); 250 } 251 252 static void 253 dummy_timer_cb(tor_timer_t *t, void *arg, const monotime_t *now_mono) 254 { 255 (void)t; (void)arg; (void)now_mono; 256 tor_libevent_exit_loop_after_callback(tor_libevent_get_base()); 257 return; 258 } 259 260 // This hack adds a dummy timer so that the libevent base loop 261 // actually returns when we don't expect any timers to fire. Otherwise, 262 // the global_timer_event gets scheduled an hour from now, and the 263 // base loop never returns. 264 void 265 dummy_nop_timer(void) 266 { 267 tor_timer_t *dummy_timer = timer_new(dummy_timer_cb, NULL); 268 struct timeval timeout; 269 timeout.tv_sec = 1; 270 timeout.tv_usec = 0; 271 272 timer_schedule(dummy_timer, &timeout); 273 274 tor_libevent_run_event_loop(tor_libevent_get_base(), 0); 275 276 timer_free(dummy_timer); 277 } 278 279 #define CHANNELPADDING_MAX_TIMERS 25 280 #define CHANNELS_TO_TEST (CHANNELPADDING_MAX_TIMERS*4) 281 /** 282 * Tests to ensure that we handle more than the max number of pending 283 * timers properly. 284 */ 285 void 286 test_channelpadding_timers(void *arg) 287 { 288 channelpadding_decision_t decision; 289 channel_t *chans[CHANNELS_TO_TEST]; 290 (void)arg; 291 292 if (!connection_array) 293 connection_array = smartlist_new(); 294 295 monotime_init(); 296 monotime_enable_test_mocking(); 297 uint64_t nsec_mock = 1; 298 monotime_set_mock_time_nsec(nsec_mock); 299 monotime_coarse_set_mock_time_nsec(nsec_mock); 300 301 timers_initialize(); 302 channelpadding_new_consensus_params(NULL); 303 304 for (int i = 0; i < CHANNELS_TO_TEST; i++) { 305 chans[i] = (channel_t*)new_fake_channeltls(0); 306 channel_timestamp_active(chans[i]); 307 } 308 309 for (int j = 0; j < 2; j++) { 310 tried_to_write_cell = 0; 311 int i = 0; 312 313 monotime_coarse_t now; 314 monotime_coarse_get(&now); 315 316 /* This loop fills our timerslot array with timers of increasing time 317 * until they fire */ 318 for (; i < CHANNELPADDING_MAX_TIMERS; i++) { 319 monotime_coarse_add_msec(&chans[i]->next_padding_time, 320 &now, 10 + i*4); 321 decision = channelpadding_decide_to_pad_channel(chans[i]); 322 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 323 tt_assert(chans[i]->pending_padding_callback); 324 tt_int_op(tried_to_write_cell, OP_EQ, 0); 325 } 326 327 /* This loop should add timers to the first position in the timerslot 328 * array, since its timeout is before all other timers. */ 329 for (; i < CHANNELS_TO_TEST/3; i++) { 330 monotime_coarse_add_msec(&chans[i]->next_padding_time, 331 &now, 1); 332 decision = channelpadding_decide_to_pad_channel(chans[i]); 333 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 334 tt_assert(chans[i]->pending_padding_callback); 335 tt_int_op(tried_to_write_cell, OP_EQ, 0); 336 } 337 338 /* This loop should add timers to our existing lists in a weak 339 * pseudorandom pattern. It ensures that the lists can grow with multiple 340 * timers in them. */ 341 for (; i < CHANNELS_TO_TEST/2; i++) { 342 monotime_coarse_add_msec(&chans[i]->next_padding_time, 343 &now, 10 + i*3 % CHANNELPADDING_MAX_TIMERS); 344 decision = channelpadding_decide_to_pad_channel(chans[i]); 345 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 346 tt_assert(chans[i]->pending_padding_callback); 347 tt_int_op(tried_to_write_cell, OP_EQ, 0); 348 } 349 350 /* This loop should add timers to the last position in the timerslot 351 * array, since its timeout is after all other timers. */ 352 for (; i < CHANNELS_TO_TEST; i++) { 353 monotime_coarse_add_msec(&chans[i]->next_padding_time, 354 &now, 500 + i % CHANNELPADDING_MAX_TIMERS); 355 decision = channelpadding_decide_to_pad_channel(chans[i]); 356 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 357 tt_assert(chans[i]->pending_padding_callback); 358 tt_int_op(tried_to_write_cell, OP_EQ, 0); 359 } 360 361 // Wait for the timers and then kill the event loop. 362 nsec_mock += 1001 * NSEC_PER_MSEC; 363 monotime_coarse_set_mock_time_nsec(nsec_mock); 364 monotime_set_mock_time_nsec(nsec_mock); 365 timers_run_pending(); 366 367 tt_int_op(tried_to_write_cell, OP_EQ, CHANNELS_TO_TEST); 368 369 // Test that we have no pending callbacks and all empty slots now 370 for (i = 0; i < CHANNELS_TO_TEST; i++) { 371 tt_assert(!chans[i]->pending_padding_callback); 372 } 373 } 374 375 done: 376 for (int i = 0; i < CHANNELS_TO_TEST; i++) { 377 free_fake_channeltls((channel_tls_t*)chans[i]); 378 } 379 smartlist_free(connection_array); 380 381 timers_shutdown(); 382 monotime_disable_test_mocking(); 383 channel_free_all(); 384 385 return; 386 } 387 388 void 389 test_channelpadding_killonehop(void *arg) 390 { 391 channelpadding_decision_t decision; 392 int64_t new_time; 393 (void)arg; 394 395 routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t)); 396 monotime_init(); 397 monotime_enable_test_mocking(); 398 monotime_set_mock_time_nsec(1); 399 monotime_coarse_set_mock_time_nsec(1); 400 new_time = 1; 401 402 timers_initialize(); 403 setup_mock_consensus(); 404 setup_mock_network(); 405 406 /* Do we disable padding if rsos is enabled, and the consensus says don't 407 * pad? */ 408 409 monotime_coarse_t now; 410 monotime_coarse_get(&now); 411 412 // First, test that padding works if either is enabled 413 smartlist_clear(current_md_consensus->net_params); 414 channelpadding_new_consensus_params(current_md_consensus); 415 416 relay3_client->padding_enabled = 1; 417 client_relay3->padding_enabled = 1; 418 419 tried_to_write_cell = 0; 420 get_options_mutable()->ORPort_set = 0; 421 get_options_mutable()->HiddenServiceSingleHopMode = 1; 422 get_options_mutable()->HiddenServiceNonAnonymousMode = 1; 423 424 monotime_coarse_add_msec(&client_relay3->next_padding_time, &now, 100); 425 decision = channelpadding_decide_to_pad_channel(client_relay3); 426 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 427 tt_assert(client_relay3->pending_padding_callback); 428 tt_int_op(tried_to_write_cell, OP_EQ, 0); 429 430 decision = channelpadding_decide_to_pad_channel(client_relay3); 431 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED); 432 433 // Wait for the timer 434 new_time += 101 * NSEC_PER_MSEC; 435 monotime_coarse_set_mock_time_nsec(new_time); 436 monotime_set_mock_time_nsec(new_time); 437 monotime_coarse_get(&now); 438 timers_run_pending(); 439 tt_int_op(tried_to_write_cell, OP_EQ, 1); 440 tt_assert(!client_relay3->pending_padding_callback); 441 442 // Then test disabling each via consensus param 443 smartlist_add(current_md_consensus->net_params, 444 (void*)"nf_pad_single_onion=0"); 445 channelpadding_new_consensus_params(current_md_consensus); 446 447 // Before the client tries to pad, the relay will still pad: 448 tried_to_write_cell = 0; 449 monotime_coarse_add_msec(&relay3_client->next_padding_time, &now, 100); 450 get_options_mutable()->ORPort_set = 1; 451 get_options_mutable()->HiddenServiceSingleHopMode = 0; 452 get_options_mutable()->HiddenServiceNonAnonymousMode = 0; 453 decision = channelpadding_decide_to_pad_channel(relay3_client); 454 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 455 tt_assert(relay3_client->pending_padding_callback); 456 457 // Wait for the timer 458 new_time += 101 * NSEC_PER_MSEC; 459 monotime_coarse_set_mock_time_nsec(new_time); 460 monotime_set_mock_time_nsec(new_time); 461 monotime_coarse_get(&now); 462 timers_run_pending(); 463 tt_int_op(tried_to_write_cell, OP_EQ, 1); 464 tt_assert(!client_relay3->pending_padding_callback); 465 466 // Test client side (it should stop immediately) 467 get_options_mutable()->HiddenServiceSingleHopMode = 1; 468 get_options_mutable()->HiddenServiceNonAnonymousMode = 1; 469 /* For the relay to receive the negotiate: */ 470 get_options_mutable()->ORPort_set = 1; 471 decision = channelpadding_decide_to_pad_channel(client_relay3); 472 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 473 tt_assert(!client_relay3->pending_padding_callback); 474 475 // Test relay side (it should have gotten the negotiation to disable) 476 get_options_mutable()->ORPort_set = 1; 477 get_options_mutable()->HiddenServiceSingleHopMode = 0; 478 get_options_mutable()->HiddenServiceNonAnonymousMode = 0; 479 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ, 480 CHANNELPADDING_WONTPAD); 481 tt_assert(!relay3_client->padding_enabled); 482 483 done: 484 free_mock_consensus(); 485 free_mock_network(); 486 tor_free(relay); 487 488 timers_shutdown(); 489 monotime_disable_test_mocking(); 490 channel_free_all(); 491 } 492 493 void 494 test_channelpadding_consensus(void *arg) 495 { 496 channelpadding_decision_t decision; 497 or_options_t *options = get_options_mutable(); 498 int64_t val; 499 int64_t new_time; 500 (void)arg; 501 502 /* 503 * Params tested: 504 * nf_pad_before_usage 505 * nf_pad_relays 506 * nf_ito_low 507 * nf_ito_high 508 * 509 * Plan: 510 * 1. Padding can be completely disabled via consensus 511 * 2. Negotiation can't re-enable consensus-disabled padding 512 * 3. Negotiation can't increase padding from relays beyond 513 * consensus defaults 514 * 4. Relay-to-relay padding can be enabled/disabled in consensus 515 * 5. Can enable/disable padding before actually using a connection 516 * 6. Can we control circ and TLS conn lifetime from the consensus? 517 */ 518 channel_t *chan; 519 routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t)); 520 monotime_enable_test_mocking(); 521 monotime_set_mock_time_nsec(1); 522 monotime_coarse_set_mock_time_nsec(1); 523 new_time = 1; 524 monotime_coarse_t now; 525 monotime_coarse_get(&now); 526 timers_initialize(); 527 528 if (!connection_array) 529 connection_array = smartlist_new(); 530 chan = (channel_t*)new_fake_channeltls(0); 531 channel_timestamp_active(chan); 532 533 setup_mock_consensus(); 534 535 get_options_mutable()->ORPort_set = 1; 536 537 /* Test 1: Padding can be completely disabled via consensus */ 538 tried_to_write_cell = 0; 539 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 540 decision = channelpadding_decide_to_pad_channel(chan); 541 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 542 tt_assert(chan->pending_padding_callback); 543 tt_int_op(tried_to_write_cell, OP_EQ, 0); 544 545 decision = channelpadding_decide_to_pad_channel(chan); 546 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED); 547 548 // Wait for the timer 549 new_time += 101*NSEC_PER_MSEC; 550 monotime_coarse_set_mock_time_nsec(new_time); 551 monotime_set_mock_time_nsec(new_time); 552 monotime_coarse_get(&now); 553 timers_run_pending(); 554 tt_int_op(tried_to_write_cell, OP_EQ, 1); 555 tt_assert(!chan->pending_padding_callback); 556 557 smartlist_add(current_md_consensus->net_params, 558 (void*)"nf_ito_low=0"); 559 smartlist_add(current_md_consensus->net_params, 560 (void*)"nf_ito_high=0"); 561 get_options_mutable()->ConnectionPadding = 1; 562 channelpadding_new_consensus_params(current_md_consensus); 563 564 decision = channelpadding_decide_to_pad_channel(chan); 565 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 566 tt_assert(!chan->pending_padding_callback); 567 val = channelpadding_get_netflow_inactive_timeout_ms(chan); 568 tt_i64_op(val, OP_EQ, 0); 569 val = channelpadding_compute_time_until_pad_for_netflow(chan); 570 tt_i64_op(val, OP_EQ, -2); 571 572 /* Test 2: Negotiation can't re-enable consensus-disabled padding */ 573 channelpadding_send_enable_command(chan, 100, 200); 574 tried_to_write_cell = 0; 575 decision = channelpadding_decide_to_pad_channel(chan); 576 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 577 tt_assert(!chan->pending_padding_callback); 578 val = channelpadding_get_netflow_inactive_timeout_ms(chan); 579 tt_i64_op(val, OP_EQ, 0); 580 val = channelpadding_compute_time_until_pad_for_netflow(chan); 581 tt_i64_op(val, OP_EQ, -2); 582 tt_assert(monotime_coarse_is_zero(&chan->next_padding_time)); 583 584 smartlist_clear(current_md_consensus->net_params); 585 586 /* Test 3: Negotiation can't increase padding from relays beyond consensus 587 * values */ 588 smartlist_add(current_md_consensus->net_params, 589 (void*)"nf_ito_low=100"); 590 smartlist_add(current_md_consensus->net_params, 591 (void*)"nf_ito_high=200"); 592 channelpadding_new_consensus_params(current_md_consensus); 593 594 tried_to_write_cell = 0; 595 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 596 decision = channelpadding_decide_to_pad_channel(chan); 597 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 598 tt_assert(chan->pending_padding_callback); 599 tt_int_op(tried_to_write_cell, OP_EQ, 0); 600 val = channelpadding_get_netflow_inactive_timeout_ms(chan); 601 tt_i64_op(val, OP_GE, 100); 602 tt_i64_op(val, OP_LE, 200); 603 val = channelpadding_compute_time_until_pad_for_netflow(chan); 604 tt_i64_op(val, OP_LE, 200); 605 606 // Wait for the timer 607 new_time += 201*NSEC_PER_MSEC; 608 monotime_set_mock_time_nsec(new_time); 609 monotime_coarse_set_mock_time_nsec(new_time); 610 monotime_coarse_get(&now); 611 timers_run_pending(); 612 tt_int_op(tried_to_write_cell, OP_EQ, 1); 613 tt_assert(!chan->pending_padding_callback); 614 615 smartlist_clear(current_md_consensus->net_params); 616 smartlist_add(current_md_consensus->net_params, 617 (void*)"nf_ito_low=1500"); 618 smartlist_add(current_md_consensus->net_params, 619 (void*)"nf_ito_high=4500"); 620 channelpadding_new_consensus_params(current_md_consensus); 621 622 channelpadding_send_enable_command(chan, 100, 200); 623 tried_to_write_cell = 0; 624 decision = channelpadding_decide_to_pad_channel(chan); 625 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 626 tt_assert(!chan->pending_padding_callback); 627 val = channelpadding_get_netflow_inactive_timeout_ms(chan); 628 tt_i64_op(val, OP_GE, 1500); 629 tt_i64_op(val, OP_LE, 4500); 630 val = channelpadding_compute_time_until_pad_for_netflow(chan); 631 tt_i64_op(val, OP_LE, 4500); 632 633 /* Test 4: Relay-to-relay padding can be enabled/disabled in consensus */ 634 /* Make this channel a relay's channel */ 635 memcpy(relay->identity_digest, 636 ((channel_tls_t *)chan)->conn->identity_digest, DIGEST_LEN); 637 smartlist_add(current_md_consensus->routerstatus_list, relay); 638 relay = NULL; /* Prevent double-free */ 639 640 tried_to_write_cell = 0; 641 decision = channelpadding_decide_to_pad_channel(chan); 642 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 643 tt_assert(!chan->pending_padding_callback); 644 645 smartlist_add(current_md_consensus->net_params, 646 (void*)"nf_pad_relays=1"); 647 channelpadding_new_consensus_params(current_md_consensus); 648 649 decision = channelpadding_decide_to_pad_channel(chan); 650 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 651 tt_assert(!chan->pending_padding_callback); 652 val = channelpadding_get_netflow_inactive_timeout_ms(chan); 653 tt_i64_op(val, OP_GE, 1500); 654 tt_i64_op(val, OP_LE, 4500); 655 val = channelpadding_compute_time_until_pad_for_netflow(chan); 656 tt_i64_op(val, OP_LE, 4500); 657 658 /* Test 5: If we disable padding before channel usage, does that work? */ 659 smartlist_add(current_md_consensus->net_params, 660 (void*)"nf_pad_before_usage=0"); 661 channelpadding_new_consensus_params(current_md_consensus); 662 tried_to_write_cell = 0; 663 decision = channelpadding_decide_to_pad_channel(chan); 664 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 665 tt_assert(!chan->pending_padding_callback); 666 667 /* Test 6: Can we control circ and TLS conn lifetime from the consensus? */ 668 val = channelpadding_get_channel_idle_timeout(NULL, 0); 669 tt_i64_op(val, OP_GE, 180); 670 tt_i64_op(val, OP_LE, 180+90); 671 val = channelpadding_get_channel_idle_timeout(chan, 0); 672 tt_i64_op(val, OP_GE, 180); 673 tt_i64_op(val, OP_LE, 180+90); 674 options->ReducedConnectionPadding = 1; 675 val = channelpadding_get_channel_idle_timeout(chan, 0); 676 tt_i64_op(val, OP_GE, 180/2); 677 tt_i64_op(val, OP_LE, (180+90)/2); 678 679 options->ReducedConnectionPadding = 0; 680 options->ORPort_set = 1; 681 smartlist_add(current_md_consensus->net_params, 682 (void*)"nf_conntimeout_relays=600"); 683 channelpadding_new_consensus_params(current_md_consensus); 684 val = channelpadding_get_channel_idle_timeout(chan, 1); 685 tt_i64_op(val, OP_GE, 450); 686 tt_i64_op(val, OP_LE, 750); 687 688 val = channelpadding_get_circuits_available_timeout(); 689 tt_i64_op(val, OP_GE, 30*60); 690 tt_i64_op(val, OP_LE, 30*60*2); 691 692 options->ReducedConnectionPadding = 1; 693 smartlist_add(current_md_consensus->net_params, 694 (void*)"nf_conntimeout_clients=600"); 695 channelpadding_new_consensus_params(current_md_consensus); 696 val = channelpadding_get_circuits_available_timeout(); 697 tt_i64_op(val, OP_GE, 600/2); 698 tt_i64_op(val, OP_LE, 600*2/2); 699 700 options->ReducedConnectionPadding = 0; 701 options->CircuitsAvailableTimeout = 24*60*60; 702 val = channelpadding_get_circuits_available_timeout(); 703 tt_i64_op(val, OP_GE, 24*60*60); 704 tt_i64_op(val, OP_LE, 24*60*60*2); 705 706 done: 707 tor_free(relay); 708 709 free_mock_consensus(); 710 free_fake_channeltls((channel_tls_t*)chan); 711 smartlist_free(connection_array); 712 713 timers_shutdown(); 714 monotime_disable_test_mocking(); 715 channel_free_all(); 716 717 return; 718 } 719 720 void 721 test_channelpadding_negotiation(void *arg) 722 { 723 channelpadding_negotiate_t disable; 724 cell_t cell; 725 channelpadding_decision_t decision; 726 int val; 727 (void)arg; 728 729 /* Plan: 730 * 1. Clients reject negotiation, relays accept it. 731 * * Bridges accept negotiation from their clients, 732 * but not from relays. 733 * 2. Torrc options can override client-side negotiation 734 * 3. Test a version issue in channelpadidng cell 735 * 4. Test channelpadding_reduced_padding 736 */ 737 monotime_init(); 738 monotime_enable_test_mocking(); 739 monotime_set_mock_time_nsec(1); 740 monotime_coarse_set_mock_time_nsec(1); 741 timers_initialize(); 742 setup_mock_consensus(); 743 setup_mock_network(); 744 745 /* Test case #1: Do the right things ignore negotiation? */ 746 /* relay-to-client case: */ 747 channelpadding_send_disable_command(relay3_client); 748 tt_assert(client_relay3->padding_enabled); 749 750 /* client-to-relay case: */ 751 get_options_mutable()->ORPort_set = 1; 752 channelpadding_disable_padding_on_channel(client_relay3); 753 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ, 754 CHANNELPADDING_WONTPAD); 755 tt_assert(!relay3_client->padding_enabled); 756 relay3_client->padding_enabled = 1; 757 client_relay3->padding_enabled = 1; 758 759 /* Bridge case from relay */ 760 get_options_mutable()->BridgeRelay = 1; 761 channelpadding_disable_padding_on_channel(relay2_relay1); 762 tt_assert(relay1_relay2->padding_enabled); 763 764 /* Bridge case from client */ 765 channelpadding_disable_padding_on_channel(client_relay3); 766 tt_assert(!relay3_client->padding_enabled); 767 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ, 768 CHANNELPADDING_WONTPAD); 769 relay3_client->padding_enabled = 1; 770 client_relay3->padding_enabled = 1; 771 get_options_mutable()->BridgeRelay = 0; 772 get_options_mutable()->ORPort_set = 0; 773 774 /* Test case #2: Torrc options */ 775 /* ConnectionPadding auto; Relay doesn't support us */ 776 ((channel_tls_t*)relay3_client)->conn->link_proto = 4; 777 relay3_client->padding_enabled = 0; 778 tried_to_write_cell = 0; 779 decision = channelpadding_decide_to_pad_channel(relay3_client); 780 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 781 tt_assert(!relay3_client->pending_padding_callback); 782 tt_int_op(tried_to_write_cell, OP_EQ, 0); 783 ((channel_tls_t*)relay3_client)->conn->link_proto = 5; 784 relay3_client->padding_enabled = 1; 785 786 /* ConnectionPadding 1; Relay doesn't support us */ 787 get_options_mutable()->ConnectionPadding = 1; 788 tried_to_write_cell = 0; 789 decision = channelpadding_decide_to_pad_channel(client_relay3); 790 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 791 tt_assert(!client_relay3->pending_padding_callback); 792 tt_int_op(tried_to_write_cell, OP_EQ, 0); 793 get_options_mutable()->ConnectionPadding = 0; 794 795 /* Test case #3: Test a version issue in channelpadding cell */ 796 get_options_mutable()->ORPort_set = 1; 797 client_relay3->padding_enabled = 1; 798 relay3_client->padding_enabled = 1; 799 memset(&cell, 0, sizeof(cell_t)); 800 memset(&disable, 0, sizeof(channelpadding_negotiate_t)); 801 cell.command = CELL_PADDING_NEGOTIATE; 802 803 channelpadding_negotiate_set_command(&disable, CHANNELPADDING_COMMAND_STOP); 804 disable.version = 1; 805 channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable); 806 client_relay3->write_cell(client_relay3, &cell); 807 tt_assert(relay3_client->padding_enabled); 808 tt_int_op(channelpadding_update_padding_for_channel(client_relay3, &disable), 809 OP_EQ, -1); 810 tt_assert(client_relay3->padding_enabled); 811 812 disable.version = 0; 813 channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable); 814 client_relay3->write_cell(client_relay3, &cell); 815 tt_assert(!relay3_client->padding_enabled); 816 817 /* Test case 4: Reducing padding actually reduces it */ 818 relay3_client->padding_enabled = 1; 819 client_relay3->padding_enabled = 1; 820 821 decision = channelpadding_decide_to_pad_channel(relay3_client); 822 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 823 824 channelpadding_reduce_padding_on_channel(client_relay3); 825 826 tried_to_write_cell = 0; 827 decision = channelpadding_decide_to_pad_channel(relay3_client); 828 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 829 830 get_options_mutable()->ORPort_set = 0; 831 decision = channelpadding_decide_to_pad_channel(client_relay3); 832 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 833 834 tt_assert(!client_relay3->pending_padding_callback); 835 val = channelpadding_get_netflow_inactive_timeout_ms(client_relay3); 836 tt_int_op(val, OP_GE, 9000); 837 tt_int_op(val, OP_LE, 14000); 838 int64_t val64 = 839 channelpadding_compute_time_until_pad_for_netflow(client_relay3); 840 tt_i64_op(val64, OP_LE, 14000); 841 842 done: 843 free_mock_network(); 844 free_mock_consensus(); 845 846 timers_shutdown(); 847 monotime_disable_test_mocking(); 848 channel_free_all(); 849 850 return; 851 } 852 853 void 854 test_channelpadding_decide_to_pad_channel(void *arg) 855 { 856 channelpadding_decision_t decision; 857 /** 858 * Test case plan: 859 * 860 * 1. Channel that has "sent a packet" before the timeout. 861 * + We should decide to pad later 862 * 2. Channel that has not "sent a packet" before the timeout: 863 * 2a. Not within 1.1s of the timeout. 864 * + We should decide to pad later 865 * 2b. Within 1.1s of the timeout. 866 * + We should schedule padding 867 * + We should get feedback that we wrote a cell 868 * 2c. Within 0.1s of the timeout. 869 * + We should schedule padding 870 * + We should get feedback that we wrote a cell 871 * 2d. Channel that asks to pad while timeout is scheduled 872 * + We should schedule padding 873 * + We should get feedback that we wrote a cell 874 * 2e. 0s of the timeout 875 * + We should send padding immediately 876 * + We should get feedback that we wrote a cell 877 * 2f. <0s of the timeout 878 * + We should send padding immediately 879 * + We should get feedback that we wrote a cell 880 * 3. Channel that sends a packet while timeout is scheduled 881 * + We should not get feedback that we wrote a cell 882 * 4. Channel that closes while timeout is scheduled 883 * + We should not get feedback that we wrote a cell 884 * 5. Make sure the channel still would work if repaired 885 * + We should be able to schedule padding and resend 886 * 6. Channel is not used for full circuits 887 * 7. Channel that disappears while timeout is scheduled 888 * + We should not send padding 889 */ 890 channel_t *chan; 891 int64_t new_time; 892 if (!connection_array) 893 connection_array = smartlist_new(); 894 (void)arg; 895 896 monotime_init(); 897 monotime_enable_test_mocking(); 898 monotime_set_mock_time_nsec(1); 899 monotime_coarse_set_mock_time_nsec(1); 900 new_time = 1; 901 monotime_coarse_t now; 902 monotime_coarse_get(&now); 903 timers_initialize(); 904 setup_full_capture_of_logs(LOG_WARN); 905 channelpadding_new_consensus_params(NULL); 906 907 chan = (channel_t*)new_fake_channeltls(0); 908 channel_timestamp_active(chan); 909 910 /* Test case #1: Channel that has "sent a packet" before the timeout. */ 911 tried_to_write_cell = 0; 912 decision = channelpadding_decide_to_pad_channel(chan); 913 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 914 tt_assert(!chan->pending_padding_callback); 915 tt_int_op(tried_to_write_cell, OP_EQ, 0); 916 917 /* Test case #2a: > 1.1s until timeout */ 918 tried_to_write_cell = 0; 919 monotime_coarse_add_msec(&chan->next_padding_time, &now, 1200); 920 decision = channelpadding_decide_to_pad_channel(chan); 921 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); 922 tt_assert(!chan->pending_padding_callback); 923 tt_int_op(tried_to_write_cell, OP_EQ, 0); 924 925 /* Test case #2b: >= 1.0s until timeout */ 926 tried_to_write_cell = 0; 927 monotime_coarse_add_msec(&chan->next_padding_time, &now, 1000); 928 decision = channelpadding_decide_to_pad_channel(chan); 929 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 930 tt_assert(chan->pending_padding_callback); 931 tt_int_op(tried_to_write_cell, OP_EQ, 0); 932 933 // Set up a timer for the <0 case below. 934 monotime_coarse_t now_minus_100s; 935 monotime_coarse_add_msec(&now_minus_100s, &now, 900); 936 // Wait for the timer from case #2b 937 new_time += 1000*NSEC_PER_MSEC; 938 monotime_set_mock_time_nsec(new_time); 939 monotime_coarse_set_mock_time_nsec(new_time); 940 monotime_coarse_get(&now); 941 timers_run_pending(); 942 tt_int_op(tried_to_write_cell, OP_EQ, 1); 943 tt_assert(!chan->pending_padding_callback); 944 945 /* Test case #2c: > 0.1s until timeout */ 946 tried_to_write_cell = 0; 947 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 948 decision = channelpadding_decide_to_pad_channel(chan); 949 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 950 tt_assert(chan->pending_padding_callback); 951 tt_int_op(tried_to_write_cell, OP_EQ, 0); 952 953 /* Test case #2d: Channel that asks to pad while timeout is scheduled */ 954 decision = channelpadding_decide_to_pad_channel(chan); 955 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED); 956 957 // Wait for the timer 958 new_time += 101*NSEC_PER_MSEC; 959 monotime_coarse_set_mock_time_nsec(new_time); 960 monotime_set_mock_time_nsec(new_time); 961 monotime_coarse_get(&now); 962 timers_run_pending(); 963 tt_int_op(tried_to_write_cell, OP_EQ, 1); 964 tt_assert(!chan->pending_padding_callback); 965 966 /* Test case #2e: 0s until timeout */ 967 tried_to_write_cell = 0; 968 monotime_coarse_add_msec(&chan->next_padding_time, &now, 0); 969 decision = channelpadding_decide_to_pad_channel(chan); 970 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT); 971 tt_int_op(tried_to_write_cell, OP_EQ, 1); 972 tt_assert(!chan->pending_padding_callback); 973 974 /* Test case #2f: <0s until timeout */ 975 tried_to_write_cell = 0; 976 monotime_coarse_add_msec(&chan->next_padding_time, &now_minus_100s, 0); 977 decision = channelpadding_decide_to_pad_channel(chan); 978 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT); 979 tt_int_op(tried_to_write_cell, OP_EQ, 1); 980 tt_assert(!chan->pending_padding_callback); 981 982 /* Test case #3: Channel that sends a packet while timeout is scheduled */ 983 tried_to_write_cell = 0; 984 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 985 decision = channelpadding_decide_to_pad_channel(chan); 986 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 987 tt_int_op(tried_to_write_cell, OP_EQ, 0); 988 tt_assert(chan->pending_padding_callback); 989 990 // Pretend the channel sent a packet 991 channel_timestamp_active(chan); 992 993 // We don't expect any timer callbacks here. Make a dummy one to be sure. 994 // Wait for the timer 995 new_time += 101*NSEC_PER_MSEC; 996 monotime_coarse_set_mock_time_nsec(new_time); 997 monotime_set_mock_time_nsec(new_time); 998 monotime_coarse_get(&now); 999 timers_run_pending(); 1000 1001 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1002 tt_assert(!chan->pending_padding_callback); 1003 1004 /* Test case #4: Channel that closes while a timeout is scheduled */ 1005 tried_to_write_cell = 0; 1006 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 1007 decision = channelpadding_decide_to_pad_channel(chan); 1008 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 1009 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1010 tt_assert(chan->pending_padding_callback); 1011 1012 // Pretend the channel is temporarily down 1013 chan->state = CHANNEL_STATE_MAINT; 1014 1015 // We don't expect any timer callbacks here. Make a dummy one to be sure. 1016 new_time += 101*NSEC_PER_MSEC; 1017 monotime_coarse_set_mock_time_nsec(new_time); 1018 monotime_set_mock_time_nsec(new_time); 1019 monotime_coarse_get(&now); 1020 timers_run_pending(); 1021 1022 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1023 tt_assert(!chan->pending_padding_callback); 1024 chan->state = CHANNEL_STATE_OPEN; 1025 1026 /* Test case #5: Make sure previous test case didn't break everything */ 1027 tried_to_write_cell = 0; 1028 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 1029 decision = channelpadding_decide_to_pad_channel(chan); 1030 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 1031 tt_assert(chan->pending_padding_callback); 1032 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1033 1034 // Wait for the timer 1035 new_time += 101*NSEC_PER_MSEC; 1036 monotime_coarse_set_mock_time_nsec(new_time); 1037 monotime_set_mock_time_nsec(new_time); 1038 monotime_coarse_get(&now); 1039 timers_run_pending(); 1040 1041 tt_int_op(tried_to_write_cell, OP_EQ, 1); 1042 tt_assert(!chan->pending_padding_callback); 1043 1044 /* Test case #6. Channel is not used for full circuits */ 1045 chan->channel_usage = CHANNEL_USED_NOT_USED_FOR_FULL_CIRCS; 1046 decision = channelpadding_decide_to_pad_channel(chan); 1047 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); 1048 tt_assert(!chan->pending_padding_callback); 1049 chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; 1050 1051 /* Test case #7. Channel is closed while timeout is scheduled. 1052 * 1053 * NOTE: This test deliberately breaks the channel callback mechanism. 1054 * It must be last. 1055 */ 1056 tried_to_write_cell = 0; 1057 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100); 1058 decision = channelpadding_decide_to_pad_channel(chan); 1059 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); 1060 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1061 tt_assert(chan->pending_padding_callback); 1062 1063 // Close the connection while the timer is scheduled 1064 free_fake_channeltls((channel_tls_t*)chan); 1065 1066 // We don't expect any timer callbacks here. Make a dummy one to be sure. 1067 new_time = 101*NSEC_PER_MSEC; 1068 monotime_coarse_set_mock_time_nsec(new_time); 1069 monotime_set_mock_time_nsec(new_time); 1070 monotime_coarse_get(&now); 1071 timers_run_pending(); 1072 1073 tt_int_op(tried_to_write_cell, OP_EQ, 0); 1074 1075 done: 1076 smartlist_free(connection_array); 1077 1078 teardown_capture_of_logs(); 1079 monotime_disable_test_mocking(); 1080 timers_shutdown(); 1081 channel_free_all(); 1082 1083 return; 1084 } 1085 1086 #define TEST_CHANNELPADDING(name, flags) \ 1087 { #name, test_##name, (flags), NULL, NULL } 1088 1089 struct testcase_t channelpadding_tests[] = { 1090 //TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, 0), 1091 TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, TT_FORK), 1092 TEST_CHANNELPADDING(channelpadding_negotiation, TT_FORK), 1093 TEST_CHANNELPADDING(channelpadding_consensus, TT_FORK), 1094 TEST_CHANNELPADDING(channelpadding_killonehop, TT_FORK), 1095 TEST_CHANNELPADDING(channelpadding_timers, TT_FORK), 1096 END_OF_TESTCASES 1097 };