test_circuitbuild.c (71598B)
1 /* Copyright (c) 2001-2004, Roger Dingledine. 2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. 3 * Copyright (c) 2007-2021, The Tor Project, Inc. */ 4 /* See LICENSE for licensing information */ 5 6 #define CIRCUITBUILD_PRIVATE 7 #define CIRCUITLIST_PRIVATE 8 #define ENTRYNODES_PRIVATE 9 10 #include "core/or/or.h" 11 12 #include "test/test.h" 13 #include "test/test_helpers.h" 14 #include "test/log_test_helpers.h" 15 16 #define CONFIG_PRIVATE 17 #include "app/config/config.h" 18 19 #include "core/or/channel.h" 20 #include "core/or/circuitbuild.h" 21 #include "core/or/circuitlist.h" 22 #include "core/or/circuituse.h" 23 #include "core/or/onion.h" 24 #include "core/or/relay_msg.h" 25 26 #include "core/or/cell_st.h" 27 #include "core/or/cpath_build_state_st.h" 28 #include "core/or/extend_info_st.h" 29 #include "core/or/origin_circuit_st.h" 30 #include "core/or/or_circuit_st.h" 31 32 #include "feature/client/entrynodes.h" 33 #include "feature/nodelist/nodelist.h" 34 #include "feature/nodelist/node_select.h" 35 #include "feature/relay/circuitbuild_relay.h" 36 #include "feature/relay/router.h" 37 #include "feature/relay/routermode.h" 38 39 #include "feature/nodelist/node_st.h" 40 #include "feature/nodelist/routerinfo_st.h" 41 42 /* Dummy nodes smartlist for testing */ 43 static smartlist_t dummy_nodes; 44 /* Dummy exit extend_info for testing */ 45 static extend_info_t dummy_ei; 46 47 static int 48 mock_count_acceptable_nodes(const smartlist_t *nodes, int direct) 49 { 50 (void)nodes; 51 52 return direct ? 1 : DEFAULT_ROUTE_LEN + 1; 53 } 54 55 /* Test route lengths when the caller of new_route_len() doesn't 56 * specify exit_ei. */ 57 static void 58 test_new_route_len_noexit(void *arg) 59 { 60 int r; 61 62 (void)arg; 63 MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); 64 65 r = new_route_len(CIRCUIT_PURPOSE_C_GENERAL, NULL, &dummy_nodes); 66 tt_int_op(DEFAULT_ROUTE_LEN, OP_EQ, r); 67 68 r = new_route_len(CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, NULL, &dummy_nodes); 69 tt_int_op(DEFAULT_ROUTE_LEN, OP_EQ, r); 70 71 r = new_route_len(CIRCUIT_PURPOSE_S_CONNECT_REND, NULL, &dummy_nodes); 72 tt_int_op(DEFAULT_ROUTE_LEN, OP_EQ, r); 73 74 done: 75 UNMOCK(count_acceptable_nodes); 76 } 77 78 /* Test route lengths where someone else chose the "exit" node, which 79 * require an extra hop for safety. */ 80 static void 81 test_new_route_len_unsafe_exit(void *arg) 82 { 83 int r; 84 85 (void)arg; 86 MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); 87 88 /* connecting to hidden service directory */ 89 r = new_route_len(CIRCUIT_PURPOSE_C_GENERAL, &dummy_ei, &dummy_nodes); 90 tt_int_op(DEFAULT_ROUTE_LEN + 1, OP_EQ, r); 91 92 /* client connecting to introduction point */ 93 r = new_route_len(CIRCUIT_PURPOSE_C_INTRODUCING, &dummy_ei, &dummy_nodes); 94 tt_int_op(DEFAULT_ROUTE_LEN + 1, OP_EQ, r); 95 96 /* hidden service connecting to rendezvous point */ 97 r = new_route_len(CIRCUIT_PURPOSE_S_CONNECT_REND, &dummy_ei, &dummy_nodes); 98 tt_int_op(DEFAULT_ROUTE_LEN + 1, OP_EQ, r); 99 100 done: 101 UNMOCK(count_acceptable_nodes); 102 } 103 104 /* Test route lengths where we chose the "exit" node, which don't 105 * require an extra hop for safety. */ 106 static void 107 test_new_route_len_safe_exit(void *arg) 108 { 109 int r; 110 111 (void)arg; 112 MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); 113 114 /* hidden service connecting to introduction point */ 115 r = new_route_len(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, &dummy_ei, 116 &dummy_nodes); 117 tt_int_op(DEFAULT_ROUTE_LEN+1, OP_EQ, r); 118 119 /* router testing its own reachability */ 120 r = new_route_len(CIRCUIT_PURPOSE_TESTING, &dummy_ei, &dummy_nodes); 121 tt_int_op(DEFAULT_ROUTE_LEN, OP_EQ, r); 122 123 done: 124 UNMOCK(count_acceptable_nodes); 125 } 126 127 /* Make sure a non-fatal assertion fails when new_route_len() gets an 128 * unexpected circuit purpose. */ 129 static void 130 test_new_route_len_unhandled_exit(void *arg) 131 { 132 int r; 133 134 (void)arg; 135 #ifdef ALL_BUGS_ARE_FATAL 136 /* Coverity (and maybe clang analyser) complain that the code following 137 * tt_skip() is unconditionally unreachable. */ 138 #if !defined(__COVERITY__) && !defined(__clang_analyzer__) 139 tt_skip(); 140 #endif 141 #endif /* defined(ALL_BUGS_ARE_FATAL) */ 142 143 MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); 144 145 tor_capture_bugs_(1); 146 setup_full_capture_of_logs(LOG_WARN); 147 r = new_route_len(CIRCUIT_PURPOSE_CONTROLLER, &dummy_ei, &dummy_nodes); 148 tt_int_op(DEFAULT_ROUTE_LEN + 1, OP_EQ, r); 149 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 150 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 151 "!(exit_ei && !known_purpose)"); 152 expect_single_log_msg_containing("Unhandled purpose"); 153 expect_single_log_msg_containing("with a chosen exit; assuming routelen"); 154 155 done: 156 teardown_capture_of_logs(); 157 tor_end_capture_bugs_(); 158 UNMOCK(count_acceptable_nodes); 159 } 160 161 static void 162 test_upgrade_from_guard_wait(void *arg) 163 { 164 circuit_t *circ = NULL; 165 origin_circuit_t *orig_circ = NULL; 166 entry_guard_t *guard = NULL; 167 smartlist_t *list = NULL; 168 169 (void) arg; 170 171 circ = dummy_origin_circuit_new(0); 172 orig_circ = TO_ORIGIN_CIRCUIT(circ); 173 tt_assert(orig_circ); 174 175 orig_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); 176 177 circuit_set_state(circ, CIRCUIT_STATE_GUARD_WAIT); 178 179 /* Put it in guard wait state. */ 180 guard = tor_malloc_zero(sizeof(*guard)); 181 guard->in_selection = get_guard_selection_info(); 182 183 orig_circ->guard_state = 184 circuit_guard_state_new(guard, GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD, 185 NULL); 186 187 /* Mark the circuit for close. */ 188 circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL); 189 tt_int_op(circ->marked_for_close, OP_NE, 0); 190 191 /* We shouldn't pick the mark for close circuit. */ 192 list = circuit_find_circuits_to_upgrade_from_guard_wait(); 193 tt_assert(!list); 194 195 done: 196 smartlist_free(list); 197 circuit_free(circ); 198 entry_guard_free_(guard); 199 } 200 201 static int server = 0; 202 static int 203 mock_server_mode(const or_options_t *options) 204 { 205 (void)options; 206 return server; 207 } 208 209 /* Test the different cases in circuit_extend_state_valid_helper(). */ 210 static void 211 test_circuit_extend_state_valid(void *arg) 212 { 213 (void)arg; 214 circuit_t *circ = tor_malloc_zero(sizeof(circuit_t)); 215 216 server = 0; 217 MOCK(server_mode, mock_server_mode); 218 219 setup_full_capture_of_logs(LOG_INFO); 220 221 /* Clients can't extend */ 222 server = 0; 223 tt_int_op(circuit_extend_state_valid_helper(NULL), OP_EQ, -1); 224 expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); 225 mock_clean_saved_logs(); 226 227 #ifndef ALL_BUGS_ARE_FATAL 228 /* Circuit must be non-NULL */ 229 tor_capture_bugs_(1); 230 server = 1; 231 tt_int_op(circuit_extend_state_valid_helper(NULL), OP_EQ, -1); 232 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 233 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 234 "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); 235 tor_end_capture_bugs_(); 236 mock_clean_saved_logs(); 237 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 238 239 /* n_chan and n_hop are NULL, this should succeed */ 240 server = 1; 241 tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, 0); 242 mock_clean_saved_logs(); 243 244 /* But clients still can't extend */ 245 server = 0; 246 tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); 247 expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); 248 mock_clean_saved_logs(); 249 250 /* n_chan must be NULL */ 251 circ->n_chan = tor_malloc_zero(sizeof(channel_t)); 252 server = 1; 253 tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); 254 expect_log_msg("n_chan already set. Bug/attack. Closing.\n"); 255 mock_clean_saved_logs(); 256 tor_free(circ->n_chan); 257 258 /* n_hop must be NULL */ 259 circ->n_hop = tor_malloc_zero(sizeof(extend_info_t)); 260 server = 1; 261 tt_int_op(circuit_extend_state_valid_helper(circ), OP_EQ, -1); 262 expect_log_msg("conn to next hop already launched. Bug/attack. Closing.\n"); 263 mock_clean_saved_logs(); 264 tor_free(circ->n_hop); 265 266 done: 267 tor_end_capture_bugs_(); 268 teardown_capture_of_logs(); 269 270 UNMOCK(server_mode); 271 server = 0; 272 273 tor_free(circ->n_chan); 274 tor_free(circ->n_hop); 275 tor_free(circ); 276 } 277 278 static node_t *mocked_node = NULL; 279 static const node_t * 280 mock_node_get_by_id(const char *identity_digest) 281 { 282 (void)identity_digest; 283 return mocked_node; 284 } 285 286 static bool mocked_supports_ed25519_link_authentication = 0; 287 static bool 288 mock_node_supports_ed25519_link_authentication(const node_t *node, 289 bool compatible_with_us) 290 { 291 (void)node; 292 (void)compatible_with_us; 293 return mocked_supports_ed25519_link_authentication; 294 } 295 296 static ed25519_public_key_t * mocked_ed25519_id = NULL; 297 static const ed25519_public_key_t * 298 mock_node_get_ed25519_id(const node_t *node) 299 { 300 (void)node; 301 return mocked_ed25519_id; 302 } 303 304 /* Test the different cases in circuit_extend_add_ed25519_helper(). */ 305 static void 306 test_circuit_extend_add_ed25519(void *arg) 307 { 308 (void)arg; 309 extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); 310 extend_cell_t *old_ec = tor_malloc_zero(sizeof(extend_cell_t)); 311 extend_cell_t *zero_ec = tor_malloc_zero(sizeof(extend_cell_t)); 312 313 node_t *fake_node = tor_malloc_zero(sizeof(node_t)); 314 ed25519_public_key_t *fake_ed25519_id = NULL; 315 fake_ed25519_id = tor_malloc_zero(sizeof(ed25519_public_key_t)); 316 317 MOCK(node_get_by_id, mock_node_get_by_id); 318 MOCK(node_supports_ed25519_link_authentication, 319 mock_node_supports_ed25519_link_authentication); 320 MOCK(node_get_ed25519_id, mock_node_get_ed25519_id); 321 322 setup_full_capture_of_logs(LOG_INFO); 323 324 #ifndef ALL_BUGS_ARE_FATAL 325 /* The extend cell must be non-NULL */ 326 tor_capture_bugs_(1); 327 tt_int_op(circuit_extend_add_ed25519_helper(NULL), OP_EQ, -1); 328 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 329 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 330 "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); 331 tor_end_capture_bugs_(); 332 mock_clean_saved_logs(); 333 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 334 335 /* The node id must be non-zero */ 336 memcpy(old_ec, ec, sizeof(extend_cell_t)); 337 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, -1); 338 expect_log_msg( 339 "Client asked me to extend without specifying an id_digest.\n"); 340 /* And nothing should have changed */ 341 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 342 mock_clean_saved_logs(); 343 344 /* Fill in fake node_id, and try again */ 345 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 346 memcpy(old_ec, ec, sizeof(extend_cell_t)); 347 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 348 /* There's no node with that id, so the ed pubkey should still be zeroed */ 349 tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 350 /* In fact, nothing should have changed */ 351 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 352 mock_clean_saved_logs(); 353 354 /* Provide 2 out of 3 of node, supports link auth, and ed_id. 355 * The ed_id should remain zeroed. */ 356 357 /* Provide node and supports link auth */ 358 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 359 memcpy(old_ec, ec, sizeof(extend_cell_t)); 360 /* Set up the fake variables */ 361 mocked_node = fake_node; 362 mocked_supports_ed25519_link_authentication = 1; 363 /* Do the test */ 364 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 365 /* The ed pubkey should still be zeroed */ 366 tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 367 /* In fact, nothing should have changed */ 368 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 369 /* Cleanup */ 370 mock_clean_saved_logs(); 371 mocked_node = NULL; 372 mocked_supports_ed25519_link_authentication = 0; 373 mocked_ed25519_id = NULL; 374 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 375 376 /* Provide supports link auth and ed id */ 377 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 378 memcpy(old_ec, ec, sizeof(extend_cell_t)); 379 /* Set up the fake variables */ 380 mocked_supports_ed25519_link_authentication = 1; 381 memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); 382 mocked_ed25519_id = fake_ed25519_id; 383 /* Do the test */ 384 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 385 /* The ed pubkey should still be zeroed */ 386 tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 387 /* In fact, nothing should have changed */ 388 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 389 /* Cleanup */ 390 mock_clean_saved_logs(); 391 mocked_node = NULL; 392 mocked_supports_ed25519_link_authentication = 0; 393 mocked_ed25519_id = NULL; 394 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 395 396 /* Provide node and ed id */ 397 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 398 memcpy(old_ec, ec, sizeof(extend_cell_t)); 399 /* Set up the fake variables */ 400 mocked_node = fake_node; 401 memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); 402 mocked_ed25519_id = fake_ed25519_id; 403 /* Do the test */ 404 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 405 /* The ed pubkey should still be zeroed */ 406 tt_mem_op(&ec->ed_pubkey, OP_EQ, &zero_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 407 /* In fact, nothing should have changed */ 408 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 409 /* Cleanup */ 410 mock_clean_saved_logs(); 411 mocked_node = NULL; 412 mocked_supports_ed25519_link_authentication = 0; 413 mocked_ed25519_id = NULL; 414 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 415 416 /* Now do the real lookup */ 417 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 418 memcpy(old_ec, ec, sizeof(extend_cell_t)); 419 /* Set up the fake variables */ 420 mocked_node = fake_node; 421 mocked_supports_ed25519_link_authentication = 1; 422 memset(fake_ed25519_id, 0xEE, sizeof(ed25519_public_key_t)); 423 mocked_ed25519_id = fake_ed25519_id; 424 /* Do the test */ 425 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 426 /* The ed pubkey should match */ 427 tt_mem_op(&ec->ed_pubkey, OP_EQ, fake_ed25519_id, sizeof(ec->ed_pubkey)); 428 /* Nothing else should have changed */ 429 memcpy(&ec->ed_pubkey, &old_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 430 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 431 /* Cleanup */ 432 mock_clean_saved_logs(); 433 mocked_node = NULL; 434 mocked_supports_ed25519_link_authentication = 0; 435 mocked_ed25519_id = NULL; 436 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 437 438 /* Now do the real lookup, but with a zeroed ed id */ 439 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 440 memcpy(old_ec, ec, sizeof(extend_cell_t)); 441 /* Set up the fake variables */ 442 mocked_node = fake_node; 443 mocked_supports_ed25519_link_authentication = 1; 444 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 445 mocked_ed25519_id = fake_ed25519_id; 446 /* Do the test */ 447 tt_int_op(circuit_extend_add_ed25519_helper(ec), OP_EQ, 0); 448 /* The ed pubkey should match */ 449 tt_mem_op(&ec->ed_pubkey, OP_EQ, fake_ed25519_id, sizeof(ec->ed_pubkey)); 450 /* Nothing else should have changed */ 451 memcpy(&ec->ed_pubkey, &old_ec->ed_pubkey, sizeof(ec->ed_pubkey)); 452 tt_mem_op(ec, OP_EQ, old_ec, sizeof(extend_cell_t)); 453 /* Cleanup */ 454 mock_clean_saved_logs(); 455 mocked_node = NULL; 456 mocked_supports_ed25519_link_authentication = 0; 457 mocked_ed25519_id = NULL; 458 memset(fake_ed25519_id, 0x00, sizeof(ed25519_public_key_t)); 459 460 done: 461 UNMOCK(node_get_by_id); 462 UNMOCK(node_supports_ed25519_link_authentication); 463 UNMOCK(node_get_ed25519_id); 464 465 tor_end_capture_bugs_(); 466 teardown_capture_of_logs(); 467 468 tor_free(ec); 469 tor_free(old_ec); 470 tor_free(zero_ec); 471 472 tor_free(fake_ed25519_id); 473 tor_free(fake_node); 474 } 475 476 static or_options_t *mocked_options = NULL; 477 static const or_options_t * 478 mock_get_options(void) 479 { 480 return mocked_options; 481 } 482 483 #define PUBLIC_IPV4 "1.2.3.4" 484 #define INTERNAL_IPV4 "0.0.0.1" 485 486 #define PUBLIC_IPV6 "1234::cdef" 487 #define INTERNAL_IPV6 "::1" 488 489 #define VALID_PORT 0x1234 490 491 /* Test the different cases in circuit_extend_lspec_valid_helper(). */ 492 static void 493 test_circuit_extend_lspec_valid(void *arg) 494 { 495 (void)arg; 496 extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); 497 channel_t *p_chan = tor_malloc_zero(sizeof(channel_t)); 498 or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); 499 circuit_t *circ = TO_CIRCUIT(or_circ); 500 501 or_options_t *fake_options = options_new(); 502 MOCK(get_options, mock_get_options); 503 mocked_options = fake_options; 504 505 setup_full_capture_of_logs(LOG_INFO); 506 507 #ifndef ALL_BUGS_ARE_FATAL 508 /* Extend cell must be non-NULL */ 509 tor_capture_bugs_(1); 510 tt_int_op(circuit_extend_lspec_valid_helper(NULL, circ), OP_EQ, -1); 511 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 512 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 513 "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); 514 tor_end_capture_bugs_(); 515 mock_clean_saved_logs(); 516 517 /* Circuit must be non-NULL */ 518 tor_capture_bugs_(1); 519 tt_int_op(circuit_extend_lspec_valid_helper(ec, NULL), OP_EQ, -1); 520 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 521 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 522 "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); 523 tor_end_capture_bugs_(); 524 mock_clean_saved_logs(); 525 526 /* Extend cell and circuit must be non-NULL */ 527 tor_capture_bugs_(1); 528 tt_int_op(circuit_extend_lspec_valid_helper(NULL, NULL), OP_EQ, -1); 529 /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ 530 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); 531 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); 532 tor_end_capture_bugs_(); 533 mock_clean_saved_logs(); 534 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 535 536 /* IPv4 and IPv6 addr and port are all zero, this should fail */ 537 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 538 expect_log_msg("Client asked me to extend to a zero destination port " 539 "or unspecified address '[scrubbed]'.\n"); 540 mock_clean_saved_logs(); 541 542 /* Now ask for the actual address in the logs */ 543 fake_options->SafeLogging_ = SAFELOG_SCRUB_NONE; 544 545 /* IPv4 port is 0, IPv6 addr and port are both zero, this should fail */ 546 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 547 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 548 expect_log_msg("Client asked me to extend to a zero destination port " 549 "or IPv4 address '1.2.3.4:0'.\n"); 550 mock_clean_saved_logs(); 551 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 552 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 553 554 /* IPv4 addr is 0, IPv6 addr and port are both zero, this should fail */ 555 ec->orport_ipv4.port = VALID_PORT; 556 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 557 expect_log_msg("Client asked me to extend to a zero destination port " 558 "or IPv4 address '0.0.0.0:4660'.\n"); 559 mock_clean_saved_logs(); 560 ec->orport_ipv4.port = 0; 561 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 562 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 563 564 /* IPv4 addr is internal, and port is valid. 565 * (IPv6 addr and port are both zero.) 566 * Result depends on ExtendAllowPrivateAddresses. */ 567 tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); 568 ec->orport_ipv4.port = VALID_PORT; 569 570 fake_options->ExtendAllowPrivateAddresses = 0; 571 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 572 expect_log_msg("Client asked me to extend " 573 "to a private IPv4 address '0.0.0.1'.\n"); 574 mock_clean_saved_logs(); 575 fake_options->ExtendAllowPrivateAddresses = 0; 576 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 577 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 578 579 /* Now do the same tests, but for IPv6 */ 580 581 /* IPv6 port is 0, IPv4 addr and port are both zero, this should fail */ 582 tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); 583 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 584 expect_log_msg("Client asked me to extend to a zero destination port " 585 "or IPv6 address '[1234::cdef]:0'.\n"); 586 mock_clean_saved_logs(); 587 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 588 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 589 590 /* IPv6 addr is 0, IPv4 addr and port are both zero, this should fail */ 591 ec->orport_ipv6.port = VALID_PORT; 592 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 593 expect_log_msg("Client asked me to extend to a zero destination port " 594 "or IPv6 address '[::]:4660'.\n"); 595 mock_clean_saved_logs(); 596 ec->orport_ipv4.port = 0; 597 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 598 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 599 600 /* IPv6 addr is internal, and port is valid. 601 * (IPv4 addr and port are both zero.) 602 * Result depends on ExtendAllowPrivateAddresses. */ 603 tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); 604 ec->orport_ipv6.port = VALID_PORT; 605 606 fake_options->ExtendAllowPrivateAddresses = 0; 607 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 608 expect_log_msg("Client asked me to extend " 609 "to a private IPv6 address '[::1]'.\n"); 610 mock_clean_saved_logs(); 611 fake_options->ExtendAllowPrivateAddresses = 0; 612 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 613 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 614 615 /* Both addresses are internal. 616 * Result depends on ExtendAllowPrivateAddresses. */ 617 tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); 618 ec->orport_ipv4.port = VALID_PORT; 619 tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); 620 ec->orport_ipv6.port = VALID_PORT; 621 622 fake_options->ExtendAllowPrivateAddresses = 0; 623 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 624 expect_log_msg("Client asked me to extend " 625 "to a private IPv4 address '0.0.0.1'.\n"); 626 expect_log_msg("Client asked me to extend " 627 "to a private IPv6 address '[::1]'.\n"); 628 mock_clean_saved_logs(); 629 fake_options->ExtendAllowPrivateAddresses = 0; 630 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 631 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 632 633 #ifndef ALL_BUGS_ARE_FATAL 634 /* If we pass the private address check, but don't have the right 635 * OR circuit magic number, we trigger another bug */ 636 tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); 637 ec->orport_ipv4.port = VALID_PORT; 638 tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); 639 ec->orport_ipv6.port = VALID_PORT; 640 fake_options->ExtendAllowPrivateAddresses = 1; 641 642 tor_capture_bugs_(1); 643 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 644 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 645 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 646 "!(ASSERT_PREDICT_UNLIKELY_(circ->magic != 0x98ABC04Fu))"); 647 tor_end_capture_bugs_(); 648 mock_clean_saved_logs(); 649 fake_options->ExtendAllowPrivateAddresses = 0; 650 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 651 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 652 653 /* Fail again, but this time only set an IPv4 address. */ 654 tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); 655 ec->orport_ipv4.port = VALID_PORT; 656 fake_options->ExtendAllowPrivateAddresses = 1; 657 tor_capture_bugs_(1); 658 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 659 /* Since we're using IF_BUG_ONCE(), expect 0-1 bug logs */ 660 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); 661 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 1); 662 tor_end_capture_bugs_(); 663 mock_clean_saved_logs(); 664 fake_options->ExtendAllowPrivateAddresses = 0; 665 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 666 667 /* Now set the right magic */ 668 or_circ->base_.magic = OR_CIRCUIT_MAGIC; 669 670 #ifndef ALL_BUGS_ARE_FATAL 671 /* If we pass the OR circuit magic check, but don't have p_chan, 672 * we trigger another bug */ 673 fake_options->ExtendAllowPrivateAddresses = 1; 674 tor_capture_bugs_(1); 675 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 676 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 677 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 678 "!(ASSERT_PREDICT_UNLIKELY_(!p_chan))"); 679 tor_end_capture_bugs_(); 680 mock_clean_saved_logs(); 681 fake_options->ExtendAllowPrivateAddresses = 0; 682 683 /* We can also pass the OR circuit magic check with a public address */ 684 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 685 fake_options->ExtendAllowPrivateAddresses = 0; 686 tor_capture_bugs_(1); 687 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 688 /* Since we're using IF_BUG_ONCE(), expect 0-1 bug logs */ 689 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); 690 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 1); 691 tor_end_capture_bugs_(); 692 mock_clean_saved_logs(); 693 fake_options->ExtendAllowPrivateAddresses = 0; 694 695 tor_addr_make_null(&ec->orport_ipv4.addr, AF_INET); 696 ec->orport_ipv4.port = 0x0000; 697 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 698 699 /* Now let's fake a p_chan and the addresses */ 700 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 701 ec->orport_ipv4.port = VALID_PORT; 702 or_circ->p_chan = p_chan; 703 704 /* This is a trivial failure: node_id and p_chan->identity_digest are both 705 * zeroed */ 706 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 707 expect_log_msg("Client asked me to extend back to the previous hop.\n"); 708 mock_clean_saved_logs(); 709 710 /* Let's check with non-zero identities as well */ 711 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 712 memset(p_chan->identity_digest, 0xAA, sizeof(p_chan->identity_digest)); 713 714 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 715 expect_log_msg("Client asked me to extend back to the previous hop.\n"); 716 mock_clean_saved_logs(); 717 718 memset(ec->node_id, 0, sizeof(ec->node_id)); 719 memset(p_chan->identity_digest, 0, sizeof(p_chan->identity_digest)); 720 721 /* Let's pass the node_id test */ 722 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 723 memset(p_chan->identity_digest, 0xBB, sizeof(p_chan->identity_digest)); 724 725 /* ed_pubkey is zero, and that's allowed, so we should succeed */ 726 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 727 mock_clean_saved_logs(); 728 729 /* Now let's check that we warn, but succeed, when only one address is 730 * private */ 731 tor_addr_parse(&ec->orport_ipv4.addr, INTERNAL_IPV4); 732 ec->orport_ipv4.port = VALID_PORT; 733 tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); 734 ec->orport_ipv6.port = VALID_PORT; 735 fake_options->ExtendAllowPrivateAddresses = 0; 736 737 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 738 expect_log_msg("Client asked me to extend " 739 "to a private IPv4 address '0.0.0.1'.\n"); 740 mock_clean_saved_logs(); 741 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 742 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 743 744 /* Now with private IPv6 */ 745 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 746 ec->orport_ipv4.port = VALID_PORT; 747 tor_addr_parse(&ec->orport_ipv6.addr, INTERNAL_IPV6); 748 ec->orport_ipv6.port = VALID_PORT; 749 fake_options->ExtendAllowPrivateAddresses = 0; 750 751 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 752 expect_log_msg("Client asked me to extend " 753 "to a private IPv6 address '[::1]'.\n"); 754 mock_clean_saved_logs(); 755 tor_addr_port_make_null_ap(&ec->orport_ipv4, AF_INET); 756 tor_addr_port_make_null_ap(&ec->orport_ipv6, AF_INET6); 757 758 /* Now reset to public IPv4 and IPv6 */ 759 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 760 ec->orport_ipv4.port = VALID_PORT; 761 tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); 762 ec->orport_ipv6.port = VALID_PORT; 763 764 /* Fail on matching non-zero identities */ 765 memset(&ec->ed_pubkey, 0xEE, sizeof(ec->ed_pubkey)); 766 memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); 767 768 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, -1); 769 expect_log_msg("Client asked me to extend back to the previous hop " 770 "(by Ed25519 ID).\n"); 771 mock_clean_saved_logs(); 772 773 memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); 774 memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); 775 776 /* Succeed on different, non-zero identities */ 777 memset(&ec->ed_pubkey, 0xDD, sizeof(ec->ed_pubkey)); 778 memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); 779 780 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 781 mock_clean_saved_logs(); 782 783 memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); 784 memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); 785 786 /* Succeed if the client knows the identity, but we don't */ 787 memset(&ec->ed_pubkey, 0xDD, sizeof(ec->ed_pubkey)); 788 memset(&p_chan->ed25519_identity, 0x00, sizeof(p_chan->ed25519_identity)); 789 790 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 791 mock_clean_saved_logs(); 792 793 memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); 794 memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); 795 796 /* Succeed if we know the identity, but the client doesn't */ 797 memset(&ec->ed_pubkey, 0x00, sizeof(ec->ed_pubkey)); 798 memset(&p_chan->ed25519_identity, 0xEE, sizeof(p_chan->ed25519_identity)); 799 800 tt_int_op(circuit_extend_lspec_valid_helper(ec, circ), OP_EQ, 0); 801 mock_clean_saved_logs(); 802 803 memset(&ec->ed_pubkey, 0, sizeof(ec->ed_pubkey)); 804 memset(&p_chan->ed25519_identity, 0, sizeof(p_chan->ed25519_identity)); 805 806 /* Cleanup the node ids */ 807 memset(ec->node_id, 0, sizeof(ec->node_id)); 808 memset(p_chan->identity_digest, 0, sizeof(p_chan->identity_digest)); 809 810 /* Cleanup the p_chan and the addresses */ 811 tor_addr_make_null(&ec->orport_ipv4.addr, AF_UNSPEC); 812 ec->orport_ipv4.port = 0; 813 or_circ->p_chan = NULL; 814 815 done: 816 tor_end_capture_bugs_(); 817 teardown_capture_of_logs(); 818 819 UNMOCK(get_options); 820 or_options_free(fake_options); 821 mocked_options = NULL; 822 823 tor_free(ec); 824 tor_free(or_circ); 825 tor_free(p_chan); 826 } 827 828 #define NODE_SET_IPV4(node, ipv4_addr_str, ipv4_port) { \ 829 tor_addr_parse(&node->ri->ipv4_addr, ipv4_addr_str); \ 830 node->ri->ipv4_orport = ipv4_port; \ 831 } 832 833 #define NODE_CLEAR_IPV4(node) { \ 834 tor_addr_make_unspec(&node->ri->ipv4_addr); \ 835 node->ri->ipv4_orport = 0; \ 836 } 837 838 #define NODE_SET_IPV6(node, ipv6_addr_str, ipv6_port) { \ 839 tor_addr_parse(&node->ri->ipv6_addr, ipv6_addr_str); \ 840 node->ri->ipv6_orport = ipv6_port; \ 841 } 842 843 /* Test the different cases in circuit_extend_add_ed25519_helper(). */ 844 static void 845 test_circuit_extend_add_ip(void *arg) 846 { 847 (void) arg; 848 tor_addr_t ipv4_tmp; 849 extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); 850 extend_cell_t *old_ec = tor_malloc_zero(sizeof(extend_cell_t)); 851 852 node_t *fake_node = tor_malloc_zero(sizeof(node_t)); 853 routerinfo_t *ri = tor_malloc_zero(sizeof(routerinfo_t)); 854 855 MOCK(node_get_by_id, mock_node_get_by_id); 856 857 /* Set up the fake variables for the IPv4 test */ 858 fake_node->ri = ri; 859 mocked_node = fake_node; 860 memset(ec->node_id, 0xAA, sizeof(ec->node_id)); 861 memcpy(old_ec, ec, sizeof(extend_cell_t)); 862 NODE_SET_IPV4(fake_node, PUBLIC_IPV4, VALID_PORT); 863 864 /* Do the IPv4 test */ 865 tt_int_op(circuit_extend_add_ipv4_helper(ec), OP_EQ, 0); 866 tor_addr_copy(&ipv4_tmp, &fake_node->ri->ipv4_addr); 867 /* The IPv4 should match */ 868 tt_int_op(tor_addr_compare(&ec->orport_ipv4.addr, &ipv4_tmp, CMP_SEMANTIC), 869 OP_EQ, 0); 870 tt_int_op(ec->orport_ipv4.port, OP_EQ, VALID_PORT); 871 872 /* Set up the fake variables for the IPv6 test */ 873 memcpy(ec, old_ec, sizeof(extend_cell_t)); 874 NODE_CLEAR_IPV4(fake_node); 875 NODE_SET_IPV6(fake_node, PUBLIC_IPV6, VALID_PORT); 876 877 /* Do the IPv6 test */ 878 tt_int_op(circuit_extend_add_ipv6_helper(ec), OP_EQ, 0); 879 /* The IPv6 should match */ 880 tt_int_op(tor_addr_compare(&ec->orport_ipv6.addr, &fake_node->ri->ipv6_addr, 881 CMP_SEMANTIC), OP_EQ, 0); 882 tt_int_op(ec->orport_ipv6.port, OP_EQ, VALID_PORT); 883 884 /* Cleanup */ 885 mocked_node = NULL; 886 887 done: 888 UNMOCK(node_get_by_id); 889 890 tor_free(ec); 891 tor_free(old_ec); 892 893 tor_free(ri); 894 tor_free(fake_node); 895 } 896 897 static bool can_extend_over_ipv6_result = false; 898 static int mock_router_can_extend_over_ipv6_calls = 0; 899 static bool 900 mock_router_can_extend_over_ipv6(const or_options_t *options) 901 { 902 (void)options; 903 mock_router_can_extend_over_ipv6_calls++; 904 return can_extend_over_ipv6_result; 905 } 906 907 /* Test the different cases in circuit_choose_ip_ap_for_extend(). */ 908 static void 909 test_circuit_choose_ip_ap_for_extend(void *arg) 910 { 911 (void)arg; 912 tor_addr_port_t ipv4_ap; 913 tor_addr_port_t ipv6_ap; 914 915 /* Set up valid addresses */ 916 tor_addr_parse(&ipv4_ap.addr, PUBLIC_IPV4); 917 ipv4_ap.port = VALID_PORT; 918 tor_addr_parse(&ipv6_ap.addr, PUBLIC_IPV6); 919 ipv6_ap.port = VALID_PORT; 920 921 or_options_t *fake_options = options_new(); 922 MOCK(get_options, mock_get_options); 923 mocked_options = fake_options; 924 925 MOCK(router_can_extend_over_ipv6, 926 mock_router_can_extend_over_ipv6); 927 can_extend_over_ipv6_result = true; 928 mock_router_can_extend_over_ipv6_calls = 0; 929 930 /* No valid addresses */ 931 can_extend_over_ipv6_result = true; 932 mock_router_can_extend_over_ipv6_calls = 0; 933 tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, NULL), OP_EQ, NULL); 934 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 935 936 can_extend_over_ipv6_result = false; 937 mock_router_can_extend_over_ipv6_calls = 0; 938 tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, NULL), OP_EQ, NULL); 939 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 940 941 /* One valid address: IPv4 */ 942 can_extend_over_ipv6_result = true; 943 mock_router_can_extend_over_ipv6_calls = 0; 944 tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, NULL), OP_EQ, &ipv4_ap); 945 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 946 947 can_extend_over_ipv6_result = false; 948 mock_router_can_extend_over_ipv6_calls = 0; 949 tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, NULL), OP_EQ, &ipv4_ap); 950 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 951 952 /* One valid address: IPv6 */ 953 can_extend_over_ipv6_result = true; 954 mock_router_can_extend_over_ipv6_calls = 0; 955 tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, &ipv6_ap), OP_EQ, &ipv6_ap); 956 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 957 958 can_extend_over_ipv6_result = false; 959 mock_router_can_extend_over_ipv6_calls = 0; 960 tt_ptr_op(circuit_choose_ip_ap_for_extend(NULL, &ipv6_ap), OP_EQ, NULL); 961 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 962 963 /* Two valid addresses */ 964 const tor_addr_port_t *chosen_addr = NULL; 965 966 can_extend_over_ipv6_result = true; 967 mock_router_can_extend_over_ipv6_calls = 0; 968 chosen_addr = circuit_choose_ip_ap_for_extend(&ipv4_ap, &ipv6_ap); 969 tt_assert(chosen_addr == &ipv4_ap || chosen_addr == &ipv6_ap); 970 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 971 972 can_extend_over_ipv6_result = false; 973 mock_router_can_extend_over_ipv6_calls = 0; 974 tt_ptr_op(circuit_choose_ip_ap_for_extend(&ipv4_ap, &ipv6_ap), 975 OP_EQ, &ipv4_ap); 976 tt_int_op(mock_router_can_extend_over_ipv6_calls, OP_EQ, 1); 977 978 done: 979 UNMOCK(get_options); 980 or_options_free(fake_options); 981 mocked_options = NULL; 982 983 UNMOCK(router_can_extend_over_ipv6); 984 985 tor_free(fake_options); 986 } 987 988 static int mock_circuit_close_calls = 0; 989 static void 990 mock_circuit_mark_for_close_(circuit_t *circ, int reason, 991 int line, const char *cfile) 992 { 993 (void)circ; 994 (void)reason; 995 (void)line; 996 (void)cfile; 997 mock_circuit_close_calls++; 998 } 999 1000 static int mock_channel_connect_calls = 0; 1001 static channel_t *mock_channel_connect_nchan = NULL; 1002 static channel_t * 1003 mock_channel_connect_for_circuit(const extend_info_t *ei) 1004 { 1005 (void)ei; 1006 mock_channel_connect_calls++; 1007 return mock_channel_connect_nchan; 1008 } 1009 1010 /* Test the different cases in circuit_open_connection_for_extend(). 1011 * Chooses different IP addresses depending on the first character in arg: 1012 * - 4: IPv4 1013 * - 6: IPv6 1014 * - d: IPv4 and IPv6 (dual-stack) 1015 */ 1016 static void 1017 test_circuit_open_connection_for_extend(void *arg) 1018 { 1019 const char ip_version = ((const char *)arg)[0]; 1020 const bool use_ipv4 = (ip_version == '4' || ip_version == 'd'); 1021 const bool use_ipv6 = (ip_version == '6' || ip_version == 'd'); 1022 tor_assert(use_ipv4 || use_ipv6); 1023 1024 extend_cell_t *ec = tor_malloc_zero(sizeof(extend_cell_t)); 1025 circuit_t *circ = tor_malloc_zero(sizeof(circuit_t)); 1026 channel_t *fake_n_chan = tor_malloc_zero(sizeof(channel_t)); 1027 1028 or_options_t *fake_options = options_new(); 1029 MOCK(get_options, mock_get_options); 1030 mocked_options = fake_options; 1031 1032 MOCK(circuit_mark_for_close_, mock_circuit_mark_for_close_); 1033 mock_circuit_close_calls = 0; 1034 MOCK(channel_connect_for_circuit, mock_channel_connect_for_circuit); 1035 mock_channel_connect_calls = 0; 1036 mock_channel_connect_nchan = NULL; 1037 1038 MOCK(router_can_extend_over_ipv6, 1039 mock_router_can_extend_over_ipv6); 1040 can_extend_over_ipv6_result = true; 1041 1042 setup_full_capture_of_logs(LOG_INFO); 1043 1044 #ifndef ALL_BUGS_ARE_FATAL 1045 /* Circuit must be non-NULL */ 1046 mock_circuit_close_calls = 0; 1047 mock_channel_connect_calls = 0; 1048 tor_capture_bugs_(1); 1049 circuit_open_connection_for_extend(ec, NULL, 0); 1050 /* We can't close a NULL circuit */ 1051 tt_int_op(mock_circuit_close_calls, OP_EQ, 0); 1052 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1053 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1054 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1055 "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); 1056 tor_end_capture_bugs_(); 1057 mock_clean_saved_logs(); 1058 1059 /* Extend cell must be non-NULL */ 1060 mock_circuit_close_calls = 0; 1061 mock_channel_connect_calls = 0; 1062 tor_capture_bugs_(1); 1063 circuit_open_connection_for_extend(NULL, circ, 0); 1064 tt_int_op(mock_circuit_close_calls, OP_EQ, 1); 1065 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1066 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1067 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1068 "!(ASSERT_PREDICT_UNLIKELY_(!ec))"); 1069 tor_end_capture_bugs_(); 1070 mock_clean_saved_logs(); 1071 1072 /* Extend cell and circuit must be non-NULL */ 1073 mock_circuit_close_calls = 0; 1074 mock_channel_connect_calls = 0; 1075 tor_capture_bugs_(1); 1076 circuit_open_connection_for_extend(NULL, NULL, 0); 1077 /* We can't close a NULL circuit */ 1078 tt_int_op(mock_circuit_close_calls, OP_EQ, 0); 1079 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1080 /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ 1081 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); 1082 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); 1083 tor_end_capture_bugs_(); 1084 mock_clean_saved_logs(); 1085 1086 /* Fail, because neither address is valid */ 1087 mock_circuit_close_calls = 0; 1088 mock_channel_connect_calls = 0; 1089 tor_capture_bugs_(1); 1090 circuit_open_connection_for_extend(ec, circ, 0); 1091 /* Close the circuit, don't connect */ 1092 tt_int_op(mock_circuit_close_calls, OP_EQ, 1); 1093 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1094 /* Check state */ 1095 tt_ptr_op(circ->n_hop, OP_EQ, NULL); 1096 tt_ptr_op(circ->n_chan_create_cell, OP_EQ, NULL); 1097 tt_int_op(circ->state, OP_EQ, 0); 1098 /* Cleanup */ 1099 tor_end_capture_bugs_(); 1100 mock_clean_saved_logs(); 1101 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 1102 1103 /* Set up valid addresses */ 1104 if (use_ipv4) { 1105 tor_addr_parse(&ec->orport_ipv4.addr, PUBLIC_IPV4); 1106 ec->orport_ipv4.port = VALID_PORT; 1107 } 1108 if (use_ipv6) { 1109 tor_addr_parse(&ec->orport_ipv6.addr, PUBLIC_IPV6); 1110 ec->orport_ipv6.port = VALID_PORT; 1111 } 1112 1113 /* Succeed, but don't try to open a connection */ 1114 mock_circuit_close_calls = 0; 1115 mock_channel_connect_calls = 0; 1116 circuit_open_connection_for_extend(ec, circ, 0); 1117 /* If we haven't closed the circuit, that's success */ 1118 tt_int_op(mock_circuit_close_calls, OP_EQ, 0); 1119 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1120 /* Check state */ 1121 tt_ptr_op(circ->n_hop, OP_NE, NULL); 1122 tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); 1123 tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); 1124 /* Cleanup */ 1125 mock_clean_saved_logs(); 1126 tor_free(circ->n_hop); 1127 tor_free(circ->n_chan_create_cell); 1128 circ->state = 0; 1129 1130 /* Try to open a connection, but fail with a NULL n_chan */ 1131 mock_circuit_close_calls = 0; 1132 mock_channel_connect_calls = 0; 1133 circuit_open_connection_for_extend(ec, circ, 1); 1134 /* Try to connect, but fail, and close the circuit */ 1135 tt_int_op(mock_circuit_close_calls, OP_EQ, 1); 1136 tt_int_op(mock_channel_connect_calls, OP_EQ, 1); 1137 expect_log_msg("Launching n_chan failed. Closing circuit.\n"); 1138 /* Check state */ 1139 tt_ptr_op(circ->n_hop, OP_NE, NULL); 1140 tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); 1141 tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); 1142 /* Cleanup */ 1143 mock_clean_saved_logs(); 1144 tor_free(circ->n_hop); 1145 tor_free(circ->n_chan_create_cell); 1146 circ->state = 0; 1147 1148 /* Try to open a connection, and succeed, because n_chan is not NULL */ 1149 mock_channel_connect_nchan = fake_n_chan; 1150 mock_circuit_close_calls = 0; 1151 mock_channel_connect_calls = 0; 1152 circuit_open_connection_for_extend(ec, circ, 1); 1153 /* Connection attempt succeeded, leaving the circuit open */ 1154 tt_int_op(mock_circuit_close_calls, OP_EQ, 0); 1155 tt_int_op(mock_channel_connect_calls, OP_EQ, 1); 1156 /* Check state */ 1157 tt_ptr_op(circ->n_hop, OP_NE, NULL); 1158 tt_ptr_op(circ->n_chan_create_cell, OP_NE, NULL); 1159 tt_int_op(circ->state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); 1160 /* Cleanup */ 1161 mock_clean_saved_logs(); 1162 tor_free(circ->n_hop); 1163 tor_free(circ->n_chan_create_cell); 1164 circ->state = 0; 1165 mock_channel_connect_nchan = NULL; 1166 1167 done: 1168 tor_end_capture_bugs_(); 1169 teardown_capture_of_logs(); 1170 1171 UNMOCK(circuit_mark_for_close_); 1172 mock_circuit_close_calls = 0; 1173 UNMOCK(channel_connect_for_circuit); 1174 mock_channel_connect_calls = 0; 1175 1176 UNMOCK(get_options); 1177 or_options_free(fake_options); 1178 mocked_options = NULL; 1179 1180 UNMOCK(router_can_extend_over_ipv6); 1181 1182 tor_free(ec); 1183 tor_free(circ->n_hop); 1184 tor_free(circ->n_chan_create_cell); 1185 tor_free(circ); 1186 tor_free(fake_n_chan); 1187 } 1188 1189 /* Guaranteed to be initialised to zero. */ 1190 static extend_cell_t mock_extend_cell_parse_cell_out; 1191 static int mock_extend_cell_parse_result = 0; 1192 static int mock_extend_cell_parse_calls = 0; 1193 1194 static int 1195 mock_extend_cell_parse(extend_cell_t *cell_out, 1196 const uint8_t command, 1197 const uint8_t *payload_in, 1198 size_t payload_len) 1199 { 1200 (void)command; 1201 (void)payload_in; 1202 (void)payload_len; 1203 1204 mock_extend_cell_parse_calls++; 1205 memcpy(cell_out, &mock_extend_cell_parse_cell_out, 1206 sizeof(extend_cell_t)); 1207 return mock_extend_cell_parse_result; 1208 } 1209 1210 static int mock_channel_get_for_extend_calls = 0; 1211 static int mock_channel_get_for_extend_launch_out = 0; 1212 static channel_t *mock_channel_get_for_extend_nchan = NULL; 1213 static channel_t * 1214 mock_channel_get_for_extend(const char *rsa_id_digest, 1215 const ed25519_public_key_t *ed_id, 1216 const tor_addr_t *target_ipv4_addr, 1217 const tor_addr_t *target_ipv6_addr, 1218 bool for_origin_circ, 1219 const char **msg_out, 1220 int *launch_out) 1221 { 1222 (void)rsa_id_digest; 1223 (void)ed_id; 1224 (void)target_ipv4_addr; 1225 (void)target_ipv6_addr; 1226 (void)for_origin_circ; 1227 1228 /* channel_get_for_extend() requires non-NULL arguments */ 1229 tt_ptr_op(msg_out, OP_NE, NULL); 1230 tt_ptr_op(launch_out, OP_NE, NULL); 1231 1232 mock_channel_get_for_extend_calls++; 1233 *msg_out = NULL; 1234 *launch_out = mock_channel_get_for_extend_launch_out; 1235 return mock_channel_get_for_extend_nchan; 1236 1237 done: 1238 return NULL; 1239 } 1240 1241 static const char * 1242 mock_channel_get_canonical_remote_descr(channel_t *chan) 1243 { 1244 (void)chan; 1245 return "mock_channel_get_canonical_remote_descr()"; 1246 } 1247 1248 /* Should mock_circuit_deliver_create_cell() expect a direct connection? */ 1249 static bool mock_circuit_deliver_create_cell_expect_direct = false; 1250 static int mock_circuit_deliver_create_cell_calls = 0; 1251 static int mock_circuit_deliver_create_cell_result = 0; 1252 static int 1253 mock_circuit_deliver_create_cell(circuit_t *circ, 1254 const struct create_cell_t *create_cell, 1255 int relayed) 1256 { 1257 (void)create_cell; 1258 1259 /* circuit_deliver_create_cell() requires non-NULL arguments, 1260 * but we only check circ and circ->n_chan here. */ 1261 tt_ptr_op(circ, OP_NE, NULL); 1262 /* We expect n_chan for relayed cells. But should we also expect it for 1263 * direct connections? */ 1264 if (!mock_circuit_deliver_create_cell_expect_direct) 1265 tt_ptr_op(circ->n_chan, OP_NE, NULL); 1266 1267 /* We should only ever get relayed cells from extends */ 1268 tt_int_op(relayed, OP_EQ, !mock_circuit_deliver_create_cell_expect_direct); 1269 1270 mock_circuit_deliver_create_cell_calls++; 1271 return mock_circuit_deliver_create_cell_result; 1272 1273 done: 1274 return -1; 1275 } 1276 1277 /* Test the different cases in circuit_extend(). */ 1278 static void 1279 test_circuit_extend(void *arg) 1280 { 1281 (void)arg; 1282 relay_msg_t *msg = tor_malloc_zero(sizeof(relay_msg_t)); 1283 channel_t *p_chan = tor_malloc_zero(sizeof(channel_t)); 1284 or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); 1285 circuit_t *circ = TO_CIRCUIT(or_circ); 1286 channel_t *fake_n_chan = tor_malloc_zero(sizeof(channel_t)); 1287 1288 server = 0; 1289 MOCK(server_mode, mock_server_mode); 1290 1291 /* Mock a debug function, but otherwise ignore it */ 1292 MOCK(channel_describe_peer, 1293 mock_channel_get_canonical_remote_descr); 1294 1295 setup_full_capture_of_logs(LOG_INFO); 1296 1297 msg->command = RELAY_COMMAND_EXTEND2; 1298 NONSTRING uint8_t body[3] = "xyz"; 1299 msg->body = body; 1300 1301 #ifndef ALL_BUGS_ARE_FATAL 1302 /* Circuit must be non-NULL */ 1303 tor_capture_bugs_(1); 1304 tt_int_op(circuit_extend(msg, NULL), OP_EQ, -1); 1305 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1306 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1307 "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); 1308 tor_end_capture_bugs_(); 1309 mock_clean_saved_logs(); 1310 1311 /* Cell must be non-NULL */ 1312 tor_capture_bugs_(1); 1313 tt_int_op(circuit_extend(NULL, circ), OP_EQ, -1); 1314 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1315 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1316 "!(ASSERT_PREDICT_UNLIKELY_(!rmsg))"); 1317 tor_end_capture_bugs_(); 1318 mock_clean_saved_logs(); 1319 1320 /* Extend cell and circuit must be non-NULL */ 1321 tor_capture_bugs_(1); 1322 tt_int_op(circuit_extend(NULL, NULL), OP_EQ, -1); 1323 /* Since we're using IF_BUG_ONCE(), we might not log any bugs */ 1324 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_GE, 0); 1325 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_LE, 2); 1326 tor_end_capture_bugs_(); 1327 mock_clean_saved_logs(); 1328 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 1329 1330 /* Clients can't extend */ 1331 server = 0; 1332 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1333 expect_log_msg("Got an extend cell, but running as a client. Closing.\n"); 1334 mock_clean_saved_logs(); 1335 1336 /* But servers can. Unpack the cell, but fail parsing. */ 1337 server = 1; 1338 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1339 expect_log_msg("Can't parse extend cell. Closing circuit.\n"); 1340 mock_clean_saved_logs(); 1341 1342 /* Now mock parsing */ 1343 MOCK(extend_cell_parse, mock_extend_cell_parse); 1344 1345 /* And make parsing succeed, but fail on adding ed25519 */ 1346 memset(&mock_extend_cell_parse_cell_out, 0, 1347 sizeof(mock_extend_cell_parse_cell_out)); 1348 mock_extend_cell_parse_result = 0; 1349 mock_extend_cell_parse_calls = 0; 1350 1351 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1352 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1353 expect_log_msg( 1354 "Client asked me to extend without specifying an id_digest.\n"); 1355 mock_clean_saved_logs(); 1356 mock_extend_cell_parse_calls = 0; 1357 1358 /* Now add a node_id. Fail the lspec check because IPv4 and port are zero. */ 1359 memset(&mock_extend_cell_parse_cell_out.node_id, 0xAA, 1360 sizeof(mock_extend_cell_parse_cell_out.node_id)); 1361 1362 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1363 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1364 expect_log_msg("Client asked me to extend to a zero destination port " 1365 "or unspecified address '[scrubbed]'.\n"); 1366 mock_clean_saved_logs(); 1367 mock_extend_cell_parse_calls = 0; 1368 1369 /* Now add a valid IPv4 and port. Fail the OR circuit magic check. */ 1370 tor_addr_parse(&mock_extend_cell_parse_cell_out.orport_ipv4.addr, 1371 PUBLIC_IPV4); 1372 mock_extend_cell_parse_cell_out.orport_ipv4.port = VALID_PORT; 1373 1374 #ifndef ALL_BUGS_ARE_FATAL 1375 tor_capture_bugs_(1); 1376 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1377 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1378 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1379 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1380 "!(ASSERT_PREDICT_UNLIKELY_(circ->magic != 0x98ABC04Fu))"); 1381 tor_end_capture_bugs_(); 1382 mock_clean_saved_logs(); 1383 mock_extend_cell_parse_calls = 0; 1384 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 1385 1386 /* Now add the right magic and a p_chan. */ 1387 or_circ->base_.magic = OR_CIRCUIT_MAGIC; 1388 or_circ->p_chan = p_chan; 1389 1390 /* Mock channel_get_for_extend(), so it doesn't crash. */ 1391 mock_channel_get_for_extend_calls = 0; 1392 MOCK(channel_get_for_extend, mock_channel_get_for_extend); 1393 1394 /* Test circuit not established, but don't launch another one */ 1395 mock_channel_get_for_extend_launch_out = 0; 1396 mock_channel_get_for_extend_nchan = NULL; 1397 tt_int_op(circuit_extend(msg, circ), OP_EQ, 0); 1398 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1399 tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); 1400 1401 /* cleanup */ 1402 mock_clean_saved_logs(); 1403 mock_extend_cell_parse_calls = 0; 1404 mock_channel_get_for_extend_calls = 0; 1405 /* circ and or_circ are the same object */ 1406 tor_free(circ->n_hop); 1407 tor_free(circ->n_chan_create_cell); 1408 1409 /* Mock channel_connect_for_circuit(), so we don't crash */ 1410 mock_channel_connect_calls = 0; 1411 MOCK(channel_connect_for_circuit, mock_channel_connect_for_circuit); 1412 1413 /* Test circuit not established, and successful launch of a channel */ 1414 mock_channel_get_for_extend_launch_out = 1; 1415 mock_channel_get_for_extend_nchan = NULL; 1416 mock_channel_connect_nchan = fake_n_chan; 1417 tt_int_op(circuit_extend(msg, circ), OP_EQ, 0); 1418 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1419 tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); 1420 tt_int_op(mock_channel_connect_calls, OP_EQ, 1); 1421 1422 /* cleanup */ 1423 mock_clean_saved_logs(); 1424 mock_extend_cell_parse_calls = 0; 1425 mock_channel_get_for_extend_calls = 0; 1426 mock_channel_connect_calls = 0; 1427 /* circ and or_circ are the same object */ 1428 tor_free(circ->n_hop); 1429 tor_free(circ->n_chan_create_cell); 1430 1431 /* Mock circuit_deliver_create_cell(), so it doesn't crash */ 1432 mock_circuit_deliver_create_cell_calls = 0; 1433 mock_circuit_deliver_create_cell_expect_direct = false; 1434 MOCK(circuit_deliver_create_cell, mock_circuit_deliver_create_cell); 1435 1436 /* Test circuit established, re-using channel, successful delivery */ 1437 mock_channel_get_for_extend_launch_out = 0; 1438 mock_channel_get_for_extend_nchan = fake_n_chan; 1439 mock_channel_connect_nchan = NULL; 1440 mock_circuit_deliver_create_cell_result = 0; 1441 tt_int_op(circuit_extend(msg, circ), OP_EQ, 0); 1442 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1443 tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); 1444 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1445 tt_int_op(mock_circuit_deliver_create_cell_calls, OP_EQ, 1); 1446 tt_ptr_op(circ->n_chan, OP_EQ, fake_n_chan); 1447 1448 /* cleanup */ 1449 circ->n_chan = NULL; 1450 mock_clean_saved_logs(); 1451 mock_extend_cell_parse_calls = 0; 1452 mock_channel_get_for_extend_calls = 0; 1453 mock_channel_connect_calls = 0; 1454 mock_circuit_deliver_create_cell_calls = 0; 1455 /* circ and or_circ are the same object */ 1456 tor_free(circ->n_hop); 1457 tor_free(circ->n_chan_create_cell); 1458 1459 /* Test circuit established, re-using channel, failed delivery */ 1460 mock_channel_get_for_extend_launch_out = 0; 1461 mock_channel_get_for_extend_nchan = fake_n_chan; 1462 mock_channel_connect_nchan = NULL; 1463 mock_circuit_deliver_create_cell_result = -1; 1464 tt_int_op(circuit_extend(msg, circ), OP_EQ, -1); 1465 tt_int_op(mock_extend_cell_parse_calls, OP_EQ, 1); 1466 tt_int_op(mock_channel_get_for_extend_calls, OP_EQ, 1); 1467 tt_int_op(mock_channel_connect_calls, OP_EQ, 0); 1468 tt_int_op(mock_circuit_deliver_create_cell_calls, OP_EQ, 1); 1469 tt_ptr_op(circ->n_chan, OP_EQ, fake_n_chan); 1470 1471 /* cleanup */ 1472 circ->n_chan = NULL; 1473 mock_clean_saved_logs(); 1474 mock_extend_cell_parse_calls = 0; 1475 mock_channel_get_for_extend_calls = 0; 1476 mock_channel_connect_calls = 0; 1477 mock_circuit_deliver_create_cell_calls = 0; 1478 /* circ and or_circ are the same object */ 1479 tor_free(circ->n_hop); 1480 tor_free(circ->n_chan_create_cell); 1481 1482 done: 1483 tor_end_capture_bugs_(); 1484 teardown_capture_of_logs(); 1485 1486 UNMOCK(server_mode); 1487 server = 0; 1488 1489 UNMOCK(channel_describe_peer); 1490 1491 UNMOCK(extend_cell_parse); 1492 memset(&mock_extend_cell_parse_cell_out, 0, 1493 sizeof(mock_extend_cell_parse_cell_out)); 1494 mock_extend_cell_parse_result = 0; 1495 mock_extend_cell_parse_calls = 0; 1496 1497 UNMOCK(channel_get_for_extend); 1498 mock_channel_get_for_extend_calls = 0; 1499 mock_channel_get_for_extend_launch_out = 0; 1500 mock_channel_get_for_extend_nchan = NULL; 1501 1502 UNMOCK(channel_connect_for_circuit); 1503 mock_channel_connect_calls = 0; 1504 mock_channel_connect_nchan = NULL; 1505 1506 UNMOCK(circuit_deliver_create_cell); 1507 mock_circuit_deliver_create_cell_calls = 0; 1508 mock_circuit_deliver_create_cell_result = 0; 1509 1510 relay_msg_free(msg); 1511 /* circ and or_circ are the same object */ 1512 tor_free(circ->n_hop); 1513 tor_free(circ->n_chan_create_cell); 1514 tor_free(or_circ); 1515 tor_free(p_chan); 1516 tor_free(fake_n_chan); 1517 } 1518 1519 /* Test the different cases in onionskin_answer(). */ 1520 static void 1521 test_onionskin_answer(void *arg) 1522 { 1523 (void)arg; 1524 created_cell_t *created_cell = tor_malloc_zero(sizeof(created_cell_t)); 1525 or_circuit_t *or_circ = tor_malloc_zero(sizeof(or_circuit_t)); 1526 char keys[CPATH_KEY_MATERIAL_LEN] = {0}; 1527 uint8_t rend_circ_nonce[DIGEST_LEN] = {0}; 1528 1529 setup_full_capture_of_logs(LOG_INFO); 1530 1531 #ifndef ALL_BUGS_ARE_FATAL 1532 /* Circuit must be non-NULL */ 1533 tor_capture_bugs_(1); 1534 tt_int_op(onionskin_answer(NULL, created_cell, 1535 RELAY_CRYPTO_ALG_TOR1, 1536 keys, CPATH_KEY_MATERIAL_LEN, 1537 rend_circ_nonce), OP_EQ, -1); 1538 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1539 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1540 "!(ASSERT_PREDICT_UNLIKELY_(!circ))"); 1541 tor_end_capture_bugs_(); 1542 mock_clean_saved_logs(); 1543 1544 /* Created cell must be non-NULL */ 1545 tor_capture_bugs_(1); 1546 tt_int_op(onionskin_answer(or_circ, NULL, 1547 RELAY_CRYPTO_ALG_TOR1, 1548 keys, CPATH_KEY_MATERIAL_LEN, 1549 rend_circ_nonce), OP_EQ, -1); 1550 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1551 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1552 "!(ASSERT_PREDICT_UNLIKELY_(!created_cell))"); 1553 tor_end_capture_bugs_(); 1554 mock_clean_saved_logs(); 1555 1556 /* Keys must be non-NULL */ 1557 tor_capture_bugs_(1); 1558 tt_int_op(onionskin_answer(or_circ, created_cell, 1559 RELAY_CRYPTO_ALG_TOR1, 1560 NULL, CPATH_KEY_MATERIAL_LEN, 1561 rend_circ_nonce), OP_EQ, -1); 1562 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1563 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1564 "!(ASSERT_PREDICT_UNLIKELY_(!keys))"); 1565 tor_end_capture_bugs_(); 1566 mock_clean_saved_logs(); 1567 1568 /* The rend circuit nonce must be non-NULL */ 1569 tor_capture_bugs_(1); 1570 tt_int_op(onionskin_answer(or_circ, created_cell, 1571 RELAY_CRYPTO_ALG_TOR1, 1572 keys, CPATH_KEY_MATERIAL_LEN, 1573 NULL), OP_EQ, -1); 1574 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1575 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1576 "!(ASSERT_PREDICT_UNLIKELY_(!rend_circ_nonce))"); 1577 tor_end_capture_bugs_(); 1578 mock_clean_saved_logs(); 1579 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 1580 1581 /* Also, the keys length must be CPATH_KEY_MATERIAL_LEN, but we can't catch 1582 * asserts in unit tests. */ 1583 1584 /* Fail when formatting the created cell */ 1585 tt_int_op(onionskin_answer(or_circ, created_cell, 1586 RELAY_CRYPTO_ALG_TOR1, 1587 keys, CPATH_KEY_MATERIAL_LEN, 1588 rend_circ_nonce), OP_EQ, -1); 1589 expect_log_msg("couldn't format created cell (type=0, len=0).\n"); 1590 mock_clean_saved_logs(); 1591 1592 /* TODO: test the rest of onionskin_answer(), see #33860 */ 1593 /* TODO: mock created_cell_format for the next test */ 1594 1595 done: 1596 tor_end_capture_bugs_(); 1597 teardown_capture_of_logs(); 1598 1599 tor_free(created_cell); 1600 tor_free(or_circ); 1601 } 1602 1603 /* Test the different cases in origin_circuit_init(). */ 1604 static void 1605 test_origin_circuit_init(void *arg) 1606 { 1607 (void)arg; 1608 origin_circuit_t *origin_circ = NULL; 1609 1610 /* Init with 0 purpose and 0 flags */ 1611 origin_circ = origin_circuit_init(0, 0); 1612 tt_int_op(origin_circ->base_.purpose, OP_EQ, 0); 1613 tt_int_op(origin_circ->base_.state, OP_EQ, CIRCUIT_STATE_CHAN_WAIT); 1614 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1615 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 0); 1616 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 0); 1617 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 0); 1618 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 0); 1619 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 0); 1620 /* The circuits are automatically freed by the circuitlist. */ 1621 1622 /* Init with a purpose */ 1623 origin_circ = origin_circuit_init(CIRCUIT_PURPOSE_C_GENERAL, 0); 1624 tt_int_op(origin_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_GENERAL); 1625 1626 /* Init with each flag */ 1627 origin_circ = origin_circuit_init(0, CIRCLAUNCH_IS_INTERNAL); 1628 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1629 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 1); 1630 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 0); 1631 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 0); 1632 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 0); 1633 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 0); 1634 1635 origin_circ = origin_circuit_init(0, CIRCLAUNCH_IS_IPV6_SELFTEST); 1636 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1637 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 0); 1638 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 1); 1639 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 0); 1640 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 0); 1641 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 0); 1642 1643 origin_circ = origin_circuit_init(0, CIRCLAUNCH_NEED_CAPACITY); 1644 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1645 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 0); 1646 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 0); 1647 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 1); 1648 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 0); 1649 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 0); 1650 1651 origin_circ = origin_circuit_init(0, CIRCLAUNCH_NEED_UPTIME); 1652 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1653 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 0); 1654 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 0); 1655 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 0); 1656 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 1); 1657 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 0); 1658 1659 origin_circ = origin_circuit_init(0, CIRCLAUNCH_ONEHOP_TUNNEL); 1660 tt_ptr_op(origin_circ->build_state, OP_NE, NULL); 1661 tt_int_op(origin_circ->build_state->is_internal, OP_EQ, 0); 1662 tt_int_op(origin_circ->build_state->is_ipv6_selftest, OP_EQ, 0); 1663 tt_int_op(origin_circ->build_state->need_capacity, OP_EQ, 0); 1664 tt_int_op(origin_circ->build_state->need_uptime, OP_EQ, 0); 1665 tt_int_op(origin_circ->build_state->onehop_tunnel, OP_EQ, 1); 1666 1667 done: 1668 /* The circuits are automatically freed by the circuitlist. */ 1669 ; 1670 } 1671 1672 /* Test the different cases in circuit_send_next_onion_skin(). */ 1673 static void 1674 test_circuit_send_next_onion_skin(void *arg) 1675 { 1676 (void)arg; 1677 origin_circuit_t *origin_circ = NULL; 1678 struct timeval circ_start_time; 1679 memset(&circ_start_time, 0, sizeof(circ_start_time)); 1680 1681 extend_info_t fakehop; 1682 memset(&fakehop, 0, sizeof(fakehop)); 1683 extend_info_t *single_fakehop = &fakehop; 1684 extend_info_t *multi_fakehop[DEFAULT_ROUTE_LEN] = {&fakehop, 1685 &fakehop, 1686 &fakehop}; 1687 1688 extend_info_t ipv6_hop; 1689 memset(&ipv6_hop, 0, sizeof(ipv6_hop)); 1690 tor_addr_parse(&ipv6_hop.orports[0].addr, "1::2"); 1691 extend_info_t *multi_ipv6_hop[DEFAULT_ROUTE_LEN] = {&ipv6_hop, 1692 &ipv6_hop, 1693 &ipv6_hop}; 1694 1695 extend_info_t ipv4_hop; 1696 memset(&ipv4_hop, 0, sizeof(ipv4_hop)); 1697 tor_addr_from_ipv4h(&ipv4_hop.orports[0].addr, 0x20304050); 1698 extend_info_t *multi_ipv4_hop[DEFAULT_ROUTE_LEN] = {&ipv4_hop, 1699 &ipv4_hop, 1700 &ipv4_hop}; 1701 1702 mock_circuit_deliver_create_cell_expect_direct = false; 1703 MOCK(circuit_deliver_create_cell, mock_circuit_deliver_create_cell); 1704 server = 0; 1705 MOCK(server_mode, mock_server_mode); 1706 1707 /* Try a direct connection, and succeed on a client */ 1708 server = 0; 1709 origin_circ = new_test_origin_circuit(false, 1710 circ_start_time, 1711 1, 1712 &single_fakehop); 1713 tt_ptr_op(origin_circ, OP_NE, NULL); 1714 /* Skip some of the multi-hop checks */ 1715 origin_circ->build_state->onehop_tunnel = 1; 1716 /* This is a direct connection */ 1717 mock_circuit_deliver_create_cell_expect_direct = true; 1718 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 0); 1719 /* The circuits are automatically freed by the circuitlist. */ 1720 1721 /* Try a direct connection, and succeed on a server */ 1722 server = 1; 1723 origin_circ = new_test_origin_circuit(false, 1724 circ_start_time, 1725 1, 1726 &single_fakehop); 1727 tt_ptr_op(origin_circ, OP_NE, NULL); 1728 origin_circ->build_state->onehop_tunnel = 1; 1729 mock_circuit_deliver_create_cell_expect_direct = true; 1730 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 0); 1731 1732 /* Start capturing bugs */ 1733 setup_full_capture_of_logs(LOG_WARN); 1734 tor_capture_bugs_(1); 1735 1736 /* Try an extend, but fail the client valid address family check */ 1737 server = 0; 1738 origin_circ = new_test_origin_circuit(true, 1739 circ_start_time, 1740 ARRAY_LENGTH(multi_fakehop), 1741 multi_fakehop); 1742 tt_ptr_op(origin_circ, OP_NE, NULL); 1743 /* Fix the state */ 1744 origin_circ->base_.state = 0; 1745 /* This is an indirect connection */ 1746 mock_circuit_deliver_create_cell_expect_direct = false; 1747 /* Fail because the address family is invalid */ 1748 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1749 -END_CIRC_REASON_INTERNAL); 1750 expect_log_msg("No supported address family found in extend_info.\n"); 1751 mock_clean_saved_logs(); 1752 1753 /* Try an extend, but fail the server valid address check */ 1754 server = 1; 1755 origin_circ = new_test_origin_circuit(true, 1756 circ_start_time, 1757 ARRAY_LENGTH(multi_fakehop), 1758 multi_fakehop); 1759 tt_ptr_op(origin_circ, OP_NE, NULL); 1760 origin_circ->base_.state = 0; 1761 mock_circuit_deliver_create_cell_expect_direct = false; 1762 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1763 -END_CIRC_REASON_INTERNAL); 1764 expect_log_msg("No supported address family found in extend_info.\n"); 1765 mock_clean_saved_logs(); 1766 1767 /* Try an extend, but fail in the client code, with an IPv6 address */ 1768 server = 0; 1769 origin_circ = new_test_origin_circuit(true, 1770 circ_start_time, 1771 ARRAY_LENGTH(multi_ipv6_hop), 1772 multi_ipv6_hop); 1773 tt_ptr_op(origin_circ, OP_NE, NULL); 1774 origin_circ->base_.state = 0; 1775 mock_circuit_deliver_create_cell_expect_direct = false; 1776 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1777 -END_CIRC_REASON_INTERNAL); 1778 expect_log_msg("No supported address family found in extend_info.\n"); 1779 mock_clean_saved_logs(); 1780 1781 /* Stop capturing bugs, but keep capturing logs */ 1782 tor_end_capture_bugs_(); 1783 1784 /* Try an extend, pass the client IPv4 check, but fail later */ 1785 server = 0; 1786 origin_circ = new_test_origin_circuit(true, 1787 circ_start_time, 1788 ARRAY_LENGTH(multi_ipv4_hop), 1789 multi_ipv4_hop); 1790 tt_ptr_op(origin_circ, OP_NE, NULL); 1791 origin_circ->base_.state = 0; 1792 mock_circuit_deliver_create_cell_expect_direct = false; 1793 /* Fail because the circuit data is invalid */ 1794 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1795 -END_CIRC_REASON_INTERNAL); 1796 expect_log_msg("onion_skin_create failed.\n"); 1797 mock_clean_saved_logs(); 1798 1799 /* Try an extend, pass the server IPv4 check, but fail later */ 1800 server = 1; 1801 origin_circ = new_test_origin_circuit(true, 1802 circ_start_time, 1803 ARRAY_LENGTH(multi_ipv4_hop), 1804 multi_ipv4_hop); 1805 tt_ptr_op(origin_circ, OP_NE, NULL); 1806 origin_circ->base_.state = 0; 1807 mock_circuit_deliver_create_cell_expect_direct = false; 1808 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1809 -END_CIRC_REASON_INTERNAL); 1810 expect_log_msg("onion_skin_create failed.\n"); 1811 mock_clean_saved_logs(); 1812 1813 /* Try an extend, pass the server IPv6 check, but fail later */ 1814 server = 1; 1815 origin_circ = new_test_origin_circuit(true, 1816 circ_start_time, 1817 ARRAY_LENGTH(multi_ipv6_hop), 1818 multi_ipv6_hop); 1819 tt_ptr_op(origin_circ, OP_NE, NULL); 1820 origin_circ->base_.state = 0; 1821 mock_circuit_deliver_create_cell_expect_direct = false; 1822 tt_int_op(circuit_send_next_onion_skin(origin_circ), OP_EQ, 1823 -END_CIRC_REASON_INTERNAL); 1824 expect_log_msg("onion_skin_create failed.\n"); 1825 mock_clean_saved_logs(); 1826 1827 /* Things we're not testing right now: 1828 * - the addresses in the extend cell inside 1829 * circuit_send_intermediate_onion_skin() matches the address in the 1830 * supplied extend_info. 1831 * - valid circuit data. 1832 * - actually extending the circuit to each hop. */ 1833 1834 done: 1835 tor_end_capture_bugs_(); 1836 mock_clean_saved_logs(); 1837 teardown_capture_of_logs(); 1838 1839 UNMOCK(circuit_deliver_create_cell); 1840 UNMOCK(server_mode); 1841 server = 0; 1842 1843 /* The circuits are automatically freed by the circuitlist. */ 1844 } 1845 1846 /* Test the different cases in cpath_build_state_to_crn_flags(). */ 1847 static void 1848 test_cpath_build_state_to_crn_flags(void *arg) 1849 { 1850 (void)arg; 1851 1852 cpath_build_state_t state; 1853 memset(&state, 0, sizeof(state)); 1854 1855 tt_int_op(cpath_build_state_to_crn_flags(&state), OP_EQ, 1856 0); 1857 1858 memset(&state, 0, sizeof(state)); 1859 state.need_uptime = 1; 1860 tt_int_op(cpath_build_state_to_crn_flags(&state), OP_EQ, 1861 CRN_NEED_UPTIME); 1862 1863 memset(&state, 0, sizeof(state)); 1864 state.need_capacity = 1; 1865 tt_int_op(cpath_build_state_to_crn_flags(&state), OP_EQ, 1866 CRN_NEED_CAPACITY); 1867 1868 memset(&state, 0, sizeof(state)); 1869 state.need_capacity = 1; 1870 state.need_uptime = 1; 1871 tt_int_op(cpath_build_state_to_crn_flags(&state), OP_EQ, 1872 CRN_NEED_CAPACITY | CRN_NEED_UPTIME); 1873 1874 /* Check that no other flags are handled */ 1875 memset(&state, 0xff, sizeof(state)); 1876 tt_int_op(cpath_build_state_to_crn_flags(&state), OP_EQ, 1877 CRN_NEED_CAPACITY | CRN_NEED_UPTIME); 1878 1879 done: 1880 ; 1881 } 1882 1883 /* Test the different cases in cpath_build_state_to_crn_ipv6_extend_flag(). */ 1884 static void 1885 test_cpath_build_state_to_crn_ipv6_extend_flag(void *arg) 1886 { 1887 (void)arg; 1888 1889 cpath_build_state_t state; 1890 1891 memset(&state, 0, sizeof(state)); 1892 state.desired_path_len = DEFAULT_ROUTE_LEN; 1893 tt_int_op(cpath_build_state_to_crn_ipv6_extend_flag(&state, 0), OP_EQ, 1894 0); 1895 1896 /* Pass the state flag check, but not the length check */ 1897 memset(&state, 0, sizeof(state)); 1898 state.desired_path_len = DEFAULT_ROUTE_LEN; 1899 state.is_ipv6_selftest = 1; 1900 tt_int_op(cpath_build_state_to_crn_ipv6_extend_flag(&state, 0), OP_EQ, 1901 0); 1902 1903 /* Pass the length check, but not the state flag check */ 1904 memset(&state, 0, sizeof(state)); 1905 state.desired_path_len = DEFAULT_ROUTE_LEN; 1906 tt_int_op( 1907 cpath_build_state_to_crn_ipv6_extend_flag(&state, 1908 DEFAULT_ROUTE_LEN - 2), 1909 OP_EQ, 0); 1910 1911 /* Pass both checks */ 1912 memset(&state, 0, sizeof(state)); 1913 state.desired_path_len = DEFAULT_ROUTE_LEN; 1914 state.is_ipv6_selftest = 1; 1915 tt_int_op( 1916 cpath_build_state_to_crn_ipv6_extend_flag(&state, 1917 DEFAULT_ROUTE_LEN - 2), 1918 OP_EQ, CRN_INITIATE_IPV6_EXTEND); 1919 1920 /* Check that no other flags are handled */ 1921 memset(&state, 0xff, sizeof(state)); 1922 state.desired_path_len = INT_MAX; 1923 tt_int_op(cpath_build_state_to_crn_ipv6_extend_flag(&state, INT_MAX), OP_EQ, 1924 0); 1925 1926 #ifndef ALL_BUGS_ARE_FATAL 1927 /* Start capturing bugs */ 1928 setup_full_capture_of_logs(LOG_INFO); 1929 tor_capture_bugs_(1); 1930 1931 /* Now test the single hop circuit case */ 1932 #define SINGLE_HOP_ROUTE_LEN 1 1933 memset(&state, 0, sizeof(state)); 1934 state.desired_path_len = SINGLE_HOP_ROUTE_LEN; 1935 state.is_ipv6_selftest = 1; 1936 tt_int_op( 1937 cpath_build_state_to_crn_ipv6_extend_flag(&state, 1938 SINGLE_HOP_ROUTE_LEN - 2), 1939 OP_EQ, 0); 1940 tt_int_op(smartlist_len(tor_get_captured_bug_log_()), OP_EQ, 1); 1941 tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, 1942 "!(ASSERT_PREDICT_UNLIKELY_(state->desired_path_len < 2))"); 1943 mock_clean_saved_logs(); 1944 #endif /* !defined(ALL_BUGS_ARE_FATAL) */ 1945 1946 done: 1947 tor_end_capture_bugs_(); 1948 mock_clean_saved_logs(); 1949 teardown_capture_of_logs(); 1950 } 1951 1952 #define TEST(name, flags, setup, cleanup) \ 1953 { #name, test_ ## name, flags, setup, cleanup } 1954 1955 #define TEST_NEW_ROUTE_LEN(name, flags) \ 1956 { #name, test_new_route_len_ ## name, flags, NULL, NULL } 1957 1958 #define TEST_CIRCUIT(name, flags) \ 1959 { #name, test_circuit_ ## name, flags, NULL, NULL } 1960 1961 #define TEST_CPATH(name, flags) \ 1962 { #name, test_cpath_ ## name, flags, NULL, NULL } 1963 1964 #ifndef COCCI 1965 #define TEST_CIRCUIT_PASSTHROUGH(name, flags, arg) \ 1966 { #name "/" arg, test_circuit_ ## name, flags, \ 1967 &passthrough_setup, (void *)(arg) } 1968 #endif 1969 1970 struct testcase_t circuitbuild_tests[] = { 1971 TEST_NEW_ROUTE_LEN(noexit, 0), 1972 TEST_NEW_ROUTE_LEN(safe_exit, 0), 1973 TEST_NEW_ROUTE_LEN(unsafe_exit, 0), 1974 TEST_NEW_ROUTE_LEN(unhandled_exit, 0), 1975 1976 TEST(upgrade_from_guard_wait, TT_FORK, &helper_pubsub_setup, NULL), 1977 1978 TEST_CIRCUIT(extend_state_valid, TT_FORK), 1979 TEST_CIRCUIT(extend_add_ed25519, TT_FORK), 1980 TEST_CIRCUIT(extend_lspec_valid, TT_FORK), 1981 TEST_CIRCUIT(extend_add_ip, TT_FORK), 1982 TEST_CIRCUIT(choose_ip_ap_for_extend, 0), 1983 1984 TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "4"), 1985 TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "6"), 1986 TEST_CIRCUIT_PASSTHROUGH(open_connection_for_extend, TT_FORK, "dual-stack"), 1987 1988 TEST_CIRCUIT(extend, TT_FORK), 1989 1990 TEST(onionskin_answer, TT_FORK, NULL, NULL), 1991 1992 TEST(origin_circuit_init, TT_FORK, NULL, NULL), 1993 TEST_CIRCUIT(send_next_onion_skin, TT_FORK), 1994 TEST_CPATH(build_state_to_crn_flags, 0), 1995 TEST_CPATH(build_state_to_crn_ipv6_extend_flag, TT_FORK), 1996 1997 END_OF_TESTCASES 1998 };