test_entrynodes.c (114025B)
1 /* Copyright (c) 2014-2021, The Tor Project, Inc. */ 2 /* See LICENSE for licensing information */ 3 4 #include "orconfig.h" 5 6 #define CIRCUITLIST_PRIVATE 7 #define CIRCUITBUILD_PRIVATE 8 #define CONFIG_PRIVATE 9 #define STATEFILE_PRIVATE 10 #define ENTRYNODES_PRIVATE 11 #define ROUTERLIST_PRIVATE 12 #define DIRCLIENT_PRIVATE 13 14 #include "core/or/or.h" 15 #include "test/test.h" 16 17 #include "feature/client/bridges.h" 18 #include "core/or/circuitlist.h" 19 #include "core/or/circuitbuild.h" 20 #include "app/config/config.h" 21 #include "lib/confmgt/confmgt.h" 22 #include "lib/crypt_ops/crypto_rand.h" 23 #include "feature/dircommon/directory.h" 24 #include "feature/dirclient/dirclient.h" 25 #include "feature/client/entrynodes.h" 26 #include "feature/nodelist/nodelist.h" 27 #include "feature/nodelist/nodefamily.h" 28 #include "feature/nodelist/networkstatus.h" 29 #include "core/or/policies.h" 30 #include "feature/nodelist/routerlist.h" 31 #include "feature/nodelist/routerset.h" 32 #include "app/config/statefile.h" 33 34 #include "core/or/cpath_build_state_st.h" 35 #include "core/or/crypt_path_st.h" 36 #include "feature/dircommon/dir_connection_st.h" 37 #include "feature/nodelist/microdesc_st.h" 38 #include "feature/nodelist/networkstatus_st.h" 39 #include "feature/nodelist/node_st.h" 40 #include "core/or/origin_circuit_st.h" 41 #include "app/config/or_state_st.h" 42 #include "feature/nodelist/routerinfo_st.h" 43 #include "feature/nodelist/routerstatus_st.h" 44 45 #include "test/test_helpers.h" 46 #include "test/log_test_helpers.h" 47 48 #include "lib/container/bloomfilt.h" 49 #include "lib/encoding/confline.h" 50 51 /* TODO: 52 * choose_random_entry() test with state set. 53 * 54 * parse_state() tests with more than one guards. 55 * 56 * More tests for set_from_config(): Multiple nodes, use fingerprints, 57 * use country codes. 58 */ 59 60 /** Dummy Tor state used in unittests. */ 61 static or_state_t *dummy_state = NULL; 62 static or_state_t * 63 get_or_state_replacement(void) 64 { 65 return dummy_state; 66 } 67 68 static networkstatus_t *dummy_consensus = NULL; 69 70 static smartlist_t *big_fake_net_nodes = NULL; 71 72 static const smartlist_t * 73 bfn_mock_nodelist_get_list(void) 74 { 75 return big_fake_net_nodes; 76 } 77 78 static networkstatus_t * 79 bfn_mock_networkstatus_get_reasonably_live_consensus(time_t now, int flavor) 80 { 81 (void)now; 82 (void)flavor; 83 return dummy_consensus; 84 } 85 86 static const node_t * 87 bfn_mock_node_get_by_id(const char *id) 88 { 89 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, 90 if (fast_memeq(n->identity, id, 20)) 91 return n); 92 93 return NULL; 94 } 95 96 static int 97 mock_router_have_minimum_dir_info(void) 98 { 99 return 1; 100 } 101 102 /* Helper function to free a test node. */ 103 static void 104 test_node_free(node_t *n) 105 { 106 tor_free(n->rs); 107 tor_free(n->md->onion_curve25519_pkey); 108 short_policy_free(n->md->exit_policy); 109 tor_free(n->md); 110 tor_free(n); 111 } 112 113 /* Unittest cleanup function: Cleanup the fake network. */ 114 static int 115 big_fake_network_cleanup(const struct testcase_t *testcase, void *ptr) 116 { 117 (void) testcase; 118 (void) ptr; 119 120 if (big_fake_net_nodes) { 121 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, { 122 test_node_free(n); 123 }); 124 smartlist_free(big_fake_net_nodes); 125 } 126 127 UNMOCK(nodelist_get_list); 128 UNMOCK(node_get_by_id); 129 UNMOCK(get_or_state); 130 UNMOCK(networkstatus_get_reasonably_live_consensus); 131 or_state_free(dummy_state); 132 dummy_state = NULL; 133 tor_free(dummy_consensus); 134 135 return 1; /* NOP */ 136 } 137 138 #define REASONABLY_FUTURE " reasonably-future" 139 #define REASONABLY_PAST " reasonably-past" 140 141 /* Unittest setup function: Setup a fake network. */ 142 static void * 143 big_fake_network_setup(const struct testcase_t *testcase) 144 { 145 int i; 146 147 /* These are minimal node_t objects that only contain the aspects of node_t 148 * that we need for entrynodes.c. */ 149 const int N_NODES = 271; 150 151 const char *argument = testcase->setup_data; 152 int reasonably_future_consensus = 0, reasonably_past_consensus = 0; 153 if (argument) { 154 reasonably_future_consensus = strstr(argument, REASONABLY_FUTURE) != NULL; 155 reasonably_past_consensus = strstr(argument, REASONABLY_PAST) != NULL; 156 } 157 158 big_fake_net_nodes = smartlist_new(); 159 for (i = 0; i < N_NODES; ++i) { 160 curve25519_secret_key_t curve25519_secret_key; 161 162 node_t *n = tor_malloc_zero(sizeof(node_t)); 163 n->md = tor_malloc_zero(sizeof(microdesc_t)); 164 165 /* Generate curve25519 key for this node */ 166 n->md->onion_curve25519_pkey = 167 tor_malloc_zero(sizeof(curve25519_public_key_t)); 168 curve25519_secret_key_generate(&curve25519_secret_key, 0); 169 curve25519_public_key_generate(n->md->onion_curve25519_pkey, 170 &curve25519_secret_key); 171 172 crypto_rand(n->identity, sizeof(n->identity)); 173 n->rs = tor_malloc_zero(sizeof(routerstatus_t)); 174 175 memcpy(n->rs->identity_digest, n->identity, DIGEST_LEN); 176 177 n->is_running = n->is_valid = n->is_fast = n->is_stable = 1; 178 179 /* Note: all these guards have the same address, so you'll need to 180 * disable EnforceDistinctSubnets when a restriction is applied. */ 181 tor_addr_from_ipv4h(&n->rs->ipv4_addr, 0x04020202); 182 n->rs->ipv4_orport = 1234; 183 n->rs->is_v2_dir = 1; 184 n->rs->has_bandwidth = 1; 185 n->rs->bandwidth_kb = 30; 186 187 /* Make a random nickname for each node */ 188 { 189 char nickname_binary[8]; 190 crypto_rand(nickname_binary, sizeof(nickname_binary)); 191 base32_encode(n->rs->nickname, sizeof(n->rs->nickname), 192 nickname_binary, sizeof(nickname_binary)); 193 } 194 195 /* Call half of the nodes a possible guard. */ 196 if (i % 2 == 0) { 197 n->is_possible_guard = 1; 198 n->rs->guardfraction_percentage = 100; 199 n->rs->has_guardfraction = 1; 200 n->rs->is_possible_guard = 1; 201 } 202 203 /* Make some of these nodes a possible exit */ 204 if (i % 7 == 0) { 205 n->md->exit_policy = parse_short_policy("accept 443"); 206 } 207 208 n->nodelist_idx = smartlist_len(big_fake_net_nodes); 209 smartlist_add(big_fake_net_nodes, n); 210 } 211 212 dummy_state = or_state_new(); 213 dummy_consensus = tor_malloc_zero(sizeof(networkstatus_t)); 214 if (reasonably_future_consensus) { 215 /* Make the dummy consensus valid in 6 hours, and expiring in 7 hours. */ 216 dummy_consensus->valid_after = approx_time() + 6*3600; 217 dummy_consensus->valid_until = approx_time() + 7*3600; 218 } else if (reasonably_past_consensus) { 219 /* Make the dummy consensus valid from 16 hours ago, but expired 12 hours 220 * ago. */ 221 dummy_consensus->valid_after = approx_time() - 16*3600; 222 dummy_consensus->valid_until = approx_time() - 12*3600; 223 } else { 224 /* Make the dummy consensus valid for an hour either side of now. */ 225 dummy_consensus->valid_after = approx_time() - 3600; 226 dummy_consensus->valid_until = approx_time() + 3600; 227 } 228 229 MOCK(nodelist_get_list, bfn_mock_nodelist_get_list); 230 MOCK(node_get_by_id, bfn_mock_node_get_by_id); 231 MOCK(get_or_state, 232 get_or_state_replacement); 233 MOCK(networkstatus_get_reasonably_live_consensus, 234 bfn_mock_networkstatus_get_reasonably_live_consensus); 235 /* Return anything but NULL (it's interpreted as test fail) */ 236 return (void*)testcase; 237 } 238 239 static time_t 240 mock_randomize_time_no_randomization(time_t a, time_t b) 241 { 242 (void) b; 243 return a; 244 } 245 246 static or_options_t *mocked_options; 247 248 static const or_options_t * 249 mock_get_options(void) 250 { 251 return mocked_options; 252 } 253 254 #define TEST_IPV4_ADDR "123.45.67.89" 255 #define TEST_IPV6_ADDR "[1234:5678:90ab:cdef::]" 256 257 static void 258 test_node_preferred_orport(void *arg) 259 { 260 (void)arg; 261 tor_addr_t ipv4_addr; 262 const uint16_t ipv4_port = 4444; 263 tor_addr_t ipv6_addr; 264 const uint16_t ipv6_port = 6666; 265 routerinfo_t node_ri; 266 node_t node; 267 tor_addr_port_t ap; 268 269 /* Setup options */ 270 mocked_options = options_new(); 271 /* We don't test ClientPreferIPv6ORPort here, because it's used in 272 * nodelist_set_consensus to setup node.ipv6_preferred, which we set 273 * directly. */ 274 MOCK(get_options, mock_get_options); 275 276 /* Setup IP addresses */ 277 tor_addr_parse(&ipv4_addr, TEST_IPV4_ADDR); 278 tor_addr_parse(&ipv6_addr, TEST_IPV6_ADDR); 279 280 /* Setup node_ri */ 281 memset(&node_ri, 0, sizeof(node_ri)); 282 tor_addr_copy(&node_ri.ipv4_addr, &ipv4_addr); 283 node_ri.ipv4_orport = ipv4_port; 284 tor_addr_copy(&node_ri.ipv6_addr, &ipv6_addr); 285 node_ri.ipv6_orport = ipv6_port; 286 287 /* Setup node */ 288 memset(&node, 0, sizeof(node)); 289 node.ri = &node_ri; 290 291 /* Check the preferred address is IPv4 if we're only using IPv4, regardless 292 * of whether we prefer it or not */ 293 mocked_options->ClientUseIPv4 = 1; 294 mocked_options->ClientUseIPv6 = 0; 295 node.ipv6_preferred = 0; 296 node_get_pref_orport(&node, &ap); 297 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr)); 298 tt_assert(ap.port == ipv4_port); 299 300 node.ipv6_preferred = 1; 301 node_get_pref_orport(&node, &ap); 302 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr)); 303 tt_assert(ap.port == ipv4_port); 304 305 /* Check the preferred address is IPv4 if we're using IPv4 and IPv6, but 306 * don't prefer the IPv6 address */ 307 mocked_options->ClientUseIPv4 = 1; 308 mocked_options->ClientUseIPv6 = 1; 309 node.ipv6_preferred = 0; 310 node_get_pref_orport(&node, &ap); 311 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr)); 312 tt_assert(ap.port == ipv4_port); 313 314 /* Check the preferred address is IPv6 if we prefer it and 315 * ClientUseIPv6 is 1, regardless of ClientUseIPv4 */ 316 mocked_options->ClientUseIPv4 = 1; 317 mocked_options->ClientUseIPv6 = 1; 318 node.ipv6_preferred = 1; 319 node_get_pref_orport(&node, &ap); 320 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); 321 tt_assert(ap.port == ipv6_port); 322 323 mocked_options->ClientUseIPv4 = 0; 324 node_get_pref_orport(&node, &ap); 325 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); 326 tt_assert(ap.port == ipv6_port); 327 328 /* Check the preferred address is IPv6 if we don't prefer it, but 329 * ClientUseIPv4 is 0 */ 330 mocked_options->ClientUseIPv4 = 0; 331 mocked_options->ClientUseIPv6 = 1; 332 node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(mocked_options); 333 node_get_pref_orport(&node, &ap); 334 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr)); 335 tt_assert(ap.port == ipv6_port); 336 337 done: 338 or_options_free(mocked_options); 339 UNMOCK(get_options); 340 } 341 342 static void 343 test_entry_guard_describe(void *arg) 344 { 345 (void)arg; 346 entry_guard_t g; 347 memset(&g, 0, sizeof(g)); 348 strlcpy(g.nickname, "okefenokee", sizeof(g.nickname)); 349 memcpy(g.identity, "theforestprimeval---", DIGEST_LEN); 350 351 tt_str_op(entry_guard_describe(&g), OP_EQ, 352 "okefenokee ($746865666F726573747072696D6576616C2D2D2D)"); 353 354 done: 355 ; 356 } 357 358 static void 359 test_entry_guard_randomize_time(void *arg) 360 { 361 const time_t now = 1479153573; 362 const int delay = 86400; 363 const int N = 1000; 364 (void)arg; 365 366 time_t t; 367 int i; 368 for (i = 0; i < N; ++i) { 369 t = randomize_time(now, delay); 370 tt_int_op(t, OP_LE, now); 371 tt_int_op(t, OP_GE, now-delay); 372 } 373 374 /* now try the corner cases */ 375 for (i = 0; i < N; ++i) { 376 t = randomize_time(100, delay); 377 tt_int_op(t, OP_GE, 1); 378 tt_int_op(t, OP_LE, 100); 379 380 t = randomize_time(0, delay); 381 tt_int_op(t, OP_EQ, 1); 382 } 383 384 done: 385 ; 386 } 387 388 static void 389 test_entry_guard_encode_for_state_minimal(void *arg) 390 { 391 (void) arg; 392 entry_guard_t *eg = tor_malloc_zero(sizeof(entry_guard_t)); 393 394 eg->selection_name = tor_strdup("wubwub"); 395 memcpy(eg->identity, "plurpyflurpyslurpydo", DIGEST_LEN); 396 eg->sampled_on_date = 1479081600; 397 eg->confirmed_idx = -1; 398 399 char *s = NULL; 400 s = entry_guard_encode_for_state(eg, 0); 401 402 tt_str_op(s, OP_EQ, 403 "in=wubwub " 404 "rsa_id=706C75727079666C75727079736C75727079646F " 405 "sampled_on=2016-11-14T00:00:00 " 406 "sampled_idx=0 " 407 "listed=0"); 408 409 done: 410 entry_guard_free(eg); 411 tor_free(s); 412 } 413 414 static void 415 test_entry_guard_encode_for_state_maximal(void *arg) 416 { 417 (void) arg; 418 entry_guard_t *eg = tor_malloc_zero(sizeof(entry_guard_t)); 419 420 strlcpy(eg->nickname, "Fred", sizeof(eg->nickname)); 421 eg->selection_name = tor_strdup("default"); 422 memcpy(eg->identity, "plurpyflurpyslurpydo", DIGEST_LEN); 423 eg->bridge_addr = tor_malloc_zero(sizeof(tor_addr_port_t)); 424 tor_addr_from_ipv4h(&eg->bridge_addr->addr, 0x08080404); 425 eg->bridge_addr->port = 9999; 426 eg->sampled_on_date = 1479081600; 427 eg->sampled_by_version = tor_strdup("1.2.3"); 428 eg->unlisted_since_date = 1479081645; 429 eg->currently_listed = 1; 430 eg->confirmed_on_date = 1479081690; 431 eg->confirmed_idx = 333; 432 eg->sampled_idx = 42; 433 eg->extra_state_fields = tor_strdup("and the green grass grew all around"); 434 435 char *s = NULL; 436 s = entry_guard_encode_for_state(eg, 0); 437 438 tt_str_op(s, OP_EQ, 439 "in=default " 440 "rsa_id=706C75727079666C75727079736C75727079646F " 441 "bridge_addr=8.8.4.4:9999 " 442 "nickname=Fred " 443 "sampled_on=2016-11-14T00:00:00 " 444 "sampled_idx=0 " 445 "sampled_by=1.2.3 " 446 "unlisted_since=2016-11-14T00:00:45 " 447 "listed=1 " 448 "confirmed_on=2016-11-14T00:01:30 " 449 "confirmed_idx=333 " 450 "and the green grass grew all around"); 451 452 done: 453 entry_guard_free(eg); 454 tor_free(s); 455 } 456 457 static void 458 test_entry_guard_parse_from_state_minimal(void *arg) 459 { 460 (void)arg; 461 char *mem_op_hex_tmp = NULL; 462 entry_guard_t *eg = NULL; 463 time_t t = approx_time(); 464 465 eg = entry_guard_parse_from_state( 466 "in=default_plus " 467 "rsa_id=596f75206d6179206e656564206120686f626279"); 468 tt_assert(eg); 469 470 tt_str_op(eg->selection_name, OP_EQ, "default_plus"); 471 test_mem_op_hex(eg->identity, OP_EQ, 472 "596f75206d6179206e656564206120686f626279"); 473 tt_str_op(eg->nickname, OP_EQ, "$596F75206D6179206E656564206120686F626279"); 474 tt_ptr_op(eg->bridge_addr, OP_EQ, NULL); 475 tt_i64_op(eg->sampled_on_date, OP_GE, t); 476 tt_i64_op(eg->sampled_on_date, OP_LE, t+86400); 477 tt_i64_op(eg->unlisted_since_date, OP_EQ, 0); 478 tt_ptr_op(eg->sampled_by_version, OP_EQ, NULL); 479 tt_int_op(eg->currently_listed, OP_EQ, 0); 480 tt_i64_op(eg->confirmed_on_date, OP_EQ, 0); 481 tt_int_op(eg->confirmed_idx, OP_EQ, -1); 482 483 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0); 484 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 485 486 done: 487 entry_guard_free(eg); 488 tor_free(mem_op_hex_tmp); 489 } 490 491 static void 492 test_entry_guard_parse_from_state_maximal(void *arg) 493 { 494 (void)arg; 495 char *mem_op_hex_tmp = NULL; 496 entry_guard_t *eg = NULL; 497 498 eg = entry_guard_parse_from_state( 499 "in=fred " 500 "rsa_id=706C75727079666C75727079736C75727079646F " 501 "bridge_addr=[1::3]:9999 " 502 "nickname=Fred " 503 "sampled_on=2016-11-14T00:00:00 " 504 "sampled_by=1.2.3 " 505 "unlisted_since=2016-11-14T00:00:45 " 506 "listed=1 " 507 "confirmed_on=2016-11-14T00:01:30 " 508 "confirmed_idx=333 " 509 "and the green grass grew all around " 510 "rsa_id=all,around"); 511 tt_assert(eg); 512 513 test_mem_op_hex(eg->identity, OP_EQ, 514 "706C75727079666C75727079736C75727079646F"); 515 tt_str_op(fmt_addr(&eg->bridge_addr->addr), OP_EQ, "1::3"); 516 tt_int_op(eg->bridge_addr->port, OP_EQ, 9999); 517 tt_str_op(eg->nickname, OP_EQ, "Fred"); 518 tt_i64_op(eg->sampled_on_date, OP_EQ, 1479081600); 519 tt_i64_op(eg->unlisted_since_date, OP_EQ, 1479081645); 520 tt_str_op(eg->sampled_by_version, OP_EQ, "1.2.3"); 521 tt_int_op(eg->currently_listed, OP_EQ, 1); 522 tt_i64_op(eg->confirmed_on_date, OP_EQ, 1479081690); 523 tt_int_op(eg->confirmed_idx, OP_EQ, 333); 524 tt_str_op(eg->extra_state_fields, OP_EQ, 525 "and the green grass grew all around rsa_id=all,around"); 526 527 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0); 528 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 529 530 done: 531 entry_guard_free(eg); 532 tor_free(mem_op_hex_tmp); 533 } 534 535 static void 536 test_entry_guard_parse_from_state_failure(void *arg) 537 { 538 (void)arg; 539 entry_guard_t *eg = NULL; 540 541 /* no selection */ 542 eg = entry_guard_parse_from_state( 543 "rsa_id=596f75206d6179206e656564206120686f626270"); 544 tt_ptr_op(eg, OP_EQ, NULL); 545 546 /* no RSA ID. */ 547 eg = entry_guard_parse_from_state("in=default nickname=Fred"); 548 tt_ptr_op(eg, OP_EQ, NULL); 549 550 /* Bad RSA ID: bad character. */ 551 eg = entry_guard_parse_from_state( 552 "in=default " 553 "rsa_id=596f75206d6179206e656564206120686f62627q"); 554 tt_ptr_op(eg, OP_EQ, NULL); 555 556 /* Bad RSA ID: too long.*/ 557 eg = entry_guard_parse_from_state( 558 "in=default " 559 "rsa_id=596f75206d6179206e656564206120686f6262703"); 560 tt_ptr_op(eg, OP_EQ, NULL); 561 562 /* Bad RSA ID: too short.*/ 563 eg = entry_guard_parse_from_state( 564 "in=default " 565 "rsa_id=596f75206d6179206e65656420612"); 566 tt_ptr_op(eg, OP_EQ, NULL); 567 568 done: 569 entry_guard_free(eg); 570 } 571 572 static void 573 test_entry_guard_parse_from_state_partial_failure(void *arg) 574 { 575 (void)arg; 576 char *mem_op_hex_tmp = NULL; 577 entry_guard_t *eg = NULL; 578 time_t t = approx_time(); 579 580 eg = entry_guard_parse_from_state( 581 "in=default " 582 "rsa_id=706C75727079666C75727079736C75727079646F " 583 "bridge_addr=1.2.3.3.4:5 " 584 "nickname=FredIsANodeWithAStrangeNicknameThatIsTooLong " 585 "sampled_on=2016-11-14T00:00:99 " 586 "sampled_by=1.2.3 stuff in the middle " 587 "unlisted_since=2016-xx-14T00:00:45 " 588 "listed=0 " 589 "confirmed_on=2016-11-14T00:01:30zz " 590 "confirmed_idx=idx " 591 "and the green grass grew all around " 592 "rsa_id=all,around"); 593 tt_assert(eg); 594 595 test_mem_op_hex(eg->identity, OP_EQ, 596 "706C75727079666C75727079736C75727079646F"); 597 tt_str_op(eg->nickname, OP_EQ, "FredIsANodeWithAStrangeNicknameThatIsTooL"); 598 tt_ptr_op(eg->bridge_addr, OP_EQ, NULL); 599 tt_i64_op(eg->sampled_on_date, OP_EQ, t); 600 tt_i64_op(eg->unlisted_since_date, OP_EQ, 0); 601 tt_str_op(eg->sampled_by_version, OP_EQ, "1.2.3"); 602 tt_int_op(eg->currently_listed, OP_EQ, 0); 603 tt_i64_op(eg->confirmed_on_date, OP_EQ, 0); 604 tt_int_op(eg->confirmed_idx, OP_EQ, -1); 605 tt_str_op(eg->extra_state_fields, OP_EQ, 606 "stuff in the middle and the green grass grew all around " 607 "rsa_id=all,around"); 608 609 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0); 610 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 611 612 done: 613 entry_guard_free(eg); 614 tor_free(mem_op_hex_tmp); 615 } 616 617 static int 618 mock_entry_guard_is_listed(guard_selection_t *gs, const entry_guard_t *guard) 619 { 620 (void)gs; 621 (void)guard; 622 return 1; 623 } 624 625 static void 626 test_entry_guard_parse_from_state_full(void *arg) 627 { 628 (void)arg; 629 /* Here's a state I made while testing. The identities and locations for 630 * the bridges are redacted. */ 631 const char STATE[] = 632 "Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 " 633 "nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 " 634 "sampled_idx=0 " 635 "sampled_by=0.3.0.0-alpha-dev " 636 "listed=1\n" 637 "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 " 638 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 " 639 "sampled_idx=1 " 640 "sampled_by=0.3.0.0-alpha-dev " 641 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 " 642 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 " 643 "pb_successful_circuits_closed=2.000000\n" 644 "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " 645 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " 646 "sampled_idx=2 " 647 "sampled_by=0.3.0.0-alpha-dev " 648 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 " 649 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 " 650 "pb_successful_circuits_closed=5.000000\n" 651 "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " 652 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " 653 "sampled_idx=0 " 654 "sampled_by=0.3.0.0-alpha-dev " 655 "listed=1\n" 656 "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E " 657 "nickname=maibrunn sampled_on=2016-11-25T22:36:38 " 658 "sampled_idx=3 " 659 "sampled_by=0.3.0.0-alpha-dev listed=1\n" 660 "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E " 661 "nickname=Unnamed sampled_on=2016-11-25T14:34:00 " 662 "sampled_idx=10 " 663 "sampled_by=0.3.0.0-alpha-dev listed=1\n" 664 "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E " 665 "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 " 666 "sampled_idx=0 " 667 "sampled_by=0.3.0.0-alpha-dev listed=1 " 668 "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 " 669 "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 " 670 "pb_successful_circuits_closed=13.000000\n" 671 "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 " 672 "bridge_addr=37.218.246.143:28366 " 673 "sampled_on=2016-11-18T15:07:34 sampled_idx=1 " 674 "sampled_by=0.3.0.0-alpha-dev listed=1\n"; 675 676 config_line_t *lines = NULL; 677 or_state_t *state = tor_malloc_zero(sizeof(or_state_t)); 678 int r = config_get_lines(STATE, &lines, 0); 679 char *msg = NULL; 680 smartlist_t *text = smartlist_new(); 681 char *joined = NULL; 682 683 // So nodes aren't expired. This is Tue, 13 Dec 2016 09:37:14 GMT 684 update_approx_time(1481621834); 685 686 MOCK(entry_guard_is_listed, mock_entry_guard_is_listed); 687 688 dummy_state = state; 689 MOCK(get_or_state, 690 get_or_state_replacement); 691 692 tt_int_op(r, OP_EQ, 0); 693 tt_assert(lines); 694 695 state->Guard = lines; 696 697 /* Try it first without setting the result. */ 698 r = entry_guards_parse_state(state, 0, &msg); 699 tt_int_op(r, OP_EQ, 0); 700 guard_selection_t *gs_br = 701 get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0); 702 tt_ptr_op(gs_br, OP_EQ, NULL); 703 704 r = entry_guards_parse_state(state, 1, &msg); 705 tt_int_op(r, OP_EQ, 0); 706 gs_br = get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0); 707 guard_selection_t *gs_df = 708 get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0); 709 guard_selection_t *gs_wb = 710 get_guard_selection_by_name("wobblesome", GS_TYPE_NORMAL, 0); 711 712 tt_assert(gs_br); 713 tt_assert(gs_df); 714 tt_assert(gs_wb); 715 716 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 5); 717 tt_int_op(smartlist_len(gs_br->sampled_entry_guards), OP_EQ, 2); 718 tt_int_op(smartlist_len(gs_wb->sampled_entry_guards), OP_EQ, 1); 719 720 /* Try again; make sure it doesn't double-add the guards. */ 721 r = entry_guards_parse_state(state, 1, &msg); 722 tt_int_op(r, OP_EQ, 0); 723 gs_br = get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0); 724 gs_df = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0); 725 tt_assert(gs_br); 726 tt_assert(gs_df); 727 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 5); 728 tt_int_op(smartlist_len(gs_br->sampled_entry_guards), OP_EQ, 2); 729 730 /* Re-encode; it should be the same... almost. */ 731 { 732 /* (Make a guard nonpersistent first) */ 733 entry_guard_t *g = smartlist_get(gs_df->sampled_entry_guards, 0); 734 g->is_persistent = 0; 735 } 736 config_free_lines(lines); 737 lines = state->Guard = NULL; // to prevent double-free. 738 entry_guards_update_state(state); 739 tt_assert(state->Guard); 740 lines = state->Guard; 741 742 config_line_t *ln; 743 for (ln = lines; ln; ln = ln->next) { 744 smartlist_add_asprintf(text, "%s %s\n",ln->key, ln->value); 745 } 746 joined = smartlist_join_strings(text, "", 0, NULL); 747 tt_str_op(joined, OP_EQ, 748 "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 " 749 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 " 750 "sampled_idx=0 " 751 "sampled_by=0.3.0.0-alpha-dev " 752 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 " 753 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 " 754 "pb_successful_circuits_closed=2.000000\n" 755 "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " 756 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " 757 "sampled_idx=1 " 758 "sampled_by=0.3.0.0-alpha-dev " 759 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 " 760 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 " 761 "pb_successful_circuits_closed=5.000000\n" 762 "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E " 763 "nickname=maibrunn sampled_on=2016-11-25T22:36:38 " 764 "sampled_idx=2 " 765 "sampled_by=0.3.0.0-alpha-dev listed=1\n" 766 "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E " 767 "nickname=Unnamed sampled_on=2016-11-25T14:34:00 " 768 "sampled_idx=3 " 769 "sampled_by=0.3.0.0-alpha-dev listed=1\n" 770 "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " 771 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " 772 "sampled_idx=0 " 773 "sampled_by=0.3.0.0-alpha-dev " 774 "listed=1\n" 775 "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E " 776 "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 " 777 "sampled_idx=0 " 778 "sampled_by=0.3.0.0-alpha-dev listed=1 " 779 "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 " 780 "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 " 781 "pb_successful_circuits_closed=13.000000\n" 782 "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 " 783 "bridge_addr=37.218.246.143:28366 " 784 "sampled_on=2016-11-18T15:07:34 sampled_idx=1 " 785 "sampled_by=0.3.0.0-alpha-dev listed=1\n"); 786 787 done: 788 config_free_lines(lines); 789 tor_free(state); 790 tor_free(msg); 791 UNMOCK(get_or_state); 792 UNMOCK(entry_guard_is_listed); 793 SMARTLIST_FOREACH(text, char *, cp, tor_free(cp)); 794 smartlist_free(text); 795 tor_free(joined); 796 } 797 798 static void 799 test_entry_guard_parse_from_state_broken(void *arg) 800 { 801 (void)arg; 802 /* Here's a variation on the previous state. Every line but the first is 803 * busted somehow. */ 804 const char STATE[] = 805 /* Okay. */ 806 "Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 " 807 "nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 " 808 "sampled_by=0.3.0.0-alpha-dev " 809 "listed=1\n" 810 /* No selection listed. */ 811 "Guard rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 " 812 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 " 813 "sampled_by=0.3.0.0-alpha-dev " 814 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 " 815 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 " 816 "pb_successful_circuits_closed=2.000000\n" 817 /* Selection is "legacy"!! */ 818 "Guard in=legacy rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A " 819 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 " 820 "sampled_by=0.3.0.0-alpha-dev " 821 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 " 822 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 " 823 "pb_successful_circuits_closed=5.000000\n"; 824 825 config_line_t *lines = NULL; 826 or_state_t *state = tor_malloc_zero(sizeof(or_state_t)); 827 int r = config_get_lines(STATE, &lines, 0); 828 char *msg = NULL; 829 830 dummy_state = state; 831 MOCK(get_or_state, 832 get_or_state_replacement); 833 834 tt_int_op(r, OP_EQ, 0); 835 tt_assert(lines); 836 837 state->Guard = lines; 838 839 /* First, no-set case. we should get an error. */ 840 r = entry_guards_parse_state(state, 0, &msg); 841 tt_int_op(r, OP_LT, 0); 842 tt_ptr_op(msg, OP_NE, NULL); 843 /* And we shouldn't have made anything. */ 844 guard_selection_t *gs_df = 845 get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0); 846 tt_ptr_op(gs_df, OP_EQ, NULL); 847 tor_free(msg); 848 849 /* Now see about the set case (which shouldn't happen IRL) */ 850 r = entry_guards_parse_state(state, 1, &msg); 851 tt_int_op(r, OP_LT, 0); 852 tt_ptr_op(msg, OP_NE, NULL); 853 gs_df = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0); 854 tt_ptr_op(gs_df, OP_NE, NULL); 855 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 1); 856 857 done: 858 config_free_lines(lines); 859 tor_free(state); 860 tor_free(msg); 861 UNMOCK(get_or_state); 862 } 863 864 static void 865 test_entry_guard_get_guard_selection_by_name(void *arg) 866 { 867 (void)arg; 868 guard_selection_t *gs1, *gs2, *gs3; 869 870 gs1 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 0); 871 tt_ptr_op(gs1, OP_EQ, NULL); 872 gs1 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 1); 873 tt_ptr_op(gs1, OP_NE, NULL); 874 gs2 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 1); 875 tt_assert(gs2 == gs1); 876 gs2 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 0); 877 tt_assert(gs2 == gs1); 878 879 gs2 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 0); 880 tt_ptr_op(gs2, OP_EQ, NULL); 881 gs2 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 1); 882 tt_ptr_op(gs2, OP_NE, NULL); 883 tt_assert(gs2 != gs1); 884 gs3 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 0); 885 tt_assert(gs3 == gs2); 886 887 gs3 = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0); 888 tt_ptr_op(gs3, OP_EQ, NULL); 889 gs3 = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 1); 890 tt_ptr_op(gs3, OP_NE, NULL); 891 tt_assert(gs3 != gs2); 892 tt_assert(gs3 != gs1); 893 tt_assert(gs3 == get_guard_selection_info()); 894 895 done: 896 entry_guards_free_all(); 897 } 898 899 static void 900 test_entry_guard_choose_selection_initial(void *arg) 901 { 902 /* Tests for picking our initial guard selection (based on having had 903 * no previous selection */ 904 (void)arg; 905 guard_selection_type_t type = GS_TYPE_INFER; 906 const char *name = choose_guard_selection(get_options(), 907 dummy_consensus, NULL, &type); 908 tt_str_op(name, OP_EQ, "default"); 909 tt_int_op(type, OP_EQ, GS_TYPE_NORMAL); 910 911 /* If we're using bridges, we get the bridge selection. */ 912 get_options_mutable()->UseBridges = 1; 913 name = choose_guard_selection(get_options(), 914 dummy_consensus, NULL, &type); 915 tt_str_op(name, OP_EQ, "bridges"); 916 tt_int_op(type, OP_EQ, GS_TYPE_BRIDGE); 917 get_options_mutable()->UseBridges = 0; 918 919 /* If we discard >99% of our guards, though, we should be in the restricted 920 * set. */ 921 tt_assert(get_options_mutable()->EntryNodes == NULL); 922 get_options_mutable()->EntryNodes = routerset_new(); 923 routerset_parse(get_options_mutable()->EntryNodes, "1.0.0.0/8", "foo"); 924 name = choose_guard_selection(get_options(), 925 dummy_consensus, NULL, &type); 926 tt_str_op(name, OP_EQ, "restricted"); 927 tt_int_op(type, OP_EQ, GS_TYPE_RESTRICTED); 928 929 done: 930 ; 931 } 932 933 static void 934 test_entry_guard_add_single_guard(void *arg) 935 { 936 (void)arg; 937 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 938 939 /* 1: Add a single guard to the sample. */ 940 node_t *n1 = smartlist_get(big_fake_net_nodes, 0); 941 time_t now = approx_time(); 942 tt_assert(n1->is_possible_guard == 1); 943 entry_guard_t *g1 = entry_guard_add_to_sample(gs, n1); 944 tt_assert(g1); 945 946 /* Make sure its fields look right. */ 947 tt_mem_op(n1->identity, OP_EQ, g1->identity, DIGEST_LEN); 948 tt_i64_op(g1->sampled_on_date, OP_GE, now - 12*86400); 949 tt_i64_op(g1->sampled_on_date, OP_LE, now); 950 tt_str_op(g1->sampled_by_version, OP_EQ, VERSION); 951 tt_uint_op(g1->currently_listed, OP_EQ, 1); 952 tt_i64_op(g1->confirmed_on_date, OP_EQ, 0); 953 tt_int_op(g1->confirmed_idx, OP_EQ, -1); 954 tt_int_op(g1->last_tried_to_connect, OP_EQ, 0); 955 tt_uint_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 956 tt_i64_op(g1->failing_since, OP_EQ, 0); 957 tt_uint_op(g1->is_filtered_guard, OP_EQ, 1); 958 tt_uint_op(g1->is_usable_filtered_guard, OP_EQ, 1); 959 tt_uint_op(g1->is_primary, OP_EQ, 0); 960 tt_ptr_op(g1->extra_state_fields, OP_EQ, NULL); 961 962 /* Make sure it got added. */ 963 tt_int_op(1, OP_EQ, smartlist_len(gs->sampled_entry_guards)); 964 tt_ptr_op(g1, OP_EQ, smartlist_get(gs->sampled_entry_guards, 0)); 965 tt_ptr_op(g1, OP_EQ, get_sampled_guard_with_id(gs, (uint8_t*)n1->identity)); 966 const uint8_t bad_id[20] = {0}; 967 tt_ptr_op(NULL, OP_EQ, get_sampled_guard_with_id(gs, bad_id)); 968 969 done: 970 guard_selection_free(gs); 971 } 972 973 static void 974 test_entry_guard_node_filter(void *arg) 975 { 976 (void)arg; 977 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 978 bridge_line_t *bl = NULL; 979 980 /* Initialize a bunch of node objects that are all guards. */ 981 #define NUM 7 982 node_t *n[NUM]; 983 entry_guard_t *g[NUM]; 984 int i; 985 for (i=0; i < NUM; ++i) { 986 n[i] = smartlist_get(big_fake_net_nodes, i*2); // even ones are guards. 987 g[i] = entry_guard_add_to_sample(gs, n[i]); 988 989 // everything starts out filtered-in 990 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 1); 991 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 1); 992 } 993 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, NUM); 994 995 /* Make sure refiltering doesn't hurt */ 996 entry_guards_update_filtered_sets(gs); 997 for (i = 0; i < NUM; ++i) { 998 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 1); 999 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 1); 1000 } 1001 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, NUM); 1002 1003 /* Now start doing things to make the guards get filtered out, 1 by 1. */ 1004 1005 /* 0: Not listed. */ 1006 g[0]->currently_listed = 0; 1007 1008 /* 1: path bias says this guard is maybe eeeevil. */ 1009 g[1]->pb.path_bias_disabled = 1; 1010 1011 /* 2: Unreachable address. */ 1012 tor_addr_make_unspec(&n[2]->rs->ipv4_addr); 1013 1014 /* 3: ExcludeNodes */ 1015 tor_addr_from_ipv4h(&n[3]->rs->ipv4_addr, 0x90902020); 1016 routerset_free(get_options_mutable()->ExcludeNodes); 1017 get_options_mutable()->ExcludeNodes = routerset_new(); 1018 routerset_parse(get_options_mutable()->ExcludeNodes, "144.144.0.0/16", ""); 1019 1020 /* 4: Bridge. */ 1021 get_options_mutable()->UseBridges = 1; 1022 sweep_bridge_list(); 1023 bl = tor_malloc_zero(sizeof(bridge_line_t)); 1024 tor_addr_copy(&bl->addr, &n[4]->rs->ipv4_addr); 1025 bl->port = n[4]->rs->ipv4_orport; 1026 memcpy(bl->digest, n[4]->identity, 20); 1027 bridge_add_from_config(bl); 1028 bl = NULL; // prevent free. 1029 get_options_mutable()->UseBridges = 0; 1030 1031 /* 5: Unreachable. This stays in the filter, but isn't in usable-filtered */ 1032 g[5]->last_tried_to_connect = approx_time(); // prevent retry. 1033 g[5]->is_reachable = GUARD_REACHABLE_NO; 1034 1035 /* 6: no change. */ 1036 1037 /* Now refilter and inspect. */ 1038 entry_guards_update_filtered_sets(gs); 1039 for (i = 0; i < NUM; ++i) { 1040 tt_assert(g[i]->is_filtered_guard == (i == 5 || i == 6)); 1041 tt_assert(g[i]->is_usable_filtered_guard == (i == 6)); 1042 } 1043 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 1); 1044 1045 /* Now make sure we have no live consensus, and no nodes. Nothing should 1046 * pass the filter any more. */ 1047 tor_free(dummy_consensus); 1048 dummy_consensus = NULL; 1049 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, node, { 1050 memset(node->identity, 0xff, 20); 1051 }); 1052 entry_guards_update_filtered_sets(gs); 1053 for (i = 0; i < NUM; ++i) { 1054 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 0); 1055 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 0); 1056 } 1057 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 0); 1058 1059 done: 1060 guard_selection_free(gs); 1061 tor_free(bl); 1062 #undef NUM 1063 } 1064 1065 static void 1066 test_entry_guard_expand_sample(void *arg) 1067 { 1068 (void)arg; 1069 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1070 digestmap_t *node_by_id = digestmap_new(); 1071 1072 entry_guard_t *guard = entry_guards_expand_sample(gs); 1073 tt_assert(guard); // the last guard returned. 1074 1075 // Every sampled guard here should be filtered and reachable for now. 1076 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 1077 num_reachable_filtered_guards(gs, NULL)); 1078 1079 /* Make sure we got the right number. */ 1080 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ, 1081 num_reachable_filtered_guards(gs, NULL)); 1082 1083 // Make sure everything we got was from our fake node list, and everything 1084 // was unique. 1085 SMARTLIST_FOREACH_BEGIN(gs->sampled_entry_guards, entry_guard_t *, g) { 1086 const node_t *n = bfn_mock_node_get_by_id(g->identity); 1087 tt_assert(n); 1088 tt_ptr_op(NULL, OP_EQ, digestmap_get(node_by_id, g->identity)); 1089 digestmap_set(node_by_id, g->identity, (void*) n); 1090 int idx = smartlist_pos(big_fake_net_nodes, n); 1091 // The even ones are the guards; make sure we got guards. 1092 tt_int_op(idx & 1, OP_EQ, 0); 1093 } SMARTLIST_FOREACH_END(g); 1094 1095 // Nothing became unusable/unfiltered, so a subsequent expand should 1096 // make no changes. 1097 guard = entry_guards_expand_sample(gs); 1098 tt_ptr_op(guard, OP_EQ, NULL); // no guard was added. 1099 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ, 1100 num_reachable_filtered_guards(gs, NULL)); 1101 1102 // Make a few guards unreachable. 1103 guard = smartlist_get(gs->sampled_entry_guards, 0); 1104 guard->is_usable_filtered_guard = 0; 1105 guard = smartlist_get(gs->sampled_entry_guards, 1); 1106 guard->is_usable_filtered_guard = 0; 1107 guard = smartlist_get(gs->sampled_entry_guards, 2); 1108 guard->is_usable_filtered_guard = 0; 1109 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE - 3, OP_EQ, 1110 num_reachable_filtered_guards(gs, NULL)); 1111 1112 // This time, expanding the sample will add some more guards. 1113 guard = entry_guards_expand_sample(gs); 1114 tt_assert(guard); // no guard was added. 1115 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ, 1116 num_reachable_filtered_guards(gs, NULL)); 1117 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 1118 num_reachable_filtered_guards(gs, NULL)+3); 1119 1120 // Still idempotent. 1121 guard = entry_guards_expand_sample(gs); 1122 tt_ptr_op(guard, OP_EQ, NULL); // no guard was added. 1123 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ, 1124 num_reachable_filtered_guards(gs, NULL)); 1125 1126 // Now, do a nasty trick: tell the filter to exclude 31/32 of the guards. 1127 // This will cause the sample size to get reeeeally huge, while the 1128 // filtered sample size grows only slowly. 1129 routerset_free(get_options_mutable()->ExcludeNodes); 1130 get_options_mutable()->ExcludeNodes = routerset_new(); 1131 routerset_parse(get_options_mutable()->ExcludeNodes, "144.144.0.0/16", ""); 1132 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, { 1133 if (n_sl_idx % 64 != 0) { 1134 tor_addr_from_ipv4h(&n->rs->ipv4_addr, 0x90903030); 1135 } 1136 }); 1137 entry_guards_update_filtered_sets(gs); 1138 1139 // Surely (p ~ 1-2**-60), one of our guards has been excluded. 1140 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_LT, 1141 DFLT_MIN_FILTERED_SAMPLE_SIZE); 1142 1143 // Try to regenerate the guards. 1144 guard = entry_guards_expand_sample(gs); 1145 tt_assert(guard); // no guard was added. 1146 1147 /* this time, it's possible that we didn't add enough sampled guards. */ 1148 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_LE, 1149 DFLT_MIN_FILTERED_SAMPLE_SIZE); 1150 /* but we definitely didn't exceed the sample maximum. */ 1151 const int n_guards = 271 / 2; 1152 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_LE, 1153 (int)(n_guards * .3)); 1154 1155 done: 1156 guard_selection_free(gs); 1157 digestmap_free(node_by_id, NULL); 1158 } 1159 1160 static void 1161 test_entry_guard_expand_sample_small_net(void *arg) 1162 { 1163 (void)arg; 1164 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1165 1166 /* Fun corner case: not enough guards to make up our whole sample size. */ 1167 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, { 1168 if (n_sl_idx >= 15) { 1169 test_node_free(n); 1170 SMARTLIST_DEL_CURRENT(big_fake_net_nodes, n); 1171 } else { 1172 tor_addr_make_unspec(&n->rs->ipv4_addr); // make the filter reject this. 1173 } 1174 }); 1175 1176 entry_guard_t *guard = entry_guards_expand_sample(gs); 1177 tt_assert(guard); // the last guard returned -- some guard was added. 1178 // half the nodes are guards, so we have 8 guards left. The set 1179 // is small, so we sampled everything. 1180 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 8); 1181 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 0); 1182 done: 1183 guard_selection_free(gs); 1184 } 1185 1186 static void 1187 test_entry_guard_update_from_consensus_status(void *arg) 1188 { 1189 /* Here we're going to have some nodes become un-guardy, and say we got a 1190 * new consensus. This should cause those nodes to get detected as 1191 * unreachable. */ 1192 1193 (void)arg; 1194 int i; 1195 time_t start = approx_time(); 1196 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1197 networkstatus_t *ns_tmp = NULL; 1198 1199 /* Don't randomly backdate stuff; it will make correctness harder to check.*/ 1200 MOCK(randomize_time, mock_randomize_time_no_randomization); 1201 1202 /* First, sample some guards. */ 1203 entry_guards_expand_sample(gs); 1204 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards); 1205 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL); 1206 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre); 1207 tt_i64_op(n_sampled_pre, OP_GT, 10); 1208 1209 /* At this point, it should be a no-op to do this: */ 1210 sampled_guards_update_from_consensus(gs); 1211 1212 /* Now let's make some of our guards become unlisted. The easiest way to 1213 * do that would be to take away their guard flag. */ 1214 for (i = 0; i < 5; ++i) { 1215 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1216 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1217 tt_assert(n); 1218 n->is_possible_guard = 0; 1219 } 1220 1221 update_approx_time(start + 30); 1222 { 1223 /* try this with no live networkstatus. Nothing should happen! */ 1224 ns_tmp = dummy_consensus; 1225 dummy_consensus = NULL; 1226 sampled_guards_update_from_consensus(gs); 1227 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre); 1228 tt_i64_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre); 1229 /* put the networkstatus back. */ 1230 dummy_consensus = ns_tmp; 1231 ns_tmp = NULL; 1232 } 1233 1234 /* Now those guards should become unlisted, and drop off the filter, but 1235 * stay in the sample. */ 1236 update_approx_time(start + 60); 1237 sampled_guards_update_from_consensus(gs); 1238 1239 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre); 1240 tt_i64_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre-5); 1241 for (i = 0; i < 5; ++i) { 1242 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1243 tt_assert(! g->currently_listed); 1244 tt_i64_op(g->unlisted_since_date, OP_EQ, start+60); 1245 } 1246 for (i = 5; i < n_sampled_pre; ++i) { 1247 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1248 tt_assert(g->currently_listed); 1249 tt_i64_op(g->unlisted_since_date, OP_EQ, 0); 1250 } 1251 1252 /* Now re-list one, and remove one completely. */ 1253 { 1254 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 0); 1255 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1256 tt_assert(n); 1257 n->is_possible_guard = 1; 1258 } 1259 { 1260 /* try removing the node, to make sure we don't crash on an absent node 1261 */ 1262 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 5); 1263 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1264 tt_assert(n); 1265 smartlist_remove(big_fake_net_nodes, n); 1266 test_node_free(n); 1267 } 1268 update_approx_time(start + 300); 1269 sampled_guards_update_from_consensus(gs); 1270 1271 /* guards 1..5 are now unlisted; 0,6,7.. are listed. */ 1272 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre); 1273 for (i = 1; i < 6; ++i) { 1274 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1275 tt_assert(! g->currently_listed); 1276 if (i == 5) 1277 tt_i64_op(g->unlisted_since_date, OP_EQ, start+300); 1278 else 1279 tt_i64_op(g->unlisted_since_date, OP_EQ, start+60); 1280 } 1281 for (i = 0; i < n_sampled_pre; i = (!i) ? 6 : i+1) { /* 0,6,7,8, ... */ 1282 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1283 tt_assert(g->currently_listed); 1284 tt_i64_op(g->unlisted_since_date, OP_EQ, 0); 1285 } 1286 1287 done: 1288 tor_free(ns_tmp); /* in case we couldn't put it back */ 1289 guard_selection_free(gs); 1290 UNMOCK(randomize_time); 1291 } 1292 1293 static void 1294 test_entry_guard_update_from_consensus_repair(void *arg) 1295 { 1296 /* Here we'll make sure that our code to repair the unlisted-since 1297 * times is correct. */ 1298 1299 (void)arg; 1300 int i; 1301 time_t start = approx_time(); 1302 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1303 1304 /* Don't randomly backdate stuff; it will make correctness harder to check.*/ 1305 MOCK(randomize_time, mock_randomize_time_no_randomization); 1306 1307 /* First, sample some guards. */ 1308 entry_guards_expand_sample(gs); 1309 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards); 1310 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL); 1311 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre); 1312 tt_i64_op(n_sampled_pre, OP_GT, 10); 1313 1314 /* Now corrupt the list a bit. Call some unlisted-since-never, and some 1315 * listed-and-unlisted-since-a-time. */ 1316 update_approx_time(start + 300); 1317 for (i = 0; i < 3; ++i) { 1318 /* these will get a date. */ 1319 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1320 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1321 tt_assert(n); 1322 n->is_possible_guard = 0; 1323 g->currently_listed = 0; 1324 } 1325 for (i = 3; i < 6; ++i) { 1326 /* these will become listed. */ 1327 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1328 g->unlisted_since_date = start+100; 1329 } 1330 setup_full_capture_of_logs(LOG_WARN); 1331 sampled_guards_update_from_consensus(gs); 1332 expect_log_msg_containing( 1333 "was listed, but with unlisted_since_date set"); 1334 expect_log_msg_containing( 1335 "was unlisted, but with unlisted_since_date unset"); 1336 teardown_capture_of_logs(); 1337 1338 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre); 1339 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre-3); 1340 for (i = 3; i < n_sampled_pre; ++i) { 1341 /* these will become listed. */ 1342 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i); 1343 if (i < 3) { 1344 tt_assert(! g->currently_listed); 1345 tt_i64_op(g->unlisted_since_date, OP_EQ, start+300); 1346 } else { 1347 tt_assert(g->currently_listed); 1348 tt_i64_op(g->unlisted_since_date, OP_EQ, 0); 1349 } 1350 } 1351 1352 done: 1353 teardown_capture_of_logs(); 1354 guard_selection_free(gs); 1355 UNMOCK(randomize_time); 1356 } 1357 1358 static void 1359 test_entry_guard_update_from_consensus_remove(void *arg) 1360 { 1361 /* Now let's check the logic responsible for removing guards from the 1362 * sample entirely. */ 1363 1364 (void)arg; 1365 //int i; 1366 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1367 smartlist_t *keep_ids = smartlist_new(); 1368 smartlist_t *remove_ids = smartlist_new(); 1369 1370 /* Don't randomly backdate stuff; it will make correctness harder to check.*/ 1371 MOCK(randomize_time, mock_randomize_time_no_randomization); 1372 1373 /* First, sample some guards. */ 1374 entry_guards_expand_sample(gs); 1375 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards); 1376 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL); 1377 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre); 1378 tt_i64_op(n_sampled_pre, OP_GT, 10); 1379 1380 const time_t one_day_ago = approx_time() - 1*24*60*60; 1381 const time_t one_year_ago = approx_time() - 365*24*60*60; 1382 const time_t two_years_ago = approx_time() - 2*365*24*60*60; 1383 /* 0: unlisted for a day. (keep this) */ 1384 { 1385 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 0); 1386 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1387 tt_assert(n); 1388 n->is_possible_guard = 0; 1389 g->currently_listed = 0; 1390 g->unlisted_since_date = one_day_ago; 1391 smartlist_add(keep_ids, tor_memdup(g->identity, 20)); 1392 } 1393 /* 1: unlisted for a year. (remove this) */ 1394 { 1395 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 1); 1396 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity); 1397 tt_assert(n); 1398 n->is_possible_guard = 0; 1399 g->currently_listed = 0; 1400 g->unlisted_since_date = one_year_ago; 1401 smartlist_add(remove_ids, tor_memdup(g->identity, 20)); 1402 } 1403 /* 2: added a day ago, never confirmed. (keep this) */ 1404 { 1405 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 2); 1406 g->sampled_on_date = one_day_ago; 1407 smartlist_add(keep_ids, tor_memdup(g->identity, 20)); 1408 } 1409 /* 3: added a year ago, never confirmed. (remove this) */ 1410 { 1411 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 3); 1412 g->sampled_on_date = one_year_ago; 1413 smartlist_add(remove_ids, tor_memdup(g->identity, 20)); 1414 } 1415 /* 4: added two year ago, confirmed yesterday, primary. (keep this.) */ 1416 { 1417 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 4); 1418 g->sampled_on_date = one_year_ago; 1419 g->confirmed_on_date = one_day_ago; 1420 g->confirmed_idx = 0; 1421 g->is_primary = 1; 1422 smartlist_add(gs->confirmed_entry_guards, g); 1423 smartlist_add(gs->primary_entry_guards, g); 1424 smartlist_add(keep_ids, tor_memdup(g->identity, 20)); 1425 } 1426 /* 5: added two years ago, confirmed a year ago, primary. (remove this) */ 1427 { 1428 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 5); 1429 g->sampled_on_date = two_years_ago; 1430 g->confirmed_on_date = one_year_ago; 1431 g->confirmed_idx = 1; 1432 g->is_primary = 1; 1433 smartlist_add(gs->confirmed_entry_guards, g); 1434 smartlist_add(gs->primary_entry_guards, g); 1435 smartlist_add(remove_ids, tor_memdup(g->identity, 20)); 1436 } 1437 1438 sampled_guards_update_from_consensus(gs); 1439 1440 /* Did we remove the right ones? */ 1441 SMARTLIST_FOREACH(keep_ids, uint8_t *, id, { 1442 tt_assert(get_sampled_guard_with_id(gs, id) != NULL); 1443 }); 1444 SMARTLIST_FOREACH(remove_ids, uint8_t *, id, { 1445 tt_want(get_sampled_guard_with_id(gs, id) == NULL); 1446 }); 1447 1448 /* Did we remove the right number? */ 1449 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre - 3); 1450 1451 done: 1452 guard_selection_free(gs); 1453 UNMOCK(randomize_time); 1454 SMARTLIST_FOREACH(keep_ids, char *, cp, tor_free(cp)); 1455 SMARTLIST_FOREACH(remove_ids, char *, cp, tor_free(cp)); 1456 smartlist_free(keep_ids); 1457 smartlist_free(remove_ids); 1458 } 1459 1460 static void 1461 test_entry_guard_confirming_guards(void *arg) 1462 { 1463 (void)arg; 1464 /* Now let's check the logic responsible for manipulating the list 1465 * of confirmed guards */ 1466 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1467 MOCK(randomize_time, mock_randomize_time_no_randomization); 1468 1469 /* Create the sample. */ 1470 entry_guards_expand_sample(gs); 1471 1472 /* Confirm a few guards. */ 1473 time_t start = approx_time(); 1474 entry_guard_t *g1 = smartlist_get(gs->sampled_entry_guards, 0); 1475 entry_guard_t *g2 = smartlist_get(gs->sampled_entry_guards, 1); 1476 entry_guard_t *g3 = smartlist_get(gs->sampled_entry_guards, 8); 1477 make_guard_confirmed(gs, g2); 1478 update_approx_time(start + 10); 1479 make_guard_confirmed(gs, g1); 1480 make_guard_confirmed(gs, g3); 1481 1482 /* Were the correct dates and indices fed in? */ 1483 tt_int_op(g1->confirmed_idx, OP_EQ, 1); 1484 tt_int_op(g2->confirmed_idx, OP_EQ, 0); 1485 tt_int_op(g3->confirmed_idx, OP_EQ, 2); 1486 tt_i64_op(g1->confirmed_on_date, OP_EQ, start+10); 1487 tt_i64_op(g2->confirmed_on_date, OP_EQ, start); 1488 tt_i64_op(g3->confirmed_on_date, OP_EQ, start+10); 1489 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1); 1490 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2); 1491 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3); 1492 1493 /* Now make sure we can regenerate the confirmed_entry_guards list. */ 1494 smartlist_clear(gs->confirmed_entry_guards); 1495 g2->confirmed_idx = 0; 1496 g1->confirmed_idx = 10; 1497 g3->confirmed_idx = 100; 1498 entry_guards_update_confirmed(gs); 1499 tt_int_op(g1->confirmed_idx, OP_EQ, 1); 1500 tt_int_op(g2->confirmed_idx, OP_EQ, 0); 1501 tt_int_op(g3->confirmed_idx, OP_EQ, 2); 1502 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1); 1503 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2); 1504 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3); 1505 1506 /* Now make sure we can regenerate the confirmed_entry_guards list if 1507 * the indices are messed up. */ 1508 g1->confirmed_idx = g2->confirmed_idx = g3->confirmed_idx = 999; 1509 smartlist_clear(gs->confirmed_entry_guards); 1510 entry_guards_update_confirmed(gs); 1511 tt_int_op(g1->confirmed_idx, OP_GE, 0); 1512 tt_int_op(g2->confirmed_idx, OP_GE, 0); 1513 tt_int_op(g3->confirmed_idx, OP_GE, 0); 1514 tt_int_op(g1->confirmed_idx, OP_LE, 2); 1515 tt_int_op(g2->confirmed_idx, OP_LE, 2); 1516 tt_int_op(g3->confirmed_idx, OP_LE, 2); 1517 g1 = smartlist_get(gs->confirmed_entry_guards, 0); 1518 g2 = smartlist_get(gs->confirmed_entry_guards, 1); 1519 g3 = smartlist_get(gs->confirmed_entry_guards, 2); 1520 tt_int_op(g1->sampled_idx, OP_EQ, 0); 1521 tt_int_op(g2->sampled_idx, OP_EQ, 1); 1522 tt_int_op(g3->sampled_idx, OP_EQ, 8); 1523 tt_assert(g1 != g2); 1524 tt_assert(g1 != g3); 1525 tt_assert(g2 != g3); 1526 1527 done: 1528 UNMOCK(randomize_time); 1529 guard_selection_free(gs); 1530 } 1531 1532 static void 1533 test_entry_guard_sample_reachable_filtered(void *arg) 1534 { 1535 (void)arg; 1536 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1537 entry_guards_expand_sample(gs); 1538 1539 /* We've got a sampled list now; let's make one non-usable-filtered; some 1540 * confirmed, some primary, some pending. 1541 */ 1542 int n_guards = smartlist_len(gs->sampled_entry_guards); 1543 tt_int_op(n_guards, OP_GT, 10); 1544 entry_guard_t *g; 1545 g = smartlist_get(gs->sampled_entry_guards, 0); 1546 g->is_pending = 1; 1547 g = smartlist_get(gs->sampled_entry_guards, 1); 1548 make_guard_confirmed(gs, g); 1549 g = smartlist_get(gs->sampled_entry_guards, 2); 1550 g->is_primary = 1; 1551 g = smartlist_get(gs->sampled_entry_guards, 3); 1552 g->pb.path_bias_disabled = 1; 1553 1554 entry_guards_update_filtered_sets(gs); 1555 gs->primary_guards_up_to_date = 1; 1556 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_guards - 1); 1557 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards); 1558 1559 // +1 since the one we made disabled will make another one get added. 1560 ++n_guards; 1561 1562 /* Try a bunch of selections. */ 1563 const struct { 1564 int flag; int idx; 1565 } tests[] = { 1566 { 0, -1 }, 1567 { SAMPLE_EXCLUDE_CONFIRMED, 1 }, 1568 { SAMPLE_EXCLUDE_PRIMARY|SAMPLE_NO_UPDATE_PRIMARY, 2 }, 1569 { SAMPLE_EXCLUDE_PENDING, 0 }, 1570 { -1, -1}, 1571 }; 1572 int j; 1573 for (j = 0; tests[j].flag >= 0; ++j) { 1574 const int excluded_flags = tests[j].flag; 1575 const int excluded_idx = tests[j].idx; 1576 g = first_reachable_filtered_entry_guard(gs, NULL, excluded_flags); 1577 tor_assert(g); 1578 int pos = smartlist_pos(gs->sampled_entry_guards, g); 1579 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards); 1580 const int should_be_set = (pos != excluded_idx && 1581 pos != 3); // filtered out. 1582 tt_int_op(1, OP_EQ, should_be_set); 1583 } 1584 1585 done: 1586 guard_selection_free(gs); 1587 } 1588 1589 static void 1590 test_entry_guard_sample_reachable_filtered_empty(void *arg) 1591 { 1592 (void)arg; 1593 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1594 /* What if we try to sample from a set of 0? */ 1595 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, 1596 n->is_possible_guard = 0); 1597 1598 entry_guard_t *g = first_reachable_filtered_entry_guard(gs, NULL, 0); 1599 tt_ptr_op(g, OP_EQ, NULL); 1600 1601 done: 1602 guard_selection_free(gs); 1603 } 1604 1605 static void 1606 test_entry_guard_retry_unreachable(void *arg) 1607 { 1608 (void)arg; 1609 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1610 1611 entry_guards_expand_sample(gs); 1612 /* Let's say that we have two guards, and they're down. 1613 */ 1614 time_t start = approx_time(); 1615 entry_guard_t *g1 = smartlist_get(gs->sampled_entry_guards, 0); 1616 entry_guard_t *g2 = smartlist_get(gs->sampled_entry_guards, 1); 1617 entry_guard_t *g3 = smartlist_get(gs->sampled_entry_guards, 2); 1618 g1->is_reachable = GUARD_REACHABLE_NO; 1619 g2->is_reachable = GUARD_REACHABLE_NO; 1620 g1->is_primary = 1; 1621 g1->failing_since = g2->failing_since = start; 1622 g1->last_tried_to_connect = g2->last_tried_to_connect = start; 1623 1624 /* Wait 5 minutes. Nothing will get retried. */ 1625 update_approx_time(start + 5 * 60); 1626 entry_guard_consider_retry(g1); 1627 entry_guard_consider_retry(g2); 1628 entry_guard_consider_retry(g3); // just to make sure this doesn't crash. 1629 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 1630 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 1631 tt_int_op(g3->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1632 1633 /* After 30 min, the primary one gets retried */ 1634 update_approx_time(start + 35 * 60); 1635 entry_guard_consider_retry(g1); 1636 entry_guard_consider_retry(g2); 1637 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1638 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 1639 1640 g1->is_reachable = GUARD_REACHABLE_NO; 1641 g1->last_tried_to_connect = start + 55*60; 1642 1643 /* After 1 hour, we'll retry the nonprimary one. */ 1644 update_approx_time(start + 61 * 60); 1645 entry_guard_consider_retry(g1); 1646 entry_guard_consider_retry(g2); 1647 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 1648 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1649 1650 g2->is_reachable = GUARD_REACHABLE_NO; 1651 g2->last_tried_to_connect = start + 61*60; 1652 1653 /* And then the primary one again. */ 1654 update_approx_time(start + 66 * 60); 1655 entry_guard_consider_retry(g1); 1656 entry_guard_consider_retry(g2); 1657 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1658 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 1659 1660 done: 1661 guard_selection_free(gs); 1662 } 1663 1664 static void 1665 test_entry_guard_manage_primary(void *arg) 1666 { 1667 (void)arg; 1668 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1669 smartlist_t *prev_guards = smartlist_new(); 1670 1671 /* If no guards are confirmed, we should pick a few reachable guards and 1672 * call them all primary. But not confirmed.*/ 1673 entry_guards_update_primary(gs); 1674 int n_primary = smartlist_len(gs->primary_entry_guards); 1675 tt_int_op(n_primary, OP_GE, 1); 1676 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, { 1677 tt_assert(g->is_primary); 1678 tt_assert(g->confirmed_idx == -1); 1679 }); 1680 1681 /* Calling it a second time should leave the guards unchanged. */ 1682 smartlist_add_all(prev_guards, gs->primary_entry_guards); 1683 entry_guards_update_primary(gs); 1684 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary); 1685 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, { 1686 tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx)); 1687 }); 1688 1689 /** 1690 * If we have one confirmed guard, that guards becomes the first primary 1691 * only if its sampled_idx is smaller 1692 * */ 1693 1694 /* find a non-primary guard... it should have a sampled_idx higher than 1695 * existing primary guards */ 1696 entry_guard_t *confirmed = NULL; 1697 SMARTLIST_FOREACH(gs->sampled_entry_guards, entry_guard_t *, g, { 1698 if (! g->is_primary) { 1699 confirmed = g; 1700 break; 1701 } 1702 }); 1703 tt_assert(confirmed); 1704 /* make it confirmed. */ 1705 make_guard_confirmed(gs, confirmed); 1706 /* update the list... */ 1707 smartlist_clear(prev_guards); 1708 smartlist_add_all(prev_guards, gs->primary_entry_guards); 1709 entry_guards_update_primary(gs); 1710 1711 /* the confirmed guard should be at the end of the primary list! Hopefully, 1712 * one of the primary guards with a lower sampled_idx will confirm soon :) 1713 * Doing this won't make the client switches between primaries depending on 1714 * the order of confirming events */ 1715 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary); 1716 tt_ptr_op(smartlist_get(gs->primary_entry_guards, 1717 smartlist_len(gs->primary_entry_guards)-1), OP_EQ, confirmed); 1718 { 1719 entry_guard_t *prev_last_guard = smartlist_get(prev_guards, n_primary-1); 1720 tt_assert(! prev_last_guard->is_primary); 1721 } 1722 1723 /* Calling it a fourth time should leave the guards unchanged. */ 1724 smartlist_clear(prev_guards); 1725 smartlist_add_all(prev_guards, gs->primary_entry_guards); 1726 entry_guards_update_primary(gs); 1727 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary); 1728 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, { 1729 tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx)); 1730 }); 1731 1732 /* Do some dirinfo checks */ 1733 { 1734 /* Check that we have all required dirinfo for the primaries (that's done 1735 * in big_fake_network_setup()) */ 1736 char *dir_info_str = 1737 guard_selection_get_err_str_if_dir_info_missing(gs, 0, 0, 0); 1738 tt_assert(!dir_info_str); 1739 1740 /* Now artificially remove the first primary's descriptor and re-check */ 1741 entry_guard_t *first_primary; 1742 first_primary = smartlist_get(gs->primary_entry_guards, 0); 1743 /* Change the first primary's identity digest so that the mocked functions 1744 * can't find its descriptor */ 1745 memset(first_primary->identity, 9, sizeof(first_primary->identity)); 1746 dir_info_str =guard_selection_get_err_str_if_dir_info_missing(gs, 1, 2, 3); 1747 tt_str_op(dir_info_str, OP_EQ, 1748 "We're missing descriptors for 1/2 of our primary entry guards " 1749 "(total microdescriptors: 2/3). That's ok. We will try to fetch " 1750 "missing descriptors soon."); 1751 tor_free(dir_info_str); 1752 } 1753 1754 done: 1755 guard_selection_free(gs); 1756 smartlist_free(prev_guards); 1757 } 1758 1759 static void 1760 test_entry_guard_guard_preferred(void *arg) 1761 { 1762 (void) arg; 1763 entry_guard_t *g1 = tor_malloc_zero(sizeof(entry_guard_t)); 1764 entry_guard_t *g2 = tor_malloc_zero(sizeof(entry_guard_t)); 1765 1766 g1->confirmed_idx = g2->confirmed_idx = -1; 1767 g1->last_tried_to_connect = approx_time(); 1768 g2->last_tried_to_connect = approx_time(); 1769 1770 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g1)); 1771 1772 /* Neither is pending; priorities equal. */ 1773 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1774 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1775 1776 /* If one is pending, the pending one has higher priority */ 1777 g1->is_pending = 1; 1778 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1779 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1780 1781 /* If both are pending, and last_tried_to_connect is equal: 1782 priorities equal */ 1783 g2->is_pending = 1; 1784 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1785 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1786 1787 /* One had a connection that startied earlier: it has higher priority. */ 1788 g2->last_tried_to_connect -= 10; 1789 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1790 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1791 1792 /* Now, say that g1 is confirmed. It will get higher priority. */ 1793 g1->confirmed_idx = 5; 1794 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1795 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1796 1797 /* But if g2 was confirmed first, it will get priority */ 1798 g2->confirmed_idx = 2; 1799 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g2, g1)); 1800 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2)); 1801 1802 done: 1803 tor_free(g1); 1804 tor_free(g2); 1805 } 1806 1807 static void 1808 test_entry_guard_correct_cascading_order(void *arg) 1809 { 1810 (void)arg; 1811 smartlist_t *old_primary_guards = smartlist_new(); 1812 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1813 entry_guards_expand_sample(gs); 1814 /** First, a test in which the primary guards need be pulled from different 1815 * lists to fill up the primary list -- this may happen, if for example, not 1816 * enough guards have confirmed yet */ 1817 entry_guard_t *g; 1818 /** just one confirmed */ 1819 g = smartlist_get(gs->sampled_entry_guards, 2); 1820 make_guard_confirmed(gs, g); 1821 entry_guards_update_primary(gs); 1822 g = smartlist_get(gs->primary_entry_guards, 0); 1823 tt_int_op(g->sampled_idx, OP_EQ, 0); 1824 g = smartlist_get(gs->primary_entry_guards, 1); 1825 tt_int_op(g->sampled_idx, OP_EQ, 1); 1826 g = smartlist_get(gs->primary_entry_guards, 2); 1827 tt_int_op(g->sampled_idx, OP_EQ, 2); 1828 1829 /** Now the primaries get all confirmed, and the primary list should not 1830 * change */ 1831 make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 0)); 1832 make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 1)); 1833 smartlist_add_all(old_primary_guards, gs->primary_entry_guards); 1834 entry_guards_update_primary(gs); 1835 smartlist_ptrs_eq(gs->primary_entry_guards, old_primary_guards); 1836 /** the confirmed guards should also have the same set of guards, in the same 1837 * order :-) */ 1838 smartlist_ptrs_eq(gs->confirmed_entry_guards, gs->primary_entry_guards); 1839 /** Now select a guard for a circuit, and make sure it is the first primary 1840 * guard */ 1841 unsigned state = 9999; 1842 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1843 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0)); 1844 /** Now, let's mark this guard as unreachable and let's update the lists */ 1845 g->is_reachable = GUARD_REACHABLE_NO; 1846 g->failing_since = approx_time() - 10; 1847 g->last_tried_to_connect = approx_time() - 10; 1848 state = 9999; 1849 entry_guards_update_primary(gs); 1850 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1851 /** we should have switched to the next one is sampled order */ 1852 tt_int_op(g->sampled_idx, OP_EQ, 1); 1853 done: 1854 smartlist_free(old_primary_guards); 1855 guard_selection_free(gs); 1856 } 1857 1858 static void 1859 test_entry_guard_select_for_circuit_no_confirmed(void *arg) 1860 { 1861 /* Simpler cases: no gaurds are confirmed yet. */ 1862 (void)arg; 1863 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1864 entry_guard_restriction_t *rst = NULL; 1865 1866 /* simple starting configuration */ 1867 entry_guards_update_primary(gs); 1868 unsigned state = 9999; 1869 1870 entry_guard_t *g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, 1871 NULL, &state); 1872 1873 tt_assert(g); 1874 tt_assert(g->is_primary); 1875 tt_int_op(g->confirmed_idx, OP_EQ, -1); 1876 tt_uint_op(g->is_pending, OP_EQ, 0); // primary implies non-pending. 1877 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 1878 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time()); 1879 1880 // If we do that again, we should get the same guard. 1881 entry_guard_t *g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, 1882 NULL, &state); 1883 tt_ptr_op(g2, OP_EQ, g); 1884 1885 // if we mark that guard down, we should get a different primary guard. 1886 // auto-retry it. 1887 g->is_reachable = GUARD_REACHABLE_NO; 1888 g->failing_since = approx_time() - 10; 1889 g->last_tried_to_connect = approx_time() - 10; 1890 state = 9999; 1891 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1892 tt_ptr_op(g2, OP_NE, g); 1893 tt_assert(g2); 1894 tt_assert(g2->is_primary); 1895 tt_int_op(g2->confirmed_idx, OP_EQ, -1); 1896 tt_uint_op(g2->is_pending, OP_EQ, 0); // primary implies non-pending. 1897 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 1898 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 1899 1900 // If we say that the first primary guard was last tried a long time ago, we 1901 // should get an automatic retry on it. 1902 g->failing_since = approx_time() - 72*60*60; 1903 g->last_tried_to_connect = approx_time() - 72*60*60; 1904 state = 9999; 1905 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1906 tt_ptr_op(g2, OP_EQ, g); 1907 tt_assert(g2); 1908 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 1909 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 1910 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1911 1912 // And if we mark ALL the primary guards down, we should get another guard 1913 // at random. 1914 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, { 1915 guard->is_reachable = GUARD_REACHABLE_NO; 1916 guard->last_tried_to_connect = approx_time() - 5; 1917 guard->failing_since = approx_time() - 30; 1918 }); 1919 state = 9999; 1920 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1921 tt_assert(g2); 1922 tt_assert(!g2->is_primary); 1923 tt_int_op(g2->confirmed_idx, OP_EQ, -1); 1924 tt_uint_op(g2->is_pending, OP_EQ, 1); 1925 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 1926 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 1927 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1928 1929 // As a bonus, maybe we should be retrying the primary guards. Let's say so. 1930 mark_primary_guards_maybe_reachable(gs); 1931 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, { 1932 tt_int_op(guard->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 1933 tt_assert(guard->is_usable_filtered_guard == 1); 1934 // no change to these fields. 1935 tt_i64_op(guard->last_tried_to_connect, OP_EQ, approx_time() - 5); 1936 tt_i64_op(guard->failing_since, OP_EQ, approx_time() - 30); 1937 }); 1938 1939 /* Let's try again and we should get the first primary guard again */ 1940 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1941 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0)); 1942 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1943 tt_ptr_op(g2, OP_EQ, g); 1944 1945 /* But if we impose a restriction, we don't get the same guard */ 1946 get_options_mutable()->EnforceDistinctSubnets = 0; 1947 rst = guard_create_exit_restriction((uint8_t*)g->identity); 1948 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state); 1949 tt_assert(g2); 1950 tt_ptr_op(g2, OP_NE, g); 1951 1952 done: 1953 guard_selection_free(gs); 1954 entry_guard_restriction_free(rst); 1955 } 1956 1957 static void 1958 test_entry_guard_select_for_circuit_confirmed(void *arg) 1959 { 1960 /* Case 2: if all the primary guards are down, and there are more confirmed 1961 guards, we use a confirmed guard. */ 1962 (void)arg; 1963 int i; 1964 entry_guard_restriction_t *rst = NULL; 1965 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 1966 const int N_CONFIRMED = 10; 1967 1968 /* slightly more complicated simple starting configuration */ 1969 entry_guards_update_primary(gs); 1970 for (i = 0; i < N_CONFIRMED; ++i) { 1971 entry_guard_t *guard = smartlist_get(gs->sampled_entry_guards, i); 1972 make_guard_confirmed(gs, guard); 1973 } 1974 entry_guards_update_primary(gs); // rebuild the primary list. 1975 1976 unsigned state = 9999; 1977 1978 // As above, this gives us a primary guard. 1979 entry_guard_t *g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, 1980 NULL, &state); 1981 tt_assert(g); 1982 tt_assert(g->is_primary); 1983 tt_int_op(g->confirmed_idx, OP_EQ, 0); 1984 tt_uint_op(g->is_pending, OP_EQ, 0); // primary implies non-pending. 1985 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 1986 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time()); 1987 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0)); 1988 1989 // But if we mark all the primary guards down... 1990 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, { 1991 guard->last_tried_to_connect = approx_time(); 1992 entry_guards_note_guard_failure(gs, guard); 1993 }); 1994 1995 // ... we should get a confirmed guard. 1996 state = 9999; 1997 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 1998 tt_assert(g); 1999 tt_assert(! g->is_primary); 2000 tt_int_op(g->confirmed_idx, OP_EQ, smartlist_len(gs->primary_entry_guards)); 2001 tt_assert(g->is_pending); 2002 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2003 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time()); 2004 2005 // And if we try again, we should get a different confirmed guard, since 2006 // that one is pending. 2007 state = 9999; 2008 entry_guard_t *g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, 2009 NULL, &state); 2010 tt_assert(g2); 2011 tt_assert(! g2->is_primary); 2012 tt_ptr_op(g2, OP_NE, g); 2013 tt_int_op(g2->confirmed_idx, OP_EQ, 2014 smartlist_len(gs->primary_entry_guards)+1); 2015 tt_assert(g2->is_pending); 2016 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2017 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 2018 2019 // If we say that the next confirmed guard in order is excluded, and 2020 // we disable EnforceDistinctSubnets, we get the guard AFTER the 2021 // one we excluded. 2022 get_options_mutable()->EnforceDistinctSubnets = 0; 2023 g = smartlist_get(gs->confirmed_entry_guards, 2024 smartlist_len(gs->primary_entry_guards)+2); 2025 rst = guard_create_exit_restriction((uint8_t*)g->identity); 2026 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state); 2027 tt_ptr_op(g2, OP_NE, NULL); 2028 tt_ptr_op(g2, OP_NE, g); 2029 tt_int_op(g2->confirmed_idx, OP_EQ, 2030 smartlist_len(gs->primary_entry_guards)+3); 2031 2032 // If we make every confirmed guard become pending then we start poking 2033 // other guards. 2034 const int n_remaining_confirmed = 2035 N_CONFIRMED - 3 - smartlist_len(gs->primary_entry_guards); 2036 for (i = 0; i < n_remaining_confirmed; ++i) { 2037 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 2038 tt_int_op(g->confirmed_idx, OP_GE, 0); 2039 tt_assert(g); 2040 } 2041 state = 9999; 2042 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state); 2043 tt_assert(g); 2044 tt_assert(g->is_pending); 2045 tt_int_op(g->confirmed_idx, OP_EQ, -1); 2046 2047 // If we EnforceDistinctSubnets and apply a restriction, we get 2048 // nothing, since we put all of the nodes in the same /16. 2049 // Regression test for bug 22753/TROVE-2017-006. 2050 get_options_mutable()->EnforceDistinctSubnets = 1; 2051 g = smartlist_get(gs->confirmed_entry_guards, 0); 2052 memcpy(rst->exclude_id, g->identity, DIGEST_LEN); 2053 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state); 2054 tt_ptr_op(g2, OP_EQ, NULL); 2055 2056 done: 2057 guard_selection_free(gs); 2058 entry_guard_restriction_free(rst); 2059 } 2060 2061 static void 2062 test_entry_guard_select_for_circuit_highlevel_primary(void *arg) 2063 { 2064 /* Play around with selecting primary guards for circuits and markign 2065 * them up and down */ 2066 (void)arg; 2067 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 2068 2069 time_t start = approx_time(); 2070 2071 const node_t *node = NULL; 2072 circuit_guard_state_t *guard = NULL; 2073 entry_guard_t *g; 2074 guard_usable_t u; 2075 /* 2076 * Make sure that the pick-for-circuit API basically works. We'll get 2077 * a primary guard, so it'll be usable on completion. 2078 */ 2079 int r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2080 &node, &guard); 2081 2082 tt_int_op(r, OP_EQ, 0); 2083 tt_assert(node); 2084 tt_assert(guard); 2085 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2086 g = entry_guard_handle_get(guard->guard); 2087 tt_assert(g); 2088 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN); 2089 tt_int_op(g->is_primary, OP_EQ, 1); 2090 tt_i64_op(g->last_tried_to_connect, OP_EQ, start); 2091 tt_int_op(g->confirmed_idx, OP_EQ, -1); 2092 2093 /* Call that circuit successful. */ 2094 update_approx_time(start+15); 2095 u = entry_guard_succeeded(&guard); 2096 tt_int_op(u, OP_EQ, GUARD_USABLE_NOW); /* We can use it now. */ 2097 tt_assert(guard); 2098 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2099 g = entry_guard_handle_get(guard->guard); 2100 tt_assert(g); 2101 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_YES); 2102 tt_int_op(g->confirmed_idx, OP_EQ, 0); 2103 2104 circuit_guard_state_free(guard); 2105 guard = NULL; 2106 node = NULL; 2107 g = NULL; 2108 2109 /* Try again. We'll also get a primary guard this time. (The same one, 2110 in fact.) But this time, we'll say the connection has failed. */ 2111 update_approx_time(start+35); 2112 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2113 &node, &guard); 2114 tt_int_op(r, OP_EQ, 0); 2115 tt_assert(node); 2116 tt_assert(guard); 2117 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2118 tt_i64_op(guard->state_set_at, OP_EQ, start+35); 2119 g = entry_guard_handle_get(guard->guard); 2120 tt_assert(g); 2121 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN); 2122 tt_int_op(g->is_primary, OP_EQ, 1); 2123 tt_i64_op(g->last_tried_to_connect, OP_EQ, start+35); 2124 tt_int_op(g->confirmed_idx, OP_EQ, 0); // same one. 2125 2126 /* It's failed! What will happen to our poor guard? */ 2127 update_approx_time(start+45); 2128 entry_guard_failed(&guard); 2129 tt_assert(guard); 2130 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_DEAD); 2131 tt_i64_op(guard->state_set_at, OP_EQ, start+45); 2132 g = entry_guard_handle_get(guard->guard); 2133 tt_assert(g); 2134 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 2135 tt_i64_op(g->failing_since, OP_EQ, start+45); 2136 tt_int_op(g->confirmed_idx, OP_EQ, 0); // still confirmed. 2137 2138 circuit_guard_state_free(guard); 2139 guard = NULL; 2140 node = NULL; 2141 entry_guard_t *g_prev = g; 2142 g = NULL; 2143 2144 /* Now try a third time. Since the other one is down, we'll get a different 2145 * (still primary) guard. 2146 */ 2147 update_approx_time(start+60); 2148 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2149 &node, &guard); 2150 tt_int_op(r, OP_EQ, 0); 2151 tt_assert(node); 2152 tt_assert(guard); 2153 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2154 g = entry_guard_handle_get(guard->guard); 2155 tt_assert(g); 2156 tt_ptr_op(g, OP_NE, g_prev); 2157 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN); 2158 tt_mem_op(g->identity, OP_NE, g_prev->identity, DIGEST_LEN); 2159 tt_int_op(g->is_primary, OP_EQ, 1); 2160 tt_i64_op(g->last_tried_to_connect, OP_EQ, start+60); 2161 tt_int_op(g->confirmed_idx, OP_EQ, -1); // not confirmed now. 2162 2163 /* Call this one up; watch it get confirmed. */ 2164 update_approx_time(start+90); 2165 u = entry_guard_succeeded(&guard); 2166 tt_int_op(u, OP_EQ, GUARD_USABLE_NOW); 2167 tt_assert(guard); 2168 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2169 g = entry_guard_handle_get(guard->guard); 2170 tt_assert(g); 2171 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_YES); 2172 tt_int_op(g->confirmed_idx, OP_EQ, 1); 2173 2174 done: 2175 guard_selection_free(gs); 2176 circuit_guard_state_free(guard); 2177 } 2178 2179 static void 2180 test_entry_guard_select_for_circuit_highlevel_confirm_other(void *arg) 2181 { 2182 (void) arg; 2183 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS; 2184 2185 /* At the start, we have no confirmed guards. We'll mark the primary guards 2186 * down, then confirm something else. As soon as we do, it should become 2187 * primary, and we should get it next time. */ 2188 2189 time_t start = approx_time(); 2190 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 2191 circuit_guard_state_t *guard = NULL; 2192 int i, r; 2193 const node_t *node = NULL; 2194 guard_usable_t u; 2195 2196 /* Declare that we're on the internet. */ 2197 entry_guards_note_internet_connectivity(gs); 2198 2199 /* Primary guards are down! */ 2200 for (i = 0; i < N_PRIMARY; ++i) { 2201 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2202 &node, &guard); 2203 tt_assert(node); 2204 tt_assert(guard); 2205 tt_int_op(r, OP_EQ, 0); 2206 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2207 entry_guard_failed(&guard); 2208 circuit_guard_state_free(guard); 2209 guard = NULL; 2210 node = NULL; 2211 } 2212 2213 /* Next guard should be non-primary. */ 2214 node = NULL; 2215 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2216 &node, &guard); 2217 tt_assert(node); 2218 tt_assert(guard); 2219 tt_int_op(r, OP_EQ, 0); 2220 entry_guard_t *g = entry_guard_handle_get(guard->guard); 2221 tt_assert(g); 2222 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2223 tt_int_op(g->confirmed_idx, OP_EQ, -1); 2224 tt_int_op(g->is_primary, OP_EQ, 0); 2225 tt_int_op(g->is_pending, OP_EQ, 1); 2226 (void)start; 2227 2228 u = entry_guard_succeeded(&guard); 2229 /* We're on the internet (by fiat), so this guard will get called "confirmed" 2230 * and should immediately become primary. 2231 */ 2232 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2233 tt_assert(u == GUARD_USABLE_NOW); 2234 tt_int_op(g->confirmed_idx, OP_EQ, 0); 2235 tt_int_op(g->is_primary, OP_EQ, 1); 2236 tt_int_op(g->is_pending, OP_EQ, 0); 2237 2238 done: 2239 guard_selection_free(gs); 2240 circuit_guard_state_free(guard); 2241 } 2242 2243 static void 2244 test_entry_guard_select_for_circuit_highlevel_primary_retry(void *arg) 2245 { 2246 (void) arg; 2247 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS; 2248 2249 /* At the start, we have no confirmed guards. We'll mark the primary guards 2250 * down, then confirm something else. As soon as we do, it should become 2251 * primary, and we should get it next time. */ 2252 2253 time_t start = approx_time(); 2254 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 2255 circuit_guard_state_t *guard = NULL, *guard2 = NULL; 2256 int i, r; 2257 const node_t *node = NULL; 2258 entry_guard_t *g; 2259 guard_usable_t u; 2260 2261 /* Declare that we're on the internet. */ 2262 entry_guards_note_internet_connectivity(gs); 2263 2264 /* Make primary guards confirmed (so they won't be superseded by a later 2265 * guard), then mark them down. */ 2266 for (i = 0; i < N_PRIMARY; ++i) { 2267 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2268 &node, &guard); 2269 tt_assert(node); 2270 tt_assert(guard); 2271 tt_int_op(r, OP_EQ, 0); 2272 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2273 g = entry_guard_handle_get(guard->guard); 2274 make_guard_confirmed(gs, g); 2275 tt_int_op(g->is_primary, OP_EQ, 1); 2276 entry_guard_failed(&guard); 2277 circuit_guard_state_free(guard); 2278 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_NO); 2279 guard = NULL; 2280 node = NULL; 2281 } 2282 2283 /* Get another guard that we might try. */ 2284 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2285 &node, &guard); 2286 tt_assert(node); 2287 tt_assert(guard); 2288 tt_int_op(r, OP_EQ, 0); 2289 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2290 g = entry_guard_handle_get(guard->guard); 2291 tt_int_op(g->is_primary, OP_EQ, 0); 2292 2293 tt_assert(entry_guards_all_primary_guards_are_down(gs)); 2294 2295 /* And an hour has passed ... */ 2296 update_approx_time(start + 3600); 2297 2298 /* Say that guard has succeeded! */ 2299 u = entry_guard_succeeded(&guard); 2300 tt_int_op(u, OP_EQ, GUARD_MAYBE_USABLE_LATER); 2301 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD); 2302 g = entry_guard_handle_get(guard->guard); 2303 2304 /* The primary guards should have been marked up! */ 2305 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, pg, { 2306 tt_int_op(pg->is_primary, OP_EQ, 1); 2307 tt_ptr_op(g, OP_NE, pg); 2308 tt_int_op(pg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE); 2309 }); 2310 2311 /* Have a circuit to a primary guard succeed. */ 2312 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2313 &node, &guard2); 2314 tt_int_op(r, OP_EQ, 0); 2315 tt_int_op(guard2->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2316 u = entry_guard_succeeded(&guard2); 2317 tt_assert(u == GUARD_USABLE_NOW); 2318 tt_int_op(guard2->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2319 2320 tt_assert(! entry_guards_all_primary_guards_are_down(gs)); 2321 2322 done: 2323 guard_selection_free(gs); 2324 circuit_guard_state_free(guard); 2325 circuit_guard_state_free(guard2); 2326 } 2327 2328 static void 2329 test_entry_guard_select_for_circuit_exit_family_restriction(void *arg) 2330 { 2331 (void) arg; 2332 entry_guard_restriction_t *rst = NULL; 2333 entry_guard_restriction_t *rst2 = NULL; 2334 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 2335 int retval; 2336 unsigned state = 9999; 2337 2338 /* Create our circuit */ 2339 circuit_t *circ = dummy_origin_circuit_new(30); 2340 origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); 2341 oc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); 2342 2343 /* First pick the exit and pin it on the build_state */ 2344 retval = onion_pick_cpath_exit(oc, NULL); 2345 tt_int_op(retval, OP_EQ, 0); 2346 2347 /* Then pick a guard */ 2348 entry_guards_update_primary(gs); 2349 entry_guard_t *g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, 2350 NULL, &state); 2351 2352 tt_assert(g); 2353 tt_assert(g->is_primary); 2354 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2355 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time()); 2356 2357 /* Add the guard and the exit to each others' families */ 2358 get_options_mutable()->EnforceDistinctSubnets = 0; 2359 const char* exit_id = 2360 (const char*)build_state_get_exit_rsa_id(oc->build_state); 2361 const node_t *exit = node_get_by_id(exit_id); 2362 const node_t *guard = node_get_by_id(g->identity); 2363 exit->md->family = nodefamily_parse((const char*)g->nickname, 2364 node_get_rsa_id_digest(exit),0); 2365 guard->md->family = 2366 nodefamily_parse((const char*)exit->rs->nickname, 2367 node_get_rsa_id_digest(guard),0); 2368 tt_assert(nodefamily_contains_nickname(exit->md->family, 2369 (const char*)g->nickname)); 2370 2371 /* We should get a different guard, after adding the exit restriction */ 2372 rst = guard_create_exit_restriction((const uint8_t*)exit_id); 2373 entry_guard_t *g2 = 2374 select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state); 2375 tt_assert(g2); 2376 tt_assert(g2->is_primary); 2377 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2378 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 2379 tt_ptr_op(g2, OP_NE, g); 2380 2381 /* Now check that conflux circuits satisfy the exit family restriction */ 2382 rst2 = guard_create_conflux_restriction(oc, (const uint8_t*)exit_id); 2383 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst2, &state); 2384 tt_assert(g2); 2385 tt_assert(g2->is_primary); 2386 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2387 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time()); 2388 tt_ptr_op(g2, OP_NE, g); 2389 2390 done: 2391 circuit_free_(circ); 2392 guard_selection_free(gs); 2393 entry_guard_restriction_free(rst); 2394 entry_guard_restriction_free(rst2); 2395 } 2396 2397 static void 2398 test_entry_guard_select_and_cancel(void *arg) 2399 { 2400 (void) arg; 2401 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS; 2402 int i,r; 2403 const node_t *node = NULL; 2404 circuit_guard_state_t *guard; 2405 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL); 2406 entry_guard_t *g; 2407 2408 /* Once more, we mark all the primary guards down. */ 2409 entry_guards_note_internet_connectivity(gs); 2410 for (i = 0; i < N_PRIMARY; ++i) { 2411 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2412 &node, &guard); 2413 tt_int_op(r, OP_EQ, 0); 2414 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION); 2415 g = entry_guard_handle_get(guard->guard); 2416 tt_int_op(g->is_primary, OP_EQ, 1); 2417 tt_int_op(g->is_pending, OP_EQ, 0); 2418 make_guard_confirmed(gs, g); 2419 entry_guard_failed(&guard); 2420 circuit_guard_state_free(guard); 2421 guard = NULL; 2422 node = NULL; 2423 } 2424 2425 tt_assert(entry_guards_all_primary_guards_are_down(gs)); 2426 2427 /* Now get another guard we could try... */ 2428 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2429 &node, &guard); 2430 tt_assert(node); 2431 tt_assert(guard); 2432 tt_int_op(r, OP_EQ, 0); 2433 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2434 g = entry_guard_handle_get(guard->guard); 2435 tt_int_op(g->is_primary, OP_EQ, 0); 2436 tt_int_op(g->is_pending, OP_EQ, 1); 2437 2438 /* Whoops! We should never have asked for this guard. Cancel the request! */ 2439 entry_guard_cancel(&guard); 2440 tt_ptr_op(guard, OP_EQ, NULL); 2441 tt_int_op(g->is_primary, OP_EQ, 0); 2442 tt_int_op(g->is_pending, OP_EQ, 0); 2443 2444 done: 2445 guard_selection_free(gs); 2446 circuit_guard_state_free(guard); 2447 } 2448 2449 static void 2450 test_entry_guard_drop_guards(void *arg) 2451 { 2452 (void) arg; 2453 int r; 2454 const node_t *node = NULL; 2455 circuit_guard_state_t *guard; 2456 guard_selection_t *gs = get_guard_selection_info(); 2457 2458 // Pick a guard, to get things set up. 2459 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2460 &node, &guard); 2461 tt_int_op(r, OP_EQ, 0); 2462 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_GE, 2463 DFLT_MIN_FILTERED_SAMPLE_SIZE); 2464 tt_ptr_op(gs, OP_EQ, get_guard_selection_info()); 2465 2466 // Drop all the guards! (This is a bad idea....) 2467 remove_all_entry_guards_for_guard_selection(gs); 2468 gs = get_guard_selection_info(); 2469 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 0); 2470 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, 0); 2471 tt_int_op(smartlist_len(gs->confirmed_entry_guards), OP_EQ, 0); 2472 2473 done: 2474 circuit_guard_state_free(guard); 2475 guard_selection_free(gs); 2476 } 2477 2478 /* Unit test setup function: Create a fake network, and set everything up 2479 * for testing the upgrade-a-waiting-circuit code. */ 2480 typedef struct { 2481 guard_selection_t *gs; 2482 time_t start; 2483 circuit_guard_state_t *guard1_state; 2484 circuit_guard_state_t *guard2_state; 2485 entry_guard_t *guard1; 2486 entry_guard_t *guard2; 2487 origin_circuit_t *circ1; 2488 origin_circuit_t *circ2; 2489 smartlist_t *all_origin_circuits; 2490 } upgrade_circuits_data_t; 2491 static void * 2492 upgrade_circuits_setup(const struct testcase_t *testcase) 2493 { 2494 upgrade_circuits_data_t *data = tor_malloc_zero(sizeof(*data)); 2495 guard_selection_t *gs = data->gs = 2496 guard_selection_new("default", GS_TYPE_NORMAL); 2497 circuit_guard_state_t *guard; 2498 const node_t *node; 2499 entry_guard_t *g; 2500 int i; 2501 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS; 2502 const char *argument = testcase->setup_data; 2503 const int make_circ1_succeed = strstr(argument, "c1-done") != NULL; 2504 const int make_circ2_succeed = strstr(argument, "c2-done") != NULL; 2505 2506 big_fake_network_setup(testcase); 2507 2508 /* We're going to set things up in a state where a circuit will be ready to 2509 * be upgraded. Each test can make a single change (or not) that should 2510 * block the upgrade. 2511 */ 2512 2513 /* First, make all the primary guards confirmed, and down. */ 2514 data->start = approx_time(); 2515 entry_guards_note_internet_connectivity(gs); 2516 for (i = 0; i < N_PRIMARY; ++i) { 2517 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &node, &guard); 2518 g = entry_guard_handle_get(guard->guard); 2519 make_guard_confirmed(gs, g); 2520 entry_guard_failed(&guard); 2521 circuit_guard_state_free(guard); 2522 } 2523 2524 /* Grab another couple of guards */ 2525 data->all_origin_circuits = smartlist_new(); 2526 2527 update_approx_time(data->start + 27); 2528 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2529 &node, &data->guard1_state); 2530 origin_circuit_t *circ; 2531 data->circ1 = circ = origin_circuit_new(); 2532 circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; 2533 circ->guard_state = data->guard1_state; 2534 smartlist_add(data->all_origin_circuits, circ); 2535 2536 update_approx_time(data->start + 30); 2537 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, 2538 &node, &data->guard2_state); 2539 data->circ2 = circ = origin_circuit_new(); 2540 circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; 2541 circ->guard_state = data->guard2_state; 2542 smartlist_add(data->all_origin_circuits, circ); 2543 2544 data->guard1 = entry_guard_handle_get(data->guard1_state->guard); 2545 data->guard2 = entry_guard_handle_get(data->guard2_state->guard); 2546 tor_assert(data->guard1 != data->guard2); 2547 tor_assert(data->guard1_state->state == 2548 GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2549 tor_assert(data->guard2_state->state == 2550 GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD); 2551 2552 guard_usable_t r; 2553 update_approx_time(data->start + 32); 2554 if (make_circ1_succeed) { 2555 r = entry_guard_succeeded(&data->guard1_state); 2556 tor_assert(r == GUARD_MAYBE_USABLE_LATER); 2557 tor_assert(data->guard1_state->state == 2558 GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD); 2559 } 2560 update_approx_time(data->start + 33); 2561 if (make_circ2_succeed) { 2562 r = entry_guard_succeeded(&data->guard2_state); 2563 tor_assert(r == GUARD_MAYBE_USABLE_LATER); 2564 tor_assert(data->guard2_state->state == 2565 GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD); 2566 } 2567 2568 return data; 2569 } 2570 static int 2571 upgrade_circuits_cleanup(const struct testcase_t *testcase, void *ptr) 2572 { 2573 upgrade_circuits_data_t *data = ptr; 2574 // circuit_guard_state_free(data->guard1_state); // held in circ1 2575 // circuit_guard_state_free(data->guard2_state); // held in circ2 2576 guard_selection_free(data->gs); 2577 smartlist_free(data->all_origin_circuits); 2578 circuit_free_(TO_CIRCUIT(data->circ1)); 2579 circuit_free_(TO_CIRCUIT(data->circ2)); 2580 tor_free(data); 2581 return big_fake_network_cleanup(testcase, NULL); 2582 } 2583 2584 static void 2585 test_entry_guard_upgrade_a_circuit(void *arg) 2586 { 2587 upgrade_circuits_data_t *data = arg; 2588 2589 /* This is the easy case: we have no COMPLETED circuits, all the 2590 * primary guards are down, we have two WAITING circuits: one will 2591 * get upgraded to COMPLETED! (The one that started first.) 2592 */ 2593 2594 smartlist_t *result = smartlist_new(); 2595 int r; 2596 r = entry_guards_upgrade_waiting_circuits(data->gs, 2597 data->all_origin_circuits, 2598 result); 2599 tt_int_op(r, OP_EQ, 1); 2600 tt_int_op(smartlist_len(result), OP_EQ, 1); 2601 origin_circuit_t *oc = smartlist_get(result, 0); 2602 2603 /* circ1 was started first, so we'll get told to ugrade it... */ 2604 tt_ptr_op(oc, OP_EQ, data->circ1); 2605 2606 /* And the guard state should be complete */ 2607 tt_ptr_op(data->guard1_state, OP_NE, NULL); 2608 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2609 2610 done: 2611 smartlist_free(result); 2612 } 2613 2614 static void 2615 test_entry_guard_upgrade_blocked_by_live_primary_guards(void *arg) 2616 { 2617 upgrade_circuits_data_t *data = arg; 2618 2619 /* If any primary guards might be up, we can't upgrade any waiting 2620 * circuits. 2621 */ 2622 mark_primary_guards_maybe_reachable(data->gs); 2623 2624 smartlist_t *result = smartlist_new(); 2625 int r; 2626 setup_capture_of_logs(LOG_DEBUG); 2627 r = entry_guards_upgrade_waiting_circuits(data->gs, 2628 data->all_origin_circuits, 2629 result); 2630 tt_int_op(r, OP_EQ, 0); 2631 tt_int_op(smartlist_len(result), OP_EQ, 0); 2632 expect_log_msg_containing("not all primary guards were definitely down."); 2633 2634 done: 2635 teardown_capture_of_logs(); 2636 smartlist_free(result); 2637 } 2638 2639 static void 2640 test_entry_guard_upgrade_blocked_by_lack_of_waiting_circuits(void *arg) 2641 { 2642 upgrade_circuits_data_t *data = arg; 2643 2644 /* If no circuits are waiting, we can't upgrade anything. (The test 2645 * setup in this case was told not to make any of the circuits "waiting".) 2646 */ 2647 smartlist_t *result = smartlist_new(); 2648 int r; 2649 setup_capture_of_logs(LOG_DEBUG); 2650 r = entry_guards_upgrade_waiting_circuits(data->gs, 2651 data->all_origin_circuits, 2652 result); 2653 tt_int_op(r, OP_EQ, 0); 2654 tt_int_op(smartlist_len(result), OP_EQ, 0); 2655 expect_log_msg_containing("Considered upgrading guard-stalled circuits, " 2656 "but didn't find any."); 2657 2658 done: 2659 teardown_capture_of_logs(); 2660 smartlist_free(result); 2661 } 2662 2663 static void 2664 test_entry_guard_upgrade_blocked_by_better_circ_complete(void *arg) 2665 { 2666 upgrade_circuits_data_t *data = arg; 2667 2668 /* We'll run through the logic of upgrade_a_circuit below... 2669 * and then try again to make sure that circ2 isn't also upgraded. 2670 */ 2671 2672 smartlist_t *result = smartlist_new(); 2673 int r; 2674 r = entry_guards_upgrade_waiting_circuits(data->gs, 2675 data->all_origin_circuits, 2676 result); 2677 tt_int_op(r, OP_EQ, 1); 2678 tt_int_op(smartlist_len(result), OP_EQ, 1); 2679 origin_circuit_t *oc = smartlist_get(result, 0); 2680 tt_ptr_op(oc, OP_EQ, data->circ1); 2681 tt_ptr_op(data->guard1_state, OP_NE, NULL); 2682 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2683 2684 /* Now, try again. Make sure that circ2 isn't upgraded. */ 2685 smartlist_clear(result); 2686 setup_capture_of_logs(LOG_DEBUG); 2687 r = entry_guards_upgrade_waiting_circuits(data->gs, 2688 data->all_origin_circuits, 2689 result); 2690 tt_int_op(r, OP_EQ, 0); 2691 tt_int_op(smartlist_len(result), OP_EQ, 0); 2692 expect_log_msg_containing("At least one complete circuit had higher " 2693 "priority, so not upgrading."); 2694 2695 done: 2696 teardown_capture_of_logs(); 2697 smartlist_free(result); 2698 } 2699 2700 static void 2701 test_entry_guard_upgrade_not_blocked_by_restricted_circ_complete(void *arg) 2702 { 2703 upgrade_circuits_data_t *data = arg; 2704 2705 /* Once more, let circ1 become complete. But this time, we'll claim 2706 * that circ2 was restricted to not use the same guard as circ1. */ 2707 data->guard2_state->restrictions = 2708 guard_create_exit_restriction((uint8_t*)data->guard1->identity); 2709 2710 smartlist_t *result = smartlist_new(); 2711 int r; 2712 r = entry_guards_upgrade_waiting_circuits(data->gs, 2713 data->all_origin_circuits, 2714 result); 2715 tt_int_op(r, OP_EQ, 1); 2716 tt_int_op(smartlist_len(result), OP_EQ, 1); 2717 origin_circuit_t *oc = smartlist_get(result, 0); 2718 tt_ptr_op(oc, OP_EQ, data->circ1); 2719 tt_ptr_op(data->guard1_state, OP_NE, NULL); 2720 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE); 2721 2722 /* Now, we try again. Since circ2 has a restriction that circ1 doesn't obey, 2723 * circ2 _is_ eligible for upgrade. */ 2724 smartlist_clear(result); 2725 r = entry_guards_upgrade_waiting_circuits(data->gs, 2726 data->all_origin_circuits, 2727 result); 2728 tt_int_op(r, OP_EQ, 1); 2729 tt_int_op(smartlist_len(result), OP_EQ, 1); 2730 origin_circuit_t *oc2 = smartlist_get(result, 0); 2731 tt_ptr_op(oc2, OP_EQ, data->circ2); 2732 2733 done: 2734 smartlist_free(result); 2735 } 2736 2737 static void 2738 test_entry_guard_upgrade_not_blocked_by_worse_circ_complete(void *arg) 2739 { 2740 upgrade_circuits_data_t *data = arg; 2741 smartlist_t *result = smartlist_new(); 2742 /* here we manually make circ2 COMPLETE, and make sure that circ1 2743 * gets made complete anyway, since guard1 has higher priority 2744 */ 2745 update_approx_time(data->start + 300); 2746 data->guard2_state->state = GUARD_CIRC_STATE_COMPLETE; 2747 data->guard2_state->state_set_at = approx_time(); 2748 update_approx_time(data->start + 301); 2749 2750 /* Now, try again. Make sure that circ1 is approved. */ 2751 int r; 2752 r = entry_guards_upgrade_waiting_circuits(data->gs, 2753 data->all_origin_circuits, 2754 result); 2755 tt_int_op(r, OP_EQ, 1); 2756 tt_int_op(smartlist_len(result), OP_EQ, 1); 2757 origin_circuit_t *oc = smartlist_get(result, 0); 2758 tt_ptr_op(oc, OP_EQ, data->circ1); 2759 2760 done: 2761 smartlist_free(result); 2762 } 2763 2764 static void 2765 test_entry_guard_upgrade_blocked_by_better_circ_pending(void *arg) 2766 { 2767 upgrade_circuits_data_t *data = arg; 2768 2769 /* circ2 is done, but circ1 is still pending. Since circ1 is better, 2770 * we won't upgrade circ2. */ 2771 2772 /* XXXX Prop271 -- this is a kludge. I'm making sure circ1 _is_ better, 2773 * by messing with the guards' confirmed_idx */ 2774 make_guard_confirmed(data->gs, data->guard1); 2775 { 2776 int tmp; 2777 tmp = data->guard1->confirmed_idx; 2778 data->guard1->confirmed_idx = data->guard2->confirmed_idx; 2779 data->guard2->confirmed_idx = tmp; 2780 } 2781 2782 smartlist_t *result = smartlist_new(); 2783 setup_capture_of_logs(LOG_DEBUG); 2784 int r; 2785 r = entry_guards_upgrade_waiting_circuits(data->gs, 2786 data->all_origin_circuits, 2787 result); 2788 tt_int_op(r, OP_EQ, 0); 2789 tt_int_op(smartlist_len(result), OP_EQ, 0); 2790 expect_log_msg_containing("but 1 pending circuit(s) had higher guard " 2791 "priority, so not upgrading."); 2792 2793 done: 2794 teardown_capture_of_logs(); 2795 smartlist_free(result); 2796 } 2797 2798 static void 2799 test_entry_guard_upgrade_not_blocked_by_restricted_circ_pending(void *arg) 2800 { 2801 upgrade_circuits_data_t *data = arg; 2802 /* circ2 is done, but circ1 is still pending. But when there is a 2803 restriction on circ2 that circ1 can't satisfy, circ1 can't block 2804 circ2. */ 2805 2806 /* XXXX Prop271 -- this is a kludge. I'm making sure circ1 _is_ better, 2807 * by messing with the guards' confirmed_idx */ 2808 make_guard_confirmed(data->gs, data->guard1); 2809 { 2810 int tmp; 2811 tmp = data->guard1->confirmed_idx; 2812 data->guard1->confirmed_idx = data->guard2->confirmed_idx; 2813 data->guard2->confirmed_idx = tmp; 2814 } 2815 2816 data->guard2_state->restrictions = 2817 guard_create_exit_restriction((uint8_t*)data->guard1->identity); 2818 2819 smartlist_t *result = smartlist_new(); 2820 int r; 2821 r = entry_guards_upgrade_waiting_circuits(data->gs, 2822 data->all_origin_circuits, 2823 result); 2824 tt_int_op(r, OP_EQ, 1); 2825 tt_int_op(smartlist_len(result), OP_EQ, 1); 2826 origin_circuit_t *oc = smartlist_get(result, 0); 2827 tt_ptr_op(oc, OP_EQ, data->circ2); 2828 2829 done: 2830 smartlist_free(result); 2831 } 2832 2833 static void 2834 test_entry_guard_upgrade_not_blocked_by_worse_circ_pending(void *arg) 2835 { 2836 upgrade_circuits_data_t *data = arg; 2837 2838 /* circ1 is done, but circ2 is still pending. Since circ1 is better, 2839 * we will upgrade it. */ 2840 smartlist_t *result = smartlist_new(); 2841 int r; 2842 r = entry_guards_upgrade_waiting_circuits(data->gs, 2843 data->all_origin_circuits, 2844 result); 2845 tt_int_op(r, OP_EQ, 1); 2846 tt_int_op(smartlist_len(result), OP_EQ, 1); 2847 origin_circuit_t *oc = smartlist_get(result, 0); 2848 tt_ptr_op(oc, OP_EQ, data->circ1); 2849 2850 done: 2851 smartlist_free(result); 2852 } 2853 2854 static void 2855 test_entry_guard_should_expire_waiting(void *arg) 2856 { 2857 (void)arg; 2858 circuit_guard_state_t *fake_state = tor_malloc_zero(sizeof(*fake_state)); 2859 /* We'll leave "guard" unset -- it won't matter here. */ 2860 2861 /* No state? Can't expire. */ 2862 tt_assert(! entry_guard_state_should_expire(NULL)); 2863 2864 /* Let's try one that expires. */ 2865 fake_state->state = GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD; 2866 fake_state->state_set_at = 2867 approx_time() - DFLT_NONPRIMARY_GUARD_IDLE_TIMEOUT - 1; 2868 2869 tt_assert(entry_guard_state_should_expire(fake_state)); 2870 2871 /* But it wouldn't expire if we changed the state. */ 2872 fake_state->state = GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD; 2873 tt_assert(! entry_guard_state_should_expire(fake_state)); 2874 2875 /* And it wouldn't have expired a few seconds ago. */ 2876 fake_state->state = GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD; 2877 fake_state->state_set_at = 2878 approx_time() - DFLT_NONPRIMARY_GUARD_IDLE_TIMEOUT + 5; 2879 tt_assert(! entry_guard_state_should_expire(fake_state)); 2880 2881 done: 2882 tor_free(fake_state); 2883 } 2884 2885 /** Test that the number of primary guards can be controlled using torrc */ 2886 static void 2887 test_entry_guard_number_of_primaries(void *arg) 2888 { 2889 (void) arg; 2890 2891 /* Get default value */ 2892 tt_int_op(get_n_primary_guards(), OP_EQ, DFLT_N_PRIMARY_GUARDS); 2893 2894 /* Set number of primaries using torrc */ 2895 get_options_mutable()->NumPrimaryGuards = 42; 2896 tt_int_op(get_n_primary_guards(), OP_EQ, 42); 2897 2898 done: 2899 ; 2900 } 2901 2902 static void 2903 mock_directory_initiate_request(directory_request_t *req) 2904 { 2905 if (req->guard_state) { 2906 circuit_guard_state_free(req->guard_state); 2907 } 2908 } 2909 2910 static networkstatus_t *mock_ns_val = NULL; 2911 static networkstatus_t * 2912 mock_ns_get_by_flavor(consensus_flavor_t f) 2913 { 2914 (void)f; 2915 return mock_ns_val; 2916 } 2917 2918 /** Test that when we fetch microdescriptors we skip guards that have 2919 * previously failed to serve us needed microdescriptors. */ 2920 static void 2921 test_entry_guard_outdated_dirserver_exclusion(void *arg) 2922 { 2923 int retval; 2924 response_handler_args_t *args = NULL; 2925 dir_connection_t *conn = NULL; 2926 (void) arg; 2927 2928 /* Test prep: Make a new guard selection */ 2929 guard_selection_t *gs = get_guard_selection_by_name("default", 2930 GS_TYPE_NORMAL, 1); 2931 2932 /* ... we want to use entry guards */ 2933 or_options_t *options = get_options_mutable(); 2934 options->UseEntryGuards = 1; 2935 options->UseBridges = 0; 2936 2937 /* ... prepare some md digests we want to download in the future */ 2938 smartlist_t *digests = smartlist_new(); 2939 const char *prose = "unhurried and wise, we perceive."; 2940 for (int i = 0; i < 20; i++) { 2941 smartlist_add(digests, (char*)prose); 2942 } 2943 2944 tt_int_op(smartlist_len(digests), OP_EQ, 20); 2945 2946 /* ... now mock some functions */ 2947 mock_ns_val = tor_malloc_zero(sizeof(networkstatus_t)); 2948 MOCK(networkstatus_get_latest_consensus_by_flavor, mock_ns_get_by_flavor); 2949 MOCK(directory_initiate_request, mock_directory_initiate_request); 2950 2951 /* Test logic: 2952 * 0. Create a proper guard set and primary guard list. 2953 * 1. Pretend to fail microdescriptor fetches from all the primary guards. 2954 * 2. Order another microdescriptor fetch and make sure that primary guards 2955 * get skipped since they failed previous fetches. 2956 */ 2957 2958 { /* Setup primary guard list */ 2959 int i; 2960 entry_guards_update_primary(gs); 2961 for (i = 0; i < DFLT_N_PRIMARY_GUARDS; ++i) { 2962 entry_guard_t *guard = smartlist_get(gs->sampled_entry_guards, i); 2963 make_guard_confirmed(gs, guard); 2964 } 2965 entry_guards_update_primary(gs); 2966 } 2967 2968 { 2969 /* Fail microdesc fetches with all the primary guards */ 2970 args = tor_malloc_zero(sizeof(response_handler_args_t)); 2971 args->status_code = 404; 2972 args->reason = NULL; 2973 args->body = NULL; 2974 args->body_len = 0; 2975 2976 conn = tor_malloc_zero(sizeof(dir_connection_t)); 2977 conn->requested_resource = tor_strdup("d/jlinblackorigami"); 2978 conn->base_.purpose = DIR_PURPOSE_FETCH_MICRODESC; 2979 2980 /* Pretend to fail fetches with all primary guards */ 2981 SMARTLIST_FOREACH_BEGIN(gs->primary_entry_guards,const entry_guard_t *,g) { 2982 memcpy(conn->identity_digest, g->identity, DIGEST_LEN); 2983 2984 retval = handle_response_fetch_microdesc(conn, args); 2985 tt_int_op(retval, OP_EQ, 0); 2986 } SMARTLIST_FOREACH_END(g); 2987 } 2988 2989 { 2990 /* Now order the final md download */ 2991 setup_full_capture_of_logs(LOG_INFO); 2992 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_MICRODESC, 2993 digests, 3, 7, 0); 2994 2995 /* ... and check that because we failed to fetch microdescs from all our 2996 * primaries, we didn't end up selecting a primary for fetching dir info */ 2997 expect_log_msg_containing("No primary or confirmed guards available."); 2998 teardown_capture_of_logs(); 2999 } 3000 3001 done: 3002 UNMOCK(networkstatus_get_latest_consensus_by_flavor); 3003 UNMOCK(directory_initiate_request); 3004 smartlist_free(digests); 3005 tor_free(mock_ns_val); 3006 tor_free(args); 3007 if (conn) { 3008 tor_free(conn->requested_resource); 3009 tor_free(conn); 3010 } 3011 } 3012 3013 /** Test helper to extend the <b>oc</b> circuit path <b>n</b> times and then 3014 * ensure that the circuit is now complete. */ 3015 static void 3016 helper_extend_circuit_path_n_times(origin_circuit_t *oc, int n) 3017 { 3018 int retval; 3019 int i; 3020 3021 /* Extend path n times */ 3022 for (i = 0 ; i < n ; i++) { 3023 retval = onion_extend_cpath(oc); 3024 tt_int_op(retval, OP_EQ, 0); 3025 tt_int_op(circuit_get_cpath_len(oc), OP_EQ, i+1); 3026 } 3027 3028 /* Now do it one last time and see that circ is complete */ 3029 retval = onion_extend_cpath(oc); 3030 tt_int_op(retval, OP_EQ, 1); 3031 3032 done: 3033 ; 3034 } 3035 3036 /** Test for basic Tor path selection. Makes sure we build 3-hop circuits. */ 3037 static void 3038 test_entry_guard_basic_path_selection(void *arg) 3039 { 3040 (void) arg; 3041 3042 int retval; 3043 3044 /* Enable entry guards */ 3045 or_options_t *options = get_options_mutable(); 3046 options->UseEntryGuards = 1; 3047 3048 /* disables /16 check since all nodes have the same addr... */ 3049 options->EnforceDistinctSubnets = 0; 3050 3051 /* Create our circuit */ 3052 circuit_t *circ = dummy_origin_circuit_new(30); 3053 origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); 3054 oc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); 3055 3056 /* First pick the exit and pin it on the build_state */ 3057 retval = onion_pick_cpath_exit(oc, NULL); 3058 tt_int_op(retval, OP_EQ, 0); 3059 3060 /* Extend path 3 times. First we pick guard, then middle, then exit. */ 3061 helper_extend_circuit_path_n_times(oc, 3); 3062 3063 done: 3064 circuit_free_(circ); 3065 } 3066 3067 /** Test helper to build an L2 and L3 vanguard list. The vanguard lists 3068 * produced should be completely disjoint. */ 3069 static void 3070 helper_setup_vanguard_list(or_options_t *options) 3071 { 3072 int i = 0; 3073 3074 /* Add some nodes to the vanguard L2 list */ 3075 options->HSLayer2Nodes = routerset_new(); 3076 for (i = 0; i < 10 ; i += 2) { 3077 node_t *vanguard_node = smartlist_get(big_fake_net_nodes, i); 3078 tt_assert(vanguard_node->is_possible_guard); 3079 routerset_parse(options->HSLayer2Nodes, vanguard_node->rs->nickname, "l2"); 3080 } 3081 /* also add some nodes to vanguard L3 list 3082 * (L2 list and L3 list should be disjoint for this test to work) */ 3083 options->HSLayer3Nodes = routerset_new(); 3084 for (i = 10; i < 20 ; i += 2) { 3085 node_t *vanguard_node = smartlist_get(big_fake_net_nodes, i); 3086 tt_assert(vanguard_node->is_possible_guard); 3087 routerset_parse(options->HSLayer3Nodes, vanguard_node->rs->nickname, "l3"); 3088 } 3089 3090 done: 3091 ; 3092 } 3093 3094 /** Test to ensure that vanguard path selection works properly. Ensures that 3095 * default vanguard circuits are 4 hops, and that path selection works 3096 * correctly given the vanguard settings. */ 3097 static void 3098 test_entry_guard_vanguard_path_selection(void *arg) 3099 { 3100 (void) arg; 3101 3102 int retval; 3103 3104 /* Enable entry guards */ 3105 or_options_t *options = get_options_mutable(); 3106 options->UseEntryGuards = 1; 3107 3108 /* XXX disables /16 check */ 3109 options->EnforceDistinctSubnets = 0; 3110 3111 /* Setup our vanguard list */ 3112 helper_setup_vanguard_list(options); 3113 3114 /* Create our circuit */ 3115 circuit_t *circ = dummy_origin_circuit_new(30); 3116 origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); 3117 oc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); 3118 oc->build_state->is_internal = 1; 3119 3120 /* Switch circuit purpose to vanguards */ 3121 circ->purpose = CIRCUIT_PURPOSE_HS_VANGUARDS; 3122 3123 /* First pick the exit and pin it on the build_state */ 3124 tt_int_op(oc->build_state->desired_path_len, OP_EQ, 0); 3125 retval = onion_pick_cpath_exit(oc, NULL); 3126 tt_int_op(retval, OP_EQ, 0); 3127 3128 /* Ensure that vanguards make 4-hop circuits by default */ 3129 tt_int_op(oc->build_state->desired_path_len, OP_EQ, 4); 3130 3131 /* Extend path as many times as needed to have complete circ. */ 3132 helper_extend_circuit_path_n_times(oc, oc->build_state->desired_path_len); 3133 3134 /* Test that the cpath linked list is set correctly. */ 3135 crypt_path_t *l1_node = oc->cpath; 3136 crypt_path_t *l2_node = l1_node->next; 3137 crypt_path_t *l3_node = l2_node->next; 3138 crypt_path_t *l4_node = l3_node->next; 3139 crypt_path_t *l1_node_again = l4_node->next; 3140 tt_ptr_op(l1_node, OP_EQ, l1_node_again); 3141 3142 /* Test that L2 is indeed HSLayer2Node */ 3143 retval = routerset_contains_extendinfo(options->HSLayer2Nodes, 3144 l2_node->extend_info); 3145 tt_int_op(retval, OP_EQ, 4); 3146 /* test that L3 node is _not_ contained in HSLayer2Node */ 3147 retval = routerset_contains_extendinfo(options->HSLayer2Nodes, 3148 l3_node->extend_info); 3149 tt_int_op(retval, OP_LT, 4); 3150 3151 /* Test that L3 is indeed HSLayer3Node */ 3152 retval = routerset_contains_extendinfo(options->HSLayer3Nodes, 3153 l3_node->extend_info); 3154 tt_int_op(retval, OP_EQ, 4); 3155 /* test that L2 node is _not_ contained in HSLayer3Node */ 3156 retval = routerset_contains_extendinfo(options->HSLayer3Nodes, 3157 l2_node->extend_info); 3158 tt_int_op(retval, OP_LT, 4); 3159 3160 /* TODO: Test that L1 can be the same as exit. To test this we need start 3161 enforcing EnforceDistinctSubnets again, which means that we need to give 3162 each test node a different address which currently breaks some tests. */ 3163 3164 done: 3165 circuit_free_(circ); 3166 } 3167 3168 static void 3169 test_entry_guard_layer2_guards(void *arg) 3170 { 3171 (void) arg; 3172 MOCK(router_have_minimum_dir_info, mock_router_have_minimum_dir_info); 3173 3174 /* First check the enable/disable switch */ 3175 get_options_mutable()->VanguardsLiteEnabled = 0; 3176 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 0); 3177 3178 get_options_mutable()->VanguardsLiteEnabled = 1; 3179 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 1); 3180 3181 get_options_mutable()->VanguardsLiteEnabled = -1; 3182 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 1); 3183 3184 /* OK now let's move to actual testing */ 3185 3186 /* Remove restrictions to route around Big Fake Network restrictions */ 3187 get_options_mutable()->EnforceDistinctSubnets = 0; 3188 3189 /* Create the L2 guardset */ 3190 maintain_layer2_guards(); 3191 3192 const routerset_t *l2_guards = get_layer2_guards(); 3193 tt_assert(l2_guards); 3194 tt_int_op(routerset_len(l2_guards), OP_EQ, 4); 3195 3196 done: 3197 UNMOCK(router_have_minimum_dir_info); 3198 } 3199 3200 static const struct testcase_setup_t big_fake_network = { 3201 big_fake_network_setup, big_fake_network_cleanup 3202 }; 3203 3204 static const struct testcase_setup_t upgrade_circuits = { 3205 upgrade_circuits_setup, upgrade_circuits_cleanup 3206 }; 3207 3208 #ifndef COCCI 3209 #define NO_PREFIX_TEST(name) \ 3210 { #name, test_ ## name, 0, NULL, NULL } 3211 3212 #define EN_TEST_BASE(name, fork, setup, arg) \ 3213 { #name, test_entry_guard_ ## name, fork, setup, (void*)(arg) } 3214 3215 #define EN_TEST(name) EN_TEST_BASE(name, 0, NULL, NULL) 3216 #define EN_TEST_FORK(name) EN_TEST_BASE(name, TT_FORK, NULL, NULL) 3217 3218 #define BFN_TEST(name) \ 3219 EN_TEST_BASE(name, TT_FORK, &big_fake_network, NULL), \ 3220 { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \ 3221 &big_fake_network, (void*)(REASONABLY_FUTURE) }, \ 3222 { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \ 3223 &big_fake_network, (void*)(REASONABLY_PAST) } 3224 3225 #define UPGRADE_TEST(name, arg) \ 3226 EN_TEST_BASE(name, TT_FORK, &upgrade_circuits, arg), \ 3227 { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \ 3228 &upgrade_circuits, (void*)(arg REASONABLY_FUTURE) }, \ 3229 { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \ 3230 &upgrade_circuits, (void*)(arg REASONABLY_PAST) } 3231 #endif /* !defined(COCCI) */ 3232 3233 struct testcase_t entrynodes_tests[] = { 3234 NO_PREFIX_TEST(node_preferred_orport), 3235 NO_PREFIX_TEST(entry_guard_describe), 3236 3237 EN_TEST(randomize_time), 3238 EN_TEST(encode_for_state_minimal), 3239 EN_TEST(encode_for_state_maximal), 3240 EN_TEST(parse_from_state_minimal), 3241 EN_TEST(parse_from_state_maximal), 3242 EN_TEST(parse_from_state_failure), 3243 EN_TEST(parse_from_state_partial_failure), 3244 3245 EN_TEST_FORK(parse_from_state_full), 3246 EN_TEST_FORK(parse_from_state_broken), 3247 EN_TEST_FORK(get_guard_selection_by_name), 3248 EN_TEST_FORK(number_of_primaries), 3249 3250 BFN_TEST(choose_selection_initial), 3251 BFN_TEST(add_single_guard), 3252 BFN_TEST(node_filter), 3253 BFN_TEST(expand_sample), 3254 BFN_TEST(expand_sample_small_net), 3255 BFN_TEST(update_from_consensus_status), 3256 BFN_TEST(update_from_consensus_repair), 3257 BFN_TEST(update_from_consensus_remove), 3258 BFN_TEST(confirming_guards), 3259 BFN_TEST(sample_reachable_filtered), 3260 BFN_TEST(sample_reachable_filtered_empty), 3261 BFN_TEST(retry_unreachable), 3262 BFN_TEST(manage_primary), 3263 BFN_TEST(correct_cascading_order), 3264 3265 BFN_TEST(layer2_guards), 3266 3267 EN_TEST_FORK(guard_preferred), 3268 3269 BFN_TEST(select_for_circuit_no_confirmed), 3270 BFN_TEST(select_for_circuit_confirmed), 3271 BFN_TEST(select_for_circuit_highlevel_primary), 3272 BFN_TEST(select_for_circuit_highlevel_confirm_other), 3273 BFN_TEST(select_for_circuit_highlevel_primary_retry), 3274 BFN_TEST(select_for_circuit_exit_family_restriction), 3275 BFN_TEST(select_and_cancel), 3276 BFN_TEST(drop_guards), 3277 BFN_TEST(outdated_dirserver_exclusion), 3278 BFN_TEST(basic_path_selection), 3279 BFN_TEST(vanguard_path_selection), 3280 3281 UPGRADE_TEST(upgrade_a_circuit, "c1-done c2-done"), 3282 UPGRADE_TEST(upgrade_blocked_by_live_primary_guards, "c1-done c2-done"), 3283 UPGRADE_TEST(upgrade_blocked_by_lack_of_waiting_circuits, ""), 3284 UPGRADE_TEST(upgrade_blocked_by_better_circ_complete, "c1-done c2-done"), 3285 UPGRADE_TEST(upgrade_not_blocked_by_restricted_circ_complete, 3286 "c1-done c2-done"), 3287 UPGRADE_TEST(upgrade_not_blocked_by_worse_circ_complete, "c1-done c2-done"), 3288 UPGRADE_TEST(upgrade_blocked_by_better_circ_pending, "c2-done"), 3289 UPGRADE_TEST(upgrade_not_blocked_by_restricted_circ_pending, 3290 "c2-done"), 3291 UPGRADE_TEST(upgrade_not_blocked_by_worse_circ_pending, "c1-done"), 3292 3293 EN_TEST_FORK(should_expire_waiting), 3294 3295 END_OF_TESTCASES 3296 };