首页 发现 帮助
登录
piros
/
tor
3
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 00ffefb41b
分支列表 标签列表
tor
/
src
/
test
/
zero_length_keys.sh

zero_length_keys.sh 4.1 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 
  1. #!/bin/sh
    2. 

  2. # Check that tor regenerates keys when key files are zero-length
    3. 

  3. # Test for bug #13111 - Tor fails to start if onion keys are zero length
    4. 

  4. #
    5. 

  5. # Usage:
    6. 

  6. #  ./zero_length_keys.sh PATH_TO_TOR
    7. 

  7. #    Run all the tests below
    8. 

  8. #  ./zero_length_keys.sh PATH_TO_TOR -z
    9. 

  9. #    Check tor will launch and regenerate zero-length keys
    10. 

  10. #  ./zero_length_keys.sh PATH_TO_TOR -d
    11. 

  11. #    Check tor regenerates deleted keys (existing behaviour)
    12. 

  12. #  ./zero_length_keys.sh PATH_TO_TOR -e
    13. 

  13. #    Check tor does not overwrite existing keys (existing behaviour)
    14. 

  14. #
    15. 

  15. # Exit Statuses:
    16. 

  16. #   0: test succeeded - tor regenerated/kept the files
    17. 

  17. #   1: test failed - tor did not regenerate/keep the files
    18. 

  18. #   2: test failed - tor did not generate the key files on first run
    19. 

  19. #   3: a command failed - the test could not be completed
    20. 

  20. #
    21. 

  21. 

  22. if [ $# -eq 0 ] || [ ! -f ${1} ] || [ ! -x ${1} ]; then
    23. 

  23.   echo "Usage: ${0} PATH_TO_TOR [-z|-d|-e]"
    24. 

  24.   exit 1
    25. 

  25. elif [ $# -eq 1 ]; then
    26. 

  26.   echo "Testing that tor correctly handles zero-length keys"
    27. 

  27.   "$0" "${1}" -z && "$0" "${1}" -d && "$0" "${1}" -e
    28. 

  28.   exit $?
    29. 

  29. else #[$# -gt 1 ]; then
    30. 

  30.   TOR_BINARY="${1}"
    31. 

  31.   shift
    32. 

  32. fi
    33. 

  33. 

  34. DATA_DIR=`mktemp -d -t tor_zero_length_keys.XXXXXX`
    35. 

  35. if [ -z "$DATA_DIR" ]; then
    36. 

  36.   echo "Failure: mktemp invocation returned empty string" >&2
    37. 

  37.   exit 3
    38. 

  38. fi
    39. 

  39. if [ ! -d "$DATA_DIR" ]; then
    40. 

  40.   echo "Failure: mktemp invocation result doesn't point to directory" >&2
    41. 

  41.   exit 3
    42. 

  42. fi
    43. 

  43. trap "rm -rf '$DATA_DIR'" 0
    44. 

  44. 

  45. touch "$DATA_DIR"/empty_torrc
    46. 

  46. 

  47. # DisableNetwork means that the ORPort won't actually be opened.
    48. 

  48. # 'ExitRelay 0' suppresses a warning.
    49. 

  49. TOR="${TOR_BINARY} --hush --DisableNetwork 1 --ShutdownWaitLength 0 --ORPort 12345 --ExitRelay 0 -f $DATA_DIR/empty_torrc"
    50. 

  50. 

  51. if [ -s "$DATA_DIR"/keys/secret_id_key ] && [ -s "$DATA_DIR"/keys/secret_onion_key ] &&
    52. 

  52.    [ -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then
    53. 

  53.   echo "Failure: Previous tor keys present in tor data directory" >&2
    54. 

  54.   exit 3
    55. 

  55. else
    56. 

  56.   echo "Generating initial tor keys"
    57. 

  57.   $TOR --DataDirectory "$DATA_DIR"  --list-fingerprint
    58. 

  58. 

  59.   # tor must successfully generate non-zero-length key files
    60. 

  60.   if [ -s "$DATA_DIR"/keys/secret_id_key ] && [ -s "$DATA_DIR"/keys/secret_onion_key ] &&
    61. 

  61.      [ -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then
    62. 

  62.     true #echo "tor generated the initial key files"
    63. 

  63.   else
    64. 

  64.     echo "Failure: tor failed to generate the initial key files"
    65. 

  65.     exit 2
    66. 

  66.   fi
    67. 

  67. fi
    68. 

  68. 

  69. #ls -lh  "$DATA_DIR"/keys/ || exit 3
    70. 

  70. 

  71. # backup and keep/delete/create zero-length files for the keys
    72. 

  72. 

  73. FILE_DESC="keeps existing"
    74. 

  74. # make a backup
    75. 

  75. cp -r "$DATA_DIR"/keys "$DATA_DIR"/keys.old
    76. 

  76. 

  77. # delete keys for -d or -z
    78. 

  78. if [ "$1" != "-e" ]; then
    79. 

  79.   FILE_DESC="regenerates deleted"
    80. 

  80.   rm "$DATA_DIR"/keys/secret_id_key || exit 3
    81. 

  81.   rm "$DATA_DIR"/keys/secret_onion_key || exit 3
    82. 

  82.   rm "$DATA_DIR"/keys/secret_onion_key_ntor || exit 3
    83. 

  83. fi
    84. 

  84. 

  85. # create empty files for -z
    86. 

  86. if [ "$1" = "-z" ]; then
    87. 

  87.   FILE_DESC="regenerates zero-length"
    88. 

  88.   touch "$DATA_DIR"/keys/secret_id_key || exit 3
    89. 

  89.   touch "$DATA_DIR"/keys/secret_onion_key || exit 3
    90. 

  90.   touch "$DATA_DIR"/keys/secret_onion_key_ntor || exit 3
    91. 

  91. fi
    92. 

  92. 

  93. echo "Running tor again to check if it $FILE_DESC keys"
    94. 

  94. $TOR --DataDirectory "$DATA_DIR" --list-fingerprint
    95. 

  95. 

  96. #ls -lh "$DATA_DIR"/keys/ || exit 3
    97. 

  97. 

  98. # tor must always have non-zero-length key files
    99. 

  99. if [ -s "$DATA_DIR"/keys/secret_id_key ] && [ -s "$DATA_DIR"/keys/secret_onion_key ] &&
    100. 

  100.    [ -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then
    101. 

  101.   # check if the keys are different to the old ones
    102. 

  102.   diff -q -r "$DATA_DIR"/keys "$DATA_DIR"/keys.old > /dev/null
    103. 

  103.   SAME_KEYS=$?
    104. 

  104.   # if we're not testing existing keys,
    105. 

  105.   # the current keys should be different to the old ones
    106. 

  106.   if [ "$1" != "-e" ]; then
    107. 

  107.     if [ $SAME_KEYS -ne 0 ]; then
    108. 

  108.       echo "Success: test that tor $FILE_DESC key files: different keys"
    109. 

  109.       exit 0
    110. 

  110.     else
    111. 

  111.       echo "Failure: test that tor $FILE_DESC key files: same keys"
    112. 

  112.       exit 1
    113. 

  113.     fi
    114. 

  114.   else #[ "$1" == "-e" ]; then
    115. 

  115.     if [ $SAME_KEYS -eq 0 ]; then
    116. 

  116.       echo "Success: test that tor $FILE_DESC key files: same keys"
    117. 

  117.       exit 0
    118. 

  118.     else
    119. 

  119.       echo "Failure: test that tor $FILE_DESC key files: different keys"
    120. 

  120.       exit 1
    121. 

  121.     fi
    122. 

  122.   fi
    123. 

  123. else
    124. 

  124.   echo "Failure: test that tor $FILE_DESC key files: no key files"
    125. 

  125.   exit 1
    126. 

  126. fi
    127.