test_hs_client.c 34 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010
  1. /* Copyright (c) 2016-2018, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file test_hs_client.c
  5. * \brief Test prop224 HS client functionality.
  6. */
  7. #define CONFIG_PRIVATE
  8. #define CRYPTO_PRIVATE
  9. #define MAINLOOP_PRIVATE
  10. #define HS_CLIENT_PRIVATE
  11. #define TOR_CHANNEL_INTERNAL_
  12. #define CIRCUITBUILD_PRIVATE
  13. #define CIRCUITLIST_PRIVATE
  14. #define CONNECTION_PRIVATE
  15. #include "test/test.h"
  16. #include "test/test_helpers.h"
  17. #include "test/log_test_helpers.h"
  18. #include "test/rend_test_helpers.h"
  19. #include "test/hs_test_helpers.h"
  20. #include "app/config/config.h"
  21. #include "lib/crypt_ops/crypto_cipher.h"
  22. #include "lib/crypt_ops/crypto_dh.h"
  23. #include "core/or/channeltls.h"
  24. #include "feature/dircommon/directory.h"
  25. #include "core/mainloop/mainloop.h"
  26. #include "feature/nodelist/nodelist.h"
  27. #include "feature/nodelist/routerset.h"
  28. #include "feature/hs/hs_circuit.h"
  29. #include "feature/hs/hs_circuitmap.h"
  30. #include "feature/hs/hs_client.h"
  31. #include "feature/hs/hs_config.h"
  32. #include "feature/hs/hs_ident.h"
  33. #include "feature/hs/hs_cache.h"
  34. #include "core/or/circuitlist.h"
  35. #include "core/or/circuitbuild.h"
  36. #include "core/mainloop/connection.h"
  37. #include "core/or/connection_edge.h"
  38. #include "feature/nodelist/networkstatus.h"
  39. #include "core/or/cpath_build_state_st.h"
  40. #include "core/or/crypt_path_st.h"
  41. #include "feature/dircommon/dir_connection_st.h"
  42. #include "core/or/entry_connection_st.h"
  43. #include "core/or/extend_info_st.h"
  44. #include "feature/nodelist/networkstatus_st.h"
  45. #include "core/or/origin_circuit_st.h"
  46. #include "core/or/socks_request_st.h"
  47. static int
  48. mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn)
  49. {
  50. (void) ap_conn;
  51. return 0;
  52. }
  53. static networkstatus_t mock_ns;
  54. /* Always return NULL. */
  55. static networkstatus_t *
  56. mock_networkstatus_get_live_consensus_false(time_t now)
  57. {
  58. (void) now;
  59. return NULL;
  60. }
  61. static networkstatus_t *
  62. mock_networkstatus_get_live_consensus(time_t now)
  63. {
  64. (void) now;
  65. return &mock_ns;
  66. }
  67. static int
  68. helper_config_client(const char *conf, int validate_only)
  69. {
  70. int ret = 0;
  71. or_options_t *options = NULL;
  72. tt_assert(conf);
  73. options = helper_parse_options(conf);
  74. tt_assert(options);
  75. ret = hs_config_client_auth_all(options, validate_only);
  76. done:
  77. or_options_free(options);
  78. return ret;
  79. }
  80. /* Test helper function: Setup a circuit and a stream with the same hidden
  81. * service destination, and put them in <b>circ_out</b> and
  82. * <b>conn_out</b>. Make the stream wait for circuits to be established to the
  83. * hidden service. */
  84. static int
  85. helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
  86. connection_t **conn_out,
  87. int is_legacy)
  88. {
  89. int retval;
  90. channel_tls_t *n_chan=NULL;
  91. rend_data_t *conn_rend_data = NULL;
  92. origin_circuit_t *or_circ = NULL;
  93. connection_t *conn = NULL;
  94. ed25519_public_key_t service_pk;
  95. /* Make a dummy connection stream and make it wait for our circuit */
  96. conn = test_conn_get_connection(AP_CONN_STATE_CIRCUIT_WAIT,
  97. CONN_TYPE_AP /* ??? */,
  98. 0);
  99. if (is_legacy) {
  100. /* Legacy: Setup rend_data of stream */
  101. char service_id[REND_SERVICE_ID_LEN_BASE32+1] = {0};
  102. TO_EDGE_CONN(conn)->rend_data = mock_rend_data(service_id);
  103. conn_rend_data = TO_EDGE_CONN(conn)->rend_data;
  104. } else {
  105. /* prop224: Setup hs conn identifier on the stream */
  106. ed25519_secret_key_t sk;
  107. tt_int_op(0, OP_EQ, ed25519_secret_key_generate(&sk, 0));
  108. tt_int_op(0, OP_EQ, ed25519_public_key_generate(&service_pk, &sk));
  109. /* Setup hs_conn_identifier of stream */
  110. TO_EDGE_CONN(conn)->hs_ident = hs_ident_edge_conn_new(&service_pk);
  111. }
  112. /* Make it wait for circuit */
  113. connection_ap_mark_as_pending_circuit(TO_ENTRY_CONN(conn));
  114. /* This is needed to silence a BUG warning from
  115. connection_edge_update_circuit_isolation() */
  116. TO_ENTRY_CONN(conn)->original_dest_address =
  117. tor_strdup(TO_ENTRY_CONN(conn)->socks_request->address);
  118. /****************************************************/
  119. /* Now make dummy circuit */
  120. or_circ = origin_circuit_new();
  121. or_circ->base_.purpose = CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED;
  122. or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
  123. or_circ->build_state->is_internal = 1;
  124. if (is_legacy) {
  125. /* Legacy: Setup rend data and final cpath */
  126. or_circ->build_state->pending_final_cpath =
  127. tor_malloc_zero(sizeof(crypt_path_t));
  128. or_circ->build_state->pending_final_cpath->magic = CRYPT_PATH_MAGIC;
  129. or_circ->build_state->pending_final_cpath->rend_dh_handshake_state =
  130. crypto_dh_new(DH_TYPE_REND);
  131. tt_assert(
  132. or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
  133. retval = crypto_dh_generate_public(
  134. or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
  135. tt_int_op(retval, OP_EQ, 0);
  136. or_circ->rend_data = rend_data_dup(conn_rend_data);
  137. } else {
  138. /* prop224: Setup hs ident on the circuit */
  139. or_circ->hs_ident = hs_ident_circuit_new(&service_pk,
  140. HS_IDENT_CIRCUIT_RENDEZVOUS);
  141. }
  142. TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN;
  143. /* fake n_chan */
  144. n_chan = tor_malloc_zero(sizeof(channel_tls_t));
  145. n_chan->base_.global_identifier = 1;
  146. or_circ->base_.n_chan = &(n_chan->base_);
  147. *circ_out = or_circ;
  148. *conn_out = conn;
  149. return 0;
  150. done:
  151. /* something failed */
  152. return -1;
  153. }
  154. /* Test: Ensure that setting up legacy e2e rendezvous circuits works
  155. * correctly. */
  156. static void
  157. test_e2e_rend_circuit_setup_legacy(void *arg)
  158. {
  159. ssize_t retval;
  160. origin_circuit_t *or_circ = NULL;
  161. connection_t *conn = NULL;
  162. (void) arg;
  163. /** In this test we create a v2 legacy HS stream and a circuit with the same
  164. * hidden service destination. We make the stream wait for circuits to be
  165. * established to the hidden service, and then we complete the circuit using
  166. * the hs_circuit_setup_e2e_rend_circ_legacy_client() function. We then
  167. * check that the end-to-end cpath was setup correctly and that the stream
  168. * was attached to the circuit as expected. */
  169. MOCK(connection_ap_handshake_send_begin,
  170. mock_connection_ap_handshake_send_begin);
  171. /* Setup */
  172. retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 1);
  173. tt_int_op(retval, OP_EQ, 0);
  174. tt_assert(or_circ);
  175. tt_assert(conn);
  176. /* Check number of hops */
  177. retval = cpath_get_n_hops(&or_circ->cpath);
  178. tt_int_op(retval, OP_EQ, 0);
  179. /* Check that our stream is not attached on any circuits */
  180. tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, NULL);
  181. /********************************************** */
  182. /* Make a good RENDEZVOUS1 cell body because it needs to pass key exchange
  183. * digest verification... */
  184. uint8_t rend_cell_body[DH1024_KEY_LEN+DIGEST_LEN] = {2};
  185. {
  186. char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];
  187. crypto_dh_t *dh_state =
  188. or_circ->build_state->pending_final_cpath->rend_dh_handshake_state;
  189. /* compute and overwrite digest of cell body with the right value */
  190. retval = crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh_state,
  191. (char*)rend_cell_body, DH1024_KEY_LEN,
  192. keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN);
  193. tt_int_op(retval, OP_GT, 0);
  194. memcpy(rend_cell_body+DH1024_KEY_LEN, keys, DIGEST_LEN);
  195. }
  196. /* Setup the circuit */
  197. retval = hs_circuit_setup_e2e_rend_circ_legacy_client(or_circ,
  198. rend_cell_body);
  199. tt_int_op(retval, OP_EQ, 0);
  200. /**********************************************/
  201. /* See that a hop was added to the circuit's cpath */
  202. retval = cpath_get_n_hops(&or_circ->cpath);
  203. tt_int_op(retval, OP_EQ, 1);
  204. /* Check the digest algo */
  205. tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest),
  206. OP_EQ, DIGEST_SHA1);
  207. tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest),
  208. OP_EQ, DIGEST_SHA1);
  209. tt_assert(or_circ->cpath->crypto.f_crypto);
  210. tt_assert(or_circ->cpath->crypto.b_crypto);
  211. /* Ensure that circ purpose was changed */
  212. tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
  213. /* Test that stream got attached */
  214. tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, TO_CIRCUIT(or_circ));
  215. done:
  216. connection_free_minimal(conn);
  217. if (or_circ)
  218. tor_free(TO_CIRCUIT(or_circ)->n_chan);
  219. circuit_free_(TO_CIRCUIT(or_circ));
  220. }
  221. /* Test: Ensure that setting up v3 rendezvous circuits works correctly. */
  222. static void
  223. test_e2e_rend_circuit_setup(void *arg)
  224. {
  225. uint8_t ntor_key_seed[DIGEST256_LEN] = {0};
  226. origin_circuit_t *or_circ = NULL;
  227. int retval;
  228. connection_t *conn = NULL;
  229. (void) arg;
  230. /** In this test we create a prop224 v3 HS stream and a circuit with the same
  231. * hidden service destination. We make the stream wait for circuits to be
  232. * established to the hidden service, and then we complete the circuit using
  233. * the hs_circuit_setup_e2e_rend_circ() function. We then check that the
  234. * end-to-end cpath was setup correctly and that the stream was attached to
  235. * the circuit as expected. */
  236. MOCK(connection_ap_handshake_send_begin,
  237. mock_connection_ap_handshake_send_begin);
  238. /* Setup */
  239. retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 0);
  240. tt_int_op(retval, OP_EQ, 0);
  241. tt_assert(or_circ);
  242. tt_assert(conn);
  243. /* Check number of hops: There should be no hops yet to this circ */
  244. retval = cpath_get_n_hops(&or_circ->cpath);
  245. tt_int_op(retval, OP_EQ, 0);
  246. tt_ptr_op(or_circ->cpath, OP_EQ, NULL);
  247. /* Check that our stream is not attached on any circuits */
  248. tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, NULL);
  249. /**********************************************/
  250. /* Setup the circuit */
  251. retval = hs_circuit_setup_e2e_rend_circ(or_circ,
  252. ntor_key_seed, sizeof(ntor_key_seed),
  253. 0);
  254. tt_int_op(retval, OP_EQ, 0);
  255. /**********************************************/
  256. /* See that a hop was added to the circuit's cpath */
  257. retval = cpath_get_n_hops(&or_circ->cpath);
  258. tt_int_op(retval, OP_EQ, 1);
  259. /* Check that the crypt path has prop224 algorithm parameters */
  260. tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest),
  261. OP_EQ, DIGEST_SHA3_256);
  262. tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest),
  263. OP_EQ, DIGEST_SHA3_256);
  264. tt_assert(or_circ->cpath->crypto.f_crypto);
  265. tt_assert(or_circ->cpath->crypto.b_crypto);
  266. /* Ensure that circ purpose was changed */
  267. tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
  268. /* Test that stream got attached */
  269. tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, TO_CIRCUIT(or_circ));
  270. done:
  271. connection_free_minimal(conn);
  272. if (or_circ)
  273. tor_free(TO_CIRCUIT(or_circ)->n_chan);
  274. circuit_free_(TO_CIRCUIT(or_circ));
  275. }
  276. /** Test client logic for picking intro points from a descriptor. Also test how
  277. * ExcludeNodes and intro point failures affect picking intro points. */
  278. static void
  279. test_client_pick_intro(void *arg)
  280. {
  281. int ret;
  282. ed25519_keypair_t service_kp;
  283. hs_descriptor_t *desc = NULL;
  284. MOCK(networkstatus_get_live_consensus,
  285. mock_networkstatus_get_live_consensus);
  286. (void) arg;
  287. hs_init();
  288. /* Generate service keypair */
  289. tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0));
  290. /* Set time */
  291. ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
  292. &mock_ns.valid_after);
  293. tt_int_op(ret, OP_EQ, 0);
  294. ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
  295. &mock_ns.fresh_until);
  296. tt_int_op(ret, OP_EQ, 0);
  297. update_approx_time(mock_ns.fresh_until-10);
  298. time_t now = approx_time();
  299. /* Test logic:
  300. *
  301. * 1) Add our desc with intro points to the HS cache.
  302. *
  303. * 2) Mark all descriptor intro points except _the chosen one_ as
  304. * failed. Then query the desc to get a random intro: check that we got
  305. * _the chosen one_. Then fail the chosen one as well, and see that no
  306. * intros are returned.
  307. *
  308. * 3) Then clean the intro state cache and get an intro point.
  309. *
  310. * 4) Try fetching an intro with the wrong service key: shouldn't work
  311. *
  312. * 5) Set StrictNodes and put all our intro points in ExcludeNodes: see that
  313. * nothing is returned.
  314. */
  315. /* 1) Add desc to HS cache */
  316. {
  317. char *encoded = NULL;
  318. desc = hs_helper_build_hs_desc_with_ip(&service_kp);
  319. ret = hs_desc_encode_descriptor(desc, &service_kp, NULL, &encoded);
  320. tt_int_op(ret, OP_EQ, 0);
  321. tt_assert(encoded);
  322. /* store it */
  323. hs_cache_store_as_client(encoded, &service_kp.pubkey);
  324. /* fetch it to make sure it works */
  325. const hs_descriptor_t *fetched_desc =
  326. hs_cache_lookup_as_client(&service_kp.pubkey);
  327. tt_assert(fetched_desc);
  328. tt_mem_op(fetched_desc->subcredential, OP_EQ, desc->subcredential,
  329. DIGEST256_LEN);
  330. tt_assert(!tor_mem_is_zero((char*)fetched_desc->subcredential,
  331. DIGEST256_LEN));
  332. tor_free(encoded);
  333. }
  334. /* 2) Mark all intro points except _the chosen one_ as failed. Then query the
  335. * desc and get a random intro: check that we got _the chosen one_. */
  336. {
  337. /* Pick the chosen intro point and get its ei */
  338. hs_desc_intro_point_t *chosen_intro_point =
  339. smartlist_get(desc->encrypted_data.intro_points, 0);
  340. extend_info_t *chosen_intro_ei =
  341. desc_intro_point_to_extend_info(chosen_intro_point);
  342. tt_assert(chosen_intro_point);
  343. tt_assert(chosen_intro_ei);
  344. /* Now mark all other intro points as failed */
  345. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  346. hs_desc_intro_point_t *, ip) {
  347. /* Skip the chosen intro point */
  348. if (ip == chosen_intro_point) {
  349. continue;
  350. }
  351. ed25519_public_key_t *intro_auth_key = &ip->auth_key_cert->signed_key;
  352. hs_cache_client_intro_state_note(&service_kp.pubkey,
  353. intro_auth_key,
  354. INTRO_POINT_FAILURE_GENERIC);
  355. } SMARTLIST_FOREACH_END(ip);
  356. /* Try to get a random intro: Should return the chosen one! */
  357. /* (We try several times, to make sure this behavior is consistent, and to
  358. * cover the different cases of client_get_random_intro().) */
  359. for (int i = 0; i < 64; ++i) {
  360. extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
  361. tor_assert(ip);
  362. tt_assert(!tor_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN));
  363. tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest,
  364. DIGEST_LEN);
  365. extend_info_free(ip);
  366. }
  367. extend_info_free(chosen_intro_ei);
  368. /* Now also mark the chosen one as failed: See that we can't get any intro
  369. points anymore. */
  370. hs_cache_client_intro_state_note(&service_kp.pubkey,
  371. &chosen_intro_point->auth_key_cert->signed_key,
  372. INTRO_POINT_FAILURE_TIMEOUT);
  373. extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
  374. tor_assert(!ip);
  375. }
  376. /* 3) Clean the intro state cache and get an intro point */
  377. {
  378. /* Pretend we are 5 mins in the future and order a cleanup of the intro
  379. * state. This should clean up the intro point failures and allow us to get
  380. * an intro. */
  381. hs_cache_client_intro_state_clean(now + 5*60);
  382. /* Get an intro. It should work! */
  383. extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
  384. tor_assert(ip);
  385. extend_info_free(ip);
  386. }
  387. /* 4) Try fetching an intro with the wrong service key: shouldn't work */
  388. {
  389. ed25519_keypair_t dummy_kp;
  390. tt_int_op(0, OP_EQ, ed25519_keypair_generate(&dummy_kp, 0));
  391. extend_info_t *ip = client_get_random_intro(&dummy_kp.pubkey);
  392. tor_assert(!ip);
  393. }
  394. /* 5) Set StrictNodes and put all our intro points in ExcludeNodes: see that
  395. * nothing is returned. */
  396. {
  397. get_options_mutable()->ExcludeNodes = routerset_new();
  398. get_options_mutable()->StrictNodes = 1;
  399. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  400. hs_desc_intro_point_t *, ip) {
  401. extend_info_t *intro_ei = desc_intro_point_to_extend_info(ip);
  402. if (intro_ei) {
  403. const char *ptr;
  404. char ip_addr[TOR_ADDR_BUF_LEN];
  405. /* We need to decorate in case it is an IPv6 else routerset_parse()
  406. * doesn't like it. */
  407. ptr = tor_addr_to_str(ip_addr, &intro_ei->addr, sizeof(ip_addr), 1);
  408. tt_assert(ptr == ip_addr);
  409. ret = routerset_parse(get_options_mutable()->ExcludeNodes,
  410. ip_addr, "");
  411. tt_int_op(ret, OP_EQ, 0);
  412. extend_info_free(intro_ei);
  413. }
  414. } SMARTLIST_FOREACH_END(ip);
  415. extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
  416. tt_assert(!ip);
  417. }
  418. done:
  419. hs_descriptor_free(desc);
  420. }
  421. static int
  422. mock_router_have_minimum_dir_info_false(void)
  423. {
  424. return 0;
  425. }
  426. static int
  427. mock_router_have_minimum_dir_info_true(void)
  428. {
  429. return 1;
  430. }
  431. static hs_client_fetch_status_t
  432. mock_fetch_v3_desc_error(const ed25519_public_key_t *key)
  433. {
  434. (void) key;
  435. return HS_CLIENT_FETCH_ERROR;
  436. }
  437. static void
  438. mock_connection_mark_unattached_ap_(entry_connection_t *conn, int endreason,
  439. int line, const char *file)
  440. {
  441. (void) line;
  442. (void) file;
  443. conn->edge_.end_reason = endreason;
  444. /* This function ultimately will flag this so make sure we do also in the
  445. * MOCK one so we can assess closed connections vs open ones. */
  446. conn->edge_.base_.marked_for_close = 1;
  447. }
  448. static void
  449. test_descriptor_fetch(void *arg)
  450. {
  451. int ret;
  452. entry_connection_t *ec = NULL;
  453. ed25519_public_key_t service_pk;
  454. ed25519_secret_key_t service_sk;
  455. (void) arg;
  456. hs_init();
  457. memset(&service_sk, 'A', sizeof(service_sk));
  458. ret = ed25519_public_key_generate(&service_pk, &service_sk);
  459. tt_int_op(ret, OP_EQ, 0);
  460. /* Initialize this so get_voting_interval() doesn't freak out. */
  461. ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
  462. &mock_ns.valid_after);
  463. tt_int_op(ret, OP_EQ, 0);
  464. ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
  465. &mock_ns.fresh_until);
  466. tt_int_op(ret, OP_EQ, 0);
  467. ec = entry_connection_new(CONN_TYPE_AP, AF_INET);
  468. tt_assert(ec);
  469. ENTRY_TO_EDGE_CONN(ec)->hs_ident = hs_ident_edge_conn_new(&service_pk);
  470. tt_assert(ENTRY_TO_EDGE_CONN(ec)->hs_ident);
  471. TO_CONN(ENTRY_TO_EDGE_CONN(ec))->state = AP_CONN_STATE_RENDDESC_WAIT;
  472. smartlist_add(get_connection_array(), &ec->edge_.base_);
  473. /* 1. FetchHidServDescriptors is false so we shouldn't be able to fetch. */
  474. get_options_mutable()->FetchHidServDescriptors = 0;
  475. ret = hs_client_refetch_hsdesc(&service_pk);
  476. tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_NOT_ALLOWED);
  477. get_options_mutable()->FetchHidServDescriptors = 1;
  478. /* 2. We don't have a live consensus. */
  479. MOCK(networkstatus_get_live_consensus,
  480. mock_networkstatus_get_live_consensus_false);
  481. ret = hs_client_refetch_hsdesc(&service_pk);
  482. UNMOCK(networkstatus_get_live_consensus);
  483. tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_MISSING_INFO);
  484. /* From now on, return a live consensus. */
  485. MOCK(networkstatus_get_live_consensus,
  486. mock_networkstatus_get_live_consensus);
  487. /* 3. Not enough dir information. */
  488. MOCK(router_have_minimum_dir_info,
  489. mock_router_have_minimum_dir_info_false);
  490. ret = hs_client_refetch_hsdesc(&service_pk);
  491. UNMOCK(router_have_minimum_dir_info);
  492. tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_MISSING_INFO);
  493. /* From now on, we do have enough directory information. */
  494. MOCK(router_have_minimum_dir_info,
  495. mock_router_have_minimum_dir_info_true);
  496. /* 4. We do have a pending directory request. */
  497. {
  498. dir_connection_t *dir_conn = dir_connection_new(AF_INET);
  499. dir_conn->hs_ident = tor_malloc_zero(sizeof(hs_ident_dir_conn_t));
  500. TO_CONN(dir_conn)->purpose = DIR_PURPOSE_FETCH_HSDESC;
  501. ed25519_pubkey_copy(&dir_conn->hs_ident->identity_pk, &service_pk);
  502. smartlist_add(get_connection_array(), TO_CONN(dir_conn));
  503. ret = hs_client_refetch_hsdesc(&service_pk);
  504. smartlist_remove(get_connection_array(), TO_CONN(dir_conn));
  505. connection_free_minimal(TO_CONN(dir_conn));
  506. tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_PENDING);
  507. }
  508. /* 5. We'll trigger an error on the fetch_desc_v3 and force to close all
  509. * pending SOCKS request. */
  510. MOCK(router_have_minimum_dir_info,
  511. mock_router_have_minimum_dir_info_true);
  512. MOCK(fetch_v3_desc, mock_fetch_v3_desc_error);
  513. MOCK(connection_mark_unattached_ap_,
  514. mock_connection_mark_unattached_ap_);
  515. ret = hs_client_refetch_hsdesc(&service_pk);
  516. UNMOCK(fetch_v3_desc);
  517. UNMOCK(connection_mark_unattached_ap_);
  518. tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_ERROR);
  519. /* The close waiting for descriptor function has been called. */
  520. tt_int_op(ec->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
  521. done:
  522. connection_free_minimal(ENTRY_TO_CONN(ec));
  523. UNMOCK(networkstatus_get_live_consensus);
  524. UNMOCK(router_have_minimum_dir_info);
  525. hs_free_all();
  526. }
  527. static void
  528. test_auth_key_filename_is_valid(void *arg)
  529. {
  530. (void) arg;
  531. /* Valid file name. */
  532. tt_assert(auth_key_filename_is_valid("a.auth_private"));
  533. /* Valid file name with special character. */
  534. tt_assert(auth_key_filename_is_valid("a-.auth_private"));
  535. /* Invalid extension. */
  536. tt_assert(!auth_key_filename_is_valid("a.ath_private"));
  537. /* Nothing before the extension. */
  538. tt_assert(!auth_key_filename_is_valid(".auth_private"));
  539. done:
  540. ;
  541. }
  542. static void
  543. test_parse_auth_file_content(void *arg)
  544. {
  545. hs_client_service_authorization_t *auth = NULL;
  546. (void) arg;
  547. /* Valid authorized client. */
  548. auth = parse_auth_file_content(
  549. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
  550. "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq");
  551. tt_assert(auth);
  552. /* Wrong number of fields. */
  553. tt_assert(!parse_auth_file_content("a:b"));
  554. /* Wrong auth type. */
  555. tt_assert(!parse_auth_file_content(
  556. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:x:"
  557. "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
  558. /* Wrong key type. */
  559. tt_assert(!parse_auth_file_content(
  560. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
  561. "x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
  562. /* Some malformed string. */
  563. tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
  564. /* Bigger key than it should be */
  565. tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
  566. "vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
  567. done:
  568. tor_free(auth);
  569. }
  570. static char *
  571. mock_read_file_to_str(const char *filename, int flags, struct stat *stat_out)
  572. {
  573. char *ret = NULL;
  574. (void) flags;
  575. (void) stat_out;
  576. if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR
  577. "client1.auth_private"))) {
  578. ret = tor_strdup(
  579. "4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
  580. "x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq");
  581. goto done;
  582. }
  583. if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR "dummy.xxx"))) {
  584. ret = tor_strdup(
  585. "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:descriptor:"
  586. "x25519:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
  587. goto done;
  588. }
  589. if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR
  590. "client2.auth_private"))) {
  591. ret = tor_strdup(
  592. "25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid:descriptor:"
  593. "x25519:fdreqzjqso7d2ac7qscrxfl5qfpamdvgy5d6cxejcgzc3hvhurmq");
  594. goto done;
  595. }
  596. done:
  597. return ret;
  598. }
  599. static int
  600. mock_check_private_dir(const char *dirname, cpd_check_t check,
  601. const char *effective_user)
  602. {
  603. (void) dirname;
  604. (void) check;
  605. (void) effective_user;
  606. return 0;
  607. }
  608. static smartlist_t *
  609. mock_tor_listdir(const char *dirname)
  610. {
  611. smartlist_t *file_list = smartlist_new();
  612. (void) dirname;
  613. smartlist_add(file_list, tor_strdup("client1.auth_private"));
  614. smartlist_add(file_list, tor_strdup("dummy.xxx"));
  615. smartlist_add(file_list, tor_strdup("client2.auth_private"));
  616. return file_list;
  617. }
  618. static void
  619. test_config_client_authorization(void *arg)
  620. {
  621. int ret;
  622. char *conf = NULL;
  623. ed25519_public_key_t pk1, pk2;
  624. digest256map_t *global_map = NULL;
  625. char *key_dir = tor_strdup(get_fname("auth_keys"));
  626. (void) arg;
  627. MOCK(read_file_to_str, mock_read_file_to_str);
  628. MOCK(tor_listdir, mock_tor_listdir);
  629. MOCK(check_private_dir, mock_check_private_dir);
  630. #define conf_fmt \
  631. "ClientOnionAuthDir %s\n"
  632. tor_asprintf(&conf, conf_fmt, key_dir);
  633. ret = helper_config_client(conf, 0);
  634. tor_free(conf);
  635. tt_int_op(ret, OP_EQ, 0);
  636. #undef conf_fmt
  637. global_map = get_hs_client_auths_map();
  638. tt_int_op(digest256map_size(global_map), OP_EQ, 2);
  639. hs_parse_address("4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad",
  640. &pk1, NULL, NULL);
  641. hs_parse_address("25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid",
  642. &pk2, NULL, NULL);
  643. tt_assert(digest256map_get(global_map, pk1.pubkey));
  644. tt_assert(digest256map_get(global_map, pk2.pubkey));
  645. done:
  646. tor_free(key_dir);
  647. hs_free_all();
  648. UNMOCK(read_file_to_str);
  649. UNMOCK(tor_listdir);
  650. UNMOCK(check_private_dir);
  651. }
  652. static entry_connection_t *
  653. helper_build_socks_connection(const ed25519_public_key_t *service_pk,
  654. int conn_state)
  655. {
  656. entry_connection_t *socks = entry_connection_new(CONN_TYPE_AP, AF_INET);
  657. ENTRY_TO_EDGE_CONN(socks)->hs_ident = hs_ident_edge_conn_new(service_pk);
  658. TO_CONN(ENTRY_TO_EDGE_CONN(socks))->state = conn_state;
  659. smartlist_add(get_connection_array(), &socks->edge_.base_);
  660. return socks;
  661. }
  662. static void
  663. test_desc_has_arrived_cleanup(void *arg)
  664. {
  665. /* The goal of this test is to make sure we clean up everything in between
  666. * two descriptors from the same .onion. Because intro points can change
  667. * from one descriptor to another, once we received a new descriptor, we
  668. * need to cleanup the remaining circuits so they aren't used or selected
  669. * when establishing a connection with the newly stored descriptor.
  670. *
  671. * This test was created because of #27410. */
  672. int ret;
  673. char *desc_str = NULL;
  674. hs_descriptor_t *desc = NULL;
  675. const hs_descriptor_t *cached_desc;
  676. ed25519_keypair_t signing_kp;
  677. entry_connection_t *socks1 = NULL, *socks2 = NULL;
  678. hs_ident_dir_conn_t hs_dir_ident;
  679. (void) arg;
  680. hs_init();
  681. MOCK(networkstatus_get_live_consensus,
  682. mock_networkstatus_get_live_consensus);
  683. MOCK(connection_mark_unattached_ap_,
  684. mock_connection_mark_unattached_ap_);
  685. MOCK(router_have_minimum_dir_info,
  686. mock_router_have_minimum_dir_info_true);
  687. /* Set consensus time before our time so the cache lookup can always
  688. * validate that the entry is not expired. */
  689. parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", &mock_ns.valid_after);
  690. parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", &mock_ns.fresh_until);
  691. parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", &mock_ns.valid_until);
  692. /* Build a descriptor for a specific .onion. */
  693. ret = ed25519_keypair_generate(&signing_kp, 0);
  694. tt_int_op(ret, OP_EQ, 0);
  695. desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
  696. tt_assert(desc);
  697. ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &desc_str);
  698. tt_int_op(ret, OP_EQ, 0);
  699. /* Store in the client cache. */
  700. ret = hs_cache_store_as_client(desc_str, &signing_kp.pubkey);
  701. tt_int_op(ret, OP_EQ, 0);
  702. cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey);
  703. tt_assert(cached_desc);
  704. hs_helper_desc_equal(desc, cached_desc);
  705. /* Create two SOCKS connection for the same .onion both in the waiting for a
  706. * descriptor state. */
  707. socks1 = helper_build_socks_connection(&signing_kp.pubkey,
  708. AP_CONN_STATE_RENDDESC_WAIT);
  709. tt_assert(socks1);
  710. socks2 = helper_build_socks_connection(&signing_kp.pubkey,
  711. AP_CONN_STATE_RENDDESC_WAIT);
  712. tt_assert(socks2);
  713. /* Now, we'll make the intro points in the current descriptor unusable so
  714. * the hs_client_desc_has_arrived() will take the right code path that we
  715. * want to test that is the fetched descriptor has bad intro points. */
  716. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  717. hs_desc_intro_point_t *, ip) {
  718. hs_cache_client_intro_state_note(&signing_kp.pubkey,
  719. &ip->auth_key_cert->signed_key,
  720. INTRO_POINT_FAILURE_GENERIC);
  721. } SMARTLIST_FOREACH_END(ip);
  722. /* Simulate that a new descriptor just arrived. We should have both of our
  723. * SOCKS connection to be ended with a resolved failed. */
  724. hs_ident_dir_conn_init(&signing_kp.pubkey,
  725. &desc->plaintext_data.blinded_pubkey, &hs_dir_ident);
  726. hs_client_desc_has_arrived(&hs_dir_ident);
  727. tt_int_op(socks1->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
  728. /* XXX: MUST work with OP_EQ. */
  729. tt_int_op(socks2->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
  730. /* Now let say tor cleans up the intro state cache which resets all intro
  731. * point failure count. */
  732. hs_cache_client_intro_state_purge();
  733. /* Retrying all SOCKS which should basically do nothing since we don't have
  734. * any pending SOCKS connection in AP_CONN_STATE_RENDDESC_WAIT state. */
  735. /* XXX: BUG() is triggered here, shouldn't if socks2 wasn't alive. */
  736. retry_all_socks_conn_waiting_for_desc();
  737. done:
  738. connection_free_minimal(ENTRY_TO_CONN(socks1));
  739. connection_free_minimal(ENTRY_TO_CONN(socks2));
  740. hs_descriptor_free(desc);
  741. tor_free(desc_str);
  742. hs_free_all();
  743. UNMOCK(networkstatus_get_live_consensus);
  744. UNMOCK(connection_mark_unattached_ap_);
  745. UNMOCK(router_have_minimum_dir_info);
  746. }
  747. static void
  748. test_close_intro_circuits_new_desc(void *arg)
  749. {
  750. int ret;
  751. ed25519_keypair_t service_kp;
  752. circuit_t *circ = NULL;
  753. origin_circuit_t *ocirc = NULL;
  754. hs_descriptor_t *desc1 = NULL, *desc2 = NULL;
  755. (void) arg;
  756. hs_init();
  757. /* This is needed because of the client cache expiration timestamp is based
  758. * on having a consensus. See cached_client_descriptor_has_expired(). */
  759. MOCK(networkstatus_get_live_consensus,
  760. mock_networkstatus_get_live_consensus);
  761. /* Set consensus time */
  762. parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
  763. &mock_ns.valid_after);
  764. parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
  765. &mock_ns.fresh_until);
  766. parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC",
  767. &mock_ns.valid_until);
  768. /* Generate service keypair */
  769. tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0));
  770. /* Create and add to the global list a dummy client introduction circuits.
  771. * We'll then make sure the hs_ident is attached to a dummy descriptor. */
  772. circ = dummy_origin_circuit_new(0);
  773. tt_assert(circ);
  774. circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING;
  775. ocirc = TO_ORIGIN_CIRCUIT(circ);
  776. /* Build the first descriptor and cache it. */
  777. {
  778. char *encoded;
  779. desc1 = hs_helper_build_hs_desc_with_ip(&service_kp);
  780. tt_assert(desc1);
  781. ret = hs_desc_encode_descriptor(desc1, &service_kp, NULL, &encoded);
  782. tt_int_op(ret, OP_EQ, 0);
  783. tt_assert(encoded);
  784. /* Store it */
  785. ret = hs_cache_store_as_client(encoded, &service_kp.pubkey);
  786. tt_int_op(ret, OP_EQ, 0);
  787. tor_free(encoded);
  788. tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey));
  789. }
  790. /* We'll pick one introduction point and associate it with the circuit. */
  791. {
  792. const hs_desc_intro_point_t *ip =
  793. smartlist_get(desc1->encrypted_data.intro_points, 0);
  794. tt_assert(ip);
  795. ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey,
  796. HS_IDENT_CIRCUIT_INTRO);
  797. ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk,
  798. &ip->auth_key_cert->signed_key);
  799. }
  800. /* Before we are about to clean up the intro circuits, make sure it is
  801. * actually there. */
  802. tt_assert(circuit_get_next_intro_circ(NULL, true));
  803. /* Build the second descriptor for the same service and cache it. */
  804. {
  805. char *encoded;
  806. desc2 = hs_helper_build_hs_desc_with_ip(&service_kp);
  807. tt_assert(desc2);
  808. tt_mem_op(&desc1->plaintext_data.signing_pubkey, OP_EQ,
  809. &desc2->plaintext_data.signing_pubkey, ED25519_PUBKEY_LEN);
  810. /* To replace the existing descriptor, the revision counter needs to be
  811. * bigger. */
  812. desc2->plaintext_data.revision_counter =
  813. desc1->plaintext_data.revision_counter + 1;
  814. ret = hs_desc_encode_descriptor(desc2, &service_kp, NULL, &encoded);
  815. tt_int_op(ret, OP_EQ, 0);
  816. tt_assert(encoded);
  817. hs_cache_store_as_client(encoded, &service_kp.pubkey);
  818. tt_int_op(ret, OP_EQ, 0);
  819. tor_free(encoded);
  820. tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey));
  821. }
  822. /* Once stored, our intro circuit should be closed because it is related to
  823. * an old introduction point that doesn't exists anymore. */
  824. tt_assert(!circuit_get_next_intro_circ(NULL, true));
  825. done:
  826. circuit_free(circ);
  827. hs_descriptor_free(desc1);
  828. hs_descriptor_free(desc2);
  829. hs_free_all();
  830. UNMOCK(networkstatus_get_live_consensus);
  831. }
  832. struct testcase_t hs_client_tests[] = {
  833. { "e2e_rend_circuit_setup_legacy", test_e2e_rend_circuit_setup_legacy,
  834. TT_FORK, NULL, NULL },
  835. { "e2e_rend_circuit_setup", test_e2e_rend_circuit_setup,
  836. TT_FORK, NULL, NULL },
  837. { "client_pick_intro", test_client_pick_intro,
  838. TT_FORK, NULL, NULL },
  839. { "descriptor_fetch", test_descriptor_fetch,
  840. TT_FORK, NULL, NULL },
  841. { "auth_key_filename_is_valid", test_auth_key_filename_is_valid, TT_FORK,
  842. NULL, NULL },
  843. { "parse_auth_file_content", test_parse_auth_file_content, TT_FORK,
  844. NULL, NULL },
  845. { "config_client_authorization", test_config_client_authorization,
  846. TT_FORK, NULL, NULL },
  847. { "desc_has_arrived_cleanup", test_desc_has_arrived_cleanup,
  848. TT_FORK, NULL, NULL },
  849. { "close_intro_circuits_new_desc", test_close_intro_circuits_new_desc,
  850. TT_FORK, NULL, NULL },
  851. END_OF_TESTCASES
  852. };