test_extorport.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616
  1. /* Copyright (c) 2013-2018, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. #define CONNECTION_PRIVATE
  4. #define EXT_ORPORT_PRIVATE
  5. #define MAIN_PRIVATE
  6. #include "core/or/or.h"
  7. #include "lib/container/buffers.h"
  8. #include "core/mainloop/connection.h"
  9. #include "core/or/connection_or.h"
  10. #include "app/config/config.h"
  11. #include "feature/control/control.h"
  12. #include "lib/crypt_ops/crypto_rand.h"
  13. #include "feature/relay/ext_orport.h"
  14. #include "core/mainloop/main.h"
  15. #include "core/or/or_connection_st.h"
  16. #include "test/test.h"
  17. #ifdef HAVE_SYS_STAT_H
  18. #include <sys/stat.h>
  19. #endif
  20. /* Test connection_or_remove_from_ext_or_id_map and
  21. * connection_or_set_ext_or_identifier */
  22. static void
  23. test_ext_or_id_map(void *arg)
  24. {
  25. or_connection_t *c1 = NULL, *c2 = NULL, *c3 = NULL;
  26. char *idp = NULL, *idp2 = NULL;
  27. (void)arg;
  28. /* pre-initialization */
  29. tt_ptr_op(NULL, OP_EQ,
  30. connection_or_get_by_ext_or_id("xxxxxxxxxxxxxxxxxxxx"));
  31. c1 = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  32. c2 = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  33. c3 = or_connection_new(CONN_TYPE_OR, AF_INET);
  34. tt_ptr_op(c1->ext_or_conn_id, OP_NE, NULL);
  35. tt_ptr_op(c2->ext_or_conn_id, OP_NE, NULL);
  36. tt_ptr_op(c3->ext_or_conn_id, OP_EQ, NULL);
  37. tt_ptr_op(c1, OP_EQ, connection_or_get_by_ext_or_id(c1->ext_or_conn_id));
  38. tt_ptr_op(c2, OP_EQ, connection_or_get_by_ext_or_id(c2->ext_or_conn_id));
  39. tt_ptr_op(NULL, OP_EQ,
  40. connection_or_get_by_ext_or_id("xxxxxxxxxxxxxxxxxxxx"));
  41. idp = tor_memdup(c2->ext_or_conn_id, EXT_OR_CONN_ID_LEN);
  42. /* Give c2 a new ID. */
  43. connection_or_set_ext_or_identifier(c2);
  44. tt_mem_op(idp, OP_NE, c2->ext_or_conn_id, EXT_OR_CONN_ID_LEN);
  45. idp2 = tor_memdup(c2->ext_or_conn_id, EXT_OR_CONN_ID_LEN);
  46. tt_assert(!tor_digest_is_zero(idp2));
  47. tt_ptr_op(NULL, OP_EQ, connection_or_get_by_ext_or_id(idp));
  48. tt_ptr_op(c2, OP_EQ, connection_or_get_by_ext_or_id(idp2));
  49. /* Now remove it. */
  50. connection_or_remove_from_ext_or_id_map(c2);
  51. tt_ptr_op(NULL, OP_EQ, connection_or_get_by_ext_or_id(idp));
  52. tt_ptr_op(NULL, OP_EQ, connection_or_get_by_ext_or_id(idp2));
  53. done:
  54. if (c1)
  55. connection_free_minimal(TO_CONN(c1));
  56. if (c2)
  57. connection_free_minimal(TO_CONN(c2));
  58. if (c3)
  59. connection_free_minimal(TO_CONN(c3));
  60. tor_free(idp);
  61. tor_free(idp2);
  62. connection_or_clear_ext_or_id_map();
  63. }
  64. /* Simple connection_write_to_buf_impl_ replacement that unconditionally
  65. * writes to outbuf. */
  66. static void
  67. connection_write_to_buf_impl_replacement(const char *string, size_t len,
  68. connection_t *conn, int compressed)
  69. {
  70. (void) compressed;
  71. tor_assert(string);
  72. tor_assert(conn);
  73. buf_add(conn->outbuf, string, len);
  74. }
  75. static char *
  76. buf_get_contents(buf_t *buf, size_t *sz_out)
  77. {
  78. char *out;
  79. *sz_out = buf_datalen(buf);
  80. if (*sz_out >= ULONG_MAX)
  81. return NULL; /* C'mon, really? */
  82. out = tor_malloc(*sz_out + 1);
  83. if (buf_get_bytes(buf, out, (unsigned long)*sz_out) != 0) {
  84. tor_free(out);
  85. return NULL;
  86. }
  87. out[*sz_out] = '\0'; /* Hopefully gratuitous. */
  88. return out;
  89. }
  90. static void
  91. test_ext_or_write_command(void *arg)
  92. {
  93. or_connection_t *c1;
  94. char *cp = NULL;
  95. char *buf = NULL;
  96. size_t sz;
  97. (void) arg;
  98. MOCK(connection_write_to_buf_impl_,
  99. connection_write_to_buf_impl_replacement);
  100. c1 = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  101. tt_assert(c1);
  102. /* Length too long */
  103. tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 100, "X", 100000),
  104. OP_LT, 0);
  105. /* Empty command */
  106. tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0x99, NULL, 0),
  107. OP_EQ, 0);
  108. cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
  109. tt_int_op(sz, OP_EQ, 4);
  110. tt_mem_op(cp, OP_EQ, "\x00\x99\x00\x00", 4);
  111. tor_free(cp);
  112. /* Medium command. */
  113. tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0x99,
  114. "Wai\0Hello", 9), OP_EQ, 0);
  115. cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
  116. tt_int_op(sz, OP_EQ, 13);
  117. tt_mem_op(cp, OP_EQ, "\x00\x99\x00\x09Wai\x00Hello", 13);
  118. tor_free(cp);
  119. /* Long command */
  120. buf = tor_malloc(65535);
  121. memset(buf, 'x', 65535);
  122. tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0xf00d,
  123. buf, 65535), OP_EQ, 0);
  124. cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
  125. tt_int_op(sz, OP_EQ, 65539);
  126. tt_mem_op(cp, OP_EQ, "\xf0\x0d\xff\xff", 4);
  127. tt_mem_op(cp+4, OP_EQ, buf, 65535);
  128. tor_free(cp);
  129. done:
  130. if (c1)
  131. connection_free_minimal(TO_CONN(c1));
  132. tor_free(cp);
  133. tor_free(buf);
  134. UNMOCK(connection_write_to_buf_impl_);
  135. }
  136. static int
  137. write_bytes_to_file_fail(const char *fname, const char *str, size_t len,
  138. int bin)
  139. {
  140. (void) fname;
  141. (void) str;
  142. (void) len;
  143. (void) bin;
  144. return -1;
  145. }
  146. static void
  147. test_ext_or_init_auth(void *arg)
  148. {
  149. or_options_t *options = get_options_mutable();
  150. const char *fn;
  151. char *cp = NULL;
  152. struct stat st;
  153. char cookie0[32];
  154. (void)arg;
  155. /* Check default filename location */
  156. tor_free(options->DataDirectory);
  157. options->DataDirectory = tor_strdup("foo");
  158. cp = get_ext_or_auth_cookie_file_name();
  159. tt_str_op(cp, OP_EQ, "foo"PATH_SEPARATOR"extended_orport_auth_cookie");
  160. tor_free(cp);
  161. /* Shouldn't be initialized already, or our tests will be a bit
  162. * meaningless */
  163. ext_or_auth_cookie = tor_malloc_zero(32);
  164. tt_assert(tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
  165. /* Now make sure we use a temporary file */
  166. fn = get_fname("ext_cookie_file");
  167. options->ExtORPortCookieAuthFile = tor_strdup(fn);
  168. cp = get_ext_or_auth_cookie_file_name();
  169. tt_str_op(cp, OP_EQ, fn);
  170. tor_free(cp);
  171. /* Test the initialization function with a broken
  172. write_bytes_to_file(). See if the problem is handled properly. */
  173. MOCK(write_bytes_to_file, write_bytes_to_file_fail);
  174. tt_int_op(-1, OP_EQ, init_ext_or_cookie_authentication(1));
  175. tt_int_op(ext_or_auth_cookie_is_set, OP_EQ, 0);
  176. UNMOCK(write_bytes_to_file);
  177. /* Now do the actual initialization. */
  178. tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1));
  179. tt_int_op(ext_or_auth_cookie_is_set, OP_EQ, 1);
  180. cp = read_file_to_str(fn, RFTS_BIN, &st);
  181. tt_ptr_op(cp, OP_NE, NULL);
  182. tt_u64_op((uint64_t)st.st_size, OP_EQ, 64);
  183. tt_mem_op(cp,OP_EQ, "! Extended ORPort Auth Cookie !\x0a", 32);
  184. tt_mem_op(cp+32,OP_EQ, ext_or_auth_cookie, 32);
  185. memcpy(cookie0, ext_or_auth_cookie, 32);
  186. tt_assert(!tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
  187. /* Operation should be idempotent. */
  188. tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1));
  189. tt_mem_op(cookie0,OP_EQ, ext_or_auth_cookie, 32);
  190. done:
  191. tor_free(cp);
  192. ext_orport_free_all();
  193. }
  194. static void
  195. test_ext_or_cookie_auth(void *arg)
  196. {
  197. char *reply=NULL, *reply2=NULL, *client_hash=NULL, *client_hash2=NULL;
  198. size_t reply_len=0;
  199. char hmac1[32], hmac2[32];
  200. const char client_nonce[32] =
  201. "Who is the third who walks alway";
  202. char server_hash_input[] =
  203. "ExtORPort authentication server-to-client hash"
  204. "Who is the third who walks alway"
  205. "................................";
  206. char client_hash_input[] =
  207. "ExtORPort authentication client-to-server hash"
  208. "Who is the third who walks alway"
  209. "................................";
  210. (void)arg;
  211. tt_int_op(strlen(client_hash_input), OP_EQ, 46+32+32);
  212. tt_int_op(strlen(server_hash_input), OP_EQ, 46+32+32);
  213. ext_or_auth_cookie = tor_malloc_zero(32);
  214. memcpy(ext_or_auth_cookie, "s beside you? When I count, ther", 32);
  215. ext_or_auth_cookie_is_set = 1;
  216. /* For this authentication, the client sends 32 random bytes (ClientNonce)
  217. * The server replies with 32 byte ServerHash and 32 byte ServerNonce,
  218. * where ServerHash is:
  219. * HMAC-SHA256(CookieString,
  220. * "ExtORPort authentication server-to-client hash" | ClientNonce |
  221. * ServerNonce)"
  222. * The client must reply with 32-byte ClientHash, which we compute as:
  223. * ClientHash is computed as:
  224. * HMAC-SHA256(CookieString,
  225. * "ExtORPort authentication client-to-server hash" | ClientNonce |
  226. * ServerNonce)
  227. */
  228. /* Wrong length */
  229. tt_int_op(-1, OP_EQ,
  230. handle_client_auth_nonce(client_nonce, 33, &client_hash, &reply,
  231. &reply_len));
  232. tt_int_op(-1, OP_EQ,
  233. handle_client_auth_nonce(client_nonce, 31, &client_hash, &reply,
  234. &reply_len));
  235. /* Now let's try this for real! */
  236. tt_int_op(0, OP_EQ,
  237. handle_client_auth_nonce(client_nonce, 32, &client_hash, &reply,
  238. &reply_len));
  239. tt_int_op(reply_len, OP_EQ, 64);
  240. tt_ptr_op(reply, OP_NE, NULL);
  241. tt_ptr_op(client_hash, OP_NE, NULL);
  242. /* Fill in the server nonce into the hash inputs... */
  243. memcpy(server_hash_input+46+32, reply+32, 32);
  244. memcpy(client_hash_input+46+32, reply+32, 32);
  245. /* Check the HMACs are correct... */
  246. crypto_hmac_sha256(hmac1, (char*)ext_or_auth_cookie, 32, server_hash_input,
  247. 46+32+32);
  248. crypto_hmac_sha256(hmac2, (char*)ext_or_auth_cookie, 32, client_hash_input,
  249. 46+32+32);
  250. tt_mem_op(hmac1,OP_EQ, reply, 32);
  251. tt_mem_op(hmac2,OP_EQ, client_hash, 32);
  252. /* Now do it again and make sure that the results are *different* */
  253. tt_int_op(0, OP_EQ,
  254. handle_client_auth_nonce(client_nonce, 32, &client_hash2, &reply2,
  255. &reply_len));
  256. tt_mem_op(reply2,OP_NE, reply, reply_len);
  257. tt_mem_op(client_hash2,OP_NE, client_hash, 32);
  258. /* But that this one checks out too. */
  259. memcpy(server_hash_input+46+32, reply2+32, 32);
  260. memcpy(client_hash_input+46+32, reply2+32, 32);
  261. /* Check the HMACs are correct... */
  262. crypto_hmac_sha256(hmac1, (char*)ext_or_auth_cookie, 32, server_hash_input,
  263. 46+32+32);
  264. crypto_hmac_sha256(hmac2, (char*)ext_or_auth_cookie, 32, client_hash_input,
  265. 46+32+32);
  266. tt_mem_op(hmac1,OP_EQ, reply2, 32);
  267. tt_mem_op(hmac2,OP_EQ, client_hash2, 32);
  268. done:
  269. tor_free(reply);
  270. tor_free(client_hash);
  271. tor_free(reply2);
  272. tor_free(client_hash2);
  273. }
  274. static void
  275. crypto_rand_return_tse_str(char *to, size_t n)
  276. {
  277. if (n != 32) {
  278. TT_FAIL(("Asked for %d bytes, not 32", (int)n));
  279. return;
  280. }
  281. memcpy(to, "te road There is always another ", 32);
  282. }
  283. static void
  284. test_ext_or_cookie_auth_testvec(void *arg)
  285. {
  286. char *reply=NULL, *client_hash=NULL;
  287. size_t reply_len;
  288. char *mem_op_hex_tmp=NULL;
  289. const char client_nonce[] = "But when I look ahead up the whi";
  290. (void)arg;
  291. ext_or_auth_cookie = tor_malloc_zero(32);
  292. memcpy(ext_or_auth_cookie, "Gliding wrapt in a brown mantle," , 32);
  293. ext_or_auth_cookie_is_set = 1;
  294. MOCK(crypto_rand, crypto_rand_return_tse_str);
  295. tt_int_op(0, OP_EQ,
  296. handle_client_auth_nonce(client_nonce, 32, &client_hash, &reply,
  297. &reply_len));
  298. tt_ptr_op(reply, OP_NE, NULL );
  299. tt_uint_op(reply_len, OP_EQ, 64);
  300. tt_mem_op(reply+32,OP_EQ, "te road There is always another ", 32);
  301. /* HMACSHA256("Gliding wrapt in a brown mantle,"
  302. * "ExtORPort authentication server-to-client hash"
  303. * "But when I look ahead up the write road There is always another ");
  304. */
  305. test_memeq_hex(reply,
  306. "ec80ed6e546d3b36fdfc22fe1315416b"
  307. "029f1ade7610d910878b62eeb7403821");
  308. /* HMACSHA256("Gliding wrapt in a brown mantle,"
  309. * "ExtORPort authentication client-to-server hash"
  310. * "But when I look ahead up the write road There is always another ");
  311. * (Both values computed using Python CLI.)
  312. */
  313. test_memeq_hex(client_hash,
  314. "ab391732dd2ed968cd40c087d1b1f25b"
  315. "33b3cd77ff79bd80c2074bbf438119a2");
  316. done:
  317. UNMOCK(crypto_rand);
  318. tor_free(reply);
  319. tor_free(client_hash);
  320. tor_free(mem_op_hex_tmp);
  321. }
  322. static void
  323. ignore_bootstrap_problem(const char *warn, int reason,
  324. or_connection_t *conn)
  325. {
  326. (void)warn;
  327. (void)reason;
  328. (void)conn;
  329. }
  330. static int is_reading = 1;
  331. static int handshake_start_called = 0;
  332. static void
  333. note_read_stopped(connection_t *conn)
  334. {
  335. (void)conn;
  336. is_reading=0;
  337. }
  338. static void
  339. note_read_started(connection_t *conn)
  340. {
  341. (void)conn;
  342. is_reading=1;
  343. }
  344. static int
  345. handshake_start(or_connection_t *conn, int receiving)
  346. {
  347. if (!conn || !receiving)
  348. TT_FAIL(("Bad arguments to handshake_start"));
  349. handshake_start_called = 1;
  350. return 0;
  351. }
  352. #define WRITE(s,n) \
  353. do { \
  354. buf_add(TO_CONN(conn)->inbuf, (s), (n)); \
  355. } while (0)
  356. #define CONTAINS(s,n) \
  357. do { \
  358. tt_int_op((n), OP_LE, sizeof(b)); \
  359. tt_int_op(buf_datalen(TO_CONN(conn)->outbuf), OP_EQ, (n)); \
  360. if ((n)) { \
  361. buf_get_bytes(TO_CONN(conn)->outbuf, b, (n)); \
  362. tt_mem_op(b, OP_EQ, (s), (n)); \
  363. } \
  364. } while (0)
  365. /* Helper: Do a successful Extended ORPort authentication handshake. */
  366. static void
  367. do_ext_or_handshake(or_connection_t *conn)
  368. {
  369. char b[256];
  370. tt_int_op(0, OP_EQ, connection_ext_or_start_auth(conn));
  371. CONTAINS("\x01\x00", 2);
  372. WRITE("\x01", 1);
  373. WRITE("But when I look ahead up the whi", 32);
  374. MOCK(crypto_rand, crypto_rand_return_tse_str);
  375. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  376. UNMOCK(crypto_rand);
  377. tt_int_op(TO_CONN(conn)->state, OP_EQ,
  378. EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH);
  379. CONTAINS("\xec\x80\xed\x6e\x54\x6d\x3b\x36\xfd\xfc\x22\xfe\x13\x15\x41\x6b"
  380. "\x02\x9f\x1a\xde\x76\x10\xd9\x10\x87\x8b\x62\xee\xb7\x40\x38\x21"
  381. "te road There is always another ", 64);
  382. /* Send the right response this time. */
  383. WRITE("\xab\x39\x17\x32\xdd\x2e\xd9\x68\xcd\x40\xc0\x87\xd1\xb1\xf2\x5b"
  384. "\x33\xb3\xcd\x77\xff\x79\xbd\x80\xc2\x07\x4b\xbf\x43\x81\x19\xa2",
  385. 32);
  386. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  387. CONTAINS("\x01", 1);
  388. tt_assert(! TO_CONN(conn)->marked_for_close);
  389. tt_int_op(TO_CONN(conn)->state, OP_EQ, EXT_OR_CONN_STATE_OPEN);
  390. done: ;
  391. }
  392. static void
  393. test_ext_or_handshake(void *arg)
  394. {
  395. or_connection_t *conn=NULL;
  396. char b[256];
  397. (void) arg;
  398. MOCK(connection_write_to_buf_impl_,
  399. connection_write_to_buf_impl_replacement);
  400. /* Use same authenticators as for test_ext_or_cookie_auth_testvec */
  401. ext_or_auth_cookie = tor_malloc_zero(32);
  402. memcpy(ext_or_auth_cookie, "Gliding wrapt in a brown mantle," , 32);
  403. ext_or_auth_cookie_is_set = 1;
  404. init_connection_lists();
  405. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  406. tt_int_op(0, OP_EQ, connection_ext_or_start_auth(conn));
  407. /* The server starts by telling us about the one supported authtype. */
  408. CONTAINS("\x01\x00", 2);
  409. /* Say the client hasn't responded yet. */
  410. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  411. /* Let's say the client replies badly. */
  412. WRITE("\x99", 1);
  413. tt_int_op(-1, OP_EQ, connection_ext_or_process_inbuf(conn));
  414. CONTAINS("", 0);
  415. tt_assert(TO_CONN(conn)->marked_for_close);
  416. close_closeable_connections();
  417. conn = NULL;
  418. /* Okay, try again. */
  419. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  420. tt_int_op(0, OP_EQ, connection_ext_or_start_auth(conn));
  421. CONTAINS("\x01\x00", 2);
  422. /* Let's say the client replies sensibly this time. "Yes, AUTHTYPE_COOKIE
  423. * sounds delicious. Let's have some of that!" */
  424. WRITE("\x01", 1);
  425. /* Let's say that the client also sends part of a nonce. */
  426. WRITE("But when I look ", 16);
  427. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  428. CONTAINS("", 0);
  429. tt_int_op(TO_CONN(conn)->state, OP_EQ,
  430. EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE);
  431. /* Pump it again. Nothing should happen. */
  432. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  433. /* send the rest of the nonce. */
  434. WRITE("ahead up the whi", 16);
  435. MOCK(crypto_rand, crypto_rand_return_tse_str);
  436. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  437. UNMOCK(crypto_rand);
  438. /* We should get the right reply from the server. */
  439. CONTAINS("\xec\x80\xed\x6e\x54\x6d\x3b\x36\xfd\xfc\x22\xfe\x13\x15\x41\x6b"
  440. "\x02\x9f\x1a\xde\x76\x10\xd9\x10\x87\x8b\x62\xee\xb7\x40\x38\x21"
  441. "te road There is always another ", 64);
  442. /* Send the wrong response. */
  443. WRITE("not with a bang but a whimper...", 32);
  444. MOCK(control_event_bootstrap_prob_or, ignore_bootstrap_problem);
  445. tt_int_op(-1, OP_EQ, connection_ext_or_process_inbuf(conn));
  446. CONTAINS("\x00", 1);
  447. tt_assert(TO_CONN(conn)->marked_for_close);
  448. /* XXXX Hold-open-until-flushed. */
  449. close_closeable_connections();
  450. conn = NULL;
  451. UNMOCK(control_event_bootstrap_prob_or);
  452. MOCK(connection_start_reading, note_read_started);
  453. MOCK(connection_stop_reading, note_read_stopped);
  454. MOCK(connection_tls_start_handshake, handshake_start);
  455. /* Okay, this time let's succeed. */
  456. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  457. do_ext_or_handshake(conn);
  458. /* Now let's run through some messages. */
  459. /* First let's send some junk and make sure it's ignored. */
  460. WRITE("\xff\xf0\x00\x03""ABC", 7);
  461. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  462. CONTAINS("", 0);
  463. /* Now let's send a USERADDR command. */
  464. WRITE("\x00\x01\x00\x0c""1.2.3.4:5678", 16);
  465. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  466. tt_int_op(TO_CONN(conn)->port, OP_EQ, 5678);
  467. tt_int_op(tor_addr_to_ipv4h(&TO_CONN(conn)->addr), OP_EQ, 0x01020304);
  468. /* Now let's send a TRANSPORT command. */
  469. WRITE("\x00\x02\x00\x07""rfc1149", 11);
  470. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  471. tt_ptr_op(NULL, OP_NE, conn->ext_or_transport);
  472. tt_str_op("rfc1149", OP_EQ, conn->ext_or_transport);
  473. tt_int_op(is_reading,OP_EQ,1);
  474. tt_int_op(TO_CONN(conn)->state, OP_EQ, EXT_OR_CONN_STATE_OPEN);
  475. /* DONE */
  476. WRITE("\x00\x00\x00\x00", 4);
  477. tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
  478. tt_int_op(TO_CONN(conn)->state, OP_EQ, EXT_OR_CONN_STATE_FLUSHING);
  479. tt_int_op(is_reading,OP_EQ,0);
  480. CONTAINS("\x10\x00\x00\x00", 4);
  481. tt_int_op(handshake_start_called,OP_EQ,0);
  482. tt_int_op(0, OP_EQ, connection_ext_or_finished_flushing(conn));
  483. tt_int_op(is_reading,OP_EQ,1);
  484. tt_int_op(handshake_start_called,OP_EQ,1);
  485. tt_int_op(TO_CONN(conn)->type, OP_EQ, CONN_TYPE_OR);
  486. tt_int_op(TO_CONN(conn)->state, OP_EQ, 0);
  487. close_closeable_connections();
  488. conn = NULL;
  489. /* Okay, this time let's succeed the handshake but fail the USERADDR
  490. command. */
  491. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  492. do_ext_or_handshake(conn);
  493. /* USERADDR command with an extra NUL byte */
  494. WRITE("\x00\x01\x00\x0d""1.2.3.4:5678\x00", 17);
  495. MOCK(control_event_bootstrap_prob_or, ignore_bootstrap_problem);
  496. tt_int_op(-1, OP_EQ, connection_ext_or_process_inbuf(conn));
  497. CONTAINS("", 0);
  498. tt_assert(TO_CONN(conn)->marked_for_close);
  499. close_closeable_connections();
  500. conn = NULL;
  501. UNMOCK(control_event_bootstrap_prob_or);
  502. /* Now fail the TRANSPORT command. */
  503. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  504. do_ext_or_handshake(conn);
  505. /* TRANSPORT command with an extra NUL byte */
  506. WRITE("\x00\x02\x00\x08""rfc1149\x00", 12);
  507. MOCK(control_event_bootstrap_prob_or, ignore_bootstrap_problem);
  508. tt_int_op(-1, OP_EQ, connection_ext_or_process_inbuf(conn));
  509. CONTAINS("", 0);
  510. tt_assert(TO_CONN(conn)->marked_for_close);
  511. close_closeable_connections();
  512. conn = NULL;
  513. UNMOCK(control_event_bootstrap_prob_or);
  514. /* Now fail the TRANSPORT command. */
  515. conn = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
  516. do_ext_or_handshake(conn);
  517. /* TRANSPORT command with transport name with symbols (not a
  518. C-identifier) */
  519. WRITE("\x00\x02\x00\x07""rf*1149", 11);
  520. MOCK(control_event_bootstrap_prob_or, ignore_bootstrap_problem);
  521. tt_int_op(-1, OP_EQ, connection_ext_or_process_inbuf(conn));
  522. CONTAINS("", 0);
  523. tt_assert(TO_CONN(conn)->marked_for_close);
  524. close_closeable_connections();
  525. conn = NULL;
  526. UNMOCK(control_event_bootstrap_prob_or);
  527. done:
  528. UNMOCK(connection_write_to_buf_impl_);
  529. UNMOCK(crypto_rand);
  530. if (conn)
  531. connection_free_minimal(TO_CONN(conn));
  532. #undef CONTAINS
  533. #undef WRITE
  534. }
  535. struct testcase_t extorport_tests[] = {
  536. { "id_map", test_ext_or_id_map, TT_FORK, NULL, NULL },
  537. { "write_command", test_ext_or_write_command, TT_FORK, NULL, NULL },
  538. { "init_auth", test_ext_or_init_auth, TT_FORK, NULL, NULL },
  539. { "cookie_auth", test_ext_or_cookie_auth, TT_FORK, NULL, NULL },
  540. { "cookie_auth_testvec", test_ext_or_cookie_auth_testvec, TT_FORK,
  541. NULL, NULL },
  542. { "handshake", test_ext_or_handshake, TT_FORK, NULL, NULL },
  543. END_OF_TESTCASES
  544. };