|
@@ -0,0 +1,198 @@
|
|
|
+/* Copyright (c) 2016, The Tor Project, Inc. */
|
|
|
+/* See LICENSE for licensing information */
|
|
|
+
|
|
|
+/**
|
|
|
+ * \file test_hs_config.c
|
|
|
+ * \brief Test hidden service configuration functionality.
|
|
|
+ */
|
|
|
+
|
|
|
+#define CONFIG_PRIVATE
|
|
|
+
|
|
|
+#include "test.h"
|
|
|
+#include "test_helpers.h"
|
|
|
+#include "log_test_helpers.h"
|
|
|
+#include "hs_config.h"
|
|
|
+#include "config.h"
|
|
|
+
|
|
|
+static int
|
|
|
+helper_config_service_v2(const char *conf, int validate_only)
|
|
|
+{
|
|
|
+ int ret = 0;
|
|
|
+ or_options_t *options = NULL;
|
|
|
+ tt_assert(conf);
|
|
|
+ options = helper_parse_options(conf);
|
|
|
+ tt_assert(options);
|
|
|
+ ret = hs_config_service_all(options, validate_only);
|
|
|
+ done:
|
|
|
+ or_options_free(options);
|
|
|
+ return ret;
|
|
|
+}
|
|
|
+
|
|
|
+static void
|
|
|
+test_invalid_service_v2(void *arg)
|
|
|
+{
|
|
|
+ int validate_only = 1, ret;
|
|
|
+
|
|
|
+ (void) arg;
|
|
|
+
|
|
|
+ /* Try with a missing port configuration. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n";
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("with no ports configured.");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Out of order directives. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServicePort 80\n";
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("HiddenServiceVersion with no preceding "
|
|
|
+ "HiddenServiceDir directive");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Bad port. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 65536\n";
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("Missing or invalid port");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Too many introduction points. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 80\n"
|
|
|
+ "HiddenServiceNumIntroductionPoints 11\n"; /* One too many. */
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("HiddenServiceNumIntroductionPoints should "
|
|
|
+ "be between 0 and 10, not 11");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Too much max streams. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 80\n"
|
|
|
+ "HiddenServiceMaxStreams 65536\n"; /* One too many. */
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("HiddenServiceMaxStreams should be between "
|
|
|
+ "0 and 65535, not 65536");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Bad authorized client type. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 80\n"
|
|
|
+ "HiddenServiceAuthorizeClient blah alice,bob\n"; /* blah is no good. */
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("HiddenServiceAuthorizeClient contains "
|
|
|
+ "unrecognized auth-type");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Duplicate directory directive. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 80\n"
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 81\n";
|
|
|
+ setup_full_capture_of_logs(LOG_WARN);
|
|
|
+ ret = helper_config_service_v2(conf, validate_only);
|
|
|
+ tt_int_op(ret, OP_EQ, -1);
|
|
|
+ expect_log_msg_containing("Another hidden service is already "
|
|
|
+ "configured for directory");
|
|
|
+ teardown_capture_of_logs();
|
|
|
+ }
|
|
|
+
|
|
|
+ done:
|
|
|
+ ;
|
|
|
+}
|
|
|
+
|
|
|
+static void
|
|
|
+test_valid_service_v2(void *arg)
|
|
|
+{
|
|
|
+ int ret;
|
|
|
+
|
|
|
+ (void) arg;
|
|
|
+
|
|
|
+ /* Valid complex configuration. Basic client authorization. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 80\n"
|
|
|
+ "HiddenServicePort 22 localhost:22\n"
|
|
|
+ "HiddenServicePort 42 unix:/path/to/socket\n"
|
|
|
+ "HiddenServiceAuthorizeClient basic alice,bob,eve\n"
|
|
|
+ "HiddenServiceAllowUnknownPorts 1\n"
|
|
|
+ "HiddenServiceMaxStreams 42\n"
|
|
|
+ "HiddenServiceMaxStreamsCloseCircuit 0\n"
|
|
|
+ "HiddenServiceDirGroupReadable 1\n"
|
|
|
+ "HiddenServiceNumIntroductionPoints 7\n";
|
|
|
+ ret = helper_config_service_v2(conf, 1);
|
|
|
+ tt_int_op(ret, OP_EQ, 0);
|
|
|
+ }
|
|
|
+
|
|
|
+ /* Valid complex configuration. Stealth client authorization. */
|
|
|
+ {
|
|
|
+ const char *conf =
|
|
|
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs2\n"
|
|
|
+ "HiddenServiceVersion 2\n"
|
|
|
+ "HiddenServicePort 65535\n"
|
|
|
+ "HiddenServicePort 22 1.1.1.1:22\n"
|
|
|
+ "HiddenServicePort 9000 unix:/path/to/socket\n"
|
|
|
+ "HiddenServiceAuthorizeClient stealth charlie,romeo\n"
|
|
|
+ "HiddenServiceAllowUnknownPorts 0\n"
|
|
|
+ "HiddenServiceMaxStreams 42\n"
|
|
|
+ "HiddenServiceMaxStreamsCloseCircuit 0\n"
|
|
|
+ "HiddenServiceDirGroupReadable 1\n"
|
|
|
+ "HiddenServiceNumIntroductionPoints 8\n";
|
|
|
+ ret = helper_config_service_v2(conf, 1);
|
|
|
+ tt_int_op(ret, OP_EQ, 0);
|
|
|
+ }
|
|
|
+
|
|
|
+ done:
|
|
|
+ ;
|
|
|
+}
|
|
|
+
|
|
|
+struct testcase_t hs_config_tests[] = {
|
|
|
+ { "invalid_service_v2", test_invalid_service_v2, TT_FORK,
|
|
|
+ NULL, NULL },
|
|
|
+ { "valid_service_v2", test_valid_service_v2, TT_FORK,
|
|
|
+ NULL, NULL },
|
|
|
+
|
|
|
+ END_OF_TESTCASES
|
|
|
+};
|
|
|
+
|