| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 | #!/bin/sh# Check that tor regenerates keys when key files are zero-length# Test for bug #13111 - Tor fails to start if onion keys are zero length## Usage:#  ./zero_length_keys.sh#    Run all the tests below#  ./zero_length_keys.sh -z#    Check tor will launch and regenerate zero-length keys#  ./zero_length_keys.sh -d#    Check tor regenerates deleted keys (existing behaviour)#  ./zero_length_keys.sh -e#    Check tor does not overwrite existing keys (existing behaviour)## Exit Statuses:#  -2: test failed - tor did not generate the key files on first run#  -1: a command failed - the test could not be completed#   0: test succeeded - tor regenerated/kept the files#   1: test failed - tor did not regenerate/keep the files#if [ $# -lt 1 ]; then  echo "Testing that tor correctly handles zero-length keys"  "$0" -z && "$0" -d && "$0" -e  exit $?fiexport DATA_DIR=`mktemp -d -t tor_zero_length_keys`# DisableNetwork means that the ORPort won't actually be opened.# 'ExitRelay 0' suppresses a warning.TOR="./src/or/tor --hush --DisableNetwork 1 --ShutdownWaitLength 0 --ORPort 12345 --ExitRelay 0"if [ -s "$DATA_DIR"/keys/secret_id_key -a -s "$DATA_DIR"/keys/secret_onion_key -a -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then  echo "Failure: Previous tor keys present in tor data directory"  exit -1else  echo "Generating initial tor keys"  $TOR --DataDirectory "$DATA_DIR" --PidFile "$DATA_DIR"/pid &  TOR_PID=$!  # generate SIGTERM, hopefully after the keys have been regenerated  sleep 5  kill $TOR_PID  wait $TOR_PID  # tor must successfully generate non-zero-length key files  if [ -s "$DATA_DIR"/keys/secret_id_key -a -s "$DATA_DIR"/keys/secret_onion_key -a -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then    true #echo "tor generated the initial key files"  else    echo "Failure: tor failed to generate the initial key files"    exit -2  fifi#ls -lh  "$DATA_DIR"/keys/ || exit -1# backup and keep/delete/create zero-length files for the keysFILE_DESC="keeps existing"# make a backupcp -r "$DATA_DIR"/keys "$DATA_DIR"/keys.old# delete keys for -d or -zif [ "$1" != "-e" ]; then  FILE_DESC="regenerates deleted"  rm "$DATA_DIR"/keys/secret_id_key || exit -1  rm "$DATA_DIR"/keys/secret_onion_key || exit -1  rm "$DATA_DIR"/keys/secret_onion_key_ntor || exit -1fi# create empty files for -zif [ "$1" == "-z" ]; then  FILE_DESC="regenerates zero-length"  touch "$DATA_DIR"/keys/secret_id_key || exit -1  touch "$DATA_DIR"/keys/secret_onion_key || exit -1  touch "$DATA_DIR"/keys/secret_onion_key_ntor || exit -1fiecho "Running tor again to check if it $FILE_DESC keys"$TOR --DataDirectory "$DATA_DIR" --PidFile "$DATA_DIR"/pid &TOR_PID=$!# generate SIGTERM, hopefully after the keys have been regeneratedsleep 5kill $TOR_PIDwait $TOR_PID#ls -lh "$DATA_DIR"/keys/ || exit -1# tor must always have non-zero-length key filesif [ -s "$DATA_DIR"/keys/secret_id_key -a -s "$DATA_DIR"/keys/secret_onion_key -a -s "$DATA_DIR"/keys/secret_onion_key_ntor ]; then  # check if the keys are different to the old ones  diff -q -r "$DATA_DIR"/keys "$DATA_DIR"/keys.old > /dev/null  SAME_KEYS=$?  # if we're not testing existing keys,  # the current keys should be different to the old ones  if [ "$1" != "-e" ]; then    if [ $SAME_KEYS -ne 0 ]; then      echo "Success: test that tor $FILE_DESC key files: different keys"      exit 0    else      echo "Failure: test that tor $FILE_DESC key files: same keys"      exit 1    fi  else #[ "$1" == "-e" ]; then    if [ $SAME_KEYS -eq 0 ]; then      echo "Success: test that tor $FILE_DESC key files: same keys"      exit 0    else      echo "Failure: test that tor $FILE_DESC key files: different keys"      exit 1    fi  fielse  echo "Failure: test that tor $FILE_DESC key files: no key files"  exit 1fi
 |