test_hs.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513
  1. /* Copyright (c) 2007-2016, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file test_hs.c
  5. * \brief Unit tests for hidden service.
  6. **/
  7. #define CONTROL_PRIVATE
  8. #define CIRCUITBUILD_PRIVATE
  9. #include "or.h"
  10. #include "test.h"
  11. #include "control.h"
  12. #include "config.h"
  13. #include "rendcommon.h"
  14. #include "routerset.h"
  15. #include "circuitbuild.h"
  16. #include "test_helpers.h"
  17. /* mock ID digest and longname for node that's in nodelist */
  18. #define HSDIR_EXIST_ID "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" \
  19. "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
  20. #define STR_HSDIR_EXIST_LONGNAME \
  21. "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=TestDir"
  22. /* mock ID digest and longname for node that's not in nodelist */
  23. #define HSDIR_NONE_EXIST_ID "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" \
  24. "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"
  25. #define STR_HSDIR_NONE_EXIST_LONGNAME \
  26. "$BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
  27. /* DuckDuckGo descriptor as an example. */
  28. static const char *hs_desc_content = "\
  29. rendezvous-service-descriptor g5ojobzupf275beh5ra72uyhb3dkpxwg\r\n\
  30. version 2\r\n\
  31. permanent-key\r\n\
  32. -----BEGIN RSA PUBLIC KEY-----\r\n\
  33. MIGJAoGBAJ/SzzgrXPxTlFrKVhXh3buCWv2QfcNgncUpDpKouLn3AtPH5Ocys0jE\r\n\
  34. aZSKdvaiQ62md2gOwj4x61cFNdi05tdQjS+2thHKEm/KsB9BGLSLBNJYY356bupg\r\n\
  35. I5gQozM65ENelfxYlysBjJ52xSDBd8C4f/p9umdzaaaCmzXG/nhzAgMBAAE=\r\n\
  36. -----END RSA PUBLIC KEY-----\r\n\
  37. secret-id-part anmjoxxwiupreyajjt5yasimfmwcnxlf\r\n\
  38. publication-time 2015-03-11 19:00:00\r\n\
  39. protocol-versions 2,3\r\n\
  40. introduction-points\r\n\
  41. -----BEGIN MESSAGE-----\r\n\
  42. aW50cm9kdWN0aW9uLXBvaW50IDd1bnd4cmg2dG5kNGh6eWt1Z3EzaGZzdHduc2ll\r\n\
  43. cmhyCmlwLWFkZHJlc3MgMTg4LjEzOC4xMjEuMTE4Cm9uaW9uLXBvcnQgOTAwMQpv\r\n\
  44. bmlvbi1rZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dC\r\n\
  45. QUxGRVVyeVpDbk9ROEhURmV5cDVjMTRObWVqL1BhekFLTTBxRENTNElKUWh0Y3g1\r\n\
  46. NXpRSFdOVWIKQ2hHZ0JqR1RjV3ZGRnA0N3FkdGF6WUZhVXE2c0lQKzVqeWZ5b0Q4\r\n\
  47. UmJ1bzBwQmFWclJjMmNhYUptWWM0RDh6Vgpuby9sZnhzOVVaQnZ1cWY4eHIrMDB2\r\n\
  48. S0JJNmFSMlA2OE1WeDhrMExqcUpUU2RKOE9idm9yQWdNQkFBRT0KLS0tLS1FTkQg\r\n\
  49. UlNBIFBVQkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQ\r\n\
  50. VUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTnJHb0ozeTlHNXQzN2F2ekI1cTlwN1hG\r\n\
  51. VUplRUVYMUNOaExnWmJXWGJhVk5OcXpoZFhyL0xTUQppM1Z6dW5OaUs3cndUVnE2\r\n\
  52. K2QyZ1lRckhMMmIvMXBBY3ZKWjJiNSs0bTRRc0NibFpjRENXTktRbHJnRWN5WXRJ\r\n\
  53. CkdscXJTbFFEaXA0ZnNrUFMvNDVkWTI0QmJsQ3NGU1k3RzVLVkxJck4zZFpGbmJr\r\n\
  54. NEZIS1hBZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJv\r\n\
  55. ZHVjdGlvbi1wb2ludCBiNGM3enlxNXNheGZzN2prNXFibG1wN3I1b3pwdHRvagpp\r\n\
  56. cC1hZGRyZXNzIDEwOS4xNjkuNDUuMjI2Cm9uaW9uLXBvcnQgOTAwMQpvbmlvbi1r\r\n\
  57. ZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dCQU8xSXpw\r\n\
  58. WFFUTUY3RXZUb1NEUXpzVnZiRVFRQUQrcGZ6NzczMVRXZzVaUEJZY1EyUkRaeVp4\r\n\
  59. OEQKNUVQSU1FeUE1RE83cGd0ak5LaXJvYXJGMC8yempjMkRXTUlSaXZyU29YUWVZ\r\n\
  60. ZXlMM1pzKzFIajJhMDlCdkYxZAp6MEswblRFdVhoNVR5V3lyMHdsbGI1SFBnTlI0\r\n\
  61. MS9oYkprZzkwZitPVCtIeGhKL1duUml2QWdNQkFBRT0KLS0tLS1FTkQgUlNBIFBV\r\n\
  62. QkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQVUJMSUMg\r\n\
  63. S0VZLS0tLS0KTUlHSkFvR0JBSzNWZEJ2ajFtQllLL3JrcHNwcm9Ub0llNUtHVmth\r\n\
  64. QkxvMW1tK1I2YUVJek1VZFE1SjkwNGtyRwpCd3k5NC8rV0lGNFpGYXh5Z2phejl1\r\n\
  65. N2pKY1k3ZGJhd1pFeG1hYXFCRlRwL2h2ZG9rcHQ4a1ByRVk4OTJPRHJ1CmJORUox\r\n\
  66. N1FPSmVMTVZZZk5Kcjl4TWZCQ3JQai8zOGh2RUdrbWVRNmRVWElvbVFNaUJGOVRB\r\n\
  67. Z01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJvZHVjdGlv\r\n\
  68. bi1wb2ludCBhdjVtcWl0Y2Q3cjJkandsYmN0c2Jlc2R3eGt0ZWtvegppcC1hZGRy\r\n\
  69. ZXNzIDE0NC43Ni44LjczCm9uaW9uLXBvcnQgNDQzCm9uaW9uLWtleQotLS0tLUJF\r\n\
  70. R0lOIFJTQSBQVUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTzVweVZzQmpZQmNmMXBE\r\n\
  71. dklHUlpmWXUzQ05nNldka0ZLMGlvdTBXTGZtejZRVDN0NWhzd3cyVwpjejlHMXhx\r\n\
  72. MmN0Nkd6VWkrNnVkTDlITTRVOUdHTi9BbW8wRG9GV1hKWHpBQkFXd2YyMVdsd1lW\r\n\
  73. eFJQMHRydi9WCkN6UDkzcHc5OG5vSmdGUGRUZ05iMjdKYmVUZENLVFBrTEtscXFt\r\n\
  74. b3NveUN2RitRa25vUS9BZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0t\r\n\
  75. LS0tCnNlcnZpY2Uta2V5Ci0tLS0tQkVHSU4gUlNBIFBVQkxJQyBLRVktLS0tLQpN\r\n\
  76. SUdKQW9HQkFMVjNKSmtWN3lTNU9jc1lHMHNFYzFQOTVRclFRR3ZzbGJ6Wi9zRGxl\r\n\
  77. RlpKYXFSOUYvYjRUVERNClNGcFMxcU1GbldkZDgxVmRGMEdYRmN2WVpLamRJdHU2\r\n\
  78. SndBaTRJeEhxeXZtdTRKdUxrcXNaTEFLaXRLVkx4eGsKeERlMjlDNzRWMmJrOTRJ\r\n\
  79. MEgybTNKS2tzTHVwc3VxWWRVUmhOVXN0SElKZmgyZmNIalF0bEFnTUJBQUU9Ci0t\r\n\
  80. LS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0KCg==\r\n\
  81. -----END MESSAGE-----\r\n\
  82. signature\r\n\
  83. -----BEGIN SIGNATURE-----\r\n\
  84. d4OuCE5OLAOnRB6cQN6WyMEmg/BHem144Vec+eYgeWoKwx3MxXFplUjFxgnMlmwN\r\n\
  85. PcftsZf2ztN0sbNCtPgDL3d0PqvxY3iHTQAI8EbaGq/IAJUZ8U4y963dD5+Bn6JQ\r\n\
  86. myE3ctmh0vy5+QxSiRjmQBkuEpCyks7LvWvHYrhnmcg=\r\n\
  87. -----END SIGNATURE-----";
  88. /* Helper global variable for hidden service descriptor event test.
  89. * It's used as a pointer to dynamically created message buffer in
  90. * send_control_event_string_replacement function, which mocks
  91. * send_control_event_string function.
  92. *
  93. * Always free it after use! */
  94. static char *received_msg = NULL;
  95. /** Mock function for send_control_event_string
  96. */
  97. static void
  98. queue_control_event_string_replacement(uint16_t event, char *msg)
  99. {
  100. (void) event;
  101. tor_free(received_msg);
  102. received_msg = msg;
  103. }
  104. /** Mock function for node_describe_longname_by_id, it returns either
  105. * STR_HSDIR_EXIST_LONGNAME or STR_HSDIR_NONE_EXIST_LONGNAME
  106. */
  107. static const char *
  108. node_describe_longname_by_id_replacement(const char *id_digest)
  109. {
  110. if (!strcmp(id_digest, HSDIR_EXIST_ID)) {
  111. return STR_HSDIR_EXIST_LONGNAME;
  112. } else {
  113. return STR_HSDIR_NONE_EXIST_LONGNAME;
  114. }
  115. }
  116. /** Make sure each hidden service descriptor async event generation
  117. *
  118. * function generates the message in expected format.
  119. */
  120. static void
  121. test_hs_desc_event(void *arg)
  122. {
  123. #define STR_HS_ADDR "ajhb7kljbiru65qo"
  124. #define STR_HS_CONTENT_DESC_ID "g5ojobzupf275beh5ra72uyhb3dkpxwg"
  125. #define STR_DESC_ID_BASE32 "hba3gmcgpfivzfhx5rtfqkfdhv65yrj3"
  126. int ret;
  127. rend_data_t rend_query;
  128. const char *expected_msg;
  129. char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
  130. (void) arg;
  131. MOCK(queue_control_event_string,
  132. queue_control_event_string_replacement);
  133. MOCK(node_describe_longname_by_id,
  134. node_describe_longname_by_id_replacement);
  135. /* setup rend_query struct */
  136. memset(&rend_query, 0, sizeof(rend_query));
  137. strncpy(rend_query.onion_address, STR_HS_ADDR,
  138. REND_SERVICE_ID_LEN_BASE32+1);
  139. rend_query.auth_type = REND_NO_AUTH;
  140. rend_query.hsdirs_fp = smartlist_new();
  141. smartlist_add(rend_query.hsdirs_fp, tor_memdup(HSDIR_EXIST_ID,
  142. DIGEST_LEN));
  143. /* Compute descriptor ID for replica 0, should be STR_DESC_ID_BASE32. */
  144. ret = rend_compute_v2_desc_id(rend_query.descriptor_id[0],
  145. rend_query.onion_address,
  146. NULL, 0, 0);
  147. tt_int_op(ret, ==, 0);
  148. base32_encode(desc_id_base32, sizeof(desc_id_base32),
  149. rend_query.descriptor_id[0], DIGEST_LEN);
  150. /* Make sure rend_compute_v2_desc_id works properly. */
  151. tt_mem_op(desc_id_base32, OP_EQ, STR_DESC_ID_BASE32,
  152. sizeof(desc_id_base32));
  153. /* test request event */
  154. control_event_hs_descriptor_requested(&rend_query, HSDIR_EXIST_ID,
  155. STR_DESC_ID_BASE32);
  156. expected_msg = "650 HS_DESC REQUESTED "STR_HS_ADDR" NO_AUTH "\
  157. STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32 "\r\n";
  158. tt_assert(received_msg);
  159. tt_str_op(received_msg,OP_EQ, expected_msg);
  160. tor_free(received_msg);
  161. /* test received event */
  162. rend_query.auth_type = REND_BASIC_AUTH;
  163. control_event_hs_descriptor_received(rend_query.onion_address,
  164. &rend_query, HSDIR_EXIST_ID);
  165. expected_msg = "650 HS_DESC RECEIVED "STR_HS_ADDR" BASIC_AUTH "\
  166. STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32"\r\n";
  167. tt_assert(received_msg);
  168. tt_str_op(received_msg,OP_EQ, expected_msg);
  169. tor_free(received_msg);
  170. /* test failed event */
  171. rend_query.auth_type = REND_STEALTH_AUTH;
  172. control_event_hs_descriptor_failed(&rend_query,
  173. HSDIR_NONE_EXIST_ID,
  174. "QUERY_REJECTED");
  175. expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" STEALTH_AUTH "\
  176. STR_HSDIR_NONE_EXIST_LONGNAME" REASON=QUERY_REJECTED\r\n";
  177. tt_assert(received_msg);
  178. tt_str_op(received_msg,OP_EQ, expected_msg);
  179. tor_free(received_msg);
  180. /* test invalid auth type */
  181. rend_query.auth_type = 999;
  182. control_event_hs_descriptor_failed(&rend_query,
  183. HSDIR_EXIST_ID,
  184. "QUERY_REJECTED");
  185. expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" UNKNOWN "\
  186. STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32\
  187. " REASON=QUERY_REJECTED\r\n";
  188. tt_assert(received_msg);
  189. tt_str_op(received_msg,OP_EQ, expected_msg);
  190. tor_free(received_msg);
  191. /* test valid content. */
  192. char *exp_msg;
  193. control_event_hs_descriptor_content(rend_query.onion_address,
  194. STR_HS_CONTENT_DESC_ID, HSDIR_EXIST_ID,
  195. hs_desc_content);
  196. tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " "\
  197. STR_HS_CONTENT_DESC_ID " " STR_HSDIR_EXIST_LONGNAME\
  198. "\r\n%s\r\n.\r\n650 OK\r\n", hs_desc_content);
  199. tt_assert(received_msg);
  200. tt_str_op(received_msg, OP_EQ, exp_msg);
  201. tor_free(received_msg);
  202. tor_free(exp_msg);
  203. SMARTLIST_FOREACH(rend_query.hsdirs_fp, char *, d, tor_free(d));
  204. smartlist_free(rend_query.hsdirs_fp);
  205. done:
  206. UNMOCK(queue_control_event_string);
  207. UNMOCK(node_describe_longname_by_id);
  208. tor_free(received_msg);
  209. }
  210. /* Make sure we always pick the right RP, given a well formatted
  211. * Tor2webRendezvousPoints value. */
  212. static void
  213. test_pick_tor2web_rendezvous_node(void *arg)
  214. {
  215. or_options_t *options = get_options_mutable();
  216. const node_t *chosen_rp = NULL;
  217. router_crn_flags_t flags = CRN_NEED_DESC;
  218. int retval, i;
  219. const char *tor2web_rendezvous_str = "test003r";
  220. (void) arg;
  221. /* Setup fake routerlist. */
  222. helper_setup_fake_routerlist();
  223. /* Parse Tor2webRendezvousPoints as a routerset. */
  224. options->Tor2webRendezvousPoints = routerset_new();
  225. retval = routerset_parse(options->Tor2webRendezvousPoints,
  226. tor2web_rendezvous_str,
  227. "test_tor2web_rp");
  228. tt_int_op(retval, >=, 0);
  229. /* Pick rendezvous point. Make sure the correct one is
  230. picked. Repeat many times to make sure it works properly. */
  231. for (i = 0; i < 50 ; i++) {
  232. chosen_rp = pick_tor2web_rendezvous_node(flags, options);
  233. tt_assert(chosen_rp);
  234. tt_str_op(chosen_rp->ri->nickname, ==, tor2web_rendezvous_str);
  235. }
  236. done:
  237. routerset_free(options->Tor2webRendezvousPoints);
  238. }
  239. /* Make sure we never pick an RP if Tor2webRendezvousPoints doesn't
  240. * correspond to an actual node. */
  241. static void
  242. test_pick_bad_tor2web_rendezvous_node(void *arg)
  243. {
  244. or_options_t *options = get_options_mutable();
  245. const node_t *chosen_rp = NULL;
  246. router_crn_flags_t flags = CRN_NEED_DESC;
  247. int retval, i;
  248. const char *tor2web_rendezvous_str = "dummy";
  249. (void) arg;
  250. /* Setup fake routerlist. */
  251. helper_setup_fake_routerlist();
  252. /* Parse Tor2webRendezvousPoints as a routerset. */
  253. options->Tor2webRendezvousPoints = routerset_new();
  254. retval = routerset_parse(options->Tor2webRendezvousPoints,
  255. tor2web_rendezvous_str,
  256. "test_tor2web_rp");
  257. tt_int_op(retval, >=, 0);
  258. /* Pick rendezvous point. Since Tor2webRendezvousPoints was set to a
  259. dummy value, we shouldn't find any eligible RPs. */
  260. for (i = 0; i < 50 ; i++) {
  261. chosen_rp = pick_tor2web_rendezvous_node(flags, options);
  262. tt_assert(!chosen_rp);
  263. }
  264. done:
  265. routerset_free(options->Tor2webRendezvousPoints);
  266. }
  267. /* Make sure rend_data_t is valid at creation, destruction and when
  268. * duplicated. */
  269. static void
  270. test_hs_rend_data(void *arg)
  271. {
  272. int rep;
  273. rend_data_t *client = NULL, *client_dup = NULL;
  274. /* Binary format of a descriptor ID. */
  275. char desc_id[DIGEST_LEN];
  276. char client_cookie[REND_DESC_COOKIE_LEN];
  277. time_t now = time(NULL);
  278. rend_data_t *service_dup = NULL;
  279. rend_data_t *service = NULL;
  280. (void)arg;
  281. base32_decode(desc_id, sizeof(desc_id), STR_DESC_ID_BASE32,
  282. REND_DESC_ID_V2_LEN_BASE32);
  283. memset(client_cookie, 'e', sizeof(client_cookie));
  284. client = rend_data_client_create(STR_HS_ADDR, desc_id, client_cookie,
  285. REND_NO_AUTH);
  286. tt_assert(client);
  287. tt_int_op(client->auth_type, ==, REND_NO_AUTH);
  288. tt_str_op(client->onion_address, OP_EQ, STR_HS_ADDR);
  289. tt_mem_op(client->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id));
  290. tt_mem_op(client->descriptor_cookie, OP_EQ, client_cookie,
  291. sizeof(client_cookie));
  292. tt_assert(client->hsdirs_fp);
  293. tt_int_op(smartlist_len(client->hsdirs_fp), ==, 0);
  294. for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
  295. int ret = rend_compute_v2_desc_id(desc_id, client->onion_address,
  296. client->descriptor_cookie, now, rep);
  297. /* That shouldn't never fail. */
  298. tt_int_op(ret, ==, 0);
  299. tt_mem_op(client->descriptor_id[rep], OP_EQ, desc_id, sizeof(desc_id));
  300. }
  301. /* The rest should be zeroed because this is a client request. */
  302. tt_int_op(tor_digest_is_zero(client->rend_pk_digest), ==, 1);
  303. tt_int_op(tor_digest_is_zero(client->rend_cookie), ==, 1);
  304. /* Test dup(). */
  305. client_dup = rend_data_dup(client);
  306. tt_assert(client_dup);
  307. tt_int_op(client_dup->auth_type, ==, client->auth_type);
  308. tt_str_op(client_dup->onion_address, OP_EQ, client->onion_address);
  309. tt_mem_op(client_dup->desc_id_fetch, OP_EQ, client->desc_id_fetch,
  310. sizeof(client_dup->desc_id_fetch));
  311. tt_mem_op(client_dup->descriptor_cookie, OP_EQ, client->descriptor_cookie,
  312. sizeof(client_dup->descriptor_cookie));
  313. tt_assert(client_dup->hsdirs_fp);
  314. tt_int_op(smartlist_len(client_dup->hsdirs_fp), ==, 0);
  315. for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
  316. tt_mem_op(client_dup->descriptor_id[rep], OP_EQ,
  317. client->descriptor_id[rep], DIGEST_LEN);
  318. }
  319. /* The rest should be zeroed because this is a client request. */
  320. tt_int_op(tor_digest_is_zero(client_dup->rend_pk_digest), ==, 1);
  321. tt_int_op(tor_digest_is_zero(client_dup->rend_cookie), ==, 1);
  322. rend_data_free(client);
  323. client = NULL;
  324. rend_data_free(client_dup);
  325. client_dup = NULL;
  326. /* Reset state. */
  327. base32_decode(desc_id, sizeof(desc_id), STR_DESC_ID_BASE32,
  328. REND_DESC_ID_V2_LEN_BASE32);
  329. memset(client_cookie, 'e', sizeof(client_cookie));
  330. /* Try with different parameters here for which some content should be
  331. * zeroed out. */
  332. client = rend_data_client_create(NULL, desc_id, NULL, REND_BASIC_AUTH);
  333. tt_assert(client);
  334. tt_int_op(client->auth_type, ==, REND_BASIC_AUTH);
  335. tt_int_op(strlen(client->onion_address), ==, 0);
  336. tt_mem_op(client->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id));
  337. tt_int_op(tor_mem_is_zero(client->descriptor_cookie,
  338. sizeof(client->descriptor_cookie)), ==, 1);
  339. tt_assert(client->hsdirs_fp);
  340. tt_int_op(smartlist_len(client->hsdirs_fp), ==, 0);
  341. for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
  342. tt_int_op(tor_digest_is_zero(client->descriptor_id[rep]), ==, 1);
  343. }
  344. /* The rest should be zeroed because this is a client request. */
  345. tt_int_op(tor_digest_is_zero(client->rend_pk_digest), ==, 1);
  346. tt_int_op(tor_digest_is_zero(client->rend_cookie), ==, 1);
  347. rend_data_free(client);
  348. client = NULL;
  349. /* Let's test the service object now. */
  350. char rend_pk_digest[DIGEST_LEN];
  351. uint8_t rend_cookie[DIGEST_LEN];
  352. memset(rend_pk_digest, 'f', sizeof(rend_pk_digest));
  353. memset(rend_cookie, 'g', sizeof(rend_cookie));
  354. service = rend_data_service_create(STR_HS_ADDR, rend_pk_digest,
  355. rend_cookie, REND_NO_AUTH);
  356. tt_assert(service);
  357. tt_int_op(service->auth_type, ==, REND_NO_AUTH);
  358. tt_str_op(service->onion_address, OP_EQ, STR_HS_ADDR);
  359. tt_mem_op(service->rend_pk_digest, OP_EQ, rend_pk_digest,
  360. sizeof(rend_pk_digest));
  361. tt_mem_op(service->rend_cookie, OP_EQ, rend_cookie, sizeof(rend_cookie));
  362. tt_assert(service->hsdirs_fp);
  363. tt_int_op(smartlist_len(service->hsdirs_fp), ==, 0);
  364. for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
  365. tt_int_op(tor_digest_is_zero(service->descriptor_id[rep]), ==, 1);
  366. }
  367. /* The rest should be zeroed because this is a service request. */
  368. tt_int_op(tor_digest_is_zero(service->descriptor_cookie), ==, 1);
  369. tt_int_op(tor_digest_is_zero(service->desc_id_fetch), ==, 1);
  370. /* Test dup(). */
  371. service_dup = rend_data_dup(service);
  372. tt_assert(service_dup);
  373. tt_int_op(service_dup->auth_type, ==, service->auth_type);
  374. tt_str_op(service_dup->onion_address, OP_EQ, service->onion_address);
  375. tt_mem_op(service_dup->rend_pk_digest, OP_EQ, service->rend_pk_digest,
  376. sizeof(service_dup->rend_pk_digest));
  377. tt_mem_op(service_dup->rend_cookie, OP_EQ, service->rend_cookie,
  378. sizeof(service_dup->rend_cookie));
  379. tt_assert(service_dup->hsdirs_fp);
  380. tt_int_op(smartlist_len(service_dup->hsdirs_fp), ==, 0);
  381. for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
  382. tt_int_op(tor_digest_is_zero(service_dup->descriptor_id[rep]), ==, 1);
  383. }
  384. /* The rest should be zeroed because this is a service request. */
  385. tt_int_op(tor_digest_is_zero(service_dup->descriptor_cookie), ==, 1);
  386. tt_int_op(tor_digest_is_zero(service_dup->desc_id_fetch), ==, 1);
  387. done:
  388. rend_data_free(service);
  389. rend_data_free(service_dup);
  390. rend_data_free(client);
  391. rend_data_free(client_dup);
  392. }
  393. /* Test encoding and decoding service authorization cookies */
  394. static void
  395. test_hs_auth_cookies(void *arg)
  396. {
  397. #define TEST_COOKIE_RAW ((const uint8_t *) "abcdefghijklmnop")
  398. #define TEST_COOKIE_ENCODED "YWJjZGVmZ2hpamtsbW5vcA"
  399. #define TEST_COOKIE_ENCODED_STEALTH "YWJjZGVmZ2hpamtsbW5vcB"
  400. #define TEST_COOKIE_ENCODED_INVALID "YWJjZGVmZ2hpamtsbW5vcD"
  401. char *encoded_cookie;
  402. uint8_t raw_cookie[REND_DESC_COOKIE_LEN];
  403. rend_auth_type_t auth_type;
  404. char *err_msg;
  405. int re;
  406. (void)arg;
  407. /* Test that encoding gives the expected result */
  408. encoded_cookie = rend_auth_encode_cookie(TEST_COOKIE_RAW, REND_BASIC_AUTH);
  409. tt_str_op(encoded_cookie, OP_EQ, TEST_COOKIE_ENCODED);
  410. tor_free(encoded_cookie);
  411. encoded_cookie = rend_auth_encode_cookie(TEST_COOKIE_RAW, REND_STEALTH_AUTH);
  412. tt_str_op(encoded_cookie, OP_EQ, TEST_COOKIE_ENCODED_STEALTH);
  413. tor_free(encoded_cookie);
  414. /* Decoding should give the original value */
  415. re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED, raw_cookie, &auth_type,
  416. &err_msg);
  417. tt_assert(!re);
  418. tt_assert(!err_msg);
  419. tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
  420. tt_int_op(auth_type, OP_EQ, REND_BASIC_AUTH);
  421. memset(raw_cookie, 0, sizeof(raw_cookie));
  422. re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED_STEALTH, raw_cookie,
  423. &auth_type, &err_msg);
  424. tt_assert(!re);
  425. tt_assert(!err_msg);
  426. tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
  427. tt_int_op(auth_type, OP_EQ, REND_STEALTH_AUTH);
  428. memset(raw_cookie, 0, sizeof(raw_cookie));
  429. /* Decoding with padding characters should also work */
  430. re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED "==", raw_cookie, NULL,
  431. &err_msg);
  432. tt_assert(!re);
  433. tt_assert(!err_msg);
  434. tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
  435. /* Decoding with an unknown type should fail */
  436. re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED_INVALID, raw_cookie,
  437. &auth_type, &err_msg);
  438. tt_int_op(re, OP_LT, 0);
  439. tt_assert(err_msg);
  440. tor_free(err_msg);
  441. done:
  442. return;
  443. }
  444. struct testcase_t hs_tests[] = {
  445. { "hs_rend_data", test_hs_rend_data, TT_FORK,
  446. NULL, NULL },
  447. { "hs_desc_event", test_hs_desc_event, TT_FORK,
  448. NULL, NULL },
  449. { "pick_tor2web_rendezvous_node", test_pick_tor2web_rendezvous_node, TT_FORK,
  450. NULL, NULL },
  451. { "pick_bad_tor2web_rendezvous_node",
  452. test_pick_bad_tor2web_rendezvous_node, TT_FORK,
  453. NULL, NULL },
  454. { "hs_auth_cookies", test_hs_auth_cookies, TT_FORK,
  455. NULL, NULL },
  456. END_OF_TESTCASES
  457. };