protover: Add defines for recent protocol versions

Also update the protover/supported_protocols test.

Part of 33226.

src/core/or/protover.h

@@ -22,12 +22,32 @@ struct smartlist_t;
 ///                 `FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS`
 #define FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS "0.2.9.3-alpha"
 
-/** The protover version number that signifies HSDir support for HSv3 */
-#define PROTOVER_HSDIR_V3 2
+/** The protover version number that signifies ed25519 link handshake support
+ */
+#define PROTOVER_LINKAUTH_ED25519_HANDSHAKE 3
+
+/** The protover version number that signifies extend2 cell support */
+#define PROTOVER_RELAY_EXTEND2 2
+/** The protover version number where relays can accept IPv6 connections */
+#define PROTOVER_RELAY_ACCEPT_IPV6 2
+/** The protover version number where relays can initiate IPv6 extends */
+#define PROTOVER_RELAY_EXTEND_IPV6 3
+/** The protover version number where relays can consider IPv6 connections
+ *  canonical */
+#define PROTOVER_RELAY_CANONICAL_IPV6 3
+
 /** The protover version number that signifies HSv3 intro point support */
 #define PROTOVER_HS_INTRO_V3 4
+/** The protover version number where intro points support denial of service
+ * resistance */
+#define PROTOVER_HS_INTRO_DOS 5
+
 /** The protover version number that signifies HSv3 rendezvous point support */
 #define PROTOVER_HS_RENDEZVOUS_POINT_V3 2
+
+/** The protover version number that signifies HSDir support for HSv3 */
+#define PROTOVER_HSDIR_V3 2
+
 /** The protover that signals support for HS circuit setup padding machines */
 #define PROTOVER_HS_SETUP_PADDING 2
 

src/core/or/versions.c

@@ -435,34 +435,45 @@ memoize_protover_summary(protover_summary_flags_t *out,
   memset(out, 0, sizeof(*out));
   out->protocols_known = 1;
 
-  out->supports_extend2_cells =
-    protocol_list_supports_protocol(protocols, PRT_RELAY, 2);
-  out->supports_accepting_ipv6_extends = (
-    protocol_list_supports_protocol(protocols, PRT_RELAY, 2) ||
-    protocol_list_supports_protocol(protocols, PRT_RELAY, 3));
-  out->supports_initiating_ipv6_extends =
-    protocol_list_supports_protocol(protocols, PRT_RELAY, 3);
-  out->supports_canonical_ipv6_conns =
-    protocol_list_supports_protocol(protocols, PRT_RELAY, 3);
-
   out->supports_ed25519_link_handshake_compat =
-    protocol_list_supports_protocol(protocols, PRT_LINKAUTH, 3);
+    protocol_list_supports_protocol(protocols, PRT_LINKAUTH,
+                                    PROTOVER_LINKAUTH_ED25519_HANDSHAKE);
   out->supports_ed25519_link_handshake_any =
-    protocol_list_supports_protocol_or_later(protocols, PRT_LINKAUTH, 3);
+    protocol_list_supports_protocol_or_later(
+                                     protocols,
+                                     PRT_LINKAUTH,
+                                     PROTOVER_LINKAUTH_ED25519_HANDSHAKE);
+
+  out->supports_extend2_cells =
+    protocol_list_supports_protocol(protocols, PRT_RELAY,
+                                    PROTOVER_RELAY_EXTEND2);
+  out->supports_accepting_ipv6_extends = (
+    protocol_list_supports_protocol(protocols, PRT_RELAY,
+                                    PROTOVER_RELAY_ACCEPT_IPV6) ||
+    protocol_list_supports_protocol(protocols, PRT_RELAY,
+                                    PROTOVER_RELAY_EXTEND_IPV6));
+  out->supports_initiating_ipv6_extends =
+    protocol_list_supports_protocol(protocols, PRT_RELAY,
+                                    PROTOVER_RELAY_EXTEND_IPV6);
+  out->supports_canonical_ipv6_conns =
+    protocol_list_supports_protocol(protocols, PRT_RELAY,
+                                    PROTOVER_RELAY_CANONICAL_IPV6);
 
   out->supports_ed25519_hs_intro =
-    protocol_list_supports_protocol(protocols, PRT_HSINTRO, 4);
+    protocol_list_supports_protocol(protocols, PRT_HSINTRO,
+                                    PROTOVER_HS_INTRO_V3);
   out->supports_establish_intro_dos_extension =
-    protocol_list_supports_protocol(protocols, PRT_HSINTRO, 5);
-
-  out->supports_v3_hsdir =
-    protocol_list_supports_protocol(protocols, PRT_HSDIR,
-                                    PROTOVER_HSDIR_V3);
+    protocol_list_supports_protocol(protocols, PRT_HSINTRO,
+                                    PROTOVER_HS_INTRO_DOS);
 
   out->supports_v3_rendezvous_point =
     protocol_list_supports_protocol(protocols, PRT_HSREND,
                                     PROTOVER_HS_RENDEZVOUS_POINT_V3);
 
+  out->supports_v3_hsdir =
+    protocol_list_supports_protocol(protocols, PRT_HSDIR,
+                                    PROTOVER_HSDIR_V3);
+
   out->supports_hs_setup_padding =
     protocol_list_supports_protocol(protocols, PRT_PADDING,
                                     PROTOVER_HS_SETUP_PADDING);

src/test/test_protover.c

@@ -15,6 +15,8 @@
 
 #include "feature/dirauth/dirvote.h"
 
+#include "feature/relay/relay_handshake.h"
+
 static void
 test_protover_parse(void *arg)
 {
@@ -409,23 +411,21 @@ test_protover_supports_version(void *arg)
  * Hard-coded here, because they are not in the code, or not exposed in the
  * headers. */
 #define PROTOVER_LINKAUTH_V1 1
-#define PROTOVER_LINKAUTH_V3 3
-
+#define PROTOVER_LINKAUTH_V2 2
 #define PROTOVER_RELAY_V1 1
-#define PROTOVER_RELAY_V2 2
 
+/* Deprecated HSIntro versions */
+#define PROTOVER_HS_INTRO_DEPRECATED_1 1
+#define PROTOVER_HS_INTRO_DEPRECATED_2 2
 /* Highest supported HSv2 introduce protocol version.
- * Hard-coded here, because it does not appear anywhere in the code.
  * It's not clear if we actually support version 2, see #25068. */
-#define PROTOVER_HSINTRO_V2 3
+#define PROTOVER_HS_INTRO_V2 3
 
-/* HSv2 Rend and HSDir protocol versions.
- * Hard-coded here, because they do not appear anywhere in the code. */
+/* HSv2 Rend and HSDir protocol versions. */
 #define PROTOVER_HS_RENDEZVOUS_POINT_V2 1
 #define PROTOVER_HSDIR_V2 1
 
-/* DirCache, Desc, Microdesc, and Cons protocol versions.
- * Hard-coded here, because they do not appear anywhere in the code. */
+/* DirCache, Desc, Microdesc, and Cons protocol versions. */
 #define PROTOVER_DIRCACHE_V1 1
 #define PROTOVER_DIRCACHE_V2 2
 
@@ -438,6 +438,10 @@ test_protover_supports_version(void *arg)
 #define PROTOVER_CONS_V1 1
 #define PROTOVER_CONS_V2 2
 
+#define PROTOVER_PADDING_V1 1
+
+#define PROTOVER_FLOWCTRL_V1 1
+
 /* Make sure we haven't forgotten any supported protocols */
 static void
 test_protover_supported_protocols(void *arg)
@@ -452,24 +456,27 @@ test_protover_supported_protocols(void *arg)
                                             PRT_LINK,
                                             MAX_LINK_PROTO));
   for (uint16_t i = 0; i < MAX_PROTOCOLS_TO_TEST; i++) {
-    if (is_or_protocol_version_known(i)) {
-      tt_assert(protocol_list_supports_protocol(supported_protocols,
+      tt_int_op(protocol_list_supports_protocol(supported_protocols,
                                                 PRT_LINK,
-                                                i));
-    }
+                                                i),
+                OP_EQ,
+                is_or_protocol_version_known(i));
   }
 
-#ifdef HAVE_WORKING_TOR_TLS_GET_TLSSECRETS
-  /* Legacy LinkAuth does not appear anywhere in the code. */
-  tt_assert(protocol_list_supports_protocol(supported_protocols,
+  /* Legacy LinkAuth is only supported on OpenSSL and similar. */
+  tt_int_op(protocol_list_supports_protocol(supported_protocols,
                                             PRT_LINKAUTH,
-                                            PROTOVER_LINKAUTH_V1));
-#endif /* defined(HAVE_WORKING_TOR_TLS_GET_TLSSECRETS) */
-  /* Latest LinkAuth is not exposed in the headers. */
-  tt_assert(protocol_list_supports_protocol(supported_protocols,
-                                            PRT_LINKAUTH,
-                                            PROTOVER_LINKAUTH_V3));
-  /* Is there any way to test for new LinkAuth? */
+                                            PROTOVER_LINKAUTH_V1),
+            OP_EQ,
+            authchallenge_type_is_supported(AUTHTYPE_RSA_SHA256_TLSSECRET));
+  /* LinkAuth=2 is unused */
+  tt_assert(!protocol_list_supports_protocol(supported_protocols,
+                                             PRT_LINKAUTH,
+                                             PROTOVER_LINKAUTH_V2));
+  tt_assert(
+      protocol_list_supports_protocol(supported_protocols,
+                                     PRT_LINKAUTH,
+                                     PROTOVER_LINKAUTH_ED25519_HANDSHAKE));
 
   /* Relay protovers do not appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -477,20 +484,38 @@ test_protover_supported_protocols(void *arg)
                                             PROTOVER_RELAY_V1));
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_RELAY,
-                                            PROTOVER_RELAY_V2));
-  /* Is there any way to test for new Relay? */
+                                            PROTOVER_RELAY_EXTEND2));
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_RELAY,
+                                            PROTOVER_RELAY_ACCEPT_IPV6));
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_RELAY,
+                                            PROTOVER_RELAY_EXTEND_IPV6));
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_RELAY,
+                                            PROTOVER_RELAY_CANONICAL_IPV6));
 
+  /* These HSIntro versions are deprecated */
+  tt_assert(!protocol_list_supports_protocol(supported_protocols,
+                                            PRT_HSINTRO,
+                                            PROTOVER_HS_INTRO_DEPRECATED_1));
+  tt_assert(!protocol_list_supports_protocol(supported_protocols,
+                                            PRT_HSINTRO,
+                                            PROTOVER_HS_INTRO_DEPRECATED_2));
   /* We could test legacy HSIntro by calling rend_service_update_descriptor(),
    * and checking the protocols field. But that's unlikely to change, so
    * we just use a hard-coded value. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_HSINTRO,
-                                            PROTOVER_HSINTRO_V2));
+                                            PROTOVER_HS_INTRO_V2));
   /* Test for HSv3 HSIntro */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_HSINTRO,
                                             PROTOVER_HS_INTRO_V3));
-  /* Is there any way to test for new HSIntro? */
+  /* Test for HSIntro DoS */
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_HSINTRO,
+                                            PROTOVER_HS_INTRO_DOS));
 
   /* Legacy HSRend does not appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -500,7 +525,6 @@ test_protover_supported_protocols(void *arg)
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_HSREND,
                                             PROTOVER_HS_RENDEZVOUS_POINT_V3));
-  /* Is there any way to test for new HSRend? */
 
   /* Legacy HSDir does not appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -510,7 +534,6 @@ test_protover_supported_protocols(void *arg)
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_HSDIR,
                                             PROTOVER_HSDIR_V3));
-  /* Is there any way to test for new HSDir? */
 
   /* No DirCache versions appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -519,7 +542,6 @@ test_protover_supported_protocols(void *arg)
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_DIRCACHE,
                                             PROTOVER_DIRCACHE_V2));
-  /* Is there any way to test for new DirCache? */
 
   /* No Desc versions appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -537,7 +559,6 @@ test_protover_supported_protocols(void *arg)
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_MICRODESC,
                                             PROTOVER_MICRODESC_V2));
-  /* Is there any way to test for new Microdesc? */
 
   /* No Cons versions appear anywhere in the code. */
   tt_assert(protocol_list_supports_protocol(supported_protocols,
@@ -546,7 +567,19 @@ test_protover_supported_protocols(void *arg)
   tt_assert(protocol_list_supports_protocol(supported_protocols,
                                             PRT_CONS,
                                             PROTOVER_CONS_V2));
-  /* Is there any way to test for new Cons? */
+
+  /* Padding=1 is deprecated. */
+  tt_assert(!protocol_list_supports_protocol(supported_protocols,
+                                             PRT_PADDING,
+                                             PROTOVER_PADDING_V1));
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_PADDING,
+                                            PROTOVER_HS_SETUP_PADDING));
+
+  /* FlowCtrl */
+  tt_assert(protocol_list_supports_protocol(supported_protocols,
+                                            PRT_FLOWCTRL,
+                                            PROTOVER_FLOWCTRL_V1));
 
  done:
  ;