mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-28 00:53:04 +01:00
Code Issues Projects Releases Wiki Activity
tor/src/test/test_hs_client.c
David Goulet 7bba8bf72f hs-v3: Return descriptor decoding status when storing as client 
This will allow us to callback into the HS subsytem depending on the decoding
status and return an extended SOCKS5 error code depending on the decoding
issue.

This is how we'll be able to tell the SocksPort connection if we are missing
or have bad client authorization for a service.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00

1118 lines
37 KiB
C
Raw Blame History

/* Copyright (c) 2016-2019, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* \file test_hs_client.c
* \brief Test prop224 HS client functionality.
*/
#define CONFIG_PRIVATE
#define CRYPTO_PRIVATE
#define MAINLOOP_PRIVATE
#define HS_CLIENT_PRIVATE
#define TOR_CHANNEL_INTERNAL_
#define CIRCUITBUILD_PRIVATE
#define CIRCUITLIST_PRIVATE
#define CONNECTION_PRIVATE
#define CRYPT_PATH_PRIVATE
#include "test/test.h"
#include "test/test_helpers.h"
#include "test/log_test_helpers.h"
#include "test/rend_test_helpers.h"
#include "test/hs_test_helpers.h"
#include "app/config/config.h"
#include "lib/crypt_ops/crypto_cipher.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "core/or/channeltls.h"
#include "feature/dircommon/directory.h"
#include "core/mainloop/mainloop.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerset.h"
#include "feature/hs/hs_circuit.h"
#include "feature/hs/hs_circuitmap.h"
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_config.h"
#include "feature/hs/hs_ident.h"
#include "feature/hs/hs_cache.h"
#include "feature/rend/rendcache.h"
#include "core/or/circuitlist.h"
#include "core/or/circuitbuild.h"
#include "core/mainloop/connection.h"
#include "core/or/connection_edge.h"
#include "feature/nodelist/networkstatus.h"
#include "core/or/cpath_build_state_st.h"
#include "core/or/crypt_path_st.h"
#include "core/or/crypt_path.h"
#include "feature/dircommon/dir_connection_st.h"
#include "core/or/entry_connection_st.h"
#include "core/or/extend_info_st.h"
#include "feature/nodelist/networkstatus_st.h"
#include "core/or/origin_circuit_st.h"
#include "core/or/socks_request_st.h"
static int
mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn)
{
(void) ap_conn;
return 0;
}
static networkstatus_t mock_ns;
/* Always return NULL. */
static networkstatus_t *
mock_networkstatus_get_live_consensus_false(time_t now)
{
(void) now;
return NULL;
}
static networkstatus_t *
mock_networkstatus_get_live_consensus(time_t now)
{
(void) now;
return &mock_ns;
}
static int
helper_config_client(const char *conf, int validate_only)
{
int ret = 0;
or_options_t *options = NULL;
tt_assert(conf);
options = helper_parse_options(conf);
tt_assert(options);
ret = hs_config_client_auth_all(options, validate_only);
done:
or_options_free(options);
return ret;
}
/* Test helper function: Setup a circuit and a stream with the same hidden
* service destination, and put them in <b>circ_out</b> and
* <b>conn_out</b>. Make the stream wait for circuits to be established to the
* hidden service. */
static int
helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
connection_t **conn_out,
int is_legacy)
{
int retval;
channel_tls_t *n_chan=NULL;
rend_data_t *conn_rend_data = NULL;
origin_circuit_t *or_circ = NULL;
connection_t *conn = NULL;
ed25519_public_key_t service_pk;
/* Make a dummy connection stream and make it wait for our circuit */
conn = test_conn_get_connection(AP_CONN_STATE_CIRCUIT_WAIT,
CONN_TYPE_AP /* ??? */,
0);
if (is_legacy) {
/* Legacy: Setup rend_data of stream */
char service_id[REND_SERVICE_ID_LEN_BASE32+1] = {0};
TO_EDGE_CONN(conn)->rend_data = mock_rend_data(service_id);
conn_rend_data = TO_EDGE_CONN(conn)->rend_data;
} else {
/* prop224: Setup hs conn identifier on the stream */
ed25519_secret_key_t sk;
tt_int_op(0, OP_EQ, ed25519_secret_key_generate(&sk, 0));
tt_int_op(0, OP_EQ, ed25519_public_key_generate(&service_pk, &sk));
/* Setup hs_conn_identifier of stream */
TO_EDGE_CONN(conn)->hs_ident = hs_ident_edge_conn_new(&service_pk);
}
/* Make it wait for circuit */
connection_ap_mark_as_pending_circuit(TO_ENTRY_CONN(conn));
/* This is needed to silence a BUG warning from
connection_edge_update_circuit_isolation() */
TO_ENTRY_CONN(conn)->original_dest_address =
tor_strdup(TO_ENTRY_CONN(conn)->socks_request->address);
/****************************************************/
/* Now make dummy circuit */
or_circ = origin_circuit_new();
or_circ->base_.purpose = CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED;
or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
or_circ->build_state->is_internal = 1;
if (is_legacy) {
/* Legacy: Setup rend data and final cpath */
or_circ->build_state->pending_final_cpath =
tor_malloc_zero(sizeof(crypt_path_t));
or_circ->build_state->pending_final_cpath->magic = CRYPT_PATH_MAGIC;
or_circ->build_state->pending_final_cpath->rend_dh_handshake_state =
crypto_dh_new(DH_TYPE_REND);
tt_assert(
or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
retval = crypto_dh_generate_public(
or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
tt_int_op(retval, OP_EQ, 0);
or_circ->rend_data = rend_data_dup(conn_rend_data);
} else {
/* prop224: Setup hs ident on the circuit */
or_circ->hs_ident = hs_ident_circuit_new(&service_pk);
}
TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN;
/* fake n_chan */
n_chan = tor_malloc_zero(sizeof(channel_tls_t));
n_chan->base_.global_identifier = 1;
or_circ->base_.n_chan = &(n_chan->base_);
*circ_out = or_circ;
*conn_out = conn;
return 0;
done:
/* something failed */
return -1;
}
/* Test: Ensure that setting up legacy e2e rendezvous circuits works
* correctly. */
static void
test_e2e_rend_circuit_setup_legacy(void *arg)
{
ssize_t retval;
origin_circuit_t *or_circ = NULL;
connection_t *conn = NULL;
(void) arg;
/** In this test we create a v2 legacy HS stream and a circuit with the same
* hidden service destination. We make the stream wait for circuits to be
* established to the hidden service, and then we complete the circuit using
* the hs_circuit_setup_e2e_rend_circ_legacy_client() function. We then
* check that the end-to-end cpath was setup correctly and that the stream
* was attached to the circuit as expected. */
MOCK(connection_ap_handshake_send_begin,
mock_connection_ap_handshake_send_begin);
/* Setup */
retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 1);
tt_int_op(retval, OP_EQ, 0);
tt_assert(or_circ);
tt_assert(conn);
/* Check number of hops */
retval = cpath_get_n_hops(&or_circ->cpath);
tt_int_op(retval, OP_EQ, 0);
/* Check that our stream is not attached on any circuits */
tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, NULL);
/********************************************** */
/* Make a good RENDEZVOUS1 cell body because it needs to pass key exchange
* digest verification... */
uint8_t rend_cell_body[DH1024_KEY_LEN+DIGEST_LEN] = {2};
{
char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];
crypto_dh_t *dh_state =
or_circ->build_state->pending_final_cpath->rend_dh_handshake_state;
/* compute and overwrite digest of cell body with the right value */
retval = crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh_state,
(char*)rend_cell_body, DH1024_KEY_LEN,
keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN);
tt_int_op(retval, OP_GT, 0);
memcpy(rend_cell_body+DH1024_KEY_LEN, keys, DIGEST_LEN);
}
/* Setup the circuit */
retval = hs_circuit_setup_e2e_rend_circ_legacy_client(or_circ,
rend_cell_body);
tt_int_op(retval, OP_EQ, 0);
/**********************************************/
/* See that a hop was added to the circuit's cpath */
retval = cpath_get_n_hops(&or_circ->cpath);
tt_int_op(retval, OP_EQ, 1);
/* Check the digest algo */
tt_int_op(
crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest),
OP_EQ, DIGEST_SHA1);
tt_int_op(
crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest),
OP_EQ, DIGEST_SHA1);
tt_assert(or_circ->cpath->pvt_crypto.f_crypto);
tt_assert(or_circ->cpath->pvt_crypto.b_crypto);
/* Ensure that circ purpose was changed */
tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
/* Test that stream got attached */
tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, TO_CIRCUIT(or_circ));
done:
connection_free_minimal(conn);
if (or_circ)
tor_free(TO_CIRCUIT(or_circ)->n_chan);
circuit_free_(TO_CIRCUIT(or_circ));
}
/* Test: Ensure that setting up v3 rendezvous circuits works correctly. */
static void
test_e2e_rend_circuit_setup(void *arg)
{
uint8_t ntor_key_seed[DIGEST256_LEN] = {0};
origin_circuit_t *or_circ = NULL;
int retval;
connection_t *conn = NULL;
(void) arg;
/** In this test we create a prop224 v3 HS stream and a circuit with the same
* hidden service destination. We make the stream wait for circuits to be
* established to the hidden service, and then we complete the circuit using
* the hs_circuit_setup_e2e_rend_circ() function. We then check that the
* end-to-end cpath was setup correctly and that the stream was attached to
* the circuit as expected. */
MOCK(connection_ap_handshake_send_begin,
mock_connection_ap_handshake_send_begin);
/* Setup */
retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 0);
tt_int_op(retval, OP_EQ, 0);
tt_assert(or_circ);
tt_assert(conn);
/* Check number of hops: There should be no hops yet to this circ */
retval = cpath_get_n_hops(&or_circ->cpath);
tt_int_op(retval, OP_EQ, 0);
tt_ptr_op(or_circ->cpath, OP_EQ, NULL);
/* Check that our stream is not attached on any circuits */
tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, NULL);
/**********************************************/
/* Setup the circuit */
retval = hs_circuit_setup_e2e_rend_circ(or_circ,
ntor_key_seed, sizeof(ntor_key_seed),
0);
tt_int_op(retval, OP_EQ, 0);
/**********************************************/
/* See that a hop was added to the circuit's cpath */
retval = cpath_get_n_hops(&or_circ->cpath);
tt_int_op(retval, OP_EQ, 1);
/* Check that the crypt path has prop224 algorithm parameters */
tt_int_op(
crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest),
OP_EQ, DIGEST_SHA3_256);
tt_int_op(
crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest),
OP_EQ, DIGEST_SHA3_256);
tt_assert(or_circ->cpath->pvt_crypto.f_crypto);
tt_assert(or_circ->cpath->pvt_crypto.b_crypto);
/* Ensure that circ purpose was changed */
tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
/* Test that stream got attached */
tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, TO_CIRCUIT(or_circ));
done:
connection_free_minimal(conn);
if (or_circ)
tor_free(TO_CIRCUIT(or_circ)->n_chan);
circuit_free_(TO_CIRCUIT(or_circ));
}
/** Test client logic for picking intro points from a descriptor. Also test how
* ExcludeNodes and intro point failures affect picking intro points. */
static void
test_client_pick_intro(void *arg)
{
int ret;
ed25519_keypair_t service_kp;
hs_descriptor_t *desc = NULL;
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus);
(void) arg;
hs_init();
/* Generate service keypair */
tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0));
/* Set time */
ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
&mock_ns.valid_after);
tt_int_op(ret, OP_EQ, 0);
ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
&mock_ns.fresh_until);
tt_int_op(ret, OP_EQ, 0);
update_approx_time(mock_ns.fresh_until-10);
time_t now = approx_time();
/* Test logic:
*
* 1) Add our desc with intro points to the HS cache.
*
* 2) Mark all descriptor intro points except _the chosen one_ as
* failed. Then query the desc to get a random intro: check that we got
* _the chosen one_. Then fail the chosen one as well, and see that no
* intros are returned.
*
* 3) Then clean the intro state cache and get an intro point.
*
* 4) Try fetching an intro with the wrong service key: shouldn't work
*
* 5) Set StrictNodes and put all our intro points in ExcludeNodes: see that
* nothing is returned.
*/
/* 1) Add desc to HS cache */
{
char *encoded = NULL;
desc = hs_helper_build_hs_desc_with_ip(&service_kp);
ret = hs_desc_encode_descriptor(desc, &service_kp, NULL, &encoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
/* store it */
ret = hs_cache_store_as_client(encoded, &service_kp.pubkey);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
/* fetch it to make sure it works */
const hs_descriptor_t *fetched_desc =
hs_cache_lookup_as_client(&service_kp.pubkey);
tt_assert(fetched_desc);
tt_mem_op(fetched_desc->subcredential, OP_EQ, desc->subcredential,
DIGEST256_LEN);
tt_assert(!fast_mem_is_zero((char*)fetched_desc->subcredential,
DIGEST256_LEN));
tor_free(encoded);
}
/* 2) Mark all intro points except _the chosen one_ as failed. Then query the
* desc and get a random intro: check that we got _the chosen one_. */
{
/* Tell hs_get_extend_info_from_lspecs() to skip the private address check.
*/
get_options_mutable()->ExtendAllowPrivateAddresses = 1;
/* Pick the chosen intro point and get its ei */
hs_desc_intro_point_t *chosen_intro_point =
smartlist_get(desc->encrypted_data.intro_points, 0);
extend_info_t *chosen_intro_ei =
desc_intro_point_to_extend_info(chosen_intro_point);
tt_assert(chosen_intro_point);
tt_assert(chosen_intro_ei);
/* Now mark all other intro points as failed */
SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
hs_desc_intro_point_t *, ip) {
/* Skip the chosen intro point */
if (ip == chosen_intro_point) {
continue;
}
ed25519_public_key_t *intro_auth_key = &ip->auth_key_cert->signed_key;
hs_cache_client_intro_state_note(&service_kp.pubkey,
intro_auth_key,
INTRO_POINT_FAILURE_GENERIC);
} SMARTLIST_FOREACH_END(ip);
/* Try to get a random intro: Should return the chosen one! */
/* (We try several times, to make sure this behavior is consistent, and to
* cover the different cases of client_get_random_intro().) */
for (int i = 0; i < 64; ++i) {
extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
tor_assert(ip);
tt_assert(!fast_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN));
tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest,
DIGEST_LEN);
extend_info_free(ip);
}
extend_info_free(chosen_intro_ei);
/* Now also mark the chosen one as failed: See that we can't get any intro
points anymore. */
hs_cache_client_intro_state_note(&service_kp.pubkey,
&chosen_intro_point->auth_key_cert->signed_key,
INTRO_POINT_FAILURE_TIMEOUT);
extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
tor_assert(!ip);
}
/* 3) Clean the intro state cache and get an intro point */
{
/* Pretend we are 5 mins in the future and order a cleanup of the intro
* state. This should clean up the intro point failures and allow us to get
* an intro. */
hs_cache_client_intro_state_clean(now + 5*60);
/* Get an intro. It should work! */
extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
tor_assert(ip);
extend_info_free(ip);
}
/* 4) Try fetching an intro with the wrong service key: shouldn't work */
{
ed25519_keypair_t dummy_kp;
tt_int_op(0, OP_EQ, ed25519_keypair_generate(&dummy_kp, 0));
extend_info_t *ip = client_get_random_intro(&dummy_kp.pubkey);
tor_assert(!ip);
}
/* 5) Set StrictNodes and put all our intro points in ExcludeNodes: see that
* nothing is returned. */
{
get_options_mutable()->ExcludeNodes = routerset_new();
get_options_mutable()->StrictNodes = 1;
SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
hs_desc_intro_point_t *, ip) {
extend_info_t *intro_ei = desc_intro_point_to_extend_info(ip);
/* desc_intro_point_to_extend_info() doesn't return IPv6 intro points
* yet, because we can't extend to them. See #24404, #24451, and #24181.
*/
if (intro_ei == NULL) {
/* Pretend we're making a direct connection, and that we can use IPv6
*/
get_options_mutable()->ClientUseIPv6 = 1;
intro_ei = hs_get_extend_info_from_lspecs(ip->link_specifiers,
&ip->onion_key, 1);
tt_assert(tor_addr_family(&intro_ei->addr) == AF_INET6);
}
tt_assert(intro_ei);
if (intro_ei) {
const char *ptr;
char ip_addr[TOR_ADDR_BUF_LEN];
/* We need to decorate in case it is an IPv6 else routerset_parse()
* doesn't like it. */
ptr = tor_addr_to_str(ip_addr, &intro_ei->addr, sizeof(ip_addr), 1);
tt_assert(ptr == ip_addr);
ret = routerset_parse(get_options_mutable()->ExcludeNodes,
ip_addr, "");
tt_int_op(ret, OP_EQ, 0);
extend_info_free(intro_ei);
}
} SMARTLIST_FOREACH_END(ip);
extend_info_t *ip = client_get_random_intro(&service_kp.pubkey);
tt_assert(!ip);
}
done:
hs_descriptor_free(desc);
}
static int
mock_router_have_minimum_dir_info_false(void)
{
return 0;
}
static int
mock_router_have_minimum_dir_info_true(void)
{
return 1;
}
static hs_client_fetch_status_t
mock_fetch_v3_desc_error(const ed25519_public_key_t *key)
{
(void) key;
return HS_CLIENT_FETCH_ERROR;
}
static void
mock_connection_mark_unattached_ap_(entry_connection_t *conn, int endreason,
int line, const char *file)
{
(void) line;
(void) file;
conn->edge_.end_reason = endreason;
/* This function ultimately will flag this so make sure we do also in the
* MOCK one so we can assess closed connections vs open ones. */
conn->edge_.base_.marked_for_close = 1;
}
static void
test_descriptor_fetch(void *arg)
{
int ret;
entry_connection_t *ec = NULL;
ed25519_public_key_t service_pk;
ed25519_secret_key_t service_sk;
(void) arg;
hs_init();
memset(&service_sk, 'A', sizeof(service_sk));
ret = ed25519_public_key_generate(&service_pk, &service_sk);
tt_int_op(ret, OP_EQ, 0);
/* Initialize this so get_voting_interval() doesn't freak out. */
ret = parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
&mock_ns.valid_after);
tt_int_op(ret, OP_EQ, 0);
ret = parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
&mock_ns.fresh_until);
tt_int_op(ret, OP_EQ, 0);
ec = entry_connection_new(CONN_TYPE_AP, AF_INET);
tt_assert(ec);
ENTRY_TO_EDGE_CONN(ec)->hs_ident = hs_ident_edge_conn_new(&service_pk);
tt_assert(ENTRY_TO_EDGE_CONN(ec)->hs_ident);
TO_CONN(ENTRY_TO_EDGE_CONN(ec))->state = AP_CONN_STATE_RENDDESC_WAIT;
smartlist_add(get_connection_array(), &ec->edge_.base_);
/* 1. FetchHidServDescriptors is false so we shouldn't be able to fetch. */
get_options_mutable()->FetchHidServDescriptors = 0;
ret = hs_client_refetch_hsdesc(&service_pk);
tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_NOT_ALLOWED);
get_options_mutable()->FetchHidServDescriptors = 1;
/* 2. We don't have a live consensus. */
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus_false);
ret = hs_client_refetch_hsdesc(&service_pk);
UNMOCK(networkstatus_get_live_consensus);
tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_MISSING_INFO);
/* From now on, return a live consensus. */
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus);
/* 3. Not enough dir information. */
MOCK(router_have_minimum_dir_info,
mock_router_have_minimum_dir_info_false);
ret = hs_client_refetch_hsdesc(&service_pk);
UNMOCK(router_have_minimum_dir_info);
tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_MISSING_INFO);
/* From now on, we do have enough directory information. */
MOCK(router_have_minimum_dir_info,
mock_router_have_minimum_dir_info_true);
/* 4. We do have a pending directory request. */
{
dir_connection_t *dir_conn = dir_connection_new(AF_INET);
dir_conn->hs_ident = tor_malloc_zero(sizeof(hs_ident_dir_conn_t));
TO_CONN(dir_conn)->purpose = DIR_PURPOSE_FETCH_HSDESC;
ed25519_pubkey_copy(&dir_conn->hs_ident->identity_pk, &service_pk);
smartlist_add(get_connection_array(), TO_CONN(dir_conn));
ret = hs_client_refetch_hsdesc(&service_pk);
smartlist_remove(get_connection_array(), TO_CONN(dir_conn));
connection_free_minimal(TO_CONN(dir_conn));
tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_PENDING);
}
/* 5. We'll trigger an error on the fetch_desc_v3 and force to close all
* pending SOCKS request. */
MOCK(router_have_minimum_dir_info,
mock_router_have_minimum_dir_info_true);
MOCK(fetch_v3_desc, mock_fetch_v3_desc_error);
MOCK(connection_mark_unattached_ap_,
mock_connection_mark_unattached_ap_);
ret = hs_client_refetch_hsdesc(&service_pk);
UNMOCK(fetch_v3_desc);
UNMOCK(connection_mark_unattached_ap_);
tt_int_op(ret, OP_EQ, HS_CLIENT_FETCH_ERROR);
/* The close waiting for descriptor function has been called. */
tt_int_op(ec->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
done:
connection_free_minimal(ENTRY_TO_CONN(ec));
UNMOCK(networkstatus_get_live_consensus);
UNMOCK(router_have_minimum_dir_info);
hs_free_all();
}
static void
test_auth_key_filename_is_valid(void *arg)
{
(void) arg;
/* Valid file name. */
tt_assert(auth_key_filename_is_valid("a.auth_private"));
/* Valid file name with special character. */
tt_assert(auth_key_filename_is_valid("a-.auth_private"));
/* Invalid extension. */
tt_assert(!auth_key_filename_is_valid("a.ath_private"));
/* Nothing before the extension. */
tt_assert(!auth_key_filename_is_valid(".auth_private"));
done:
;
}
static void
test_parse_auth_file_content(void *arg)
{
hs_client_service_authorization_t *auth = NULL;
(void) arg;
/* Valid authorized client. */
auth = parse_auth_file_content(
"4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
"x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq");
tt_assert(auth);
/* Wrong number of fields. */
tt_assert(!parse_auth_file_content("a:b"));
/* Wrong auth type. */
tt_assert(!parse_auth_file_content(
"4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:x:"
"x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
/* Wrong key type. */
tt_assert(!parse_auth_file_content(
"4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
"x:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq"));
/* Some malformed string. */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:aa=="));
/* Bigger key than it should be */
tt_assert(!parse_auth_file_content("xx:descriptor:x25519:"
"vjqea4jbhwwc4hto7ekyvqfbeodghbaq6nxi45hz4wr3qvhqv3yqa"));
done:
tor_free(auth);
}
static char *
mock_read_file_to_str(const char *filename, int flags, struct stat *stat_out)
{
char *ret = NULL;
(void) flags;
(void) stat_out;
if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR
"client1.auth_private"))) {
ret = tor_strdup(
"4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad:descriptor:"
"x25519:zdsyvn2jq534ugyiuzgjy4267jbtzcjbsgedhshzx5mforyxtryq");
goto done;
}
if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR "dummy.xxx"))) {
ret = tor_strdup(
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:descriptor:"
"x25519:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
goto done;
}
if (!strcmp(filename, get_fname("auth_keys" PATH_SEPARATOR
"client2.auth_private"))) {
ret = tor_strdup(
"25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid:descriptor:"
"x25519:fdreqzjqso7d2ac7qscrxfl5qfpamdvgy5d6cxejcgzc3hvhurmq");
goto done;
}
done:
return ret;
}
static int
mock_check_private_dir(const char *dirname, cpd_check_t check,
const char *effective_user)
{
(void) dirname;
(void) check;
(void) effective_user;
return 0;
}
static smartlist_t *
mock_tor_listdir(const char *dirname)
{
smartlist_t *file_list = smartlist_new();
(void) dirname;
smartlist_add(file_list, tor_strdup("client1.auth_private"));
smartlist_add(file_list, tor_strdup("dummy.xxx"));
smartlist_add(file_list, tor_strdup("client2.auth_private"));
return file_list;
}
static void
test_config_client_authorization(void *arg)
{
int ret;
char *conf = NULL;
ed25519_public_key_t pk1, pk2;
digest256map_t *global_map = NULL;
char *key_dir = tor_strdup(get_fname("auth_keys"));
(void) arg;
MOCK(read_file_to_str, mock_read_file_to_str);
MOCK(tor_listdir, mock_tor_listdir);
MOCK(check_private_dir, mock_check_private_dir);
#define conf_fmt \
"ClientOnionAuthDir %s\n"
tor_asprintf(&conf, conf_fmt, key_dir);
ret = helper_config_client(conf, 0);
tor_free(conf);
tt_int_op(ret, OP_EQ, 0);
#undef conf_fmt
global_map = get_hs_client_auths_map();
tt_int_op(digest256map_size(global_map), OP_EQ, 2);
hs_parse_address("4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqemad",
&pk1, NULL, NULL);
hs_parse_address("25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid",
&pk2, NULL, NULL);
tt_assert(digest256map_get(global_map, pk1.pubkey));
tt_assert(digest256map_get(global_map, pk2.pubkey));
done:
tor_free(key_dir);
hs_free_all();
UNMOCK(read_file_to_str);
UNMOCK(tor_listdir);
UNMOCK(check_private_dir);
}
static entry_connection_t *
helper_build_socks_connection(const ed25519_public_key_t *service_pk,
int conn_state)
{
entry_connection_t *socks = entry_connection_new(CONN_TYPE_AP, AF_INET);
ENTRY_TO_EDGE_CONN(socks)->hs_ident = hs_ident_edge_conn_new(service_pk);
TO_CONN(ENTRY_TO_EDGE_CONN(socks))->state = conn_state;
smartlist_add(get_connection_array(), &socks->edge_.base_);
return socks;
}
static void
test_desc_has_arrived_cleanup(void *arg)
{
/* The goal of this test is to make sure we clean up everything in between
* two descriptors from the same .onion. Because intro points can change
* from one descriptor to another, once we received a new descriptor, we
* need to cleanup the remaining circuits so they aren't used or selected
* when establishing a connection with the newly stored descriptor.
*
* This test was created because of #27410. */
int ret;
char *desc_str = NULL;
hs_descriptor_t *desc = NULL;
const hs_descriptor_t *cached_desc;
ed25519_keypair_t signing_kp;
entry_connection_t *socks1 = NULL, *socks2 = NULL;
hs_ident_dir_conn_t hs_dir_ident;
(void) arg;
hs_init();
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus);
MOCK(connection_mark_unattached_ap_,
mock_connection_mark_unattached_ap_);
MOCK(router_have_minimum_dir_info,
mock_router_have_minimum_dir_info_true);
/* Set consensus time before our time so the cache lookup can always
* validate that the entry is not expired. */
parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC", &mock_ns.valid_after);
parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC", &mock_ns.fresh_until);
parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC", &mock_ns.valid_until);
/* Build a descriptor for a specific .onion. */
ret = ed25519_keypair_generate(&signing_kp, 0);
tt_int_op(ret, OP_EQ, 0);
desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
tt_assert(desc);
ret = hs_desc_encode_descriptor(desc, &signing_kp, NULL, &desc_str);
tt_int_op(ret, OP_EQ, 0);
/* Store in the client cache. */
ret = hs_cache_store_as_client(desc_str, &signing_kp.pubkey);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey);
tt_assert(cached_desc);
hs_helper_desc_equal(desc, cached_desc);
/* Create two SOCKS connection for the same .onion both in the waiting for a
* descriptor state. */
socks1 = helper_build_socks_connection(&signing_kp.pubkey,
AP_CONN_STATE_RENDDESC_WAIT);
tt_assert(socks1);
socks2 = helper_build_socks_connection(&signing_kp.pubkey,
AP_CONN_STATE_RENDDESC_WAIT);
tt_assert(socks2);
/* Now, we'll make the intro points in the current descriptor unusable so
* the hs_client_desc_has_arrived() will take the right code path that we
* want to test that is the fetched descriptor has bad intro points. */
SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
hs_desc_intro_point_t *, ip) {
hs_cache_client_intro_state_note(&signing_kp.pubkey,
&ip->auth_key_cert->signed_key,
INTRO_POINT_FAILURE_GENERIC);
} SMARTLIST_FOREACH_END(ip);
/* Simulate that a new descriptor just arrived. We should have both of our
* SOCKS connection to be ended with a resolved failed. */
hs_ident_dir_conn_init(&signing_kp.pubkey,
&desc->plaintext_data.blinded_pubkey, &hs_dir_ident);
hs_client_desc_has_arrived(&hs_dir_ident);
tt_int_op(socks1->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
/* XXX: MUST work with OP_EQ. */
tt_int_op(socks2->edge_.end_reason, OP_EQ, END_STREAM_REASON_RESOLVEFAILED);
/* Now let say tor cleans up the intro state cache which resets all intro
* point failure count. */
hs_cache_client_intro_state_purge();
/* Retrying all SOCKS which should basically do nothing since we don't have
* any pending SOCKS connection in AP_CONN_STATE_RENDDESC_WAIT state. */
/* XXX: BUG() is triggered here, shouldn't if socks2 wasn't alive. */
retry_all_socks_conn_waiting_for_desc();
done:
connection_free_minimal(ENTRY_TO_CONN(socks1));
connection_free_minimal(ENTRY_TO_CONN(socks2));
hs_descriptor_free(desc);
tor_free(desc_str);
hs_free_all();
UNMOCK(networkstatus_get_live_consensus);
UNMOCK(connection_mark_unattached_ap_);
UNMOCK(router_have_minimum_dir_info);
}
static void
test_close_intro_circuits_new_desc(void *arg)
{
int ret;
ed25519_keypair_t service_kp;
circuit_t *circ = NULL;
origin_circuit_t *ocirc = NULL;
hs_descriptor_t *desc1 = NULL, *desc2 = NULL;
(void) arg;
hs_init();
/* This is needed because of the client cache expiration timestamp is based
* on having a consensus. See cached_client_descriptor_has_expired(). */
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus);
/* Set consensus time */
parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
&mock_ns.valid_after);
parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
&mock_ns.fresh_until);
parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC",
&mock_ns.valid_until);
/* Generate service keypair */
tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0));
/* Create and add to the global list a dummy client introduction circuits.
* We'll then make sure the hs_ident is attached to a dummy descriptor. */
circ = dummy_origin_circuit_new(0);
tt_assert(circ);
circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING;
ocirc = TO_ORIGIN_CIRCUIT(circ);
/* Build the first descriptor and cache it. */
{
char *encoded;
desc1 = hs_helper_build_hs_desc_with_ip(&service_kp);
tt_assert(desc1);
ret = hs_desc_encode_descriptor(desc1, &service_kp, NULL, &encoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
/* Store it */
ret = hs_cache_store_as_client(encoded, &service_kp.pubkey);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tor_free(encoded);
tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey));
}
/* We'll pick one introduction point and associate it with the circuit. */
{
const hs_desc_intro_point_t *ip =
smartlist_get(desc1->encrypted_data.intro_points, 0);
tt_assert(ip);
ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey);
ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk,
&ip->auth_key_cert->signed_key);
}
/* Before we are about to clean up the intro circuits, make sure it is
* actually there. */
tt_assert(circuit_get_next_intro_circ(NULL, true));
/* Build the second descriptor for the same service and cache it. */
{
char *encoded;
desc2 = hs_helper_build_hs_desc_with_ip(&service_kp);
tt_assert(desc2);
tt_mem_op(&desc1->plaintext_data.signing_pubkey, OP_EQ,
&desc2->plaintext_data.signing_pubkey, ED25519_PUBKEY_LEN);
/* To replace the existing descriptor, the revision counter needs to be
* bigger. */
desc2->plaintext_data.revision_counter =
desc1->plaintext_data.revision_counter + 1;
ret = hs_desc_encode_descriptor(desc2, &service_kp, NULL, &encoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
ret = hs_cache_store_as_client(encoded, &service_kp.pubkey);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tor_free(encoded);
tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey));
}
/* Once stored, our intro circuit should be closed because it is related to
* an old introduction point that doesn't exists anymore. */
tt_assert(!circuit_get_next_intro_circ(NULL, true));
done:
circuit_free(circ);
hs_descriptor_free(desc1);
hs_descriptor_free(desc2);
hs_free_all();
UNMOCK(networkstatus_get_live_consensus);
}
static void
test_close_intro_circuits_cache_clean(void *arg)
{
int ret;
ed25519_keypair_t service_kp;
circuit_t *circ = NULL;
origin_circuit_t *ocirc = NULL;
hs_descriptor_t *desc1 = NULL;
(void) arg;
hs_init();
rend_cache_init();
/* This is needed because of the client cache expiration timestamp is based
* on having a consensus. See cached_client_descriptor_has_expired(). */
MOCK(networkstatus_get_live_consensus,
mock_networkstatus_get_live_consensus);
/* Set consensus time */
parse_rfc1123_time("Sat, 26 Oct 1985 13:00:00 UTC",
&mock_ns.valid_after);
parse_rfc1123_time("Sat, 26 Oct 1985 14:00:00 UTC",
&mock_ns.fresh_until);
parse_rfc1123_time("Sat, 26 Oct 1985 16:00:00 UTC",
&mock_ns.valid_until);
/* Generate service keypair */
tt_int_op(0, OP_EQ, ed25519_keypair_generate(&service_kp, 0));
/* Create and add to the global list a dummy client introduction circuits.
* We'll then make sure the hs_ident is attached to a dummy descriptor. */
circ = dummy_origin_circuit_new(0);
tt_assert(circ);
circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCING;
ocirc = TO_ORIGIN_CIRCUIT(circ);
/* Build the first descriptor and cache it. */
{
char *encoded;
desc1 = hs_helper_build_hs_desc_with_ip(&service_kp);
tt_assert(desc1);
ret = hs_desc_encode_descriptor(desc1, &service_kp, NULL, &encoded);
tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded);
/* Store it */
ret = hs_cache_store_as_client(encoded, &service_kp.pubkey);
tt_int_op(ret, OP_EQ, 0);
tor_free(encoded);
tt_assert(hs_cache_lookup_as_client(&service_kp.pubkey));
}
/* We'll pick one introduction point and associate it with the circuit. */
{
const hs_desc_intro_point_t *ip =
smartlist_get(desc1->encrypted_data.intro_points, 0);
tt_assert(ip);
ocirc->hs_ident = hs_ident_circuit_new(&service_kp.pubkey);
ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk,
&ip->auth_key_cert->signed_key);
}
/* Before we are about to clean up the intro circuits, make sure it is
* actually there. */
tt_assert(circuit_get_next_intro_circ(NULL, true));
/* Cleanup the client cache. The ns valid after time is what decides if the
* descriptor has expired so put it in the future enough (72h) so we are
* sure to always expire. */
mock_ns.valid_after = approx_time() + (72 * 24 * 60 * 60);
hs_cache_clean_as_client(0);
/* Once stored, our intro circuit should be closed because it is related to
* an old introduction point that doesn't exists anymore. */
tt_assert(!circuit_get_next_intro_circ(NULL, true));
done:
circuit_free(circ);
hs_descriptor_free(desc1);
hs_free_all();
rend_cache_free_all();
UNMOCK(networkstatus_get_live_consensus);
}
struct testcase_t hs_client_tests[] = {
{ "e2e_rend_circuit_setup_legacy", test_e2e_rend_circuit_setup_legacy,
TT_FORK, NULL, NULL },
{ "e2e_rend_circuit_setup", test_e2e_rend_circuit_setup,
TT_FORK, NULL, NULL },
{ "client_pick_intro", test_client_pick_intro,
TT_FORK, NULL, NULL },
{ "descriptor_fetch", test_descriptor_fetch,
TT_FORK, NULL, NULL },
{ "auth_key_filename_is_valid", test_auth_key_filename_is_valid, TT_FORK,
NULL, NULL },
{ "parse_auth_file_content", test_parse_auth_file_content, TT_FORK,
NULL, NULL },
{ "config_client_authorization", test_config_client_authorization,
TT_FORK, NULL, NULL },
{ "desc_has_arrived_cleanup", test_desc_has_arrived_cleanup,
TT_FORK, NULL, NULL },
{ "close_intro_circuits_new_desc", test_close_intro_circuits_new_desc,
TT_FORK, NULL, NULL },
{ "close_intro_circuits_cache_clean", test_close_intro_circuits_cache_clean,
TT_FORK, NULL, NULL },
END_OF_TESTCASES
};
Reference in a new issue View git blame Copy permalink