1 /* Copyright (c) 2014-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3
4 #include "orconfig.h"
5
6 #define CIRCUITLIST_PRIVATE
7 #define CIRCUITBUILD_PRIVATE
8 #define CONFIG_PRIVATE
9 #define STATEFILE_PRIVATE
10 #define ENTRYNODES_PRIVATE
11 #define ROUTERLIST_PRIVATE
12 #define DIRCLIENT_PRIVATE
13
14 #include "core/or/or.h"
15 #include "test/test.h"
16
17 #include "feature/client/bridges.h"
18 #include "core/or/circuitlist.h"
19 #include "core/or/circuitbuild.h"
20 #include "app/config/config.h"
21 #include "lib/confmgt/confmgt.h"
22 #include "lib/crypt_ops/crypto_rand.h"
23 #include "feature/dircommon/directory.h"
24 #include "feature/dirclient/dirclient.h"
25 #include "feature/client/entrynodes.h"
26 #include "feature/nodelist/nodelist.h"
27 #include "feature/nodelist/networkstatus.h"
28 #include "core/or/policies.h"
29 #include "feature/nodelist/routerlist.h"
30 #include "feature/nodelist/routerset.h"
31 #include "app/config/statefile.h"
32
33 #include "core/or/cpath_build_state_st.h"
34 #include "core/or/crypt_path_st.h"
35 #include "feature/dircommon/dir_connection_st.h"
36 #include "feature/nodelist/microdesc_st.h"
37 #include "feature/nodelist/networkstatus_st.h"
38 #include "feature/nodelist/node_st.h"
39 #include "core/or/origin_circuit_st.h"
40 #include "app/config/or_state_st.h"
41 #include "feature/nodelist/routerinfo_st.h"
42 #include "feature/nodelist/routerstatus_st.h"
43
44 #include "test/test_helpers.h"
45 #include "test/log_test_helpers.h"
46
47 #include "lib/container/bloomfilt.h"
48 #include "lib/encoding/confline.h"
49
50 /* TODO:
51 * choose_random_entry() test with state set.
52 *
53 * parse_state() tests with more than one guards.
54 *
55 * More tests for set_from_config(): Multiple nodes, use fingerprints,
56 * use country codes.
57 */
58
59 /** Dummy Tor state used in unittests. */
60 static or_state_t *dummy_state = NULL;
61 static or_state_t *
get_or_state_replacement(void)62 get_or_state_replacement(void)
63 {
64 return dummy_state;
65 }
66
67 static networkstatus_t *dummy_consensus = NULL;
68
69 static smartlist_t *big_fake_net_nodes = NULL;
70
71 static const smartlist_t *
bfn_mock_nodelist_get_list(void)72 bfn_mock_nodelist_get_list(void)
73 {
74 return big_fake_net_nodes;
75 }
76
77 static networkstatus_t *
bfn_mock_networkstatus_get_reasonably_live_consensus(time_t now,int flavor)78 bfn_mock_networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
79 {
80 (void)now;
81 (void)flavor;
82 return dummy_consensus;
83 }
84
85 static const node_t *
bfn_mock_node_get_by_id(const char * id)86 bfn_mock_node_get_by_id(const char *id)
87 {
88 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n,
89 if (fast_memeq(n->identity, id, 20))
90 return n);
91
92 return NULL;
93 }
94
95 static int
mock_router_have_minimum_dir_info(void)96 mock_router_have_minimum_dir_info(void)
97 {
98 return 1;
99 }
100
101 /* Helper function to free a test node. */
102 static void
test_node_free(node_t * n)103 test_node_free(node_t *n)
104 {
105 tor_free(n->rs);
106 tor_free(n->md->onion_curve25519_pkey);
107 short_policy_free(n->md->exit_policy);
108 tor_free(n->md);
109 tor_free(n);
110 }
111
112 /* Unittest cleanup function: Cleanup the fake network. */
113 static int
big_fake_network_cleanup(const struct testcase_t * testcase,void * ptr)114 big_fake_network_cleanup(const struct testcase_t *testcase, void *ptr)
115 {
116 (void) testcase;
117 (void) ptr;
118
119 if (big_fake_net_nodes) {
120 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, {
121 test_node_free(n);
122 });
123 smartlist_free(big_fake_net_nodes);
124 }
125
126 UNMOCK(nodelist_get_list);
127 UNMOCK(node_get_by_id);
128 UNMOCK(get_or_state);
129 UNMOCK(networkstatus_get_reasonably_live_consensus);
130 or_state_free(dummy_state);
131 dummy_state = NULL;
132 tor_free(dummy_consensus);
133
134 return 1; /* NOP */
135 }
136
137 #define REASONABLY_FUTURE " reasonably-future"
138 #define REASONABLY_PAST " reasonably-past"
139
140 /* Unittest setup function: Setup a fake network. */
141 static void *
big_fake_network_setup(const struct testcase_t * testcase)142 big_fake_network_setup(const struct testcase_t *testcase)
143 {
144 int i;
145
146 /* These are minimal node_t objects that only contain the aspects of node_t
147 * that we need for entrynodes.c. */
148 const int N_NODES = 271;
149
150 const char *argument = testcase->setup_data;
151 int reasonably_future_consensus = 0, reasonably_past_consensus = 0;
152 if (argument) {
153 reasonably_future_consensus = strstr(argument, REASONABLY_FUTURE) != NULL;
154 reasonably_past_consensus = strstr(argument, REASONABLY_PAST) != NULL;
155 }
156
157 big_fake_net_nodes = smartlist_new();
158 for (i = 0; i < N_NODES; ++i) {
159 curve25519_secret_key_t curve25519_secret_key;
160
161 node_t *n = tor_malloc_zero(sizeof(node_t));
162 n->md = tor_malloc_zero(sizeof(microdesc_t));
163
164 /* Generate curve25519 key for this node */
165 n->md->onion_curve25519_pkey =
166 tor_malloc_zero(sizeof(curve25519_public_key_t));
167 curve25519_secret_key_generate(&curve25519_secret_key, 0);
168 curve25519_public_key_generate(n->md->onion_curve25519_pkey,
169 &curve25519_secret_key);
170
171 crypto_rand(n->identity, sizeof(n->identity));
172 n->rs = tor_malloc_zero(sizeof(routerstatus_t));
173
174 memcpy(n->rs->identity_digest, n->identity, DIGEST_LEN);
175
176 n->is_running = n->is_valid = n->is_fast = n->is_stable = 1;
177
178 /* Note: all these guards have the same address, so you'll need to
179 * disable EnforceDistinctSubnets when a restriction is applied. */
180 tor_addr_from_ipv4h(&n->rs->ipv4_addr, 0x04020202);
181 n->rs->ipv4_orport = 1234;
182 n->rs->is_v2_dir = 1;
183 n->rs->has_bandwidth = 1;
184 n->rs->bandwidth_kb = 30;
185
186 /* Make a random nickname for each node */
187 {
188 char nickname_binary[8];
189 crypto_rand(nickname_binary, sizeof(nickname_binary));
190 base32_encode(n->rs->nickname, sizeof(n->rs->nickname),
191 nickname_binary, sizeof(nickname_binary));
192 }
193
194 /* Call half of the nodes a possible guard. */
195 if (i % 2 == 0) {
196 n->is_possible_guard = 1;
197 n->rs->guardfraction_percentage = 100;
198 n->rs->has_guardfraction = 1;
199 n->rs->is_possible_guard = 1;
200 }
201
202 /* Make some of these nodes a possible exit */
203 if (i % 7 == 0) {
204 n->md->exit_policy = parse_short_policy("accept 443");
205 }
206
207 n->nodelist_idx = smartlist_len(big_fake_net_nodes);
208 smartlist_add(big_fake_net_nodes, n);
209 }
210
211 dummy_state = or_state_new();
212 dummy_consensus = tor_malloc_zero(sizeof(networkstatus_t));
213 if (reasonably_future_consensus) {
214 /* Make the dummy consensus valid in 6 hours, and expiring in 7 hours. */
215 dummy_consensus->valid_after = approx_time() + 6*3600;
216 dummy_consensus->valid_until = approx_time() + 7*3600;
217 } else if (reasonably_past_consensus) {
218 /* Make the dummy consensus valid from 16 hours ago, but expired 12 hours
219 * ago. */
220 dummy_consensus->valid_after = approx_time() - 16*3600;
221 dummy_consensus->valid_until = approx_time() - 12*3600;
222 } else {
223 /* Make the dummy consensus valid for an hour either side of now. */
224 dummy_consensus->valid_after = approx_time() - 3600;
225 dummy_consensus->valid_until = approx_time() + 3600;
226 }
227
228 MOCK(nodelist_get_list, bfn_mock_nodelist_get_list);
229 MOCK(node_get_by_id, bfn_mock_node_get_by_id);
230 MOCK(get_or_state,
231 get_or_state_replacement);
232 MOCK(networkstatus_get_reasonably_live_consensus,
233 bfn_mock_networkstatus_get_reasonably_live_consensus);
234 /* Return anything but NULL (it's interpreted as test fail) */
235 return (void*)testcase;
236 }
237
238 static time_t
mock_randomize_time_no_randomization(time_t a,time_t b)239 mock_randomize_time_no_randomization(time_t a, time_t b)
240 {
241 (void) b;
242 return a;
243 }
244
245 static or_options_t *mocked_options;
246
247 static const or_options_t *
mock_get_options(void)248 mock_get_options(void)
249 {
250 return mocked_options;
251 }
252
253 #define TEST_IPV4_ADDR "123.45.67.89"
254 #define TEST_IPV6_ADDR "[1234:5678:90ab:cdef::]"
255
256 static void
test_node_preferred_orport(void * arg)257 test_node_preferred_orport(void *arg)
258 {
259 (void)arg;
260 tor_addr_t ipv4_addr;
261 const uint16_t ipv4_port = 4444;
262 tor_addr_t ipv6_addr;
263 const uint16_t ipv6_port = 6666;
264 routerinfo_t node_ri;
265 node_t node;
266 tor_addr_port_t ap;
267
268 /* Setup options */
269 mocked_options = options_new();
270 /* We don't test ClientPreferIPv6ORPort here, because it's used in
271 * nodelist_set_consensus to setup node.ipv6_preferred, which we set
272 * directly. */
273 MOCK(get_options, mock_get_options);
274
275 /* Setup IP addresses */
276 tor_addr_parse(&ipv4_addr, TEST_IPV4_ADDR);
277 tor_addr_parse(&ipv6_addr, TEST_IPV6_ADDR);
278
279 /* Setup node_ri */
280 memset(&node_ri, 0, sizeof(node_ri));
281 tor_addr_copy(&node_ri.ipv4_addr, &ipv4_addr);
282 node_ri.ipv4_orport = ipv4_port;
283 tor_addr_copy(&node_ri.ipv6_addr, &ipv6_addr);
284 node_ri.ipv6_orport = ipv6_port;
285
286 /* Setup node */
287 memset(&node, 0, sizeof(node));
288 node.ri = &node_ri;
289
290 /* Check the preferred address is IPv4 if we're only using IPv4, regardless
291 * of whether we prefer it or not */
292 mocked_options->ClientUseIPv4 = 1;
293 mocked_options->ClientUseIPv6 = 0;
294 node.ipv6_preferred = 0;
295 node_get_pref_orport(&node, &ap);
296 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr));
297 tt_assert(ap.port == ipv4_port);
298
299 node.ipv6_preferred = 1;
300 node_get_pref_orport(&node, &ap);
301 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr));
302 tt_assert(ap.port == ipv4_port);
303
304 /* Check the preferred address is IPv4 if we're using IPv4 and IPv6, but
305 * don't prefer the IPv6 address */
306 mocked_options->ClientUseIPv4 = 1;
307 mocked_options->ClientUseIPv6 = 1;
308 node.ipv6_preferred = 0;
309 node_get_pref_orport(&node, &ap);
310 tt_assert(tor_addr_eq(&ap.addr, &ipv4_addr));
311 tt_assert(ap.port == ipv4_port);
312
313 /* Check the preferred address is IPv6 if we prefer it and
314 * ClientUseIPv6 is 1, regardless of ClientUseIPv4 */
315 mocked_options->ClientUseIPv4 = 1;
316 mocked_options->ClientUseIPv6 = 1;
317 node.ipv6_preferred = 1;
318 node_get_pref_orport(&node, &ap);
319 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr));
320 tt_assert(ap.port == ipv6_port);
321
322 mocked_options->ClientUseIPv4 = 0;
323 node_get_pref_orport(&node, &ap);
324 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr));
325 tt_assert(ap.port == ipv6_port);
326
327 /* Check the preferred address is IPv6 if we don't prefer it, but
328 * ClientUseIPv4 is 0 */
329 mocked_options->ClientUseIPv4 = 0;
330 mocked_options->ClientUseIPv6 = 1;
331 node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(mocked_options);
332 node_get_pref_orport(&node, &ap);
333 tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr));
334 tt_assert(ap.port == ipv6_port);
335
336 done:
337 or_options_free(mocked_options);
338 UNMOCK(get_options);
339 }
340
341 static void
test_entry_guard_describe(void * arg)342 test_entry_guard_describe(void *arg)
343 {
344 (void)arg;
345 entry_guard_t g;
346 memset(&g, 0, sizeof(g));
347 strlcpy(g.nickname, "okefenokee", sizeof(g.nickname));
348 memcpy(g.identity, "theforestprimeval---", DIGEST_LEN);
349
350 tt_str_op(entry_guard_describe(&g), OP_EQ,
351 "okefenokee ($746865666F726573747072696D6576616C2D2D2D)");
352
353 done:
354 ;
355 }
356
357 static void
test_entry_guard_randomize_time(void * arg)358 test_entry_guard_randomize_time(void *arg)
359 {
360 const time_t now = 1479153573;
361 const int delay = 86400;
362 const int N = 1000;
363 (void)arg;
364
365 time_t t;
366 int i;
367 for (i = 0; i < N; ++i) {
368 t = randomize_time(now, delay);
369 tt_int_op(t, OP_LE, now);
370 tt_int_op(t, OP_GE, now-delay);
371 }
372
373 /* now try the corner cases */
374 for (i = 0; i < N; ++i) {
375 t = randomize_time(100, delay);
376 tt_int_op(t, OP_GE, 1);
377 tt_int_op(t, OP_LE, 100);
378
379 t = randomize_time(0, delay);
380 tt_int_op(t, OP_EQ, 1);
381 }
382
383 done:
384 ;
385 }
386
387 static void
test_entry_guard_encode_for_state_minimal(void * arg)388 test_entry_guard_encode_for_state_minimal(void *arg)
389 {
390 (void) arg;
391 entry_guard_t *eg = tor_malloc_zero(sizeof(entry_guard_t));
392
393 eg->selection_name = tor_strdup("wubwub");
394 memcpy(eg->identity, "plurpyflurpyslurpydo", DIGEST_LEN);
395 eg->sampled_on_date = 1479081600;
396 eg->confirmed_idx = -1;
397
398 char *s = NULL;
399 s = entry_guard_encode_for_state(eg, 0);
400
401 tt_str_op(s, OP_EQ,
402 "in=wubwub "
403 "rsa_id=706C75727079666C75727079736C75727079646F "
404 "sampled_on=2016-11-14T00:00:00 "
405 "sampled_idx=0 "
406 "listed=0");
407
408 done:
409 entry_guard_free(eg);
410 tor_free(s);
411 }
412
413 static void
test_entry_guard_encode_for_state_maximal(void * arg)414 test_entry_guard_encode_for_state_maximal(void *arg)
415 {
416 (void) arg;
417 entry_guard_t *eg = tor_malloc_zero(sizeof(entry_guard_t));
418
419 strlcpy(eg->nickname, "Fred", sizeof(eg->nickname));
420 eg->selection_name = tor_strdup("default");
421 memcpy(eg->identity, "plurpyflurpyslurpydo", DIGEST_LEN);
422 eg->bridge_addr = tor_malloc_zero(sizeof(tor_addr_port_t));
423 tor_addr_from_ipv4h(&eg->bridge_addr->addr, 0x08080404);
424 eg->bridge_addr->port = 9999;
425 eg->sampled_on_date = 1479081600;
426 eg->sampled_by_version = tor_strdup("1.2.3");
427 eg->unlisted_since_date = 1479081645;
428 eg->currently_listed = 1;
429 eg->confirmed_on_date = 1479081690;
430 eg->confirmed_idx = 333;
431 eg->sampled_idx = 42;
432 eg->extra_state_fields = tor_strdup("and the green grass grew all around");
433
434 char *s = NULL;
435 s = entry_guard_encode_for_state(eg, 0);
436
437 tt_str_op(s, OP_EQ,
438 "in=default "
439 "rsa_id=706C75727079666C75727079736C75727079646F "
440 "bridge_addr=8.8.4.4:9999 "
441 "nickname=Fred "
442 "sampled_on=2016-11-14T00:00:00 "
443 "sampled_idx=0 "
444 "sampled_by=1.2.3 "
445 "unlisted_since=2016-11-14T00:00:45 "
446 "listed=1 "
447 "confirmed_on=2016-11-14T00:01:30 "
448 "confirmed_idx=333 "
449 "and the green grass grew all around");
450
451 done:
452 entry_guard_free(eg);
453 tor_free(s);
454 }
455
456 static void
test_entry_guard_parse_from_state_minimal(void * arg)457 test_entry_guard_parse_from_state_minimal(void *arg)
458 {
459 (void)arg;
460 char *mem_op_hex_tmp = NULL;
461 entry_guard_t *eg = NULL;
462 time_t t = approx_time();
463
464 eg = entry_guard_parse_from_state(
465 "in=default_plus "
466 "rsa_id=596f75206d6179206e656564206120686f626279");
467 tt_assert(eg);
468
469 tt_str_op(eg->selection_name, OP_EQ, "default_plus");
470 test_mem_op_hex(eg->identity, OP_EQ,
471 "596f75206d6179206e656564206120686f626279");
472 tt_str_op(eg->nickname, OP_EQ, "$596F75206D6179206E656564206120686F626279");
473 tt_ptr_op(eg->bridge_addr, OP_EQ, NULL);
474 tt_i64_op(eg->sampled_on_date, OP_GE, t);
475 tt_i64_op(eg->sampled_on_date, OP_LE, t+86400);
476 tt_i64_op(eg->unlisted_since_date, OP_EQ, 0);
477 tt_ptr_op(eg->sampled_by_version, OP_EQ, NULL);
478 tt_int_op(eg->currently_listed, OP_EQ, 0);
479 tt_i64_op(eg->confirmed_on_date, OP_EQ, 0);
480 tt_int_op(eg->confirmed_idx, OP_EQ, -1);
481
482 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0);
483 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
484
485 done:
486 entry_guard_free(eg);
487 tor_free(mem_op_hex_tmp);
488 }
489
490 static void
test_entry_guard_parse_from_state_maximal(void * arg)491 test_entry_guard_parse_from_state_maximal(void *arg)
492 {
493 (void)arg;
494 char *mem_op_hex_tmp = NULL;
495 entry_guard_t *eg = NULL;
496
497 eg = entry_guard_parse_from_state(
498 "in=fred "
499 "rsa_id=706C75727079666C75727079736C75727079646F "
500 "bridge_addr=[1::3]:9999 "
501 "nickname=Fred "
502 "sampled_on=2016-11-14T00:00:00 "
503 "sampled_by=1.2.3 "
504 "unlisted_since=2016-11-14T00:00:45 "
505 "listed=1 "
506 "confirmed_on=2016-11-14T00:01:30 "
507 "confirmed_idx=333 "
508 "and the green grass grew all around "
509 "rsa_id=all,around");
510 tt_assert(eg);
511
512 test_mem_op_hex(eg->identity, OP_EQ,
513 "706C75727079666C75727079736C75727079646F");
514 tt_str_op(fmt_addr(&eg->bridge_addr->addr), OP_EQ, "1::3");
515 tt_int_op(eg->bridge_addr->port, OP_EQ, 9999);
516 tt_str_op(eg->nickname, OP_EQ, "Fred");
517 tt_i64_op(eg->sampled_on_date, OP_EQ, 1479081600);
518 tt_i64_op(eg->unlisted_since_date, OP_EQ, 1479081645);
519 tt_str_op(eg->sampled_by_version, OP_EQ, "1.2.3");
520 tt_int_op(eg->currently_listed, OP_EQ, 1);
521 tt_i64_op(eg->confirmed_on_date, OP_EQ, 1479081690);
522 tt_int_op(eg->confirmed_idx, OP_EQ, 333);
523 tt_str_op(eg->extra_state_fields, OP_EQ,
524 "and the green grass grew all around rsa_id=all,around");
525
526 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0);
527 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
528
529 done:
530 entry_guard_free(eg);
531 tor_free(mem_op_hex_tmp);
532 }
533
534 static void
test_entry_guard_parse_from_state_failure(void * arg)535 test_entry_guard_parse_from_state_failure(void *arg)
536 {
537 (void)arg;
538 entry_guard_t *eg = NULL;
539
540 /* no selection */
541 eg = entry_guard_parse_from_state(
542 "rsa_id=596f75206d6179206e656564206120686f626270");
543 tt_ptr_op(eg, OP_EQ, NULL);
544
545 /* no RSA ID. */
546 eg = entry_guard_parse_from_state("in=default nickname=Fred");
547 tt_ptr_op(eg, OP_EQ, NULL);
548
549 /* Bad RSA ID: bad character. */
550 eg = entry_guard_parse_from_state(
551 "in=default "
552 "rsa_id=596f75206d6179206e656564206120686f62627q");
553 tt_ptr_op(eg, OP_EQ, NULL);
554
555 /* Bad RSA ID: too long.*/
556 eg = entry_guard_parse_from_state(
557 "in=default "
558 "rsa_id=596f75206d6179206e656564206120686f6262703");
559 tt_ptr_op(eg, OP_EQ, NULL);
560
561 /* Bad RSA ID: too short.*/
562 eg = entry_guard_parse_from_state(
563 "in=default "
564 "rsa_id=596f75206d6179206e65656420612");
565 tt_ptr_op(eg, OP_EQ, NULL);
566
567 done:
568 entry_guard_free(eg);
569 }
570
571 static void
test_entry_guard_parse_from_state_partial_failure(void * arg)572 test_entry_guard_parse_from_state_partial_failure(void *arg)
573 {
574 (void)arg;
575 char *mem_op_hex_tmp = NULL;
576 entry_guard_t *eg = NULL;
577 time_t t = approx_time();
578
579 eg = entry_guard_parse_from_state(
580 "in=default "
581 "rsa_id=706C75727079666C75727079736C75727079646F "
582 "bridge_addr=1.2.3.3.4:5 "
583 "nickname=FredIsANodeWithAStrangeNicknameThatIsTooLong "
584 "sampled_on=2016-11-14T00:00:99 "
585 "sampled_by=1.2.3 stuff in the middle "
586 "unlisted_since=2016-xx-14T00:00:45 "
587 "listed=0 "
588 "confirmed_on=2016-11-14T00:01:30zz "
589 "confirmed_idx=idx "
590 "and the green grass grew all around "
591 "rsa_id=all,around");
592 tt_assert(eg);
593
594 test_mem_op_hex(eg->identity, OP_EQ,
595 "706C75727079666C75727079736C75727079646F");
596 tt_str_op(eg->nickname, OP_EQ, "FredIsANodeWithAStrangeNicknameThatIsTooL");
597 tt_ptr_op(eg->bridge_addr, OP_EQ, NULL);
598 tt_i64_op(eg->sampled_on_date, OP_EQ, t);
599 tt_i64_op(eg->unlisted_since_date, OP_EQ, 0);
600 tt_str_op(eg->sampled_by_version, OP_EQ, "1.2.3");
601 tt_int_op(eg->currently_listed, OP_EQ, 0);
602 tt_i64_op(eg->confirmed_on_date, OP_EQ, 0);
603 tt_int_op(eg->confirmed_idx, OP_EQ, -1);
604 tt_str_op(eg->extra_state_fields, OP_EQ,
605 "stuff in the middle and the green grass grew all around "
606 "rsa_id=all,around");
607
608 tt_int_op(eg->last_tried_to_connect, OP_EQ, 0);
609 tt_int_op(eg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
610
611 done:
612 entry_guard_free(eg);
613 tor_free(mem_op_hex_tmp);
614 }
615
616 static int
mock_entry_guard_is_listed(guard_selection_t * gs,const entry_guard_t * guard)617 mock_entry_guard_is_listed(guard_selection_t *gs, const entry_guard_t *guard)
618 {
619 (void)gs;
620 (void)guard;
621 return 1;
622 }
623
624 static void
test_entry_guard_parse_from_state_full(void * arg)625 test_entry_guard_parse_from_state_full(void *arg)
626 {
627 (void)arg;
628 /* Here's a state I made while testing. The identities and locations for
629 * the bridges are redacted. */
630 const char STATE[] =
631 "Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 "
632 "nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 "
633 "sampled_idx=0 "
634 "sampled_by=0.3.0.0-alpha-dev "
635 "listed=1\n"
636 "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
637 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
638 "sampled_idx=1 "
639 "sampled_by=0.3.0.0-alpha-dev "
640 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
641 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 "
642 "pb_successful_circuits_closed=2.000000\n"
643 "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
644 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
645 "sampled_idx=2 "
646 "sampled_by=0.3.0.0-alpha-dev "
647 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 "
648 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 "
649 "pb_successful_circuits_closed=5.000000\n"
650 "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
651 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
652 "sampled_idx=0 "
653 "sampled_by=0.3.0.0-alpha-dev "
654 "listed=1\n"
655 "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
656 "nickname=maibrunn sampled_on=2016-11-25T22:36:38 "
657 "sampled_idx=3 "
658 "sampled_by=0.3.0.0-alpha-dev listed=1\n"
659 "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E "
660 "nickname=Unnamed sampled_on=2016-11-25T14:34:00 "
661 "sampled_idx=10 "
662 "sampled_by=0.3.0.0-alpha-dev listed=1\n"
663 "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E "
664 "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 "
665 "sampled_idx=0 "
666 "sampled_by=0.3.0.0-alpha-dev listed=1 "
667 "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 "
668 "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 "
669 "pb_successful_circuits_closed=13.000000\n"
670 "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 "
671 "bridge_addr=37.218.246.143:28366 "
672 "sampled_on=2016-11-18T15:07:34 sampled_idx=1 "
673 "sampled_by=0.3.0.0-alpha-dev listed=1\n";
674
675 config_line_t *lines = NULL;
676 or_state_t *state = tor_malloc_zero(sizeof(or_state_t));
677 int r = config_get_lines(STATE, &lines, 0);
678 char *msg = NULL;
679 smartlist_t *text = smartlist_new();
680 char *joined = NULL;
681
682 // So nodes aren't expired. This is Tue, 13 Dec 2016 09:37:14 GMT
683 update_approx_time(1481621834);
684
685 MOCK(entry_guard_is_listed, mock_entry_guard_is_listed);
686
687 dummy_state = state;
688 MOCK(get_or_state,
689 get_or_state_replacement);
690
691 tt_int_op(r, OP_EQ, 0);
692 tt_assert(lines);
693
694 state->Guard = lines;
695
696 /* Try it first without setting the result. */
697 r = entry_guards_parse_state(state, 0, &msg);
698 tt_int_op(r, OP_EQ, 0);
699 guard_selection_t *gs_br =
700 get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0);
701 tt_ptr_op(gs_br, OP_EQ, NULL);
702
703 r = entry_guards_parse_state(state, 1, &msg);
704 tt_int_op(r, OP_EQ, 0);
705 gs_br = get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0);
706 guard_selection_t *gs_df =
707 get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0);
708 guard_selection_t *gs_wb =
709 get_guard_selection_by_name("wobblesome", GS_TYPE_NORMAL, 0);
710
711 tt_assert(gs_br);
712 tt_assert(gs_df);
713 tt_assert(gs_wb);
714
715 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 5);
716 tt_int_op(smartlist_len(gs_br->sampled_entry_guards), OP_EQ, 2);
717 tt_int_op(smartlist_len(gs_wb->sampled_entry_guards), OP_EQ, 1);
718
719 /* Try again; make sure it doesn't double-add the guards. */
720 r = entry_guards_parse_state(state, 1, &msg);
721 tt_int_op(r, OP_EQ, 0);
722 gs_br = get_guard_selection_by_name("bridges", GS_TYPE_BRIDGE, 0);
723 gs_df = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0);
724 tt_assert(gs_br);
725 tt_assert(gs_df);
726 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 5);
727 tt_int_op(smartlist_len(gs_br->sampled_entry_guards), OP_EQ, 2);
728
729 /* Re-encode; it should be the same... almost. */
730 {
731 /* (Make a guard nonpersistent first) */
732 entry_guard_t *g = smartlist_get(gs_df->sampled_entry_guards, 0);
733 g->is_persistent = 0;
734 }
735 config_free_lines(lines);
736 lines = state->Guard = NULL; // to prevent double-free.
737 entry_guards_update_state(state);
738 tt_assert(state->Guard);
739 lines = state->Guard;
740
741 config_line_t *ln;
742 for (ln = lines; ln; ln = ln->next) {
743 smartlist_add_asprintf(text, "%s %s\n",ln->key, ln->value);
744 }
745 joined = smartlist_join_strings(text, "", 0, NULL);
746 tt_str_op(joined, OP_EQ,
747 "Guard in=default rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
748 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
749 "sampled_idx=0 "
750 "sampled_by=0.3.0.0-alpha-dev "
751 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
752 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 "
753 "pb_successful_circuits_closed=2.000000\n"
754 "Guard in=default rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
755 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
756 "sampled_idx=1 "
757 "sampled_by=0.3.0.0-alpha-dev "
758 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=1 "
759 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 "
760 "pb_successful_circuits_closed=5.000000\n"
761 "Guard in=default rsa_id=E9025AD60D86875D5F11548D536CC6AF60F0EF5E "
762 "nickname=maibrunn sampled_on=2016-11-25T22:36:38 "
763 "sampled_idx=2 "
764 "sampled_by=0.3.0.0-alpha-dev listed=1\n"
765 "Guard in=default rsa_id=DCD30B90BA3A792DA75DC54A327EF353FB84C38E "
766 "nickname=Unnamed sampled_on=2016-11-25T14:34:00 "
767 "sampled_idx=3 "
768 "sampled_by=0.3.0.0-alpha-dev listed=1\n"
769 "Guard in=wobblesome rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
770 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
771 "sampled_idx=0 "
772 "sampled_by=0.3.0.0-alpha-dev "
773 "listed=1\n"
774 "Guard in=bridges rsa_id=8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2E "
775 "bridge_addr=24.1.1.1:443 sampled_on=2016-11-25T06:44:14 "
776 "sampled_idx=0 "
777 "sampled_by=0.3.0.0-alpha-dev listed=1 "
778 "confirmed_on=2016-11-29T10:36:06 confirmed_idx=0 "
779 "pb_circ_attempts=8.000000 pb_circ_successes=8.000000 "
780 "pb_successful_circuits_closed=13.000000\n"
781 "Guard in=bridges rsa_id=5800000000000000000000000000000000000000 "
782 "bridge_addr=37.218.246.143:28366 "
783 "sampled_on=2016-11-18T15:07:34 sampled_idx=1 "
784 "sampled_by=0.3.0.0-alpha-dev listed=1\n");
785
786 done:
787 config_free_lines(lines);
788 tor_free(state);
789 tor_free(msg);
790 UNMOCK(get_or_state);
791 UNMOCK(entry_guard_is_listed);
792 SMARTLIST_FOREACH(text, char *, cp, tor_free(cp));
793 smartlist_free(text);
794 tor_free(joined);
795 }
796
797 static void
test_entry_guard_parse_from_state_broken(void * arg)798 test_entry_guard_parse_from_state_broken(void *arg)
799 {
800 (void)arg;
801 /* Here's a variation on the previous state. Every line but the first is
802 * busted somehow. */
803 const char STATE[] =
804 /* Okay. */
805 "Guard in=default rsa_id=214F44BD5B638E8C817D47FF7C97397790BF0345 "
806 "nickname=TotallyNinja sampled_on=2016-11-12T19:32:49 "
807 "sampled_by=0.3.0.0-alpha-dev "
808 "listed=1\n"
809 /* No selection listed. */
810 "Guard rsa_id=052900AB0EA3ED54BAB84AE8A99E74E8693CE2B2 "
811 "nickname=5OfNovember sampled_on=2016-11-20T04:32:05 "
812 "sampled_by=0.3.0.0-alpha-dev "
813 "listed=1 confirmed_on=2016-11-22T08:13:28 confirmed_idx=0 "
814 "pb_circ_attempts=4.000000 pb_circ_successes=2.000000 "
815 "pb_successful_circuits_closed=2.000000\n"
816 /* Selection is "legacy"!! */
817 "Guard in=legacy rsa_id=7B700C0C207EBD0002E00F499BE265519AC3C25A "
818 "nickname=dc6jgk11 sampled_on=2016-11-28T11:50:13 "
819 "sampled_by=0.3.0.0-alpha-dev "
820 "listed=1 confirmed_on=2016-11-24T08:45:30 confirmed_idx=4 "
821 "pb_circ_attempts=5.000000 pb_circ_successes=5.000000 "
822 "pb_successful_circuits_closed=5.000000\n";
823
824 config_line_t *lines = NULL;
825 or_state_t *state = tor_malloc_zero(sizeof(or_state_t));
826 int r = config_get_lines(STATE, &lines, 0);
827 char *msg = NULL;
828
829 dummy_state = state;
830 MOCK(get_or_state,
831 get_or_state_replacement);
832
833 tt_int_op(r, OP_EQ, 0);
834 tt_assert(lines);
835
836 state->Guard = lines;
837
838 /* First, no-set case. we should get an error. */
839 r = entry_guards_parse_state(state, 0, &msg);
840 tt_int_op(r, OP_LT, 0);
841 tt_ptr_op(msg, OP_NE, NULL);
842 /* And we shouldn't have made anything. */
843 guard_selection_t *gs_df =
844 get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0);
845 tt_ptr_op(gs_df, OP_EQ, NULL);
846 tor_free(msg);
847
848 /* Now see about the set case (which shouldn't happen IRL) */
849 r = entry_guards_parse_state(state, 1, &msg);
850 tt_int_op(r, OP_LT, 0);
851 tt_ptr_op(msg, OP_NE, NULL);
852 gs_df = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0);
853 tt_ptr_op(gs_df, OP_NE, NULL);
854 tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 1);
855
856 done:
857 config_free_lines(lines);
858 tor_free(state);
859 tor_free(msg);
860 UNMOCK(get_or_state);
861 }
862
863 static void
test_entry_guard_get_guard_selection_by_name(void * arg)864 test_entry_guard_get_guard_selection_by_name(void *arg)
865 {
866 (void)arg;
867 guard_selection_t *gs1, *gs2, *gs3;
868
869 gs1 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 0);
870 tt_ptr_op(gs1, OP_EQ, NULL);
871 gs1 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 1);
872 tt_ptr_op(gs1, OP_NE, NULL);
873 gs2 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 1);
874 tt_assert(gs2 == gs1);
875 gs2 = get_guard_selection_by_name("unlikely", GS_TYPE_NORMAL, 0);
876 tt_assert(gs2 == gs1);
877
878 gs2 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 0);
879 tt_ptr_op(gs2, OP_EQ, NULL);
880 gs2 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 1);
881 tt_ptr_op(gs2, OP_NE, NULL);
882 tt_assert(gs2 != gs1);
883 gs3 = get_guard_selection_by_name("implausible", GS_TYPE_NORMAL, 0);
884 tt_assert(gs3 == gs2);
885
886 gs3 = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 0);
887 tt_ptr_op(gs3, OP_EQ, NULL);
888 gs3 = get_guard_selection_by_name("default", GS_TYPE_NORMAL, 1);
889 tt_ptr_op(gs3, OP_NE, NULL);
890 tt_assert(gs3 != gs2);
891 tt_assert(gs3 != gs1);
892 tt_assert(gs3 == get_guard_selection_info());
893
894 done:
895 entry_guards_free_all();
896 }
897
898 static void
test_entry_guard_choose_selection_initial(void * arg)899 test_entry_guard_choose_selection_initial(void *arg)
900 {
901 /* Tests for picking our initial guard selection (based on having had
902 * no previous selection */
903 (void)arg;
904 guard_selection_type_t type = GS_TYPE_INFER;
905 const char *name = choose_guard_selection(get_options(),
906 dummy_consensus, NULL, &type);
907 tt_str_op(name, OP_EQ, "default");
908 tt_int_op(type, OP_EQ, GS_TYPE_NORMAL);
909
910 /* If we're using bridges, we get the bridge selection. */
911 get_options_mutable()->UseBridges = 1;
912 name = choose_guard_selection(get_options(),
913 dummy_consensus, NULL, &type);
914 tt_str_op(name, OP_EQ, "bridges");
915 tt_int_op(type, OP_EQ, GS_TYPE_BRIDGE);
916 get_options_mutable()->UseBridges = 0;
917
918 /* If we discard >99% of our guards, though, we should be in the restricted
919 * set. */
920 tt_assert(get_options_mutable()->EntryNodes == NULL);
921 get_options_mutable()->EntryNodes = routerset_new();
922 routerset_parse(get_options_mutable()->EntryNodes, "1.0.0.0/8", "foo");
923 name = choose_guard_selection(get_options(),
924 dummy_consensus, NULL, &type);
925 tt_str_op(name, OP_EQ, "restricted");
926 tt_int_op(type, OP_EQ, GS_TYPE_RESTRICTED);
927
928 done:
929 ;
930 }
931
932 static void
test_entry_guard_add_single_guard(void * arg)933 test_entry_guard_add_single_guard(void *arg)
934 {
935 (void)arg;
936 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
937
938 /* 1: Add a single guard to the sample. */
939 node_t *n1 = smartlist_get(big_fake_net_nodes, 0);
940 time_t now = approx_time();
941 tt_assert(n1->is_possible_guard == 1);
942 entry_guard_t *g1 = entry_guard_add_to_sample(gs, n1);
943 tt_assert(g1);
944
945 /* Make sure its fields look right. */
946 tt_mem_op(n1->identity, OP_EQ, g1->identity, DIGEST_LEN);
947 tt_i64_op(g1->sampled_on_date, OP_GE, now - 12*86400);
948 tt_i64_op(g1->sampled_on_date, OP_LE, now);
949 tt_str_op(g1->sampled_by_version, OP_EQ, VERSION);
950 tt_uint_op(g1->currently_listed, OP_EQ, 1);
951 tt_i64_op(g1->confirmed_on_date, OP_EQ, 0);
952 tt_int_op(g1->confirmed_idx, OP_EQ, -1);
953 tt_int_op(g1->last_tried_to_connect, OP_EQ, 0);
954 tt_uint_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
955 tt_i64_op(g1->failing_since, OP_EQ, 0);
956 tt_uint_op(g1->is_filtered_guard, OP_EQ, 1);
957 tt_uint_op(g1->is_usable_filtered_guard, OP_EQ, 1);
958 tt_uint_op(g1->is_primary, OP_EQ, 0);
959 tt_ptr_op(g1->extra_state_fields, OP_EQ, NULL);
960
961 /* Make sure it got added. */
962 tt_int_op(1, OP_EQ, smartlist_len(gs->sampled_entry_guards));
963 tt_ptr_op(g1, OP_EQ, smartlist_get(gs->sampled_entry_guards, 0));
964 tt_ptr_op(g1, OP_EQ, get_sampled_guard_with_id(gs, (uint8_t*)n1->identity));
965 const uint8_t bad_id[20] = {0};
966 tt_ptr_op(NULL, OP_EQ, get_sampled_guard_with_id(gs, bad_id));
967
968 done:
969 guard_selection_free(gs);
970 }
971
972 static void
test_entry_guard_node_filter(void * arg)973 test_entry_guard_node_filter(void *arg)
974 {
975 (void)arg;
976 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
977 bridge_line_t *bl = NULL;
978
979 /* Initialize a bunch of node objects that are all guards. */
980 #define NUM 7
981 node_t *n[NUM];
982 entry_guard_t *g[NUM];
983 int i;
984 for (i=0; i < NUM; ++i) {
985 n[i] = smartlist_get(big_fake_net_nodes, i*2); // even ones are guards.
986 g[i] = entry_guard_add_to_sample(gs, n[i]);
987
988 // everything starts out filtered-in
989 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 1);
990 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 1);
991 }
992 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, NUM);
993
994 /* Make sure refiltering doesn't hurt */
995 entry_guards_update_filtered_sets(gs);
996 for (i = 0; i < NUM; ++i) {
997 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 1);
998 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 1);
999 }
1000 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, NUM);
1001
1002 /* Now start doing things to make the guards get filtered out, 1 by 1. */
1003
1004 /* 0: Not listed. */
1005 g[0]->currently_listed = 0;
1006
1007 /* 1: path bias says this guard is maybe eeeevil. */
1008 g[1]->pb.path_bias_disabled = 1;
1009
1010 /* 2: Unreachable address. */
1011 tor_addr_make_unspec(&n[2]->rs->ipv4_addr);
1012
1013 /* 3: ExcludeNodes */
1014 tor_addr_from_ipv4h(&n[3]->rs->ipv4_addr, 0x90902020);
1015 routerset_free(get_options_mutable()->ExcludeNodes);
1016 get_options_mutable()->ExcludeNodes = routerset_new();
1017 routerset_parse(get_options_mutable()->ExcludeNodes, "144.144.0.0/16", "");
1018
1019 /* 4: Bridge. */
1020 get_options_mutable()->UseBridges = 1;
1021 sweep_bridge_list();
1022 bl = tor_malloc_zero(sizeof(bridge_line_t));
1023 tor_addr_copy(&bl->addr, &n[4]->rs->ipv4_addr);
1024 bl->port = n[4]->rs->ipv4_orport;
1025 memcpy(bl->digest, n[4]->identity, 20);
1026 bridge_add_from_config(bl);
1027 bl = NULL; // prevent free.
1028 get_options_mutable()->UseBridges = 0;
1029
1030 /* 5: Unreachable. This stays in the filter, but isn't in usable-filtered */
1031 g[5]->last_tried_to_connect = approx_time(); // prevent retry.
1032 g[5]->is_reachable = GUARD_REACHABLE_NO;
1033
1034 /* 6: no change. */
1035
1036 /* Now refilter and inspect. */
1037 entry_guards_update_filtered_sets(gs);
1038 for (i = 0; i < NUM; ++i) {
1039 tt_assert(g[i]->is_filtered_guard == (i == 5 || i == 6));
1040 tt_assert(g[i]->is_usable_filtered_guard == (i == 6));
1041 }
1042 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 1);
1043
1044 /* Now make sure we have no live consensus, and no nodes. Nothing should
1045 * pass the filter any more. */
1046 tor_free(dummy_consensus);
1047 dummy_consensus = NULL;
1048 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, node, {
1049 memset(node->identity, 0xff, 20);
1050 });
1051 entry_guards_update_filtered_sets(gs);
1052 for (i = 0; i < NUM; ++i) {
1053 tt_uint_op(g[i]->is_filtered_guard, OP_EQ, 0);
1054 tt_uint_op(g[i]->is_usable_filtered_guard, OP_EQ, 0);
1055 }
1056 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 0);
1057
1058 done:
1059 guard_selection_free(gs);
1060 tor_free(bl);
1061 #undef NUM
1062 }
1063
1064 static void
test_entry_guard_expand_sample(void * arg)1065 test_entry_guard_expand_sample(void *arg)
1066 {
1067 (void)arg;
1068 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1069 digestmap_t *node_by_id = digestmap_new();
1070
1071 entry_guard_t *guard = entry_guards_expand_sample(gs);
1072 tt_assert(guard); // the last guard returned.
1073
1074 // Every sampled guard here should be filtered and reachable for now.
1075 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ,
1076 num_reachable_filtered_guards(gs, NULL));
1077
1078 /* Make sure we got the right number. */
1079 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ,
1080 num_reachable_filtered_guards(gs, NULL));
1081
1082 // Make sure everything we got was from our fake node list, and everything
1083 // was unique.
1084 SMARTLIST_FOREACH_BEGIN(gs->sampled_entry_guards, entry_guard_t *, g) {
1085 const node_t *n = bfn_mock_node_get_by_id(g->identity);
1086 tt_assert(n);
1087 tt_ptr_op(NULL, OP_EQ, digestmap_get(node_by_id, g->identity));
1088 digestmap_set(node_by_id, g->identity, (void*) n);
1089 int idx = smartlist_pos(big_fake_net_nodes, n);
1090 // The even ones are the guards; make sure we got guards.
1091 tt_int_op(idx & 1, OP_EQ, 0);
1092 } SMARTLIST_FOREACH_END(g);
1093
1094 // Nothing became unusable/unfiltered, so a subsequent expand should
1095 // make no changes.
1096 guard = entry_guards_expand_sample(gs);
1097 tt_ptr_op(guard, OP_EQ, NULL); // no guard was added.
1098 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ,
1099 num_reachable_filtered_guards(gs, NULL));
1100
1101 // Make a few guards unreachable.
1102 guard = smartlist_get(gs->sampled_entry_guards, 0);
1103 guard->is_usable_filtered_guard = 0;
1104 guard = smartlist_get(gs->sampled_entry_guards, 1);
1105 guard->is_usable_filtered_guard = 0;
1106 guard = smartlist_get(gs->sampled_entry_guards, 2);
1107 guard->is_usable_filtered_guard = 0;
1108 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE - 3, OP_EQ,
1109 num_reachable_filtered_guards(gs, NULL));
1110
1111 // This time, expanding the sample will add some more guards.
1112 guard = entry_guards_expand_sample(gs);
1113 tt_assert(guard); // no guard was added.
1114 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ,
1115 num_reachable_filtered_guards(gs, NULL));
1116 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ,
1117 num_reachable_filtered_guards(gs, NULL)+3);
1118
1119 // Still idempotent.
1120 guard = entry_guards_expand_sample(gs);
1121 tt_ptr_op(guard, OP_EQ, NULL); // no guard was added.
1122 tt_int_op(DFLT_MIN_FILTERED_SAMPLE_SIZE, OP_EQ,
1123 num_reachable_filtered_guards(gs, NULL));
1124
1125 // Now, do a nasty trick: tell the filter to exclude 31/32 of the guards.
1126 // This will cause the sample size to get reeeeally huge, while the
1127 // filtered sample size grows only slowly.
1128 routerset_free(get_options_mutable()->ExcludeNodes);
1129 get_options_mutable()->ExcludeNodes = routerset_new();
1130 routerset_parse(get_options_mutable()->ExcludeNodes, "144.144.0.0/16", "");
1131 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, {
1132 if (n_sl_idx % 64 != 0) {
1133 tor_addr_from_ipv4h(&n->rs->ipv4_addr, 0x90903030);
1134 }
1135 });
1136 entry_guards_update_filtered_sets(gs);
1137
1138 // Surely (p ~ 1-2**-60), one of our guards has been excluded.
1139 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_LT,
1140 DFLT_MIN_FILTERED_SAMPLE_SIZE);
1141
1142 // Try to regenerate the guards.
1143 guard = entry_guards_expand_sample(gs);
1144 tt_assert(guard); // no guard was added.
1145
1146 /* this time, it's possible that we didn't add enough sampled guards. */
1147 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_LE,
1148 DFLT_MIN_FILTERED_SAMPLE_SIZE);
1149 /* but we definitely didn't exceed the sample maximum. */
1150 const int n_guards = 271 / 2;
1151 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_LE,
1152 (int)(n_guards * .3));
1153
1154 done:
1155 guard_selection_free(gs);
1156 digestmap_free(node_by_id, NULL);
1157 }
1158
1159 static void
test_entry_guard_expand_sample_small_net(void * arg)1160 test_entry_guard_expand_sample_small_net(void *arg)
1161 {
1162 (void)arg;
1163 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1164
1165 /* Fun corner case: not enough guards to make up our whole sample size. */
1166 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n, {
1167 if (n_sl_idx >= 15) {
1168 test_node_free(n);
1169 SMARTLIST_DEL_CURRENT(big_fake_net_nodes, n);
1170 } else {
1171 tor_addr_make_unspec(&n->rs->ipv4_addr); // make the filter reject this.
1172 }
1173 });
1174
1175 entry_guard_t *guard = entry_guards_expand_sample(gs);
1176 tt_assert(guard); // the last guard returned -- some guard was added.
1177 // half the nodes are guards, so we have 8 guards left. The set
1178 // is small, so we sampled everything.
1179 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 8);
1180 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, 0);
1181 done:
1182 guard_selection_free(gs);
1183 }
1184
1185 static void
test_entry_guard_update_from_consensus_status(void * arg)1186 test_entry_guard_update_from_consensus_status(void *arg)
1187 {
1188 /* Here we're going to have some nodes become un-guardy, and say we got a
1189 * new consensus. This should cause those nodes to get detected as
1190 * unreachable. */
1191
1192 (void)arg;
1193 int i;
1194 time_t start = approx_time();
1195 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1196 networkstatus_t *ns_tmp = NULL;
1197
1198 /* Don't randomly backdate stuff; it will make correctness harder to check.*/
1199 MOCK(randomize_time, mock_randomize_time_no_randomization);
1200
1201 /* First, sample some guards. */
1202 entry_guards_expand_sample(gs);
1203 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards);
1204 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL);
1205 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre);
1206 tt_i64_op(n_sampled_pre, OP_GT, 10);
1207
1208 /* At this point, it should be a no-op to do this: */
1209 sampled_guards_update_from_consensus(gs);
1210
1211 /* Now let's make some of our guards become unlisted. The easiest way to
1212 * do that would be to take away their guard flag. */
1213 for (i = 0; i < 5; ++i) {
1214 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1215 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1216 tt_assert(n);
1217 n->is_possible_guard = 0;
1218 }
1219
1220 update_approx_time(start + 30);
1221 {
1222 /* try this with no live networkstatus. Nothing should happen! */
1223 ns_tmp = dummy_consensus;
1224 dummy_consensus = NULL;
1225 sampled_guards_update_from_consensus(gs);
1226 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre);
1227 tt_i64_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre);
1228 /* put the networkstatus back. */
1229 dummy_consensus = ns_tmp;
1230 ns_tmp = NULL;
1231 }
1232
1233 /* Now those guards should become unlisted, and drop off the filter, but
1234 * stay in the sample. */
1235 update_approx_time(start + 60);
1236 sampled_guards_update_from_consensus(gs);
1237
1238 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre);
1239 tt_i64_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre-5);
1240 for (i = 0; i < 5; ++i) {
1241 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1242 tt_assert(! g->currently_listed);
1243 tt_i64_op(g->unlisted_since_date, OP_EQ, start+60);
1244 }
1245 for (i = 5; i < n_sampled_pre; ++i) {
1246 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1247 tt_assert(g->currently_listed);
1248 tt_i64_op(g->unlisted_since_date, OP_EQ, 0);
1249 }
1250
1251 /* Now re-list one, and remove one completely. */
1252 {
1253 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 0);
1254 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1255 tt_assert(n);
1256 n->is_possible_guard = 1;
1257 }
1258 {
1259 /* try removing the node, to make sure we don't crash on an absent node
1260 */
1261 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 5);
1262 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1263 tt_assert(n);
1264 smartlist_remove(big_fake_net_nodes, n);
1265 test_node_free(n);
1266 }
1267 update_approx_time(start + 300);
1268 sampled_guards_update_from_consensus(gs);
1269
1270 /* guards 1..5 are now unlisted; 0,6,7.. are listed. */
1271 tt_i64_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre);
1272 for (i = 1; i < 6; ++i) {
1273 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1274 tt_assert(! g->currently_listed);
1275 if (i == 5)
1276 tt_i64_op(g->unlisted_since_date, OP_EQ, start+300);
1277 else
1278 tt_i64_op(g->unlisted_since_date, OP_EQ, start+60);
1279 }
1280 for (i = 0; i < n_sampled_pre; i = (!i) ? 6 : i+1) { /* 0,6,7,8, ... */
1281 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1282 tt_assert(g->currently_listed);
1283 tt_i64_op(g->unlisted_since_date, OP_EQ, 0);
1284 }
1285
1286 done:
1287 tor_free(ns_tmp); /* in case we couldn't put it back */
1288 guard_selection_free(gs);
1289 UNMOCK(randomize_time);
1290 }
1291
1292 static void
test_entry_guard_update_from_consensus_repair(void * arg)1293 test_entry_guard_update_from_consensus_repair(void *arg)
1294 {
1295 /* Here we'll make sure that our code to repair the unlisted-since
1296 * times is correct. */
1297
1298 (void)arg;
1299 int i;
1300 time_t start = approx_time();
1301 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1302
1303 /* Don't randomly backdate stuff; it will make correctness harder to check.*/
1304 MOCK(randomize_time, mock_randomize_time_no_randomization);
1305
1306 /* First, sample some guards. */
1307 entry_guards_expand_sample(gs);
1308 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards);
1309 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL);
1310 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre);
1311 tt_i64_op(n_sampled_pre, OP_GT, 10);
1312
1313 /* Now corrupt the list a bit. Call some unlisted-since-never, and some
1314 * listed-and-unlisted-since-a-time. */
1315 update_approx_time(start + 300);
1316 for (i = 0; i < 3; ++i) {
1317 /* these will get a date. */
1318 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1319 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1320 tt_assert(n);
1321 n->is_possible_guard = 0;
1322 g->currently_listed = 0;
1323 }
1324 for (i = 3; i < 6; ++i) {
1325 /* these will become listed. */
1326 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1327 g->unlisted_since_date = start+100;
1328 }
1329 setup_full_capture_of_logs(LOG_WARN);
1330 sampled_guards_update_from_consensus(gs);
1331 expect_log_msg_containing(
1332 "was listed, but with unlisted_since_date set");
1333 expect_log_msg_containing(
1334 "was unlisted, but with unlisted_since_date unset");
1335 teardown_capture_of_logs();
1336
1337 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre);
1338 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_filtered_pre-3);
1339 for (i = 3; i < n_sampled_pre; ++i) {
1340 /* these will become listed. */
1341 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, i);
1342 if (i < 3) {
1343 tt_assert(! g->currently_listed);
1344 tt_i64_op(g->unlisted_since_date, OP_EQ, start+300);
1345 } else {
1346 tt_assert(g->currently_listed);
1347 tt_i64_op(g->unlisted_since_date, OP_EQ, 0);
1348 }
1349 }
1350
1351 done:
1352 teardown_capture_of_logs();
1353 guard_selection_free(gs);
1354 UNMOCK(randomize_time);
1355 }
1356
1357 static void
test_entry_guard_update_from_consensus_remove(void * arg)1358 test_entry_guard_update_from_consensus_remove(void *arg)
1359 {
1360 /* Now let's check the logic responsible for removing guards from the
1361 * sample entirely. */
1362
1363 (void)arg;
1364 //int i;
1365 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1366 smartlist_t *keep_ids = smartlist_new();
1367 smartlist_t *remove_ids = smartlist_new();
1368
1369 /* Don't randomly backdate stuff; it will make correctness harder to check.*/
1370 MOCK(randomize_time, mock_randomize_time_no_randomization);
1371
1372 /* First, sample some guards. */
1373 entry_guards_expand_sample(gs);
1374 int n_sampled_pre = smartlist_len(gs->sampled_entry_guards);
1375 int n_filtered_pre = num_reachable_filtered_guards(gs, NULL);
1376 tt_i64_op(n_sampled_pre, OP_EQ, n_filtered_pre);
1377 tt_i64_op(n_sampled_pre, OP_GT, 10);
1378
1379 const time_t one_day_ago = approx_time() - 1*24*60*60;
1380 const time_t one_year_ago = approx_time() - 365*24*60*60;
1381 const time_t two_years_ago = approx_time() - 2*365*24*60*60;
1382 /* 0: unlisted for a day. (keep this) */
1383 {
1384 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 0);
1385 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1386 tt_assert(n);
1387 n->is_possible_guard = 0;
1388 g->currently_listed = 0;
1389 g->unlisted_since_date = one_day_ago;
1390 smartlist_add(keep_ids, tor_memdup(g->identity, 20));
1391 }
1392 /* 1: unlisted for a year. (remove this) */
1393 {
1394 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 1);
1395 node_t *n = (node_t*) bfn_mock_node_get_by_id(g->identity);
1396 tt_assert(n);
1397 n->is_possible_guard = 0;
1398 g->currently_listed = 0;
1399 g->unlisted_since_date = one_year_ago;
1400 smartlist_add(remove_ids, tor_memdup(g->identity, 20));
1401 }
1402 /* 2: added a day ago, never confirmed. (keep this) */
1403 {
1404 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 2);
1405 g->sampled_on_date = one_day_ago;
1406 smartlist_add(keep_ids, tor_memdup(g->identity, 20));
1407 }
1408 /* 3: added a year ago, never confirmed. (remove this) */
1409 {
1410 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 3);
1411 g->sampled_on_date = one_year_ago;
1412 smartlist_add(remove_ids, tor_memdup(g->identity, 20));
1413 }
1414 /* 4: added two year ago, confirmed yesterday, primary. (keep this.) */
1415 {
1416 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 4);
1417 g->sampled_on_date = one_year_ago;
1418 g->confirmed_on_date = one_day_ago;
1419 g->confirmed_idx = 0;
1420 g->is_primary = 1;
1421 smartlist_add(gs->confirmed_entry_guards, g);
1422 smartlist_add(gs->primary_entry_guards, g);
1423 smartlist_add(keep_ids, tor_memdup(g->identity, 20));
1424 }
1425 /* 5: added two years ago, confirmed a year ago, primary. (remove this) */
1426 {
1427 entry_guard_t *g = smartlist_get(gs->sampled_entry_guards, 5);
1428 g->sampled_on_date = two_years_ago;
1429 g->confirmed_on_date = one_year_ago;
1430 g->confirmed_idx = 1;
1431 g->is_primary = 1;
1432 smartlist_add(gs->confirmed_entry_guards, g);
1433 smartlist_add(gs->primary_entry_guards, g);
1434 smartlist_add(remove_ids, tor_memdup(g->identity, 20));
1435 }
1436
1437 sampled_guards_update_from_consensus(gs);
1438
1439 /* Did we remove the right ones? */
1440 SMARTLIST_FOREACH(keep_ids, uint8_t *, id, {
1441 tt_assert(get_sampled_guard_with_id(gs, id) != NULL);
1442 });
1443 SMARTLIST_FOREACH(remove_ids, uint8_t *, id, {
1444 tt_want(get_sampled_guard_with_id(gs, id) == NULL);
1445 });
1446
1447 /* Did we remove the right number? */
1448 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_sampled_pre - 3);
1449
1450 done:
1451 guard_selection_free(gs);
1452 UNMOCK(randomize_time);
1453 SMARTLIST_FOREACH(keep_ids, char *, cp, tor_free(cp));
1454 SMARTLIST_FOREACH(remove_ids, char *, cp, tor_free(cp));
1455 smartlist_free(keep_ids);
1456 smartlist_free(remove_ids);
1457 }
1458
1459 static void
test_entry_guard_confirming_guards(void * arg)1460 test_entry_guard_confirming_guards(void *arg)
1461 {
1462 (void)arg;
1463 /* Now let's check the logic responsible for manipulating the list
1464 * of confirmed guards */
1465 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1466 MOCK(randomize_time, mock_randomize_time_no_randomization);
1467
1468 /* Create the sample. */
1469 entry_guards_expand_sample(gs);
1470
1471 /* Confirm a few guards. */
1472 time_t start = approx_time();
1473 entry_guard_t *g1 = smartlist_get(gs->sampled_entry_guards, 0);
1474 entry_guard_t *g2 = smartlist_get(gs->sampled_entry_guards, 1);
1475 entry_guard_t *g3 = smartlist_get(gs->sampled_entry_guards, 8);
1476 make_guard_confirmed(gs, g2);
1477 update_approx_time(start + 10);
1478 make_guard_confirmed(gs, g1);
1479 make_guard_confirmed(gs, g3);
1480
1481 /* Were the correct dates and indices fed in? */
1482 tt_int_op(g1->confirmed_idx, OP_EQ, 1);
1483 tt_int_op(g2->confirmed_idx, OP_EQ, 0);
1484 tt_int_op(g3->confirmed_idx, OP_EQ, 2);
1485 tt_i64_op(g1->confirmed_on_date, OP_EQ, start+10);
1486 tt_i64_op(g2->confirmed_on_date, OP_EQ, start);
1487 tt_i64_op(g3->confirmed_on_date, OP_EQ, start+10);
1488 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1);
1489 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2);
1490 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3);
1491
1492 /* Now make sure we can regenerate the confirmed_entry_guards list. */
1493 smartlist_clear(gs->confirmed_entry_guards);
1494 g2->confirmed_idx = 0;
1495 g1->confirmed_idx = 10;
1496 g3->confirmed_idx = 100;
1497 entry_guards_update_confirmed(gs);
1498 tt_int_op(g1->confirmed_idx, OP_EQ, 1);
1499 tt_int_op(g2->confirmed_idx, OP_EQ, 0);
1500 tt_int_op(g3->confirmed_idx, OP_EQ, 2);
1501 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 0), OP_EQ, g1);
1502 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 1), OP_EQ, g2);
1503 tt_ptr_op(smartlist_get(gs->confirmed_entry_guards, 2), OP_EQ, g3);
1504
1505 /* Now make sure we can regenerate the confirmed_entry_guards list if
1506 * the indices are messed up. */
1507 g1->confirmed_idx = g2->confirmed_idx = g3->confirmed_idx = 999;
1508 smartlist_clear(gs->confirmed_entry_guards);
1509 entry_guards_update_confirmed(gs);
1510 tt_int_op(g1->confirmed_idx, OP_GE, 0);
1511 tt_int_op(g2->confirmed_idx, OP_GE, 0);
1512 tt_int_op(g3->confirmed_idx, OP_GE, 0);
1513 tt_int_op(g1->confirmed_idx, OP_LE, 2);
1514 tt_int_op(g2->confirmed_idx, OP_LE, 2);
1515 tt_int_op(g3->confirmed_idx, OP_LE, 2);
1516 g1 = smartlist_get(gs->confirmed_entry_guards, 0);
1517 g2 = smartlist_get(gs->confirmed_entry_guards, 1);
1518 g3 = smartlist_get(gs->confirmed_entry_guards, 2);
1519 tt_int_op(g1->sampled_idx, OP_EQ, 0);
1520 tt_int_op(g2->sampled_idx, OP_EQ, 1);
1521 tt_int_op(g3->sampled_idx, OP_EQ, 8);
1522 tt_assert(g1 != g2);
1523 tt_assert(g1 != g3);
1524 tt_assert(g2 != g3);
1525
1526 done:
1527 UNMOCK(randomize_time);
1528 guard_selection_free(gs);
1529 }
1530
1531 static void
test_entry_guard_sample_reachable_filtered(void * arg)1532 test_entry_guard_sample_reachable_filtered(void *arg)
1533 {
1534 (void)arg;
1535 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1536 entry_guards_expand_sample(gs);
1537
1538 /* We've got a sampled list now; let's make one non-usable-filtered; some
1539 * confirmed, some primary, some pending.
1540 */
1541 int n_guards = smartlist_len(gs->sampled_entry_guards);
1542 tt_int_op(n_guards, OP_GT, 10);
1543 entry_guard_t *g;
1544 g = smartlist_get(gs->sampled_entry_guards, 0);
1545 g->is_pending = 1;
1546 g = smartlist_get(gs->sampled_entry_guards, 1);
1547 make_guard_confirmed(gs, g);
1548 g = smartlist_get(gs->sampled_entry_guards, 2);
1549 g->is_primary = 1;
1550 g = smartlist_get(gs->sampled_entry_guards, 3);
1551 g->pb.path_bias_disabled = 1;
1552
1553 entry_guards_update_filtered_sets(gs);
1554 gs->primary_guards_up_to_date = 1;
1555 tt_int_op(num_reachable_filtered_guards(gs, NULL), OP_EQ, n_guards - 1);
1556 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards);
1557
1558 // +1 since the one we made disabled will make another one get added.
1559 ++n_guards;
1560
1561 /* Try a bunch of selections. */
1562 const struct {
1563 int flag; int idx;
1564 } tests[] = {
1565 { 0, -1 },
1566 { SAMPLE_EXCLUDE_CONFIRMED, 1 },
1567 { SAMPLE_EXCLUDE_PRIMARY|SAMPLE_NO_UPDATE_PRIMARY, 2 },
1568 { SAMPLE_EXCLUDE_PENDING, 0 },
1569 { -1, -1},
1570 };
1571 int j;
1572 for (j = 0; tests[j].flag >= 0; ++j) {
1573 const int excluded_flags = tests[j].flag;
1574 const int excluded_idx = tests[j].idx;
1575 g = first_reachable_filtered_entry_guard(gs, NULL, excluded_flags);
1576 tor_assert(g);
1577 int pos = smartlist_pos(gs->sampled_entry_guards, g);
1578 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, n_guards);
1579 const int should_be_set = (pos != excluded_idx &&
1580 pos != 3); // filtered out.
1581 tt_int_op(1, OP_EQ, should_be_set);
1582 }
1583
1584 done:
1585 guard_selection_free(gs);
1586 }
1587
1588 static void
test_entry_guard_sample_reachable_filtered_empty(void * arg)1589 test_entry_guard_sample_reachable_filtered_empty(void *arg)
1590 {
1591 (void)arg;
1592 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1593 /* What if we try to sample from a set of 0? */
1594 SMARTLIST_FOREACH(big_fake_net_nodes, node_t *, n,
1595 n->is_possible_guard = 0);
1596
1597 entry_guard_t *g = first_reachable_filtered_entry_guard(gs, NULL, 0);
1598 tt_ptr_op(g, OP_EQ, NULL);
1599
1600 done:
1601 guard_selection_free(gs);
1602 }
1603
1604 static void
test_entry_guard_retry_unreachable(void * arg)1605 test_entry_guard_retry_unreachable(void *arg)
1606 {
1607 (void)arg;
1608 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1609
1610 entry_guards_expand_sample(gs);
1611 /* Let's say that we have two guards, and they're down.
1612 */
1613 time_t start = approx_time();
1614 entry_guard_t *g1 = smartlist_get(gs->sampled_entry_guards, 0);
1615 entry_guard_t *g2 = smartlist_get(gs->sampled_entry_guards, 1);
1616 entry_guard_t *g3 = smartlist_get(gs->sampled_entry_guards, 2);
1617 g1->is_reachable = GUARD_REACHABLE_NO;
1618 g2->is_reachable = GUARD_REACHABLE_NO;
1619 g1->is_primary = 1;
1620 g1->failing_since = g2->failing_since = start;
1621 g1->last_tried_to_connect = g2->last_tried_to_connect = start;
1622
1623 /* Wait 5 minutes. Nothing will get retried. */
1624 update_approx_time(start + 5 * 60);
1625 entry_guard_consider_retry(g1);
1626 entry_guard_consider_retry(g2);
1627 entry_guard_consider_retry(g3); // just to make sure this doesn't crash.
1628 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
1629 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
1630 tt_int_op(g3->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1631
1632 /* After 30 min, the primary one gets retried */
1633 update_approx_time(start + 35 * 60);
1634 entry_guard_consider_retry(g1);
1635 entry_guard_consider_retry(g2);
1636 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1637 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
1638
1639 g1->is_reachable = GUARD_REACHABLE_NO;
1640 g1->last_tried_to_connect = start + 55*60;
1641
1642 /* After 1 hour, we'll retry the nonprimary one. */
1643 update_approx_time(start + 61 * 60);
1644 entry_guard_consider_retry(g1);
1645 entry_guard_consider_retry(g2);
1646 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
1647 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1648
1649 g2->is_reachable = GUARD_REACHABLE_NO;
1650 g2->last_tried_to_connect = start + 61*60;
1651
1652 /* And then the primary one again. */
1653 update_approx_time(start + 66 * 60);
1654 entry_guard_consider_retry(g1);
1655 entry_guard_consider_retry(g2);
1656 tt_int_op(g1->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1657 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
1658
1659 done:
1660 guard_selection_free(gs);
1661 }
1662
1663 static void
test_entry_guard_manage_primary(void * arg)1664 test_entry_guard_manage_primary(void *arg)
1665 {
1666 (void)arg;
1667 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1668 smartlist_t *prev_guards = smartlist_new();
1669
1670 /* If no guards are confirmed, we should pick a few reachable guards and
1671 * call them all primary. But not confirmed.*/
1672 entry_guards_update_primary(gs);
1673 int n_primary = smartlist_len(gs->primary_entry_guards);
1674 tt_int_op(n_primary, OP_GE, 1);
1675 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, {
1676 tt_assert(g->is_primary);
1677 tt_assert(g->confirmed_idx == -1);
1678 });
1679
1680 /* Calling it a second time should leave the guards unchanged. */
1681 smartlist_add_all(prev_guards, gs->primary_entry_guards);
1682 entry_guards_update_primary(gs);
1683 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary);
1684 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, {
1685 tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx));
1686 });
1687
1688 /**
1689 * If we have one confirmed guard, that guards becomes the first primary
1690 * only if its sampled_idx is smaller
1691 * */
1692
1693 /* find a non-primary guard... it should have a sampled_idx higher than
1694 * existing primary guards */
1695 entry_guard_t *confirmed = NULL;
1696 SMARTLIST_FOREACH(gs->sampled_entry_guards, entry_guard_t *, g, {
1697 if (! g->is_primary) {
1698 confirmed = g;
1699 break;
1700 }
1701 });
1702 tt_assert(confirmed);
1703 /* make it confirmed. */
1704 make_guard_confirmed(gs, confirmed);
1705 /* update the list... */
1706 smartlist_clear(prev_guards);
1707 smartlist_add_all(prev_guards, gs->primary_entry_guards);
1708 entry_guards_update_primary(gs);
1709
1710 /* the confirmed guard should be at the end of the primary list! Hopefully,
1711 * one of the primary guards with a lower sampled_idx will confirm soon :)
1712 * Doing this won't make the client switches between primaries depending on
1713 * the order of confirming events */
1714 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary);
1715 tt_ptr_op(smartlist_get(gs->primary_entry_guards,
1716 smartlist_len(gs->primary_entry_guards)-1), OP_EQ, confirmed);
1717 {
1718 entry_guard_t *prev_last_guard = smartlist_get(prev_guards, n_primary-1);
1719 tt_assert(! prev_last_guard->is_primary);
1720 }
1721
1722 /* Calling it a fourth time should leave the guards unchanged. */
1723 smartlist_clear(prev_guards);
1724 smartlist_add_all(prev_guards, gs->primary_entry_guards);
1725 entry_guards_update_primary(gs);
1726 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, n_primary);
1727 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, g, {
1728 tt_ptr_op(g, OP_EQ, smartlist_get(prev_guards, g_sl_idx));
1729 });
1730
1731 /* Do some dirinfo checks */
1732 {
1733 /* Check that we have all required dirinfo for the primaries (that's done
1734 * in big_fake_network_setup()) */
1735 char *dir_info_str =
1736 guard_selection_get_err_str_if_dir_info_missing(gs, 0, 0, 0);
1737 tt_assert(!dir_info_str);
1738
1739 /* Now artificially remove the first primary's descriptor and re-check */
1740 entry_guard_t *first_primary;
1741 first_primary = smartlist_get(gs->primary_entry_guards, 0);
1742 /* Change the first primary's identity digest so that the mocked functions
1743 * can't find its descriptor */
1744 memset(first_primary->identity, 9, sizeof(first_primary->identity));
1745 dir_info_str =guard_selection_get_err_str_if_dir_info_missing(gs, 1, 2, 3);
1746 tt_str_op(dir_info_str, OP_EQ,
1747 "We're missing descriptors for 1/2 of our primary entry guards "
1748 "(total microdescriptors: 2/3). That's ok. We will try to fetch "
1749 "missing descriptors soon.");
1750 tor_free(dir_info_str);
1751 }
1752
1753 done:
1754 guard_selection_free(gs);
1755 smartlist_free(prev_guards);
1756 }
1757
1758 static void
test_entry_guard_guard_preferred(void * arg)1759 test_entry_guard_guard_preferred(void *arg)
1760 {
1761 (void) arg;
1762 entry_guard_t *g1 = tor_malloc_zero(sizeof(entry_guard_t));
1763 entry_guard_t *g2 = tor_malloc_zero(sizeof(entry_guard_t));
1764
1765 g1->confirmed_idx = g2->confirmed_idx = -1;
1766 g1->last_tried_to_connect = approx_time();
1767 g2->last_tried_to_connect = approx_time();
1768
1769 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g1));
1770
1771 /* Neither is pending; priorities equal. */
1772 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1773 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1774
1775 /* If one is pending, the pending one has higher priority */
1776 g1->is_pending = 1;
1777 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1778 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1779
1780 /* If both are pending, and last_tried_to_connect is equal:
1781 priorities equal */
1782 g2->is_pending = 1;
1783 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1784 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1785
1786 /* One had a connection that startied earlier: it has higher priority. */
1787 g2->last_tried_to_connect -= 10;
1788 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1789 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1790
1791 /* Now, say that g1 is confirmed. It will get higher priority. */
1792 g1->confirmed_idx = 5;
1793 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1794 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1795
1796 /* But if g2 was confirmed first, it will get priority */
1797 g2->confirmed_idx = 2;
1798 tt_int_op(1, OP_EQ, entry_guard_has_higher_priority(g2, g1));
1799 tt_int_op(0, OP_EQ, entry_guard_has_higher_priority(g1, g2));
1800
1801 done:
1802 tor_free(g1);
1803 tor_free(g2);
1804 }
1805
1806 static void
test_entry_guard_correct_cascading_order(void * arg)1807 test_entry_guard_correct_cascading_order(void *arg)
1808 {
1809 (void)arg;
1810 smartlist_t *old_primary_guards = smartlist_new();
1811 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1812 entry_guards_expand_sample(gs);
1813 /** First, a test in which the primary guards need be pulled from different
1814 * lists to fill up the primary list -- this may happen, if for example, not
1815 * enough guards have confirmed yet */
1816 entry_guard_t *g;
1817 /** just one confirmed */
1818 g = smartlist_get(gs->sampled_entry_guards, 2);
1819 make_guard_confirmed(gs, g);
1820 entry_guards_update_primary(gs);
1821 g = smartlist_get(gs->primary_entry_guards, 0);
1822 tt_int_op(g->sampled_idx, OP_EQ, 0);
1823 g = smartlist_get(gs->primary_entry_guards, 1);
1824 tt_int_op(g->sampled_idx, OP_EQ, 1);
1825 g = smartlist_get(gs->primary_entry_guards, 2);
1826 tt_int_op(g->sampled_idx, OP_EQ, 2);
1827
1828 /** Now the primaries get all confirmed, and the primary list should not
1829 * change */
1830 make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 0));
1831 make_guard_confirmed(gs, smartlist_get(gs->primary_entry_guards, 1));
1832 smartlist_add_all(old_primary_guards, gs->primary_entry_guards);
1833 entry_guards_update_primary(gs);
1834 smartlist_ptrs_eq(gs->primary_entry_guards, old_primary_guards);
1835 /** the confirmed guards should also have the same set of guards, in the same
1836 * order :-) */
1837 smartlist_ptrs_eq(gs->confirmed_entry_guards, gs->primary_entry_guards);
1838 /** Now select a guard for a circuit, and make sure it is the first primary
1839 * guard */
1840 unsigned state = 9999;
1841 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1842 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0));
1843 /** Now, let's mark this guard as unreachable and let's update the lists */
1844 g->is_reachable = GUARD_REACHABLE_NO;
1845 g->failing_since = approx_time() - 10;
1846 g->last_tried_to_connect = approx_time() - 10;
1847 state = 9999;
1848 entry_guards_update_primary(gs);
1849 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1850 /** we should have switched to the next one is sampled order */
1851 tt_int_op(g->sampled_idx, OP_EQ, 1);
1852 done:
1853 smartlist_free(old_primary_guards);
1854 guard_selection_free(gs);
1855 }
1856
1857 static void
test_entry_guard_select_for_circuit_no_confirmed(void * arg)1858 test_entry_guard_select_for_circuit_no_confirmed(void *arg)
1859 {
1860 /* Simpler cases: no gaurds are confirmed yet. */
1861 (void)arg;
1862 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1863 entry_guard_restriction_t *rst = NULL;
1864
1865 /* simple starting configuration */
1866 entry_guards_update_primary(gs);
1867 unsigned state = 9999;
1868
1869 entry_guard_t *g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC,
1870 NULL, &state);
1871
1872 tt_assert(g);
1873 tt_assert(g->is_primary);
1874 tt_int_op(g->confirmed_idx, OP_EQ, -1);
1875 tt_uint_op(g->is_pending, OP_EQ, 0); // primary implies non-pending.
1876 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
1877 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time());
1878
1879 // If we do that again, we should get the same guard.
1880 entry_guard_t *g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC,
1881 NULL, &state);
1882 tt_ptr_op(g2, OP_EQ, g);
1883
1884 // if we mark that guard down, we should get a different primary guard.
1885 // auto-retry it.
1886 g->is_reachable = GUARD_REACHABLE_NO;
1887 g->failing_since = approx_time() - 10;
1888 g->last_tried_to_connect = approx_time() - 10;
1889 state = 9999;
1890 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1891 tt_ptr_op(g2, OP_NE, g);
1892 tt_assert(g2);
1893 tt_assert(g2->is_primary);
1894 tt_int_op(g2->confirmed_idx, OP_EQ, -1);
1895 tt_uint_op(g2->is_pending, OP_EQ, 0); // primary implies non-pending.
1896 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
1897 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time());
1898
1899 // If we say that the first primary guard was last tried a long time ago, we
1900 // should get an automatic retry on it.
1901 g->failing_since = approx_time() - 72*60*60;
1902 g->last_tried_to_connect = approx_time() - 72*60*60;
1903 state = 9999;
1904 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1905 tt_ptr_op(g2, OP_EQ, g);
1906 tt_assert(g2);
1907 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
1908 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time());
1909 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1910
1911 // And if we mark ALL the primary guards down, we should get another guard
1912 // at random.
1913 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, {
1914 guard->is_reachable = GUARD_REACHABLE_NO;
1915 guard->last_tried_to_connect = approx_time() - 5;
1916 guard->failing_since = approx_time() - 30;
1917 });
1918 state = 9999;
1919 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1920 tt_assert(g2);
1921 tt_assert(!g2->is_primary);
1922 tt_int_op(g2->confirmed_idx, OP_EQ, -1);
1923 tt_uint_op(g2->is_pending, OP_EQ, 1);
1924 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
1925 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time());
1926 tt_int_op(g2->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1927
1928 // As a bonus, maybe we should be retrying the primary guards. Let's say so.
1929 mark_primary_guards_maybe_reachable(gs);
1930 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, {
1931 tt_int_op(guard->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
1932 tt_assert(guard->is_usable_filtered_guard == 1);
1933 // no change to these fields.
1934 tt_i64_op(guard->last_tried_to_connect, OP_EQ, approx_time() - 5);
1935 tt_i64_op(guard->failing_since, OP_EQ, approx_time() - 30);
1936 });
1937
1938 /* Let's try again and we should get the first primary guard again */
1939 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1940 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0));
1941 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1942 tt_ptr_op(g2, OP_EQ, g);
1943
1944 /* But if we impose a restriction, we don't get the same guard */
1945 rst = guard_create_exit_restriction((uint8_t*)g->identity);
1946 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state);
1947 tt_ptr_op(g2, OP_NE, g);
1948
1949 done:
1950 guard_selection_free(gs);
1951 entry_guard_restriction_free(rst);
1952 }
1953
1954 static void
test_entry_guard_select_for_circuit_confirmed(void * arg)1955 test_entry_guard_select_for_circuit_confirmed(void *arg)
1956 {
1957 /* Case 2: if all the primary guards are down, and there are more confirmed
1958 guards, we use a confirmed guard. */
1959 (void)arg;
1960 int i;
1961 entry_guard_restriction_t *rst = NULL;
1962 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
1963 const int N_CONFIRMED = 10;
1964
1965 /* slightly more complicated simple starting configuration */
1966 entry_guards_update_primary(gs);
1967 for (i = 0; i < N_CONFIRMED; ++i) {
1968 entry_guard_t *guard = smartlist_get(gs->sampled_entry_guards, i);
1969 make_guard_confirmed(gs, guard);
1970 }
1971 entry_guards_update_primary(gs); // rebuild the primary list.
1972
1973 unsigned state = 9999;
1974
1975 // As above, this gives us a primary guard.
1976 entry_guard_t *g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC,
1977 NULL, &state);
1978 tt_assert(g);
1979 tt_assert(g->is_primary);
1980 tt_int_op(g->confirmed_idx, OP_EQ, 0);
1981 tt_uint_op(g->is_pending, OP_EQ, 0); // primary implies non-pending.
1982 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
1983 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time());
1984 tt_ptr_op(g, OP_EQ, smartlist_get(gs->primary_entry_guards, 0));
1985
1986 // But if we mark all the primary guards down...
1987 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, {
1988 guard->last_tried_to_connect = approx_time();
1989 entry_guards_note_guard_failure(gs, guard);
1990 });
1991
1992 // ... we should get a confirmed guard.
1993 state = 9999;
1994 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
1995 tt_assert(g);
1996 tt_assert(! g->is_primary);
1997 tt_int_op(g->confirmed_idx, OP_EQ, smartlist_len(gs->primary_entry_guards));
1998 tt_assert(g->is_pending);
1999 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2000 tt_i64_op(g->last_tried_to_connect, OP_EQ, approx_time());
2001
2002 // And if we try again, we should get a different confirmed guard, since
2003 // that one is pending.
2004 state = 9999;
2005 entry_guard_t *g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC,
2006 NULL, &state);
2007 tt_assert(g2);
2008 tt_assert(! g2->is_primary);
2009 tt_ptr_op(g2, OP_NE, g);
2010 tt_int_op(g2->confirmed_idx, OP_EQ,
2011 smartlist_len(gs->primary_entry_guards)+1);
2012 tt_assert(g2->is_pending);
2013 tt_uint_op(state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2014 tt_i64_op(g2->last_tried_to_connect, OP_EQ, approx_time());
2015
2016 // If we say that the next confirmed guard in order is excluded, and
2017 // we disable EnforceDistinctSubnets, we get the guard AFTER the
2018 // one we excluded.
2019 get_options_mutable()->EnforceDistinctSubnets = 0;
2020 g = smartlist_get(gs->confirmed_entry_guards,
2021 smartlist_len(gs->primary_entry_guards)+2);
2022 rst = guard_create_exit_restriction((uint8_t*)g->identity);
2023 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state);
2024 tt_ptr_op(g2, OP_NE, NULL);
2025 tt_ptr_op(g2, OP_NE, g);
2026 tt_int_op(g2->confirmed_idx, OP_EQ,
2027 smartlist_len(gs->primary_entry_guards)+3);
2028
2029 // If we make every confirmed guard become pending then we start poking
2030 // other guards.
2031 const int n_remaining_confirmed =
2032 N_CONFIRMED - 3 - smartlist_len(gs->primary_entry_guards);
2033 for (i = 0; i < n_remaining_confirmed; ++i) {
2034 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
2035 tt_int_op(g->confirmed_idx, OP_GE, 0);
2036 tt_assert(g);
2037 }
2038 state = 9999;
2039 g = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &state);
2040 tt_assert(g);
2041 tt_assert(g->is_pending);
2042 tt_int_op(g->confirmed_idx, OP_EQ, -1);
2043
2044 // If we EnforceDistinctSubnets and apply a restriction, we get
2045 // nothing, since we put all of the nodes in the same /16.
2046 // Regression test for bug 22753/TROVE-2017-006.
2047 get_options_mutable()->EnforceDistinctSubnets = 1;
2048 g = smartlist_get(gs->confirmed_entry_guards, 0);
2049 memcpy(rst->exclude_id, g->identity, DIGEST_LEN);
2050 g2 = select_entry_guard_for_circuit(gs, GUARD_USAGE_TRAFFIC, rst, &state);
2051 tt_ptr_op(g2, OP_EQ, NULL);
2052
2053 done:
2054 guard_selection_free(gs);
2055 entry_guard_restriction_free(rst);
2056 }
2057
2058 static void
test_entry_guard_select_for_circuit_highlevel_primary(void * arg)2059 test_entry_guard_select_for_circuit_highlevel_primary(void *arg)
2060 {
2061 /* Play around with selecting primary guards for circuits and markign
2062 * them up and down */
2063 (void)arg;
2064 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
2065
2066 time_t start = approx_time();
2067
2068 const node_t *node = NULL;
2069 circuit_guard_state_t *guard = NULL;
2070 entry_guard_t *g;
2071 guard_usable_t u;
2072 /*
2073 * Make sure that the pick-for-circuit API basically works. We'll get
2074 * a primary guard, so it'll be usable on completion.
2075 */
2076 int r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2077 &node, &guard);
2078
2079 tt_int_op(r, OP_EQ, 0);
2080 tt_assert(node);
2081 tt_assert(guard);
2082 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2083 g = entry_guard_handle_get(guard->guard);
2084 tt_assert(g);
2085 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN);
2086 tt_int_op(g->is_primary, OP_EQ, 1);
2087 tt_i64_op(g->last_tried_to_connect, OP_EQ, start);
2088 tt_int_op(g->confirmed_idx, OP_EQ, -1);
2089
2090 /* Call that circuit successful. */
2091 update_approx_time(start+15);
2092 u = entry_guard_succeeded(&guard);
2093 tt_int_op(u, OP_EQ, GUARD_USABLE_NOW); /* We can use it now. */
2094 tt_assert(guard);
2095 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2096 g = entry_guard_handle_get(guard->guard);
2097 tt_assert(g);
2098 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_YES);
2099 tt_int_op(g->confirmed_idx, OP_EQ, 0);
2100
2101 circuit_guard_state_free(guard);
2102 guard = NULL;
2103 node = NULL;
2104 g = NULL;
2105
2106 /* Try again. We'll also get a primary guard this time. (The same one,
2107 in fact.) But this time, we'll say the connection has failed. */
2108 update_approx_time(start+35);
2109 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2110 &node, &guard);
2111 tt_int_op(r, OP_EQ, 0);
2112 tt_assert(node);
2113 tt_assert(guard);
2114 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2115 tt_i64_op(guard->state_set_at, OP_EQ, start+35);
2116 g = entry_guard_handle_get(guard->guard);
2117 tt_assert(g);
2118 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN);
2119 tt_int_op(g->is_primary, OP_EQ, 1);
2120 tt_i64_op(g->last_tried_to_connect, OP_EQ, start+35);
2121 tt_int_op(g->confirmed_idx, OP_EQ, 0); // same one.
2122
2123 /* It's failed! What will happen to our poor guard? */
2124 update_approx_time(start+45);
2125 entry_guard_failed(&guard);
2126 tt_assert(guard);
2127 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_DEAD);
2128 tt_i64_op(guard->state_set_at, OP_EQ, start+45);
2129 g = entry_guard_handle_get(guard->guard);
2130 tt_assert(g);
2131 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
2132 tt_i64_op(g->failing_since, OP_EQ, start+45);
2133 tt_int_op(g->confirmed_idx, OP_EQ, 0); // still confirmed.
2134
2135 circuit_guard_state_free(guard);
2136 guard = NULL;
2137 node = NULL;
2138 entry_guard_t *g_prev = g;
2139 g = NULL;
2140
2141 /* Now try a third time. Since the other one is down, we'll get a different
2142 * (still primary) guard.
2143 */
2144 update_approx_time(start+60);
2145 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2146 &node, &guard);
2147 tt_int_op(r, OP_EQ, 0);
2148 tt_assert(node);
2149 tt_assert(guard);
2150 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2151 g = entry_guard_handle_get(guard->guard);
2152 tt_assert(g);
2153 tt_ptr_op(g, OP_NE, g_prev);
2154 tt_mem_op(g->identity, OP_EQ, node->identity, DIGEST_LEN);
2155 tt_mem_op(g->identity, OP_NE, g_prev->identity, DIGEST_LEN);
2156 tt_int_op(g->is_primary, OP_EQ, 1);
2157 tt_i64_op(g->last_tried_to_connect, OP_EQ, start+60);
2158 tt_int_op(g->confirmed_idx, OP_EQ, -1); // not confirmed now.
2159
2160 /* Call this one up; watch it get confirmed. */
2161 update_approx_time(start+90);
2162 u = entry_guard_succeeded(&guard);
2163 tt_int_op(u, OP_EQ, GUARD_USABLE_NOW);
2164 tt_assert(guard);
2165 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2166 g = entry_guard_handle_get(guard->guard);
2167 tt_assert(g);
2168 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_YES);
2169 tt_int_op(g->confirmed_idx, OP_EQ, 1);
2170
2171 done:
2172 guard_selection_free(gs);
2173 circuit_guard_state_free(guard);
2174 }
2175
2176 static void
test_entry_guard_select_for_circuit_highlevel_confirm_other(void * arg)2177 test_entry_guard_select_for_circuit_highlevel_confirm_other(void *arg)
2178 {
2179 (void) arg;
2180 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS;
2181
2182 /* At the start, we have no confirmed guards. We'll mark the primary guards
2183 * down, then confirm something else. As soon as we do, it should become
2184 * primary, and we should get it next time. */
2185
2186 time_t start = approx_time();
2187 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
2188 circuit_guard_state_t *guard = NULL;
2189 int i, r;
2190 const node_t *node = NULL;
2191 guard_usable_t u;
2192
2193 /* Declare that we're on the internet. */
2194 entry_guards_note_internet_connectivity(gs);
2195
2196 /* Primary guards are down! */
2197 for (i = 0; i < N_PRIMARY; ++i) {
2198 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2199 &node, &guard);
2200 tt_assert(node);
2201 tt_assert(guard);
2202 tt_int_op(r, OP_EQ, 0);
2203 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2204 entry_guard_failed(&guard);
2205 circuit_guard_state_free(guard);
2206 guard = NULL;
2207 node = NULL;
2208 }
2209
2210 /* Next guard should be non-primary. */
2211 node = NULL;
2212 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2213 &node, &guard);
2214 tt_assert(node);
2215 tt_assert(guard);
2216 tt_int_op(r, OP_EQ, 0);
2217 entry_guard_t *g = entry_guard_handle_get(guard->guard);
2218 tt_assert(g);
2219 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2220 tt_int_op(g->confirmed_idx, OP_EQ, -1);
2221 tt_int_op(g->is_primary, OP_EQ, 0);
2222 tt_int_op(g->is_pending, OP_EQ, 1);
2223 (void)start;
2224
2225 u = entry_guard_succeeded(&guard);
2226 /* We're on the internet (by fiat), so this guard will get called "confirmed"
2227 * and should immediately become primary.
2228 */
2229 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2230 tt_assert(u == GUARD_USABLE_NOW);
2231 tt_int_op(g->confirmed_idx, OP_EQ, 0);
2232 tt_int_op(g->is_primary, OP_EQ, 1);
2233 tt_int_op(g->is_pending, OP_EQ, 0);
2234
2235 done:
2236 guard_selection_free(gs);
2237 circuit_guard_state_free(guard);
2238 }
2239
2240 static void
test_entry_guard_select_for_circuit_highlevel_primary_retry(void * arg)2241 test_entry_guard_select_for_circuit_highlevel_primary_retry(void *arg)
2242 {
2243 (void) arg;
2244 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS;
2245
2246 /* At the start, we have no confirmed guards. We'll mark the primary guards
2247 * down, then confirm something else. As soon as we do, it should become
2248 * primary, and we should get it next time. */
2249
2250 time_t start = approx_time();
2251 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
2252 circuit_guard_state_t *guard = NULL, *guard2 = NULL;
2253 int i, r;
2254 const node_t *node = NULL;
2255 entry_guard_t *g;
2256 guard_usable_t u;
2257
2258 /* Declare that we're on the internet. */
2259 entry_guards_note_internet_connectivity(gs);
2260
2261 /* Make primary guards confirmed (so they won't be superseded by a later
2262 * guard), then mark them down. */
2263 for (i = 0; i < N_PRIMARY; ++i) {
2264 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2265 &node, &guard);
2266 tt_assert(node);
2267 tt_assert(guard);
2268 tt_int_op(r, OP_EQ, 0);
2269 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2270 g = entry_guard_handle_get(guard->guard);
2271 make_guard_confirmed(gs, g);
2272 tt_int_op(g->is_primary, OP_EQ, 1);
2273 entry_guard_failed(&guard);
2274 circuit_guard_state_free(guard);
2275 tt_int_op(g->is_reachable, OP_EQ, GUARD_REACHABLE_NO);
2276 guard = NULL;
2277 node = NULL;
2278 }
2279
2280 /* Get another guard that we might try. */
2281 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2282 &node, &guard);
2283 tt_assert(node);
2284 tt_assert(guard);
2285 tt_int_op(r, OP_EQ, 0);
2286 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2287 g = entry_guard_handle_get(guard->guard);
2288 tt_int_op(g->is_primary, OP_EQ, 0);
2289
2290 tt_assert(entry_guards_all_primary_guards_are_down(gs));
2291
2292 /* And an hour has passed ... */
2293 update_approx_time(start + 3600);
2294
2295 /* Say that guard has succeeded! */
2296 u = entry_guard_succeeded(&guard);
2297 tt_int_op(u, OP_EQ, GUARD_MAYBE_USABLE_LATER);
2298 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD);
2299 g = entry_guard_handle_get(guard->guard);
2300
2301 /* The primary guards should have been marked up! */
2302 SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, pg, {
2303 tt_int_op(pg->is_primary, OP_EQ, 1);
2304 tt_ptr_op(g, OP_NE, pg);
2305 tt_int_op(pg->is_reachable, OP_EQ, GUARD_REACHABLE_MAYBE);
2306 });
2307
2308 /* Have a circuit to a primary guard succeed. */
2309 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2310 &node, &guard2);
2311 tt_int_op(r, OP_EQ, 0);
2312 tt_int_op(guard2->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2313 u = entry_guard_succeeded(&guard2);
2314 tt_assert(u == GUARD_USABLE_NOW);
2315 tt_int_op(guard2->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2316
2317 tt_assert(! entry_guards_all_primary_guards_are_down(gs));
2318
2319 done:
2320 guard_selection_free(gs);
2321 circuit_guard_state_free(guard);
2322 circuit_guard_state_free(guard2);
2323 }
2324
2325 static void
test_entry_guard_select_and_cancel(void * arg)2326 test_entry_guard_select_and_cancel(void *arg)
2327 {
2328 (void) arg;
2329 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS;
2330 int i,r;
2331 const node_t *node = NULL;
2332 circuit_guard_state_t *guard;
2333 guard_selection_t *gs = guard_selection_new("default", GS_TYPE_NORMAL);
2334 entry_guard_t *g;
2335
2336 /* Once more, we mark all the primary guards down. */
2337 entry_guards_note_internet_connectivity(gs);
2338 for (i = 0; i < N_PRIMARY; ++i) {
2339 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2340 &node, &guard);
2341 tt_int_op(r, OP_EQ, 0);
2342 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_ON_COMPLETION);
2343 g = entry_guard_handle_get(guard->guard);
2344 tt_int_op(g->is_primary, OP_EQ, 1);
2345 tt_int_op(g->is_pending, OP_EQ, 0);
2346 make_guard_confirmed(gs, g);
2347 entry_guard_failed(&guard);
2348 circuit_guard_state_free(guard);
2349 guard = NULL;
2350 node = NULL;
2351 }
2352
2353 tt_assert(entry_guards_all_primary_guards_are_down(gs));
2354
2355 /* Now get another guard we could try... */
2356 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2357 &node, &guard);
2358 tt_assert(node);
2359 tt_assert(guard);
2360 tt_int_op(r, OP_EQ, 0);
2361 tt_int_op(guard->state, OP_EQ, GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2362 g = entry_guard_handle_get(guard->guard);
2363 tt_int_op(g->is_primary, OP_EQ, 0);
2364 tt_int_op(g->is_pending, OP_EQ, 1);
2365
2366 /* Whoops! We should never have asked for this guard. Cancel the request! */
2367 entry_guard_cancel(&guard);
2368 tt_ptr_op(guard, OP_EQ, NULL);
2369 tt_int_op(g->is_primary, OP_EQ, 0);
2370 tt_int_op(g->is_pending, OP_EQ, 0);
2371
2372 done:
2373 guard_selection_free(gs);
2374 circuit_guard_state_free(guard);
2375 }
2376
2377 static void
test_entry_guard_drop_guards(void * arg)2378 test_entry_guard_drop_guards(void *arg)
2379 {
2380 (void) arg;
2381 int r;
2382 const node_t *node = NULL;
2383 circuit_guard_state_t *guard;
2384 guard_selection_t *gs = get_guard_selection_info();
2385
2386 // Pick a guard, to get things set up.
2387 r = entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2388 &node, &guard);
2389 tt_int_op(r, OP_EQ, 0);
2390 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_GE,
2391 DFLT_MIN_FILTERED_SAMPLE_SIZE);
2392 tt_ptr_op(gs, OP_EQ, get_guard_selection_info());
2393
2394 // Drop all the guards! (This is a bad idea....)
2395 remove_all_entry_guards_for_guard_selection(gs);
2396 gs = get_guard_selection_info();
2397 tt_int_op(smartlist_len(gs->sampled_entry_guards), OP_EQ, 0);
2398 tt_int_op(smartlist_len(gs->primary_entry_guards), OP_EQ, 0);
2399 tt_int_op(smartlist_len(gs->confirmed_entry_guards), OP_EQ, 0);
2400
2401 done:
2402 circuit_guard_state_free(guard);
2403 guard_selection_free(gs);
2404 }
2405
2406 /* Unit test setup function: Create a fake network, and set everything up
2407 * for testing the upgrade-a-waiting-circuit code. */
2408 typedef struct {
2409 guard_selection_t *gs;
2410 time_t start;
2411 circuit_guard_state_t *guard1_state;
2412 circuit_guard_state_t *guard2_state;
2413 entry_guard_t *guard1;
2414 entry_guard_t *guard2;
2415 origin_circuit_t *circ1;
2416 origin_circuit_t *circ2;
2417 smartlist_t *all_origin_circuits;
2418 } upgrade_circuits_data_t;
2419 static void *
upgrade_circuits_setup(const struct testcase_t * testcase)2420 upgrade_circuits_setup(const struct testcase_t *testcase)
2421 {
2422 upgrade_circuits_data_t *data = tor_malloc_zero(sizeof(*data));
2423 guard_selection_t *gs = data->gs =
2424 guard_selection_new("default", GS_TYPE_NORMAL);
2425 circuit_guard_state_t *guard;
2426 const node_t *node;
2427 entry_guard_t *g;
2428 int i;
2429 const int N_PRIMARY = DFLT_N_PRIMARY_GUARDS;
2430 const char *argument = testcase->setup_data;
2431 const int make_circ1_succeed = strstr(argument, "c1-done") != NULL;
2432 const int make_circ2_succeed = strstr(argument, "c2-done") != NULL;
2433
2434 big_fake_network_setup(testcase);
2435
2436 /* We're going to set things up in a state where a circuit will be ready to
2437 * be upgraded. Each test can make a single change (or not) that should
2438 * block the upgrade.
2439 */
2440
2441 /* First, make all the primary guards confirmed, and down. */
2442 data->start = approx_time();
2443 entry_guards_note_internet_connectivity(gs);
2444 for (i = 0; i < N_PRIMARY; ++i) {
2445 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL, &node, &guard);
2446 g = entry_guard_handle_get(guard->guard);
2447 make_guard_confirmed(gs, g);
2448 entry_guard_failed(&guard);
2449 circuit_guard_state_free(guard);
2450 }
2451
2452 /* Grab another couple of guards */
2453 data->all_origin_circuits = smartlist_new();
2454
2455 update_approx_time(data->start + 27);
2456 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2457 &node, &data->guard1_state);
2458 origin_circuit_t *circ;
2459 data->circ1 = circ = origin_circuit_new();
2460 circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL;
2461 circ->guard_state = data->guard1_state;
2462 smartlist_add(data->all_origin_circuits, circ);
2463
2464 update_approx_time(data->start + 30);
2465 entry_guard_pick_for_circuit(gs, GUARD_USAGE_TRAFFIC, NULL,
2466 &node, &data->guard2_state);
2467 data->circ2 = circ = origin_circuit_new();
2468 circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL;
2469 circ->guard_state = data->guard2_state;
2470 smartlist_add(data->all_origin_circuits, circ);
2471
2472 data->guard1 = entry_guard_handle_get(data->guard1_state->guard);
2473 data->guard2 = entry_guard_handle_get(data->guard2_state->guard);
2474 tor_assert(data->guard1 != data->guard2);
2475 tor_assert(data->guard1_state->state ==
2476 GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2477 tor_assert(data->guard2_state->state ==
2478 GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
2479
2480 guard_usable_t r;
2481 update_approx_time(data->start + 32);
2482 if (make_circ1_succeed) {
2483 r = entry_guard_succeeded(&data->guard1_state);
2484 tor_assert(r == GUARD_MAYBE_USABLE_LATER);
2485 tor_assert(data->guard1_state->state ==
2486 GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD);
2487 }
2488 update_approx_time(data->start + 33);
2489 if (make_circ2_succeed) {
2490 r = entry_guard_succeeded(&data->guard2_state);
2491 tor_assert(r == GUARD_MAYBE_USABLE_LATER);
2492 tor_assert(data->guard2_state->state ==
2493 GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD);
2494 }
2495
2496 return data;
2497 }
2498 static int
upgrade_circuits_cleanup(const struct testcase_t * testcase,void * ptr)2499 upgrade_circuits_cleanup(const struct testcase_t *testcase, void *ptr)
2500 {
2501 upgrade_circuits_data_t *data = ptr;
2502 // circuit_guard_state_free(data->guard1_state); // held in circ1
2503 // circuit_guard_state_free(data->guard2_state); // held in circ2
2504 guard_selection_free(data->gs);
2505 smartlist_free(data->all_origin_circuits);
2506 circuit_free_(TO_CIRCUIT(data->circ1));
2507 circuit_free_(TO_CIRCUIT(data->circ2));
2508 tor_free(data);
2509 return big_fake_network_cleanup(testcase, NULL);
2510 }
2511
2512 static void
test_entry_guard_upgrade_a_circuit(void * arg)2513 test_entry_guard_upgrade_a_circuit(void *arg)
2514 {
2515 upgrade_circuits_data_t *data = arg;
2516
2517 /* This is the easy case: we have no COMPLETED circuits, all the
2518 * primary guards are down, we have two WAITING circuits: one will
2519 * get upgraded to COMPLETED! (The one that started first.)
2520 */
2521
2522 smartlist_t *result = smartlist_new();
2523 int r;
2524 r = entry_guards_upgrade_waiting_circuits(data->gs,
2525 data->all_origin_circuits,
2526 result);
2527 tt_int_op(r, OP_EQ, 1);
2528 tt_int_op(smartlist_len(result), OP_EQ, 1);
2529 origin_circuit_t *oc = smartlist_get(result, 0);
2530
2531 /* circ1 was started first, so we'll get told to ugrade it... */
2532 tt_ptr_op(oc, OP_EQ, data->circ1);
2533
2534 /* And the guard state should be complete */
2535 tt_ptr_op(data->guard1_state, OP_NE, NULL);
2536 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2537
2538 done:
2539 smartlist_free(result);
2540 }
2541
2542 static void
test_entry_guard_upgrade_blocked_by_live_primary_guards(void * arg)2543 test_entry_guard_upgrade_blocked_by_live_primary_guards(void *arg)
2544 {
2545 upgrade_circuits_data_t *data = arg;
2546
2547 /* If any primary guards might be up, we can't upgrade any waiting
2548 * circuits.
2549 */
2550 mark_primary_guards_maybe_reachable(data->gs);
2551
2552 smartlist_t *result = smartlist_new();
2553 int r;
2554 setup_capture_of_logs(LOG_DEBUG);
2555 r = entry_guards_upgrade_waiting_circuits(data->gs,
2556 data->all_origin_circuits,
2557 result);
2558 tt_int_op(r, OP_EQ, 0);
2559 tt_int_op(smartlist_len(result), OP_EQ, 0);
2560 expect_log_msg_containing("not all primary guards were definitely down.");
2561
2562 done:
2563 teardown_capture_of_logs();
2564 smartlist_free(result);
2565 }
2566
2567 static void
test_entry_guard_upgrade_blocked_by_lack_of_waiting_circuits(void * arg)2568 test_entry_guard_upgrade_blocked_by_lack_of_waiting_circuits(void *arg)
2569 {
2570 upgrade_circuits_data_t *data = arg;
2571
2572 /* If no circuits are waiting, we can't upgrade anything. (The test
2573 * setup in this case was told not to make any of the circuits "waiting".)
2574 */
2575 smartlist_t *result = smartlist_new();
2576 int r;
2577 setup_capture_of_logs(LOG_DEBUG);
2578 r = entry_guards_upgrade_waiting_circuits(data->gs,
2579 data->all_origin_circuits,
2580 result);
2581 tt_int_op(r, OP_EQ, 0);
2582 tt_int_op(smartlist_len(result), OP_EQ, 0);
2583 expect_log_msg_containing("Considered upgrading guard-stalled circuits, "
2584 "but didn't find any.");
2585
2586 done:
2587 teardown_capture_of_logs();
2588 smartlist_free(result);
2589 }
2590
2591 static void
test_entry_guard_upgrade_blocked_by_better_circ_complete(void * arg)2592 test_entry_guard_upgrade_blocked_by_better_circ_complete(void *arg)
2593 {
2594 upgrade_circuits_data_t *data = arg;
2595
2596 /* We'll run through the logic of upgrade_a_circuit below...
2597 * and then try again to make sure that circ2 isn't also upgraded.
2598 */
2599
2600 smartlist_t *result = smartlist_new();
2601 int r;
2602 r = entry_guards_upgrade_waiting_circuits(data->gs,
2603 data->all_origin_circuits,
2604 result);
2605 tt_int_op(r, OP_EQ, 1);
2606 tt_int_op(smartlist_len(result), OP_EQ, 1);
2607 origin_circuit_t *oc = smartlist_get(result, 0);
2608 tt_ptr_op(oc, OP_EQ, data->circ1);
2609 tt_ptr_op(data->guard1_state, OP_NE, NULL);
2610 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2611
2612 /* Now, try again. Make sure that circ2 isn't upgraded. */
2613 smartlist_clear(result);
2614 setup_capture_of_logs(LOG_DEBUG);
2615 r = entry_guards_upgrade_waiting_circuits(data->gs,
2616 data->all_origin_circuits,
2617 result);
2618 tt_int_op(r, OP_EQ, 0);
2619 tt_int_op(smartlist_len(result), OP_EQ, 0);
2620 expect_log_msg_containing("At least one complete circuit had higher "
2621 "priority, so not upgrading.");
2622
2623 done:
2624 teardown_capture_of_logs();
2625 smartlist_free(result);
2626 }
2627
2628 static void
test_entry_guard_upgrade_not_blocked_by_restricted_circ_complete(void * arg)2629 test_entry_guard_upgrade_not_blocked_by_restricted_circ_complete(void *arg)
2630 {
2631 upgrade_circuits_data_t *data = arg;
2632
2633 /* Once more, let circ1 become complete. But this time, we'll claim
2634 * that circ2 was restricted to not use the same guard as circ1. */
2635 data->guard2_state->restrictions =
2636 guard_create_exit_restriction((uint8_t*)data->guard1->identity);
2637
2638 smartlist_t *result = smartlist_new();
2639 int r;
2640 r = entry_guards_upgrade_waiting_circuits(data->gs,
2641 data->all_origin_circuits,
2642 result);
2643 tt_int_op(r, OP_EQ, 1);
2644 tt_int_op(smartlist_len(result), OP_EQ, 1);
2645 origin_circuit_t *oc = smartlist_get(result, 0);
2646 tt_ptr_op(oc, OP_EQ, data->circ1);
2647 tt_ptr_op(data->guard1_state, OP_NE, NULL);
2648 tt_int_op(data->guard1_state->state, OP_EQ, GUARD_CIRC_STATE_COMPLETE);
2649
2650 /* Now, we try again. Since circ2 has a restriction that circ1 doesn't obey,
2651 * circ2 _is_ eligible for upgrade. */
2652 smartlist_clear(result);
2653 r = entry_guards_upgrade_waiting_circuits(data->gs,
2654 data->all_origin_circuits,
2655 result);
2656 tt_int_op(r, OP_EQ, 1);
2657 tt_int_op(smartlist_len(result), OP_EQ, 1);
2658 origin_circuit_t *oc2 = smartlist_get(result, 0);
2659 tt_ptr_op(oc2, OP_EQ, data->circ2);
2660
2661 done:
2662 smartlist_free(result);
2663 }
2664
2665 static void
test_entry_guard_upgrade_not_blocked_by_worse_circ_complete(void * arg)2666 test_entry_guard_upgrade_not_blocked_by_worse_circ_complete(void *arg)
2667 {
2668 upgrade_circuits_data_t *data = arg;
2669 smartlist_t *result = smartlist_new();
2670 /* here we manually make circ2 COMPLETE, and make sure that circ1
2671 * gets made complete anyway, since guard1 has higher priority
2672 */
2673 update_approx_time(data->start + 300);
2674 data->guard2_state->state = GUARD_CIRC_STATE_COMPLETE;
2675 data->guard2_state->state_set_at = approx_time();
2676 update_approx_time(data->start + 301);
2677
2678 /* Now, try again. Make sure that circ1 is approved. */
2679 int r;
2680 r = entry_guards_upgrade_waiting_circuits(data->gs,
2681 data->all_origin_circuits,
2682 result);
2683 tt_int_op(r, OP_EQ, 1);
2684 tt_int_op(smartlist_len(result), OP_EQ, 1);
2685 origin_circuit_t *oc = smartlist_get(result, 0);
2686 tt_ptr_op(oc, OP_EQ, data->circ1);
2687
2688 done:
2689 smartlist_free(result);
2690 }
2691
2692 static void
test_entry_guard_upgrade_blocked_by_better_circ_pending(void * arg)2693 test_entry_guard_upgrade_blocked_by_better_circ_pending(void *arg)
2694 {
2695 upgrade_circuits_data_t *data = arg;
2696
2697 /* circ2 is done, but circ1 is still pending. Since circ1 is better,
2698 * we won't upgrade circ2. */
2699
2700 /* XXXX Prop271 -- this is a kludge. I'm making sure circ1 _is_ better,
2701 * by messing with the guards' confirmed_idx */
2702 make_guard_confirmed(data->gs, data->guard1);
2703 {
2704 int tmp;
2705 tmp = data->guard1->confirmed_idx;
2706 data->guard1->confirmed_idx = data->guard2->confirmed_idx;
2707 data->guard2->confirmed_idx = tmp;
2708 }
2709
2710 smartlist_t *result = smartlist_new();
2711 setup_capture_of_logs(LOG_DEBUG);
2712 int r;
2713 r = entry_guards_upgrade_waiting_circuits(data->gs,
2714 data->all_origin_circuits,
2715 result);
2716 tt_int_op(r, OP_EQ, 0);
2717 tt_int_op(smartlist_len(result), OP_EQ, 0);
2718 expect_log_msg_containing("but 1 pending circuit(s) had higher guard "
2719 "priority, so not upgrading.");
2720
2721 done:
2722 teardown_capture_of_logs();
2723 smartlist_free(result);
2724 }
2725
2726 static void
test_entry_guard_upgrade_not_blocked_by_restricted_circ_pending(void * arg)2727 test_entry_guard_upgrade_not_blocked_by_restricted_circ_pending(void *arg)
2728 {
2729 upgrade_circuits_data_t *data = arg;
2730 /* circ2 is done, but circ1 is still pending. But when there is a
2731 restriction on circ2 that circ1 can't satisfy, circ1 can't block
2732 circ2. */
2733
2734 /* XXXX Prop271 -- this is a kludge. I'm making sure circ1 _is_ better,
2735 * by messing with the guards' confirmed_idx */
2736 make_guard_confirmed(data->gs, data->guard1);
2737 {
2738 int tmp;
2739 tmp = data->guard1->confirmed_idx;
2740 data->guard1->confirmed_idx = data->guard2->confirmed_idx;
2741 data->guard2->confirmed_idx = tmp;
2742 }
2743
2744 data->guard2_state->restrictions =
2745 guard_create_exit_restriction((uint8_t*)data->guard1->identity);
2746
2747 smartlist_t *result = smartlist_new();
2748 int r;
2749 r = entry_guards_upgrade_waiting_circuits(data->gs,
2750 data->all_origin_circuits,
2751 result);
2752 tt_int_op(r, OP_EQ, 1);
2753 tt_int_op(smartlist_len(result), OP_EQ, 1);
2754 origin_circuit_t *oc = smartlist_get(result, 0);
2755 tt_ptr_op(oc, OP_EQ, data->circ2);
2756
2757 done:
2758 smartlist_free(result);
2759 }
2760
2761 static void
test_entry_guard_upgrade_not_blocked_by_worse_circ_pending(void * arg)2762 test_entry_guard_upgrade_not_blocked_by_worse_circ_pending(void *arg)
2763 {
2764 upgrade_circuits_data_t *data = arg;
2765
2766 /* circ1 is done, but circ2 is still pending. Since circ1 is better,
2767 * we will upgrade it. */
2768 smartlist_t *result = smartlist_new();
2769 int r;
2770 r = entry_guards_upgrade_waiting_circuits(data->gs,
2771 data->all_origin_circuits,
2772 result);
2773 tt_int_op(r, OP_EQ, 1);
2774 tt_int_op(smartlist_len(result), OP_EQ, 1);
2775 origin_circuit_t *oc = smartlist_get(result, 0);
2776 tt_ptr_op(oc, OP_EQ, data->circ1);
2777
2778 done:
2779 smartlist_free(result);
2780 }
2781
2782 static void
test_entry_guard_should_expire_waiting(void * arg)2783 test_entry_guard_should_expire_waiting(void *arg)
2784 {
2785 (void)arg;
2786 circuit_guard_state_t *fake_state = tor_malloc_zero(sizeof(*fake_state));
2787 /* We'll leave "guard" unset -- it won't matter here. */
2788
2789 /* No state? Can't expire. */
2790 tt_assert(! entry_guard_state_should_expire(NULL));
2791
2792 /* Let's try one that expires. */
2793 fake_state->state = GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD;
2794 fake_state->state_set_at =
2795 approx_time() - DFLT_NONPRIMARY_GUARD_IDLE_TIMEOUT - 1;
2796
2797 tt_assert(entry_guard_state_should_expire(fake_state));
2798
2799 /* But it wouldn't expire if we changed the state. */
2800 fake_state->state = GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD;
2801 tt_assert(! entry_guard_state_should_expire(fake_state));
2802
2803 /* And it wouldn't have expired a few seconds ago. */
2804 fake_state->state = GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD;
2805 fake_state->state_set_at =
2806 approx_time() - DFLT_NONPRIMARY_GUARD_IDLE_TIMEOUT + 5;
2807 tt_assert(! entry_guard_state_should_expire(fake_state));
2808
2809 done:
2810 tor_free(fake_state);
2811 }
2812
2813 /** Test that the number of primary guards can be controlled using torrc */
2814 static void
test_entry_guard_number_of_primaries(void * arg)2815 test_entry_guard_number_of_primaries(void *arg)
2816 {
2817 (void) arg;
2818
2819 /* Get default value */
2820 tt_int_op(get_n_primary_guards(), OP_EQ, DFLT_N_PRIMARY_GUARDS);
2821
2822 /* Set number of primaries using torrc */
2823 get_options_mutable()->NumPrimaryGuards = 42;
2824 tt_int_op(get_n_primary_guards(), OP_EQ, 42);
2825
2826 done:
2827 ;
2828 }
2829
2830 static void
mock_directory_initiate_request(directory_request_t * req)2831 mock_directory_initiate_request(directory_request_t *req)
2832 {
2833 if (req->guard_state) {
2834 circuit_guard_state_free(req->guard_state);
2835 }
2836 }
2837
2838 static networkstatus_t *mock_ns_val = NULL;
2839 static networkstatus_t *
mock_ns_get_by_flavor(consensus_flavor_t f)2840 mock_ns_get_by_flavor(consensus_flavor_t f)
2841 {
2842 (void)f;
2843 return mock_ns_val;
2844 }
2845
2846 /** Test that when we fetch microdescriptors we skip guards that have
2847 * previously failed to serve us needed microdescriptors. */
2848 static void
test_entry_guard_outdated_dirserver_exclusion(void * arg)2849 test_entry_guard_outdated_dirserver_exclusion(void *arg)
2850 {
2851 int retval;
2852 response_handler_args_t *args = NULL;
2853 dir_connection_t *conn = NULL;
2854 (void) arg;
2855
2856 /* Test prep: Make a new guard selection */
2857 guard_selection_t *gs = get_guard_selection_by_name("default",
2858 GS_TYPE_NORMAL, 1);
2859
2860 /* ... we want to use entry guards */
2861 or_options_t *options = get_options_mutable();
2862 options->UseEntryGuards = 1;
2863 options->UseBridges = 0;
2864
2865 /* ... prepare some md digests we want to download in the future */
2866 smartlist_t *digests = smartlist_new();
2867 const char *prose = "unhurried and wise, we perceive.";
2868 for (int i = 0; i < 20; i++) {
2869 smartlist_add(digests, (char*)prose);
2870 }
2871
2872 tt_int_op(smartlist_len(digests), OP_EQ, 20);
2873
2874 /* ... now mock some functions */
2875 mock_ns_val = tor_malloc_zero(sizeof(networkstatus_t));
2876 MOCK(networkstatus_get_latest_consensus_by_flavor, mock_ns_get_by_flavor);
2877 MOCK(directory_initiate_request, mock_directory_initiate_request);
2878
2879 /* Test logic:
2880 * 0. Create a proper guard set and primary guard list.
2881 * 1. Pretend to fail microdescriptor fetches from all the primary guards.
2882 * 2. Order another microdescriptor fetch and make sure that primary guards
2883 * get skipped since they failed previous fetches.
2884 */
2885
2886 { /* Setup primary guard list */
2887 int i;
2888 entry_guards_update_primary(gs);
2889 for (i = 0; i < DFLT_N_PRIMARY_GUARDS; ++i) {
2890 entry_guard_t *guard = smartlist_get(gs->sampled_entry_guards, i);
2891 make_guard_confirmed(gs, guard);
2892 }
2893 entry_guards_update_primary(gs);
2894 }
2895
2896 {
2897 /* Fail microdesc fetches with all the primary guards */
2898 args = tor_malloc_zero(sizeof(response_handler_args_t));
2899 args->status_code = 404;
2900 args->reason = NULL;
2901 args->body = NULL;
2902 args->body_len = 0;
2903
2904 conn = tor_malloc_zero(sizeof(dir_connection_t));
2905 conn->requested_resource = tor_strdup("d/jlinblackorigami");
2906 conn->base_.purpose = DIR_PURPOSE_FETCH_MICRODESC;
2907
2908 /* Pretend to fail fetches with all primary guards */
2909 SMARTLIST_FOREACH_BEGIN(gs->primary_entry_guards,const entry_guard_t *,g) {
2910 memcpy(conn->identity_digest, g->identity, DIGEST_LEN);
2911
2912 retval = handle_response_fetch_microdesc(conn, args);
2913 tt_int_op(retval, OP_EQ, 0);
2914 } SMARTLIST_FOREACH_END(g);
2915 }
2916
2917 {
2918 /* Now order the final md download */
2919 setup_full_capture_of_logs(LOG_INFO);
2920 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_MICRODESC,
2921 digests, 3, 7, 0);
2922
2923 /* ... and check that because we failed to fetch microdescs from all our
2924 * primaries, we didn't end up selecting a primary for fetching dir info */
2925 expect_log_msg_containing("No primary or confirmed guards available.");
2926 teardown_capture_of_logs();
2927 }
2928
2929 done:
2930 UNMOCK(networkstatus_get_latest_consensus_by_flavor);
2931 UNMOCK(directory_initiate_request);
2932 smartlist_free(digests);
2933 tor_free(mock_ns_val);
2934 tor_free(args);
2935 if (conn) {
2936 tor_free(conn->requested_resource);
2937 tor_free(conn);
2938 }
2939 }
2940
2941 /** Test helper to extend the <b>oc</b> circuit path <b>n</b> times and then
2942 * ensure that the circuit is now complete. */
2943 static void
helper_extend_circuit_path_n_times(origin_circuit_t * oc,int n)2944 helper_extend_circuit_path_n_times(origin_circuit_t *oc, int n)
2945 {
2946 int retval;
2947 int i;
2948
2949 /* Extend path n times */
2950 for (i = 0 ; i < n ; i++) {
2951 retval = onion_extend_cpath(oc);
2952 tt_int_op(retval, OP_EQ, 0);
2953 tt_int_op(circuit_get_cpath_len(oc), OP_EQ, i+1);
2954 }
2955
2956 /* Now do it one last time and see that circ is complete */
2957 retval = onion_extend_cpath(oc);
2958 tt_int_op(retval, OP_EQ, 1);
2959
2960 done:
2961 ;
2962 }
2963
2964 /** Test for basic Tor path selection. Makes sure we build 3-hop circuits. */
2965 static void
test_entry_guard_basic_path_selection(void * arg)2966 test_entry_guard_basic_path_selection(void *arg)
2967 {
2968 (void) arg;
2969
2970 int retval;
2971
2972 /* Enable entry guards */
2973 or_options_t *options = get_options_mutable();
2974 options->UseEntryGuards = 1;
2975
2976 /* disables /16 check since all nodes have the same addr... */
2977 options->EnforceDistinctSubnets = 0;
2978
2979 /* Create our circuit */
2980 circuit_t *circ = dummy_origin_circuit_new(30);
2981 origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ);
2982 oc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
2983
2984 /* First pick the exit and pin it on the build_state */
2985 retval = onion_pick_cpath_exit(oc, NULL, 0);
2986 tt_int_op(retval, OP_EQ, 0);
2987
2988 /* Extend path 3 times. First we pick guard, then middle, then exit. */
2989 helper_extend_circuit_path_n_times(oc, 3);
2990
2991 done:
2992 circuit_free_(circ);
2993 }
2994
2995 /** Test helper to build an L2 and L3 vanguard list. The vanguard lists
2996 * produced should be completely disjoint. */
2997 static void
helper_setup_vanguard_list(or_options_t * options)2998 helper_setup_vanguard_list(or_options_t *options)
2999 {
3000 int i = 0;
3001
3002 /* Add some nodes to the vanguard L2 list */
3003 options->HSLayer2Nodes = routerset_new();
3004 for (i = 0; i < 10 ; i += 2) {
3005 node_t *vanguard_node = smartlist_get(big_fake_net_nodes, i);
3006 tt_assert(vanguard_node->is_possible_guard);
3007 routerset_parse(options->HSLayer2Nodes, vanguard_node->rs->nickname, "l2");
3008 }
3009 /* also add some nodes to vanguard L3 list
3010 * (L2 list and L3 list should be disjoint for this test to work) */
3011 options->HSLayer3Nodes = routerset_new();
3012 for (i = 10; i < 20 ; i += 2) {
3013 node_t *vanguard_node = smartlist_get(big_fake_net_nodes, i);
3014 tt_assert(vanguard_node->is_possible_guard);
3015 routerset_parse(options->HSLayer3Nodes, vanguard_node->rs->nickname, "l3");
3016 }
3017
3018 done:
3019 ;
3020 }
3021
3022 /** Test to ensure that vanguard path selection works properly. Ensures that
3023 * default vanguard circuits are 4 hops, and that path selection works
3024 * correctly given the vanguard settings. */
3025 static void
test_entry_guard_vanguard_path_selection(void * arg)3026 test_entry_guard_vanguard_path_selection(void *arg)
3027 {
3028 (void) arg;
3029
3030 int retval;
3031
3032 /* Enable entry guards */
3033 or_options_t *options = get_options_mutable();
3034 options->UseEntryGuards = 1;
3035
3036 /* XXX disables /16 check */
3037 options->EnforceDistinctSubnets = 0;
3038
3039 /* Setup our vanguard list */
3040 helper_setup_vanguard_list(options);
3041
3042 /* Create our circuit */
3043 circuit_t *circ = dummy_origin_circuit_new(30);
3044 origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ);
3045 oc->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
3046 oc->build_state->is_internal = 1;
3047
3048 /* Switch circuit purpose to vanguards */
3049 circ->purpose = CIRCUIT_PURPOSE_HS_VANGUARDS;
3050
3051 /* First pick the exit and pin it on the build_state */
3052 tt_int_op(oc->build_state->desired_path_len, OP_EQ, 0);
3053 retval = onion_pick_cpath_exit(oc, NULL, 0);
3054 tt_int_op(retval, OP_EQ, 0);
3055
3056 /* Ensure that vanguards make 4-hop circuits by default */
3057 tt_int_op(oc->build_state->desired_path_len, OP_EQ, 4);
3058
3059 /* Extend path as many times as needed to have complete circ. */
3060 helper_extend_circuit_path_n_times(oc, oc->build_state->desired_path_len);
3061
3062 /* Test that the cpath linked list is set correctly. */
3063 crypt_path_t *l1_node = oc->cpath;
3064 crypt_path_t *l2_node = l1_node->next;
3065 crypt_path_t *l3_node = l2_node->next;
3066 crypt_path_t *l4_node = l3_node->next;
3067 crypt_path_t *l1_node_again = l4_node->next;
3068 tt_ptr_op(l1_node, OP_EQ, l1_node_again);
3069
3070 /* Test that L2 is indeed HSLayer2Node */
3071 retval = routerset_contains_extendinfo(options->HSLayer2Nodes,
3072 l2_node->extend_info);
3073 tt_int_op(retval, OP_EQ, 4);
3074 /* test that L3 node is _not_ contained in HSLayer2Node */
3075 retval = routerset_contains_extendinfo(options->HSLayer2Nodes,
3076 l3_node->extend_info);
3077 tt_int_op(retval, OP_LT, 4);
3078
3079 /* Test that L3 is indeed HSLayer3Node */
3080 retval = routerset_contains_extendinfo(options->HSLayer3Nodes,
3081 l3_node->extend_info);
3082 tt_int_op(retval, OP_EQ, 4);
3083 /* test that L2 node is _not_ contained in HSLayer3Node */
3084 retval = routerset_contains_extendinfo(options->HSLayer3Nodes,
3085 l2_node->extend_info);
3086 tt_int_op(retval, OP_LT, 4);
3087
3088 /* TODO: Test that L1 can be the same as exit. To test this we need start
3089 enforcing EnforceDistinctSubnets again, which means that we need to give
3090 each test node a different address which currently breaks some tests. */
3091
3092 done:
3093 circuit_free_(circ);
3094 }
3095
3096 static void
test_entry_guard_layer2_guards(void * arg)3097 test_entry_guard_layer2_guards(void *arg)
3098 {
3099 (void) arg;
3100 MOCK(router_have_minimum_dir_info, mock_router_have_minimum_dir_info);
3101
3102 /* First check the enable/disable switch */
3103 get_options_mutable()->VanguardsLiteEnabled = 0;
3104 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 0);
3105
3106 get_options_mutable()->VanguardsLiteEnabled = 1;
3107 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 1);
3108
3109 get_options_mutable()->VanguardsLiteEnabled = -1;
3110 tt_int_op(vanguards_lite_is_enabled(), OP_EQ, 1);
3111
3112 /* OK now let's move to actual testing */
3113
3114 /* Remove restrictions to route around Big Fake Network restrictions */
3115 get_options_mutable()->EnforceDistinctSubnets = 0;
3116
3117 /* Create the L2 guardset */
3118 maintain_layer2_guards();
3119
3120 const routerset_t *l2_guards = get_layer2_guards();
3121 tt_assert(l2_guards);
3122 tt_int_op(routerset_len(l2_guards), OP_EQ, 4);
3123
3124 done:
3125 UNMOCK(router_have_minimum_dir_info);
3126 }
3127
3128 static const struct testcase_setup_t big_fake_network = {
3129 big_fake_network_setup, big_fake_network_cleanup
3130 };
3131
3132 static const struct testcase_setup_t upgrade_circuits = {
3133 upgrade_circuits_setup, upgrade_circuits_cleanup
3134 };
3135
3136 #ifndef COCCI
3137 #define NO_PREFIX_TEST(name) \
3138 { #name, test_ ## name, 0, NULL, NULL }
3139
3140 #define EN_TEST_BASE(name, fork, setup, arg) \
3141 { #name, test_entry_guard_ ## name, fork, setup, (void*)(arg) }
3142
3143 #define EN_TEST(name) EN_TEST_BASE(name, 0, NULL, NULL)
3144 #define EN_TEST_FORK(name) EN_TEST_BASE(name, TT_FORK, NULL, NULL)
3145
3146 #define BFN_TEST(name) \
3147 EN_TEST_BASE(name, TT_FORK, &big_fake_network, NULL), \
3148 { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \
3149 &big_fake_network, (void*)(REASONABLY_FUTURE) }, \
3150 { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \
3151 &big_fake_network, (void*)(REASONABLY_PAST) }
3152
3153 #define UPGRADE_TEST(name, arg) \
3154 EN_TEST_BASE(name, TT_FORK, &upgrade_circuits, arg), \
3155 { #name "_reasonably_future", test_entry_guard_ ## name, TT_FORK, \
3156 &upgrade_circuits, (void*)(arg REASONABLY_FUTURE) }, \
3157 { #name "_reasonably_past", test_entry_guard_ ## name, TT_FORK, \
3158 &upgrade_circuits, (void*)(arg REASONABLY_PAST) }
3159 #endif /* !defined(COCCI) */
3160
3161 struct testcase_t entrynodes_tests[] = {
3162 NO_PREFIX_TEST(node_preferred_orport),
3163 NO_PREFIX_TEST(entry_guard_describe),
3164
3165 EN_TEST(randomize_time),
3166 EN_TEST(encode_for_state_minimal),
3167 EN_TEST(encode_for_state_maximal),
3168 EN_TEST(parse_from_state_minimal),
3169 EN_TEST(parse_from_state_maximal),
3170 EN_TEST(parse_from_state_failure),
3171 EN_TEST(parse_from_state_partial_failure),
3172
3173 EN_TEST_FORK(parse_from_state_full),
3174 EN_TEST_FORK(parse_from_state_broken),
3175 EN_TEST_FORK(get_guard_selection_by_name),
3176 EN_TEST_FORK(number_of_primaries),
3177
3178 BFN_TEST(choose_selection_initial),
3179 BFN_TEST(add_single_guard),
3180 BFN_TEST(node_filter),
3181 BFN_TEST(expand_sample),
3182 BFN_TEST(expand_sample_small_net),
3183 BFN_TEST(update_from_consensus_status),
3184 BFN_TEST(update_from_consensus_repair),
3185 BFN_TEST(update_from_consensus_remove),
3186 BFN_TEST(confirming_guards),
3187 BFN_TEST(sample_reachable_filtered),
3188 BFN_TEST(sample_reachable_filtered_empty),
3189 BFN_TEST(retry_unreachable),
3190 BFN_TEST(manage_primary),
3191 BFN_TEST(correct_cascading_order),
3192
3193 BFN_TEST(layer2_guards),
3194
3195 EN_TEST_FORK(guard_preferred),
3196
3197 BFN_TEST(select_for_circuit_no_confirmed),
3198 BFN_TEST(select_for_circuit_confirmed),
3199 BFN_TEST(select_for_circuit_highlevel_primary),
3200 BFN_TEST(select_for_circuit_highlevel_confirm_other),
3201 BFN_TEST(select_for_circuit_highlevel_primary_retry),
3202 BFN_TEST(select_and_cancel),
3203 BFN_TEST(drop_guards),
3204 BFN_TEST(outdated_dirserver_exclusion),
3205 BFN_TEST(basic_path_selection),
3206 BFN_TEST(vanguard_path_selection),
3207
3208 UPGRADE_TEST(upgrade_a_circuit, "c1-done c2-done"),
3209 UPGRADE_TEST(upgrade_blocked_by_live_primary_guards, "c1-done c2-done"),
3210 UPGRADE_TEST(upgrade_blocked_by_lack_of_waiting_circuits, ""),
3211 UPGRADE_TEST(upgrade_blocked_by_better_circ_complete, "c1-done c2-done"),
3212 UPGRADE_TEST(upgrade_not_blocked_by_restricted_circ_complete,
3213 "c1-done c2-done"),
3214 UPGRADE_TEST(upgrade_not_blocked_by_worse_circ_complete, "c1-done c2-done"),
3215 UPGRADE_TEST(upgrade_blocked_by_better_circ_pending, "c2-done"),
3216 UPGRADE_TEST(upgrade_not_blocked_by_restricted_circ_pending,
3217 "c2-done"),
3218 UPGRADE_TEST(upgrade_not_blocked_by_worse_circ_pending, "c1-done"),
3219
3220 EN_TEST_FORK(should_expire_waiting),
3221
3222 END_OF_TESTCASES
3223 };
3224