int
fuzz_cleanup(void)
{
UNMOCK(consensus_compute_digest);
UNMOCK(consensus_digest_eq);
return 0;
}
static void
test_conn_edge_ap_handshake_rewrite_and_attach_closes_conn_with_error(void *data)
{
entry_connection_t *conn = entry_connection_new(CONN_TYPE_AP, AF_INET);
addressmap_init();
origin_circuit_t *circuit = NULL;
crypt_path_t *path = NULL;
(void) data;
MOCK(connection_ap_handshake_rewrite, connection_ap_handshake_rewrite_mock);
MOCK(connection_mark_unattached_ap_, connection_mark_unattached_ap_mock);
init_rewrite_mock();
rewrite_mock->should_close = 1;
rewrite_mock->end_reason = END_STREAM_REASON_MISC;
int res = connection_ap_handshake_rewrite_and_attach(conn, circuit, path);
tt_int_op(res, OP_EQ, -1);
done:
UNMOCK(connection_ap_handshake_rewrite);
UNMOCK(connection_mark_unattached_ap_);
destroy_rewrite_mock();
tor_free(circuit);
tor_free(path);
}
static void
test_address_get_if_addrs_no_internal_fail(void *arg)
{
smartlist_t *results1 = NULL, *results2 = NULL;
(void)arg;
MOCK(get_interface_addresses_raw,
mock_get_interface_addresses_raw_fail);
MOCK(get_interface_address6_via_udp_socket_hack,
mock_get_interface_address6_via_udp_socket_hack_fail);
results1 = get_interface_address6_list(LOG_ERR, AF_INET6, 0);
tt_ptr_op(results1, OP_NE, NULL);
tt_int_op(smartlist_len(results1),OP_EQ,0);
results2 = get_interface_address_list(LOG_ERR, 0);
tt_ptr_op(results2, OP_NE, NULL);
tt_int_op(smartlist_len(results2),OP_EQ,0);
done:
UNMOCK(get_interface_addresses_raw);
UNMOCK(get_interface_address6_via_udp_socket_hack);
interface_address6_list_free(results1);
interface_address6_list_free(results2);
return;
}
static void
clear_ns_mocks(void)
{
UNMOCK(networkstatus_get_dl_status_by_flavor);
UNMOCK(networkstatus_get_dl_status_by_flavor_bootstrap);
UNMOCK(networkstatus_get_dl_status_by_flavor_running);
}
static void
clear_cert_mocks(void)
{
UNMOCK(list_authority_ids_with_downloads);
UNMOCK(id_only_download_status_for_authority_id);
UNMOCK(list_sk_digests_for_authority_id);
UNMOCK(download_status_for_authority_id_and_sk);
}
static void
clear_bridge_mocks(void)
{
UNMOCK(list_bridge_identities);
UNMOCK(get_bridge_dl_status_by_id);
disable_descbr = 0;
}
int
fuzz_cleanup(void)
{
UNMOCK(connection_write_to_buf_impl_);
UNMOCK(connection_mark_unattached_ap_);
UNMOCK(connection_ap_rewrite_and_attach_if_allowed);
return 0;
}
static void
test_address_udp_socket_trick_whitebox(void *arg)
{
int hack_retval;
tor_addr_t *addr_from_hack = tor_malloc_zero(sizeof(tor_addr_t));
struct sockaddr_in6 *mock_addr6;
struct sockaddr_in6 *ipv6_to_check =
tor_malloc_zero(sizeof(struct sockaddr_in6));
(void)arg;
MOCK(tor_open_socket,fake_open_socket);
MOCK(tor_connect_socket,pretend_to_connect);
MOCK(tor_getsockname,fake_getsockname);
MOCK(tor_close_socket,fake_close_socket);
mock_addr = tor_malloc_zero(sizeof(struct sockaddr_storage));
sockaddr_in_from_string("23.32.246.118",(struct sockaddr_in *)mock_addr);
hack_retval =
get_interface_address6_via_udp_socket_hack(LOG_DEBUG,
AF_INET, addr_from_hack);
tt_int_op(hack_retval,OP_EQ,0);
tt_assert(tor_addr_eq_ipv4h(addr_from_hack, 0x1720f676));
/* Now, lets do an IPv6 case. */
memset(mock_addr,0,sizeof(struct sockaddr_storage));
mock_addr6 = (struct sockaddr_in6 *)mock_addr;
mock_addr6->sin6_family = AF_INET6;
mock_addr6->sin6_port = 0;
tor_inet_pton(AF_INET6,"2001:cdba::3257:9652",&(mock_addr6->sin6_addr));
hack_retval =
get_interface_address6_via_udp_socket_hack(LOG_DEBUG,
AF_INET6, addr_from_hack);
tt_int_op(hack_retval,OP_EQ,0);
tor_addr_to_sockaddr(addr_from_hack,0,(struct sockaddr *)ipv6_to_check,
sizeof(struct sockaddr_in6));
tt_assert(sockaddr_in6_are_equal(mock_addr6,ipv6_to_check));
done:
UNMOCK(tor_open_socket);
UNMOCK(tor_connect_socket);
UNMOCK(tor_getsockname);
UNMOCK(tor_close_socket);
tor_free(ipv6_to_check);
tor_free(mock_addr);
tor_free(addr_from_hack);
return;
}
static void
test_conn_edge_ap_handshake_rewrite_and_attach_closes_conn_for_excluded_exit(void *data)
{
entry_connection_t *conn = entry_connection_new(CONN_TYPE_AP, AF_INET);
addressmap_init();
origin_circuit_t *circuit = NULL;
crypt_path_t *path = NULL;
(void) data;
MOCK(get_options, get_options_mock);
MOCK(connection_ap_handshake_rewrite, connection_ap_handshake_rewrite_mock);
MOCK(connection_mark_unattached_ap_, connection_mark_unattached_ap_mock);
MOCK(node_get_by_nickname, node_get_by_nickname_mock);
init_rewrite_mock();
init_exit_node_mock();
init_mock_options();
rewrite_mock->should_close = 0;
rewrite_mock->exit_source = ADDRMAPSRC_NONE;
SET_SOCKS_ADDRESS(conn->socks_request, "http://www.wellformed.exit");
conn->socks_request->command = SOCKS_COMMAND_CONNECT;
strlcpy(exit_node_mock->rs->nickname, "wellformed", MAX_NICKNAME_LEN+1);
options_mock->AllowDotExit = 1;
options_mock->StrictNodes = 0;
options_mock->SafeLogging_ = SAFELOG_SCRUB_NONE;
excluded_nodes = routerset_new();
smartlist_add(excluded_nodes->list, tor_strdup("wellformed"));
strmap_set(excluded_nodes->names, tor_strdup("wellformed"), exit_node_mock);
options_mock->ExcludeExitNodes = excluded_nodes;
int prev_log = setup_capture_of_logs(LOG_INFO);
int res = connection_ap_handshake_rewrite_and_attach(conn, circuit, path);
tt_int_op(unattachment_reason_spy, OP_EQ, END_STREAM_REASON_TORPROTOCOL);
tt_int_op(res, OP_EQ, -1);
tt_str_op(mock_saved_log_at(-1), OP_EQ, "Excluded relay in exit address 'http://www.exit'. Refusing.\n");
done:
UNMOCK(get_options);
UNMOCK(connection_ap_handshake_rewrite);
UNMOCK(connection_mark_unattached_ap_);
UNMOCK(node_get_by_nickname);
destroy_rewrite_mock();
destroy_mock_options();
destroy_exit_node_mock();
tor_free(excluded_nodes);
tor_free(circuit);
tor_free(path);
teardown_capture_of_logs(prev_log);
}
static void
test_oos_kill_conn_list(void *arg)
{
connection_t *c1, *c2;
or_connection_t *or_c1 = NULL;
dir_connection_t *dir_c2 = NULL;
smartlist_t *l = NULL;
(void)arg;
/* Set up mocks */
mark_calls = 0;
MOCK(connection_mark_for_close_internal_, mark_for_close_oos_mock);
cfe_calls = 0;
MOCK(connection_or_close_for_error, close_for_error_mock);
/* Make fake conns */
or_c1 = tor_malloc_zero(sizeof(*or_c1));
or_c1->base_.magic = OR_CONNECTION_MAGIC;
or_c1->base_.type = CONN_TYPE_OR;
c1 = TO_CONN(or_c1);
dir_c2 = tor_malloc_zero(sizeof(*dir_c2));
dir_c2->base_.magic = DIR_CONNECTION_MAGIC;
dir_c2->base_.type = CONN_TYPE_DIR;
dir_c2->base_.state = DIR_CONN_STATE_MIN_;
dir_c2->base_.purpose = DIR_PURPOSE_MIN_;
c2 = TO_CONN(dir_c2);
tt_assert(c1 != NULL);
tt_assert(c2 != NULL);
/* Make list */
l = smartlist_new();
smartlist_add(l, c1);
smartlist_add(l, c2);
/* Run kill_conn_list_for_oos() */
kill_conn_list_for_oos(l);
/* Check call counters */
tt_int_op(mark_calls, OP_EQ, 1);
tt_int_op(cfe_calls, OP_EQ, 1);
done:
UNMOCK(connection_or_close_for_error);
UNMOCK(connection_mark_for_close_internal_);
if (l) smartlist_free(l);
tor_free(or_c1);
tor_free(dir_c2);
return;
}
/** Do common setup for test_timely_consensus() and
* test_early_consensus(). Call networkstatus_set_current_consensus()
* on a constructed consensus and with an appropriately-modified
* approx_time. Callers expect presence or absence of appropriate log
* messages and control events. */
static int
test_skew_common(void *arg, time_t now, unsigned long *offset)
{
char *consensus = NULL;
int retval = 0;
*offset = strtoul(arg, NULL, 10);
/* Initialize the SRV subsystem */
MOCK(get_my_v3_authority_cert, get_my_v3_authority_cert_m);
mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1,
strlen(AUTHORITY_CERT_1),
NULL);
sr_init(0);
UNMOCK(get_my_v3_authority_cert);
construct_consensus(&consensus, now);
tt_assert(consensus);
update_approx_time(now + *offset);
mock_apparent_skew = 0;
/* Caller will call UNMOCK() */
MOCK(clock_skew_warning, mock_clock_skew_warning);
/* Caller will call teardown_capture_of_logs() */
setup_capture_of_logs(LOG_WARN);
retval = networkstatus_set_current_consensus(consensus, strlen(consensus),
"microdesc", 0,
NULL);
done:
tor_free(consensus);
return retval;
}
/**
* Calling get_transport_by_bridge_addrport() with the address and port of a
* configured bridge which uses a pluggable transport should return 0 and set
* appropriate transport_t.
*/
static void
test_bridges_get_transport_by_bridge_addrport(void *arg)
{
transport_t *transport = NULL;
tor_addr_t *addr = tor_malloc(sizeof(tor_addr_t));
uint16_t port = 1234;
int ret;
helper_add_bridges_to_bridgelist(arg);
mark_transport_list(); // Also initialise our transport_list
ret = tor_addr_parse(addr, "1.2.3.4");
tt_int_op(ret, OP_EQ, 2); // it returns the address family on success?
/* After we mock transport_get_by_name() to return a bogus transport_t with
* the name it was asked for, the call should succeed.
*/
MOCK(transport_get_by_name, mock_transport_get_by_name);
ret = get_transport_by_bridge_addrport((const tor_addr_t*)addr, port,
(const transport_t**)&transport);
tt_int_op(ret, OP_EQ, 0); // returns 0 on success
tt_ptr_op(transport, OP_NE, NULL);
tt_str_op(transport->name, OP_EQ, "obfs4");
done:
UNMOCK(transport_get_by_name);
tor_free(addr);
transport_free(transport);
mark_bridge_list();
sweep_bridge_list();
}
/* Helper: Do a successful Extended ORPort authentication handshake. */
static void
do_ext_or_handshake(or_connection_t *conn)
{
char b[256];
tt_int_op(0, OP_EQ, connection_ext_or_start_auth(conn));
CONTAINS("\x01\x00", 2);
WRITE("\x01", 1);
WRITE("But when I look ahead up the whi", 32);
MOCK(crypto_rand, crypto_rand_return_tse_str);
tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
UNMOCK(crypto_rand);
tt_int_op(TO_CONN(conn)->state, OP_EQ,
EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH);
CONTAINS("\xec\x80\xed\x6e\x54\x6d\x3b\x36\xfd\xfc\x22\xfe\x13\x15\x41\x6b"
"\x02\x9f\x1a\xde\x76\x10\xd9\x10\x87\x8b\x62\xee\xb7\x40\x38\x21"
"te road There is always another ", 64);
/* Send the right response this time. */
WRITE("\xab\x39\x17\x32\xdd\x2e\xd9\x68\xcd\x40\xc0\x87\xd1\xb1\xf2\x5b"
"\x33\xb3\xcd\x77\xff\x79\xbd\x80\xc2\x07\x4b\xbf\x43\x81\x19\xa2",
32);
tt_int_op(0, OP_EQ, connection_ext_or_process_inbuf(conn));
CONTAINS("\x01", 1);
tt_assert(! TO_CONN(conn)->marked_for_close);
tt_int_op(TO_CONN(conn)->state, OP_EQ, EXT_OR_CONN_STATE_OPEN);
done: ;
}
/** We simulate a failure to create an ESTABLISH_INTRO cell */
static void
test_gen_establish_intro_cell_bad(void *arg)
{
(void) arg;
ssize_t cell_len = 0;
trn_cell_establish_intro_t *cell = NULL;
char circ_nonce[DIGEST_LEN] = {0};
hs_service_intro_point_t *ip = NULL;
MOCK(ed25519_sign_prefixed, mock_ed25519_sign_prefixed);
crypto_rand(circ_nonce, sizeof(circ_nonce));
setup_full_capture_of_logs(LOG_WARN);
/* Easiest way to make that function fail is to mock the
ed25519_sign_prefixed() function and make it fail. */
cell = trn_cell_establish_intro_new();
tt_assert(cell);
ip = service_intro_point_new(NULL);
cell_len = hs_cell_build_establish_intro(circ_nonce, ip, NULL);
service_intro_point_free(ip);
expect_log_msg_containing("Unable to make signature for "
"ESTABLISH_INTRO cell.");
teardown_capture_of_logs();
tt_i64_op(cell_len, OP_EQ, -1);
done:
trn_cell_establish_intro_free(cell);
UNMOCK(ed25519_sign_prefixed);
}
static void
test_routerlist_launch_descriptor_downloads(void *arg)
{
smartlist_t *downloadable = smartlist_new();
time_t now = time(NULL);
char *cp;
(void)arg;
for (int i = 0; i < 100; i++) {
cp = tor_malloc(DIGEST256_LEN);
tt_assert(cp);
crypto_rand(cp, DIGEST256_LEN);
smartlist_add(downloadable, cp);
}
MOCK(initiate_descriptor_downloads, mock_initiate_descriptor_downloads);
launch_descriptor_downloads(DIR_PURPOSE_FETCH_MICRODESC, downloadable,
NULL, now);
tt_int_op(3, ==, count);
UNMOCK(initiate_descriptor_downloads);
done:
SMARTLIST_FOREACH(downloadable, char *, cp1, tor_free(cp1));
smartlist_free(downloadable);
}
static void
test_buffers_tls_read_mocked(void *arg)
{
uint8_t *mem;
buf_t *buf;
(void)arg;
mem = tor_malloc(64*1024);
crypto_rand((char*)mem, 64*1024);
tls_read_ptr = mem;
n_remaining = 64*1024;
MOCK(tor_tls_read, mock_tls_read);
buf = buf_new();
next_reply_val[0] = 1024;
tt_int_op(128, ==, read_to_buf_tls(NULL, 128, buf));
next_reply_val[0] = 5000;
next_reply_val[1] = 5000;
tt_int_op(6000, ==, read_to_buf_tls(NULL, 6000, buf));
done:
UNMOCK(tor_tls_read);
tor_free(mem);
buf_free(buf);
}
static void
test_cntev_orconn_state_proxy(void *arg)
{
orconn_event_msg_t conn;
(void)arg;
MOCK(queue_control_event_string, mock_queue_control_event_string);
control_testing_set_global_event_mask(EVENT_MASK_(EVENT_STATUS_CLIENT));
setup_orconn_state(&conn, 1, 1, PROXY_CONNECT);
send_ocirc_chan(1, 1, true);
send_orconn_state(&conn, OR_CONN_STATE_CONNECTING);
assert_bootmsg("3 TAG=conn_proxy");
send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING);
assert_bootmsg("4 TAG=conn_done_proxy");
send_orconn_state(&conn, OR_CONN_STATE_TLS_HANDSHAKING);
assert_bootmsg("10 TAG=conn_done");
send_orconn_state(&conn, OR_CONN_STATE_OR_HANDSHAKING_V3);
assert_bootmsg("14 TAG=handshake");
send_orconn_state(&conn, OR_CONN_STATE_OPEN);
assert_bootmsg("15 TAG=handshake_done");
send_ocirc_chan(2, 2, false);
conn.u.state.gid = 2;
conn.u.state.chan = 2;
send_orconn_state(&conn, OR_CONN_STATE_CONNECTING);
assert_bootmsg("78 TAG=ap_conn_proxy");
send_orconn_state(&conn, OR_CONN_STATE_PROXY_HANDSHAKING);
assert_bootmsg("79 TAG=ap_conn_done_proxy");
done:
tor_free(saved_event_str);
UNMOCK(queue_control_event_string);
}
static void
test_routerlist_initiate_descriptor_downloads(void *arg)
{
const char *prose = "unhurried and wise, we perceive.";
smartlist_t *digests = smartlist_new();
(void)arg;
for (int i = 0; i < 20; i++) {
smartlist_add(digests, (char*)prose);
}
MOCK(directory_get_from_dirserver, mock_get_from_dirserver);
initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_MICRODESC,
digests, 3, 7, 0);
UNMOCK(directory_get_from_dirserver);
tt_str_op(output, OP_EQ, "d/"
"dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
"dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
"dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4-"
"dW5odXJyaWVkIGFuZCB3aXNlLCB3ZSBwZXJjZWl2ZS4"
".z");
done:
smartlist_free(digests);
}
static void *
test_conn_get_basic_setup(const struct testcase_t *tc)
{
connection_t *conn = NULL;
tor_addr_t addr;
int socket_err = 0;
int in_progress = 0;
(void)tc;
MOCK(connection_connect_sockaddr,
mock_connection_connect_sockaddr);
init_connection_lists();
conn = connection_new(TEST_CONN_TYPE, TEST_CONN_FAMILY);
tt_assert(conn);
test_conn_lookup_addr_helper(TEST_CONN_ADDRESS, TEST_CONN_FAMILY, &addr);
tt_assert(!tor_addr_is_null(&addr));
/* XXXX - connection_connect doesn't set these, should it? */
tor_addr_copy_tight(&conn->addr, &addr);
conn->port = TEST_CONN_PORT;
mock_connection_connect_sockaddr_called = 0;
in_progress = connection_connect(conn, TEST_CONN_ADDRESS_PORT, &addr,
TEST_CONN_PORT, &socket_err);
tt_assert(mock_connection_connect_sockaddr_called == 1);
tt_assert(!socket_err);
tt_assert(in_progress == 0 || in_progress == 1);
/* fake some of the attributes so the connection looks OK */
conn->state = TEST_CONN_STATE;
conn->purpose = TEST_CONN_BASIC_PURPOSE;
assert_connection_ok(conn, time(NULL));
UNMOCK(connection_connect_sockaddr);
return conn;
/* On failure */
done:
UNMOCK(connection_connect_sockaddr);
test_conn_get_basic_teardown(tc, conn);
/* Returning NULL causes the unit test to fail */
return NULL;
}
static void
test_halfstream_wrap(void *arg)
{
origin_circuit_t *circ =
helper_create_origin_circuit(CIRCUIT_PURPOSE_C_GENERAL, 0);
edge_connection_t *edgeconn;
entry_connection_t *entryconn;
circ->cpath->state = CPATH_STATE_AWAITING_KEYS;
circ->cpath->deliver_window = CIRCWINDOW_START;
entryconn = fake_entry_conn(circ, 23);
edgeconn = ENTRY_TO_EDGE_CONN(entryconn);
(void)arg;
/* Suppress the WARN message we generate in this test */
setup_full_capture_of_logs(LOG_WARN);
MOCK(connection_mark_for_close_internal_, mock_mark_for_close);
/* Verify that get_unique_stream_id_by_circ() can wrap uint16_t */
circ->next_stream_id = 65530;
halfstream_insert(circ, edgeconn, NULL, 7, 0);
tt_int_op(circ->next_stream_id, OP_EQ, 2);
tt_int_op(smartlist_len(circ->half_streams), OP_EQ, 7);
/* Insert full-1 */
halfstream_insert(circ, edgeconn, NULL,
65534-smartlist_len(circ->half_streams), 0);
tt_int_op(smartlist_len(circ->half_streams), OP_EQ, 65534);
/* Verify that we can get_unique_stream_id_by_circ() successfully */
edgeconn->stream_id = get_unique_stream_id_by_circ(circ);
tt_int_op(edgeconn->stream_id, OP_NE, 0); /* 0 is failure */
/* Insert an opened stream on the circ with that id */
ENTRY_TO_CONN(entryconn)->marked_for_close = 0;
ENTRY_TO_CONN(entryconn)->outbuf_flushlen = 0;
edgeconn->base_.state = AP_CONN_STATE_CONNECT_WAIT;
circ->p_streams = edgeconn;
/* Verify that get_unique_stream_id_by_circ() fails */
tt_int_op(get_unique_stream_id_by_circ(circ), OP_EQ, 0); /* 0 is failure */
/* eof the one opened stream. Verify it is now in half-closed */
tt_int_op(smartlist_len(circ->half_streams), OP_EQ, 65534);
connection_edge_reached_eof(edgeconn);
tt_int_op(smartlist_len(circ->half_streams), OP_EQ, 65535);
/* Verify get_unique_stream_id_by_circ() fails due to full half-closed */
circ->p_streams = NULL;
tt_int_op(get_unique_stream_id_by_circ(circ), OP_EQ, 0); /* 0 is failure */
done:
circuit_free_(TO_CIRCUIT(circ));
connection_free_minimal(ENTRY_TO_CONN(entryconn));
UNMOCK(connection_mark_for_close_internal_);
}
/**
* Undo setup_capture_of_logs().
*
* This function is safe to call more than once.
*/
void
teardown_capture_of_logs(void)
{
UNMOCK(logv);
if (saved_log_level)
log_global_min_severity_ = saved_log_level;
saved_log_level = 0;
mock_clean_saved_logs();
}
static connection_t *
test_conn_get_connection(uint8_t state, uint8_t type, uint8_t purpose)
{
connection_t *conn = NULL;
tor_addr_t addr;
int socket_err = 0;
int in_progress = 0;
MOCK(connection_connect_sockaddr,
mock_connection_connect_sockaddr);
MOCK(tor_close_socket, fake_close_socket);
init_connection_lists();
conn = connection_new(type, TEST_CONN_FAMILY);
tt_assert(conn);
test_conn_lookup_addr_helper(TEST_CONN_ADDRESS, TEST_CONN_FAMILY, &addr);
tt_assert(!tor_addr_is_null(&addr));
tor_addr_copy_tight(&conn->addr, &addr);
conn->port = TEST_CONN_PORT;
mock_connection_connect_sockaddr_called = 0;
in_progress = connection_connect(conn, TEST_CONN_ADDRESS_PORT, &addr,
TEST_CONN_PORT, &socket_err);
tt_assert(mock_connection_connect_sockaddr_called == 1);
tt_assert(!socket_err);
tt_assert(in_progress == 0 || in_progress == 1);
/* fake some of the attributes so the connection looks OK */
conn->state = state;
conn->purpose = purpose;
assert_connection_ok(conn, time(NULL));
UNMOCK(connection_connect_sockaddr);
UNMOCK(tor_close_socket);
return conn;
/* On failure */
done:
UNMOCK(connection_connect_sockaddr);
UNMOCK(tor_close_socket);
return NULL;
}
static void
test_ext_or_init_auth(void *arg)
{
or_options_t *options = get_options_mutable();
const char *fn;
char *cp = NULL;
struct stat st;
char cookie0[32];
(void)arg;
/* Check default filename location */
tor_free(options->DataDirectory);
options->DataDirectory = tor_strdup("foo");
cp = get_ext_or_auth_cookie_file_name();
tt_str_op(cp, OP_EQ, "foo"PATH_SEPARATOR"extended_orport_auth_cookie");
tor_free(cp);
/* Shouldn't be initialized already, or our tests will be a bit
* meaningless */
ext_or_auth_cookie = tor_malloc_zero(32);
tt_assert(tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
/* Now make sure we use a temporary file */
fn = get_fname("ext_cookie_file");
options->ExtORPortCookieAuthFile = tor_strdup(fn);
cp = get_ext_or_auth_cookie_file_name();
tt_str_op(cp, OP_EQ, fn);
tor_free(cp);
/* Test the initialization function with a broken
write_bytes_to_file(). See if the problem is handled properly. */
MOCK(write_bytes_to_file, write_bytes_to_file_fail);
tt_int_op(-1, OP_EQ, init_ext_or_cookie_authentication(1));
tt_int_op(ext_or_auth_cookie_is_set, OP_EQ, 0);
UNMOCK(write_bytes_to_file);
/* Now do the actual initialization. */
tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1));
tt_int_op(ext_or_auth_cookie_is_set, OP_EQ, 1);
cp = read_file_to_str(fn, RFTS_BIN, &st);
tt_ptr_op(cp, OP_NE, NULL);
tt_u64_op((uint64_t)st.st_size, OP_EQ, 64);
tt_mem_op(cp,OP_EQ, "! Extended ORPort Auth Cookie !\x0a", 32);
tt_mem_op(cp+32,OP_EQ, ext_or_auth_cookie, 32);
memcpy(cookie0, ext_or_auth_cookie, 32);
tt_assert(!tor_mem_is_zero((char*)ext_or_auth_cookie, 32));
/* Operation should be idempotent. */
tt_int_op(0, OP_EQ, init_ext_or_cookie_authentication(1));
tt_mem_op(cookie0,OP_EQ, ext_or_auth_cookie, 32);
done:
tor_free(cp);
ext_orport_free_all();
}
int
main(int argc, char **argv)
{
size_t size;
global_init();
/* Disable logging by default to speed up fuzzing. */
int loglevel = LOG_ERR;
for (int i = 1; i < argc; ++i) {
if (!strcmp(argv[i], "--warn")) {
loglevel = LOG_WARN;
} else if (!strcmp(argv[i], "--notice")) {
loglevel = LOG_NOTICE;
} else if (!strcmp(argv[i], "--info")) {
loglevel = LOG_INFO;
} else if (!strcmp(argv[i], "--debug")) {
loglevel = LOG_DEBUG;
}
}
{
log_severity_list_t s;
memset(&s, 0, sizeof(s));
set_log_severity_config(loglevel, LOG_ERR, &s);
/* ALWAYS log bug warnings. */
s.masks[LOG_WARN-LOG_ERR] |= LD_BUG;
add_stream_log(&s, "", fileno(stdout));
}
if (fuzz_init() < 0)
abort();
#ifdef __AFL_HAVE_MANUAL_CONTROL
/* Tell AFL to pause and fork here - ignored if not using AFL */
__AFL_INIT();
#endif
#define MAX_FUZZ_SIZE (128*1024)
char *input = read_file_to_str_until_eof(0, MAX_FUZZ_SIZE, &size);
tor_assert(input);
char *raw = tor_memdup(input, size); /* Because input is nul-terminated */
tor_free(input);
fuzz_main((const uint8_t*)raw, size);
tor_free(raw);
if (fuzz_cleanup() < 0)
abort();
tor_free(mock_options);
UNMOCK(get_options);
return 0;
}
static void
test_conn_edge_ap_handshake_rewrite_and_attach_closes_conn_for_unrecognized_exit_address(void *data)
{
entry_connection_t *conn = entry_connection_new(CONN_TYPE_AP, AF_INET);
addressmap_init();
origin_circuit_t *circuit = NULL;
crypt_path_t *path = NULL;
(void) data;
MOCK(get_options, get_options_mock);
MOCK(connection_ap_handshake_rewrite, connection_ap_handshake_rewrite_mock);
MOCK(connection_mark_unattached_ap_, connection_mark_unattached_ap_mock);
init_rewrite_mock();
init_mock_options();
rewrite_mock->should_close = 0;
rewrite_mock->exit_source = ADDRMAPSRC_NONE;
SET_SOCKS_ADDRESS(conn->socks_request, "http://www.wellformed.exit");
conn->socks_request->command = SOCKS_COMMAND_CONNECT;
options_mock->AllowDotExit = 1;
options_mock->SafeLogging_ = SAFELOG_SCRUB_NONE;
int prev_log = setup_capture_of_logs(LOG_INFO);
int res = connection_ap_handshake_rewrite_and_attach(conn, circuit, path);
tt_int_op(unattachment_reason_spy, OP_EQ, END_STREAM_REASON_TORPROTOCOL);
tt_int_op(res, OP_EQ, -1);
tt_str_op(mock_saved_log_at(-1), OP_EQ, "Unrecognized relay in exit address 'http://www.exit'. Refusing.\n");
done:
UNMOCK(get_options);
UNMOCK(connection_ap_handshake_rewrite);
UNMOCK(connection_mark_unattached_ap_);
destroy_rewrite_mock();
destroy_mock_options();
tor_free(circuit);
tor_free(path);
teardown_capture_of_logs(prev_log);
}
static void
test_ext_or_write_command(void *arg)
{
or_connection_t *c1;
char *cp = NULL;
char *buf = NULL;
size_t sz;
(void) arg;
MOCK(connection_write_to_buf_impl_,
connection_write_to_buf_impl_replacement);
c1 = or_connection_new(CONN_TYPE_EXT_OR, AF_INET);
tt_assert(c1);
/* Length too long */
tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 100, "X", 100000),
OP_LT, 0);
/* Empty command */
tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0x99, NULL, 0),
OP_EQ, 0);
cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
tt_int_op(sz, OP_EQ, 4);
tt_mem_op(cp, OP_EQ, "\x00\x99\x00\x00", 4);
tor_free(cp);
/* Medium command. */
tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0x99,
"Wai\0Hello", 9), OP_EQ, 0);
cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
tt_int_op(sz, OP_EQ, 13);
tt_mem_op(cp, OP_EQ, "\x00\x99\x00\x09Wai\x00Hello", 13);
tor_free(cp);
/* Long command */
buf = tor_malloc(65535);
memset(buf, 'x', 65535);
tt_int_op(connection_write_ext_or_command(TO_CONN(c1), 0xf00d,
buf, 65535), OP_EQ, 0);
cp = buf_get_contents(TO_CONN(c1)->outbuf, &sz);
tt_int_op(sz, OP_EQ, 65539);
tt_mem_op(cp, OP_EQ, "\xf0\x0d\xff\xff", 4);
tt_mem_op(cp+4, OP_EQ, buf, 65535);
tor_free(cp);
done:
if (c1)
connection_free_(TO_CONN(c1));
tor_free(cp);
tor_free(buf);
UNMOCK(connection_write_to_buf_impl_);
}
static int
recv_certs_cleanup(const struct testcase_t *test, void *obj)
{
(void)test;
certs_data_t *d = obj;
UNMOCK(tor_tls_cert_matches_key);
UNMOCK(connection_or_send_netinfo);
UNMOCK(connection_or_close_for_error);
if (d) {
tor_free(d->cell);
certs_cell_free(d->ccell);
connection_free_(TO_CONN(d->c));
circuitmux_free(d->chan->base_.cmux);
tor_free(d->chan);
crypto_pk_free(d->key1);
crypto_pk_free(d->key2);
tor_free(d);
}
return 1;
}
static void
test_conn_edge_ap_handshake_rewrite_and_attach_closes_conn_when_hostname_is_bogus(void *data)
{
entry_connection_t *conn = entry_connection_new(CONN_TYPE_AP, AF_INET);
addressmap_init();
origin_circuit_t *circuit = NULL;
crypt_path_t *path = NULL;
(void) data;
MOCK(get_options, get_options_mock);
MOCK(connection_ap_handshake_rewrite, connection_ap_handshake_rewrite_mock);
MOCK(connection_mark_unattached_ap_, connection_mark_unattached_ap_mock);
init_mock_options();
init_rewrite_mock();
options_mock->SafeLogging_ = SAFELOG_SCRUB_NONE;
rewrite_mock->should_close = 0;
SET_SOCKS_ADDRESS(conn->socks_request, "http://www.bogus.onion");
conn->socks_request->command = SOCKS_COMMAND_CONNECT;
int prev_log = setup_capture_of_logs(LOG_INFO);
int res = connection_ap_handshake_rewrite_and_attach(conn, circuit, path);
tt_int_op(unattachment_reason_spy, OP_EQ, END_STREAM_REASON_TORPROTOCOL);
tt_int_op(res, OP_EQ, -1);
tt_str_op(mock_saved_log_at(-1), OP_EQ, "Invalid onion hostname bogus; rejecting\n");
done:
UNMOCK(get_options);
UNMOCK(connection_ap_handshake_rewrite);
UNMOCK(connection_mark_unattached_ap_);
destroy_rewrite_mock();
tor_free(circuit);
tor_free(path);
destroy_mock_options();
teardown_capture_of_logs(prev_log);
}
static void
test_address_get_if_addrs_internal_fail(void *arg)
{
smartlist_t *results1 = NULL, *results2 = NULL;
int rv = 0;
uint32_t ipv4h_addr = 0;
tor_addr_t ipv6_addr;
memset(&ipv6_addr, 0, sizeof(tor_addr_t));
(void)arg;
MOCK(get_interface_addresses_raw,
mock_get_interface_addresses_raw_fail);
MOCK(get_interface_address6_via_udp_socket_hack,
mock_get_interface_address6_via_udp_socket_hack_fail);
results1 = get_interface_address6_list(LOG_ERR, AF_INET6, 1);
tt_ptr_op(results1, OP_NE, NULL);
tt_int_op(smartlist_len(results1),OP_EQ,0);
results2 = get_interface_address_list(LOG_ERR, 1);
tt_ptr_op(results2, OP_NE, NULL);
tt_int_op(smartlist_len(results2),OP_EQ,0);
rv = get_interface_address6(LOG_ERR, AF_INET6, &ipv6_addr);
tt_int_op(rv, OP_EQ, -1);
rv = get_interface_address(LOG_ERR, &ipv4h_addr);
tt_int_op(rv, OP_EQ, -1);
done:
UNMOCK(get_interface_addresses_raw);
UNMOCK(get_interface_address6_via_udp_socket_hack);
interface_address6_list_free(results1);
interface_address6_list_free(results2);
return;
}
static void
test_routerlist_router_is_already_dir_fetching(void *arg)
{
(void)arg;
tor_addr_port_t test_ap, null_addr_ap, zero_port_ap;
/* Setup */
tor_addr_parse(&test_ap.addr, TEST_ADDR_STR);
test_ap.port = TEST_DIR_PORT;
tor_addr_make_null(&null_addr_ap.addr, AF_INET6);
null_addr_ap.port = TEST_DIR_PORT;
tor_addr_parse(&zero_port_ap.addr, TEST_ADDR_STR);
zero_port_ap.port = 0;
MOCK(connection_get_by_type_addr_port_purpose,
mock_connection_get_by_type_addr_port_purpose);
/* Test that we never get 1 from a NULL connection */
mocked_connection = NULL;
tt_assert(router_is_already_dir_fetching(&test_ap, 1, 1) == 0);
tt_assert(router_is_already_dir_fetching(&test_ap, 1, 0) == 0);
tt_assert(router_is_already_dir_fetching(&test_ap, 0, 1) == 0);
/* We always expect 0 in these cases */
tt_assert(router_is_already_dir_fetching(&test_ap, 0, 0) == 0);
tt_assert(router_is_already_dir_fetching(NULL, 1, 1) == 0);
tt_assert(router_is_already_dir_fetching(&null_addr_ap, 1, 1) == 0);
tt_assert(router_is_already_dir_fetching(&zero_port_ap, 1, 1) == 0);
/* Test that we get 1 with a connection in the appropriate circumstances */
mocked_connection = connection_new(CONN_TYPE_DIR, AF_INET);
tt_assert(router_is_already_dir_fetching(&test_ap, 1, 1) == 1);
tt_assert(router_is_already_dir_fetching(&test_ap, 1, 0) == 1);
tt_assert(router_is_already_dir_fetching(&test_ap, 0, 1) == 1);
/* Test that we get 0 even with a connection in the appropriate
* circumstances */
tt_assert(router_is_already_dir_fetching(&test_ap, 0, 0) == 0);
tt_assert(router_is_already_dir_fetching(NULL, 1, 1) == 0);
tt_assert(router_is_already_dir_fetching(&null_addr_ap, 1, 1) == 0);
tt_assert(router_is_already_dir_fetching(&zero_port_ap, 1, 1) == 0);
done:
/* If a connection is never set up, connection_free chokes on it. */
if (mocked_connection) {
buf_free(mocked_connection->inbuf);
buf_free(mocked_connection->outbuf);
}
tor_free(mocked_connection);
UNMOCK(connection_get_by_type_addr_port_purpose);
}
