static void
test_rend_cache_failure_clean(void *data)
{
rend_cache_failure_t *failure;
rend_cache_failure_intro_t *ip_one, *ip_two;
const char key_one[DIGEST_LEN] = "ip1";
const char key_two[DIGEST_LEN] = "ip2";
(void)data;
rend_cache_init();
// Test with empty failure cache
rend_cache_failure_clean(time(NULL));
tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
// Test with one empty failure entry
failure = rend_cache_failure_entry_new();
strmap_set_lc(rend_cache_failure, "foo1", failure);
rend_cache_failure_clean(time(NULL));
tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
// Test with one new intro point
failure = rend_cache_failure_entry_new();
ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
digestmap_set(failure->intro_failures, key_one, ip_one);
strmap_set_lc(rend_cache_failure, "foo1", failure);
rend_cache_failure_clean(time(NULL));
tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 1);
// Test with one old intro point
rend_cache_failure_purge();
failure = rend_cache_failure_entry_new();
ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
ip_one->created_ts = time(NULL) - 7*60;
digestmap_set(failure->intro_failures, key_one, ip_one);
strmap_set_lc(rend_cache_failure, "foo1", failure);
rend_cache_failure_clean(time(NULL));
tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
// Test with one old intro point and one new one
rend_cache_failure_purge();
failure = rend_cache_failure_entry_new();
ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
ip_one->created_ts = time(NULL) - 7*60;
digestmap_set(failure->intro_failures, key_one, ip_one);
ip_two = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
ip_two->created_ts = time(NULL) - 2*60;
digestmap_set(failure->intro_failures, key_two, ip_two);
strmap_set_lc(rend_cache_failure, "foo1", failure);
rend_cache_failure_clean(time(NULL));
tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 1);
tt_int_op(digestmap_size(failure->intro_failures), OP_EQ, 1);
done:
rend_cache_free_all();
}
int
replaycache_add_and_test_internal(
time_t present, replaycache_t *r, const void *data, int len,
time_t *elapsed)
{
int rv = 0;
char digest[DIGEST_LEN];
time_t *access_time;
/* sanity check */
if (present <= 0 || !r || !data || len <= 0) {
log_info(LD_BUG, "replaycache_add_and_test_internal() called with stupid"
" parameters; please fix this.");
goto done;
}
/* compute digest */
crypto_digest(digest, (const char *)data, len);
/* check map */
access_time = digestmap_get(r->digests_seen, digest);
/* seen before? */
if (access_time != NULL) {
/*
* If it's far enough in the past, no hit. If the horizon is zero, we
* never expire.
*/
if (*access_time >= present - r->horizon || r->horizon == 0) {
/* replay cache hit, return 1 */
rv = 1;
/* If we want to output an elapsed time, do so */
if (elapsed) {
if (present >= *access_time) {
*elapsed = present - *access_time;
} else {
/* We shouldn't really be seeing hits from the future, but... */
*elapsed = 0;
}
}
}
/*
* If it's ahead of the cached time, update
*/
if (*access_time < present) {
*access_time = present;
}
} else {
/* No, so no hit and update the digest map with the current time */
access_time = tor_malloc(sizeof(*access_time));
*access_time = present;
digestmap_set(r->digests_seen, digest, access_time);
}
/* now scrub the cache if it's time */
replaycache_scrub_if_needed_internal(present, r);
done:
return rv;
}
static void
test_rend_cache_validate_intro_point_failure(void *data)
{
(void)data;
rend_service_descriptor_t *desc = NULL;
char *service_id = NULL;
rend_intro_point_t *intro = NULL;
const char *identity = NULL;
rend_cache_failure_t *failure;
rend_cache_failure_intro_t *ip;
rend_cache_init();
create_descriptor(&desc, &service_id, 3);
desc->timestamp = time(NULL) + RECENT_TIME;
intro = (rend_intro_point_t *)smartlist_get(desc->intro_nodes, 0);
identity = intro->extend_info->identity_digest;
failure = rend_cache_failure_entry_new();
ip = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
digestmap_set(failure->intro_failures, identity, ip);
strmap_set_lc(rend_cache_failure, service_id, failure);
// Test when we have an intro point in our cache
validate_intro_point_failure(desc, service_id);
tt_int_op(smartlist_len(desc->intro_nodes), OP_EQ, 2);
done:
rend_cache_free_all();
rend_service_descriptor_free(desc);
tor_free(service_id);
}
/** If conn is listed in orconn_identity_map, remove it, and clear
* conn->identity_digest. Otherwise do nothing. */
void
connection_or_remove_from_identity_map(or_connection_t *conn)
{
or_connection_t *tmp;
tor_assert(conn);
if (!orconn_identity_map)
return;
tmp = digestmap_get(orconn_identity_map, conn->identity_digest);
if (!tmp) {
if (!tor_digest_is_zero(conn->identity_digest)) {
log_warn(LD_BUG, "Didn't find connection '%s' on identity map when "
"trying to remove it.",
conn->nickname ? conn->nickname : "NULL");
}
return;
}
if (conn == tmp) {
if (conn->next_with_same_id)
digestmap_set(orconn_identity_map, conn->identity_digest,
conn->next_with_same_id);
else
digestmap_remove(orconn_identity_map, conn->identity_digest);
} else {
while (tmp->next_with_same_id) {
if (tmp->next_with_same_id == conn) {
tmp->next_with_same_id = conn->next_with_same_id;
break;
}
tmp = tmp->next_with_same_id;
}
}
memset(conn->identity_digest, 0, DIGEST_LEN);
conn->next_with_same_id = NULL;
}
/** Store a measured bandwidth cache entry when reading the measured
* bandwidths file. */
STATIC void
dirserv_cache_measured_bw(const measured_bw_line_t *parsed_line,
time_t as_of)
{
mbw_cache_entry_t *e = NULL;
tor_assert(parsed_line);
/* Allocate a cache if we need */
if (!mbw_cache) mbw_cache = digestmap_new();
/* Check if we have an existing entry */
e = digestmap_get(mbw_cache, parsed_line->node_id);
/* If we do, we can re-use it */
if (e) {
/* Check that we really are newer, and update */
if (as_of > e->as_of) {
e->mbw_kb = parsed_line->bw_kb;
e->as_of = as_of;
}
} else {
/* We'll have to insert a new entry */
e = tor_malloc(sizeof(*e));
e->mbw_kb = parsed_line->bw_kb;
e->as_of = as_of;
digestmap_set(mbw_cache, parsed_line->node_id, e);
}
}
/** Parse the string <b>s</b> to create a set of routerset entries, and add
* them to <b>target</b>. In log messages, refer to the string as
* <b>description</b>. Return 0 on success, -1 on failure.
*
* Three kinds of elements are allowed in routersets: nicknames, IP address
* patterns, and fingerprints. They may be surrounded by optional space, and
* must be separated by commas.
*/
int
routerset_parse(routerset_t *target, const char *s, const char *description)
{
int r = 0;
int added_countries = 0;
char *countryname;
smartlist_t *list = smartlist_new();
int malformed_list;
smartlist_split_string(list, s, ",",
SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
addr_policy_t *p;
/* if it doesn't pass our validation, assume it's malformed */
malformed_list = 1;
if (is_legal_hexdigest(nick)) {
char d[DIGEST_LEN];
if (*nick == '$')
++nick;
log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
digestmap_set(target->digests, d, (void*)1);
} else if (is_legal_nickname(nick)) {
log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
strmap_set_lc(target->names, nick, (void*)1);
} else if ((countryname = routerset_get_countryname(nick)) != NULL) {
log_debug(LD_CONFIG, "Adding country %s to %s", nick,
description);
smartlist_add(target->country_names, countryname);
added_countries = 1;
} else if ((strchr(nick,'.') || strchr(nick, ':') || strchr(nick, '*'))
&& (p = router_parse_addr_policy_item_from_string(
nick, ADDR_POLICY_REJECT,
&malformed_list))) {
/* IPv4 addresses contain '.', IPv6 addresses contain ':',
* and wildcard addresses contain '*'. */
log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
smartlist_add(target->policies, p);
} else if (malformed_list) {
log_warn(LD_CONFIG, "Entry '%s' in %s is malformed. Discarding entire"
" list.", nick, description);
r = -1;
tor_free(nick);
SMARTLIST_DEL_CURRENT(list, nick);
} else {
log_notice(LD_CONFIG, "Entry '%s' in %s is ignored. Using the"
" remainder of the list.", nick, description);
tor_free(nick);
SMARTLIST_DEL_CURRENT(list, nick);
}
} SMARTLIST_FOREACH_END(nick);
static void
NS(test_main)(void *arg)
{
routerset_t *set = routerset_new();
int contains;
uint8_t bar[20] = { 9, 10, 11, 55 };
(void)arg;
digestmap_set(set->digests, (const char*)bar, (void *)1);
contains = routerset_contains(set, NULL, 0, NULL, NULL, 0);
routerset_free(set);
tt_int_op(contains, ==, 0);
done:
;
}
static void
NS(test_main)(void *arg)
{
routerset_t *set = routerset_new();
int contains;
uint8_t foo[20] = { 2, 3, 4 };
(void)arg;
digestmap_set(set->digests, (const char*)foo, (void *)1);
contains = routerset_contains(set, NULL, 0, NULL, (const char*)foo, 0);
routerset_free(set);
tt_int_op(contains, ==, 4);
done:
;
}
/* Add the given <b>commit</b> to <b>state</b>. It MUST be a valid commit
* and there shouldn't be a commit from the same authority in the state
* already else verification hasn't been done prior. This takes ownership of
* the commit once in our state. */
static void
commit_add_to_state(sr_commit_t *commit, sr_state_t *state)
{
sr_commit_t *saved_commit;
tor_assert(commit);
tor_assert(state);
saved_commit = digestmap_set(state->commits, commit->rsa_identity,
commit);
if (saved_commit != NULL) {
/* This means we already have that commit in our state so adding twice
* the same commit is either a code flow error, a corrupted disk state
* or some new unknown issue. */
log_warn(LD_DIR, "SR: Commit from %s exists in our state while "
"adding it: '%s'", sr_commit_get_rsa_fpr(commit),
commit->encoded_commit);
sr_commit_free(saved_commit);
}
}
static void
test_rend_cache_failure_intro_lookup(void *data)
{
(void)data;
int ret;
rend_cache_failure_t *failure;
rend_cache_failure_intro_t *ip;
rend_cache_failure_intro_t *entry;
const char key_ip_one[DIGEST_LEN] = "ip1";
const char key_ip_two[DIGEST_LEN] = "ip2";
const char key_foo[DIGEST_LEN] = "foo1";
rend_cache_init();
failure = rend_cache_failure_entry_new();
ip = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
digestmap_set(failure->intro_failures, key_ip_one, ip);
strmap_set_lc(rend_cache_failure, "foo1", failure);
// Test not found
ret = cache_failure_intro_lookup((const uint8_t *) key_foo, "foo2", NULL);
tt_int_op(ret, OP_EQ, 0);
// Test found with no intro failures in it
ret = cache_failure_intro_lookup((const uint8_t *) key_ip_two, "foo1", NULL);
tt_int_op(ret, OP_EQ, 0);
// Test found
ret = cache_failure_intro_lookup((const uint8_t *) key_ip_one, "foo1", NULL);
tt_int_op(ret, OP_EQ, 1);
// Test found and asking for entry
cache_failure_intro_lookup((const uint8_t *) key_ip_one, "foo1", &entry);
tt_assert(entry);
tt_assert(entry == ip);
done:
rend_cache_free_all();
}
/** Parse the string <b>s</b> to create a set of routerset entries, and add
* them to <b>target</b>. In log messages, refer to the string as
* <b>description</b>. Return 0 on success, -1 on failure.
*
* Three kinds of elements are allowed in routersets: nicknames, IP address
* patterns, and fingerprints. They may be surrounded by optional space, and
* must be separated by commas.
*/
int
routerset_parse(routerset_t *target, const char *s, const char *description)
{
int r = 0;
int added_countries = 0;
char *countryname;
smartlist_t *list = smartlist_new();
smartlist_split_string(list, s, ",",
SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
addr_policy_t *p;
if (is_legal_hexdigest(nick)) {
char d[DIGEST_LEN];
if (*nick == '$')
++nick;
log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
digestmap_set(target->digests, d, (void*)1);
} else if (is_legal_nickname(nick)) {
log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
strmap_set_lc(target->names, nick, (void*)1);
} else if ((countryname = routerset_get_countryname(nick)) != NULL) {
log_debug(LD_CONFIG, "Adding country %s to %s", nick,
description);
smartlist_add(target->country_names, countryname);
added_countries = 1;
} else if ((strchr(nick,'.') || strchr(nick, '*')) &&
(p = router_parse_addr_policy_item_from_string(
nick, ADDR_POLICY_REJECT))) {
log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
smartlist_add(target->policies, p);
} else {
log_warn(LD_CONFIG, "Entry '%s' in %s is malformed.", nick,
description);
r = -1;
tor_free(nick);
SMARTLIST_DEL_CURRENT(list, nick);
}
} SMARTLIST_FOREACH_END(nick);
static void
test_rend_cache_clean_v2_descs_as_dir(void *data)
{
rend_cache_entry_t *e;
time_t now, cutoff;
rend_service_descriptor_t *desc;
now = time(NULL);
cutoff = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW);
const char key[DIGEST_LEN] = "abcde";
(void)data;
rend_cache_init();
// Test running with an empty cache
rend_cache_clean_v2_descs_as_dir(cutoff);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
// Test with only one new entry
e = tor_malloc_zero(sizeof(rend_cache_entry_t));
e->last_served = now;
desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
desc->timestamp = now;
desc->pk = pk_generate(0);
e->parsed = desc;
digestmap_set(rend_cache_v2_dir, key, e);
/* Set the cutoff to minus 10 seconds. */
rend_cache_clean_v2_descs_as_dir(cutoff - 10);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1);
// Test with one old entry
desc->timestamp = cutoff - 1000;
rend_cache_clean_v2_descs_as_dir(cutoff);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
done:
rend_cache_free_all();
}
static void
test_rend_cache_clean_v2_descs_as_dir(void *data)
{
rend_cache_entry_t *e;
time_t now;
rend_service_descriptor_t *desc;
now = time(NULL);
const char key[DIGEST_LEN] = "abcde";
(void)data;
rend_cache_init();
// Test running with an empty cache
rend_cache_clean_v2_descs_as_dir(now, 0);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
// Test with only one new entry
e = tor_malloc_zero(sizeof(rend_cache_entry_t));
e->last_served = now;
desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
desc->timestamp = now;
desc->pk = pk_generate(0);
e->parsed = desc;
digestmap_set(rend_cache_v2_dir, key, e);
rend_cache_clean_v2_descs_as_dir(now, 0);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1);
// Test with one old entry
desc->timestamp = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW + 1000);
rend_cache_clean_v2_descs_as_dir(now, 0);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
// Test with one entry that has an old last served
e = tor_malloc_zero(sizeof(rend_cache_entry_t));
e->last_served = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW + 1000);
desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
desc->timestamp = now;
desc->pk = pk_generate(0);
e->parsed = desc;
digestmap_set(rend_cache_v2_dir, key, e);
rend_cache_clean_v2_descs_as_dir(now, 0);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
// Test a run through asking for a large force_remove
e = tor_malloc_zero(sizeof(rend_cache_entry_t));
e->last_served = now;
desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
desc->timestamp = now;
desc->pk = pk_generate(0);
e->parsed = desc;
digestmap_set(rend_cache_v2_dir, key, e);
rend_cache_clean_v2_descs_as_dir(now, 20000);
tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1);
done:
rend_cache_free_all();
}
