static void test_storagedir_full(void *arg) { (void)arg; char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; const char str[] = "enemies of the peephole"; int r; d = storage_dir_new(dirname, 3); tt_assert(d); r = storage_dir_save_string_to_file(d, str, 1, NULL); tt_int_op(r, OP_EQ, 0); r = storage_dir_save_string_to_file(d, str, 1, NULL); tt_int_op(r, OP_EQ, 0); r = storage_dir_save_string_to_file(d, str, 1, NULL); tt_int_op(r, OP_EQ, 0); // These should fail! r = storage_dir_save_string_to_file(d, str, 1, NULL); tt_int_op(r, OP_EQ, -1); r = storage_dir_save_string_to_file(d, str, 1, NULL); tt_int_op(r, OP_EQ, -1); tt_u64_op(strlen(str) * 3, OP_EQ, storage_dir_get_usage(d)); done: tor_free(dirname); storage_dir_free(d); }
static void test_storagedir_empty(void *arg) { char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; (void)arg; tt_int_op(FN_NOENT, OP_EQ, file_status(dirname)); d = storage_dir_new(dirname, 10); tt_assert(d); tt_int_op(FN_DIR, OP_EQ, file_status(dirname)); tt_int_op(0, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(0, OP_EQ, storage_dir_get_usage(d)); storage_dir_free(d); d = storage_dir_new(dirname, 10); tt_assert(d); tt_int_op(FN_DIR, OP_EQ, file_status(dirname)); tt_int_op(0, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(0, OP_EQ, storage_dir_get_usage(d)); done: storage_dir_free(d); tor_free(dirname); }
static void test_storagedir_deletion(void *arg) { (void)arg; char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; char *fn1 = NULL, *fn2 = NULL; char *bytes = NULL; int r; const char str1[] = "There are nine and sixty ways to disguise communiques"; const char str2[] = "And rather more than one of them is right"; // Make sure the directory is there. */ d = storage_dir_new(dirname, 10); storage_dir_free(d); d = NULL; tor_asprintf(&fn1, "%s/1007", dirname); r = write_str_to_file(fn1, str1, 0); tt_int_op(r, OP_EQ, 0); tor_asprintf(&fn2, "%s/1003.tmp", dirname); r = write_str_to_file(fn2, str2, 0); tt_int_op(r, OP_EQ, 0); // The tempfile should be deleted the next time we list the directory. d = storage_dir_new(dirname, 10); tt_int_op(1, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(strlen(str1), OP_EQ, storage_dir_get_usage(d)); tt_int_op(FN_FILE, OP_EQ, file_status(fn1)); tt_int_op(FN_NOENT, OP_EQ, file_status(fn2)); bytes = (char*) storage_dir_read(d, "1007", 1, NULL); tt_str_op(bytes, OP_EQ, str1); // Should have no effect; file already gone. storage_dir_remove_file(d, "1003.tmp"); tt_int_op(1, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(strlen(str1), OP_EQ, storage_dir_get_usage(d)); // Actually remove a file. storage_dir_remove_file(d, "1007"); tt_int_op(FN_NOENT, OP_EQ, file_status(fn1)); tt_int_op(0, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(0, OP_EQ, storage_dir_get_usage(d)); done: tor_free(dirname); tor_free(fn1); tor_free(fn2); storage_dir_free(d); tor_free(bytes); }
static void test_storagedir_save_labeled(void *arg) { (void)arg; char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; uint8_t *inp = tor_malloc_zero(8192); config_line_t *labels = NULL; char *fname = NULL; uint8_t *saved = NULL; d = storage_dir_new(dirname, 10); tt_assert(d); crypto_rand((char *)inp, 8192); config_line_append(&labels, "Foo", "bar baz"); config_line_append(&labels, "quux", "quuzXxz"); const char expected[] = "Foo bar baz\n" "quux quuzXxz\n"; int r = storage_dir_save_labeled_to_file(d, labels, inp, 8192, &fname); tt_int_op(r, OP_EQ, 0); size_t n = 0; saved = storage_dir_read(d, fname, 1, &n); tt_assert(memchr(saved, '\0', n)); tt_str_op((char*)saved, OP_EQ, expected); /* NUL guarantees strcmp works */ tt_mem_op(saved+strlen(expected)+1, OP_EQ, inp, 8192); done: storage_dir_free(d); tor_free(dirname); tor_free(inp); tor_free(fname); config_free_lines(labels); tor_free(saved); }
/* Test that single onion poisoning works. */ static void test_single_onion_poisoning(void *arg) { or_options_t opt; mock_options = &opt; reset_options(mock_options, &mock_get_options_calls); MOCK(get_options, mock_get_options); int ret = -1; intptr_t create_dir_mask = (intptr_t)arg; /* Get directories with a random suffix so we can repeat the tests */ mock_options->DataDirectory = tor_strdup(get_fname_rnd("test_data_dir")); rend_service_t *service_1 = tor_malloc_zero(sizeof(rend_service_t)); char *dir1 = tor_strdup(get_fname_rnd("test_hs_dir1")); rend_service_t *service_2 = tor_malloc_zero(sizeof(rend_service_t)); char *dir2 = tor_strdup(get_fname_rnd("test_hs_dir2")); smartlist_t *services = smartlist_new(); char *poison_path = NULL; char *err_msg = NULL; mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; /* Create the data directory, and, if the correct bit in arg is set, * create a directory for that service. * The data directory is required for the lockfile, which is used when * loading keys. */ ret = check_private_dir(mock_options->DataDirectory, CPD_CREATE, NULL); tt_int_op(ret, OP_EQ, 0); if (create_dir_mask & CREATE_HS_DIR1) { ret = check_private_dir(dir1, CPD_CREATE, NULL); tt_int_op(ret, OP_EQ, 0); } if (create_dir_mask & CREATE_HS_DIR2) { ret = check_private_dir(dir2, CPD_CREATE, NULL); tt_int_op(ret, OP_EQ, 0); } service_1->directory = dir1; service_2->directory = dir2; /* The services own the directory pointers now */ dir1 = dir2 = NULL; /* Add port to service 1 */ service_1->ports = smartlist_new(); service_2->ports = smartlist_new(); rend_service_port_config_t *port1 = rend_service_parse_port_config("80", " ", &err_msg); tt_assert(port1); tt_ptr_op(err_msg, OP_EQ, NULL); smartlist_add(service_1->ports, port1); rend_service_port_config_t *port2 = rend_service_parse_port_config("90", " ", &err_msg); /* Add port to service 2 */ tt_assert(port2); tt_ptr_op(err_msg, OP_EQ, NULL); smartlist_add(service_2->ports, port2); /* No services, a service to verify, no problem! */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Either way, no problem. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Add the first service */ ret = hs_check_service_private_dir(mock_options->User, service_1->directory, service_1->dir_group_readable, 1); tt_int_op(ret, OP_EQ, 0); smartlist_add(services, service_1); /* But don't add the second service yet. */ /* Service directories, but no previous keys, no problem! */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Either way, no problem. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Poison! Poison! Poison! * This can only be done in HiddenServiceSingleHopMode. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_poison_new_single_onion_dir(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); /* Poisoning twice is a no-op. */ ret = rend_service_poison_new_single_onion_dir(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); /* Poisoned service directories, but no previous keys, no problem! */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Either way, no problem. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Now add some keys, and we'll have a problem. */ ret = rend_service_load_all_keys(services); tt_int_op(ret, OP_EQ, 0); /* Poisoned service directories with previous keys are not allowed. */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_LT, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* But they are allowed if we're in non-anonymous mode. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Re-poisoning directories with existing keys is a no-op, because * directories with existing keys are ignored. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_poison_new_single_onion_dir(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); /* And it keeps the poison. */ ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Now add the second service: it has no key and no poison file */ ret = hs_check_service_private_dir(mock_options->User, service_2->directory, service_2->dir_group_readable, 1); tt_int_op(ret, OP_EQ, 0); smartlist_add(services, service_2); /* A new service, and an existing poisoned service. Not ok. */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_LT, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* But ok to add in non-anonymous mode. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Now remove the poisoning from the first service, and we have the opposite * problem. */ poison_path = rend_service_sos_poison_path(service_1); tt_assert(poison_path); ret = unlink(poison_path); tt_int_op(ret, OP_EQ, 0); /* Unpoisoned service directories with previous keys are ok, as are empty * directories. */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* But the existing unpoisoned key is not ok in non-anonymous mode, even if * there is an empty service. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_LT, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Poisoning directories with existing keys is a no-op, because directories * with existing keys are ignored. But the new directory should poison. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_poison_new_single_onion_dir(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_poison_new_single_onion_dir(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* And the old directory remains unpoisoned. */ ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_LT, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* And the new directory should be ignored, because it has no key. */ mock_options->HiddenServiceSingleHopMode = 0; mock_options->HiddenServiceNonAnonymousMode = 0; ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* Re-poisoning directories without existing keys is a no-op. */ mock_options->HiddenServiceSingleHopMode = 1; mock_options->HiddenServiceNonAnonymousMode = 1; ret = rend_service_poison_new_single_onion_dir(service_1, mock_options); tt_int_op(ret, OP_EQ, 0); ret = rend_service_poison_new_single_onion_dir(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); /* And the old directory remains unpoisoned. */ ret = rend_service_verify_single_onion_poison(service_1, mock_options); tt_int_op(ret, OP_LT, 0); ret = rend_service_verify_single_onion_poison(service_2, mock_options); tt_int_op(ret, OP_EQ, 0); done: /* The test harness deletes the directories at exit */ tor_free(poison_path); tor_free(dir1); tor_free(dir2); smartlist_free(services); rend_service_free(service_1); rend_service_free(service_2); UNMOCK(get_options); tor_free(mock_options->DataDirectory); tor_free(err_msg); }
static void test_storagedir_basic(void *arg) { char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; uint8_t *junk = NULL, *bytes = NULL; const size_t junklen = 1024; char *fname1 = NULL, *fname2 = NULL; const char hello_str[] = "then what are we but cold, alone ... ?"; tor_mmap_t *mapping = NULL; (void)arg; junk = tor_malloc(junklen); crypto_rand((void*)junk, junklen); d = storage_dir_new(dirname, 10); tt_assert(d); tt_u64_op(0, OP_EQ, storage_dir_get_usage(d)); int r; r = storage_dir_save_string_to_file(d, hello_str, 1, &fname1); tt_int_op(r, OP_EQ, 0); tt_ptr_op(fname1, OP_NE, NULL); tt_u64_op(strlen(hello_str), OP_EQ, storage_dir_get_usage(d)); r = storage_dir_save_bytes_to_file(d, junk, junklen, 1, &fname2); tt_int_op(r, OP_EQ, 0); tt_ptr_op(fname2, OP_NE, NULL); tt_str_op(fname1, OP_NE, fname2); tt_int_op(2, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(junklen + strlen(hello_str), OP_EQ, storage_dir_get_usage(d)); tt_assert(smartlist_contains_string(storage_dir_list(d), fname1)); tt_assert(smartlist_contains_string(storage_dir_list(d), fname2)); storage_dir_free(d); d = storage_dir_new(dirname, 10); tt_assert(d); tt_int_op(2, OP_EQ, smartlist_len(storage_dir_list(d))); tt_u64_op(junklen + strlen(hello_str), OP_EQ, storage_dir_get_usage(d)); tt_assert(smartlist_contains_string(storage_dir_list(d), fname1)); tt_assert(smartlist_contains_string(storage_dir_list(d), fname2)); size_t n; bytes = storage_dir_read(d, fname2, 1, &n); tt_assert(bytes); tt_u64_op(n, OP_EQ, junklen); tt_mem_op(bytes, OP_EQ, junk, junklen); mapping = storage_dir_map(d, fname1); tt_assert(mapping); tt_u64_op(mapping->size, OP_EQ, strlen(hello_str)); tt_mem_op(mapping->data, OP_EQ, hello_str, strlen(hello_str)); done: tor_free(dirname); tor_free(junk); tor_free(bytes); tor_munmap_file(mapping); storage_dir_free(d); tor_free(fname1); tor_free(fname2); }
static void test_storagedir_read_labeled(void *arg) { (void)arg; char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; uint8_t *inp = tor_malloc_zero(8192); config_line_t *labels = NULL, *labels2 = NULL; char *fname = NULL; tor_mmap_t *map = NULL; uint8_t *as_read = NULL; d = storage_dir_new(dirname, 10); tt_assert(d); tor_snprintf((char*)inp, 8192, "Hello world\n" "This is a test\n" "Yadda yadda.\n"); size_t bodylen = 8192 - strlen((char*)inp) - 1; crypto_rand((char *)inp+strlen((char*)inp)+1, bodylen); int r = storage_dir_save_bytes_to_file(d, inp, 8192, 1, &fname); tt_int_op(r, OP_EQ, 0); /* Try mapping */ const uint8_t *datap = NULL; size_t sz = 0; map = storage_dir_map_labeled(d, fname, &labels, &datap, &sz); tt_assert(map); tt_assert(datap); tt_u64_op(sz, OP_EQ, bodylen); tt_mem_op(datap, OP_EQ, inp+strlen((char*)inp)+1, bodylen); tt_assert(labels); tt_str_op(labels->key, OP_EQ, "Hello"); tt_str_op(labels->value, OP_EQ, "world"); tt_assert(labels->next); tt_str_op(labels->next->key, OP_EQ, "This"); tt_str_op(labels->next->value, OP_EQ, "is a test"); tt_assert(labels->next->next); tt_str_op(labels->next->next->key, OP_EQ, "Yadda"); tt_str_op(labels->next->next->value, OP_EQ, "yadda."); tt_ptr_op(labels->next->next->next, OP_EQ, NULL); /* Try reading this time. */ sz = 0; as_read = storage_dir_read_labeled(d, fname, &labels2, &sz); tt_assert(as_read); tt_u64_op(sz, OP_EQ, bodylen); tt_mem_op(as_read, OP_EQ, inp+strlen((char*)inp)+1, bodylen); tt_assert(config_lines_eq(labels, labels2)); done: storage_dir_free(d); tor_free(dirname); tor_free(inp); tor_free(fname); config_free_lines(labels); config_free_lines(labels2); tor_munmap_file(map); tor_free(as_read); }
static void test_storagedir_cleaning(void *arg) { (void)arg; char *dirname = tor_strdup(get_fname_rnd("store_dir")); storage_dir_t *d = NULL; const char str[] = "On a mountain halfway between Reno and Rome / " "We have a machine in a plexiglass dome / " "Which listens and looks into everyone's home." " -- Dr. Seuss"; char *fns[8]; int r, i; memset(fns, 0, sizeof(fns)); d = storage_dir_new(dirname, 10); tt_assert(d); for (i = 0; i < 8; ++i) { r = storage_dir_save_string_to_file(d, str+i*2, 1, &fns[i]); tt_int_op(r, OP_EQ, 0); } /* Now we're going to make sure all the files have distinct mtimes. */ time_t now = time(NULL); struct utimbuf ub; ub.actime = now; ub.modtime = now - 1000; for (i = 0; i < 8; ++i) { char *f = NULL; tor_asprintf(&f, "%s/%s", dirname, fns[i]); r = utime(f, &ub); tor_free(f); tt_int_op(r, OP_EQ, 0); ub.modtime += 5; } const uint64_t usage_orig = storage_dir_get_usage(d); /* No changes needed if we are already under target. */ storage_dir_shrink(d, 1024*1024, 0); tt_u64_op(usage_orig, OP_EQ, storage_dir_get_usage(d)); /* Get rid of at least one byte. This will delete fns[0]. */ storage_dir_shrink(d, usage_orig - 1, 0); tt_u64_op(usage_orig, OP_GT, storage_dir_get_usage(d)); tt_u64_op(usage_orig - strlen(str), OP_EQ, storage_dir_get_usage(d)); /* Get rid of at least two files. This will delete fns[1] and fns[2]. */ storage_dir_shrink(d, 1024*1024, 2); tt_u64_op(usage_orig - strlen(str)*3 + 6, OP_EQ, storage_dir_get_usage(d)); /* Get rid of everything. */ storage_dir_remove_all(d); tt_u64_op(0, OP_EQ, storage_dir_get_usage(d)); done: tor_free(dirname); storage_dir_free(d); for (i = 0; i < 8; ++i) { tor_free(fns[i]); } }