/** Create routerstatuses and signed vote.
* Create routerstatuses using *vrs_gen* and add them to global routerlist.
* Next, create signed vote using *sign_skey* and *vote*, which should have
* predefined header fields.
* Setting *clear_rl* clears the global routerlist before adding the new
* routers.
* Return the signed vote, same as *vote_out*. Save the number of routers added
* in *n_vrs*.
*/
networkstatus_t *
dir_common_add_rs_and_parse(networkstatus_t *vote, networkstatus_t **vote_out,
vote_routerstatus_t * (*vrs_gen)(int idx, time_t now),
crypto_pk_t *sign_skey, int *n_vrs, time_t now,
int clear_rl)
{
vote_routerstatus_t *vrs;
char *v_text=NULL;
const char *msg=NULL;
int idx;
was_router_added_t router_added = -1;
*vote_out = NULL;
if (clear_rl) {
nodelist_free_all();
routerlist_free_all();
}
idx = 0;
do {
vrs = vrs_gen(idx, now);
if (vrs) {
smartlist_add(vote->routerstatus_list, vrs);
router_added =
router_add_to_routerlist(dir_common_generate_ri_from_rs(vrs),
&msg,0,0);
tt_assert(router_added >= 0);
++idx;
}
} while (vrs);
*n_vrs = idx;
/* dump the vote and try to parse it. */
v_text = format_networkstatus_vote(sign_skey, vote);
tt_assert(v_text);
*vote_out = networkstatus_parse_vote_from_string(v_text, NULL, NS_TYPE_VOTE);
done:
if (v_text)
tor_free(v_text);
return *vote_out;
}
int
fuzz_main(const uint8_t *data, size_t sz)
{
networkstatus_t *ns;
char *str = tor_memdup_nulterm(data, sz);
const char *eos = NULL;
networkstatus_type_t tp = NS_TYPE_CONSENSUS;
if (tor_memstr(data, MIN(sz, 1024), "tus vote"))
tp = NS_TYPE_VOTE;
const char *what = (tp == NS_TYPE_CONSENSUS) ? "consensus" : "vote";
ns = networkstatus_parse_vote_from_string(str,
&eos,
tp);
if (ns) {
log_debug(LD_GENERAL, "Parsing as %s okay", what);
networkstatus_vote_free(ns);
} else {
log_debug(LD_GENERAL, "Parsing as %s failed", what);
}
tor_free(str);
return 0;
}
static void
test_router_pick_directory_server_impl(void *arg)
{
(void)arg;
networkstatus_t *con_md = NULL;
char *consensus_text_md = NULL;
int flags = PDS_IGNORE_FASCISTFIREWALL|PDS_RETRY_IF_NO_SERVERS;
or_options_t *options = get_options_mutable();
const routerstatus_t *rs = NULL;
options->UseMicrodescriptors = 1;
char *router1_id = NULL, *router2_id = NULL, *router3_id = NULL;
node_t *node_router1 = NULL, *node_router2 = NULL, *node_router3 = NULL;
config_line_t *policy_line = NULL;
time_t now = time(NULL);
int tmp_dirport1, tmp_dirport3;
(void)arg;
MOCK(usable_consensus_flavor, mock_usable_consensus_flavor);
/* With no consensus, we must be bootstrapping, regardless of time or flavor
*/
mock_usable_consensus_flavor_value = FLAV_NS;
tt_assert(networkstatus_consensus_is_bootstrapping(now));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60));
tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60));
mock_usable_consensus_flavor_value = FLAV_MICRODESC;
tt_assert(networkstatus_consensus_is_bootstrapping(now));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60));
tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60));
/* No consensus available, fail early */
rs = router_pick_directory_server_impl(V3_DIRINFO, (const int) 0, NULL);
tt_assert(rs == NULL);
construct_consensus(&consensus_text_md);
tt_assert(consensus_text_md);
con_md = networkstatus_parse_vote_from_string(consensus_text_md, NULL,
NS_TYPE_CONSENSUS);
tt_assert(con_md);
tt_int_op(con_md->flavor,==, FLAV_MICRODESC);
tt_assert(con_md->routerstatus_list);
tt_int_op(smartlist_len(con_md->routerstatus_list), ==, 3);
tt_assert(!networkstatus_set_current_consensus_from_ns(con_md,
"microdesc"));
/* If the consensus time or flavor doesn't match, we are still
* bootstrapping */
mock_usable_consensus_flavor_value = FLAV_NS;
tt_assert(networkstatus_consensus_is_bootstrapping(now));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2000));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60));
tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60));
/* With a valid consensus for the current time and flavor, we stop
* bootstrapping, even if we have no certificates */
mock_usable_consensus_flavor_value = FLAV_MICRODESC;
tt_assert(!networkstatus_consensus_is_bootstrapping(now + 2000));
tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_after));
tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_until));
tt_assert(!networkstatus_consensus_is_bootstrapping(con_md->valid_until
+ 24*60*60));
/* These times are outside the test validity period */
tt_assert(networkstatus_consensus_is_bootstrapping(now));
tt_assert(networkstatus_consensus_is_bootstrapping(now + 2*24*60*60));
tt_assert(networkstatus_consensus_is_bootstrapping(now - 2*24*60*60));
nodelist_set_consensus(con_md);
nodelist_assert_ok();
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
/* We should not fail now we have a consensus and routerstatus_list
* and nodelist are populated. */
tt_assert(rs != NULL);
/* Manipulate the nodes so we get the dir server we expect */
router1_id = tor_malloc(DIGEST_LEN);
memset(router1_id, TEST_DIR_ROUTER_ID_1, DIGEST_LEN);
router2_id = tor_malloc(DIGEST_LEN);
memset(router2_id, TEST_DIR_ROUTER_ID_2, DIGEST_LEN);
router3_id = tor_malloc(DIGEST_LEN);
memset(router3_id, TEST_DIR_ROUTER_ID_3, DIGEST_LEN);
node_router1 = node_get_mutable_by_id(router1_id);
node_router2 = node_get_mutable_by_id(router2_id);
node_router3 = node_get_mutable_by_id(router3_id);
node_router1->is_possible_guard = 1;
node_router1->is_running = 0;
node_router3->is_running = 0;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router2_id, DIGEST_LEN));
rs = NULL;
node_router1->is_running = 1;
node_router3->is_running = 1;
node_router1->rs->is_v2_dir = 0;
node_router3->rs->is_v2_dir = 0;
tmp_dirport1 = node_router1->rs->dir_port;
tmp_dirport3 = node_router3->rs->dir_port;
node_router1->rs->dir_port = 0;
node_router3->rs->dir_port = 0;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router2_id, DIGEST_LEN));
rs = NULL;
node_router1->rs->is_v2_dir = 1;
node_router3->rs->is_v2_dir = 1;
node_router1->rs->dir_port = tmp_dirport1;
node_router3->rs->dir_port = tmp_dirport3;
node_router1->is_valid = 0;
node_router3->is_valid = 0;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router2_id, DIGEST_LEN));
rs = NULL;
node_router1->is_valid = 1;
node_router3->is_valid = 1;
flags |= PDS_FOR_GUARD;
node_router1->using_as_guard = 1;
node_router2->using_as_guard = 1;
node_router3->using_as_guard = 1;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs == NULL);
node_router1->using_as_guard = 0;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN));
rs = NULL;
node_router2->using_as_guard = 0;
node_router3->using_as_guard = 0;
/* One not valid, one guard. This should leave one remaining */
node_router1->is_valid = 0;
node_router2->using_as_guard = 1;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router3_id, DIGEST_LEN));
rs = NULL;
node_router1->is_valid = 1;
node_router2->using_as_guard = 0;
/* Manipulate overloaded */
node_router2->rs->last_dir_503_at = now;
node_router3->rs->last_dir_503_at = now;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN));
node_router2->rs->last_dir_503_at = 0;
node_router3->rs->last_dir_503_at = 0;
/* Set a Fascist firewall */
flags &= ~ PDS_IGNORE_FASCISTFIREWALL;
policy_line = tor_malloc_zero(sizeof(config_line_t));
policy_line->key = tor_strdup("ReachableORAddresses");
policy_line->value = tor_strdup("accept *:442, reject *:*");
options->ReachableORAddresses = policy_line;
policies_parse_from_options(options);
node_router1->rs->or_port = 444;
node_router2->rs->or_port = 443;
node_router3->rs->or_port = 442;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router3_id, DIGEST_LEN));
node_router1->rs->or_port = 442;
node_router2->rs->or_port = 443;
node_router3->rs->or_port = 444;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN));
/* Fascist firewall and overloaded */
node_router1->rs->or_port = 442;
node_router2->rs->or_port = 443;
node_router3->rs->or_port = 442;
node_router3->rs->last_dir_503_at = now;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN));
node_router3->rs->last_dir_503_at = 0;
/* Fascists against OR and Dir */
policy_line = tor_malloc_zero(sizeof(config_line_t));
policy_line->key = tor_strdup("ReachableAddresses");
policy_line->value = tor_strdup("accept *:80, reject *:*");
options->ReachableDirAddresses = policy_line;
policies_parse_from_options(options);
node_router1->rs->or_port = 442;
node_router2->rs->or_port = 441;
node_router3->rs->or_port = 443;
node_router1->rs->dir_port = 80;
node_router2->rs->dir_port = 80;
node_router3->rs->dir_port = 81;
node_router1->rs->last_dir_503_at = now;
rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
tt_assert(rs != NULL);
tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN));
node_router1->rs->last_dir_503_at = 0;
done:
UNMOCK(usable_consensus_flavor);
if (router1_id)
tor_free(router1_id);
if (router2_id)
tor_free(router2_id);
if (router3_id)
tor_free(router3_id);
if (options->ReachableORAddresses ||
options->ReachableDirAddresses)
policies_free_all();
tor_free(consensus_text_md);
networkstatus_vote_free(con_md);
}
