Commit 6ac42f5e authored by Nick Mathewson's avatar Nick Mathewson 👁
Browse files

Make testcases run again; more sanity checking to descriptor generation.


svn:r532
parent 7f10126a
......@@ -44,7 +44,6 @@ ARMA . find an application that uses half-open connections: openssh
NICK - instruments ORs to report stats
- average cell fullness
- average bandwidth used
- others?
. integrate rep_ok functions, see what breaks
ARMA - configure log files. separate log file, separate severities.
ARMA - what assumptions break if we fclose(0) when we daemonize?
......
......@@ -441,7 +441,7 @@ which reveals the downstream node.
(Unless otherwise noted, tokens on the same line are space-separated.)
Router ::= Router-Line Date-Line Onion-Key Link-Key Signing-Key Exit-Policy Router-Signature NL
Router-Line ::= "router" address ORPort APPort DirPort bandwidth NL
Router-Line ::= "router" nickname address ORPort APPort DirPort bandwidth NL
Date-Line ::= "published" YYYY-MM-DD HH:MM:SS NL
Onion-key ::= "onion-key" NL a public key in PEM format NL
Link-key ::= "link-key" NL a public key in PEM format NL
......@@ -457,9 +457,11 @@ APPort ::= where the router listens for applications (speaking socks)
DirPort ::= where the router listens for directory download requests
bandwidth ::= maximum bandwidth, in bytes/s
nickname ::= between 1 and 32 alphanumeric characters. case-insensitive.
Example:
router moria.mit.edu 9001 9021 9031 100000
router moria1 moria.mit.edu 9001 9021 9031 100000
published 2003-09-24 19:36:05
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAMBBuk1sYxEg5jLAJy86U3GGJ7EGMSV7yoA6mmcsEVU3pwTUrpbpCmwS
7BvovoY3z4zk63NZVBErgKQUDkn3pp8n83xZgEf4GI27gdWIIwaBjEimuJlEY+7K
......
......@@ -12,6 +12,9 @@
#include "util.h"
#include "log.h"
#ifdef HAVE_UNAME
#include <sys/utsname.h>
#endif
/*
* Memory
......@@ -480,3 +483,28 @@ try_next_line:
return 1;
}
static char uname_result[256];
static int uname_result_is_set = 0;
const char *
get_uname(void)
{
#ifdef HAVE_UNAME
struct utsname u;
#endif
if (!uname_result_is_set) {
#ifdef HAVE_UNAME
if (!uname((&u))) {
snprintf(uname_result, 255, "%s %s %s %s %s",
u.sysname, u.nodename, u.release, u.version, u.machine);
uname_result[255] = '\0';
} else
#endif
{
strcpy(uname_result, "Unknown platform");
}
uname_result_is_set = 1;
}
return uname_result;
}
......@@ -72,6 +72,8 @@ void spawn_exit();
int tor_socketpair(int family, int type, int protocol, int fd[2]);
const char *get_uname(void);
/* For stupid historical reasons, windows sockets have an independent set of
* errnos which they use as the fancy strikes them.
*/
......
......@@ -13,9 +13,6 @@
*/
#include "or.h"
#ifdef HAVE_UNAME
#include <sys/utsname.h>
#endif
/****************************************************************************/
......@@ -771,6 +768,8 @@ routerinfo_t *router_get_entry_from_string(char**s) {
directory_token_t *tok = &_tok;
struct tm published;
int t;
#define NEXT_TOKEN() \
do { if (router_get_next_token(s, tok)) { \
log_fn(LOG_WARNING, "Error reading directory: %s", tok->val.error);\
......@@ -779,8 +778,10 @@ routerinfo_t *router_get_entry_from_string(char**s) {
#define ARGS tok->val.cmd.args
if (router_get_router_hash(*s, digest) < 0)
if (router_get_router_hash(*s, digest) < 0) {
log_fn(LOG_WARNING, "Couldn't compute router hash.");
return NULL;
}
NEXT_TOKEN();
......@@ -802,11 +803,15 @@ routerinfo_t *router_get_entry_from_string(char**s) {
}
if (!(router->nickname = strdup(ARGS[0])))
goto err;
if (strlen(router->nickname) > MAX_NICKNAME_LEN)
if (strlen(router->nickname) > MAX_NICKNAME_LEN) {
log_fn(LOG_WARNING,"Router nickname too long.");
goto err;
}
if (strspn(router->nickname, LEGAL_NICKNAME_CHARACTERS) !=
strlen(router->nickname))
strlen(router->nickname)) {
log_fn(LOG_WARNING, "Router nickname contains illegal characters.");
goto err;
}
/* read router.address */
if (!(router->address = strdup(ARGS[1])))
......@@ -830,6 +835,7 @@ routerinfo_t *router_get_entry_from_string(char**s) {
router->bandwidth = atoi(ARGS[5]);
if (!router->bandwidth) {
log_fn(LOG_WARNING,"bandwidth unreadable or 0. Failing.");
goto err;
}
log_fn(LOG_DEBUG,"or_port %d, ap_port %d, dir_port %d, bandwidth %d.",
......@@ -900,9 +906,9 @@ routerinfo_t *router_get_entry_from_string(char**s) {
}
assert (router->identity_pkey);
if (crypto_pk_public_checksig(router->identity_pkey, tok->val.signature,
128, signed_digest) != 20) {
log_fn(LOG_WARNING, "Invalid signature");
if ((t=crypto_pk_public_checksig(router->identity_pkey, tok->val.signature,
128, signed_digest)) != 20) {
log_fn(LOG_WARNING, "Invalid signature %d",t);
goto err;
}
if (memcmp(digest, signed_digest, 20)) {
......@@ -1082,20 +1088,12 @@ int router_rebuild_descriptor(void) {
static void get_platform_str(char *platform, int len)
{
#ifdef HAVE_UNAME
struct utsname u;
if (!uname(&u)) {
snprintf(platform, len-1, "Tor %s on %s %s %s %s %s",
VERSION, u.sysname, u.nodename, u.release, u.version, u.machine);
platform[len-1] = '\0';
return;
} else
#endif
{
snprintf(platform, len-1, "Tor %s", VERSION);
}
snprintf(platform, len-1, "Tor %s on %s", VERSION, get_uname());
platform[len-1] = '\0';
return;
}
#define DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
crypto_pk_env_t *ident_key) {
char *onion_pkey;
......@@ -1109,9 +1107,18 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
int written;
int result=0;
struct exit_policy_t *tmpe;
#ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
char *s_tmp, *s_dup;
routerinfo_t *ri_tmp;
#endif
get_platform_str(platform, sizeof(platform));
if (crypto_pk_cmp_keys(ident_key, router->identity_pkey)) {
log_fn(LOG_WARNING,"Tried to sign a router with a private key that didn't match router's public key!");
return -1;
}
if(crypto_pk_write_public_key_to_string(router->onion_pkey,
&onion_pkey,&onion_pkeylen)<0) {
log_fn(LOG_WARNING,"write onion_pkey to string failed!");
......@@ -1196,6 +1203,19 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
/* include a last '\n' */
s[written] = '\n';
s[written+1] = 0;
#ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
s_tmp = s_dup = strdup(s);
ri_tmp = router_get_entry_from_string(&s_tmp);
if (!ri_tmp) {
log_fn(LOG_ERR, "We just generated a router descriptor we can't parse: <<%s>>",
s);
return -1;
}
free(s_dup);
routerinfo_free(ri_tmp);
#endif
return written+1;
}
......
......@@ -490,11 +490,6 @@ test_onion_handshake() {
crypto_free_pk_env(pk);
}
/* from main.c */
int dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
crypto_pk_env_t *ident_key);
void dump_directory_to_string(char *s, int maxlen);
/* from routers.c */
int compare_recommended_versions(char *myversion, char *start);
......@@ -528,6 +523,7 @@ test_dir_format()
r1.link_pkey = pk3;
r1.bandwidth = 1000;
r1.exit_policy = NULL;
r1.nickname = "Magri";
ex1.policy_type = EXIT_POLICY_ACCEPT;
ex1.string = NULL;
......@@ -556,8 +552,15 @@ test_dir_format()
&pk2_str_len));
test_assert(!crypto_pk_write_public_key_to_string(pk3 , &pk3_str,
&pk3_str_len));
memset(buf, 0, 2048);
log_set_severity(LOG_WARNING);
test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
strcpy(buf2, "router testaddr1.foo.bar 9000 9002 9003 1000\n"
strcpy(buf2, "router Magri testaddr1.foo.bar 9000 9002 9003 1000\n"
"platform Tor "VERSION" on ");
strcat(buf2, get_uname());
strcat(buf2, "\n"
"published 1970-01-01 00:00:00\n"
"onion-key\n");
strcat(buf2, pk1_str);
......@@ -566,13 +569,11 @@ test_dir_format()
strcat(buf2, "signing-key\n");
strcat(buf2, pk2_str);
strcat(buf2, "router-signature\n");
buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same twice*/
memset(buf, 0, 2048);
test_assert(dump_router_to_string(buf, 2048, &r1, pk1)>0);
buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same 2ce*/
test_streq(buf, buf2);
test_assert(dump_router_to_string(buf, 2048, &r1, pk1)>0);
test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
cp = buf;
rp1 = router_get_entry_from_string(&cp);
test_assert(rp1);
......@@ -586,13 +587,14 @@ test_dir_format()
test_assert(crypto_pk_cmp_keys(rp1->identity_pkey, pk2) == 0);
test_assert(rp1->exit_policy == NULL);
#if 0
#if 0
/* XXX Once we have exit policies, test this again. XXX */
strcpy(buf2, "router tor.tor.tor 9005 0 0 3000\n");
strcat(buf2, pk2_str);
strcat(buf2, "signing-key\n");
strcat(buf2, pk1_str);
strcat(buf2, "accept *:80\nreject 18.*:24\n\n");
test_assert(dump_router_to_string(buf, 2048, &r2, pk2)>0);
test_assert(router_dump_router_to_string(buf, 2048, &r2, pk2)>0);
test_streq(buf, buf2);
cp = buf;
......@@ -616,6 +618,10 @@ test_dir_format()
test_assert(rp2->exit_policy->next->next == NULL);
#endif
#if 0
/* XXX To re-enable this test, we need to separate directory generation
* XXX from the directory backend again. Do this the next time we have
* XXX directory trouble. */
/* Okay, now for the directories. */
dir1 = (directory_t*) tor_malloc(sizeof(directory_t));
dir1->n_routers = 2;
......@@ -627,7 +633,8 @@ test_dir_format()
test_assert(! router_get_dir_from_string_impl(buf, &dir2, pk1));
test_eq(2, dir2->n_routers);
#endif
if (pk1_str) free(pk1_str);
if (pk2_str) free(pk2_str);
if (pk1) crypto_free_pk_env(pk1);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment