search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove unused function: dns_randfn_() in dns.c.
[tor.git] / src / test / test_channelpadding.c
blob5da2d81377094200f0aceb7cc7cea1a8fe6c4f1d
1 /* Copyright (c) 2016-2019, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3
4 #define TOR_CHANNEL_INTERNAL_
5 #define MAINLOOP_PRIVATE
6 #define NETWORKSTATUS_PRIVATE
7 #define TOR_TIMERS_PRIVATE
8 #include "core/or/or.h"
9 #include "test/test.h"
10 #include "lib/testsupport/testsupport.h"
11 #include "core/mainloop/connection.h"
12 #include "core/or/connection_or.h"
13 #include "core/or/channel.h"
14 #include "core/or/channeltls.h"
15 #include "core/or/channelpadding.h"
16 #include "lib/evloop/compat_libevent.h"
17 #include "app/config/config.h"
18 #include "lib/time/compat_time.h"
19 #include "core/mainloop/mainloop.h"
20 #include "feature/nodelist/networkstatus.h"
21 #include "test/log_test_helpers.h"
22 #include "lib/tls/tortls.h"
23 #include "lib/evloop/timers.h"
24 #include "lib/container/buffers.h"
25
26 #include "core/or/cell_st.h"
27 #include "feature/nodelist/networkstatus_st.h"
28 #include "core/or/or_connection_st.h"
29 #include "feature/nodelist/routerstatus_st.h"
30
31 int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan);
32 int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan);
33 int channelpadding_send_disable_command(channel_t*);
34 int channelpadding_find_timerslot(channel_t *chan);
35
36 void test_channelpadding_timers(void *arg);
37 void test_channelpadding_consensus(void *arg);
38 void test_channelpadding_negotiation(void *arg);
39 void test_channelpadding_decide_to_pad_channel(void *arg);
40 void test_channelpadding_killonehop(void *arg);
41
42 void dummy_nop_timer(void);
43
44 #define NSEC_PER_MSEC (1000*1000)
45
46 /* Thing to cast to fake tor_tls_t * to appease assert_connection_ok() */
47 static int fake_tortls = 0; /* Bleh... */
48
49 static int dont_stop_libevent = 0;
50
51 // From test_channel.c
52 channel_t * new_fake_channel(void);
53 void free_fake_channel(channel_t*);
54
55 static int
56 mock_channel_has_queued_writes(channel_t *chan)
57 {
58 (void)chan;
59 return 0;
60 }
61
62 static int tried_to_write_cell = 0;
63
64 static channel_t *relay1_relay2;
65 static channel_t *relay2_relay1;
66 static channel_t *relay3_client;
67 static channel_t *client_relay3;
68
69 static int
70 mock_channel_write_cell_relay2(channel_t *chan, cell_t *cell)
71 {
72 (void)chan;
73 tried_to_write_cell++;
74 channel_tls_handle_cell(cell, ((channel_tls_t*)relay1_relay2)->conn);
75 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
76 return 0;
77 }
78
79 static int
80 mock_channel_write_cell_relay1(channel_t *chan, cell_t *cell)
81 {
82 (void)chan;
83 tried_to_write_cell++;
84 channel_tls_handle_cell(cell, ((channel_tls_t*)relay2_relay1)->conn);
85 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
86 return 0;
87 }
88
89 static int
90 mock_channel_write_cell_relay3(channel_t *chan, cell_t *cell)
91 {
92 (void)chan;
93 tried_to_write_cell++;
94 channel_tls_handle_cell(cell, ((channel_tls_t*)client_relay3)->conn);
95 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
96 return 0;
97 }
98
99 static int
100 mock_channel_write_cell_client(channel_t *chan, cell_t *cell)
101 {
102 (void)chan;
103 tried_to_write_cell++;
104 channel_tls_handle_cell(cell, ((channel_tls_t*)relay3_client)->conn);
105 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
106 return 0;
107 }
108
109 static int
110 mock_channel_write_cell(channel_t *chan, cell_t *cell)
111 {
112 tried_to_write_cell++;
113 channel_tls_handle_cell(cell, ((channel_tls_t*)chan)->conn);
114 if (!dont_stop_libevent)
115 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
116 return 0;
117 }
118
119 static void
120 setup_fake_connection_for_channel(channel_tls_t *chan)
121 {
122 or_connection_t *conn = (or_connection_t*)connection_new(CONN_TYPE_OR,
123 AF_INET);
124
125 conn->base_.conn_array_index = smartlist_len(connection_array);
126 smartlist_add(connection_array, conn);
127
128 conn->chan = chan;
129 chan->conn = conn;
130
131 conn->base_.magic = OR_CONNECTION_MAGIC;
132 conn->base_.state = OR_CONN_STATE_OPEN;
133 conn->base_.type = CONN_TYPE_OR;
134 conn->base_.socket_family = AF_INET;
135 conn->base_.address = tor_strdup("<fake>");
136
137 conn->base_.port = 4242;
138
139 conn->tls = (tor_tls_t *)((void *)(&fake_tortls));
140
141 conn->link_proto = MIN_LINK_PROTO_FOR_CHANNEL_PADDING;
142
143 connection_or_set_canonical(conn, 1);
144 }
145
146 static channel_tls_t *
147 new_fake_channeltls(uint8_t id)
148 {
149 channel_tls_t *chan = tor_realloc(new_fake_channel(), sizeof(channel_tls_t));
150 chan->base_.magic = TLS_CHAN_MAGIC;
151 setup_fake_connection_for_channel(chan);
152 chan->base_.channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
153 chan->base_.has_queued_writes = mock_channel_has_queued_writes;
154 chan->base_.write_cell = mock_channel_write_cell;
155 chan->base_.padding_enabled = 1;
156
157 chan->base_.identity_digest[0] = id;
158 channel_register(&chan->base_);
159
160 return chan;
161 }
162
163 static void
164 free_fake_channeltls(channel_tls_t *chan)
165 {
166 channel_unregister(&chan->base_);
167
168 tor_free(((channel_tls_t*)chan)->conn->base_.address);
169 buf_free(((channel_tls_t*)chan)->conn->base_.inbuf);
170 buf_free(((channel_tls_t*)chan)->conn->base_.outbuf);
171 tor_free(((channel_tls_t*)chan)->conn);
172
173 timer_free(chan->base_.padding_timer);
174 channel_handle_free(chan->base_.timer_handle);
175 channel_handles_clear(&chan->base_);
176
177 free_fake_channel(&chan->base_);
178
179 return;
180 }
181
182 static void
183 setup_mock_consensus(void)
184 {
185 current_md_consensus = current_ns_consensus
186 = tor_malloc_zero(sizeof(networkstatus_t));
187 current_md_consensus->net_params = smartlist_new();
188 current_md_consensus->routerstatus_list = smartlist_new();
189 channelpadding_new_consensus_params(current_md_consensus);
190 }
191
192 static void
193 free_mock_consensus(void)
194 {
195 SMARTLIST_FOREACH(current_md_consensus->routerstatus_list, void *, r,
196 tor_free(r));
197 smartlist_free(current_md_consensus->routerstatus_list);
198 smartlist_free(current_ns_consensus->net_params);
199 tor_free(current_ns_consensus);
200 }
201
202 static void
203 setup_mock_network(void)
204 {
205 routerstatus_t *relay;
206 if (!connection_array)
207 connection_array = smartlist_new();
208
209 relay1_relay2 = (channel_t*)new_fake_channeltls(2);
210 relay1_relay2->write_cell = mock_channel_write_cell_relay1;
211 channel_timestamp_active(relay1_relay2);
212 relay = tor_malloc_zero(sizeof(routerstatus_t));
213 relay->identity_digest[0] = 1;
214 smartlist_add(current_md_consensus->routerstatus_list, relay);
215
216 relay2_relay1 = (channel_t*)new_fake_channeltls(1);
217 relay2_relay1->write_cell = mock_channel_write_cell_relay2;
218 channel_timestamp_active(relay2_relay1);
219 relay = tor_malloc_zero(sizeof(routerstatus_t));
220 relay->identity_digest[0] = 2;
221 smartlist_add(current_md_consensus->routerstatus_list, relay);
222
223 relay3_client = (channel_t*)new_fake_channeltls(0);
224 relay3_client->write_cell = mock_channel_write_cell_relay3;
225 relay3_client->is_client = 1;
226 channel_timestamp_active(relay3_client);
227 relay = tor_malloc_zero(sizeof(routerstatus_t));
228 relay->identity_digest[0] = 3;
229 smartlist_add(current_md_consensus->routerstatus_list, relay);
230
231 client_relay3 = (channel_t*)new_fake_channeltls(3);
232 client_relay3->write_cell = mock_channel_write_cell_client;
233 channel_timestamp_active(client_relay3);
234
235 channel_do_open_actions(relay1_relay2);
236 channel_do_open_actions(relay2_relay1);
237 channel_do_open_actions(relay3_client);
238 channel_do_open_actions(client_relay3);
239 }
240
241 static void
242 free_mock_network(void)
243 {
244 free_fake_channeltls((channel_tls_t*)relay1_relay2);
245 free_fake_channeltls((channel_tls_t*)relay2_relay1);
246 free_fake_channeltls((channel_tls_t*)relay3_client);
247 free_fake_channeltls((channel_tls_t*)client_relay3);
248
249 smartlist_free(connection_array);
250 }
251
252 static void
253 dummy_timer_cb(tor_timer_t *t, void *arg, const monotime_t *now_mono)
254 {
255 (void)t; (void)arg; (void)now_mono;
256 tor_libevent_exit_loop_after_callback(tor_libevent_get_base());
257 return;
258 }
259
260 // This hack adds a dummy timer so that the libevent base loop
261 // actually returns when we don't expect any timers to fire. Otherwise,
262 // the global_timer_event gets scheduled an hour from now, and the
263 // base loop never returns.
264 void
265 dummy_nop_timer(void)
266 {
267 tor_timer_t *dummy_timer = timer_new(dummy_timer_cb, NULL);
268 struct timeval timeout;
269 timeout.tv_sec = 1;
270 timeout.tv_usec = 0;
271
272 timer_schedule(dummy_timer, &timeout);
273
274 tor_libevent_run_event_loop(tor_libevent_get_base(), 0);
275
276 timer_free(dummy_timer);
277 }
278
279 #define CHANNELPADDING_MAX_TIMERS 25
280 #define CHANNELS_TO_TEST (CHANNELPADDING_MAX_TIMERS*4)
281 /**
282 * Tests to ensure that we handle more than the max number of pending
283 * timers properly.
284 */
285 void
286 test_channelpadding_timers(void *arg)
287 {
288 channelpadding_decision_t decision;
289 channel_t *chans[CHANNELS_TO_TEST];
290 (void)arg;
291
292 tor_libevent_postfork();
293
294 if (!connection_array)
295 connection_array = smartlist_new();
296
297 monotime_init();
298 monotime_enable_test_mocking();
299 uint64_t nsec_mock = 1;
300 monotime_set_mock_time_nsec(nsec_mock);
301 monotime_coarse_set_mock_time_nsec(nsec_mock);
302
303 timers_initialize();
304 channelpadding_new_consensus_params(NULL);
305
306 for (int i = 0; i < CHANNELS_TO_TEST; i++) {
307 chans[i] = (channel_t*)new_fake_channeltls(0);
308 channel_timestamp_active(chans[i]);
309 }
310
311 for (int j = 0; j < 2; j++) {
312 tried_to_write_cell = 0;
313 int i = 0;
314
315 monotime_coarse_t now;
316 monotime_coarse_get(&now);
317
318 /* This loop fills our timerslot array with timers of increasing time
319 * until they fire */
320 for (; i < CHANNELPADDING_MAX_TIMERS; i++) {
321 monotime_coarse_add_msec(&chans[i]->next_padding_time,
322 &now, 10 + i*4);
323 decision = channelpadding_decide_to_pad_channel(chans[i]);
324 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
325 tt_assert(chans[i]->pending_padding_callback);
326 tt_int_op(tried_to_write_cell, OP_EQ, 0);
327 }
328
329 /* This loop should add timers to the first position in the timerslot
330 * array, since its timeout is before all other timers. */
331 for (; i < CHANNELS_TO_TEST/3; i++) {
332 monotime_coarse_add_msec(&chans[i]->next_padding_time,
333 &now, 1);
334 decision = channelpadding_decide_to_pad_channel(chans[i]);
335 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
336 tt_assert(chans[i]->pending_padding_callback);
337 tt_int_op(tried_to_write_cell, OP_EQ, 0);
338 }
339
340 /* This loop should add timers to our existing lists in a weak
341 * pseudorandom pattern. It ensures that the lists can grow with multiple
342 * timers in them. */
343 for (; i < CHANNELS_TO_TEST/2; i++) {
344 monotime_coarse_add_msec(&chans[i]->next_padding_time,
345 &now, 10 + i*3 % CHANNELPADDING_MAX_TIMERS);
346 decision = channelpadding_decide_to_pad_channel(chans[i]);
347 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
348 tt_assert(chans[i]->pending_padding_callback);
349 tt_int_op(tried_to_write_cell, OP_EQ, 0);
350 }
351
352 /* This loop should add timers to the last position in the timerslot
353 * array, since its timeout is after all other timers. */
354 for (; i < CHANNELS_TO_TEST; i++) {
355 monotime_coarse_add_msec(&chans[i]->next_padding_time,
356 &now, 500 + i % CHANNELPADDING_MAX_TIMERS);
357 decision = channelpadding_decide_to_pad_channel(chans[i]);
358 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
359 tt_assert(chans[i]->pending_padding_callback);
360 tt_int_op(tried_to_write_cell, OP_EQ, 0);
361 }
362
363 // Wait for the timers and then kill the event loop.
364 nsec_mock += 1001 * NSEC_PER_MSEC;
365 monotime_coarse_set_mock_time_nsec(nsec_mock);
366 monotime_set_mock_time_nsec(nsec_mock);
367 timers_run_pending();
368
369 tt_int_op(tried_to_write_cell, OP_EQ, CHANNELS_TO_TEST);
370
371 // Test that we have no pending callbacks and all empty slots now
372 for (i = 0; i < CHANNELS_TO_TEST; i++) {
373 tt_assert(!chans[i]->pending_padding_callback);
374 }
375 }
376
377 done:
378 for (int i = 0; i < CHANNELS_TO_TEST; i++) {
379 free_fake_channeltls((channel_tls_t*)chans[i]);
380 }
381 smartlist_free(connection_array);
382
383 timers_shutdown();
384 monotime_disable_test_mocking();
385 channel_free_all();
386
387 return;
388 }
389
390 void
391 test_channelpadding_killonehop(void *arg)
392 {
393 channelpadding_decision_t decision;
394 int64_t new_time;
395 (void)arg;
396 tor_libevent_postfork();
397
398 routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t));
399 monotime_init();
400 monotime_enable_test_mocking();
401 monotime_set_mock_time_nsec(1);
402 monotime_coarse_set_mock_time_nsec(1);
403 new_time = 1;
404
405 timers_initialize();
406 setup_mock_consensus();
407 setup_mock_network();
408
409 /* Do we disable padding if rsos is enabled, and the consensus says don't
410 * pad? */
411
412 monotime_coarse_t now;
413 monotime_coarse_get(&now);
414
415 // First, test that padding works if either is enabled
416 smartlist_clear(current_md_consensus->net_params);
417 channelpadding_new_consensus_params(current_md_consensus);
418
419 relay3_client->padding_enabled = 1;
420 client_relay3->padding_enabled = 1;
421
422 tried_to_write_cell = 0;
423 get_options_mutable()->ORPort_set = 0;
424 get_options_mutable()->HiddenServiceSingleHopMode = 1;
425 get_options_mutable()->HiddenServiceNonAnonymousMode = 1;
426
427 monotime_coarse_add_msec(&client_relay3->next_padding_time, &now, 100);
428 decision = channelpadding_decide_to_pad_channel(client_relay3);
429 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
430 tt_assert(client_relay3->pending_padding_callback);
431 tt_int_op(tried_to_write_cell, OP_EQ, 0);
432
433 decision = channelpadding_decide_to_pad_channel(client_relay3);
434 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED);
435
436 // Wait for the timer
437 new_time += 101 * NSEC_PER_MSEC;
438 monotime_coarse_set_mock_time_nsec(new_time);
439 monotime_set_mock_time_nsec(new_time);
440 monotime_coarse_get(&now);
441 timers_run_pending();
442 tt_int_op(tried_to_write_cell, OP_EQ, 1);
443 tt_assert(!client_relay3->pending_padding_callback);
444
445 // Then test disabling each via consensus param
446 smartlist_add(current_md_consensus->net_params,
447 (void*)"nf_pad_single_onion=0");
448 channelpadding_new_consensus_params(current_md_consensus);
449
450 // Before the client tries to pad, the relay will still pad:
451 tried_to_write_cell = 0;
452 monotime_coarse_add_msec(&relay3_client->next_padding_time, &now, 100);
453 get_options_mutable()->ORPort_set = 1;
454 get_options_mutable()->HiddenServiceSingleHopMode = 0;
455 get_options_mutable()->HiddenServiceNonAnonymousMode = 0;
456 decision = channelpadding_decide_to_pad_channel(relay3_client);
457 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
458 tt_assert(relay3_client->pending_padding_callback);
459
460 // Wait for the timer
461 new_time += 101 * NSEC_PER_MSEC;
462 monotime_coarse_set_mock_time_nsec(new_time);
463 monotime_set_mock_time_nsec(new_time);
464 monotime_coarse_get(&now);
465 timers_run_pending();
466 tt_int_op(tried_to_write_cell, OP_EQ, 1);
467 tt_assert(!client_relay3->pending_padding_callback);
468
469 // Test client side (it should stop immediately)
470 get_options_mutable()->HiddenServiceSingleHopMode = 1;
471 get_options_mutable()->HiddenServiceNonAnonymousMode = 1;
472 /* For the relay to receive the negotiate: */
473 get_options_mutable()->ORPort_set = 1;
474 decision = channelpadding_decide_to_pad_channel(client_relay3);
475 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
476 tt_assert(!client_relay3->pending_padding_callback);
477
478 // Test relay side (it should have gotten the negotiation to disable)
479 get_options_mutable()->ORPort_set = 1;
480 get_options_mutable()->HiddenServiceSingleHopMode = 0;
481 get_options_mutable()->HiddenServiceNonAnonymousMode = 0;
482 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ,
483 CHANNELPADDING_WONTPAD);
484 tt_assert(!relay3_client->padding_enabled);
485
486 done:
487 free_mock_consensus();
488 free_mock_network();
489 tor_free(relay);
490
491 timers_shutdown();
492 monotime_disable_test_mocking();
493 channel_free_all();
494 }
495
496 void
497 test_channelpadding_consensus(void *arg)
498 {
499 channelpadding_decision_t decision;
500 or_options_t *options = get_options_mutable();
501 int64_t val;
502 int64_t new_time;
503 (void)arg;
504
505 tor_libevent_postfork();
506
507 /*
508 * Params tested:
509 * nf_pad_before_usage
510 * nf_pad_relays
511 * nf_ito_low
512 * nf_ito_high
513 *
514 * Plan:
515 * 1. Padding can be completely disabled via consensus
516 * 2. Negotiation can't re-enable consensus-disabled padding
517 * 3. Negotiation can't increase padding from relays beyond
518 * consensus defaults
519 * 4. Relay-to-relay padding can be enabled/disabled in consensus
520 * 5. Can enable/disable padding before actually using a connection
521 * 6. Can we control circ and TLS conn lifetime from the consensus?
522 */
523 channel_t *chan;
524 routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t));
525 monotime_enable_test_mocking();
526 monotime_set_mock_time_nsec(1);
527 monotime_coarse_set_mock_time_nsec(1);
528 new_time = 1;
529 monotime_coarse_t now;
530 monotime_coarse_get(&now);
531 timers_initialize();
532
533 if (!connection_array)
534 connection_array = smartlist_new();
535 chan = (channel_t*)new_fake_channeltls(0);
536 channel_timestamp_active(chan);
537
538 setup_mock_consensus();
539
540 get_options_mutable()->ORPort_set = 1;
541
542 /* Test 1: Padding can be completely disabled via consensus */
543 tried_to_write_cell = 0;
544 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
545 decision = channelpadding_decide_to_pad_channel(chan);
546 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
547 tt_assert(chan->pending_padding_callback);
548 tt_int_op(tried_to_write_cell, OP_EQ, 0);
549
550 decision = channelpadding_decide_to_pad_channel(chan);
551 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED);
552
553 // Wait for the timer
554 new_time += 101*NSEC_PER_MSEC;
555 monotime_coarse_set_mock_time_nsec(new_time);
556 monotime_set_mock_time_nsec(new_time);
557 monotime_coarse_get(&now);
558 timers_run_pending();
559 tt_int_op(tried_to_write_cell, OP_EQ, 1);
560 tt_assert(!chan->pending_padding_callback);
561
562 smartlist_add(current_md_consensus->net_params,
563 (void*)"nf_ito_low=0");
564 smartlist_add(current_md_consensus->net_params,
565 (void*)"nf_ito_high=0");
566 get_options_mutable()->ConnectionPadding = 1;
567 channelpadding_new_consensus_params(current_md_consensus);
568
569 decision = channelpadding_decide_to_pad_channel(chan);
570 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
571 tt_assert(!chan->pending_padding_callback);
572 val = channelpadding_get_netflow_inactive_timeout_ms(chan);
573 tt_i64_op(val, OP_EQ, 0);
574 val = channelpadding_compute_time_until_pad_for_netflow(chan);
575 tt_i64_op(val, OP_EQ, -2);
576
577 /* Test 2: Negotiation can't re-enable consensus-disabled padding */
578 channelpadding_send_enable_command(chan, 100, 200);
579 tried_to_write_cell = 0;
580 decision = channelpadding_decide_to_pad_channel(chan);
581 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
582 tt_assert(!chan->pending_padding_callback);
583 val = channelpadding_get_netflow_inactive_timeout_ms(chan);
584 tt_i64_op(val, OP_EQ, 0);
585 val = channelpadding_compute_time_until_pad_for_netflow(chan);
586 tt_i64_op(val, OP_EQ, -2);
587 tt_assert(monotime_coarse_is_zero(&chan->next_padding_time));
588
589 smartlist_clear(current_md_consensus->net_params);
590
591 /* Test 3: Negotiation can't increase padding from relays beyond consensus
592 * values */
593 smartlist_add(current_md_consensus->net_params,
594 (void*)"nf_ito_low=100");
595 smartlist_add(current_md_consensus->net_params,
596 (void*)"nf_ito_high=200");
597 channelpadding_new_consensus_params(current_md_consensus);
598
599 tried_to_write_cell = 0;
600 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
601 decision = channelpadding_decide_to_pad_channel(chan);
602 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
603 tt_assert(chan->pending_padding_callback);
604 tt_int_op(tried_to_write_cell, OP_EQ, 0);
605 val = channelpadding_get_netflow_inactive_timeout_ms(chan);
606 tt_i64_op(val, OP_GE, 100);
607 tt_i64_op(val, OP_LE, 200);
608 val = channelpadding_compute_time_until_pad_for_netflow(chan);
609 tt_i64_op(val, OP_LE, 200);
610
611 // Wait for the timer
612 new_time += 201*NSEC_PER_MSEC;
613 monotime_set_mock_time_nsec(new_time);
614 monotime_coarse_set_mock_time_nsec(new_time);
615 monotime_coarse_get(&now);
616 timers_run_pending();
617 tt_int_op(tried_to_write_cell, OP_EQ, 1);
618 tt_assert(!chan->pending_padding_callback);
619
620 smartlist_clear(current_md_consensus->net_params);
621 smartlist_add(current_md_consensus->net_params,
622 (void*)"nf_ito_low=1500");
623 smartlist_add(current_md_consensus->net_params,
624 (void*)"nf_ito_high=4500");
625 channelpadding_new_consensus_params(current_md_consensus);
626
627 channelpadding_send_enable_command(chan, 100, 200);
628 tried_to_write_cell = 0;
629 decision = channelpadding_decide_to_pad_channel(chan);
630 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
631 tt_assert(!chan->pending_padding_callback);
632 val = channelpadding_get_netflow_inactive_timeout_ms(chan);
633 tt_i64_op(val, OP_GE, 1500);
634 tt_i64_op(val, OP_LE, 4500);
635 val = channelpadding_compute_time_until_pad_for_netflow(chan);
636 tt_i64_op(val, OP_LE, 4500);
637
638 /* Test 4: Relay-to-relay padding can be enabled/disabled in consensus */
639 /* Make this channel a relay's channel */
640 memcpy(relay->identity_digest,
641 ((channel_tls_t *)chan)->conn->identity_digest, DIGEST_LEN);
642 smartlist_add(current_md_consensus->routerstatus_list, relay);
643 relay = NULL; /* Prevent double-free */
644
645 tried_to_write_cell = 0;
646 decision = channelpadding_decide_to_pad_channel(chan);
647 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
648 tt_assert(!chan->pending_padding_callback);
649
650 smartlist_add(current_md_consensus->net_params,
651 (void*)"nf_pad_relays=1");
652 channelpadding_new_consensus_params(current_md_consensus);
653
654 decision = channelpadding_decide_to_pad_channel(chan);
655 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
656 tt_assert(!chan->pending_padding_callback);
657 val = channelpadding_get_netflow_inactive_timeout_ms(chan);
658 tt_i64_op(val, OP_GE, 1500);
659 tt_i64_op(val, OP_LE, 4500);
660 val = channelpadding_compute_time_until_pad_for_netflow(chan);
661 tt_i64_op(val, OP_LE, 4500);
662
663 /* Test 5: If we disable padding before channel usage, does that work? */
664 smartlist_add(current_md_consensus->net_params,
665 (void*)"nf_pad_before_usage=0");
666 channelpadding_new_consensus_params(current_md_consensus);
667 tried_to_write_cell = 0;
668 decision = channelpadding_decide_to_pad_channel(chan);
669 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
670 tt_assert(!chan->pending_padding_callback);
671
672 /* Test 6: Can we control circ and TLS conn lifetime from the consensus? */
673 val = channelpadding_get_channel_idle_timeout(NULL, 0);
674 tt_i64_op(val, OP_GE, 180);
675 tt_i64_op(val, OP_LE, 180+90);
676 val = channelpadding_get_channel_idle_timeout(chan, 0);
677 tt_i64_op(val, OP_GE, 180);
678 tt_i64_op(val, OP_LE, 180+90);
679 options->ReducedConnectionPadding = 1;
680 val = channelpadding_get_channel_idle_timeout(chan, 0);
681 tt_i64_op(val, OP_GE, 180/2);
682 tt_i64_op(val, OP_LE, (180+90)/2);
683
684 options->ReducedConnectionPadding = 0;
685 options->ORPort_set = 1;
686 smartlist_add(current_md_consensus->net_params,
687 (void*)"nf_conntimeout_relays=600");
688 channelpadding_new_consensus_params(current_md_consensus);
689 val = channelpadding_get_channel_idle_timeout(chan, 1);
690 tt_i64_op(val, OP_GE, 450);
691 tt_i64_op(val, OP_LE, 750);
692
693 val = channelpadding_get_circuits_available_timeout();
694 tt_i64_op(val, OP_GE, 30*60);
695 tt_i64_op(val, OP_LE, 30*60*2);
696
697 options->ReducedConnectionPadding = 1;
698 smartlist_add(current_md_consensus->net_params,
699 (void*)"nf_conntimeout_clients=600");
700 channelpadding_new_consensus_params(current_md_consensus);
701 val = channelpadding_get_circuits_available_timeout();
702 tt_i64_op(val, OP_GE, 600/2);
703 tt_i64_op(val, OP_LE, 600*2/2);
704
705 options->ReducedConnectionPadding = 0;
706 options->CircuitsAvailableTimeout = 24*60*60;
707 val = channelpadding_get_circuits_available_timeout();
708 tt_i64_op(val, OP_GE, 24*60*60);
709 tt_i64_op(val, OP_LE, 24*60*60*2);
710
711 done:
712 tor_free(relay);
713
714 free_mock_consensus();
715 free_fake_channeltls((channel_tls_t*)chan);
716 smartlist_free(connection_array);
717
718 timers_shutdown();
719 monotime_disable_test_mocking();
720 channel_free_all();
721
722 return;
723 }
724
725 void
726 test_channelpadding_negotiation(void *arg)
727 {
728 channelpadding_negotiate_t disable;
729 cell_t cell;
730 channelpadding_decision_t decision;
731 int val;
732 (void)arg;
733
734 /* Plan:
735 * 1. Clients reject negotiation, relays accept it.
736 * * Bridges accept negotiation from their clients,
737 * but not from relays.
738 * 2. Torrc options can override client-side negotiation
739 * 3. Test a version issue in channelpadidng cell
740 * 4. Test channelpadding_reduced_padding
741 */
742 monotime_init();
743 monotime_enable_test_mocking();
744 monotime_set_mock_time_nsec(1);
745 monotime_coarse_set_mock_time_nsec(1);
746 timers_initialize();
747 setup_mock_consensus();
748 setup_mock_network();
749
750 /* Test case #1: Do the right things ignore negotiation? */
751 /* relay-to-client case: */
752 channelpadding_send_disable_command(relay3_client);
753 tt_assert(client_relay3->padding_enabled);
754
755 /* client-to-relay case: */
756 get_options_mutable()->ORPort_set = 1;
757 channelpadding_disable_padding_on_channel(client_relay3);
758 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ,
759 CHANNELPADDING_WONTPAD);
760 tt_assert(!relay3_client->padding_enabled);
761 relay3_client->padding_enabled = 1;
762 client_relay3->padding_enabled = 1;
763
764 /* Bridge case from relay */
765 get_options_mutable()->BridgeRelay = 1;
766 channelpadding_disable_padding_on_channel(relay2_relay1);
767 tt_assert(relay1_relay2->padding_enabled);
768
769 /* Bridge case from client */
770 channelpadding_disable_padding_on_channel(client_relay3);
771 tt_assert(!relay3_client->padding_enabled);
772 tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ,
773 CHANNELPADDING_WONTPAD);
774 relay3_client->padding_enabled = 1;
775 client_relay3->padding_enabled = 1;
776 get_options_mutable()->BridgeRelay = 0;
777 get_options_mutable()->ORPort_set = 0;
778
779 /* Test case #2: Torrc options */
780 /* ConnectionPadding auto; Relay doesn't support us */
781 ((channel_tls_t*)relay3_client)->conn->link_proto = 4;
782 relay3_client->padding_enabled = 0;
783 tried_to_write_cell = 0;
784 decision = channelpadding_decide_to_pad_channel(relay3_client);
785 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
786 tt_assert(!relay3_client->pending_padding_callback);
787 tt_int_op(tried_to_write_cell, OP_EQ, 0);
788 ((channel_tls_t*)relay3_client)->conn->link_proto = 5;
789 relay3_client->padding_enabled = 1;
790
791 /* ConnectionPadding 1; Relay doesn't support us */
792 get_options_mutable()->ConnectionPadding = 1;
793 tried_to_write_cell = 0;
794 decision = channelpadding_decide_to_pad_channel(client_relay3);
795 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
796 tt_assert(!client_relay3->pending_padding_callback);
797 tt_int_op(tried_to_write_cell, OP_EQ, 0);
798 get_options_mutable()->ConnectionPadding = 0;
799
800 /* Test case #3: Test a version issue in channelpadding cell */
801 get_options_mutable()->ORPort_set = 1;
802 client_relay3->padding_enabled = 1;
803 relay3_client->padding_enabled = 1;
804 memset(&cell, 0, sizeof(cell_t));
805 memset(&disable, 0, sizeof(channelpadding_negotiate_t));
806 cell.command = CELL_PADDING_NEGOTIATE;
807
808 channelpadding_negotiate_set_command(&disable, CHANNELPADDING_COMMAND_STOP);
809 disable.version = 1;
810 channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable);
811 client_relay3->write_cell(client_relay3, &cell);
812 tt_assert(relay3_client->padding_enabled);
813 tt_int_op(channelpadding_update_padding_for_channel(client_relay3, &disable),
814 OP_EQ, -1);
815 tt_assert(client_relay3->padding_enabled);
816
817 disable.version = 0;
818 channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable);
819 client_relay3->write_cell(client_relay3, &cell);
820 tt_assert(!relay3_client->padding_enabled);
821
822 /* Test case 4: Reducing padding actually reduces it */
823 relay3_client->padding_enabled = 1;
824 client_relay3->padding_enabled = 1;
825
826 decision = channelpadding_decide_to_pad_channel(relay3_client);
827 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
828
829 channelpadding_reduce_padding_on_channel(client_relay3);
830
831 tried_to_write_cell = 0;
832 decision = channelpadding_decide_to_pad_channel(relay3_client);
833 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
834
835 get_options_mutable()->ORPort_set = 0;
836 decision = channelpadding_decide_to_pad_channel(client_relay3);
837 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
838
839 tt_assert(!client_relay3->pending_padding_callback);
840 val = channelpadding_get_netflow_inactive_timeout_ms(client_relay3);
841 tt_int_op(val, OP_GE, 9000);
842 tt_int_op(val, OP_LE, 14000);
843 int64_t val64 =
844 channelpadding_compute_time_until_pad_for_netflow(client_relay3);
845 tt_i64_op(val64, OP_LE, 14000);
846
847 done:
848 free_mock_network();
849 free_mock_consensus();
850
851 timers_shutdown();
852 monotime_disable_test_mocking();
853 channel_free_all();
854
855 return;
856 }
857
858 void
859 test_channelpadding_decide_to_pad_channel(void *arg)
860 {
861 channelpadding_decision_t decision;
862 /**
863 * Test case plan:
864 *
865 * 1. Channel that has "sent a packet" before the timeout.
866 * + We should decide to pad later
867 * 2. Channel that has not "sent a packet" before the timeout:
868 * 2a. Not within 1.1s of the timeout.
869 * + We should decide to pad later
870 * 2b. Within 1.1s of the timemout.
871 * + We should schedule padding
872 * + We should get feedback that we wrote a cell
873 * 2c. Within 0.1s of the timeout.
874 * + We should schedule padding
875 * + We should get feedback that we wrote a cell
876 * 2d. Channel that asks to pad while timeout is scheduled
877 * + We should schedule padding
878 * + We should get feedback that we wrote a cell
879 * 2e. 0s of the timeout
880 * + We should send padding immediately
881 * + We should get feedback that we wrote a cell
882 * 2f. <0s of the timeout
883 * + We should send padding immediately
884 * + We should get feedback that we wrote a cell
885 * 3. Channel that sends a packet while timeout is scheduled
886 * + We should not get feedback that we wrote a cell
887 * 4. Channel that closes while timeout is scheduled
888 * + We should not get feedback that we wrote a cell
889 * 5. Make sure the channel still would work if repaired
890 * + We should be able to schedule padding and resend
891 * 6. Channel is not used for full circuits
892 * 7. Channel that disappears while timeout is scheduled
893 * + We should not send padding
894 */
895 channel_t *chan;
896 int64_t new_time;
897 if (!connection_array)
898 connection_array = smartlist_new();
899 (void)arg;
900
901 tor_libevent_postfork();
902
903 monotime_init();
904 monotime_enable_test_mocking();
905 monotime_set_mock_time_nsec(1);
906 monotime_coarse_set_mock_time_nsec(1);
907 new_time = 1;
908 monotime_coarse_t now;
909 monotime_coarse_get(&now);
910 timers_initialize();
911 setup_full_capture_of_logs(LOG_WARN);
912 channelpadding_new_consensus_params(NULL);
913
914 chan = (channel_t*)new_fake_channeltls(0);
915 channel_timestamp_active(chan);
916
917 /* Test case #1: Channel that has "sent a packet" before the timeout. */
918 tried_to_write_cell = 0;
919 decision = channelpadding_decide_to_pad_channel(chan);
920 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
921 tt_assert(!chan->pending_padding_callback);
922 tt_int_op(tried_to_write_cell, OP_EQ, 0);
923
924 /* Test case #2a: > 1.1s until timeout */
925 tried_to_write_cell = 0;
926 monotime_coarse_add_msec(&chan->next_padding_time, &now, 1200);
927 decision = channelpadding_decide_to_pad_channel(chan);
928 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER);
929 tt_assert(!chan->pending_padding_callback);
930 tt_int_op(tried_to_write_cell, OP_EQ, 0);
931
932 /* Test case #2b: >= 1.0s until timeout */
933 tried_to_write_cell = 0;
934 monotime_coarse_add_msec(&chan->next_padding_time, &now, 1000);
935 decision = channelpadding_decide_to_pad_channel(chan);
936 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
937 tt_assert(chan->pending_padding_callback);
938 tt_int_op(tried_to_write_cell, OP_EQ, 0);
939
940 // Set up a timer for the <0 case below.
941 monotime_coarse_t now_minus_100s;
942 monotime_coarse_add_msec(&now_minus_100s, &now, 900);
943 // Wait for the timer from case #2b
944 new_time += 1000*NSEC_PER_MSEC;
945 monotime_set_mock_time_nsec(new_time);
946 monotime_coarse_set_mock_time_nsec(new_time);
947 monotime_coarse_get(&now);
948 timers_run_pending();
949 tt_int_op(tried_to_write_cell, OP_EQ, 1);
950 tt_assert(!chan->pending_padding_callback);
951
952 /* Test case #2c: > 0.1s until timeout */
953 tried_to_write_cell = 0;
954 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
955 decision = channelpadding_decide_to_pad_channel(chan);
956 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
957 tt_assert(chan->pending_padding_callback);
958 tt_int_op(tried_to_write_cell, OP_EQ, 0);
959
960 /* Test case #2d: Channel that asks to pad while timeout is scheduled */
961 decision = channelpadding_decide_to_pad_channel(chan);
962 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED);
963
964 // Wait for the timer
965 new_time += 101*NSEC_PER_MSEC;
966 monotime_coarse_set_mock_time_nsec(new_time);
967 monotime_set_mock_time_nsec(new_time);
968 monotime_coarse_get(&now);
969 timers_run_pending();
970 tt_int_op(tried_to_write_cell, OP_EQ, 1);
971 tt_assert(!chan->pending_padding_callback);
972
973 /* Test case #2e: 0s until timeout */
974 tried_to_write_cell = 0;
975 monotime_coarse_add_msec(&chan->next_padding_time, &now, 0);
976 decision = channelpadding_decide_to_pad_channel(chan);
977 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT);
978 tt_int_op(tried_to_write_cell, OP_EQ, 1);
979 tt_assert(!chan->pending_padding_callback);
980
981 /* Test case #2f: <0s until timeout */
982 tried_to_write_cell = 0;
983 monotime_coarse_add_msec(&chan->next_padding_time, &now_minus_100s, 0);
984 decision = channelpadding_decide_to_pad_channel(chan);
985 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT);
986 tt_int_op(tried_to_write_cell, OP_EQ, 1);
987 tt_assert(!chan->pending_padding_callback);
988
989 /* Test case #3: Channel that sends a packet while timeout is scheduled */
990 tried_to_write_cell = 0;
991 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
992 decision = channelpadding_decide_to_pad_channel(chan);
993 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
994 tt_int_op(tried_to_write_cell, OP_EQ, 0);
995 tt_assert(chan->pending_padding_callback);
996
997 // Pretend the channel sent a packet
998 channel_timestamp_active(chan);
999
1000 // We don't expect any timer callbacks here. Make a dummy one to be sure.
1001 // Wait for the timer
1002 new_time += 101*NSEC_PER_MSEC;
1003 monotime_coarse_set_mock_time_nsec(new_time);
1004 monotime_set_mock_time_nsec(new_time);
1005 monotime_coarse_get(&now);
1006 timers_run_pending();
1007
1008 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1009 tt_assert(!chan->pending_padding_callback);
1010
1011 /* Test case #4: Channel that closes while a timeout is scheduled */
1012 tried_to_write_cell = 0;
1013 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
1014 decision = channelpadding_decide_to_pad_channel(chan);
1015 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
1016 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1017 tt_assert(chan->pending_padding_callback);
1018
1019 // Pretend the channel is temporarily down
1020 chan->state = CHANNEL_STATE_MAINT;
1021
1022 // We don't expect any timer callbacks here. Make a dummy one to be sure.
1023 new_time += 101*NSEC_PER_MSEC;
1024 monotime_coarse_set_mock_time_nsec(new_time);
1025 monotime_set_mock_time_nsec(new_time);
1026 monotime_coarse_get(&now);
1027 timers_run_pending();
1028
1029 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1030 tt_assert(!chan->pending_padding_callback);
1031 chan->state = CHANNEL_STATE_OPEN;
1032
1033 /* Test case #5: Make sure previous test case didn't break everything */
1034 tried_to_write_cell = 0;
1035 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
1036 decision = channelpadding_decide_to_pad_channel(chan);
1037 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
1038 tt_assert(chan->pending_padding_callback);
1039 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1040
1041 // Wait for the timer
1042 new_time += 101*NSEC_PER_MSEC;
1043 monotime_coarse_set_mock_time_nsec(new_time);
1044 monotime_set_mock_time_nsec(new_time);
1045 monotime_coarse_get(&now);
1046 timers_run_pending();
1047
1048 tt_int_op(tried_to_write_cell, OP_EQ, 1);
1049 tt_assert(!chan->pending_padding_callback);
1050
1051 /* Test case #6. Channel is not used for full circuits */
1052 chan->channel_usage = CHANNEL_USED_NOT_USED_FOR_FULL_CIRCS;
1053 decision = channelpadding_decide_to_pad_channel(chan);
1054 tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
1055 tt_assert(!chan->pending_padding_callback);
1056 chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
1057
1058 /* Test case #7. Channel is closed while timeout is scheduled.
1059 *
1060 * NOTE: This test deliberately breaks the channel callback mechanism.
1061 * It must be last.
1062 */
1063 tried_to_write_cell = 0;
1064 monotime_coarse_add_msec(&chan->next_padding_time, &now, 100);
1065 decision = channelpadding_decide_to_pad_channel(chan);
1066 tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED);
1067 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1068 tt_assert(chan->pending_padding_callback);
1069
1070 // Close the connection while the timer is scheduled
1071 free_fake_channeltls((channel_tls_t*)chan);
1072
1073 // We don't expect any timer callbacks here. Make a dummy one to be sure.
1074 new_time = 101*NSEC_PER_MSEC;
1075 monotime_coarse_set_mock_time_nsec(new_time);
1076 monotime_set_mock_time_nsec(new_time);
1077 monotime_coarse_get(&now);
1078 timers_run_pending();
1079
1080 tt_int_op(tried_to_write_cell, OP_EQ, 0);
1081
1082 done:
1083 smartlist_free(connection_array);
1084
1085 teardown_capture_of_logs();
1086 monotime_disable_test_mocking();
1087 timers_shutdown();
1088 channel_free_all();
1089
1090 return;
1091 }
1092
1093 #define TEST_CHANNELPADDING(name, flags) \
1094 { #name, test_##name, (flags), NULL, NULL }
1095
1096 struct testcase_t channelpadding_tests[] = {
1097 //TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, 0),
1098 TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, TT_FORK),
1099 TEST_CHANNELPADDING(channelpadding_negotiation, TT_FORK),
1100 TEST_CHANNELPADDING(channelpadding_consensus, TT_FORK),
1101 TEST_CHANNELPADDING(channelpadding_killonehop, TT_FORK),
1102 TEST_CHANNELPADDING(channelpadding_timers, TT_FORK),
1103 END_OF_TESTCASES
1104 };
The Onion Router