sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

r19696@catbus: nickm | 2008-05-12 00:22:25 -0400 

Backport: Add unit tests for last patch; make it more testable; fix a bug or two.


svn:r14587
This commit is contained in:
Nick Mathewson 2008-05-12 04:29:07 +00:00
parent befa56c72e
commit 029a897634
4 changed files with 61 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/or/dirvote.c
View File

@ -458,7 +458,9 @@ char *
networkstatus_compute_consensus(smartlist_t *votes,
int total_authorities,
crypto_pk_env_t *identity_key,
crypto_pk_env_t *signing_key)
crypto_pk_env_t *signing_key,
const char *legacy_id_key_digest,
crypto_pk_env_t *legacy_signing_key)
{
smartlist_t *chunks;
char *result = NULL;
@ -623,7 +625,7 @@ networkstatus_compute_consensus(smartlist_t *votes,
e_legacy->v = v;
e_legacy->digest = get_voter(v)->legacy_id_digest;
e_legacy->is_legacy = 1;
smartlist_add(dir_sources, e);
smartlist_add(dir_sources, e_legacy);
}
});
smartlist_sort(dir_sources, _compare_dir_src_ents_by_authority_id);
@ -963,16 +965,16 @@ networkstatus_compute_consensus(smartlist_t *votes,
}
smartlist_add(chunks, tor_strdup(buf));
if (get_options()->V3AuthUseLegacyKey && consensus_method >= 3) {
crypto_pk_env_t *legacy_key = get_my_v3_legacy_signing_key();
authority_cert_t *legacy_cert = get_my_v3_legacy_cert();
if (legacy_id_key_digest && legacy_signing_key && consensus_method >= 3) {
smartlist_add(chunks, tor_strdup("directory-signature "));
crypto_pk_get_fingerprint(legacy_cert->identity_key, fingerprint, 0);
crypto_pk_get_fingerprint(legacy_key, signing_key_fingerprint, 0);
base16_encode(fingerprint, sizeof(fingerprint),
legacy_id_key_digest, DIGEST_LEN);
crypto_pk_get_fingerprint(legacy_signing_key,
signing_key_fingerprint, 0);
tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,
signing_key_fingerprint);
if (router_append_dirobj_signature(buf, sizeof(buf), digest,
signing_key)) {
legacy_signing_key)) {
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
return NULL; /* This leaks, but it should never happen. */
}
@ -1751,10 +1753,23 @@ dirvote_compute_consensus(void)
SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, v,
smartlist_add(votes, v->vote));
consensus_body = networkstatus_compute_consensus(
{
char legacy_dbuf[DIGEST_LEN];
crypto_pk_env_t *legacy_sign=NULL;
char *legacy_id_digest = NULL;
if (get_options()->V3AuthUseLegacyKey) {
authority_cert_t *cert = get_my_v3_legacy_cert();
legacy_sign = get_my_v3_legacy_signing_key();
if (cert) {
crypto_pk_get_digest(cert->identity_key, legacy_dbuf);
legacy_id_digest = legacy_dbuf;
}
}
consensus_body = networkstatus_compute_consensus(
votes, n_voters,
my_cert->identity_key,
get_my_v3_authority_signing_key());
get_my_v3_authority_signing_key(), legacy_id_digest, legacy_sign);
}
if (!consensus_body) {
log_warn(LD_DIR, "Couldn't generate a consensus at all!");
goto err;

4
src/or/or.h
View File

@ -3174,7 +3174,9 @@ void dirvote_free_all(void);
char *networkstatus_compute_consensus(smartlist_t *votes,
int total_authorities,
crypto_pk_env_t *identity_key,
crypto_pk_env_t *signing_key);
crypto_pk_env_t *signing_key,
const char *legacy_identity_key_digest,
crypto_pk_env_t *legacy_signing_key);
int networkstatus_add_detached_signatures(networkstatus_t *target,
ns_detached_signatures_t *sigs,
const char **msg_out);

9
src/or/routerlist.c
View File

@ -296,6 +296,7 @@ authority_cert_get_newest_by_id(const char *id_digest)
if (!trusted_dir_certs ||
!(cl = digestmap_get(trusted_dir_certs, id_digest)))
return NULL;
SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
{
if (!best || cert->cache_info.published_on > best->cache_info.published_on)
@ -310,9 +311,17 @@ authority_cert_get_newest_by_id(const char *id_digest)
authority_cert_t *
authority_cert_get_by_sk_digest(const char *sk_digest)
{
authority_cert_t *c;
if (!trusted_dir_certs)
return NULL;
if ((c = get_my_v3_authority_cert()) &&
!memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
return c;
if ((c = get_my_v3_legacy_cert()) &&
!memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
return c;
DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
{

39
src/or/test.c
View File

@ -2537,6 +2537,7 @@ test_v3_networkstatus(void)
{
authority_cert_t *cert1, *cert2, *cert3;
crypto_pk_env_t *sign_skey_1, *sign_skey_2, *sign_skey_3;
crypto_pk_env_t *sign_skey_leg1;
time_t now = time(NULL);
networkstatus_voter_info_t *voter;
@ -2556,7 +2557,8 @@ test_v3_networkstatus(void)
sign_skey_1 = crypto_new_pk_env();
sign_skey_2 = crypto_new_pk_env();
sign_skey_3 = crypto_new_pk_env();
sign_skey_leg1 = pk_generate(4);
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_1,
AUTHORITY_SIGNKEY_1));
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_2,
@ -2578,6 +2580,8 @@ test_v3_networkstatus(void)
vote->valid_until = now+3000;
vote->vote_seconds = 100;
vote->dist_seconds = 200;
vote->supported_methods = smartlist_create();
smartlist_split_string(vote->supported_methods, "1 2 3", NULL, 0, -1);
vote->client_versions = tor_strdup("0.1.2.14,0.1.2.15");
vote->server_versions = tor_strdup("0.1.2.14,0.1.2.15,0.1.2.16");
vote->known_flags = smartlist_create();
@ -2742,6 +2746,7 @@ test_v3_networkstatus(void)
vote->dist_seconds = 250;
authority_cert_free(vote->cert);
vote->cert = authority_cert_dup(cert3);
smartlist_add(vote->supported_methods, tor_strdup("4"));
vote->client_versions = tor_strdup("0.1.2.14,0.1.2.17");
vote->server_versions = tor_strdup("0.1.2.10,0.1.2.15,0.1.2.16");
voter = smartlist_get(vote->voters, 0);
@ -2751,6 +2756,8 @@ test_v3_networkstatus(void)
voter->address = tor_strdup("3.4.5.6");
voter->addr = 0x03040506;
crypto_pk_get_digest(cert3->identity_key, voter->identity_digest);
/* This one has a legacy id. */
memset(voter->legacy_id_digest, (int)'A', DIGEST_LEN);
vrs = smartlist_get(vote->routerstatus_list, 0);
smartlist_del_keeporder(vote->routerstatus_list, 0);
tor_free(vrs->version);
@ -2770,7 +2777,9 @@ test_v3_networkstatus(void)
smartlist_add(votes, v2);
consensus_text = networkstatus_compute_consensus(votes, 3,
cert3->identity_key,
sign_skey_3);
sign_skey_3,
"AAAAAAAAAAAAAAAAAAAA",
sign_skey_leg1);
test_assert(consensus_text);
con = networkstatus_parse_vote_from_string(consensus_text, NULL, 0);
test_assert(con);
@ -2791,17 +2800,17 @@ test_v3_networkstatus(void)
test_streq(cp, "Authority:Exit:Fast:Guard:MadeOfCheese:MadeOfTin:"
"Running:Stable:V2Dir:Valid");
tor_free(cp);
test_eq(3, smartlist_len(con->voters));
test_eq(4, smartlist_len(con->voters)); /*3 voters, 1 legacy key.*/
/* The voter id digests should be in this order. */
test_assert(memcmp(cert2->cache_info.identity_digest,
cert3->cache_info.identity_digest,DIGEST_LEN)<0);
test_assert(memcmp(cert3->cache_info.identity_digest,
cert1->cache_info.identity_digest,DIGEST_LEN)<0);
test_same_voter(smartlist_get(con->voters, 0),
smartlist_get(v2->voters, 0));
test_same_voter(smartlist_get(con->voters, 1),
smartlist_get(v3->voters, 0));
smartlist_get(v2->voters, 0));
test_same_voter(smartlist_get(con->voters, 2),
smartlist_get(v3->voters, 0));
test_same_voter(smartlist_get(con->voters, 3),
smartlist_get(v1->voters, 0));
test_assert(!con->cert);
@ -2847,19 +2856,19 @@ test_v3_networkstatus(void)
test_assert(!rs->is_named);
/* XXXX check version */
/* Check signatures. the first voter hasn't got one. The second one
* does: validate it. */
voter = smartlist_get(con->voters, 0);
/* Check signatures. the first voter is pseudo. The second one hasn't
signed. The third one has signed: validate it. */
voter = smartlist_get(con->voters, 1);
test_assert(!voter->signature);
test_assert(!voter->good_signature);
test_assert(!voter->bad_signature);
voter = smartlist_get(con->voters, 1);
voter = smartlist_get(con->voters, 2);
test_assert(voter->signature);
test_assert(!voter->good_signature);
test_assert(!voter->bad_signature);
test_assert(!networkstatus_check_voter_signature(con,
smartlist_get(con->voters, 1),
smartlist_get(con->voters, 2),
cert3));
test_assert(voter->signature);
test_assert(voter->good_signature);
@ -2875,11 +2884,11 @@ test_v3_networkstatus(void)
smartlist_shuffle(votes);
consensus_text2 = networkstatus_compute_consensus(votes, 3,
cert2->identity_key,
sign_skey_2);
sign_skey_2, NULL,NULL);
smartlist_shuffle(votes);
consensus_text3 = networkstatus_compute_consensus(votes, 3,
cert1->identity_key,
sign_skey_1);
sign_skey_1, NULL,NULL);
test_assert(consensus_text2);
test_assert(consensus_text3);
con2 = networkstatus_parse_vote_from_string(consensus_text2, NULL, 0);
@ -2936,10 +2945,10 @@ test_v3_networkstatus(void)
test_eq(2, networkstatus_add_detached_signatures(con, dsig2, &msg));
/* Check signatures */
test_assert(!networkstatus_check_voter_signature(con,
smartlist_get(con->voters, 0),
smartlist_get(con->voters, 1),
cert2));
test_assert(!networkstatus_check_voter_signature(con,
smartlist_get(con->voters, 2),
smartlist_get(con->voters, 3),
cert1));
networkstatus_vote_free(con2);