May 2012 - tor-commits - lists.torproject.org

r25658: {website} am i supposed to bump these too? (website/trunk)
by Roger Dingledine 24 May '12

24 May '12

Author: arma Date: 2012-05-24 08:05:35 +0000 (Thu, 24 May 2012) New Revision: 25658 Modified: website/trunk/Makefile Log: am i supposed to bump these too? Modified: website/trunk/Makefile =================================================================== --- website/trunk/Makefile 2012-05-24 08:04:24 UTC (rev 25657) +++ website/trunk/Makefile 2012-05-24 08:05:35 UTC (rev 25658) @@ -10,8 +10,8 @@ # 4. make # 5. ./publish -export STABLETAG=tor-0.2.2.35 -export DEVTAG=tor-0.2.3.12-alpha +export STABLETAG=tor-0.2.2.36 +export DEVTAG=tor-0.2.3.15-alpha WMLBASE=. SUBDIRS=docs eff projects press about download getinvolved donate torbutton

1 0

r25657: {website} 0.2.2.36 tarball is up (website/trunk/include)
by Roger Dingledine 24 May '12

24 May '12

Author: arma Date: 2012-05-24 08:04:24 +0000 (Thu, 24 May 2012) New Revision: 25657 Modified: website/trunk/include/versions.wmi Log: 0.2.2.36 tarball is up Modified: website/trunk/include/versions.wmi =================================================================== --- website/trunk/include/versions.wmi 2012-05-24 08:04:00 UTC (rev 25656) +++ website/trunk/include/versions.wmi 2012-05-24 08:04:24 UTC (rev 25657) @@ -1,4 +1,4 @@ -<define-tag version-stable whitespace=delete>0.2.2.35</define-tag> +<define-tag version-stable whitespace=delete>0.2.2.36</define-tag> <define-tag version-alpha whitespace=delete>0.2.3.15-alpha</define-tag> <define-tag version-win32-stable whitespace=delete>0.2.2.35</define-tag>

1 0

r25656: {website} point people to micah too (website/trunk/getinvolved/en)
by Roger Dingledine 24 May '12

24 May '12

Author: arma Date: 2012-05-24 08:04:00 +0000 (Thu, 24 May 2012) New Revision: 25656 Modified: website/trunk/getinvolved/en/research.wml Log: point people to micah too Modified: website/trunk/getinvolved/en/research.wml =================================================================== --- website/trunk/getinvolved/en/research.wml 2012-05-23 13:56:08 UTC (rev 25655) +++ website/trunk/getinvolved/en/research.wml 2012-05-24 08:04:00 UTC (rev 25656) @@ -8,7 +8,7 @@ <a href="<page index>">Home » </a> <a href="<page getinvolved/research>">Research</a> </div> - <div id="maincol"> + <div id="maincol">  <h2>Tor: Research</h2> <hr /> @@ -113,6 +113,9 @@ <li><a href="http://www.hatswitch.org/~nikita/">Nikita Borisov</a>'s group at Illinois. </li> +<li>Micah Sherr's <a href="https://security.cs.georgetown.edu/">SecLab</a> +group at Georgetown. +</li> <li>Matt Wright's <a href="http://isec.uta.edu/">iSec</a> group at UTA. </li>

1 0

[tor/release-0.2.2] touch-up the changelogs
by arma＠torproject.org 24 May '12

24 May '12

commit c1414cf70cbfcbb7ad053370f299e7159a85ffc3 Author: Roger Dingledine <arma(a)torproject.org> Date: Thu May 24 03:33:25 2012 -0400 touch-up the changelogs --- ChangeLog | 4 ++-- ReleaseNotes | 27 ++++++++++++++++++++++++--- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index e981880..2150587 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -Changes in version 0.2.2.36 - 2012-04-?? +Changes in version 0.2.2.36 - 2012-05-24 Tor 0.2.2.36 updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. @@ -40,7 +40,7 @@ Changes in version 0.2.2.36 - 2012-04-?? process, then that program could trick the contoller into telling it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" authentication method uses a challenge-response approach to prevent - this attack. Fixes bug 5185, implements proposal 193. + this attack. Fixes bug 5185; implements proposal 193. o Major bugfixes: - Avoid logging uninitialized data when unable to decode a hidden diff --git a/ReleaseNotes b/ReleaseNotes index bfb1374..c47c33a 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -3,7 +3,7 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. -Changes in version 0.2.2.36 - 2012-04-?? +Changes in version 0.2.2.36 - 2012-05-24 Tor 0.2.2.36 updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. @@ -45,7 +45,7 @@ Changes in version 0.2.2.36 - 2012-04-?? process, then that program could trick the contoller into telling it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE" authentication method uses a challenge-response approach to prevent - this attack. Fixes bug 5185, implements proposal 193. + this attack. Fixes bug 5185; implements proposal 193. o Major bugfixes: - Avoid logging uninitialized data when unable to decode a hidden @@ -66,6 +66,15 @@ Changes in version 0.2.2.36 - 2012-04-?? bugfix on 0.2.2.29-beta. Bug found by wanoskarnet. o Minor bugfixes: + - Reject out-of-range times like 23:59:61 in parse_rfc1123_time(). + Fixes bug 5346; bugfix on 0.0.8pre3. + - Make our number-parsing functions always treat too-large values + as an error, even when those values exceed the width of the + underlying type. Previously, if the caller provided these + functions with minima or maxima set to the extreme values of the + underlying integer type, these functions would return those + values on overflow rather than treating overflow as an error. + Fixes part of bug 5786; bugfix on 0.0.9. - Older Linux kernels erroneously respond to strange nmap behavior by having accept() return successfully with a zero-length socket. When this happens, just close the connection. Previously, @@ -73,6 +82,10 @@ Changes in version 0.2.2.36 - 2012-04-?? no such remote address to learn, and our method for trying to learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix on 0.1.0.3-rc. Reported and diagnosed by "r1eo". + - Correct parsing of certain date types in parse_http_time(). + Without this patch, If-Modified-Since would behave + incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from + Esteban Manchado Velázques. - Change the BridgePassword feature (part of the "bridge community" design, which is not yet implemented) to use a time-independent comparison. The old behavior might have allowed an adversary @@ -93,6 +106,12 @@ Changes in version 0.2.2.36 - 2012-04-?? CFLAGS. clang doesn't support them yet. - When sending an HTTP/1.1 proxy request, include a Host header. Fixes bug 5593; bugfix on 0.2.2.1-alpha. + - Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE + command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha. + - If we hit the error case where routerlist_insert() replaces an + existing (old) server descriptor, make sure to remove that + server descriptor from the old_routers list. Fix related to bug + 1776. Bugfix on 0.2.2.18-alpha. o Minor bugfixes (documentation and log messages): - Fix a typo in a log message in rend_service_rendezvous_has_opened(). @@ -107,6 +126,8 @@ Changes in version 0.2.2.36 - 2012-04-?? bug 5067; bugfix on 0.2.0.10-alpha. - Correctly spell "connect" in a log message on failure to create a controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta. + - Clarify the behavior of MaxCircuitDirtiness with hidden service + circuits. Fixes issue 5259. o Minor features: - Directory authorities now reject versions of Tor older than @@ -114,7 +135,7 @@ Changes in version 0.2.2.36 - 2012-04-?? inclusive. These versions accounted for only a small fraction of the Tor network, and have numerous known security issues. Resolves issue 4788. - - Update to the April 3 2012 Maxmind GeoLite Country database. + - Update to the May 1 2012 Maxmind GeoLite Country database. - Feature removal: - When sending or relaying a RELAY_EARLY cell, we used to convert

1 0

[torbutton/master] Bug 4718: Perform version check periodically in the background
by mikeperry＠torproject.org 24 May '12

24 May '12

commit 17a284d4444de6bad842809a57322fc3f8cec493 Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed May 23 18:15:06 2012 -0700 Bug 4718: Perform version check periodically in the background We check every 12 hours. I also made the update check at startup async as part of this. --- src/chrome/content/torbutton.js | 69 ++++++++++++++++++++++++++++++++- src/components/cookie-jar-selector.js | 22 ++++++++++ 2 files changed, 89 insertions(+), 2 deletions(-) diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index 653a777..559a754 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -885,6 +885,71 @@ function torbutton_restore_nontor_settings() torbutton_log(2, 'settings restored'); } +function torbutton_do_async_versioncheck() { + if (!m_tb_tbb || !m_tb_prefs.getBoolPref("extensions.torbutton.versioncheck_enabled")) { + return; + } + torbutton_log(3, "Checking version"); + try { + var req = Components.classes["@mozilla.org/xmlextras/xmlhttprequest;1"] + .createInstance(Components.interfaces.nsIXMLHttpRequest); + //var req = new XMLHttpRequest(); Blocked by content policy + var url = m_tb_prefs.getCharPref("extensions.torbutton.versioncheck_url"); + req.open('GET', url, true); + req.channel.loadFlags |= Ci.nsIRequest.LOAD_BYPASS_CACHE; + req.overrideMimeType("text/json"); + req.onreadystatechange = function (oEvent) { + if (req.readyState === 4) { + if(req.status == 200) { + if(!req.responseText) { + torbutton_log(5, "Version check failed! No JSON present!"); + return -1; + } + try { + var locale = m_tb_prefs.getCharPref("general.useragent.locale"); + var version_list = JSON.parse(req.responseText); + var my_version = m_tb_prefs.getCharPref("torbrowser.version"); + for (var v in version_list) { + if (version_list[v] == my_version) { + torbutton_log(3, "Version check passed."); + var homepage = m_tb_prefs.getCharPref("browser.startup.homepage"); + if (homepage.indexOf("https://check.torproject.org/") == 0) { + m_tb_prefs.setCharPref("browser.startup.homepage", + "https://check.torproject.org/?lang="+locale+"&small=1&uptodate=1"); + } + return; + } + } + torbutton_log(5, "Your Tor Browser is out of date."); + // Not up to date + m_tb_prefs.setCharPref("browser.startup.homepage", + "https://check.torproject.org/?lang="+locale+"&small=1&uptodate=0"); + return; + } catch(e) { + torbutton_log(5, "Version check failed! JSON parsing error: "+e); + return; + } + } else if (req.status == 404) { + // We're going to assume 404 means the service is not implemented yet. + torbutton_log(3, "Version check failed. Versions file is 404."); + return -1; + } + torbutton_log(5, "Version check failed! Web server error: "+req.status); + return -1; + } + }; + req.send(null); + } catch(e) { + if(e.result == 0x80004005) { // NS_ERROR_FAILURE + torbutton_log(5, "Version check failed! Is tor running?"); + return -1; + } + torbutton_log(5, "Version check failed! Tor internal error: "+e); + return -1; + } + +} + function torbutton_check_version() { torbutton_log(3, "Checking version"); try { @@ -2967,7 +3032,7 @@ function torbutton_set_launch_state(state, session_restore) { torbutton_enable_tor(true); torbutton_log(3, "Tor state updated."); - torbutton_do_versioncheck(); + torbutton_do_async_versioncheck(); // Load our homepage again. We just killed it via the toggle. if (!session_restore) { @@ -2982,7 +3047,7 @@ function torbutton_set_launch_state(state, session_restore) { if(state) torbutton_enable_tor(true); else torbutton_disable_tor(); - torbutton_do_versioncheck(); + torbutton_do_async_versioncheck(); // Load our homepage again. We just killed it via the toggle. if (!session_restore) { diff --git a/src/components/cookie-jar-selector.js b/src/components/cookie-jar-selector.js index e26493f..51e4645 100644 --- a/src/components/cookie-jar-selector.js +++ b/src/components/cookie-jar-selector.js @@ -494,6 +494,7 @@ function CookieJarSelector() { var jarThis = this; this.timerCallback = { cookie_changed: false, + update_counter: 0, QueryInterface: function(iid) { if (!iid.equals(Component.interfaces.nsISupports) && @@ -504,6 +505,27 @@ function CookieJarSelector() { return this; }, notify: function() { + // XXX: ========== WARNING! Ultra-mega hack: =============== + // For various reasons, we want to totally refactor Torbutton. + // (see #5709). Since there's no great place to place this timer, + // I figured we might as well place it here. + // + // Additionally, mobile should verify that nsITimer.TYPE_REPEATING_SLACK + // is smart wrt suspend. + // + // We want to perform an update check *about* twice per day. + // I thought about randomizing it, but the slack will probably + // introduce enough noise over the course of 12 hours or so... + // Might as well KISS. + if (++this.update_counter > 720) { + jarThis.logger.log(3, "Performing async version check"); + this.update_counter = 0; + var wm = Cc["@mozilla.org/appshell/window-mediator;1"] + .getService(Components.interfaces.nsIWindowMediator); + var chrome = wm.getMostRecentWindow("navigator:browser"); + chrome.torbutton_do_async_versioncheck(); + } + // this refers to timerCallback object. use jarThis to reference // CookieJarSelector object. if(!this.cookie_changed) {

1 0

[torbutton/master] Bug 5863: Remove the ability to toggle Torbutton
by mikeperry＠torproject.org 24 May '12

24 May '12

commit f61f4ae6641a47c76b1db1b85fb5633022fd44a2 Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Mon May 21 16:29:22 2012 -0700 Bug 5863: Remove the ability to toggle Torbutton We'll leave the UI option to disable this there for one more release.. --- src/defaults/preferences/preferences.js | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/defaults/preferences/preferences.js b/src/defaults/preferences/preferences.js index 23db7c6..8c2ed3e 100644 --- a/src/defaults/preferences/preferences.js +++ b/src/defaults/preferences/preferences.js @@ -22,7 +22,7 @@ pref("extensions.torbutton.gopher_port",0); pref("extensions.torbutton.socks_host",""); pref("extensions.torbutton.socks_port",0); pref("extensions.torbutton.socks_version",5); -pref("extensions.torbutton.locked_mode",false); +pref("extensions.torbutton.locked_mode",true); pref("extensions.torbutton.test_url","https://check.torproject.org/?TorButton=true"); pref("extensions.torbutton.test_failed",false); pref("extensions.torbutton.no_proxies_on","127.0.0.1"); @@ -136,7 +136,7 @@ pref("extensions.torbutton.no_search",true); pref("extensions.torbutton.set_uagent",true); pref("extensions.torbutton.notor_sessionstore",true); pref("extensions.torbutton.nonontor_sessionstore",false); -pref("extensions.torbutton.restore_tor",false); +pref("extensions.torbutton.restore_tor",true); pref("extensions.torbutton.reload_crashed_jar",true); pref("extensions.torbutton.spoof_english",true); pref("extensions.torbutton.spoof_charset",'iso-8859-1,*,utf-8');

1 0

[torbutton/master] Bug 5758: Last ditch effort to keep Torbutton diehards safe
by mikeperry＠torproject.org 24 May '12

24 May '12

commit b274fac98f1387d97851f35d1ed1f86053f9b86c Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Sun May 20 19:32:12 2012 -0700 Bug 5758: Last ditch effort to keep Torbutton diehards safe --- src/chrome/content/torbutton.js | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index 9e519d5..653a777 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -1960,6 +1960,14 @@ function torbutton_update_status(mode, force_update) { return; } + // #5758: Last ditch effort to keep Vanilla Torbutton users from totally + // being pwnt. This is a pretty darn ugly hack, too. But because of #5863, + // we really don't care about preserving the user's values for this. + if (!m_tb_tbb) { + m_tb_prefs.setBoolPref("network.websockets.enabled", false); + m_tb_prefs.setBoolPref("dom.indexedDB.enabled", false); + } + torbutton_set_timezone(mode, false); // This call also has to be here for 3rd party proxy changers.

1 0

[torbutton/master] Misc: Open a new browser window the official way.
by mikeperry＠torproject.org 24 May '12

24 May '12

commit 58dc8f145b906b4496b51208948893ab85765f6f Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed May 23 18:19:37 2012 -0700 Misc: Open a new browser window the official way. There was an issue with the 5729 fix with windows closing out from under us if the page load was stopped. --- src/chrome/content/torbutton.js | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index 559a754..55b2379 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -1613,9 +1613,7 @@ function torbutton_do_new_identity() { } // Open a new window with the TBB check homepage - var homepage = m_tb_prefs.getComplexValue("browser.startup.homepage", - Components.interfaces.nsIPrefLocalizedString).data; - window.open(homepage); + OpenBrowserWindow(); torbutton_log(3, "New identity successful");

1 0

[translation/https_everywhere] Update translations for https_everywhere
by translation＠torproject.org 23 May '12

23 May '12

commit c7a4b6ad7d86c4720cf033d4d15eeb928881a515 Author: Translation commit bot <translation(a)torproject.org> Date: Wed May 23 18:45:26 2012 +0000 Update translations for https_everywhere --- it/ssl-observatory.dtd | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/it/ssl-observatory.dtd b/it/ssl-observatory.dtd index 479f445..5d2823d 100644 --- a/it/ssl-observatory.dtd +++ b/it/ssl-observatory.dtd @@ -42,7 +42,7 @@ to turn it on?">--> <!ENTITY ssl-observatory.prefs.asn_tooltip ""> -<!ENTITY ssl-observatory.prefs.done ""> +<!ENTITY ssl-observatory.prefs.done "Fatto"> <!ENTITY ssl-observatory.prefs.explanation "">

1 0

[stem/master] Supporting bridge descriptor's router-digest field
by atagar＠torproject.org 23 May '12

23 May '12

commit e7e03d2f61d6dcc7bc5e5ad4dee91c37a814ee16 Author: Damian Johnson <atagar(a)torproject.org> Date: Wed May 23 09:52:23 2012 -0700 Supporting bridge descriptor's router-digest field Scrubbed bridge server and extra-info descriptors will soon have a 'router-digest' line which contains the server digest. This is a value that we can't calculate for ourselves because, of course, the descriptor's contents have been modified. I'm flagging this as being a required field. This does not yet parse it in extra-info descriptors since it neither has a digest() method nor did I realize that bridge extra-info descriptors were special. --- stem/descriptor/server_descriptor.py | 52 ++++++++++++++++++-------- test/integ/descriptor/data/bridge_descriptor | 1 + test/integ/descriptor/server_descriptor.py | 1 + test/unit/descriptor/server_descriptor.py | 41 ++++++++++++++++++++- 4 files changed, 78 insertions(+), 17 deletions(-) diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index 9a91d60..0014ff5 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -11,13 +11,13 @@ etc). This information is provided from a few sources... parse_file - Iterates over the server descriptors in a file. ServerDescriptor - Tor server descriptor. | |- RelayDescriptor - Server descriptor for a relay. - | | |- is_valid - checks the signature against the descriptor content - | | +- digest - calculates the digest value for our content + | | +- is_valid - checks the signature against the descriptor content | | | +- BridgeDescriptor - Scrubbed server descriptor for a bridge. | |- is_scrubbed - checks if our content has been properly scrubbed | +- get_scrubbing_issues - description of issues with our scrubbing | + |- digest - calculates the digest value for our content |- get_unrecognized_lines - lines with unrecognized content |- get_annotations - dictionary of content prior to the descriptor entry +- get_annotation_lines - lines that provided the annotations @@ -248,6 +248,21 @@ class ServerDescriptor(stem.descriptor.Descriptor): self._parse(entries, validate) if validate: self._check_constraints(entries, first_keyword, last_keyword) + def digest(self): + """ + Provides the base64 encoded sha1 of our content. This value is part of the + server descriptor entry for this relay. + + Note that network status entries exclude the padding, so you'll need to add + a '=' to it so they'll match... + https://en.wikipedia.org/wiki/Base64#Padding + + Returns: + str with the digest value for this server descriptor + """ + + raise NotImplementedError("Unsupported Operation: this should be implemented by the ServerDescriptor subclass") + def get_unrecognized_lines(self): return list(self._unrecognized_lines) @@ -566,18 +581,6 @@ class RelayDescriptor(ServerDescriptor): raise NotImplementedError # TODO: implement def digest(self): - """ - Provides the base64 encoded sha1 of our content. This value is part of the - server descriptor entry for this relay. - - Note that network status entries exclude the padding, so you'll need to add - a '=' to it so they'll match... - https://en.wikipedia.org/wiki/Base64#Padding - - Returns: - str with the digest value for this server descriptor - """ - if self._digest is None: # our digest is calculated from everything except our signature raw_content, ending = str(self), "\nrouter-signature\n" @@ -642,15 +645,28 @@ class BridgeDescriptor(ServerDescriptor): def __init__(self, raw_contents, validate = True, annotations = None): self.address_alt = [] + self._digest = None self._scrubbing_issues = None ServerDescriptor.__init__(self, raw_contents, validate, annotations) + def digest(self): + return self._digest + def _parse(self, entries, validate): entries = dict(entries) # handles fields only in bridge descriptors for keyword, values in entries.items(): - if keyword == "or-address": + value, block_contents = values[0] + line = "%s %s" % (keyword, value) + + if keyword == "router-digest": + if validate and not re.match("^[0-9a-fA-F]{40}$", value): + raise ValueError("Router digest line had an invalid sha1 digest: %s" % line) + + self._digest = value + del entries["router-digest"] + elif keyword == "or-address": or_address_entries = [value for (value, _) in values] for entry in or_address_entries: @@ -741,7 +757,11 @@ class BridgeDescriptor(ServerDescriptor): "router-signature", ) - return filter(lambda e: not e in excluded_fields, REQUIRED_FIELDS) + included_fields = ( + "router-digest", + ) + + return included_fields + filter(lambda e: not e in excluded_fields, REQUIRED_FIELDS) def _single_fields(self): return self._required_fields() + SINGLE_FIELDS diff --git a/test/integ/descriptor/data/bridge_descriptor b/test/integ/descriptor/data/bridge_descriptor index 07dffe2..b7dbd92 100644 --- a/test/integ/descriptor/data/bridge_descriptor +++ b/test/integ/descriptor/data/bridge_descriptor @@ -1,5 +1,6 @@ @type bridge-server-descriptor 1.0 router Unnamed 10.45.227.253 9001 0 0 +router-digest 006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4 or-address [fd9f:2e19:3bcf::02:9970]:9001 platform Tor 0.2.3.12-alpha (git-800942b4176ca31c) on Linux x86_64 opt protocols Link 1 2 Circuit 1 diff --git a/test/integ/descriptor/server_descriptor.py b/test/integ/descriptor/server_descriptor.py index afe3c93..180e82c 100644 --- a/test/integ/descriptor/server_descriptor.py +++ b/test/integ/descriptor/server_descriptor.py @@ -307,5 +307,6 @@ Qlx9HNCqCY877ztFRC624ja2ql6A2hBcuoYMbkHjcQ4= self.assertEquals(819200, desc.burst_bandwidth) self.assertEquals(5120, desc.observed_bandwidth) self.assertEquals(["reject *:*"], desc.exit_policy) + self.assertEquals("006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4", desc.digest()) self.assertEquals([], desc.get_unrecognized_lines()) diff --git a/test/unit/descriptor/server_descriptor.py b/test/unit/descriptor/server_descriptor.py index e381318..0eb4891 100644 --- a/test/unit/descriptor/server_descriptor.py +++ b/test/unit/descriptor/server_descriptor.py @@ -27,6 +27,7 @@ RELAY_DESCRIPTOR_ATTR = ( BRIDGE_DESCRIPTOR_ATTR = ( ("router", "Unnamed 10.45.227.253 9001 0 0"), + ("router-digest", "006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4"), ("published", "2012-03-22 17:34:38"), ("bandwidth", "409600 819200 5120"), ("reject", "*:*"), @@ -319,6 +320,7 @@ class TestServerDescriptor(unittest.TestCase): self.assertEquals("Unnamed", desc.nickname) self.assertEquals("10.45.227.253", desc.address) self.assertEquals(None, desc.fingerprint) + self.assertEquals("006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4", desc.digest()) # check that we don't have crypto fields self.assertRaises(AttributeError, getattr, desc, "onion_key") @@ -352,10 +354,47 @@ class TestServerDescriptor(unittest.TestCase): its unsanatized content. """ - desc_text = _make_descriptor() + desc_text = _make_descriptor({"router-digest": "006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4"}) desc = BridgeDescriptor(desc_text) self.assertFalse(desc.is_scrubbed()) + def test_router_digest(self): + """ + Constructs with a router-digest line with both valid and invalid contents. + """ + + # checks with valid content + + router_digest = "068A2E28D4C934D9490303B7A645BA068DCA0504" + desc_text = _make_descriptor({"router-digest": router_digest}, is_bridge = True) + desc = BridgeDescriptor(desc_text) + self.assertEquals(router_digest, desc.digest()) + + # checks when missing + + desc_text = _make_descriptor(exclude = ["router-digest"], is_bridge = True) + self.assertRaises(ValueError, BridgeDescriptor, desc_text) + + # check that we can still construct it without validation + desc = BridgeDescriptor(desc_text, validate = False) + self.assertEquals(None, desc.digest()) + + # checks with invalid content + + test_values = ( + "", + "006FD96BA35E7785A6A3B8B75FE2E2435A13BDB44", + "006FD96BA35E7785A6A3B8B75FE2E2435A13BDB", + "006FD96BA35E7785A6A3B8B75FE2E2435A13BDBH", + ) + + for value in test_values: + desc_text = _make_descriptor({"router-digest": value}, is_bridge = True) + self.assertRaises(ValueError, BridgeDescriptor, desc_text) + + desc = BridgeDescriptor(desc_text, validate = False) + self.assertEquals(value, desc.digest()) + def test_or_address_v4(self): """ Constructs a bridge descriptor with a sanatized IPv4 or-address entry.

1 0