commit 61c28b99a2ab9d2f828a346baec6d43c6ef8a144
Author: teor <teor2345(a)gmail.com>
Date: Wed Nov 1 17:00:24 2017 +1100
Add networks that test that IPv6-only tor clients can use microdescriptors
These networks and torrc templates end in "ipv6-md".
Implements #21001.
---
networks/client-ipv6-only-md | 21 +++++++++++++++++++
networks/hs-client-ipv6-md | 24 ++++++++++++++++++++++
networks/hs-ipv6-md | 25 +++++++++++++++++++++++
networks/hs-v23-ipv6-md | 26 ++++++++++++++++++++++++
networks/hs-v3-ipv6-md | 25 +++++++++++++++++++++++
networks/single-onion-client-ipv6-md | 24 ++++++++++++++++++++++
networks/single-onion-ipv6-md | 25 +++++++++++++++++++++++
networks/single-onion-v23-ipv6-md | 27 +++++++++++++++++++++++++
networks/single-onion-v3-ipv6-md | 25 +++++++++++++++++++++++
torrc_templates/client-only-v6-md.i | 2 ++
torrc_templates/client-only-v6-md.tmpl | 2 ++
torrc_templates/client-only-v6.i | 10 +++------
torrc_templates/hs-only-v6-md.tmpl | 3 +++
torrc_templates/hs3-only-v6-md.tmpl | 3 +++
torrc_templates/single-onion-only-v6-md.tmpl | 3 +++
torrc_templates/single-onion-v3-only-v6-md.tmpl | 3 +++
16 files changed, 241 insertions(+), 7 deletions(-)
diff --git a/networks/client-ipv6-only-md b/networks/client-ipv6-only-md
new file mode 100644
index 0000000..32f713e
--- /dev/null
+++ b/networks/client-ipv6-only-md
@@ -0,0 +1,21 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+ExitRelay6 = Node(tag="r", relay=1, exit=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-exit.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# The minimum number of authorities/relays/exits is 3, the minimum path length
+# But for some reason, Tor wants 4 "acceptable routers" (Tor bug #20071)
+NODES = Authority6.getN(3) + ExitRelay6.getN(1) + HS.getN(1) + Client6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-client-ipv6-md b/networks/hs-client-ipv6-md
new file mode 100644
index 0000000..c93c354
--- /dev/null
+++ b/networks/hs-client-ipv6-md
@@ -0,0 +1,24 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client6.getN(1) + HS.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-ipv6-md b/networks/hs-ipv6-md
new file mode 100644
index 0000000..c64080f
--- /dev/null
+++ b/networks/hs-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS6 = Node(tag="h", hs=1, torrc="hs-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + HS6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-v23-ipv6-md b/networks/hs-v23-ipv6-md
new file mode 100644
index 0000000..f562dd8
--- /dev/null
+++ b/networks/hs-v23-ipv6-md
@@ -0,0 +1,26 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HSv2IPv6 = Node(tag="h", hs=1, torrc="hs-only-v6-md.tmpl")
+HSv3IPv6 = Node(tag="h", hs=1, torrc="hs3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + HSv2IPv6.getN(1) + HSv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-v3-ipv6-md b/networks/hs-v3-ipv6-md
new file mode 100644
index 0000000..fc021d8
--- /dev/null
+++ b/networks/hs-v3-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS6 = Node(tag="h", hs=1, torrc="hs3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + HS6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-client-ipv6-md b/networks/single-onion-client-ipv6-md
new file mode 100644
index 0000000..cdd64ec
--- /dev/null
+++ b/networks/single-onion-client-ipv6-md
@@ -0,0 +1,24 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnion = Node(tag="h", hs=1, torrc="single-onion.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client6.getN(1) + SingleOnion.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-ipv6-md b/networks/single-onion-ipv6-md
new file mode 100644
index 0000000..7464e4b
--- /dev/null
+++ b/networks/single-onion-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnion6 = Node(tag="h", hs=1, torrc="single-onion-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + SingleOnion6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-v23-ipv6-md b/networks/single-onion-v23-ipv6-md
new file mode 100644
index 0000000..4450a66
--- /dev/null
+++ b/networks/single-onion-v23-ipv6-md
@@ -0,0 +1,27 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnionv2IPv6 = Node(tag="h", hs=1, torrc="single-onion-only-v6-md.tmpl")
+SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + \
+ SingleOnionv2IPv6.getN(1) + SingleOnionv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-v3-ipv6-md b/networks/single-onion-v3-ipv6-md
new file mode 100644
index 0000000..fc166cd
--- /dev/null
+++ b/networks/single-onion-v3-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+ ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+ '[::1]'),
+ torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+ Client.getN(1) + Client6.getN(1) + SingleOnionv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/torrc_templates/client-only-v6-md.i b/torrc_templates/client-only-v6-md.i
new file mode 100644
index 0000000..8c3d452
--- /dev/null
+++ b/torrc_templates/client-only-v6-md.i
@@ -0,0 +1,2 @@
+# A client that only uses IPv6 ORPorts
+ClientUseIPv4 0
diff --git a/torrc_templates/client-only-v6-md.tmpl b/torrc_templates/client-only-v6-md.tmpl
new file mode 100644
index 0000000..dd4471a
--- /dev/null
+++ b/torrc_templates/client-only-v6-md.tmpl
@@ -0,0 +1,2 @@
+${include:client.tmpl}
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/client-only-v6.i b/torrc_templates/client-only-v6.i
index 3105c0f..985f237 100644
--- a/torrc_templates/client-only-v6.i
+++ b/torrc_templates/client-only-v6.i
@@ -1,10 +1,6 @@
# A client that only uses IPv6 ORPorts
-ClientUseIPv4 0
+${include:client-only-v6-md.i}
+
# Due to Tor bug #19608, microdescriptors can't be used by IPv6-only clients
+# running tor 0.2.9 and earlier
UseMicrodescriptors 0
-
-# Previous versions of Tor did not support IPv6-only operation
-# But this is how it would have been configured
-#ClientUseIPv6 1
-#ClientPreferIPv6ORPort 1
-#ReachableAddresses reject 0.0.0.0/0, accept [::]/0
diff --git a/torrc_templates/hs-only-v6-md.tmpl b/torrc_templates/hs-only-v6-md.tmpl
new file mode 100644
index 0000000..3831a3d
--- /dev/null
+++ b/torrc_templates/hs-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:hs.tmpl}
+# Hidden services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/hs3-only-v6-md.tmpl b/torrc_templates/hs3-only-v6-md.tmpl
new file mode 100644
index 0000000..a017dd9
--- /dev/null
+++ b/torrc_templates/hs3-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:hs-v3.tmpl}
+# Hidden services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/single-onion-only-v6-md.tmpl b/torrc_templates/single-onion-only-v6-md.tmpl
new file mode 100644
index 0000000..d32a503
--- /dev/null
+++ b/torrc_templates/single-onion-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:single-onion.tmpl}
+# Onion services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/single-onion-v3-only-v6-md.tmpl b/torrc_templates/single-onion-v3-only-v6-md.tmpl
new file mode 100644
index 0000000..c4ac312
--- /dev/null
+++ b/torrc_templates/single-onion-v3-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:single-onion-v3.tmpl}
+# Onion services are just another kind of client
+${include:client-only-v6-md.i}