[tor/master] Test a few more tortls.c functions - tor-commits

5 Sep 2018

commit 52ac539b9938af6c47355b67ce1def1236f4ee39
Author: Nick Mathewson nickm@torproject.org
Date:   Thu Aug 23 18:57:26 2018 -0400
Test a few more tortls.c functions
---
 src/lib/tls/tortls_nss.c | 17 ++++++----
 src/test/test_tortls.c   | 82 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 93 insertions(+), 6 deletions(-)

diff --git a/src/lib/tls/tortls_nss.c b/src/lib/tls/tortls_nss.c
index 40a98dd87..df430765a 100644
--- a/src/lib/tls/tortls_nss.c
+++ b/src/lib/tls/tortls_nss.c
@@ -331,6 +331,7 @@ tls_log_errors(tor_tls_t *tls, int severity, int domain,
   (void)tls;
   PRErrorCode code = PORT_GetError();
+  const char *addr = tls ? tls->address : NULL;
   const char *string = PORT_ErrorToString(code);
   const char *name = PORT_ErrorToName(code);
   char buf[16];
@@ -341,10 +342,14 @@ tls_log_errors(tor_tls_t *tls, int severity, int domain,
     name = buf;
   }
+  const char *with = addr ? " with " : "";
+  addr = addr ? addr : "";
   if (doing) {
-    log_fn(severity, domain, "TLS error %s while %s: %s", name, doing, string);
+    log_fn(severity, domain, "TLS error %s while %s%s%s: %s",
+           name, doing, with, addr, string);
   } else {
-    log_fn(severity, domain, "TLS error %s: %s", name, string);
+    log_fn(severity, domain, "TLS error %s%s%s: %s", name, string,
+           with, addr);
   }
 }
@@ -381,7 +386,7 @@ tor_tls_new(tor_socket_t sock, int is_server)
   }
   SECStatus s = SSL_ResetHandshake(ssl, is_server ? PR_TRUE : PR_FALSE);
   if (s != SECSuccess) {
-    crypto_nss_log_errors(LOG_WARN, "resetting handshake state");
+    tls_log_errors(tls, LOG_WARN, LD_CRYPTO, "resetting handshake state");
   }
return tls;
@@ -457,7 +462,7 @@ tor_tls_read, (tor_tls_t *tls, char *cp, size_t len))
   if (err == PR_WOULD_BLOCK_ERROR) {
     return TOR_TLS_WANTREAD; // XXXX ????
   } else {
-    crypto_nss_log_errors(LOG_NOTICE, "reading"); // XXXX
+    tls_log_errors(tls, LOG_NOTICE, LD_CRYPTO, "reading"); // XXXX
     return TOR_TLS_ERROR_MISC; // ????
   }
 }
@@ -482,7 +487,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
   if (err == PR_WOULD_BLOCK_ERROR) {
     return TOR_TLS_WANTWRITE; // XXXX ????
   } else {
-    crypto_nss_log_errors(LOG_NOTICE, "writing"); // XXXX
+    tls_log_errors(tls, LOG_NOTICE, LD_CRYPTO, "writing"); // XXXX
     return TOR_TLS_ERROR_MISC; // ????
   }
 }
@@ -541,7 +546,7 @@ tor_tls_get_pending_bytes(tor_tls_t *tls)
   tor_assert(tls);
   int n = SSL_DataPending(tls->ssl);
   if (n < 0) {
-    crypto_nss_log_errors(LOG_WARN, "Looking up pending bytes");
+    tls_log_errors(tls, LOG_WARN, LD_CRYPTO, "looking up pending bytes");
     return 0;
   }
   return (int)n;
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 0e4b5afaf..b16a88058 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -247,6 +247,85 @@ test_tortls_evaluate_ecgroup_for_tls(void *ignored)
   (void)0;
 }
+static void
+test_tortls_double_init(void *arg)
+{
+  (void) arg;
+  /* If we call tor_tls_context_init() a second time, nothing should go
+   * wrong.
+   */
+  crypto_pk_t *pk1 = NULL, *pk2 = NULL;
+  pk1 = pk_generate(2);
+  pk2 = pk_generate(0);
+
+  int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
+                               pk1, pk2, 86400);
+  tt_int_op(r, OP_EQ, 0);
+
+  r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
+                               pk2, pk1, 86400);
+  tt_int_op(r, OP_EQ, 0);
+
+ done:
+  crypto_pk_free(pk1);
+  crypto_pk_free(pk2);
+}
+
+static void
+test_tortls_address(void *arg)
+{
+  (void)arg;
+  tor_tls_t *tls = NULL;
+  crypto_pk_t *pk1=NULL, *pk2=NULL;
+  pk1 = pk_generate(2);
+  pk2 = pk_generate(0);
+
+  int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
+                               pk1, pk2, 86400);
+  tt_int_op(r, OP_EQ, 0);
+
+  tls = tor_tls_new(-1, 0);
+  tls->state = TOR_TLS_ST_OPEN;
+  tor_tls_set_logged_address(tls, "zombo.com");
+
+  /* This write should fail, since the fd is -1. */
+  setup_capture_of_logs(LOG_INFO);
+  int n = tor_tls_write(tls, "welcome", 7);
+  tt_int_op(n, OP_LT, 0);
+  expect_log_msg_containing("with zombo.com");
+
+ done:
+  teardown_capture_of_logs();
+  tor_tls_free(tls);
+  crypto_pk_free(pk1);
+  crypto_pk_free(pk2);
+}
+
+static void
+test_tortls_is_server(void *arg)
+{
+  (void)arg;
+  crypto_pk_t *pk1=NULL, *pk2=NULL;
+  tor_tls_t *tls1=NULL, *tls2=NULL;
+  pk1 = pk_generate(2);
+  pk2 = pk_generate(0);
+
+  int r = tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
+                               pk1, pk2, 86400);
+  tt_int_op(r, OP_EQ, 0);
+  tls1 = tor_tls_new(-1, 0);
+  tls2 = tor_tls_new(-1, 1);
+
+  tt_assert(! tor_tls_is_server(tls1));
+  tt_assert(tor_tls_is_server(tls2));
+
+ done:
+  tor_tls_free(tls1);
+  tor_tls_free(tls2);
+  crypto_pk_free(pk1);
+  crypto_pk_free(pk2);
+}
+
 #define LOCAL_TEST_CASE(name, flags)                            \
   { #name, test_tortls_##name, (flags|TT_FORK), NULL, NULL }
@@ -262,5 +341,8 @@ struct testcase_t tortls_tests[] = {
   LOCAL_TEST_CASE(server_got_renegotiate, 0),
 #endif
   LOCAL_TEST_CASE(evaluate_ecgroup_for_tls, 0),
+  LOCAL_TEST_CASE(double_init, TT_FORK),
+  LOCAL_TEST_CASE(address, TT_FORK),
+  LOCAL_TEST_CASE(is_server, 0),
   END_OF_TESTCASES
 };

    