commit a7a2dc54f27a0c26f2b9eea5d30d56444617377a Author: Karsten Loesing <karsten.loesing@gmx.net> Date: Tue Jul 5 10:10:36 2016 +0200 Parse "tunnelled-dir-server" lines in server descriptors. Implements #19284. --- CHANGELOG.md | 1 + .../torproject/descriptor/ServerDescriptor.java | 8 ++++ .../descriptor/impl/ServerDescriptorImpl.java | 22 +++++++++- .../descriptor/impl/ServerDescriptorImplTest.java | 47 ++++++++++++++++++++++ 4 files changed, 76 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 160d405..08ad726 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ same identity key digest but different algorithms. - Be more lenient about digest lengths in directory signatures which may be longer or shorter than 20 bytes. + - Parse "tunnelled-dir-server" lines in server descriptors. # Changes in version 1.2.0 - 2016-05-31 diff --git a/src/org/torproject/descriptor/ServerDescriptor.java b/src/org/torproject/descriptor/ServerDescriptor.java index 17c7e82..d1af421 100644 --- a/src/org/torproject/descriptor/ServerDescriptor.java +++ b/src/org/torproject/descriptor/ServerDescriptor.java @@ -423,5 +423,13 @@ public interface ServerDescriptor extends Descriptor { * @since 1.1.0 */ public int getNtorOnionKeyCrosscertSign(); + + /** + * Return whether the server accepts "tunneled" directory requests using + * a BEGIN_DIR cell over the server's OR port. + * + * @since 1.3.0 + */ + public boolean getTunnelledDirServer(); } diff --git a/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java b/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java index aa9cc02..1805dca 100644 --- a/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java +++ b/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java @@ -38,8 +38,9 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl + "eventdns,caches-extra-info,extra-info-digest," + "hidden-service-dir,protocols,allow-single-hop-exits,onion-key," + "signing-key,ipv6-policy,ntor-onion-key,onion-key-crosscert," - + "ntor-onion-key-crosscert,router-sig-ed25519,router-signature," - + "router-digest-sha256,router-digest").split(","))); + + "ntor-onion-key-crosscert,tunnelled-dir-server," + + "router-sig-ed25519,router-signature,router-digest-sha256," + + "router-digest").split(","))); this.checkAtMostOnceKeywords(atMostOnceKeywords); this.checkFirstKeyword("router"); if (this.getKeywordCount("accept") == 0 && @@ -171,6 +172,9 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl this.parseNtorOnionKeyCrosscert(line, lineNoOpt, partsNoOpt); nextCrypto = "ntor-onion-key-crosscert"; break; + case "tunnelled-dir-server": + this.parseTunnelledDirServerLine(line, lineNoOpt, partsNoOpt); + break; case "-----BEGIN": cryptoLines = new ArrayList<>(); cryptoLines.add(line); @@ -607,6 +611,14 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl } } + private void parseTunnelledDirServerLine(String line, String lineNoOpt, + String[] partsNoOpt) throws DescriptorParseException { + if (!lineNoOpt.equals("tunnelled-dir-server")) { + throw new DescriptorParseException("Illegal line '" + line + "'."); + } + this.tunnelledDirServer = true; + } + private void parseIdentityEd25519CryptoBlock(String cryptoString) throws DescriptorParseException { String masterKeyEd25519FromIdentityEd25519 = @@ -963,5 +975,11 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl public int getNtorOnionKeyCrosscertSign() { return ntorOnionKeyCrosscertSign; } + + private boolean tunnelledDirServer; + @Override + public boolean getTunnelledDirServer() { + return this.tunnelledDirServer; + } } diff --git a/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java index 292afce..cd3f1a5 100644 --- a/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java +++ b/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java @@ -212,6 +212,13 @@ public class ServerDescriptorImplTest { db.ntorOnionKeyLine = line; return new RelayServerDescriptorImpl(db.buildDescriptor(), true); } + private String tunnelledDirServerLine = null; + private static ServerDescriptor createWithTunnelledDirServerLine( + String line) throws DescriptorParseException { + DescriptorBuilder db = new DescriptorBuilder(); + db.tunnelledDirServerLine = line; + return new RelayServerDescriptorImpl(db.buildDescriptor(), true); + } private String routerSignatureLines = "router-signature\n" + "-----BEGIN SIGNATURE-----\n" + "o4j+kH8UQfjBwepUnr99v0ebN8RpzHJ/lqYsTojXHy9kMr1RNI9IDeSzA7PSqT" @@ -333,6 +340,9 @@ public class ServerDescriptorImplTest { if (this.ntorOnionKeyLine != null) { sb.append(this.ntorOnionKeyLine).append("\n"); } + if (this.tunnelledDirServerLine != null) { + sb.append(this.tunnelledDirServerLine).append("\n"); + } if (this.unrecognizedLine != null) { sb.append(this.unrecognizedLine).append("\n"); } @@ -1345,6 +1355,43 @@ public class ServerDescriptorImplTest { + "Y/XgaHcPIJVa4D55kir9QLH8rEYAaLXuv3c3sm8jYhY\n"); } + @Test() + public void testTunnelledDirServerTrue() + throws DescriptorParseException { + ServerDescriptor descriptor = DescriptorBuilder + .createWithTunnelledDirServerLine("tunnelled-dir-server"); + assertTrue(descriptor.getTunnelledDirServer()); + } + + @Test() + public void testTunnelledDirServerFalse() + throws DescriptorParseException { + ServerDescriptor descriptor = DescriptorBuilder + .createWithTunnelledDirServerLine(null); + assertFalse(descriptor.getTunnelledDirServer()); + } + + @Test(expected = DescriptorParseException.class) + public void testTunnelledDirServerTypo() + throws DescriptorParseException { + DescriptorBuilder.createWithTunnelledDirServerLine( + "tunneled-dir-server"); + } + + @Test(expected = DescriptorParseException.class) + public void testTunnelledDirServerTwice() + throws DescriptorParseException { + DescriptorBuilder.createWithTunnelledDirServerLine( + "tunnelled-dir-server\ntunnelled-dir-server"); + } + + @Test(expected = DescriptorParseException.class) + public void testTunnelledDirServerArgs() + throws DescriptorParseException { + DescriptorBuilder.createWithTunnelledDirServerLine( + "tunnelled-dir-server 1"); + } + @Test(expected = DescriptorParseException.class) public void testUnrecognizedLineFail() throws DescriptorParseException {