Opened 12 months ago

Closed 3 months ago

#20245 closed enhancement (implemented)

Integ tests for non-anonymous hidden services

Reported by: teor Owned by: atagar
Priority: Medium Milestone:
Component: Core Tor/Stem Version:
Severity: Normal Keywords: testing
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

SETCONF for options that can only be set at startup:
https://gitweb.torproject.org/tor.git/tree/src/or/config.c#n4336

Reject hidden service creation via ADD_ONION if NonAnonymous flag does not match HiddenServiceNonAnonymousMode (just with HiddenServiceNonAnonymousMode 0)

Make sure that hidden services have a 3 or 4-hop path length for HSDir, Intro, and Rend connections (the only connections that should be one-hop are directory document downloads)

Check that it's not possible to start up tor with mismatching HiddenServiceNonAnonymousMode and HiddenServiceSingleHopMode (both ways)

Set ReachableAddresses to the address and ORPort of a guard, issue a NEWNYM and make sure that guard is the one all circuits go through

Child Tickets

Change History (2)

comment:1 Changed 12 months ago by teor

(The ReachableAddresses test makes sure we fixed #19973.)

comment:2 Changed 3 months ago by atagar

Resolution: implemented
Status: newclosed

Hi Tim, sorry it's taken me so long to get to this.

Reject hidden service creation via ADD_ONION if NonAnonymous flag does not match HiddenServiceNonAnonymousMode (just with HiddenServiceNonAnonymousMode 0)

No problem, added: https://gitweb.torproject.org/stem.git/commit/?id=312ad0a

Check that it's not possible to start up tor with mismatching HiddenServiceNonAnonymousMode and HiddenServiceSingleHopMode (both ways)

This one's easy too. Added: https://gitweb.torproject.org/stem.git/commit/?id=d6378fa

SETCONF for options that can only be set at startup:

On a side note the manual recently-ish added a note to all the config options that can only be set prior to startup. Stem's now using that to provide a nicer exception when folks try to muck with them...

https://gitweb.torproject.org/stem.git/commit/?id=f338c6f

Make sure that hidden services have a 3 or 4-hop path length for HSDir, Intro, and Rend connections (the only connections that should be one-hop are directory document downloads)

Set ReachableAddresses to the address and ORPort of a guard, issue a NEWNYM and make sure that guard is the one all circuits go through

These two are trickier. Tests requiring a live network connection are both tougher to write and less valuable since they only get invoked with the '--target ONLINE' argument. Fine things to do (we have other online tests so this wouldn't at all be a bad fit), but think I'm gonna go with 'patches welcome' on these two.

Feel free to reopen if you think these two tests are particularly important.

Note: See TracTickets for help on using tickets.