[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [chutney/master] Add networks that test that IPv6-only tor clients can use microdescriptors



commit 61c28b99a2ab9d2f828a346baec6d43c6ef8a144
Author: teor <teor2345@xxxxxxxxx>
Date:   Wed Nov 1 17:00:24 2017 +1100

    Add networks that test that IPv6-only tor clients can use microdescriptors
    
    These networks and torrc templates end in "ipv6-md".
    
    Implements #21001.
---
 networks/client-ipv6-only-md                    | 21 +++++++++++++++++++
 networks/hs-client-ipv6-md                      | 24 ++++++++++++++++++++++
 networks/hs-ipv6-md                             | 25 +++++++++++++++++++++++
 networks/hs-v23-ipv6-md                         | 26 ++++++++++++++++++++++++
 networks/hs-v3-ipv6-md                          | 25 +++++++++++++++++++++++
 networks/single-onion-client-ipv6-md            | 24 ++++++++++++++++++++++
 networks/single-onion-ipv6-md                   | 25 +++++++++++++++++++++++
 networks/single-onion-v23-ipv6-md               | 27 +++++++++++++++++++++++++
 networks/single-onion-v3-ipv6-md                | 25 +++++++++++++++++++++++
 torrc_templates/client-only-v6-md.i             |  2 ++
 torrc_templates/client-only-v6-md.tmpl          |  2 ++
 torrc_templates/client-only-v6.i                | 10 +++------
 torrc_templates/hs-only-v6-md.tmpl              |  3 +++
 torrc_templates/hs3-only-v6-md.tmpl             |  3 +++
 torrc_templates/single-onion-only-v6-md.tmpl    |  3 +++
 torrc_templates/single-onion-v3-only-v6-md.tmpl |  3 +++
 16 files changed, 241 insertions(+), 7 deletions(-)

diff --git a/networks/client-ipv6-only-md b/networks/client-ipv6-only-md
new file mode 100644
index 0000000..32f713e
--- /dev/null
+++ b/networks/client-ipv6-only-md
@@ -0,0 +1,21 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+ExitRelay6 = Node(tag="r", relay=1, exit=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="relay-orport-v6-exit.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# The minimum number of authorities/relays/exits is 3, the minimum path length
+# But for some reason, Tor wants 4 "acceptable routers" (Tor bug #20071)
+NODES = Authority6.getN(3) + ExitRelay6.getN(1) + HS.getN(1) + Client6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-client-ipv6-md b/networks/hs-client-ipv6-md
new file mode 100644
index 0000000..c93c354
--- /dev/null
+++ b/networks/hs-client-ipv6-md
@@ -0,0 +1,24 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS = Node(tag="h", hs=1, torrc="hs.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client6.getN(1) + HS.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-ipv6-md b/networks/hs-ipv6-md
new file mode 100644
index 0000000..c64080f
--- /dev/null
+++ b/networks/hs-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS6 = Node(tag="h", hs=1, torrc="hs-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + HS6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-v23-ipv6-md b/networks/hs-v23-ipv6-md
new file mode 100644
index 0000000..f562dd8
--- /dev/null
+++ b/networks/hs-v23-ipv6-md
@@ -0,0 +1,26 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HSv2IPv6 = Node(tag="h", hs=1, torrc="hs-only-v6-md.tmpl")
+HSv3IPv6 = Node(tag="h", hs=1, torrc="hs3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + HSv2IPv6.getN(1) + HSv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/hs-v3-ipv6-md b/networks/hs-v3-ipv6-md
new file mode 100644
index 0000000..fc021d8
--- /dev/null
+++ b/networks/hs-v3-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+HS6 = Node(tag="h", hs=1, torrc="hs3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + HS6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-client-ipv6-md b/networks/single-onion-client-ipv6-md
new file mode 100644
index 0000000..cdd64ec
--- /dev/null
+++ b/networks/single-onion-client-ipv6-md
@@ -0,0 +1,24 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnion = Node(tag="h", hs=1, torrc="single-onion.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client6.getN(1) + SingleOnion.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-ipv6-md b/networks/single-onion-ipv6-md
new file mode 100644
index 0000000..7464e4b
--- /dev/null
+++ b/networks/single-onion-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnion6 = Node(tag="h", hs=1, torrc="single-onion-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + SingleOnion6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-v23-ipv6-md b/networks/single-onion-v23-ipv6-md
new file mode 100644
index 0000000..4450a66
--- /dev/null
+++ b/networks/single-onion-v23-ipv6-md
@@ -0,0 +1,27 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnionv2IPv6 = Node(tag="h", hs=1, torrc="single-onion-only-v6-md.tmpl")
+SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + \
+        SingleOnionv2IPv6.getN(1) + SingleOnionv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/networks/single-onion-v3-ipv6-md b/networks/single-onion-v3-ipv6-md
new file mode 100644
index 0000000..fc166cd
--- /dev/null
+++ b/networks/single-onion-v3-ipv6-md
@@ -0,0 +1,25 @@
+import os
+# By default, Authorities are not configured as exits
+Authority6 = Node(tag="a", authority=1, relay=1,
+                  ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                           '[::1]'),
+                  torrc="authority-orport-v6.tmpl")
+NonExitRelay6 = Node(tag="r", relay=1,
+                     ipv6_addr=os.environ.get('CHUTNEY_LISTEN_ADDRESS_V6',
+                                              '[::1]'),
+                     torrc="relay-orport-v6-non-exit.tmpl")
+Client = Node(tag="c", client=1, torrc="client.tmpl")
+Client6 = Node(tag="c", client=1, torrc="client-only-v6-md.tmpl")
+SingleOnionv3IPv6 = Node(tag="h", hs=1, torrc="single-onion-v3-only-v6-md.tmpl")
+
+# Since only 25% of relays get the guard flag,
+# TestingDirAuthVoteGuard * may need to be used in small networks
+
+# A hidden service needs 5 authorities/relays to ensure it can build HS
+# connections:
+# a minimum path length of 3, plus the client-nominated rendezvous point,
+# plus a seperate introduction point
+NODES = Authority6.getN(2) + NonExitRelay6.getN(3) + \
+        Client.getN(1) + Client6.getN(1) + SingleOnionv3IPv6.getN(1)
+
+ConfigureNodes(NODES)
diff --git a/torrc_templates/client-only-v6-md.i b/torrc_templates/client-only-v6-md.i
new file mode 100644
index 0000000..8c3d452
--- /dev/null
+++ b/torrc_templates/client-only-v6-md.i
@@ -0,0 +1,2 @@
+# A client that only uses IPv6 ORPorts
+ClientUseIPv4 0
diff --git a/torrc_templates/client-only-v6-md.tmpl b/torrc_templates/client-only-v6-md.tmpl
new file mode 100644
index 0000000..dd4471a
--- /dev/null
+++ b/torrc_templates/client-only-v6-md.tmpl
@@ -0,0 +1,2 @@
+${include:client.tmpl}
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/client-only-v6.i b/torrc_templates/client-only-v6.i
index 3105c0f..985f237 100644
--- a/torrc_templates/client-only-v6.i
+++ b/torrc_templates/client-only-v6.i
@@ -1,10 +1,6 @@
 # A client that only uses IPv6 ORPorts
-ClientUseIPv4 0
+${include:client-only-v6-md.i}
+
 # Due to Tor bug #19608, microdescriptors can't be used by IPv6-only clients
+# running tor 0.2.9 and earlier
 UseMicrodescriptors 0
-
-# Previous versions of Tor did not support IPv6-only operation
-# But this is how it would have been configured
-#ClientUseIPv6 1
-#ClientPreferIPv6ORPort 1
-#ReachableAddresses reject 0.0.0.0/0, accept [::]/0
diff --git a/torrc_templates/hs-only-v6-md.tmpl b/torrc_templates/hs-only-v6-md.tmpl
new file mode 100644
index 0000000..3831a3d
--- /dev/null
+++ b/torrc_templates/hs-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:hs.tmpl}
+# Hidden services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/hs3-only-v6-md.tmpl b/torrc_templates/hs3-only-v6-md.tmpl
new file mode 100644
index 0000000..a017dd9
--- /dev/null
+++ b/torrc_templates/hs3-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:hs-v3.tmpl}
+# Hidden services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/single-onion-only-v6-md.tmpl b/torrc_templates/single-onion-only-v6-md.tmpl
new file mode 100644
index 0000000..d32a503
--- /dev/null
+++ b/torrc_templates/single-onion-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:single-onion.tmpl}
+# Onion services are just another kind of client
+${include:client-only-v6-md.i}
diff --git a/torrc_templates/single-onion-v3-only-v6-md.tmpl b/torrc_templates/single-onion-v3-only-v6-md.tmpl
new file mode 100644
index 0000000..c4ac312
--- /dev/null
+++ b/torrc_templates/single-onion-v3-only-v6-md.tmpl
@@ -0,0 +1,3 @@
+${include:single-onion-v3.tmpl}
+# Onion services are just another kind of client
+${include:client-only-v6-md.i}

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits