1 // SPDX-License-Identifier: GPL-2.0
2
3 #define _GNU_SOURCE
4
5 #include <arpa/inet.h>
6 #include <errno.h>
7 #include <error.h>
8 #include <fcntl.h>
9 #include <poll.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <unistd.h>
13
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
17
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
21 #include <sys/stat.h>
22
23 #include "../kselftest_harness.h"
24
25 #define TLS_PAYLOAD_MAX_LEN 16384
26 #define SOL_TLS 282
27
FIXTURE(tls_basic)28 FIXTURE(tls_basic)
29 {
30 int fd, cfd;
31 bool notls;
32 };
33
FIXTURE_SETUP(tls_basic)34 FIXTURE_SETUP(tls_basic)
35 {
36 struct sockaddr_in addr;
37 socklen_t len;
38 int sfd, ret;
39
40 self->notls = false;
41 len = sizeof(addr);
42
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 addr.sin_port = 0;
46
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
49
50 ret = bind(sfd, &addr, sizeof(addr));
51 ASSERT_EQ(ret, 0);
52 ret = listen(sfd, 10);
53 ASSERT_EQ(ret, 0);
54
55 ret = getsockname(sfd, &addr, &len);
56 ASSERT_EQ(ret, 0);
57
58 ret = connect(self->fd, &addr, sizeof(addr));
59 ASSERT_EQ(ret, 0);
60
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
63
64 close(sfd);
65
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 if (ret != 0) {
68 ASSERT_EQ(errno, ENOENT);
69 self->notls = true;
70 printf("Failure setting TCP_ULP, testing without tls\n");
71 return;
72 }
73
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 ASSERT_EQ(ret, 0);
76 }
77
FIXTURE_TEARDOWN(tls_basic)78 FIXTURE_TEARDOWN(tls_basic)
79 {
80 close(self->fd);
81 close(self->cfd);
82 }
83
84 /* Send some data through with ULP but no keys */
TEST_F(tls_basic,base_base)85 TEST_F(tls_basic, base_base)
86 {
87 char const *test_str = "test_read";
88 int send_len = 10;
89 char buf[10];
90
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
92
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96 };
97
FIXTURE(tls)98 FIXTURE(tls)
99 {
100 int fd, cfd;
101 bool notls;
102 };
103
FIXTURE_SETUP(tls)104 FIXTURE_SETUP(tls)
105 {
106 struct tls12_crypto_info_aes_gcm_128 tls12;
107 struct sockaddr_in addr;
108 socklen_t len;
109 int sfd, ret;
110
111 self->notls = false;
112 len = sizeof(addr);
113
114 memset(&tls12, 0, sizeof(tls12));
115 tls12.info.version = TLS_1_3_VERSION;
116 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
117
118 addr.sin_family = AF_INET;
119 addr.sin_addr.s_addr = htonl(INADDR_ANY);
120 addr.sin_port = 0;
121
122 self->fd = socket(AF_INET, SOCK_STREAM, 0);
123 sfd = socket(AF_INET, SOCK_STREAM, 0);
124
125 ret = bind(sfd, &addr, sizeof(addr));
126 ASSERT_EQ(ret, 0);
127 ret = listen(sfd, 10);
128 ASSERT_EQ(ret, 0);
129
130 ret = getsockname(sfd, &addr, &len);
131 ASSERT_EQ(ret, 0);
132
133 ret = connect(self->fd, &addr, sizeof(addr));
134 ASSERT_EQ(ret, 0);
135
136 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
137 if (ret != 0) {
138 self->notls = true;
139 printf("Failure setting TCP_ULP, testing without tls\n");
140 }
141
142 if (!self->notls) {
143 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
144 sizeof(tls12));
145 ASSERT_EQ(ret, 0);
146 }
147
148 self->cfd = accept(sfd, &addr, &len);
149 ASSERT_GE(self->cfd, 0);
150
151 if (!self->notls) {
152 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
153 sizeof("tls"));
154 ASSERT_EQ(ret, 0);
155
156 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
157 sizeof(tls12));
158 ASSERT_EQ(ret, 0);
159 }
160
161 close(sfd);
162 }
163
FIXTURE_TEARDOWN(tls)164 FIXTURE_TEARDOWN(tls)
165 {
166 close(self->fd);
167 close(self->cfd);
168 }
169
TEST_F(tls,sendfile)170 TEST_F(tls, sendfile)
171 {
172 int filefd = open("/proc/self/exe", O_RDONLY);
173 struct stat st;
174
175 EXPECT_GE(filefd, 0);
176 fstat(filefd, &st);
177 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
178 }
179
TEST_F(tls,send_then_sendfile)180 TEST_F(tls, send_then_sendfile)
181 {
182 int filefd = open("/proc/self/exe", O_RDONLY);
183 char const *test_str = "test_send";
184 int to_send = strlen(test_str) + 1;
185 char recv_buf[10];
186 struct stat st;
187 char *buf;
188
189 EXPECT_GE(filefd, 0);
190 fstat(filefd, &st);
191 buf = (char *)malloc(st.st_size);
192
193 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
194 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
195 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
196
197 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
198 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
199 }
200
TEST_F(tls,recv_max)201 TEST_F(tls, recv_max)
202 {
203 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
204 char recv_mem[TLS_PAYLOAD_MAX_LEN];
205 char buf[TLS_PAYLOAD_MAX_LEN];
206
207 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
208 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
209 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
210 }
211
TEST_F(tls,recv_small)212 TEST_F(tls, recv_small)
213 {
214 char const *test_str = "test_read";
215 int send_len = 10;
216 char buf[10];
217
218 send_len = strlen(test_str) + 1;
219 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
220 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
221 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
222 }
223
TEST_F(tls,msg_more)224 TEST_F(tls, msg_more)
225 {
226 char const *test_str = "test_read";
227 int send_len = 10;
228 char buf[10 * 2];
229
230 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
231 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
232 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
233 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
234 send_len * 2);
235 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
236 }
237
TEST_F(tls,msg_more_unsent)238 TEST_F(tls, msg_more_unsent)
239 {
240 char const *test_str = "test_read";
241 int send_len = 10;
242 char buf[10];
243
244 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
245 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
246 }
247
TEST_F(tls,sendmsg_single)248 TEST_F(tls, sendmsg_single)
249 {
250 struct msghdr msg;
251
252 char const *test_str = "test_sendmsg";
253 size_t send_len = 13;
254 struct iovec vec;
255 char buf[13];
256
257 vec.iov_base = (char *)test_str;
258 vec.iov_len = send_len;
259 memset(&msg, 0, sizeof(struct msghdr));
260 msg.msg_iov = &vec;
261 msg.msg_iovlen = 1;
262 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
263 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
264 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
265 }
266
267 #define MAX_FRAGS 64
268 #define SEND_LEN 13
TEST_F(tls,sendmsg_fragmented)269 TEST_F(tls, sendmsg_fragmented)
270 {
271 char const *test_str = "test_sendmsg";
272 char buf[SEND_LEN * MAX_FRAGS];
273 struct iovec vec[MAX_FRAGS];
274 struct msghdr msg;
275 int i, frags;
276
277 for (frags = 1; frags <= MAX_FRAGS; frags++) {
278 for (i = 0; i < frags; i++) {
279 vec[i].iov_base = (char *)test_str;
280 vec[i].iov_len = SEND_LEN;
281 }
282
283 memset(&msg, 0, sizeof(struct msghdr));
284 msg.msg_iov = vec;
285 msg.msg_iovlen = frags;
286
287 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
288 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
289 SEND_LEN * frags);
290
291 for (i = 0; i < frags; i++)
292 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
293 test_str, SEND_LEN), 0);
294 }
295 }
296 #undef MAX_FRAGS
297 #undef SEND_LEN
298
TEST_F(tls,sendmsg_large)299 TEST_F(tls, sendmsg_large)
300 {
301 void *mem = malloc(16384);
302 size_t send_len = 16384;
303 size_t sends = 128;
304 struct msghdr msg;
305 size_t recvs = 0;
306 size_t sent = 0;
307
308 memset(&msg, 0, sizeof(struct msghdr));
309 while (sent++ < sends) {
310 struct iovec vec = { (void *)mem, send_len };
311
312 msg.msg_iov = &vec;
313 msg.msg_iovlen = 1;
314 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
315 }
316
317 while (recvs++ < sends)
318 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
319
320 free(mem);
321 }
322
TEST_F(tls,sendmsg_multiple)323 TEST_F(tls, sendmsg_multiple)
324 {
325 char const *test_str = "test_sendmsg_multiple";
326 struct iovec vec[5];
327 char *test_strs[5];
328 struct msghdr msg;
329 int total_len = 0;
330 int len_cmp = 0;
331 int iov_len = 5;
332 char *buf;
333 int i;
334
335 memset(&msg, 0, sizeof(struct msghdr));
336 for (i = 0; i < iov_len; i++) {
337 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
338 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
339 vec[i].iov_base = (void *)test_strs[i];
340 vec[i].iov_len = strlen(test_strs[i]) + 1;
341 total_len += vec[i].iov_len;
342 }
343 msg.msg_iov = vec;
344 msg.msg_iovlen = iov_len;
345
346 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
347 buf = malloc(total_len);
348 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
349 for (i = 0; i < iov_len; i++) {
350 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
351 strlen(test_strs[i])),
352 0);
353 len_cmp += strlen(buf + len_cmp) + 1;
354 }
355 for (i = 0; i < iov_len; i++)
356 free(test_strs[i]);
357 free(buf);
358 }
359
TEST_F(tls,sendmsg_multiple_stress)360 TEST_F(tls, sendmsg_multiple_stress)
361 {
362 char const *test_str = "abcdefghijklmno";
363 struct iovec vec[1024];
364 char *test_strs[1024];
365 int iov_len = 1024;
366 int total_len = 0;
367 char buf[1 << 14];
368 struct msghdr msg;
369 int len_cmp = 0;
370 int i;
371
372 memset(&msg, 0, sizeof(struct msghdr));
373 for (i = 0; i < iov_len; i++) {
374 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
375 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
376 vec[i].iov_base = (void *)test_strs[i];
377 vec[i].iov_len = strlen(test_strs[i]) + 1;
378 total_len += vec[i].iov_len;
379 }
380 msg.msg_iov = vec;
381 msg.msg_iovlen = iov_len;
382
383 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
384 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
385
386 for (i = 0; i < iov_len; i++)
387 len_cmp += strlen(buf + len_cmp) + 1;
388
389 for (i = 0; i < iov_len; i++)
390 free(test_strs[i]);
391 }
392
TEST_F(tls,splice_from_pipe)393 TEST_F(tls, splice_from_pipe)
394 {
395 int send_len = TLS_PAYLOAD_MAX_LEN;
396 char mem_send[TLS_PAYLOAD_MAX_LEN];
397 char mem_recv[TLS_PAYLOAD_MAX_LEN];
398 int p[2];
399
400 ASSERT_GE(pipe(p), 0);
401 EXPECT_GE(write(p[1], mem_send, send_len), 0);
402 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
403 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
404 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
405 }
406
TEST_F(tls,splice_from_pipe2)407 TEST_F(tls, splice_from_pipe2)
408 {
409 int send_len = 16000;
410 char mem_send[16000];
411 char mem_recv[16000];
412 int p2[2];
413 int p[2];
414
415 ASSERT_GE(pipe(p), 0);
416 ASSERT_GE(pipe(p2), 0);
417 EXPECT_GE(write(p[1], mem_send, 8000), 0);
418 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
419 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
420 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
421 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
422 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
423 }
424
TEST_F(tls,send_and_splice)425 TEST_F(tls, send_and_splice)
426 {
427 int send_len = TLS_PAYLOAD_MAX_LEN;
428 char mem_send[TLS_PAYLOAD_MAX_LEN];
429 char mem_recv[TLS_PAYLOAD_MAX_LEN];
430 char const *test_str = "test_read";
431 int send_len2 = 10;
432 char buf[10];
433 int p[2];
434
435 ASSERT_GE(pipe(p), 0);
436 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
437 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
438 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
439
440 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
441 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
442
443 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
444 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
445 }
446
TEST_F(tls,splice_to_pipe)447 TEST_F(tls, splice_to_pipe)
448 {
449 int send_len = TLS_PAYLOAD_MAX_LEN;
450 char mem_send[TLS_PAYLOAD_MAX_LEN];
451 char mem_recv[TLS_PAYLOAD_MAX_LEN];
452 int p[2];
453
454 ASSERT_GE(pipe(p), 0);
455 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
456 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
457 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
458 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
459 }
460
TEST_F(tls,recvmsg_single)461 TEST_F(tls, recvmsg_single)
462 {
463 char const *test_str = "test_recvmsg_single";
464 int send_len = strlen(test_str) + 1;
465 char buf[20];
466 struct msghdr hdr;
467 struct iovec vec;
468
469 memset(&hdr, 0, sizeof(hdr));
470 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
471 vec.iov_base = (char *)buf;
472 vec.iov_len = send_len;
473 hdr.msg_iovlen = 1;
474 hdr.msg_iov = &vec;
475 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
476 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
477 }
478
TEST_F(tls,recvmsg_single_max)479 TEST_F(tls, recvmsg_single_max)
480 {
481 int send_len = TLS_PAYLOAD_MAX_LEN;
482 char send_mem[TLS_PAYLOAD_MAX_LEN];
483 char recv_mem[TLS_PAYLOAD_MAX_LEN];
484 struct iovec vec;
485 struct msghdr hdr;
486
487 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
488 vec.iov_base = (char *)recv_mem;
489 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
490
491 hdr.msg_iovlen = 1;
492 hdr.msg_iov = &vec;
493 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
494 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
495 }
496
TEST_F(tls,recvmsg_multiple)497 TEST_F(tls, recvmsg_multiple)
498 {
499 unsigned int msg_iovlen = 1024;
500 unsigned int len_compared = 0;
501 struct iovec vec[1024];
502 char *iov_base[1024];
503 unsigned int iov_len = 16;
504 int send_len = 1 << 14;
505 char buf[1 << 14];
506 struct msghdr hdr;
507 int i;
508
509 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
510 for (i = 0; i < msg_iovlen; i++) {
511 iov_base[i] = (char *)malloc(iov_len);
512 vec[i].iov_base = iov_base[i];
513 vec[i].iov_len = iov_len;
514 }
515
516 hdr.msg_iovlen = msg_iovlen;
517 hdr.msg_iov = vec;
518 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
519 for (i = 0; i < msg_iovlen; i++)
520 len_compared += iov_len;
521
522 for (i = 0; i < msg_iovlen; i++)
523 free(iov_base[i]);
524 }
525
TEST_F(tls,single_send_multiple_recv)526 TEST_F(tls, single_send_multiple_recv)
527 {
528 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
529 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
530 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
531 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
532
533 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
534 memset(recv_mem, 0, total_len);
535
536 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
537 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
538 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
539 }
540
TEST_F(tls,multiple_send_single_recv)541 TEST_F(tls, multiple_send_single_recv)
542 {
543 unsigned int total_len = 2 * 10;
544 unsigned int send_len = 10;
545 char recv_mem[2 * 10];
546 char send_mem[10];
547
548 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
549 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
550 memset(recv_mem, 0, total_len);
551 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
552
553 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
554 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
555 }
556
TEST_F(tls,single_send_multiple_recv_non_align)557 TEST_F(tls, single_send_multiple_recv_non_align)
558 {
559 const unsigned int total_len = 15;
560 const unsigned int recv_len = 10;
561 char recv_mem[recv_len * 2];
562 char send_mem[total_len];
563
564 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
565 memset(recv_mem, 0, total_len);
566
567 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
568 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
569 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
570 }
571
TEST_F(tls,recv_partial)572 TEST_F(tls, recv_partial)
573 {
574 char const *test_str = "test_read_partial";
575 char const *test_str_first = "test_read";
576 char const *test_str_second = "_partial";
577 int send_len = strlen(test_str) + 1;
578 char recv_mem[18];
579
580 memset(recv_mem, 0, sizeof(recv_mem));
581 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
582 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
583 MSG_WAITALL), -1);
584 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
585 memset(recv_mem, 0, sizeof(recv_mem));
586 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
587 MSG_WAITALL), -1);
588 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
589 0);
590 }
591
TEST_F(tls,recv_nonblock)592 TEST_F(tls, recv_nonblock)
593 {
594 char buf[4096];
595 bool err;
596
597 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
598 err = (errno == EAGAIN || errno == EWOULDBLOCK);
599 EXPECT_EQ(err, true);
600 }
601
TEST_F(tls,recv_peek)602 TEST_F(tls, recv_peek)
603 {
604 char const *test_str = "test_read_peek";
605 int send_len = strlen(test_str) + 1;
606 char buf[15];
607
608 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
609 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
610 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
611 memset(buf, 0, sizeof(buf));
612 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
613 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
614 }
615
TEST_F(tls,recv_peek_multiple)616 TEST_F(tls, recv_peek_multiple)
617 {
618 char const *test_str = "test_read_peek";
619 int send_len = strlen(test_str) + 1;
620 unsigned int num_peeks = 100;
621 char buf[15];
622 int i;
623
624 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
625 for (i = 0; i < num_peeks; i++) {
626 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
627 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
628 memset(buf, 0, sizeof(buf));
629 }
630 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
631 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
632 }
633
TEST_F(tls,recv_peek_multiple_records)634 TEST_F(tls, recv_peek_multiple_records)
635 {
636 char const *test_str = "test_read_peek_mult_recs";
637 char const *test_str_first = "test_read_peek";
638 char const *test_str_second = "_mult_recs";
639 int len;
640 char buf[64];
641
642 len = strlen(test_str_first);
643 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
644
645 len = strlen(test_str_second) + 1;
646 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
647
648 len = strlen(test_str_first);
649 memset(buf, 0, len);
650 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
651
652 /* MSG_PEEK can only peek into the current record. */
653 len = strlen(test_str_first);
654 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
655
656 len = strlen(test_str) + 1;
657 memset(buf, 0, len);
658 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
659
660 /* Non-MSG_PEEK will advance strparser (and therefore record)
661 * however.
662 */
663 len = strlen(test_str) + 1;
664 EXPECT_EQ(memcmp(test_str, buf, len), 0);
665
666 /* MSG_MORE will hold current record open, so later MSG_PEEK
667 * will see everything.
668 */
669 len = strlen(test_str_first);
670 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
671
672 len = strlen(test_str_second) + 1;
673 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
674
675 len = strlen(test_str) + 1;
676 memset(buf, 0, len);
677 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
678
679 len = strlen(test_str) + 1;
680 EXPECT_EQ(memcmp(test_str, buf, len), 0);
681 }
682
TEST_F(tls,recv_peek_large_buf_mult_recs)683 TEST_F(tls, recv_peek_large_buf_mult_recs)
684 {
685 char const *test_str = "test_read_peek_mult_recs";
686 char const *test_str_first = "test_read_peek";
687 char const *test_str_second = "_mult_recs";
688 int len;
689 char buf[64];
690
691 len = strlen(test_str_first);
692 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
693
694 len = strlen(test_str_second) + 1;
695 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
696
697 len = strlen(test_str) + 1;
698 memset(buf, 0, len);
699 EXPECT_NE((len = recv(self->cfd, buf, len,
700 MSG_PEEK | MSG_WAITALL)), -1);
701 len = strlen(test_str) + 1;
702 EXPECT_EQ(memcmp(test_str, buf, len), 0);
703 }
704
TEST_F(tls,recv_lowat)705 TEST_F(tls, recv_lowat)
706 {
707 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
708 char recv_mem[20];
709 int lowat = 8;
710
711 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
712 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
713
714 memset(recv_mem, 0, 20);
715 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
716 &lowat, sizeof(lowat)), 0);
717 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
718 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
719 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
720
721 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
722 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
723 }
724
TEST_F(tls,bidir)725 TEST_F(tls, bidir)
726 {
727 char const *test_str = "test_read";
728 int send_len = 10;
729 char buf[10];
730 int ret;
731
732 if (!self->notls) {
733 struct tls12_crypto_info_aes_gcm_128 tls12;
734
735 memset(&tls12, 0, sizeof(tls12));
736 tls12.info.version = TLS_1_3_VERSION;
737 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
738
739 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
740 sizeof(tls12));
741 ASSERT_EQ(ret, 0);
742
743 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
744 sizeof(tls12));
745 ASSERT_EQ(ret, 0);
746 }
747
748 ASSERT_EQ(strlen(test_str) + 1, send_len);
749
750 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
751 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
752 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
753
754 memset(buf, 0, sizeof(buf));
755
756 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
757 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
758 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
759 };
760
TEST_F(tls,pollin)761 TEST_F(tls, pollin)
762 {
763 char const *test_str = "test_poll";
764 struct pollfd fd = { 0, 0, 0 };
765 char buf[10];
766 int send_len = 10;
767
768 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
769 fd.fd = self->cfd;
770 fd.events = POLLIN;
771
772 EXPECT_EQ(poll(&fd, 1, 20), 1);
773 EXPECT_EQ(fd.revents & POLLIN, 1);
774 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
775 /* Test timing out */
776 EXPECT_EQ(poll(&fd, 1, 20), 0);
777 }
778
TEST_F(tls,poll_wait)779 TEST_F(tls, poll_wait)
780 {
781 char const *test_str = "test_poll_wait";
782 int send_len = strlen(test_str) + 1;
783 struct pollfd fd = { 0, 0, 0 };
784 char recv_mem[15];
785
786 fd.fd = self->cfd;
787 fd.events = POLLIN;
788 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
789 /* Set timeout to inf. secs */
790 EXPECT_EQ(poll(&fd, 1, -1), 1);
791 EXPECT_EQ(fd.revents & POLLIN, 1);
792 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
793 }
794
TEST_F(tls,poll_wait_split)795 TEST_F(tls, poll_wait_split)
796 {
797 struct pollfd fd = { 0, 0, 0 };
798 char send_mem[20] = {};
799 char recv_mem[15];
800
801 fd.fd = self->cfd;
802 fd.events = POLLIN;
803 /* Send 20 bytes */
804 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
805 sizeof(send_mem));
806 /* Poll with inf. timeout */
807 EXPECT_EQ(poll(&fd, 1, -1), 1);
808 EXPECT_EQ(fd.revents & POLLIN, 1);
809 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
810 sizeof(recv_mem));
811
812 /* Now the remaining 5 bytes of record data are in TLS ULP */
813 fd.fd = self->cfd;
814 fd.events = POLLIN;
815 EXPECT_EQ(poll(&fd, 1, -1), 1);
816 EXPECT_EQ(fd.revents & POLLIN, 1);
817 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
818 sizeof(send_mem) - sizeof(recv_mem));
819 }
820
TEST_F(tls,blocking)821 TEST_F(tls, blocking)
822 {
823 size_t data = 100000;
824 int res = fork();
825
826 EXPECT_NE(res, -1);
827
828 if (res) {
829 /* parent */
830 size_t left = data;
831 char buf[16384];
832 int status;
833 int pid2;
834
835 while (left) {
836 int res = send(self->fd, buf,
837 left > 16384 ? 16384 : left, 0);
838
839 EXPECT_GE(res, 0);
840 left -= res;
841 }
842
843 pid2 = wait(&status);
844 EXPECT_EQ(status, 0);
845 EXPECT_EQ(res, pid2);
846 } else {
847 /* child */
848 size_t left = data;
849 char buf[16384];
850
851 while (left) {
852 int res = recv(self->cfd, buf,
853 left > 16384 ? 16384 : left, 0);
854
855 EXPECT_GE(res, 0);
856 left -= res;
857 }
858 }
859 }
860
TEST_F(tls,nonblocking)861 TEST_F(tls, nonblocking)
862 {
863 size_t data = 100000;
864 int sendbuf = 100;
865 int flags;
866 int res;
867
868 flags = fcntl(self->fd, F_GETFL, 0);
869 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
870 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
871
872 /* Ensure nonblocking behavior by imposing a small send
873 * buffer.
874 */
875 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
876 &sendbuf, sizeof(sendbuf)), 0);
877
878 res = fork();
879 EXPECT_NE(res, -1);
880
881 if (res) {
882 /* parent */
883 bool eagain = false;
884 size_t left = data;
885 char buf[16384];
886 int status;
887 int pid2;
888
889 while (left) {
890 int res = send(self->fd, buf,
891 left > 16384 ? 16384 : left, 0);
892
893 if (res == -1 && errno == EAGAIN) {
894 eagain = true;
895 usleep(10000);
896 continue;
897 }
898 EXPECT_GE(res, 0);
899 left -= res;
900 }
901
902 EXPECT_TRUE(eagain);
903 pid2 = wait(&status);
904
905 EXPECT_EQ(status, 0);
906 EXPECT_EQ(res, pid2);
907 } else {
908 /* child */
909 bool eagain = false;
910 size_t left = data;
911 char buf[16384];
912
913 while (left) {
914 int res = recv(self->cfd, buf,
915 left > 16384 ? 16384 : left, 0);
916
917 if (res == -1 && errno == EAGAIN) {
918 eagain = true;
919 usleep(10000);
920 continue;
921 }
922 EXPECT_GE(res, 0);
923 left -= res;
924 }
925 EXPECT_TRUE(eagain);
926 }
927 }
928
929 static void
test_mutliproc(struct __test_metadata * _metadata,struct _test_data_tls * self,bool sendpg,unsigned int n_readers,unsigned int n_writers)930 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
931 bool sendpg, unsigned int n_readers, unsigned int n_writers)
932 {
933 const unsigned int n_children = n_readers + n_writers;
934 const size_t data = 6 * 1000 * 1000;
935 const size_t file_sz = data / 100;
936 size_t read_bias, write_bias;
937 int i, fd, child_id;
938 char buf[file_sz];
939 pid_t pid;
940
941 /* Only allow multiples for simplicity */
942 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
943 read_bias = n_writers / n_readers ?: 1;
944 write_bias = n_readers / n_writers ?: 1;
945
946 /* prep a file to send */
947 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
948 ASSERT_GE(fd, 0);
949
950 memset(buf, 0xac, file_sz);
951 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
952
953 /* spawn children */
954 for (child_id = 0; child_id < n_children; child_id++) {
955 pid = fork();
956 ASSERT_NE(pid, -1);
957 if (!pid)
958 break;
959 }
960
961 /* parent waits for all children */
962 if (pid) {
963 for (i = 0; i < n_children; i++) {
964 int status;
965
966 wait(&status);
967 EXPECT_EQ(status, 0);
968 }
969
970 return;
971 }
972
973 /* Split threads for reading and writing */
974 if (child_id < n_readers) {
975 size_t left = data * read_bias;
976 char rb[8001];
977
978 while (left) {
979 int res;
980
981 res = recv(self->cfd, rb,
982 left > sizeof(rb) ? sizeof(rb) : left, 0);
983
984 EXPECT_GE(res, 0);
985 left -= res;
986 }
987 } else {
988 size_t left = data * write_bias;
989
990 while (left) {
991 int res;
992
993 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
994 if (sendpg)
995 res = sendfile(self->fd, fd, NULL,
996 left > file_sz ? file_sz : left);
997 else
998 res = send(self->fd, buf,
999 left > file_sz ? file_sz : left, 0);
1000
1001 EXPECT_GE(res, 0);
1002 left -= res;
1003 }
1004 }
1005 }
1006
TEST_F(tls,mutliproc_even)1007 TEST_F(tls, mutliproc_even)
1008 {
1009 test_mutliproc(_metadata, self, false, 6, 6);
1010 }
1011
TEST_F(tls,mutliproc_readers)1012 TEST_F(tls, mutliproc_readers)
1013 {
1014 test_mutliproc(_metadata, self, false, 4, 12);
1015 }
1016
TEST_F(tls,mutliproc_writers)1017 TEST_F(tls, mutliproc_writers)
1018 {
1019 test_mutliproc(_metadata, self, false, 10, 2);
1020 }
1021
TEST_F(tls,mutliproc_sendpage_even)1022 TEST_F(tls, mutliproc_sendpage_even)
1023 {
1024 test_mutliproc(_metadata, self, true, 6, 6);
1025 }
1026
TEST_F(tls,mutliproc_sendpage_readers)1027 TEST_F(tls, mutliproc_sendpage_readers)
1028 {
1029 test_mutliproc(_metadata, self, true, 4, 12);
1030 }
1031
TEST_F(tls,mutliproc_sendpage_writers)1032 TEST_F(tls, mutliproc_sendpage_writers)
1033 {
1034 test_mutliproc(_metadata, self, true, 10, 2);
1035 }
1036
TEST_F(tls,control_msg)1037 TEST_F(tls, control_msg)
1038 {
1039 if (self->notls)
1040 return;
1041
1042 char cbuf[CMSG_SPACE(sizeof(char))];
1043 char const *test_str = "test_read";
1044 int cmsg_len = sizeof(char);
1045 char record_type = 100;
1046 struct cmsghdr *cmsg;
1047 struct msghdr msg;
1048 int send_len = 10;
1049 struct iovec vec;
1050 char buf[10];
1051
1052 vec.iov_base = (char *)test_str;
1053 vec.iov_len = 10;
1054 memset(&msg, 0, sizeof(struct msghdr));
1055 msg.msg_iov = &vec;
1056 msg.msg_iovlen = 1;
1057 msg.msg_control = cbuf;
1058 msg.msg_controllen = sizeof(cbuf);
1059 cmsg = CMSG_FIRSTHDR(&msg);
1060 cmsg->cmsg_level = SOL_TLS;
1061 /* test sending non-record types. */
1062 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1063 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1064 *CMSG_DATA(cmsg) = record_type;
1065 msg.msg_controllen = cmsg->cmsg_len;
1066
1067 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1068 /* Should fail because we didn't provide a control message */
1069 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1070
1071 vec.iov_base = buf;
1072 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1073
1074 cmsg = CMSG_FIRSTHDR(&msg);
1075 EXPECT_NE(cmsg, NULL);
1076 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1077 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1078 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1079 EXPECT_EQ(record_type, 100);
1080 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1081
1082 /* Recv the message again without MSG_PEEK */
1083 record_type = 0;
1084 memset(buf, 0, sizeof(buf));
1085
1086 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1087 cmsg = CMSG_FIRSTHDR(&msg);
1088 EXPECT_NE(cmsg, NULL);
1089 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1090 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1091 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1092 EXPECT_EQ(record_type, 100);
1093 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1094 }
1095
TEST_F(tls,shutdown)1096 TEST_F(tls, shutdown)
1097 {
1098 char const *test_str = "test_read";
1099 int send_len = 10;
1100 char buf[10];
1101
1102 ASSERT_EQ(strlen(test_str) + 1, send_len);
1103
1104 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1105 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1106 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1107
1108 shutdown(self->fd, SHUT_RDWR);
1109 shutdown(self->cfd, SHUT_RDWR);
1110 }
1111
TEST_F(tls,shutdown_unsent)1112 TEST_F(tls, shutdown_unsent)
1113 {
1114 char const *test_str = "test_read";
1115 int send_len = 10;
1116
1117 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1118
1119 shutdown(self->fd, SHUT_RDWR);
1120 shutdown(self->cfd, SHUT_RDWR);
1121 }
1122
TEST_F(tls,shutdown_reuse)1123 TEST_F(tls, shutdown_reuse)
1124 {
1125 struct sockaddr_in addr;
1126 int ret;
1127
1128 shutdown(self->fd, SHUT_RDWR);
1129 shutdown(self->cfd, SHUT_RDWR);
1130 close(self->cfd);
1131
1132 addr.sin_family = AF_INET;
1133 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1134 addr.sin_port = 0;
1135
1136 ret = bind(self->fd, &addr, sizeof(addr));
1137 EXPECT_EQ(ret, 0);
1138 ret = listen(self->fd, 10);
1139 EXPECT_EQ(ret, -1);
1140 EXPECT_EQ(errno, EINVAL);
1141
1142 ret = connect(self->fd, &addr, sizeof(addr));
1143 EXPECT_EQ(ret, -1);
1144 EXPECT_EQ(errno, EISCONN);
1145 }
1146
TEST(non_established)1147 TEST(non_established) {
1148 struct tls12_crypto_info_aes_gcm_256 tls12;
1149 struct sockaddr_in addr;
1150 int sfd, ret, fd;
1151 socklen_t len;
1152
1153 len = sizeof(addr);
1154
1155 memset(&tls12, 0, sizeof(tls12));
1156 tls12.info.version = TLS_1_2_VERSION;
1157 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1158
1159 addr.sin_family = AF_INET;
1160 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1161 addr.sin_port = 0;
1162
1163 fd = socket(AF_INET, SOCK_STREAM, 0);
1164 sfd = socket(AF_INET, SOCK_STREAM, 0);
1165
1166 ret = bind(sfd, &addr, sizeof(addr));
1167 ASSERT_EQ(ret, 0);
1168 ret = listen(sfd, 10);
1169 ASSERT_EQ(ret, 0);
1170
1171 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1172 EXPECT_EQ(ret, -1);
1173 /* TLS ULP not supported */
1174 if (errno == ENOENT)
1175 return;
1176 EXPECT_EQ(errno, ENOTCONN);
1177
1178 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1179 EXPECT_EQ(ret, -1);
1180 EXPECT_EQ(errno, ENOTCONN);
1181
1182 ret = getsockname(sfd, &addr, &len);
1183 ASSERT_EQ(ret, 0);
1184
1185 ret = connect(fd, &addr, sizeof(addr));
1186 ASSERT_EQ(ret, 0);
1187
1188 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1189 ASSERT_EQ(ret, 0);
1190
1191 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1192 EXPECT_EQ(ret, -1);
1193 EXPECT_EQ(errno, EEXIST);
1194
1195 close(fd);
1196 close(sfd);
1197 }
1198
TEST(keysizes)1199 TEST(keysizes) {
1200 struct tls12_crypto_info_aes_gcm_256 tls12;
1201 struct sockaddr_in addr;
1202 int sfd, ret, fd, cfd;
1203 socklen_t len;
1204 bool notls;
1205
1206 notls = false;
1207 len = sizeof(addr);
1208
1209 memset(&tls12, 0, sizeof(tls12));
1210 tls12.info.version = TLS_1_2_VERSION;
1211 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1212
1213 addr.sin_family = AF_INET;
1214 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1215 addr.sin_port = 0;
1216
1217 fd = socket(AF_INET, SOCK_STREAM, 0);
1218 sfd = socket(AF_INET, SOCK_STREAM, 0);
1219
1220 ret = bind(sfd, &addr, sizeof(addr));
1221 ASSERT_EQ(ret, 0);
1222 ret = listen(sfd, 10);
1223 ASSERT_EQ(ret, 0);
1224
1225 ret = getsockname(sfd, &addr, &len);
1226 ASSERT_EQ(ret, 0);
1227
1228 ret = connect(fd, &addr, sizeof(addr));
1229 ASSERT_EQ(ret, 0);
1230
1231 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1232 if (ret != 0) {
1233 notls = true;
1234 printf("Failure setting TCP_ULP, testing without tls\n");
1235 }
1236
1237 if (!notls) {
1238 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1239 sizeof(tls12));
1240 EXPECT_EQ(ret, 0);
1241 }
1242
1243 cfd = accept(sfd, &addr, &len);
1244 ASSERT_GE(cfd, 0);
1245
1246 if (!notls) {
1247 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1248 sizeof("tls"));
1249 EXPECT_EQ(ret, 0);
1250
1251 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1252 sizeof(tls12));
1253 EXPECT_EQ(ret, 0);
1254 }
1255
1256 close(sfd);
1257 close(fd);
1258 close(cfd);
1259 }
1260
TEST(tls12)1261 TEST(tls12) {
1262 int fd, cfd;
1263 bool notls;
1264
1265 struct tls12_crypto_info_aes_gcm_128 tls12;
1266 struct sockaddr_in addr;
1267 socklen_t len;
1268 int sfd, ret;
1269
1270 notls = false;
1271 len = sizeof(addr);
1272
1273 memset(&tls12, 0, sizeof(tls12));
1274 tls12.info.version = TLS_1_2_VERSION;
1275 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1276
1277 addr.sin_family = AF_INET;
1278 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1279 addr.sin_port = 0;
1280
1281 fd = socket(AF_INET, SOCK_STREAM, 0);
1282 sfd = socket(AF_INET, SOCK_STREAM, 0);
1283
1284 ret = bind(sfd, &addr, sizeof(addr));
1285 ASSERT_EQ(ret, 0);
1286 ret = listen(sfd, 10);
1287 ASSERT_EQ(ret, 0);
1288
1289 ret = getsockname(sfd, &addr, &len);
1290 ASSERT_EQ(ret, 0);
1291
1292 ret = connect(fd, &addr, sizeof(addr));
1293 ASSERT_EQ(ret, 0);
1294
1295 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1296 if (ret != 0) {
1297 notls = true;
1298 printf("Failure setting TCP_ULP, testing without tls\n");
1299 }
1300
1301 if (!notls) {
1302 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1303 sizeof(tls12));
1304 ASSERT_EQ(ret, 0);
1305 }
1306
1307 cfd = accept(sfd, &addr, &len);
1308 ASSERT_GE(cfd, 0);
1309
1310 if (!notls) {
1311 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1312 sizeof("tls"));
1313 ASSERT_EQ(ret, 0);
1314
1315 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1316 sizeof(tls12));
1317 ASSERT_EQ(ret, 0);
1318 }
1319
1320 close(sfd);
1321
1322 char const *test_str = "test_read";
1323 int send_len = 10;
1324 char buf[10];
1325
1326 send_len = strlen(test_str) + 1;
1327 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1328 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1329 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1330
1331 close(fd);
1332 close(cfd);
1333 }
1334
1335 TEST_HARNESS_MAIN
1336