1 // SPDX-License-Identifier: GPL-2.0
2
3 #define _GNU_SOURCE
4
5 #include <arpa/inet.h>
6 #include <errno.h>
7 #include <error.h>
8 #include <fcntl.h>
9 #include <poll.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <unistd.h>
13
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
17
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
21 #include <sys/stat.h>
22
23 #include "../kselftest_harness.h"
24
25 #define TLS_PAYLOAD_MAX_LEN 16384
26 #define SOL_TLS 282
27
FIXTURE(tls_basic)28 FIXTURE(tls_basic)
29 {
30 int fd, cfd;
31 bool notls;
32 };
33
FIXTURE_SETUP(tls_basic)34 FIXTURE_SETUP(tls_basic)
35 {
36 struct sockaddr_in addr;
37 socklen_t len;
38 int sfd, ret;
39
40 self->notls = false;
41 len = sizeof(addr);
42
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 addr.sin_port = 0;
46
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
49
50 ret = bind(sfd, &addr, sizeof(addr));
51 ASSERT_EQ(ret, 0);
52 ret = listen(sfd, 10);
53 ASSERT_EQ(ret, 0);
54
55 ret = getsockname(sfd, &addr, &len);
56 ASSERT_EQ(ret, 0);
57
58 ret = connect(self->fd, &addr, sizeof(addr));
59 ASSERT_EQ(ret, 0);
60
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
63
64 close(sfd);
65
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 if (ret != 0) {
68 ASSERT_EQ(errno, ENOENT);
69 self->notls = true;
70 printf("Failure setting TCP_ULP, testing without tls\n");
71 return;
72 }
73
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 ASSERT_EQ(ret, 0);
76 }
77
FIXTURE_TEARDOWN(tls_basic)78 FIXTURE_TEARDOWN(tls_basic)
79 {
80 close(self->fd);
81 close(self->cfd);
82 }
83
84 /* Send some data through with ULP but no keys */
TEST_F(tls_basic,base_base)85 TEST_F(tls_basic, base_base)
86 {
87 char const *test_str = "test_read";
88 int send_len = 10;
89 char buf[10];
90
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
92
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96 };
97
FIXTURE(tls)98 FIXTURE(tls)
99 {
100 int fd, cfd;
101 bool notls;
102 };
103
FIXTURE_SETUP(tls)104 FIXTURE_SETUP(tls)
105 {
106 struct tls12_crypto_info_aes_gcm_128 tls12;
107 struct sockaddr_in addr;
108 socklen_t len;
109 int sfd, ret;
110
111 self->notls = false;
112 len = sizeof(addr);
113
114 memset(&tls12, 0, sizeof(tls12));
115 tls12.info.version = TLS_1_3_VERSION;
116 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
117
118 addr.sin_family = AF_INET;
119 addr.sin_addr.s_addr = htonl(INADDR_ANY);
120 addr.sin_port = 0;
121
122 self->fd = socket(AF_INET, SOCK_STREAM, 0);
123 sfd = socket(AF_INET, SOCK_STREAM, 0);
124
125 ret = bind(sfd, &addr, sizeof(addr));
126 ASSERT_EQ(ret, 0);
127 ret = listen(sfd, 10);
128 ASSERT_EQ(ret, 0);
129
130 ret = getsockname(sfd, &addr, &len);
131 ASSERT_EQ(ret, 0);
132
133 ret = connect(self->fd, &addr, sizeof(addr));
134 ASSERT_EQ(ret, 0);
135
136 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
137 if (ret != 0) {
138 self->notls = true;
139 printf("Failure setting TCP_ULP, testing without tls\n");
140 }
141
142 if (!self->notls) {
143 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
144 sizeof(tls12));
145 ASSERT_EQ(ret, 0);
146 }
147
148 self->cfd = accept(sfd, &addr, &len);
149 ASSERT_GE(self->cfd, 0);
150
151 if (!self->notls) {
152 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
153 sizeof("tls"));
154 ASSERT_EQ(ret, 0);
155
156 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
157 sizeof(tls12));
158 ASSERT_EQ(ret, 0);
159 }
160
161 close(sfd);
162 }
163
FIXTURE_TEARDOWN(tls)164 FIXTURE_TEARDOWN(tls)
165 {
166 close(self->fd);
167 close(self->cfd);
168 }
169
TEST_F(tls,sendfile)170 TEST_F(tls, sendfile)
171 {
172 int filefd = open("/proc/self/exe", O_RDONLY);
173 struct stat st;
174
175 EXPECT_GE(filefd, 0);
176 fstat(filefd, &st);
177 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
178 }
179
TEST_F(tls,send_then_sendfile)180 TEST_F(tls, send_then_sendfile)
181 {
182 int filefd = open("/proc/self/exe", O_RDONLY);
183 char const *test_str = "test_send";
184 int to_send = strlen(test_str) + 1;
185 char recv_buf[10];
186 struct stat st;
187 char *buf;
188
189 EXPECT_GE(filefd, 0);
190 fstat(filefd, &st);
191 buf = (char *)malloc(st.st_size);
192
193 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
194 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
195 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
196
197 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
198 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
199 }
200
TEST_F(tls,recv_max)201 TEST_F(tls, recv_max)
202 {
203 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
204 char recv_mem[TLS_PAYLOAD_MAX_LEN];
205 char buf[TLS_PAYLOAD_MAX_LEN];
206
207 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
208 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
209 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
210 }
211
TEST_F(tls,recv_small)212 TEST_F(tls, recv_small)
213 {
214 char const *test_str = "test_read";
215 int send_len = 10;
216 char buf[10];
217
218 send_len = strlen(test_str) + 1;
219 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
220 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
221 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
222 }
223
TEST_F(tls,msg_more)224 TEST_F(tls, msg_more)
225 {
226 char const *test_str = "test_read";
227 int send_len = 10;
228 char buf[10 * 2];
229
230 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
231 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
232 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
233 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
234 send_len * 2);
235 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
236 }
237
TEST_F(tls,msg_more_unsent)238 TEST_F(tls, msg_more_unsent)
239 {
240 char const *test_str = "test_read";
241 int send_len = 10;
242 char buf[10];
243
244 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
245 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
246 }
247
TEST_F(tls,sendmsg_single)248 TEST_F(tls, sendmsg_single)
249 {
250 struct msghdr msg;
251
252 char const *test_str = "test_sendmsg";
253 size_t send_len = 13;
254 struct iovec vec;
255 char buf[13];
256
257 vec.iov_base = (char *)test_str;
258 vec.iov_len = send_len;
259 memset(&msg, 0, sizeof(struct msghdr));
260 msg.msg_iov = &vec;
261 msg.msg_iovlen = 1;
262 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
263 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
264 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
265 }
266
267 #define MAX_FRAGS 64
268 #define SEND_LEN 13
TEST_F(tls,sendmsg_fragmented)269 TEST_F(tls, sendmsg_fragmented)
270 {
271 char const *test_str = "test_sendmsg";
272 char buf[SEND_LEN * MAX_FRAGS];
273 struct iovec vec[MAX_FRAGS];
274 struct msghdr msg;
275 int i, frags;
276
277 for (frags = 1; frags <= MAX_FRAGS; frags++) {
278 for (i = 0; i < frags; i++) {
279 vec[i].iov_base = (char *)test_str;
280 vec[i].iov_len = SEND_LEN;
281 }
282
283 memset(&msg, 0, sizeof(struct msghdr));
284 msg.msg_iov = vec;
285 msg.msg_iovlen = frags;
286
287 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
288 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
289 SEND_LEN * frags);
290
291 for (i = 0; i < frags; i++)
292 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
293 test_str, SEND_LEN), 0);
294 }
295 }
296 #undef MAX_FRAGS
297 #undef SEND_LEN
298
TEST_F(tls,sendmsg_large)299 TEST_F(tls, sendmsg_large)
300 {
301 void *mem = malloc(16384);
302 size_t send_len = 16384;
303 size_t sends = 128;
304 struct msghdr msg;
305 size_t recvs = 0;
306 size_t sent = 0;
307
308 memset(&msg, 0, sizeof(struct msghdr));
309 while (sent++ < sends) {
310 struct iovec vec = { (void *)mem, send_len };
311
312 msg.msg_iov = &vec;
313 msg.msg_iovlen = 1;
314 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
315 }
316
317 while (recvs++ < sends) {
318 EXPECT_NE(recv(self->cfd, mem, send_len, 0), -1);
319 }
320
321 free(mem);
322 }
323
TEST_F(tls,sendmsg_multiple)324 TEST_F(tls, sendmsg_multiple)
325 {
326 char const *test_str = "test_sendmsg_multiple";
327 struct iovec vec[5];
328 char *test_strs[5];
329 struct msghdr msg;
330 int total_len = 0;
331 int len_cmp = 0;
332 int iov_len = 5;
333 char *buf;
334 int i;
335
336 memset(&msg, 0, sizeof(struct msghdr));
337 for (i = 0; i < iov_len; i++) {
338 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
339 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
340 vec[i].iov_base = (void *)test_strs[i];
341 vec[i].iov_len = strlen(test_strs[i]) + 1;
342 total_len += vec[i].iov_len;
343 }
344 msg.msg_iov = vec;
345 msg.msg_iovlen = iov_len;
346
347 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
348 buf = malloc(total_len);
349 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
350 for (i = 0; i < iov_len; i++) {
351 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
352 strlen(test_strs[i])),
353 0);
354 len_cmp += strlen(buf + len_cmp) + 1;
355 }
356 for (i = 0; i < iov_len; i++)
357 free(test_strs[i]);
358 free(buf);
359 }
360
TEST_F(tls,sendmsg_multiple_stress)361 TEST_F(tls, sendmsg_multiple_stress)
362 {
363 char const *test_str = "abcdefghijklmno";
364 struct iovec vec[1024];
365 char *test_strs[1024];
366 int iov_len = 1024;
367 int total_len = 0;
368 char buf[1 << 14];
369 struct msghdr msg;
370 int len_cmp = 0;
371 int i;
372
373 memset(&msg, 0, sizeof(struct msghdr));
374 for (i = 0; i < iov_len; i++) {
375 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
376 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
377 vec[i].iov_base = (void *)test_strs[i];
378 vec[i].iov_len = strlen(test_strs[i]) + 1;
379 total_len += vec[i].iov_len;
380 }
381 msg.msg_iov = vec;
382 msg.msg_iovlen = iov_len;
383
384 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
385 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
386
387 for (i = 0; i < iov_len; i++)
388 len_cmp += strlen(buf + len_cmp) + 1;
389
390 for (i = 0; i < iov_len; i++)
391 free(test_strs[i]);
392 }
393
TEST_F(tls,splice_from_pipe)394 TEST_F(tls, splice_from_pipe)
395 {
396 int send_len = TLS_PAYLOAD_MAX_LEN;
397 char mem_send[TLS_PAYLOAD_MAX_LEN];
398 char mem_recv[TLS_PAYLOAD_MAX_LEN];
399 int p[2];
400
401 ASSERT_GE(pipe(p), 0);
402 EXPECT_GE(write(p[1], mem_send, send_len), 0);
403 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
404 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
405 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
406 }
407
TEST_F(tls,splice_from_pipe2)408 TEST_F(tls, splice_from_pipe2)
409 {
410 int send_len = 16000;
411 char mem_send[16000];
412 char mem_recv[16000];
413 int p2[2];
414 int p[2];
415
416 ASSERT_GE(pipe(p), 0);
417 ASSERT_GE(pipe(p2), 0);
418 EXPECT_GE(write(p[1], mem_send, 8000), 0);
419 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
420 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
421 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
422 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
423 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
424 }
425
TEST_F(tls,send_and_splice)426 TEST_F(tls, send_and_splice)
427 {
428 int send_len = TLS_PAYLOAD_MAX_LEN;
429 char mem_send[TLS_PAYLOAD_MAX_LEN];
430 char mem_recv[TLS_PAYLOAD_MAX_LEN];
431 char const *test_str = "test_read";
432 int send_len2 = 10;
433 char buf[10];
434 int p[2];
435
436 ASSERT_GE(pipe(p), 0);
437 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
438 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
439 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
440
441 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
442 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
443
444 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
445 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
446 }
447
TEST_F(tls,splice_to_pipe)448 TEST_F(tls, splice_to_pipe)
449 {
450 int send_len = TLS_PAYLOAD_MAX_LEN;
451 char mem_send[TLS_PAYLOAD_MAX_LEN];
452 char mem_recv[TLS_PAYLOAD_MAX_LEN];
453 int p[2];
454
455 ASSERT_GE(pipe(p), 0);
456 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
457 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
458 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
459 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
460 }
461
TEST_F(tls,recvmsg_single)462 TEST_F(tls, recvmsg_single)
463 {
464 char const *test_str = "test_recvmsg_single";
465 int send_len = strlen(test_str) + 1;
466 char buf[20];
467 struct msghdr hdr;
468 struct iovec vec;
469
470 memset(&hdr, 0, sizeof(hdr));
471 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
472 vec.iov_base = (char *)buf;
473 vec.iov_len = send_len;
474 hdr.msg_iovlen = 1;
475 hdr.msg_iov = &vec;
476 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
477 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
478 }
479
TEST_F(tls,recvmsg_single_max)480 TEST_F(tls, recvmsg_single_max)
481 {
482 int send_len = TLS_PAYLOAD_MAX_LEN;
483 char send_mem[TLS_PAYLOAD_MAX_LEN];
484 char recv_mem[TLS_PAYLOAD_MAX_LEN];
485 struct iovec vec;
486 struct msghdr hdr;
487
488 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
489 vec.iov_base = (char *)recv_mem;
490 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
491
492 hdr.msg_iovlen = 1;
493 hdr.msg_iov = &vec;
494 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
495 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
496 }
497
TEST_F(tls,recvmsg_multiple)498 TEST_F(tls, recvmsg_multiple)
499 {
500 unsigned int msg_iovlen = 1024;
501 unsigned int len_compared = 0;
502 struct iovec vec[1024];
503 char *iov_base[1024];
504 unsigned int iov_len = 16;
505 int send_len = 1 << 14;
506 char buf[1 << 14];
507 struct msghdr hdr;
508 int i;
509
510 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
511 for (i = 0; i < msg_iovlen; i++) {
512 iov_base[i] = (char *)malloc(iov_len);
513 vec[i].iov_base = iov_base[i];
514 vec[i].iov_len = iov_len;
515 }
516
517 hdr.msg_iovlen = msg_iovlen;
518 hdr.msg_iov = vec;
519 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
520 for (i = 0; i < msg_iovlen; i++)
521 len_compared += iov_len;
522
523 for (i = 0; i < msg_iovlen; i++)
524 free(iov_base[i]);
525 }
526
TEST_F(tls,single_send_multiple_recv)527 TEST_F(tls, single_send_multiple_recv)
528 {
529 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
530 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
531 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
532 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
533
534 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
535 memset(recv_mem, 0, total_len);
536
537 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
538 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
539 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
540 }
541
TEST_F(tls,multiple_send_single_recv)542 TEST_F(tls, multiple_send_single_recv)
543 {
544 unsigned int total_len = 2 * 10;
545 unsigned int send_len = 10;
546 char recv_mem[2 * 10];
547 char send_mem[10];
548
549 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
550 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
551 memset(recv_mem, 0, total_len);
552 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
553
554 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
555 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
556 }
557
TEST_F(tls,single_send_multiple_recv_non_align)558 TEST_F(tls, single_send_multiple_recv_non_align)
559 {
560 const unsigned int total_len = 15;
561 const unsigned int recv_len = 10;
562 char recv_mem[recv_len * 2];
563 char send_mem[total_len];
564
565 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
566 memset(recv_mem, 0, total_len);
567
568 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
569 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
570 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
571 }
572
TEST_F(tls,recv_partial)573 TEST_F(tls, recv_partial)
574 {
575 char const *test_str = "test_read_partial";
576 char const *test_str_first = "test_read";
577 char const *test_str_second = "_partial";
578 int send_len = strlen(test_str) + 1;
579 char recv_mem[18];
580
581 memset(recv_mem, 0, sizeof(recv_mem));
582 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
583 EXPECT_EQ(recv(self->cfd, recv_mem, strlen(test_str_first),
584 MSG_WAITALL), strlen(test_str_first));
585 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
586 memset(recv_mem, 0, sizeof(recv_mem));
587 EXPECT_EQ(recv(self->cfd, recv_mem, strlen(test_str_second),
588 MSG_WAITALL), strlen(test_str_second));
589 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
590 0);
591 }
592
TEST_F(tls,recv_nonblock)593 TEST_F(tls, recv_nonblock)
594 {
595 char buf[4096];
596 bool err;
597
598 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
599 err = (errno == EAGAIN || errno == EWOULDBLOCK);
600 EXPECT_EQ(err, true);
601 }
602
TEST_F(tls,recv_peek)603 TEST_F(tls, recv_peek)
604 {
605 char const *test_str = "test_read_peek";
606 int send_len = strlen(test_str) + 1;
607 char buf[15];
608
609 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
610 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
611 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
612 memset(buf, 0, sizeof(buf));
613 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
614 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
615 }
616
TEST_F(tls,recv_peek_multiple)617 TEST_F(tls, recv_peek_multiple)
618 {
619 char const *test_str = "test_read_peek";
620 int send_len = strlen(test_str) + 1;
621 unsigned int num_peeks = 100;
622 char buf[15];
623 int i;
624
625 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
626 for (i = 0; i < num_peeks; i++) {
627 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
628 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
629 memset(buf, 0, sizeof(buf));
630 }
631 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
632 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
633 }
634
TEST_F(tls,recv_peek_multiple_records)635 TEST_F(tls, recv_peek_multiple_records)
636 {
637 char const *test_str = "test_read_peek_mult_recs";
638 char const *test_str_first = "test_read_peek";
639 char const *test_str_second = "_mult_recs";
640 int len;
641 char buf[64];
642
643 len = strlen(test_str_first);
644 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
645
646 len = strlen(test_str_second) + 1;
647 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
648
649 len = strlen(test_str_first);
650 memset(buf, 0, len);
651 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
652
653 /* MSG_PEEK can only peek into the current record. */
654 len = strlen(test_str_first);
655 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
656
657 len = strlen(test_str) + 1;
658 memset(buf, 0, len);
659 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
660
661 /* Non-MSG_PEEK will advance strparser (and therefore record)
662 * however.
663 */
664 len = strlen(test_str) + 1;
665 EXPECT_EQ(memcmp(test_str, buf, len), 0);
666
667 /* MSG_MORE will hold current record open, so later MSG_PEEK
668 * will see everything.
669 */
670 len = strlen(test_str_first);
671 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
672
673 len = strlen(test_str_second) + 1;
674 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
675
676 len = strlen(test_str) + 1;
677 memset(buf, 0, len);
678 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
679
680 len = strlen(test_str) + 1;
681 EXPECT_EQ(memcmp(test_str, buf, len), 0);
682 }
683
TEST_F(tls,recv_peek_large_buf_mult_recs)684 TEST_F(tls, recv_peek_large_buf_mult_recs)
685 {
686 char const *test_str = "test_read_peek_mult_recs";
687 char const *test_str_first = "test_read_peek";
688 char const *test_str_second = "_mult_recs";
689 int len;
690 char buf[64];
691
692 len = strlen(test_str_first);
693 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
694
695 len = strlen(test_str_second) + 1;
696 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
697
698 len = strlen(test_str) + 1;
699 memset(buf, 0, len);
700 EXPECT_NE((len = recv(self->cfd, buf, len,
701 MSG_PEEK | MSG_WAITALL)), -1);
702 len = strlen(test_str) + 1;
703 EXPECT_EQ(memcmp(test_str, buf, len), 0);
704 }
705
TEST_F(tls,recv_lowat)706 TEST_F(tls, recv_lowat)
707 {
708 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
709 char recv_mem[20];
710 int lowat = 8;
711
712 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
713 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
714
715 memset(recv_mem, 0, 20);
716 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
717 &lowat, sizeof(lowat)), 0);
718 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
719 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
720 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
721
722 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
723 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
724 }
725
TEST_F(tls,bidir)726 TEST_F(tls, bidir)
727 {
728 char const *test_str = "test_read";
729 int send_len = 10;
730 char buf[10];
731 int ret;
732
733 if (!self->notls) {
734 struct tls12_crypto_info_aes_gcm_128 tls12;
735
736 memset(&tls12, 0, sizeof(tls12));
737 tls12.info.version = TLS_1_3_VERSION;
738 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
739
740 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
741 sizeof(tls12));
742 ASSERT_EQ(ret, 0);
743
744 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
745 sizeof(tls12));
746 ASSERT_EQ(ret, 0);
747 }
748
749 ASSERT_EQ(strlen(test_str) + 1, send_len);
750
751 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
752 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
753 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
754
755 memset(buf, 0, sizeof(buf));
756
757 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
758 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
759 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
760 };
761
TEST_F(tls,pollin)762 TEST_F(tls, pollin)
763 {
764 char const *test_str = "test_poll";
765 struct pollfd fd = { 0, 0, 0 };
766 char buf[10];
767 int send_len = 10;
768
769 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
770 fd.fd = self->cfd;
771 fd.events = POLLIN;
772
773 EXPECT_EQ(poll(&fd, 1, 20), 1);
774 EXPECT_EQ(fd.revents & POLLIN, 1);
775 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
776 /* Test timing out */
777 EXPECT_EQ(poll(&fd, 1, 20), 0);
778 }
779
TEST_F(tls,poll_wait)780 TEST_F(tls, poll_wait)
781 {
782 char const *test_str = "test_poll_wait";
783 int send_len = strlen(test_str) + 1;
784 struct pollfd fd = { 0, 0, 0 };
785 char recv_mem[15];
786
787 fd.fd = self->cfd;
788 fd.events = POLLIN;
789 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
790 /* Set timeout to inf. secs */
791 EXPECT_EQ(poll(&fd, 1, -1), 1);
792 EXPECT_EQ(fd.revents & POLLIN, 1);
793 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
794 }
795
TEST_F(tls,poll_wait_split)796 TEST_F(tls, poll_wait_split)
797 {
798 struct pollfd fd = { 0, 0, 0 };
799 char send_mem[20] = {};
800 char recv_mem[15];
801
802 fd.fd = self->cfd;
803 fd.events = POLLIN;
804 /* Send 20 bytes */
805 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
806 sizeof(send_mem));
807 /* Poll with inf. timeout */
808 EXPECT_EQ(poll(&fd, 1, -1), 1);
809 EXPECT_EQ(fd.revents & POLLIN, 1);
810 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
811 sizeof(recv_mem));
812
813 /* Now the remaining 5 bytes of record data are in TLS ULP */
814 fd.fd = self->cfd;
815 fd.events = POLLIN;
816 EXPECT_EQ(poll(&fd, 1, -1), 1);
817 EXPECT_EQ(fd.revents & POLLIN, 1);
818 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
819 sizeof(send_mem) - sizeof(recv_mem));
820 }
821
TEST_F(tls,blocking)822 TEST_F(tls, blocking)
823 {
824 size_t data = 100000;
825 int res = fork();
826
827 EXPECT_NE(res, -1);
828
829 if (res) {
830 /* parent */
831 size_t left = data;
832 char buf[16384];
833 int status;
834 int pid2;
835
836 while (left) {
837 int res = send(self->fd, buf,
838 left > 16384 ? 16384 : left, 0);
839
840 EXPECT_GE(res, 0);
841 left -= res;
842 }
843
844 pid2 = wait(&status);
845 EXPECT_EQ(status, 0);
846 EXPECT_EQ(res, pid2);
847 } else {
848 /* child */
849 size_t left = data;
850 char buf[16384];
851
852 while (left) {
853 int res = recv(self->cfd, buf,
854 left > 16384 ? 16384 : left, 0);
855
856 EXPECT_GE(res, 0);
857 left -= res;
858 }
859 }
860 }
861
TEST_F(tls,nonblocking)862 TEST_F(tls, nonblocking)
863 {
864 size_t data = 100000;
865 int sendbuf = 100;
866 int flags;
867 int res;
868
869 flags = fcntl(self->fd, F_GETFL, 0);
870 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
871 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
872
873 /* Ensure nonblocking behavior by imposing a small send
874 * buffer.
875 */
876 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
877 &sendbuf, sizeof(sendbuf)), 0);
878
879 res = fork();
880 EXPECT_NE(res, -1);
881
882 if (res) {
883 /* parent */
884 bool eagain = false;
885 size_t left = data;
886 char buf[16384];
887 int status;
888 int pid2;
889
890 while (left) {
891 int res = send(self->fd, buf,
892 left > 16384 ? 16384 : left, 0);
893
894 if (res == -1 && errno == EAGAIN) {
895 eagain = true;
896 usleep(10000);
897 continue;
898 }
899 EXPECT_GE(res, 0);
900 left -= res;
901 }
902
903 EXPECT_TRUE(eagain);
904 pid2 = wait(&status);
905
906 EXPECT_EQ(status, 0);
907 EXPECT_EQ(res, pid2);
908 } else {
909 /* child */
910 bool eagain = false;
911 size_t left = data;
912 char buf[16384];
913
914 while (left) {
915 int res = recv(self->cfd, buf,
916 left > 16384 ? 16384 : left, 0);
917
918 if (res == -1 && errno == EAGAIN) {
919 eagain = true;
920 usleep(10000);
921 continue;
922 }
923 EXPECT_GE(res, 0);
924 left -= res;
925 }
926 EXPECT_TRUE(eagain);
927 }
928 }
929
930 static void
test_mutliproc(struct __test_metadata * _metadata,struct _test_data_tls * self,bool sendpg,unsigned int n_readers,unsigned int n_writers)931 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
932 bool sendpg, unsigned int n_readers, unsigned int n_writers)
933 {
934 const unsigned int n_children = n_readers + n_writers;
935 const size_t data = 6 * 1000 * 1000;
936 const size_t file_sz = data / 100;
937 size_t read_bias, write_bias;
938 int i, fd, child_id;
939 char buf[file_sz];
940 pid_t pid;
941
942 /* Only allow multiples for simplicity */
943 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
944 read_bias = n_writers / n_readers ?: 1;
945 write_bias = n_readers / n_writers ?: 1;
946
947 /* prep a file to send */
948 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
949 ASSERT_GE(fd, 0);
950
951 memset(buf, 0xac, file_sz);
952 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
953
954 /* spawn children */
955 for (child_id = 0; child_id < n_children; child_id++) {
956 pid = fork();
957 ASSERT_NE(pid, -1);
958 if (!pid)
959 break;
960 }
961
962 /* parent waits for all children */
963 if (pid) {
964 for (i = 0; i < n_children; i++) {
965 int status;
966
967 wait(&status);
968 EXPECT_EQ(status, 0);
969 }
970
971 return;
972 }
973
974 /* Split threads for reading and writing */
975 if (child_id < n_readers) {
976 size_t left = data * read_bias;
977 char rb[8001];
978
979 while (left) {
980 int res;
981
982 res = recv(self->cfd, rb,
983 left > sizeof(rb) ? sizeof(rb) : left, 0);
984
985 EXPECT_GE(res, 0);
986 left -= res;
987 }
988 } else {
989 size_t left = data * write_bias;
990
991 while (left) {
992 int res;
993
994 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
995 if (sendpg)
996 res = sendfile(self->fd, fd, NULL,
997 left > file_sz ? file_sz : left);
998 else
999 res = send(self->fd, buf,
1000 left > file_sz ? file_sz : left, 0);
1001
1002 EXPECT_GE(res, 0);
1003 left -= res;
1004 }
1005 }
1006 }
1007
TEST_F(tls,mutliproc_even)1008 TEST_F(tls, mutliproc_even)
1009 {
1010 test_mutliproc(_metadata, self, false, 6, 6);
1011 }
1012
TEST_F(tls,mutliproc_readers)1013 TEST_F(tls, mutliproc_readers)
1014 {
1015 test_mutliproc(_metadata, self, false, 4, 12);
1016 }
1017
TEST_F(tls,mutliproc_writers)1018 TEST_F(tls, mutliproc_writers)
1019 {
1020 test_mutliproc(_metadata, self, false, 10, 2);
1021 }
1022
TEST_F(tls,mutliproc_sendpage_even)1023 TEST_F(tls, mutliproc_sendpage_even)
1024 {
1025 test_mutliproc(_metadata, self, true, 6, 6);
1026 }
1027
TEST_F(tls,mutliproc_sendpage_readers)1028 TEST_F(tls, mutliproc_sendpage_readers)
1029 {
1030 test_mutliproc(_metadata, self, true, 4, 12);
1031 }
1032
TEST_F(tls,mutliproc_sendpage_writers)1033 TEST_F(tls, mutliproc_sendpage_writers)
1034 {
1035 test_mutliproc(_metadata, self, true, 10, 2);
1036 }
1037
TEST_F(tls,control_msg)1038 TEST_F(tls, control_msg)
1039 {
1040 if (self->notls)
1041 return;
1042
1043 char cbuf[CMSG_SPACE(sizeof(char))];
1044 char const *test_str = "test_read";
1045 int cmsg_len = sizeof(char);
1046 char record_type = 100;
1047 struct cmsghdr *cmsg;
1048 struct msghdr msg;
1049 int send_len = 10;
1050 struct iovec vec;
1051 char buf[10];
1052
1053 vec.iov_base = (char *)test_str;
1054 vec.iov_len = 10;
1055 memset(&msg, 0, sizeof(struct msghdr));
1056 msg.msg_iov = &vec;
1057 msg.msg_iovlen = 1;
1058 msg.msg_control = cbuf;
1059 msg.msg_controllen = sizeof(cbuf);
1060 cmsg = CMSG_FIRSTHDR(&msg);
1061 cmsg->cmsg_level = SOL_TLS;
1062 /* test sending non-record types. */
1063 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1064 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1065 *CMSG_DATA(cmsg) = record_type;
1066 msg.msg_controllen = cmsg->cmsg_len;
1067
1068 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1069 /* Should fail because we didn't provide a control message */
1070 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1071
1072 vec.iov_base = buf;
1073 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1074
1075 cmsg = CMSG_FIRSTHDR(&msg);
1076 EXPECT_NE(cmsg, NULL);
1077 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1078 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1079 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1080 EXPECT_EQ(record_type, 100);
1081 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1082
1083 /* Recv the message again without MSG_PEEK */
1084 record_type = 0;
1085 memset(buf, 0, sizeof(buf));
1086
1087 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1088 cmsg = CMSG_FIRSTHDR(&msg);
1089 EXPECT_NE(cmsg, NULL);
1090 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1091 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1092 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1093 EXPECT_EQ(record_type, 100);
1094 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1095 }
1096
TEST_F(tls,shutdown)1097 TEST_F(tls, shutdown)
1098 {
1099 char const *test_str = "test_read";
1100 int send_len = 10;
1101 char buf[10];
1102
1103 ASSERT_EQ(strlen(test_str) + 1, send_len);
1104
1105 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1106 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1107 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1108
1109 shutdown(self->fd, SHUT_RDWR);
1110 shutdown(self->cfd, SHUT_RDWR);
1111 }
1112
TEST_F(tls,shutdown_unsent)1113 TEST_F(tls, shutdown_unsent)
1114 {
1115 char const *test_str = "test_read";
1116 int send_len = 10;
1117
1118 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1119
1120 shutdown(self->fd, SHUT_RDWR);
1121 shutdown(self->cfd, SHUT_RDWR);
1122 }
1123
TEST_F(tls,shutdown_reuse)1124 TEST_F(tls, shutdown_reuse)
1125 {
1126 struct sockaddr_in addr;
1127 int ret;
1128
1129 shutdown(self->fd, SHUT_RDWR);
1130 shutdown(self->cfd, SHUT_RDWR);
1131 close(self->cfd);
1132
1133 addr.sin_family = AF_INET;
1134 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1135 addr.sin_port = 0;
1136
1137 ret = bind(self->fd, &addr, sizeof(addr));
1138 EXPECT_EQ(ret, 0);
1139 ret = listen(self->fd, 10);
1140 EXPECT_EQ(ret, -1);
1141 EXPECT_EQ(errno, EINVAL);
1142
1143 ret = connect(self->fd, &addr, sizeof(addr));
1144 EXPECT_EQ(ret, -1);
1145 EXPECT_EQ(errno, EISCONN);
1146 }
1147
TEST(non_established)1148 TEST(non_established) {
1149 struct tls12_crypto_info_aes_gcm_256 tls12;
1150 struct sockaddr_in addr;
1151 int sfd, ret, fd;
1152 socklen_t len;
1153
1154 len = sizeof(addr);
1155
1156 memset(&tls12, 0, sizeof(tls12));
1157 tls12.info.version = TLS_1_2_VERSION;
1158 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1159
1160 addr.sin_family = AF_INET;
1161 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1162 addr.sin_port = 0;
1163
1164 fd = socket(AF_INET, SOCK_STREAM, 0);
1165 sfd = socket(AF_INET, SOCK_STREAM, 0);
1166
1167 ret = bind(sfd, &addr, sizeof(addr));
1168 ASSERT_EQ(ret, 0);
1169 ret = listen(sfd, 10);
1170 ASSERT_EQ(ret, 0);
1171
1172 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1173 EXPECT_EQ(ret, -1);
1174 /* TLS ULP not supported */
1175 if (errno == ENOENT)
1176 return;
1177 EXPECT_EQ(errno, ENOTCONN);
1178
1179 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1180 EXPECT_EQ(ret, -1);
1181 EXPECT_EQ(errno, ENOTCONN);
1182
1183 ret = getsockname(sfd, &addr, &len);
1184 ASSERT_EQ(ret, 0);
1185
1186 ret = connect(fd, &addr, sizeof(addr));
1187 ASSERT_EQ(ret, 0);
1188
1189 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1190 ASSERT_EQ(ret, 0);
1191
1192 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1193 EXPECT_EQ(ret, -1);
1194 EXPECT_EQ(errno, EEXIST);
1195
1196 close(fd);
1197 close(sfd);
1198 }
1199
TEST(keysizes)1200 TEST(keysizes) {
1201 struct tls12_crypto_info_aes_gcm_256 tls12;
1202 struct sockaddr_in addr;
1203 int sfd, ret, fd, cfd;
1204 socklen_t len;
1205 bool notls;
1206
1207 notls = false;
1208 len = sizeof(addr);
1209
1210 memset(&tls12, 0, sizeof(tls12));
1211 tls12.info.version = TLS_1_2_VERSION;
1212 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1213
1214 addr.sin_family = AF_INET;
1215 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1216 addr.sin_port = 0;
1217
1218 fd = socket(AF_INET, SOCK_STREAM, 0);
1219 sfd = socket(AF_INET, SOCK_STREAM, 0);
1220
1221 ret = bind(sfd, &addr, sizeof(addr));
1222 ASSERT_EQ(ret, 0);
1223 ret = listen(sfd, 10);
1224 ASSERT_EQ(ret, 0);
1225
1226 ret = getsockname(sfd, &addr, &len);
1227 ASSERT_EQ(ret, 0);
1228
1229 ret = connect(fd, &addr, sizeof(addr));
1230 ASSERT_EQ(ret, 0);
1231
1232 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1233 if (ret != 0) {
1234 notls = true;
1235 printf("Failure setting TCP_ULP, testing without tls\n");
1236 }
1237
1238 if (!notls) {
1239 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1240 sizeof(tls12));
1241 EXPECT_EQ(ret, 0);
1242 }
1243
1244 cfd = accept(sfd, &addr, &len);
1245 ASSERT_GE(cfd, 0);
1246
1247 if (!notls) {
1248 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1249 sizeof("tls"));
1250 EXPECT_EQ(ret, 0);
1251
1252 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1253 sizeof(tls12));
1254 EXPECT_EQ(ret, 0);
1255 }
1256
1257 close(sfd);
1258 close(fd);
1259 close(cfd);
1260 }
1261
TEST(tls12)1262 TEST(tls12) {
1263 int fd, cfd;
1264 bool notls;
1265
1266 struct tls12_crypto_info_aes_gcm_128 tls12;
1267 struct sockaddr_in addr;
1268 socklen_t len;
1269 int sfd, ret;
1270
1271 notls = false;
1272 len = sizeof(addr);
1273
1274 memset(&tls12, 0, sizeof(tls12));
1275 tls12.info.version = TLS_1_2_VERSION;
1276 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1277
1278 addr.sin_family = AF_INET;
1279 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1280 addr.sin_port = 0;
1281
1282 fd = socket(AF_INET, SOCK_STREAM, 0);
1283 sfd = socket(AF_INET, SOCK_STREAM, 0);
1284
1285 ret = bind(sfd, &addr, sizeof(addr));
1286 ASSERT_EQ(ret, 0);
1287 ret = listen(sfd, 10);
1288 ASSERT_EQ(ret, 0);
1289
1290 ret = getsockname(sfd, &addr, &len);
1291 ASSERT_EQ(ret, 0);
1292
1293 ret = connect(fd, &addr, sizeof(addr));
1294 ASSERT_EQ(ret, 0);
1295
1296 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1297 if (ret != 0) {
1298 notls = true;
1299 printf("Failure setting TCP_ULP, testing without tls\n");
1300 }
1301
1302 if (!notls) {
1303 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1304 sizeof(tls12));
1305 ASSERT_EQ(ret, 0);
1306 }
1307
1308 cfd = accept(sfd, &addr, &len);
1309 ASSERT_GE(cfd, 0);
1310
1311 if (!notls) {
1312 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1313 sizeof("tls"));
1314 ASSERT_EQ(ret, 0);
1315
1316 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1317 sizeof(tls12));
1318 ASSERT_EQ(ret, 0);
1319 }
1320
1321 close(sfd);
1322
1323 char const *test_str = "test_read";
1324 int send_len = 10;
1325 char buf[10];
1326
1327 send_len = strlen(test_str) + 1;
1328 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1329 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1330 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1331
1332 close(fd);
1333 close(cfd);
1334 }
1335
1336 TEST_HARNESS_MAIN
1337