1 // SPDX-License-Identifier: GPL-2.0
2
3 #define _GNU_SOURCE
4
5 #include <arpa/inet.h>
6 #include <errno.h>
7 #include <error.h>
8 #include <fcntl.h>
9 #include <poll.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <unistd.h>
13
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
17
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
21 #include <sys/stat.h>
22
23 #include "../kselftest_harness.h"
24
25 #define TLS_PAYLOAD_MAX_LEN 16384
26 #define SOL_TLS 282
27
FIXTURE(tls_basic)28 FIXTURE(tls_basic)
29 {
30 int fd, cfd;
31 bool notls;
32 };
33
FIXTURE_SETUP(tls_basic)34 FIXTURE_SETUP(tls_basic)
35 {
36 struct sockaddr_in addr;
37 socklen_t len;
38 int sfd, ret;
39
40 self->notls = false;
41 len = sizeof(addr);
42
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 addr.sin_port = 0;
46
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
49
50 ret = bind(sfd, &addr, sizeof(addr));
51 ASSERT_EQ(ret, 0);
52 ret = listen(sfd, 10);
53 ASSERT_EQ(ret, 0);
54
55 ret = getsockname(sfd, &addr, &len);
56 ASSERT_EQ(ret, 0);
57
58 ret = connect(self->fd, &addr, sizeof(addr));
59 ASSERT_EQ(ret, 0);
60
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
63
64 close(sfd);
65
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 if (ret != 0) {
68 ASSERT_EQ(errno, ENOENT);
69 self->notls = true;
70 printf("Failure setting TCP_ULP, testing without tls\n");
71 return;
72 }
73
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 ASSERT_EQ(ret, 0);
76 }
77
FIXTURE_TEARDOWN(tls_basic)78 FIXTURE_TEARDOWN(tls_basic)
79 {
80 close(self->fd);
81 close(self->cfd);
82 }
83
84 /* Send some data through with ULP but no keys */
TEST_F(tls_basic,base_base)85 TEST_F(tls_basic, base_base)
86 {
87 char const *test_str = "test_read";
88 int send_len = 10;
89 char buf[10];
90
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
92
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96 };
97
FIXTURE(tls)98 FIXTURE(tls)
99 {
100 int fd, cfd;
101 bool notls;
102 };
103
FIXTURE_VARIANT(tls)104 FIXTURE_VARIANT(tls)
105 {
106 unsigned int tls_version;
107 };
108
109 FIXTURE_VARIANT_ADD(tls, 12)
110 {
111 .tls_version = TLS_1_2_VERSION,
112 };
113
114 FIXTURE_VARIANT_ADD(tls, 13)
115 {
116 .tls_version = TLS_1_3_VERSION,
117 };
118
FIXTURE_SETUP(tls)119 FIXTURE_SETUP(tls)
120 {
121 struct tls12_crypto_info_aes_gcm_128 tls12;
122 struct sockaddr_in addr;
123 socklen_t len;
124 int sfd, ret;
125
126 self->notls = false;
127 len = sizeof(addr);
128
129 memset(&tls12, 0, sizeof(tls12));
130 tls12.info.version = variant->tls_version;
131 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
132
133 addr.sin_family = AF_INET;
134 addr.sin_addr.s_addr = htonl(INADDR_ANY);
135 addr.sin_port = 0;
136
137 self->fd = socket(AF_INET, SOCK_STREAM, 0);
138 sfd = socket(AF_INET, SOCK_STREAM, 0);
139
140 ret = bind(sfd, &addr, sizeof(addr));
141 ASSERT_EQ(ret, 0);
142 ret = listen(sfd, 10);
143 ASSERT_EQ(ret, 0);
144
145 ret = getsockname(sfd, &addr, &len);
146 ASSERT_EQ(ret, 0);
147
148 ret = connect(self->fd, &addr, sizeof(addr));
149 ASSERT_EQ(ret, 0);
150
151 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
152 if (ret != 0) {
153 self->notls = true;
154 printf("Failure setting TCP_ULP, testing without tls\n");
155 }
156
157 if (!self->notls) {
158 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
159 sizeof(tls12));
160 ASSERT_EQ(ret, 0);
161 }
162
163 self->cfd = accept(sfd, &addr, &len);
164 ASSERT_GE(self->cfd, 0);
165
166 if (!self->notls) {
167 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
168 sizeof("tls"));
169 ASSERT_EQ(ret, 0);
170
171 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
172 sizeof(tls12));
173 ASSERT_EQ(ret, 0);
174 }
175
176 close(sfd);
177 }
178
FIXTURE_TEARDOWN(tls)179 FIXTURE_TEARDOWN(tls)
180 {
181 close(self->fd);
182 close(self->cfd);
183 }
184
TEST_F(tls,sendfile)185 TEST_F(tls, sendfile)
186 {
187 int filefd = open("/proc/self/exe", O_RDONLY);
188 struct stat st;
189
190 EXPECT_GE(filefd, 0);
191 fstat(filefd, &st);
192 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
193 }
194
TEST_F(tls,send_then_sendfile)195 TEST_F(tls, send_then_sendfile)
196 {
197 int filefd = open("/proc/self/exe", O_RDONLY);
198 char const *test_str = "test_send";
199 int to_send = strlen(test_str) + 1;
200 char recv_buf[10];
201 struct stat st;
202 char *buf;
203
204 EXPECT_GE(filefd, 0);
205 fstat(filefd, &st);
206 buf = (char *)malloc(st.st_size);
207
208 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
209 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
210 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
211
212 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
213 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
214 }
215
chunked_sendfile(struct __test_metadata * _metadata,struct _test_data_tls * self,uint16_t chunk_size,uint16_t extra_payload_size)216 static void chunked_sendfile(struct __test_metadata *_metadata,
217 struct _test_data_tls *self,
218 uint16_t chunk_size,
219 uint16_t extra_payload_size)
220 {
221 char buf[TLS_PAYLOAD_MAX_LEN];
222 uint16_t test_payload_size;
223 int size = 0;
224 int ret;
225 char filename[] = "/tmp/mytemp.XXXXXX";
226 int fd = mkstemp(filename);
227 off_t offset = 0;
228
229 unlink(filename);
230 ASSERT_GE(fd, 0);
231 EXPECT_GE(chunk_size, 1);
232 test_payload_size = chunk_size + extra_payload_size;
233 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
234 memset(buf, 1, test_payload_size);
235 size = write(fd, buf, test_payload_size);
236 EXPECT_EQ(size, test_payload_size);
237 fsync(fd);
238
239 while (size > 0) {
240 ret = sendfile(self->fd, fd, &offset, chunk_size);
241 EXPECT_GE(ret, 0);
242 size -= ret;
243 }
244
245 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
246 test_payload_size);
247
248 close(fd);
249 }
250
TEST_F(tls,multi_chunk_sendfile)251 TEST_F(tls, multi_chunk_sendfile)
252 {
253 chunked_sendfile(_metadata, self, 4096, 4096);
254 chunked_sendfile(_metadata, self, 4096, 0);
255 chunked_sendfile(_metadata, self, 4096, 1);
256 chunked_sendfile(_metadata, self, 4096, 2048);
257 chunked_sendfile(_metadata, self, 8192, 2048);
258 chunked_sendfile(_metadata, self, 4096, 8192);
259 chunked_sendfile(_metadata, self, 8192, 4096);
260 chunked_sendfile(_metadata, self, 12288, 1024);
261 chunked_sendfile(_metadata, self, 12288, 2000);
262 chunked_sendfile(_metadata, self, 15360, 100);
263 chunked_sendfile(_metadata, self, 15360, 300);
264 chunked_sendfile(_metadata, self, 1, 4096);
265 chunked_sendfile(_metadata, self, 2048, 4096);
266 chunked_sendfile(_metadata, self, 2048, 8192);
267 chunked_sendfile(_metadata, self, 4096, 8192);
268 chunked_sendfile(_metadata, self, 1024, 12288);
269 chunked_sendfile(_metadata, self, 2000, 12288);
270 chunked_sendfile(_metadata, self, 100, 15360);
271 chunked_sendfile(_metadata, self, 300, 15360);
272 }
273
TEST_F(tls,recv_max)274 TEST_F(tls, recv_max)
275 {
276 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
277 char recv_mem[TLS_PAYLOAD_MAX_LEN];
278 char buf[TLS_PAYLOAD_MAX_LEN];
279
280 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
281 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
282 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
283 }
284
TEST_F(tls,recv_small)285 TEST_F(tls, recv_small)
286 {
287 char const *test_str = "test_read";
288 int send_len = 10;
289 char buf[10];
290
291 send_len = strlen(test_str) + 1;
292 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
293 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
294 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
295 }
296
TEST_F(tls,msg_more)297 TEST_F(tls, msg_more)
298 {
299 char const *test_str = "test_read";
300 int send_len = 10;
301 char buf[10 * 2];
302
303 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
304 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
305 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
306 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
307 send_len * 2);
308 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
309 }
310
TEST_F(tls,msg_more_unsent)311 TEST_F(tls, msg_more_unsent)
312 {
313 char const *test_str = "test_read";
314 int send_len = 10;
315 char buf[10];
316
317 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
318 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
319 }
320
TEST_F(tls,sendmsg_single)321 TEST_F(tls, sendmsg_single)
322 {
323 struct msghdr msg;
324
325 char const *test_str = "test_sendmsg";
326 size_t send_len = 13;
327 struct iovec vec;
328 char buf[13];
329
330 vec.iov_base = (char *)test_str;
331 vec.iov_len = send_len;
332 memset(&msg, 0, sizeof(struct msghdr));
333 msg.msg_iov = &vec;
334 msg.msg_iovlen = 1;
335 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
336 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
337 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
338 }
339
340 #define MAX_FRAGS 64
341 #define SEND_LEN 13
TEST_F(tls,sendmsg_fragmented)342 TEST_F(tls, sendmsg_fragmented)
343 {
344 char const *test_str = "test_sendmsg";
345 char buf[SEND_LEN * MAX_FRAGS];
346 struct iovec vec[MAX_FRAGS];
347 struct msghdr msg;
348 int i, frags;
349
350 for (frags = 1; frags <= MAX_FRAGS; frags++) {
351 for (i = 0; i < frags; i++) {
352 vec[i].iov_base = (char *)test_str;
353 vec[i].iov_len = SEND_LEN;
354 }
355
356 memset(&msg, 0, sizeof(struct msghdr));
357 msg.msg_iov = vec;
358 msg.msg_iovlen = frags;
359
360 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
361 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
362 SEND_LEN * frags);
363
364 for (i = 0; i < frags; i++)
365 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
366 test_str, SEND_LEN), 0);
367 }
368 }
369 #undef MAX_FRAGS
370 #undef SEND_LEN
371
TEST_F(tls,sendmsg_large)372 TEST_F(tls, sendmsg_large)
373 {
374 void *mem = malloc(16384);
375 size_t send_len = 16384;
376 size_t sends = 128;
377 struct msghdr msg;
378 size_t recvs = 0;
379 size_t sent = 0;
380
381 memset(&msg, 0, sizeof(struct msghdr));
382 while (sent++ < sends) {
383 struct iovec vec = { (void *)mem, send_len };
384
385 msg.msg_iov = &vec;
386 msg.msg_iovlen = 1;
387 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
388 }
389
390 while (recvs++ < sends) {
391 EXPECT_NE(recv(self->cfd, mem, send_len, 0), -1);
392 }
393
394 free(mem);
395 }
396
TEST_F(tls,sendmsg_multiple)397 TEST_F(tls, sendmsg_multiple)
398 {
399 char const *test_str = "test_sendmsg_multiple";
400 struct iovec vec[5];
401 char *test_strs[5];
402 struct msghdr msg;
403 int total_len = 0;
404 int len_cmp = 0;
405 int iov_len = 5;
406 char *buf;
407 int i;
408
409 memset(&msg, 0, sizeof(struct msghdr));
410 for (i = 0; i < iov_len; i++) {
411 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
412 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
413 vec[i].iov_base = (void *)test_strs[i];
414 vec[i].iov_len = strlen(test_strs[i]) + 1;
415 total_len += vec[i].iov_len;
416 }
417 msg.msg_iov = vec;
418 msg.msg_iovlen = iov_len;
419
420 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
421 buf = malloc(total_len);
422 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
423 for (i = 0; i < iov_len; i++) {
424 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
425 strlen(test_strs[i])),
426 0);
427 len_cmp += strlen(buf + len_cmp) + 1;
428 }
429 for (i = 0; i < iov_len; i++)
430 free(test_strs[i]);
431 free(buf);
432 }
433
TEST_F(tls,sendmsg_multiple_stress)434 TEST_F(tls, sendmsg_multiple_stress)
435 {
436 char const *test_str = "abcdefghijklmno";
437 struct iovec vec[1024];
438 char *test_strs[1024];
439 int iov_len = 1024;
440 int total_len = 0;
441 char buf[1 << 14];
442 struct msghdr msg;
443 int len_cmp = 0;
444 int i;
445
446 memset(&msg, 0, sizeof(struct msghdr));
447 for (i = 0; i < iov_len; i++) {
448 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
449 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
450 vec[i].iov_base = (void *)test_strs[i];
451 vec[i].iov_len = strlen(test_strs[i]) + 1;
452 total_len += vec[i].iov_len;
453 }
454 msg.msg_iov = vec;
455 msg.msg_iovlen = iov_len;
456
457 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
458 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
459
460 for (i = 0; i < iov_len; i++)
461 len_cmp += strlen(buf + len_cmp) + 1;
462
463 for (i = 0; i < iov_len; i++)
464 free(test_strs[i]);
465 }
466
TEST_F(tls,splice_from_pipe)467 TEST_F(tls, splice_from_pipe)
468 {
469 int send_len = TLS_PAYLOAD_MAX_LEN;
470 char mem_send[TLS_PAYLOAD_MAX_LEN];
471 char mem_recv[TLS_PAYLOAD_MAX_LEN];
472 int p[2];
473
474 ASSERT_GE(pipe(p), 0);
475 EXPECT_GE(write(p[1], mem_send, send_len), 0);
476 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
477 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
478 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
479 }
480
TEST_F(tls,splice_from_pipe2)481 TEST_F(tls, splice_from_pipe2)
482 {
483 int send_len = 16000;
484 char mem_send[16000];
485 char mem_recv[16000];
486 int p2[2];
487 int p[2];
488
489 ASSERT_GE(pipe(p), 0);
490 ASSERT_GE(pipe(p2), 0);
491 EXPECT_GE(write(p[1], mem_send, 8000), 0);
492 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
493 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
494 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
495 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
496 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
497 }
498
TEST_F(tls,send_and_splice)499 TEST_F(tls, send_and_splice)
500 {
501 int send_len = TLS_PAYLOAD_MAX_LEN;
502 char mem_send[TLS_PAYLOAD_MAX_LEN];
503 char mem_recv[TLS_PAYLOAD_MAX_LEN];
504 char const *test_str = "test_read";
505 int send_len2 = 10;
506 char buf[10];
507 int p[2];
508
509 ASSERT_GE(pipe(p), 0);
510 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
511 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
512 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
513
514 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
515 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
516
517 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
518 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
519 }
520
TEST_F(tls,splice_to_pipe)521 TEST_F(tls, splice_to_pipe)
522 {
523 int send_len = TLS_PAYLOAD_MAX_LEN;
524 char mem_send[TLS_PAYLOAD_MAX_LEN];
525 char mem_recv[TLS_PAYLOAD_MAX_LEN];
526 int p[2];
527
528 ASSERT_GE(pipe(p), 0);
529 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
530 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
531 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
532 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
533 }
534
TEST_F(tls,recvmsg_single)535 TEST_F(tls, recvmsg_single)
536 {
537 char const *test_str = "test_recvmsg_single";
538 int send_len = strlen(test_str) + 1;
539 char buf[20];
540 struct msghdr hdr;
541 struct iovec vec;
542
543 memset(&hdr, 0, sizeof(hdr));
544 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
545 vec.iov_base = (char *)buf;
546 vec.iov_len = send_len;
547 hdr.msg_iovlen = 1;
548 hdr.msg_iov = &vec;
549 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
550 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
551 }
552
TEST_F(tls,recvmsg_single_max)553 TEST_F(tls, recvmsg_single_max)
554 {
555 int send_len = TLS_PAYLOAD_MAX_LEN;
556 char send_mem[TLS_PAYLOAD_MAX_LEN];
557 char recv_mem[TLS_PAYLOAD_MAX_LEN];
558 struct iovec vec;
559 struct msghdr hdr;
560
561 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
562 vec.iov_base = (char *)recv_mem;
563 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
564
565 hdr.msg_iovlen = 1;
566 hdr.msg_iov = &vec;
567 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
568 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
569 }
570
TEST_F(tls,recvmsg_multiple)571 TEST_F(tls, recvmsg_multiple)
572 {
573 unsigned int msg_iovlen = 1024;
574 unsigned int len_compared = 0;
575 struct iovec vec[1024];
576 char *iov_base[1024];
577 unsigned int iov_len = 16;
578 int send_len = 1 << 14;
579 char buf[1 << 14];
580 struct msghdr hdr;
581 int i;
582
583 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
584 for (i = 0; i < msg_iovlen; i++) {
585 iov_base[i] = (char *)malloc(iov_len);
586 vec[i].iov_base = iov_base[i];
587 vec[i].iov_len = iov_len;
588 }
589
590 hdr.msg_iovlen = msg_iovlen;
591 hdr.msg_iov = vec;
592 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
593 for (i = 0; i < msg_iovlen; i++)
594 len_compared += iov_len;
595
596 for (i = 0; i < msg_iovlen; i++)
597 free(iov_base[i]);
598 }
599
TEST_F(tls,single_send_multiple_recv)600 TEST_F(tls, single_send_multiple_recv)
601 {
602 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
603 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
604 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
605 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
606
607 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
608 memset(recv_mem, 0, total_len);
609
610 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
611 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
612 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
613 }
614
TEST_F(tls,multiple_send_single_recv)615 TEST_F(tls, multiple_send_single_recv)
616 {
617 unsigned int total_len = 2 * 10;
618 unsigned int send_len = 10;
619 char recv_mem[2 * 10];
620 char send_mem[10];
621
622 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
623 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
624 memset(recv_mem, 0, total_len);
625 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
626
627 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
628 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
629 }
630
TEST_F(tls,single_send_multiple_recv_non_align)631 TEST_F(tls, single_send_multiple_recv_non_align)
632 {
633 const unsigned int total_len = 15;
634 const unsigned int recv_len = 10;
635 char recv_mem[recv_len * 2];
636 char send_mem[total_len];
637
638 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
639 memset(recv_mem, 0, total_len);
640
641 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
642 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
643 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
644 }
645
TEST_F(tls,recv_partial)646 TEST_F(tls, recv_partial)
647 {
648 char const *test_str = "test_read_partial";
649 char const *test_str_first = "test_read";
650 char const *test_str_second = "_partial";
651 int send_len = strlen(test_str) + 1;
652 char recv_mem[18];
653
654 memset(recv_mem, 0, sizeof(recv_mem));
655 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
656 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
657 MSG_WAITALL), -1);
658 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
659 memset(recv_mem, 0, sizeof(recv_mem));
660 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
661 MSG_WAITALL), -1);
662 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
663 0);
664 }
665
TEST_F(tls,recv_nonblock)666 TEST_F(tls, recv_nonblock)
667 {
668 char buf[4096];
669 bool err;
670
671 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
672 err = (errno == EAGAIN || errno == EWOULDBLOCK);
673 EXPECT_EQ(err, true);
674 }
675
TEST_F(tls,recv_peek)676 TEST_F(tls, recv_peek)
677 {
678 char const *test_str = "test_read_peek";
679 int send_len = strlen(test_str) + 1;
680 char buf[15];
681
682 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
683 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
684 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
685 memset(buf, 0, sizeof(buf));
686 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
687 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
688 }
689
TEST_F(tls,recv_peek_multiple)690 TEST_F(tls, recv_peek_multiple)
691 {
692 char const *test_str = "test_read_peek";
693 int send_len = strlen(test_str) + 1;
694 unsigned int num_peeks = 100;
695 char buf[15];
696 int i;
697
698 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
699 for (i = 0; i < num_peeks; i++) {
700 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
701 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
702 memset(buf, 0, sizeof(buf));
703 }
704 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
705 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
706 }
707
TEST_F(tls,recv_peek_multiple_records)708 TEST_F(tls, recv_peek_multiple_records)
709 {
710 char const *test_str = "test_read_peek_mult_recs";
711 char const *test_str_first = "test_read_peek";
712 char const *test_str_second = "_mult_recs";
713 int len;
714 char buf[64];
715
716 len = strlen(test_str_first);
717 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
718
719 len = strlen(test_str_second) + 1;
720 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
721
722 len = strlen(test_str_first);
723 memset(buf, 0, len);
724 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
725
726 /* MSG_PEEK can only peek into the current record. */
727 len = strlen(test_str_first);
728 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
729
730 len = strlen(test_str) + 1;
731 memset(buf, 0, len);
732 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
733
734 /* Non-MSG_PEEK will advance strparser (and therefore record)
735 * however.
736 */
737 len = strlen(test_str) + 1;
738 EXPECT_EQ(memcmp(test_str, buf, len), 0);
739
740 /* MSG_MORE will hold current record open, so later MSG_PEEK
741 * will see everything.
742 */
743 len = strlen(test_str_first);
744 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
745
746 len = strlen(test_str_second) + 1;
747 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
748
749 len = strlen(test_str) + 1;
750 memset(buf, 0, len);
751 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
752
753 len = strlen(test_str) + 1;
754 EXPECT_EQ(memcmp(test_str, buf, len), 0);
755 }
756
TEST_F(tls,recv_peek_large_buf_mult_recs)757 TEST_F(tls, recv_peek_large_buf_mult_recs)
758 {
759 char const *test_str = "test_read_peek_mult_recs";
760 char const *test_str_first = "test_read_peek";
761 char const *test_str_second = "_mult_recs";
762 int len;
763 char buf[64];
764
765 len = strlen(test_str_first);
766 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
767
768 len = strlen(test_str_second) + 1;
769 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
770
771 len = strlen(test_str) + 1;
772 memset(buf, 0, len);
773 EXPECT_NE((len = recv(self->cfd, buf, len,
774 MSG_PEEK | MSG_WAITALL)), -1);
775 len = strlen(test_str) + 1;
776 EXPECT_EQ(memcmp(test_str, buf, len), 0);
777 }
778
TEST_F(tls,recv_lowat)779 TEST_F(tls, recv_lowat)
780 {
781 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
782 char recv_mem[20];
783 int lowat = 8;
784
785 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
786 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
787
788 memset(recv_mem, 0, 20);
789 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
790 &lowat, sizeof(lowat)), 0);
791 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
792 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
793 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
794
795 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
796 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
797 }
798
TEST_F(tls,bidir)799 TEST_F(tls, bidir)
800 {
801 char const *test_str = "test_read";
802 int send_len = 10;
803 char buf[10];
804 int ret;
805
806 if (!self->notls) {
807 struct tls12_crypto_info_aes_gcm_128 tls12;
808
809 memset(&tls12, 0, sizeof(tls12));
810 tls12.info.version = variant->tls_version;
811 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
812
813 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
814 sizeof(tls12));
815 ASSERT_EQ(ret, 0);
816
817 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
818 sizeof(tls12));
819 ASSERT_EQ(ret, 0);
820 }
821
822 ASSERT_EQ(strlen(test_str) + 1, send_len);
823
824 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
825 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
826 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
827
828 memset(buf, 0, sizeof(buf));
829
830 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
831 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
832 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
833 };
834
TEST_F(tls,pollin)835 TEST_F(tls, pollin)
836 {
837 char const *test_str = "test_poll";
838 struct pollfd fd = { 0, 0, 0 };
839 char buf[10];
840 int send_len = 10;
841
842 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
843 fd.fd = self->cfd;
844 fd.events = POLLIN;
845
846 EXPECT_EQ(poll(&fd, 1, 20), 1);
847 EXPECT_EQ(fd.revents & POLLIN, 1);
848 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
849 /* Test timing out */
850 EXPECT_EQ(poll(&fd, 1, 20), 0);
851 }
852
TEST_F(tls,poll_wait)853 TEST_F(tls, poll_wait)
854 {
855 char const *test_str = "test_poll_wait";
856 int send_len = strlen(test_str) + 1;
857 struct pollfd fd = { 0, 0, 0 };
858 char recv_mem[15];
859
860 fd.fd = self->cfd;
861 fd.events = POLLIN;
862 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
863 /* Set timeout to inf. secs */
864 EXPECT_EQ(poll(&fd, 1, -1), 1);
865 EXPECT_EQ(fd.revents & POLLIN, 1);
866 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
867 }
868
TEST_F(tls,poll_wait_split)869 TEST_F(tls, poll_wait_split)
870 {
871 struct pollfd fd = { 0, 0, 0 };
872 char send_mem[20] = {};
873 char recv_mem[15];
874
875 fd.fd = self->cfd;
876 fd.events = POLLIN;
877 /* Send 20 bytes */
878 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
879 sizeof(send_mem));
880 /* Poll with inf. timeout */
881 EXPECT_EQ(poll(&fd, 1, -1), 1);
882 EXPECT_EQ(fd.revents & POLLIN, 1);
883 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
884 sizeof(recv_mem));
885
886 /* Now the remaining 5 bytes of record data are in TLS ULP */
887 fd.fd = self->cfd;
888 fd.events = POLLIN;
889 EXPECT_EQ(poll(&fd, 1, -1), 1);
890 EXPECT_EQ(fd.revents & POLLIN, 1);
891 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
892 sizeof(send_mem) - sizeof(recv_mem));
893 }
894
TEST_F(tls,blocking)895 TEST_F(tls, blocking)
896 {
897 size_t data = 100000;
898 int res = fork();
899
900 EXPECT_NE(res, -1);
901
902 if (res) {
903 /* parent */
904 size_t left = data;
905 char buf[16384];
906 int status;
907 int pid2;
908
909 while (left) {
910 int res = send(self->fd, buf,
911 left > 16384 ? 16384 : left, 0);
912
913 EXPECT_GE(res, 0);
914 left -= res;
915 }
916
917 pid2 = wait(&status);
918 EXPECT_EQ(status, 0);
919 EXPECT_EQ(res, pid2);
920 } else {
921 /* child */
922 size_t left = data;
923 char buf[16384];
924
925 while (left) {
926 int res = recv(self->cfd, buf,
927 left > 16384 ? 16384 : left, 0);
928
929 EXPECT_GE(res, 0);
930 left -= res;
931 }
932 }
933 }
934
TEST_F(tls,nonblocking)935 TEST_F(tls, nonblocking)
936 {
937 size_t data = 100000;
938 int sendbuf = 100;
939 int flags;
940 int res;
941
942 flags = fcntl(self->fd, F_GETFL, 0);
943 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
944 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
945
946 /* Ensure nonblocking behavior by imposing a small send
947 * buffer.
948 */
949 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
950 &sendbuf, sizeof(sendbuf)), 0);
951
952 res = fork();
953 EXPECT_NE(res, -1);
954
955 if (res) {
956 /* parent */
957 bool eagain = false;
958 size_t left = data;
959 char buf[16384];
960 int status;
961 int pid2;
962
963 while (left) {
964 int res = send(self->fd, buf,
965 left > 16384 ? 16384 : left, 0);
966
967 if (res == -1 && errno == EAGAIN) {
968 eagain = true;
969 usleep(10000);
970 continue;
971 }
972 EXPECT_GE(res, 0);
973 left -= res;
974 }
975
976 EXPECT_TRUE(eagain);
977 pid2 = wait(&status);
978
979 EXPECT_EQ(status, 0);
980 EXPECT_EQ(res, pid2);
981 } else {
982 /* child */
983 bool eagain = false;
984 size_t left = data;
985 char buf[16384];
986
987 while (left) {
988 int res = recv(self->cfd, buf,
989 left > 16384 ? 16384 : left, 0);
990
991 if (res == -1 && errno == EAGAIN) {
992 eagain = true;
993 usleep(10000);
994 continue;
995 }
996 EXPECT_GE(res, 0);
997 left -= res;
998 }
999 EXPECT_TRUE(eagain);
1000 }
1001 }
1002
1003 static void
test_mutliproc(struct __test_metadata * _metadata,struct _test_data_tls * self,bool sendpg,unsigned int n_readers,unsigned int n_writers)1004 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1005 bool sendpg, unsigned int n_readers, unsigned int n_writers)
1006 {
1007 const unsigned int n_children = n_readers + n_writers;
1008 const size_t data = 6 * 1000 * 1000;
1009 const size_t file_sz = data / 100;
1010 size_t read_bias, write_bias;
1011 int i, fd, child_id;
1012 char buf[file_sz];
1013 pid_t pid;
1014
1015 /* Only allow multiples for simplicity */
1016 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1017 read_bias = n_writers / n_readers ?: 1;
1018 write_bias = n_readers / n_writers ?: 1;
1019
1020 /* prep a file to send */
1021 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1022 ASSERT_GE(fd, 0);
1023
1024 memset(buf, 0xac, file_sz);
1025 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1026
1027 /* spawn children */
1028 for (child_id = 0; child_id < n_children; child_id++) {
1029 pid = fork();
1030 ASSERT_NE(pid, -1);
1031 if (!pid)
1032 break;
1033 }
1034
1035 /* parent waits for all children */
1036 if (pid) {
1037 for (i = 0; i < n_children; i++) {
1038 int status;
1039
1040 wait(&status);
1041 EXPECT_EQ(status, 0);
1042 }
1043
1044 return;
1045 }
1046
1047 /* Split threads for reading and writing */
1048 if (child_id < n_readers) {
1049 size_t left = data * read_bias;
1050 char rb[8001];
1051
1052 while (left) {
1053 int res;
1054
1055 res = recv(self->cfd, rb,
1056 left > sizeof(rb) ? sizeof(rb) : left, 0);
1057
1058 EXPECT_GE(res, 0);
1059 left -= res;
1060 }
1061 } else {
1062 size_t left = data * write_bias;
1063
1064 while (left) {
1065 int res;
1066
1067 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1068 if (sendpg)
1069 res = sendfile(self->fd, fd, NULL,
1070 left > file_sz ? file_sz : left);
1071 else
1072 res = send(self->fd, buf,
1073 left > file_sz ? file_sz : left, 0);
1074
1075 EXPECT_GE(res, 0);
1076 left -= res;
1077 }
1078 }
1079 }
1080
TEST_F(tls,mutliproc_even)1081 TEST_F(tls, mutliproc_even)
1082 {
1083 test_mutliproc(_metadata, self, false, 6, 6);
1084 }
1085
TEST_F(tls,mutliproc_readers)1086 TEST_F(tls, mutliproc_readers)
1087 {
1088 test_mutliproc(_metadata, self, false, 4, 12);
1089 }
1090
TEST_F(tls,mutliproc_writers)1091 TEST_F(tls, mutliproc_writers)
1092 {
1093 test_mutliproc(_metadata, self, false, 10, 2);
1094 }
1095
TEST_F(tls,mutliproc_sendpage_even)1096 TEST_F(tls, mutliproc_sendpage_even)
1097 {
1098 test_mutliproc(_metadata, self, true, 6, 6);
1099 }
1100
TEST_F(tls,mutliproc_sendpage_readers)1101 TEST_F(tls, mutliproc_sendpage_readers)
1102 {
1103 test_mutliproc(_metadata, self, true, 4, 12);
1104 }
1105
TEST_F(tls,mutliproc_sendpage_writers)1106 TEST_F(tls, mutliproc_sendpage_writers)
1107 {
1108 test_mutliproc(_metadata, self, true, 10, 2);
1109 }
1110
TEST_F(tls,control_msg)1111 TEST_F(tls, control_msg)
1112 {
1113 if (self->notls)
1114 return;
1115
1116 char cbuf[CMSG_SPACE(sizeof(char))];
1117 char const *test_str = "test_read";
1118 int cmsg_len = sizeof(char);
1119 char record_type = 100;
1120 struct cmsghdr *cmsg;
1121 struct msghdr msg;
1122 int send_len = 10;
1123 struct iovec vec;
1124 char buf[10];
1125
1126 vec.iov_base = (char *)test_str;
1127 vec.iov_len = 10;
1128 memset(&msg, 0, sizeof(struct msghdr));
1129 msg.msg_iov = &vec;
1130 msg.msg_iovlen = 1;
1131 msg.msg_control = cbuf;
1132 msg.msg_controllen = sizeof(cbuf);
1133 cmsg = CMSG_FIRSTHDR(&msg);
1134 cmsg->cmsg_level = SOL_TLS;
1135 /* test sending non-record types. */
1136 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1137 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1138 *CMSG_DATA(cmsg) = record_type;
1139 msg.msg_controllen = cmsg->cmsg_len;
1140
1141 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1142 /* Should fail because we didn't provide a control message */
1143 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1144
1145 vec.iov_base = buf;
1146 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1147
1148 cmsg = CMSG_FIRSTHDR(&msg);
1149 EXPECT_NE(cmsg, NULL);
1150 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1151 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1152 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1153 EXPECT_EQ(record_type, 100);
1154 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1155
1156 /* Recv the message again without MSG_PEEK */
1157 record_type = 0;
1158 memset(buf, 0, sizeof(buf));
1159
1160 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1161 cmsg = CMSG_FIRSTHDR(&msg);
1162 EXPECT_NE(cmsg, NULL);
1163 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1164 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1165 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1166 EXPECT_EQ(record_type, 100);
1167 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1168 }
1169
TEST_F(tls,shutdown)1170 TEST_F(tls, shutdown)
1171 {
1172 char const *test_str = "test_read";
1173 int send_len = 10;
1174 char buf[10];
1175
1176 ASSERT_EQ(strlen(test_str) + 1, send_len);
1177
1178 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1179 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1180 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1181
1182 shutdown(self->fd, SHUT_RDWR);
1183 shutdown(self->cfd, SHUT_RDWR);
1184 }
1185
TEST_F(tls,shutdown_unsent)1186 TEST_F(tls, shutdown_unsent)
1187 {
1188 char const *test_str = "test_read";
1189 int send_len = 10;
1190
1191 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1192
1193 shutdown(self->fd, SHUT_RDWR);
1194 shutdown(self->cfd, SHUT_RDWR);
1195 }
1196
TEST_F(tls,shutdown_reuse)1197 TEST_F(tls, shutdown_reuse)
1198 {
1199 struct sockaddr_in addr;
1200 int ret;
1201
1202 shutdown(self->fd, SHUT_RDWR);
1203 shutdown(self->cfd, SHUT_RDWR);
1204 close(self->cfd);
1205
1206 addr.sin_family = AF_INET;
1207 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1208 addr.sin_port = 0;
1209
1210 ret = bind(self->fd, &addr, sizeof(addr));
1211 EXPECT_EQ(ret, 0);
1212 ret = listen(self->fd, 10);
1213 EXPECT_EQ(ret, -1);
1214 EXPECT_EQ(errno, EINVAL);
1215
1216 ret = connect(self->fd, &addr, sizeof(addr));
1217 EXPECT_EQ(ret, -1);
1218 EXPECT_EQ(errno, EISCONN);
1219 }
1220
TEST(non_established)1221 TEST(non_established) {
1222 struct tls12_crypto_info_aes_gcm_256 tls12;
1223 struct sockaddr_in addr;
1224 int sfd, ret, fd;
1225 socklen_t len;
1226
1227 len = sizeof(addr);
1228
1229 memset(&tls12, 0, sizeof(tls12));
1230 tls12.info.version = TLS_1_2_VERSION;
1231 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1232
1233 addr.sin_family = AF_INET;
1234 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1235 addr.sin_port = 0;
1236
1237 fd = socket(AF_INET, SOCK_STREAM, 0);
1238 sfd = socket(AF_INET, SOCK_STREAM, 0);
1239
1240 ret = bind(sfd, &addr, sizeof(addr));
1241 ASSERT_EQ(ret, 0);
1242 ret = listen(sfd, 10);
1243 ASSERT_EQ(ret, 0);
1244
1245 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1246 EXPECT_EQ(ret, -1);
1247 /* TLS ULP not supported */
1248 if (errno == ENOENT)
1249 return;
1250 EXPECT_EQ(errno, ENOTCONN);
1251
1252 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1253 EXPECT_EQ(ret, -1);
1254 EXPECT_EQ(errno, ENOTCONN);
1255
1256 ret = getsockname(sfd, &addr, &len);
1257 ASSERT_EQ(ret, 0);
1258
1259 ret = connect(fd, &addr, sizeof(addr));
1260 ASSERT_EQ(ret, 0);
1261
1262 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1263 ASSERT_EQ(ret, 0);
1264
1265 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1266 EXPECT_EQ(ret, -1);
1267 EXPECT_EQ(errno, EEXIST);
1268
1269 close(fd);
1270 close(sfd);
1271 }
1272
TEST(keysizes)1273 TEST(keysizes) {
1274 struct tls12_crypto_info_aes_gcm_256 tls12;
1275 struct sockaddr_in addr;
1276 int sfd, ret, fd, cfd;
1277 socklen_t len;
1278 bool notls;
1279
1280 notls = false;
1281 len = sizeof(addr);
1282
1283 memset(&tls12, 0, sizeof(tls12));
1284 tls12.info.version = TLS_1_2_VERSION;
1285 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1286
1287 addr.sin_family = AF_INET;
1288 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1289 addr.sin_port = 0;
1290
1291 fd = socket(AF_INET, SOCK_STREAM, 0);
1292 sfd = socket(AF_INET, SOCK_STREAM, 0);
1293
1294 ret = bind(sfd, &addr, sizeof(addr));
1295 ASSERT_EQ(ret, 0);
1296 ret = listen(sfd, 10);
1297 ASSERT_EQ(ret, 0);
1298
1299 ret = getsockname(sfd, &addr, &len);
1300 ASSERT_EQ(ret, 0);
1301
1302 ret = connect(fd, &addr, sizeof(addr));
1303 ASSERT_EQ(ret, 0);
1304
1305 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1306 if (ret != 0) {
1307 notls = true;
1308 printf("Failure setting TCP_ULP, testing without tls\n");
1309 }
1310
1311 if (!notls) {
1312 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1313 sizeof(tls12));
1314 EXPECT_EQ(ret, 0);
1315 }
1316
1317 cfd = accept(sfd, &addr, &len);
1318 ASSERT_GE(cfd, 0);
1319
1320 if (!notls) {
1321 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1322 sizeof("tls"));
1323 EXPECT_EQ(ret, 0);
1324
1325 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1326 sizeof(tls12));
1327 EXPECT_EQ(ret, 0);
1328 }
1329
1330 close(sfd);
1331 close(fd);
1332 close(cfd);
1333 }
1334
1335 TEST_HARNESS_MAIN
1336