1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls_basic) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls_basic) 35 { 36 struct sockaddr_in addr; 37 socklen_t len; 38 int sfd, ret; 39 40 self->notls = false; 41 len = sizeof(addr); 42 43 addr.sin_family = AF_INET; 44 addr.sin_addr.s_addr = htonl(INADDR_ANY); 45 addr.sin_port = 0; 46 47 self->fd = socket(AF_INET, SOCK_STREAM, 0); 48 sfd = socket(AF_INET, SOCK_STREAM, 0); 49 50 ret = bind(sfd, &addr, sizeof(addr)); 51 ASSERT_EQ(ret, 0); 52 ret = listen(sfd, 10); 53 ASSERT_EQ(ret, 0); 54 55 ret = getsockname(sfd, &addr, &len); 56 ASSERT_EQ(ret, 0); 57 58 ret = connect(self->fd, &addr, sizeof(addr)); 59 ASSERT_EQ(ret, 0); 60 61 self->cfd = accept(sfd, &addr, &len); 62 ASSERT_GE(self->cfd, 0); 63 64 close(sfd); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 ASSERT_EQ(errno, ENOENT); 69 self->notls = true; 70 printf("Failure setting TCP_ULP, testing without tls\n"); 71 return; 72 } 73 74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 75 ASSERT_EQ(ret, 0); 76 } 77 78 FIXTURE_TEARDOWN(tls_basic) 79 { 80 close(self->fd); 81 close(self->cfd); 82 } 83 84 /* Send some data through with ULP but no keys */ 85 TEST_F(tls_basic, base_base) 86 { 87 char const *test_str = "test_read"; 88 int send_len = 10; 89 char buf[10]; 90 91 ASSERT_EQ(strlen(test_str) + 1, send_len); 92 93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 96 }; 97 98 FIXTURE(tls) 99 { 100 int fd, cfd; 101 bool notls; 102 }; 103 104 FIXTURE_VARIANT(tls) 105 { 106 uint16_t tls_version; 107 uint16_t cipher_type; 108 }; 109 110 FIXTURE_VARIANT_ADD(tls, 12_gcm) 111 { 112 .tls_version = TLS_1_2_VERSION, 113 .cipher_type = TLS_CIPHER_AES_GCM_128, 114 }; 115 116 FIXTURE_VARIANT_ADD(tls, 13_gcm) 117 { 118 .tls_version = TLS_1_3_VERSION, 119 .cipher_type = TLS_CIPHER_AES_GCM_128, 120 }; 121 122 FIXTURE_VARIANT_ADD(tls, 12_chacha) 123 { 124 .tls_version = TLS_1_2_VERSION, 125 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 126 }; 127 128 FIXTURE_VARIANT_ADD(tls, 13_chacha) 129 { 130 .tls_version = TLS_1_3_VERSION, 131 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 132 }; 133 134 FIXTURE_SETUP(tls) 135 { 136 union { 137 struct tls12_crypto_info_aes_gcm_128 aes128; 138 struct tls12_crypto_info_chacha20_poly1305 chacha20; 139 } tls12; 140 struct sockaddr_in addr; 141 socklen_t len; 142 int sfd, ret; 143 size_t tls12_sz; 144 145 self->notls = false; 146 len = sizeof(addr); 147 148 memset(&tls12, 0, sizeof(tls12)); 149 switch (variant->cipher_type) { 150 case TLS_CIPHER_CHACHA20_POLY1305: 151 tls12_sz = sizeof(struct tls12_crypto_info_chacha20_poly1305); 152 tls12.chacha20.info.version = variant->tls_version; 153 tls12.chacha20.info.cipher_type = variant->cipher_type; 154 break; 155 case TLS_CIPHER_AES_GCM_128: 156 tls12_sz = sizeof(struct tls12_crypto_info_aes_gcm_128); 157 tls12.aes128.info.version = variant->tls_version; 158 tls12.aes128.info.cipher_type = variant->cipher_type; 159 break; 160 default: 161 tls12_sz = 0; 162 } 163 164 addr.sin_family = AF_INET; 165 addr.sin_addr.s_addr = htonl(INADDR_ANY); 166 addr.sin_port = 0; 167 168 self->fd = socket(AF_INET, SOCK_STREAM, 0); 169 sfd = socket(AF_INET, SOCK_STREAM, 0); 170 171 ret = bind(sfd, &addr, sizeof(addr)); 172 ASSERT_EQ(ret, 0); 173 ret = listen(sfd, 10); 174 ASSERT_EQ(ret, 0); 175 176 ret = getsockname(sfd, &addr, &len); 177 ASSERT_EQ(ret, 0); 178 179 ret = connect(self->fd, &addr, sizeof(addr)); 180 ASSERT_EQ(ret, 0); 181 182 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 183 if (ret != 0) { 184 self->notls = true; 185 printf("Failure setting TCP_ULP, testing without tls\n"); 186 } 187 188 if (!self->notls) { 189 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 190 tls12_sz); 191 ASSERT_EQ(ret, 0); 192 } 193 194 self->cfd = accept(sfd, &addr, &len); 195 ASSERT_GE(self->cfd, 0); 196 197 if (!self->notls) { 198 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 199 sizeof("tls")); 200 ASSERT_EQ(ret, 0); 201 202 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 203 tls12_sz); 204 ASSERT_EQ(ret, 0); 205 } 206 207 close(sfd); 208 } 209 210 FIXTURE_TEARDOWN(tls) 211 { 212 close(self->fd); 213 close(self->cfd); 214 } 215 216 TEST_F(tls, sendfile) 217 { 218 int filefd = open("/proc/self/exe", O_RDONLY); 219 struct stat st; 220 221 EXPECT_GE(filefd, 0); 222 fstat(filefd, &st); 223 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 224 } 225 226 TEST_F(tls, send_then_sendfile) 227 { 228 int filefd = open("/proc/self/exe", O_RDONLY); 229 char const *test_str = "test_send"; 230 int to_send = strlen(test_str) + 1; 231 char recv_buf[10]; 232 struct stat st; 233 char *buf; 234 235 EXPECT_GE(filefd, 0); 236 fstat(filefd, &st); 237 buf = (char *)malloc(st.st_size); 238 239 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 240 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 241 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 242 243 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 244 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 245 } 246 247 static void chunked_sendfile(struct __test_metadata *_metadata, 248 struct _test_data_tls *self, 249 uint16_t chunk_size, 250 uint16_t extra_payload_size) 251 { 252 char buf[TLS_PAYLOAD_MAX_LEN]; 253 uint16_t test_payload_size; 254 int size = 0; 255 int ret; 256 char filename[] = "/tmp/mytemp.XXXXXX"; 257 int fd = mkstemp(filename); 258 off_t offset = 0; 259 260 unlink(filename); 261 ASSERT_GE(fd, 0); 262 EXPECT_GE(chunk_size, 1); 263 test_payload_size = chunk_size + extra_payload_size; 264 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 265 memset(buf, 1, test_payload_size); 266 size = write(fd, buf, test_payload_size); 267 EXPECT_EQ(size, test_payload_size); 268 fsync(fd); 269 270 while (size > 0) { 271 ret = sendfile(self->fd, fd, &offset, chunk_size); 272 EXPECT_GE(ret, 0); 273 size -= ret; 274 } 275 276 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 277 test_payload_size); 278 279 close(fd); 280 } 281 282 TEST_F(tls, multi_chunk_sendfile) 283 { 284 chunked_sendfile(_metadata, self, 4096, 4096); 285 chunked_sendfile(_metadata, self, 4096, 0); 286 chunked_sendfile(_metadata, self, 4096, 1); 287 chunked_sendfile(_metadata, self, 4096, 2048); 288 chunked_sendfile(_metadata, self, 8192, 2048); 289 chunked_sendfile(_metadata, self, 4096, 8192); 290 chunked_sendfile(_metadata, self, 8192, 4096); 291 chunked_sendfile(_metadata, self, 12288, 1024); 292 chunked_sendfile(_metadata, self, 12288, 2000); 293 chunked_sendfile(_metadata, self, 15360, 100); 294 chunked_sendfile(_metadata, self, 15360, 300); 295 chunked_sendfile(_metadata, self, 1, 4096); 296 chunked_sendfile(_metadata, self, 2048, 4096); 297 chunked_sendfile(_metadata, self, 2048, 8192); 298 chunked_sendfile(_metadata, self, 4096, 8192); 299 chunked_sendfile(_metadata, self, 1024, 12288); 300 chunked_sendfile(_metadata, self, 2000, 12288); 301 chunked_sendfile(_metadata, self, 100, 15360); 302 chunked_sendfile(_metadata, self, 300, 15360); 303 } 304 305 TEST_F(tls, recv_max) 306 { 307 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 308 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 309 char buf[TLS_PAYLOAD_MAX_LEN]; 310 311 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 312 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 313 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 314 } 315 316 TEST_F(tls, recv_small) 317 { 318 char const *test_str = "test_read"; 319 int send_len = 10; 320 char buf[10]; 321 322 send_len = strlen(test_str) + 1; 323 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 324 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 325 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 326 } 327 328 TEST_F(tls, msg_more) 329 { 330 char const *test_str = "test_read"; 331 int send_len = 10; 332 char buf[10 * 2]; 333 334 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 335 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 336 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 337 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 338 send_len * 2); 339 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 340 } 341 342 TEST_F(tls, msg_more_unsent) 343 { 344 char const *test_str = "test_read"; 345 int send_len = 10; 346 char buf[10]; 347 348 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 349 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 350 } 351 352 TEST_F(tls, sendmsg_single) 353 { 354 struct msghdr msg; 355 356 char const *test_str = "test_sendmsg"; 357 size_t send_len = 13; 358 struct iovec vec; 359 char buf[13]; 360 361 vec.iov_base = (char *)test_str; 362 vec.iov_len = send_len; 363 memset(&msg, 0, sizeof(struct msghdr)); 364 msg.msg_iov = &vec; 365 msg.msg_iovlen = 1; 366 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 367 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 368 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 369 } 370 371 #define MAX_FRAGS 64 372 #define SEND_LEN 13 373 TEST_F(tls, sendmsg_fragmented) 374 { 375 char const *test_str = "test_sendmsg"; 376 char buf[SEND_LEN * MAX_FRAGS]; 377 struct iovec vec[MAX_FRAGS]; 378 struct msghdr msg; 379 int i, frags; 380 381 for (frags = 1; frags <= MAX_FRAGS; frags++) { 382 for (i = 0; i < frags; i++) { 383 vec[i].iov_base = (char *)test_str; 384 vec[i].iov_len = SEND_LEN; 385 } 386 387 memset(&msg, 0, sizeof(struct msghdr)); 388 msg.msg_iov = vec; 389 msg.msg_iovlen = frags; 390 391 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 392 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 393 SEND_LEN * frags); 394 395 for (i = 0; i < frags; i++) 396 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 397 test_str, SEND_LEN), 0); 398 } 399 } 400 #undef MAX_FRAGS 401 #undef SEND_LEN 402 403 TEST_F(tls, sendmsg_large) 404 { 405 void *mem = malloc(16384); 406 size_t send_len = 16384; 407 size_t sends = 128; 408 struct msghdr msg; 409 size_t recvs = 0; 410 size_t sent = 0; 411 412 memset(&msg, 0, sizeof(struct msghdr)); 413 while (sent++ < sends) { 414 struct iovec vec = { (void *)mem, send_len }; 415 416 msg.msg_iov = &vec; 417 msg.msg_iovlen = 1; 418 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 419 } 420 421 while (recvs++ < sends) { 422 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 423 } 424 425 free(mem); 426 } 427 428 TEST_F(tls, sendmsg_multiple) 429 { 430 char const *test_str = "test_sendmsg_multiple"; 431 struct iovec vec[5]; 432 char *test_strs[5]; 433 struct msghdr msg; 434 int total_len = 0; 435 int len_cmp = 0; 436 int iov_len = 5; 437 char *buf; 438 int i; 439 440 memset(&msg, 0, sizeof(struct msghdr)); 441 for (i = 0; i < iov_len; i++) { 442 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 443 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 444 vec[i].iov_base = (void *)test_strs[i]; 445 vec[i].iov_len = strlen(test_strs[i]) + 1; 446 total_len += vec[i].iov_len; 447 } 448 msg.msg_iov = vec; 449 msg.msg_iovlen = iov_len; 450 451 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 452 buf = malloc(total_len); 453 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 454 for (i = 0; i < iov_len; i++) { 455 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 456 strlen(test_strs[i])), 457 0); 458 len_cmp += strlen(buf + len_cmp) + 1; 459 } 460 for (i = 0; i < iov_len; i++) 461 free(test_strs[i]); 462 free(buf); 463 } 464 465 TEST_F(tls, sendmsg_multiple_stress) 466 { 467 char const *test_str = "abcdefghijklmno"; 468 struct iovec vec[1024]; 469 char *test_strs[1024]; 470 int iov_len = 1024; 471 int total_len = 0; 472 char buf[1 << 14]; 473 struct msghdr msg; 474 int len_cmp = 0; 475 int i; 476 477 memset(&msg, 0, sizeof(struct msghdr)); 478 for (i = 0; i < iov_len; i++) { 479 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 480 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 481 vec[i].iov_base = (void *)test_strs[i]; 482 vec[i].iov_len = strlen(test_strs[i]) + 1; 483 total_len += vec[i].iov_len; 484 } 485 msg.msg_iov = vec; 486 msg.msg_iovlen = iov_len; 487 488 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 489 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 490 491 for (i = 0; i < iov_len; i++) 492 len_cmp += strlen(buf + len_cmp) + 1; 493 494 for (i = 0; i < iov_len; i++) 495 free(test_strs[i]); 496 } 497 498 TEST_F(tls, splice_from_pipe) 499 { 500 int send_len = TLS_PAYLOAD_MAX_LEN; 501 char mem_send[TLS_PAYLOAD_MAX_LEN]; 502 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 503 int p[2]; 504 505 ASSERT_GE(pipe(p), 0); 506 EXPECT_GE(write(p[1], mem_send, send_len), 0); 507 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 508 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 509 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 510 } 511 512 TEST_F(tls, splice_from_pipe2) 513 { 514 int send_len = 16000; 515 char mem_send[16000]; 516 char mem_recv[16000]; 517 int p2[2]; 518 int p[2]; 519 520 ASSERT_GE(pipe(p), 0); 521 ASSERT_GE(pipe(p2), 0); 522 EXPECT_GE(write(p[1], mem_send, 8000), 0); 523 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 524 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 525 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 526 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 527 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 528 } 529 530 TEST_F(tls, send_and_splice) 531 { 532 int send_len = TLS_PAYLOAD_MAX_LEN; 533 char mem_send[TLS_PAYLOAD_MAX_LEN]; 534 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 535 char const *test_str = "test_read"; 536 int send_len2 = 10; 537 char buf[10]; 538 int p[2]; 539 540 ASSERT_GE(pipe(p), 0); 541 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 542 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 543 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 544 545 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 546 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 547 548 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 549 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 550 } 551 552 TEST_F(tls, splice_to_pipe) 553 { 554 int send_len = TLS_PAYLOAD_MAX_LEN; 555 char mem_send[TLS_PAYLOAD_MAX_LEN]; 556 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 557 int p[2]; 558 559 ASSERT_GE(pipe(p), 0); 560 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 561 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 562 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 563 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 564 } 565 566 TEST_F(tls, recvmsg_single) 567 { 568 char const *test_str = "test_recvmsg_single"; 569 int send_len = strlen(test_str) + 1; 570 char buf[20]; 571 struct msghdr hdr; 572 struct iovec vec; 573 574 memset(&hdr, 0, sizeof(hdr)); 575 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 576 vec.iov_base = (char *)buf; 577 vec.iov_len = send_len; 578 hdr.msg_iovlen = 1; 579 hdr.msg_iov = &vec; 580 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 581 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 582 } 583 584 TEST_F(tls, recvmsg_single_max) 585 { 586 int send_len = TLS_PAYLOAD_MAX_LEN; 587 char send_mem[TLS_PAYLOAD_MAX_LEN]; 588 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 589 struct iovec vec; 590 struct msghdr hdr; 591 592 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 593 vec.iov_base = (char *)recv_mem; 594 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 595 596 hdr.msg_iovlen = 1; 597 hdr.msg_iov = &vec; 598 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 599 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 600 } 601 602 TEST_F(tls, recvmsg_multiple) 603 { 604 unsigned int msg_iovlen = 1024; 605 unsigned int len_compared = 0; 606 struct iovec vec[1024]; 607 char *iov_base[1024]; 608 unsigned int iov_len = 16; 609 int send_len = 1 << 14; 610 char buf[1 << 14]; 611 struct msghdr hdr; 612 int i; 613 614 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 615 for (i = 0; i < msg_iovlen; i++) { 616 iov_base[i] = (char *)malloc(iov_len); 617 vec[i].iov_base = iov_base[i]; 618 vec[i].iov_len = iov_len; 619 } 620 621 hdr.msg_iovlen = msg_iovlen; 622 hdr.msg_iov = vec; 623 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 624 for (i = 0; i < msg_iovlen; i++) 625 len_compared += iov_len; 626 627 for (i = 0; i < msg_iovlen; i++) 628 free(iov_base[i]); 629 } 630 631 TEST_F(tls, single_send_multiple_recv) 632 { 633 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 634 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 635 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 636 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 637 638 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 639 memset(recv_mem, 0, total_len); 640 641 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 642 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 643 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 644 } 645 646 TEST_F(tls, multiple_send_single_recv) 647 { 648 unsigned int total_len = 2 * 10; 649 unsigned int send_len = 10; 650 char recv_mem[2 * 10]; 651 char send_mem[10]; 652 653 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 654 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 655 memset(recv_mem, 0, total_len); 656 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 657 658 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 659 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 660 } 661 662 TEST_F(tls, single_send_multiple_recv_non_align) 663 { 664 const unsigned int total_len = 15; 665 const unsigned int recv_len = 10; 666 char recv_mem[recv_len * 2]; 667 char send_mem[total_len]; 668 669 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 670 memset(recv_mem, 0, total_len); 671 672 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 673 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 674 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 675 } 676 677 TEST_F(tls, recv_partial) 678 { 679 char const *test_str = "test_read_partial"; 680 char const *test_str_first = "test_read"; 681 char const *test_str_second = "_partial"; 682 int send_len = strlen(test_str) + 1; 683 char recv_mem[18]; 684 685 memset(recv_mem, 0, sizeof(recv_mem)); 686 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 687 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 688 MSG_WAITALL), -1); 689 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 690 memset(recv_mem, 0, sizeof(recv_mem)); 691 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 692 MSG_WAITALL), -1); 693 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 694 0); 695 } 696 697 TEST_F(tls, recv_nonblock) 698 { 699 char buf[4096]; 700 bool err; 701 702 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 703 err = (errno == EAGAIN || errno == EWOULDBLOCK); 704 EXPECT_EQ(err, true); 705 } 706 707 TEST_F(tls, recv_peek) 708 { 709 char const *test_str = "test_read_peek"; 710 int send_len = strlen(test_str) + 1; 711 char buf[15]; 712 713 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 714 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 715 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 716 memset(buf, 0, sizeof(buf)); 717 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 718 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 719 } 720 721 TEST_F(tls, recv_peek_multiple) 722 { 723 char const *test_str = "test_read_peek"; 724 int send_len = strlen(test_str) + 1; 725 unsigned int num_peeks = 100; 726 char buf[15]; 727 int i; 728 729 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 730 for (i = 0; i < num_peeks; i++) { 731 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 732 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 733 memset(buf, 0, sizeof(buf)); 734 } 735 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 736 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 737 } 738 739 TEST_F(tls, recv_peek_multiple_records) 740 { 741 char const *test_str = "test_read_peek_mult_recs"; 742 char const *test_str_first = "test_read_peek"; 743 char const *test_str_second = "_mult_recs"; 744 int len; 745 char buf[64]; 746 747 len = strlen(test_str_first); 748 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 749 750 len = strlen(test_str_second) + 1; 751 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 752 753 len = strlen(test_str_first); 754 memset(buf, 0, len); 755 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 756 757 /* MSG_PEEK can only peek into the current record. */ 758 len = strlen(test_str_first); 759 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 760 761 len = strlen(test_str) + 1; 762 memset(buf, 0, len); 763 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 764 765 /* Non-MSG_PEEK will advance strparser (and therefore record) 766 * however. 767 */ 768 len = strlen(test_str) + 1; 769 EXPECT_EQ(memcmp(test_str, buf, len), 0); 770 771 /* MSG_MORE will hold current record open, so later MSG_PEEK 772 * will see everything. 773 */ 774 len = strlen(test_str_first); 775 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 776 777 len = strlen(test_str_second) + 1; 778 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 779 780 len = strlen(test_str) + 1; 781 memset(buf, 0, len); 782 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 783 784 len = strlen(test_str) + 1; 785 EXPECT_EQ(memcmp(test_str, buf, len), 0); 786 } 787 788 TEST_F(tls, recv_peek_large_buf_mult_recs) 789 { 790 char const *test_str = "test_read_peek_mult_recs"; 791 char const *test_str_first = "test_read_peek"; 792 char const *test_str_second = "_mult_recs"; 793 int len; 794 char buf[64]; 795 796 len = strlen(test_str_first); 797 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 798 799 len = strlen(test_str_second) + 1; 800 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 801 802 len = strlen(test_str) + 1; 803 memset(buf, 0, len); 804 EXPECT_NE((len = recv(self->cfd, buf, len, 805 MSG_PEEK | MSG_WAITALL)), -1); 806 len = strlen(test_str) + 1; 807 EXPECT_EQ(memcmp(test_str, buf, len), 0); 808 } 809 810 TEST_F(tls, recv_lowat) 811 { 812 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 813 char recv_mem[20]; 814 int lowat = 8; 815 816 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 817 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 818 819 memset(recv_mem, 0, 20); 820 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 821 &lowat, sizeof(lowat)), 0); 822 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 823 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 824 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 825 826 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 827 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 828 } 829 830 TEST_F(tls, bidir) 831 { 832 char const *test_str = "test_read"; 833 int send_len = 10; 834 char buf[10]; 835 int ret; 836 837 if (!self->notls) { 838 struct tls12_crypto_info_aes_gcm_128 tls12; 839 840 memset(&tls12, 0, sizeof(tls12)); 841 tls12.info.version = variant->tls_version; 842 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 843 844 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 845 sizeof(tls12)); 846 ASSERT_EQ(ret, 0); 847 848 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 849 sizeof(tls12)); 850 ASSERT_EQ(ret, 0); 851 } 852 853 ASSERT_EQ(strlen(test_str) + 1, send_len); 854 855 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 856 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 857 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 858 859 memset(buf, 0, sizeof(buf)); 860 861 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 862 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 863 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 864 }; 865 866 TEST_F(tls, pollin) 867 { 868 char const *test_str = "test_poll"; 869 struct pollfd fd = { 0, 0, 0 }; 870 char buf[10]; 871 int send_len = 10; 872 873 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 874 fd.fd = self->cfd; 875 fd.events = POLLIN; 876 877 EXPECT_EQ(poll(&fd, 1, 20), 1); 878 EXPECT_EQ(fd.revents & POLLIN, 1); 879 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 880 /* Test timing out */ 881 EXPECT_EQ(poll(&fd, 1, 20), 0); 882 } 883 884 TEST_F(tls, poll_wait) 885 { 886 char const *test_str = "test_poll_wait"; 887 int send_len = strlen(test_str) + 1; 888 struct pollfd fd = { 0, 0, 0 }; 889 char recv_mem[15]; 890 891 fd.fd = self->cfd; 892 fd.events = POLLIN; 893 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 894 /* Set timeout to inf. secs */ 895 EXPECT_EQ(poll(&fd, 1, -1), 1); 896 EXPECT_EQ(fd.revents & POLLIN, 1); 897 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 898 } 899 900 TEST_F(tls, poll_wait_split) 901 { 902 struct pollfd fd = { 0, 0, 0 }; 903 char send_mem[20] = {}; 904 char recv_mem[15]; 905 906 fd.fd = self->cfd; 907 fd.events = POLLIN; 908 /* Send 20 bytes */ 909 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 910 sizeof(send_mem)); 911 /* Poll with inf. timeout */ 912 EXPECT_EQ(poll(&fd, 1, -1), 1); 913 EXPECT_EQ(fd.revents & POLLIN, 1); 914 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 915 sizeof(recv_mem)); 916 917 /* Now the remaining 5 bytes of record data are in TLS ULP */ 918 fd.fd = self->cfd; 919 fd.events = POLLIN; 920 EXPECT_EQ(poll(&fd, 1, -1), 1); 921 EXPECT_EQ(fd.revents & POLLIN, 1); 922 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 923 sizeof(send_mem) - sizeof(recv_mem)); 924 } 925 926 TEST_F(tls, blocking) 927 { 928 size_t data = 100000; 929 int res = fork(); 930 931 EXPECT_NE(res, -1); 932 933 if (res) { 934 /* parent */ 935 size_t left = data; 936 char buf[16384]; 937 int status; 938 int pid2; 939 940 while (left) { 941 int res = send(self->fd, buf, 942 left > 16384 ? 16384 : left, 0); 943 944 EXPECT_GE(res, 0); 945 left -= res; 946 } 947 948 pid2 = wait(&status); 949 EXPECT_EQ(status, 0); 950 EXPECT_EQ(res, pid2); 951 } else { 952 /* child */ 953 size_t left = data; 954 char buf[16384]; 955 956 while (left) { 957 int res = recv(self->cfd, buf, 958 left > 16384 ? 16384 : left, 0); 959 960 EXPECT_GE(res, 0); 961 left -= res; 962 } 963 } 964 } 965 966 TEST_F(tls, nonblocking) 967 { 968 size_t data = 100000; 969 int sendbuf = 100; 970 int flags; 971 int res; 972 973 flags = fcntl(self->fd, F_GETFL, 0); 974 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 975 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 976 977 /* Ensure nonblocking behavior by imposing a small send 978 * buffer. 979 */ 980 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 981 &sendbuf, sizeof(sendbuf)), 0); 982 983 res = fork(); 984 EXPECT_NE(res, -1); 985 986 if (res) { 987 /* parent */ 988 bool eagain = false; 989 size_t left = data; 990 char buf[16384]; 991 int status; 992 int pid2; 993 994 while (left) { 995 int res = send(self->fd, buf, 996 left > 16384 ? 16384 : left, 0); 997 998 if (res == -1 && errno == EAGAIN) { 999 eagain = true; 1000 usleep(10000); 1001 continue; 1002 } 1003 EXPECT_GE(res, 0); 1004 left -= res; 1005 } 1006 1007 EXPECT_TRUE(eagain); 1008 pid2 = wait(&status); 1009 1010 EXPECT_EQ(status, 0); 1011 EXPECT_EQ(res, pid2); 1012 } else { 1013 /* child */ 1014 bool eagain = false; 1015 size_t left = data; 1016 char buf[16384]; 1017 1018 while (left) { 1019 int res = recv(self->cfd, buf, 1020 left > 16384 ? 16384 : left, 0); 1021 1022 if (res == -1 && errno == EAGAIN) { 1023 eagain = true; 1024 usleep(10000); 1025 continue; 1026 } 1027 EXPECT_GE(res, 0); 1028 left -= res; 1029 } 1030 EXPECT_TRUE(eagain); 1031 } 1032 } 1033 1034 static void 1035 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1036 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1037 { 1038 const unsigned int n_children = n_readers + n_writers; 1039 const size_t data = 6 * 1000 * 1000; 1040 const size_t file_sz = data / 100; 1041 size_t read_bias, write_bias; 1042 int i, fd, child_id; 1043 char buf[file_sz]; 1044 pid_t pid; 1045 1046 /* Only allow multiples for simplicity */ 1047 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1048 read_bias = n_writers / n_readers ?: 1; 1049 write_bias = n_readers / n_writers ?: 1; 1050 1051 /* prep a file to send */ 1052 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1053 ASSERT_GE(fd, 0); 1054 1055 memset(buf, 0xac, file_sz); 1056 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1057 1058 /* spawn children */ 1059 for (child_id = 0; child_id < n_children; child_id++) { 1060 pid = fork(); 1061 ASSERT_NE(pid, -1); 1062 if (!pid) 1063 break; 1064 } 1065 1066 /* parent waits for all children */ 1067 if (pid) { 1068 for (i = 0; i < n_children; i++) { 1069 int status; 1070 1071 wait(&status); 1072 EXPECT_EQ(status, 0); 1073 } 1074 1075 return; 1076 } 1077 1078 /* Split threads for reading and writing */ 1079 if (child_id < n_readers) { 1080 size_t left = data * read_bias; 1081 char rb[8001]; 1082 1083 while (left) { 1084 int res; 1085 1086 res = recv(self->cfd, rb, 1087 left > sizeof(rb) ? sizeof(rb) : left, 0); 1088 1089 EXPECT_GE(res, 0); 1090 left -= res; 1091 } 1092 } else { 1093 size_t left = data * write_bias; 1094 1095 while (left) { 1096 int res; 1097 1098 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1099 if (sendpg) 1100 res = sendfile(self->fd, fd, NULL, 1101 left > file_sz ? file_sz : left); 1102 else 1103 res = send(self->fd, buf, 1104 left > file_sz ? file_sz : left, 0); 1105 1106 EXPECT_GE(res, 0); 1107 left -= res; 1108 } 1109 } 1110 } 1111 1112 TEST_F(tls, mutliproc_even) 1113 { 1114 test_mutliproc(_metadata, self, false, 6, 6); 1115 } 1116 1117 TEST_F(tls, mutliproc_readers) 1118 { 1119 test_mutliproc(_metadata, self, false, 4, 12); 1120 } 1121 1122 TEST_F(tls, mutliproc_writers) 1123 { 1124 test_mutliproc(_metadata, self, false, 10, 2); 1125 } 1126 1127 TEST_F(tls, mutliproc_sendpage_even) 1128 { 1129 test_mutliproc(_metadata, self, true, 6, 6); 1130 } 1131 1132 TEST_F(tls, mutliproc_sendpage_readers) 1133 { 1134 test_mutliproc(_metadata, self, true, 4, 12); 1135 } 1136 1137 TEST_F(tls, mutliproc_sendpage_writers) 1138 { 1139 test_mutliproc(_metadata, self, true, 10, 2); 1140 } 1141 1142 TEST_F(tls, control_msg) 1143 { 1144 if (self->notls) 1145 return; 1146 1147 char cbuf[CMSG_SPACE(sizeof(char))]; 1148 char const *test_str = "test_read"; 1149 int cmsg_len = sizeof(char); 1150 char record_type = 100; 1151 struct cmsghdr *cmsg; 1152 struct msghdr msg; 1153 int send_len = 10; 1154 struct iovec vec; 1155 char buf[10]; 1156 1157 vec.iov_base = (char *)test_str; 1158 vec.iov_len = 10; 1159 memset(&msg, 0, sizeof(struct msghdr)); 1160 msg.msg_iov = &vec; 1161 msg.msg_iovlen = 1; 1162 msg.msg_control = cbuf; 1163 msg.msg_controllen = sizeof(cbuf); 1164 cmsg = CMSG_FIRSTHDR(&msg); 1165 cmsg->cmsg_level = SOL_TLS; 1166 /* test sending non-record types. */ 1167 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1168 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1169 *CMSG_DATA(cmsg) = record_type; 1170 msg.msg_controllen = cmsg->cmsg_len; 1171 1172 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1173 /* Should fail because we didn't provide a control message */ 1174 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1175 1176 vec.iov_base = buf; 1177 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1178 1179 cmsg = CMSG_FIRSTHDR(&msg); 1180 EXPECT_NE(cmsg, NULL); 1181 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1182 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1183 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1184 EXPECT_EQ(record_type, 100); 1185 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1186 1187 /* Recv the message again without MSG_PEEK */ 1188 record_type = 0; 1189 memset(buf, 0, sizeof(buf)); 1190 1191 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1192 cmsg = CMSG_FIRSTHDR(&msg); 1193 EXPECT_NE(cmsg, NULL); 1194 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1195 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1196 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1197 EXPECT_EQ(record_type, 100); 1198 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1199 } 1200 1201 TEST_F(tls, shutdown) 1202 { 1203 char const *test_str = "test_read"; 1204 int send_len = 10; 1205 char buf[10]; 1206 1207 ASSERT_EQ(strlen(test_str) + 1, send_len); 1208 1209 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1210 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1211 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1212 1213 shutdown(self->fd, SHUT_RDWR); 1214 shutdown(self->cfd, SHUT_RDWR); 1215 } 1216 1217 TEST_F(tls, shutdown_unsent) 1218 { 1219 char const *test_str = "test_read"; 1220 int send_len = 10; 1221 1222 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1223 1224 shutdown(self->fd, SHUT_RDWR); 1225 shutdown(self->cfd, SHUT_RDWR); 1226 } 1227 1228 TEST_F(tls, shutdown_reuse) 1229 { 1230 struct sockaddr_in addr; 1231 int ret; 1232 1233 shutdown(self->fd, SHUT_RDWR); 1234 shutdown(self->cfd, SHUT_RDWR); 1235 close(self->cfd); 1236 1237 addr.sin_family = AF_INET; 1238 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1239 addr.sin_port = 0; 1240 1241 ret = bind(self->fd, &addr, sizeof(addr)); 1242 EXPECT_EQ(ret, 0); 1243 ret = listen(self->fd, 10); 1244 EXPECT_EQ(ret, -1); 1245 EXPECT_EQ(errno, EINVAL); 1246 1247 ret = connect(self->fd, &addr, sizeof(addr)); 1248 EXPECT_EQ(ret, -1); 1249 EXPECT_EQ(errno, EISCONN); 1250 } 1251 1252 TEST(non_established) { 1253 struct tls12_crypto_info_aes_gcm_256 tls12; 1254 struct sockaddr_in addr; 1255 int sfd, ret, fd; 1256 socklen_t len; 1257 1258 len = sizeof(addr); 1259 1260 memset(&tls12, 0, sizeof(tls12)); 1261 tls12.info.version = TLS_1_2_VERSION; 1262 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1263 1264 addr.sin_family = AF_INET; 1265 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1266 addr.sin_port = 0; 1267 1268 fd = socket(AF_INET, SOCK_STREAM, 0); 1269 sfd = socket(AF_INET, SOCK_STREAM, 0); 1270 1271 ret = bind(sfd, &addr, sizeof(addr)); 1272 ASSERT_EQ(ret, 0); 1273 ret = listen(sfd, 10); 1274 ASSERT_EQ(ret, 0); 1275 1276 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1277 EXPECT_EQ(ret, -1); 1278 /* TLS ULP not supported */ 1279 if (errno == ENOENT) 1280 return; 1281 EXPECT_EQ(errno, ENOTCONN); 1282 1283 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1284 EXPECT_EQ(ret, -1); 1285 EXPECT_EQ(errno, ENOTCONN); 1286 1287 ret = getsockname(sfd, &addr, &len); 1288 ASSERT_EQ(ret, 0); 1289 1290 ret = connect(fd, &addr, sizeof(addr)); 1291 ASSERT_EQ(ret, 0); 1292 1293 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1294 ASSERT_EQ(ret, 0); 1295 1296 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1297 EXPECT_EQ(ret, -1); 1298 EXPECT_EQ(errno, EEXIST); 1299 1300 close(fd); 1301 close(sfd); 1302 } 1303 1304 TEST(keysizes) { 1305 struct tls12_crypto_info_aes_gcm_256 tls12; 1306 struct sockaddr_in addr; 1307 int sfd, ret, fd, cfd; 1308 socklen_t len; 1309 bool notls; 1310 1311 notls = false; 1312 len = sizeof(addr); 1313 1314 memset(&tls12, 0, sizeof(tls12)); 1315 tls12.info.version = TLS_1_2_VERSION; 1316 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1317 1318 addr.sin_family = AF_INET; 1319 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1320 addr.sin_port = 0; 1321 1322 fd = socket(AF_INET, SOCK_STREAM, 0); 1323 sfd = socket(AF_INET, SOCK_STREAM, 0); 1324 1325 ret = bind(sfd, &addr, sizeof(addr)); 1326 ASSERT_EQ(ret, 0); 1327 ret = listen(sfd, 10); 1328 ASSERT_EQ(ret, 0); 1329 1330 ret = getsockname(sfd, &addr, &len); 1331 ASSERT_EQ(ret, 0); 1332 1333 ret = connect(fd, &addr, sizeof(addr)); 1334 ASSERT_EQ(ret, 0); 1335 1336 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1337 if (ret != 0) { 1338 notls = true; 1339 printf("Failure setting TCP_ULP, testing without tls\n"); 1340 } 1341 1342 if (!notls) { 1343 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1344 sizeof(tls12)); 1345 EXPECT_EQ(ret, 0); 1346 } 1347 1348 cfd = accept(sfd, &addr, &len); 1349 ASSERT_GE(cfd, 0); 1350 1351 if (!notls) { 1352 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1353 sizeof("tls")); 1354 EXPECT_EQ(ret, 0); 1355 1356 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1357 sizeof(tls12)); 1358 EXPECT_EQ(ret, 0); 1359 } 1360 1361 close(sfd); 1362 close(fd); 1363 close(cfd); 1364 } 1365 1366 TEST_HARNESS_MAIN 1367